aboutsummaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorbnewbold <bnewbold@robocracy.org>2016-04-09 18:28:42 -0400
committerbnewbold <bnewbold@robocracy.org>2016-04-09 18:28:42 -0400
commit449688096d3cda8e0ea843fe0a8bbf76ff7bd94a (patch)
tree6d2cf0ffbf7ed5d283790efef1023261f51a8bc7 /roles
parent76c09caaf4d9952cabb75ae12f917e88fe636f4e (diff)
downloadinfra-449688096d3cda8e0ea843fe0a8bbf76ff7bd94a.tar.gz
infra-449688096d3cda8e0ea843fe0a8bbf76ff7bd94a.zip
import git hosting from sovereign
Diffstat (limited to 'roles')
-rw-r--r--roles/git/files/home_git_.gitolite.rc176
-rw-r--r--roles/git/tasks/cgit.yml59
-rw-r--r--roles/git/tasks/gitolite.yml31
-rw-r--r--roles/git/tasks/main.yml2
-rw-r--r--roles/git/templates/etc_apache2_sites-available_cgit.j227
-rw-r--r--roles/git/templates/etc_cgitrc.j2137
6 files changed, 432 insertions, 0 deletions
diff --git a/roles/git/files/home_git_.gitolite.rc b/roles/git/files/home_git_.gitolite.rc
new file mode 100644
index 0000000..07bab4f
--- /dev/null
+++ b/roles/git/files/home_git_.gitolite.rc
@@ -0,0 +1,176 @@
+# configuration variables for gitolite
+
+# This file is in perl syntax. But you do NOT need to know perl to edit it --
+# just mind the commas, use single quotes unless you know what you're doing,
+# and make sure the brackets and braces stay matched up!
+
+# (Tip: perl allows a comma after the last item in a list also!)
+
+# HELP for commands can be had by running the command with "-h".
+
+# HELP for all the other FEATURES can be found in the documentation (look for
+# "list of non-core programs shipped with gitolite" in the master index) or
+# directly in the corresponding source file.
+
+%RC = (
+
+ # ------------------------------------------------------------------
+
+ # default umask gives you perms of '0700'; see the rc file docs for
+ # how/why you might change this
+ UMASK => 0027,
+
+ # look for "git-config" in the documentation
+ GIT_CONFIG_KEYS => 'gitweb\.(owner|description|category)',
+
+ # comment out if you don't need all the extra detail in the logfile
+ LOG_EXTRA => 1,
+
+ # roles. add more roles (like MANAGER, TESTER, ...) here.
+ # WARNING: if you make changes to this hash, you MUST run 'gitolite
+ # compile' afterward, and possibly also 'gitolite trigger POST_COMPILE'
+ ROLES => {
+ READERS => 1,
+ WRITERS => 1,
+ },
+
+ # ------------------------------------------------------------------
+
+ # rc variables used by various features
+
+ # the 'info' command prints this as additional info, if it is set
+ # SITE_INFO => 'Please see http://blahblah/gitolite for more help',
+
+ # the 'desc' command uses this
+ # WRITER_CAN_UPDATE_DESC => 1,
+
+ # the CpuTime feature uses these
+ # display user, system, and elapsed times to user after each git operation
+ # DISPLAY_CPU_TIME => 1,
+ # display a warning if total CPU times (u, s, cu, cs) crosses this limit
+ # CPU_TIME_WARN_LIMIT => 0.1,
+
+ # the Mirroring feature needs this
+ # HOSTNAME => "foo",
+
+ # if you enabled 'Shell', you need this
+ # SHELL_USERS_LIST => "$ENV{HOME}/.gitolite.shell-users",
+
+ # ------------------------------------------------------------------
+
+ # suggested locations for site-local gitolite code (see cust.html)
+
+ # this one is managed directly on the server
+ # LOCAL_CODE => "$ENV{HOME}/local",
+
+ # or you can use this, which lets you put everything in a subdirectory
+ # called "local" in your gitolite-admin repo. For a SECURITY WARNING
+ # on this, see http://gitolite.com/gitolite/cust.html#pushcode
+ # LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local",
+
+ # ------------------------------------------------------------------
+
+ # List of commands and features to enable
+
+ ENABLE => [
+
+ # COMMANDS
+
+ # These are the commands enabled by default
+ 'help',
+ 'desc',
+ 'info',
+ 'perms',
+ 'writable',
+
+ # Uncomment or add new commands here.
