From dfe67bab68bdab77dd8acbf3c4b1dcb7b7de515f Mon Sep 17 00:00:00 2001 From: bnewbold Date: Sat, 9 Apr 2016 20:32:05 -0400 Subject: git: first-pass cgit/gitolite configuration --- roles/git/defaults/main.yml | 4 + roles/git/files/cgit.css | 804 +++++++++++++++++++++ roles/git/files/cgit.png | Bin 0 -> 1488 bytes roles/git/files/favicon.ico | Bin 0 -> 1078 bytes roles/git/files/home_git_.gitolite.rc | 176 ----- roles/git/files/robots.txt | 3 + roles/git/tasks/cgit.yml | 73 +- roles/git/tasks/gitolite.yml | 13 +- .../templates/etc_apache2_sites-available_cgit.j2 | 27 - roles/git/templates/etc_cgitrc.j2 | 14 +- .../templates/etc_nginx_sites-available_cgit.j2 | 21 + roles/git/templates/home_git_gitolite_rc.j2 | 176 +++++ 12 files changed, 1051 insertions(+), 260 deletions(-) create mode 100644 roles/git/defaults/main.yml create mode 100644 roles/git/files/cgit.css create mode 100644 roles/git/files/cgit.png create mode 100644 roles/git/files/favicon.ico delete mode 100644 roles/git/files/home_git_.gitolite.rc create mode 100644 roles/git/files/robots.txt delete mode 100644 roles/git/templates/etc_apache2_sites-available_cgit.j2 create mode 100644 roles/git/templates/etc_nginx_sites-available_cgit.j2 create mode 100644 roles/git/templates/home_git_gitolite_rc.j2 (limited to 'roles/git') diff --git a/roles/git/defaults/main.yml b/roles/git/defaults/main.yml new file mode 100644 index 0000000..f216090 --- /dev/null +++ b/roles/git/defaults/main.yml @@ -0,0 +1,4 @@ + +gitolite_homedir: /srv/gitolite/ +gitolite_hostname: "{{ ansible_nodename }}" +cgit_hostname: "{{ ansible_nodename }}" diff --git a/roles/git/files/cgit.css b/roles/git/files/cgit.css new file mode 100644 index 0000000..71b0b9b --- /dev/null +++ b/roles/git/files/cgit.css @@ -0,0 +1,804 @@ +div#cgit { + padding: 0em; + margin: 0em; + font-family: sans-serif; + font-size: 10pt; + color: #333; + background: white; + padding: 4px; +} + +div#cgit a { + color: blue; + text-decoration: none; +} + +div#cgit a:hover { + text-decoration: underline; +} + +div#cgit table { + border-collapse: collapse; +} + +div#cgit table#header { + width: 100%; + margin-bottom: 1em; +} + +div#cgit table#header td.logo { + width: 96px; + vertical-align: top; +} + +div#cgit table#header td.main { + font-size: 250%; + padding-left: 10px; + white-space: nowrap; +} + +div#cgit table#header td.main a { + color: #000; +} + +div#cgit table#header td.form { + text-align: right; + vertical-align: bottom; + padding-right: 1em; + padding-bottom: 2px; + white-space: nowrap; +} + +div#cgit table#header td.form form, +div#cgit table#header td.form input, +div#cgit table#header td.form select { + font-size: 90%; +} + +div#cgit table#header td.sub { + color: #777; + border-top: solid 1px #ccc; + padding-left: 10px; +} + +div#cgit table.tabs { + border-bottom: solid 3px #ccc; + border-collapse: collapse; + margin-top: 2em; + margin-bottom: 0px; + width: 100%; +} + +div#cgit table.tabs td { + padding: 0px 1em; + vertical-align: bottom; +} + +div#cgit table.tabs td a { + padding: 2px 0.75em; + color: #777; + font-size: 110%; +} + +div#cgit table.tabs td a.active { + color: #000; + background-color: #ccc; +} + +div#cgit table.tabs td.form { + text-align: right; +} + +div#cgit table.tabs td.form form { + padding-bottom: 2px; + font-size: 90%; + white-space: nowrap; +} + +div#cgit table.tabs td.form input, +div#cgit table.tabs td.form select { + font-size: 90%; +} + +div#cgit div.path { + margin: 0px; + padding: 5px 2em 2px 2em; + color: #000; + background-color: #eee; +} + +div#cgit div.content { + margin: 0px; + padding: 2em; + border-bottom: solid 3px #ccc; +} + + +div#cgit table.list { + width: 100%; + border: none; + border-collapse: collapse; +} + +div#cgit table.list tr { + background: white; +} + +div#cgit table.list tr.logheader { + background: #eee; +} + +div#cgit table.list tr:hover { + background: #eee; +} + +div#cgit table.list tr.nohover:hover { + background: white; +} + +div#cgit table.list th { + font-weight: bold; + /* color: #888; + border-top: dashed 1px #888; + border-bottom: dashed 1px #888; + */ + padding: 0.1em 0.5em 0.05em 0.5em; + vertical-align: baseline; +} + +div#cgit table.list td { + border: none; + padding: 0.1em 0.5em 0.1em 0.5em; +} + +div#cgit table.list td.commitgraph { + font-family: monospace; + white-space: pre; +} + +div#cgit table.list td.commitgraph .column1 { + color: #a00; +} + +div#cgit table.list td.commitgraph .column2 { + color: #0a0; +} + +div#cgit table.list td.commitgraph .column3 { + color: #aa0; +} + +div#cgit table.list td.commitgraph .column4 { + color: #00a; +} + +div#cgit table.list td.commitgraph .column5 { + color: #a0a; +} + +div#cgit table.list td.commitgraph .column6 { + color: #0aa; +} + +div#cgit table.list td.logsubject { + font-family: monospace; + font-weight: bold; +} + +div#cgit table.list td.logmsg { + font-family: monospace; + white-space: pre; + padding: 0 0.5em; +} + +div#cgit table.list td a { + color: black; +} + +div#cgit table.list td a.ls-dir { + font-weight: bold; + color: #00f; +} + +div#cgit table.list td a:hover { + color: #00f; +} + +div#cgit img { + border: none; +} + +div#cgit input#switch-btn { + margin: 2px 0px 0px 0px; +} + +div#cgit td#sidebar input.txt { + width: 100%; + margin: 2px 0px 0px 0px; +} + +div#cgit table#grid { + margin: 0px; +} + +div#cgit td#content { + vertical-align: top; + padding: 1em 2em 1em 1em; + border: none; +} + +div#cgit div#summary { + vertical-align: top; + margin-bottom: 1em; +} + +div#cgit table#downloads { + float: right; + border-collapse: collapse; + border: solid 1px #777; + margin-left: 0.5em; + margin-bottom: 0.5em; +} + +div#cgit table#downloads th { + background-color: #ccc; +} + +div#cgit div#blob { + border: solid 1px black; +} + +div#cgit div.error { + color: red; + font-weight: bold; + margin: 1em 2em; +} + +div#cgit a.ls-blob, div#cgit a.ls-dir, div#cgit a.ls-mod { + font-family: monospace; +} + +div#cgit td.ls-size { + text-align: right; + font-family: monospace; + width: 10em; +} + +div#cgit td.ls-mode { + font-family: monospace; + width: 10em; +} + +div#cgit table.blob { + margin-top: 0.5em; + border-top: solid 1px black; +} + +div#cgit table.blob td.lines { + margin: 0; padding: 0 0 0 0.5em; + vertical-align: top; + color: black; +} + +div#cgit table.blob td.linenumbers { + margin: 0; padding: 0 0.5em 0 0.5em; + vertical-align: top; + text-align: right; + border-right: 1px solid gray; +} + +div#cgit table.blob pre { + padding: 0; margin: 0; +} + +div#cgit table.blob td.linenumbers a, +div#cgit table.ssdiff td.lineno a { + color: gray; + text-align: right; + text-decoration: none; +} + +div#cgit table.blob td.linenumbers a:hover, +div#cgit table.ssdiff td.lineno a:hover { + color: black; +} + +div#cgit table.bin-blob { + margin-top: 0.5em; + border: solid 1px black; +} + +div#cgit table.bin-blob th { + font-family: monospace; + white-space: