115 lines
2.5 KiB
YAML
115 lines
2.5 KiB
YAML
- name: Install host requisites
|
|
dnf:
|
|
name: cgit,gitolite3,python3-pygments,python3-docutils,nodejs-markdown
|
|
state: latest
|
|
|
|
- name: Copy cgit favicon
|
|
copy:
|
|
src: cgit-logo.png
|
|
dest: /var/www/git.jaseg.net/cgit.png
|
|
|
|
- name: Create cgit instance config dir
|
|
file:
|
|
path: /var/lib/cgit
|
|
state: directory
|
|
mode: 0755
|
|
|
|
- name: Copy cgit rc
|
|
copy:
|
|
src: cgitrc
|
|
dest: /var/lib/cgit/cgitrc-gitolite-public
|
|
mode: 0644
|
|
|
|
- name: Create uwsgi worker user and group
|
|
user:
|
|
name: uwsgi-cgit
|
|
create_home: no
|
|
group: uwsgi
|
|
password: '!'
|
|
shell: /sbin/nologin
|
|
system: yes
|
|
|
|
- name: Copy uwsgi config
|
|
copy:
|
|
src: uwsgi-cgit.ini
|
|
dest: /etc/uwsgi.d/cgit.ini
|
|
owner: uwsgi-cgit
|
|
group: uwsgi
|
|
mode: 0440
|
|
|
|
- name: Enable uwsgi systemd socket
|
|
systemd:
|
|
daemon-reload: yes
|
|
name: uwsgi-app@cgit.socket
|
|
enabled: yes
|
|
|
|
- name: Copy gitolite admin pubkey
|
|
copy:
|
|
src: ~/.ssh/id_ed25519.gitolite.pub
|
|
dest: /tmp/jaseg-gitolite.pub
|
|
owner: gitolite3
|
|
group: gitolite3
|
|
|
|
- name: Run gitolite initialization
|
|
command: gitolite setup -pk /tmp/jaseg-gitolite.pub
|
|
become: true
|
|
become_method: su
|
|
become_user: gitolite3
|
|
become_flags: '-s /bin/sh'
|
|
args:
|
|
creates: /var/lib/gitolite3/projects.list
|
|
|
|
- name: Remove leftover admin pubkey
|
|
file:
|
|
state: absent
|
|
path: /tmp/jaseg-gitolite.pub
|
|
|
|
- name: Allow uwsgi group to access gitolite repo dir
|
|
file:
|
|
path: /var/lib/gitolite3
|
|
state: directory
|
|
owner: gitolite3
|
|
group: uwsgi
|
|
|
|
- name: Add cgit uwsgi user to gitolite group
|
|
user:
|
|
name: uwsgi-cgit
|
|
groups: gitolite3
|
|
append: yes
|
|
|
|
- name: Allow cgit uwsgi user to access gitolite repos
|
|
file:
|
|
path: /var/lib/gitolite3/repositories
|
|
mode: 0750
|
|
|
|
- name: Allow cgit uwsgi user to gitolite repo list
|
|
file:
|
|
path: /var/lib/gitolite3/projects.list
|
|
mode: 0640
|
|
|
|
- name: Copy gitolite rc
|
|
copy:
|
|
src: gitolite.rc
|
|
dest: /var/lib/gitolite3/.gitolite.rc
|
|
owner: gitolite3
|
|
group: gitolite3
|
|
mode: 0600
|
|
|
|
- name: Query system user account info
|
|
getent:
|
|
database: passwd
|
|
key: gitolite3
|
|
|
|
- name: Create git alias user
|
|
user:
|
|
name: git
|
|
create_home: no
|
|
group: gitolite3
|
|
password: '!'
|
|
comment: Alias for gitolite3 user
|
|
shell: "{{ getent_passwd['gitolite3'][5] }}"
|
|
system: yes
|
|
non_unique: yes
|
|
home: "{{ getent_passwd['gitolite3'][4] }}"
|
|
uid: "{{ getent_passwd['gitolite3'][1] }}"
|
|
|