+ # 'create',
+ # 'fork',
+ # 'mirror',
+ # 'sskm',
+ # 'D',
+
+ # These FEATURES are enabled by default.
+
+ # essential (unless you're using smart-http mode)
+ 'ssh-authkeys',
+
+ # creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz'
+ 'git-config',
+
+ # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out
+ 'daemon',
+
+ # creates projects.list file; if you don't use gitweb, comment this out
+ 'gitweb',
+
+ # These FEATURES are disabled by default; uncomment to enable. If you
+ # need to add new ones, ask on the mailing list :-)
+
+ # user-visible behaviour
+
+ # prevent wild repos auto-create on fetch/clone
+ # 'no-create-on-read',
+ # no auto-create at all (don't forget to enable the 'create' command!)
+ # 'no-auto-create',
+
+ # access a repo by another (possibly legacy) name
+ # 'Alias',
+
+ # give some users direct shell access
+ # 'Shell',
+
+ # set default roles from lines like 'option default.roles-1 = ...', etc.
+ # 'set-default-roles',
+
+ # system admin stuff
+
+ # enable mirroring (don't forget to set the HOSTNAME too!)
+ # 'Mirroring',
+
+ # allow people to submit pub files with more than one key in them
+ # 'ssh-authkeys-split',
+
+ # selective read control hack
+ # 'partial-copy',
+
+ # manage local, gitolite-controlled, copies of read-only upstream repos
+ # 'upstream',
+
+ # updates 'description' file instead of 'gitweb.description' config item
+ # 'cgit',
+
+ # allow repo-specific hooks to be added
+ # 'repo-specific-hooks',
+
+ # performance, logging, monitoring...
+
+ # be nice
+ # 'renice 10',
+
+ # log CPU times (user, system, cumulative user, cumulative system)
+ # 'CpuTime',
+
+ # syntactic_sugar for gitolite.conf and included files
+
+ # allow backslash-escaped continuation lines in gitolite.conf
+ # 'continuation-lines',
+
+ # create implicit user groups from directory names in keydir/
+ # 'keysubdirs-as-groups',
+
+ # allow simple line-oriented macros
+ # 'macros',
+
+ ],
+
+);
+
+# ------------------------------------------------------------------------------
+# per perl rules, this should be the last line in such a file:
+1;
+
+# Local variables:
+# mode: perl
+# End:
+# vim: set syn=perl:
diff --git a/roles/git/tasks/cgit.yml b/roles/git/tasks/cgit.yml
new file mode 100644
index 0000000..fd9f549
--- /dev/null
+++ b/roles/git/tasks/cgit.yml
@@ -0,0 +1,59 @@
+
+- name: Install cgit dependencies
+ apt: pkg={{ item }} state=installed
+ with_items:
+ - groff
+ - libssl-dev
+ - python-pip
+ tags:
+ - dependencies
+
+- name: Install cgit pip dependencies
+ pip: name={{ item }}
+ with_items:
+ - docutils
+ - pygments
+
+- name: Download cgit release
+ get_url: url=http://git.zx2c4.com/cgit/snapshot/cgit-{{ cgit_version }}.tar.xz
+ dest=/root/cgit-{{ cgit_version }}.tar.xz
+
+- name: Decompress cgit source
+ unarchive: src=/root/cgit-{{ cgit_version }}.tar.xz
+ dest=/root copy=no
+ creates=/root/cgit-{{ cgit_version }}/configure
+
+- name: Build and install cgit
+ shell: make get-git ; make ; make install
+ executable=/bin/bash
+ chdir=/root/cgit-{{ cgit_version }}
+ creates=/var/www/htdocs/cgit/cgit.cgi
+
+- name: Copy cgitrc