pre; + border: solid 1px #777; + padding: 0.5em 1em; +} + +div#cgit table.bin-blob td { + font-family: monospace; + white-space: pre; + border-left: solid 1px #777; + padding: 0em 1em; +} + +div#cgit table.nowrap td { + white-space: nowrap; +} + +div#cgit table.commit-info { + border-collapse: collapse; + margin-top: 1.5em; +} + +div#cgit div.cgit-panel { + float: right; + margin-top: 1.5em; +} + +div#cgit div.cgit-panel table { + border-collapse: collapse; + border: solid 1px #aaa; + background-color: #eee; +} + +div#cgit div.cgit-panel th { + text-align: center; +} + +div#cgit div.cgit-panel td { + padding: 0.25em 0.5em; +} + +div#cgit div.cgit-panel td.label { + padding-right: 0.5em; +} + +div#cgit div.cgit-panel td.ctrl { + padding-left: 0.5em; +} + +div#cgit table.commit-info th { + text-align: left; + font-weight: normal; + padding: 0.1em 1em 0.1em 0.1em; + vertical-align: top; +} + +div#cgit table.commit-info td { + font-weight: normal; + padding: 0.1em 1em 0.1em 0.1em; +} + +div#cgit div.commit-subject { + font-weight: bold; + font-size: 125%; + margin: 1.5em 0em 0.5em 0em; + padding: 0em; +} + +div#cgit div.commit-msg { + white-space: pre; + font-family: monospace; +} + +div#cgit div.notes-header { + font-weight: bold; + padding-top: 1.5em; +} + +div#cgit div.notes { + white-space: pre; + font-family: monospace; + border: solid 1px #ee9; + background-color: #ffd; + padding: 0.3em 2em 0.3em 1em; + float: left; +} + +div#cgit div.notes-footer { + clear: left; +} + +div#cgit div.diffstat-header { + font-weight: bold; + padding-top: 1.5em; +} + +div#cgit table.diffstat { + border-collapse: collapse; + border: solid 1px #aaa; + background-color: #eee; +} + +div#cgit table.diffstat th { + font-weight: normal; + text-align: left; + text-decoration: underline; + padding: 0.1em 1em 0.1em 0.1em; + font-size: 100%; +} + +div#cgit table.diffstat td { + padding: 0.2em 0.2em 0.1em 0.1em; + font-size: 100%; + border: none; +} + +div#cgit table.diffstat td.mode { + white-space: nowrap; +} + +div#cgit table.diffstat td span.modechange { + padding-left: 1em; + color: red; +} + +div#cgit table.diffstat td.add a { + color: green; +} + +div#cgit table.diffstat td.del a { + color: red; +} + +div#cgit table.diffstat td.upd a { + color: blue; +} + +div#cgit table.diffstat td.graph { + width: 500px; + vertical-align: middle; +} + +div#cgit table.diffstat td.graph table { + border: none; +} + +div#cgit table.diffstat td.graph td { + padding: 0px; + border: 0px; + height: 7pt; +} + +div#cgit table.diffstat td.graph td.add { + background-color: #5c5; +} + +div#cgit table.diffstat td.graph td.rem { + background-color: #c55; +} + +div#cgit div.diffstat-summary { + color: #888; + padding-top: 0.5em; +} + +div#cgit table.diff { + width: 100%; +} + +div#cgit table.diff td { + font-family: monospace; + white-space: pre; +} + +div#cgit table.diff td div.head { + font-weight: bold; + margin-top: 1em; + color: black; +} + +div#cgit table.diff td div.hunk { + color: #009; +} + +div#cgit table.diff td div.add { + color: green; +} + +div#cgit table.diff td div.del { + color: red; +} + +div#cgit .sha1 { + font-family: monospace; + font-size: 90%; +} + +div#cgit .left { + text-align: left; +} + +div#cgit .right { + text-align: right; +} + +div#cgit table.list td.reposection { + font-style: italic; + color: #888; +} + +div#cgit a.button { + font-size: 80%; + padding: 0em 0.5em; +} + +div#cgit a.primary { + font-size: 100%; +} + +div#cgit