+ template: src=etc_cgitrc.j2 dest=/etc/cgitrc
+ group=www-data
+ owner=root
+
+- name: Rename existing Apache cgit virtualhost
+ command: mv /etc/apache2/sites-available/cgit /etc/apache2/sites-available/cgit.conf removes=/etc/apache2/sites-available/cgit
+
+- name: Remove old sites-enabled/cgit symlink (new one will be created by a2ensite)
+ file: path=/etc/apache2/sites-enabled/cgit state=absent
+
+- name: Configure the Apache HTTP server for cgit
+ template: src=etc_apache2_sites-available_cgit.j2
+ dest=/etc/apache2/sites-available/cgit.conf
+ group=root
+ owner=root
+
+- name: Enable Apache CGI module
+ command: a2enmod cgi creates=/etc/apache2/mods-enabled/cgi.load
+ notify: restart apache
+
+- name: Enable Apache rewrite module
+ command: a2enmod rewrite creates=/etc/apache2/mods-enabled/rewrite.load
+ notify: restart apache
+
+- name: Enable cgit site
+ command: a2ensite cgit.conf creates=/etc/apache2/sites-enabled/cgit.conf
+ notify: restart apache
diff --git a/roles/git/tasks/gitolite.yml b/roles/git/tasks/gitolite.yml
new file mode 100644
index 0000000..8e2538f
--- /dev/null
+++ b/roles/git/tasks/gitolite.yml
@@ -0,0 +1,31 @@
+- name: Create gitolite group
+ group: name=git state=present
+
+- name: Create gitolite user
+ user: name=git state=present home=/home/git system=yes group=git
+
+- name: Add www-data to the git group
+ user: name=www-data groups=git append=yes
+
+- name: Install gitolite3 package
+ apt: pkg=gitolite3 state=installed
+ tags:
+ - dependencies
+
+- name: Copy .gitolite.rc file
+ copy: src=home_git_.gitolite.rc
+ dest=/home/git/.gitolite.rc
+ group=git
+ owner=git
+ mode=0644
+
+- name: Copy SSH public key to server
+ copy: src=gitolite.pub
+ dest=/home/git/{{ main_user_name }}.pub
+ group=git
+ owner=git
+ mode=0644
+
+- name: Setup gitolite
+ command: su - git -c 'gitolite setup -pk {{ main_user_name }}.pub'
+ chdir=/home/git
diff --git a/roles/git/tasks/main.yml b/roles/git/tasks/main.yml
new file mode 100644
index 0000000..33302ee
--- /dev/null
+++ b/roles/git/tasks/main.yml
@@ -0,0 +1,2 @@
+- include: gitolite.yml tags=gitolite
+- include: cgit.yml tags=cgit
diff --git a/roles/git/templates/etc_apache2_sites-available_cgit.j2 b/roles/git/templates/etc_apache2_sites-available_cgit.j2
new file mode 100644
index 0000000..af59a34
--- /dev/null
+++ b/roles/git/templates/etc_apache2_sites-available_cgit.j2
@@ -0,0 +1,27 @@
+<VirtualHost *:80>
+ ServerName {{ cgit_domain }}
+
+ Redirect permanent / https://{{ cgit_domain }}/
+</VirtualHost>
+
+<VirtualHost *:443>
+ ServerName {{ cgit_domain }}
+ SSLEngine On
+
+ DocumentRoot /var/www/htdocs/cgit/
+ <Directory "/var/www/htdocs/cgit/">
+ AllowOverride None
+ Options +ExecCGI
+ Order allow,deny
+ Allow from all
+ </Directory>
+
+ Alias /cgit.png /var/www/htdocs/cgit/cgit.png
+ Alias /cgit.css /var/www/htdocs/cgit/cgit.css
+ Alias /favicon.ico /var/www/htdocs/cgit/favicon.ico
+ Alias /robots.txt /var/www/htdocs/cgit/robots.txt
+ ScriptAlias / /var/www/htdocs/cgit/cgit.cgi/
+
+ CustomLog /var/log/apache2/cgit_access.log combined
+ ErrorLog /var/log/apache2/cgit_error.log
+</VirtualHost>
diff --git a/roles/git/templates/etc_cgitrc.j2 b/roles/git/templates/etc_cgitrc.j2
new file mode 100644
index 0000000..abba971
--- /dev/null
+++ b/roles/git/templates/etc_cgitrc.j2
@@ -0,0 +1,137 @@
+# Enable caching of up to 1000 output entries
+cache-size=1000
+
+
+# Specify some default clone urls using macro expansion
+clone-url=git@{{ domain }}:$CGIT_REPO_URL
+
+
+# Specify the css url
+# css=/css/cgit.css
+
+
+# Show owner on index page
+enable-index-owner=1
+
+
+# Allow http transport git clone
+enable-http-clone=0
+
+
+# Show extra links for each repository on the index page
+enable-index-links=1
+
+
+# Enable ASCII art commit history graph on the log pages
+enable-commit-graph=1
+
+
+# Show number of affected files per commit on the log pages
+enable-log-filecount=1
+
+
+# Show number of added/removed lines per commit on the log pages
+enable-log-linecount=1
+
+
+# Sort branches by date
+branch-sort=age
+
+
+# Add a cgit favicon
+# favicon=/favicon.ico
+
+
+# Use a custom logo
+# logo=/img/mylogo.png
+
+
+# Enable statistics per week, month and quarter
+max-stats=quarter
+
+
+# Set the title and heading of the repository index page
+root-title={{ domain }} git repository
+
+
+# Set a subheading for the repository index page
+# root-desc=tracking the foobar development
+
+
+# Include some more info about example.com on the index page
+# root-readme=/var/www/htdocs/about.html
+
+
+# Allow download of tar.gz, tar.bz2 and zip-files
+snapshots=tar.gz tar.bz2 zip
+
+
+##
+## List of common mimetypes
+##
+
+mimetype.gif=image/gif
+mimetype.html=text/html
+mimetype.jpg=image/jpeg
+mimetype.jpeg=image/jpeg
+mimetype.pdf=application/pdf
+mimetype.png=image/png
+mimetype.svg=image/svg+xml
+
+
+# Highlight source code with python pygments-based highlighter
+source-filter=/usr/local/lib/cgit/filters/syntax-highlighting.py
+
+# Format markdown, restructuredtext, manpages, text files, and html files
+# through the right converters
+about-filter=/usr/local/lib/cgit/filters/about-formatting.sh
+
+##
+## Search for these files in the root of the default branch of repositories
+## for coming up with the about page:
+##
+readme=:README.md
+readme=:readme.md
+readme=:README.mkd
+readme=:readme.mkd
+readme=:README.rst
+readme=:readme.rst
+readme=:README.html
+readme=:readme.html
+readme=:README.htm
+readme=:readme.htm
+readme=:README.txt
+readme=:readme.txt
+readme=:README
+readme=:readme
+readme=:INSTALL.md
+readme=:install.md
+readme=:INSTALL.mkd
+readme=:install.mkd
+readme=:INSTALL.rst
+readme=:install.rst
+readme=:INSTALL.html
+readme=:install.html
+readme=:INSTALL.htm
+readme=:install.htm
+readme=:INSTALL.txt
+readme=:install.txt
+readme=:INSTALL
+readme=:install
+
+
+# Allow cgit to use git config to set any repo specific settings
+enable-git-config=1
+
+
+# Removes .git suffix for the url and name
+remove-suffix=1
+
+
+# A list of subdirectories inside of scan-path
+# that should loaded as git repositories
+project-list=/home/git/projects.list
+
+
+# A path which will be scanned for repositories
+scan-path=/home/git/repositories \ No newline at end of file