a.secondary { + font-size: 90%; +} + +div#cgit td.toplevel-repo { + +} + +div#cgit table.list td.sublevel-repo { + padding-left: 1.5em; +} + +div#cgit ul.pager { + list-style-type: none; + text-align: center; + margin: 1em 0em 0em 0em; + padding: 0; +} + +div#cgit ul.pager li { + display: inline-block; + margin: 0.25em 0.5em; +} + +div#cgit ul.pager a { + color: #777; +} + +div#cgit ul.pager .current { + font-weight: bold; +} + +div#cgit span.age-mins { + font-weight: bold; + color: #080; +} + +div#cgit span.age-hours { + color: #080; +} + +div#cgit span.age-days { + color: #040; +} + +div#cgit span.age-weeks { + color: #444; +} + +div#cgit span.age-months { + color: #888; +} + +div#cgit span.age-years { + color: #bbb; +} +div#cgit div.footer { + margin-top: 0.5em; + text-align: center; + font-size: 80%; + color: #ccc; +} +div#cgit a.branch-deco { + color: #000; + margin: 0px 0.5em; + padding: 0px 0.25em; + background-color: #88ff88; + border: solid 1px #007700; +} +div#cgit a.tag-deco { + color: #000; + margin: 0px 0.5em; + padding: 0px 0.25em; + background-color: #ffff88; + border: solid 1px #777700; +} +div#cgit a.remote-deco { + color: #000; + margin: 0px 0.5em; + padding: 0px 0.25em; + background-color: #ccccff; + border: solid 1px #000077; +} +div#cgit a.deco { + color: #000; + margin: 0px 0.5em; + padding: 0px 0.25em; + background-color: #ff8888; + border: solid 1px #770000; +} + +div#cgit div.commit-subject a.branch-deco, +div#cgit div.commit-subject a.tag-deco, +div#cgit div.commit-subject a.remote-deco, +div#cgit div.commit-subject a.deco { + margin-left: 1em; + font-size: 75%; +} + +div#cgit table.stats { + border: solid 1px black; + border-collapse: collapse; +} + +div#cgit table.stats th { + text-align: left; + padding: 1px 0.5em; + background-color: #eee; + border: solid 1px black; +} + +div#cgit table.stats td { + text-align: right; + padding: 1px 0.5em; + border: solid 1px black; +} + +div#cgit table.stats td.total { + font-weight: bold; + text-align: left; +} + +div#cgit table.stats td.sum { + color: #c00; + font-weight: bold; +/* background-color: #eee; */ +} + +div#cgit table.stats td.left { + text-align: left; +} + +div#cgit table.vgraph { + border-collapse: separate; + border: solid 1px black; + height: 200px; +} + +div#cgit table.vgraph th { + background-color: #eee; + font-weight: bold; + border: solid 1px white; + padding: 1px 0.5em; +} + +div#cgit table.vgraph td { + vertical-align: bottom; + padding: 0px 10px; +} + +div#cgit table.vgraph div.bar { + background-color: #eee; +} + +div#cgit table.hgraph { + border: solid 1px black; + width: 800px; +} + +div#cgit table.hgraph th { + background-color: #eee; + font-weight: bold; + border: solid 1px black; + padding: 1px 0.5em; +} + +div#cgit table.hgraph td { + vertical-align: middle; + padding: 2px 2px; +} + +div#cgit table.hgraph div.bar { + background-color: #eee; + height: 1em; +} + +div#cgit table.ssdiff { + width: 100%; +} + +div#cgit table.ssdiff td { + font-size: 75%; + font-family: monospace; + white-space: pre; + padding: 1px 4px 1px 4px; + border-left: solid 1px #aaa; + border-right: solid 1px #aaa; +} + +div#cgit table.ssdiff td.add { + color: black; + background: #cfc; + min-width: 50%; +} + +div#cgit table.ssdiff td.add_dark { + color: black; + background: #aca; + min-width: 50%; +} + +div#cgit table.ssdiff span.add { + background: #cfc; + font-weight: bold; +} + +div#cgit table.ssdiff td.del { + color: black; + background: #fcc; + min-width: 50%; +} + +div#cgit table.ssdiff td.del_dark { + color: black; + background: #caa; + min-width: 50%; +} + +div#cgit table.ssdiff span.del { + background: #fcc; + font-weight: bold; +} + +div#cgit table.ssdiff td.changed { + color: black; + background: #ffc; + min-width: 50%; +} + +div#cgit table.ssdiff td.changed_dark { + color: black; + background: #cca; + min-width: 50%; +} + +div#cgit table.ssdiff td.lineno { + color: black; + background: #eee; + text-align: right; + width: 3em; + min-width: 3em; +} + +div#cgit table.ssdiff td.hunk { + color: black; + background: #ccf; + border-top: solid 1px #aaa; + border-bottom: solid 1px #aaa; +} + +div#cgit table.ssdiff td.head { + border-top: solid 1px #aaa; + border-bottom: solid 1px #aaa; +} + +div#cgit table.ssdiff td.head div.head { + font-weight: bold; + color: black; +} + +div#cgit table.ssdiff td.foot { + border-top: solid 1px #aaa; + border-left: none; + border-right: none; + border-bottom: none; +} + +div#cgit table.ssdiff td.space { + border: none; +} + +div#cgit table.ssdiff td.space div { + min-height: 3em; +} diff --git a/roles/git/files/cgit.png b/roles/git/files/cgit.png new file mode 100644 index 0000000..0bdf5a7 Binary files /dev/null and b/roles/git/files/cgit.png differ diff --git a/roles/git/files/favicon.ico b/roles/git/files/favicon.ico new file mode 100644 index 0000000..56ff593 Binary files /dev/null and b/roles/git/files/favicon.ico differ diff --git a/roles/git/files/home_git_.gitolite.rc b/roles/git/files/home_git_.gitolite.rc deleted file mode 100644 index 07bab4f..0000000 --- a/roles/git/files/home_git_.gitolite.rc +++ /dev/null @@ -1,176 +0,0 @@ -# configuration variables for gitolite - -# This file is in perl syntax. But you do NOT need to know perl to edit it -- -# just mind the commas, use single quotes unless you know what you're doing, -# and make sure the brackets and braces stay matched up! - -# (Tip: perl allows a comma after the last item in a list also!) - -# HELP for commands can be had by running the command with "-h". - -# HELP for all the other FEATURES can be found in the documentation (look for -# "list of non-core programs shipped with gitolite" in the master index) or -# directly in the corresponding source file. - -%RC = ( - - # ------------------------------------------------------------------ - - # default umask gives you perms of '0700'; see the rc file docs for - # how/why you might change this - UMASK => 0027, - - # look for "git-config" in the documentation - GIT_CONFIG_KEYS => 'gitweb\.(owner|description|category)', - - # comment out if you don't need all the extra detail in the logfile - LOG_EXTRA => 1, - - # roles. add more roles (like MANAGER, TESTER, ...) here. - # WARNING: if you make changes to this hash, you MUST run 'gitolite - # compile' afterward, and possibly also 'gitolite trigger POST_COMPILE' - ROLES => { - READERS => 1, - WRITERS => 1, - }, - - # ------------------------------------------------------------------ - - # rc variables used by various features - - # the 'info' command prints this as additional info, if it is set - # SITE_INFO => 'Please see http://blahblah/gitolite for more help', - - # the 'desc' command uses this - # WRITER_CAN_UPDATE_DESC => 1, - - # the CpuTime feature uses these - # display user, system, and elapsed times to user after each git operation - # DISPLAY_CPU_TIME => 1, - # display a warning if total CPU times (u, s, cu, cs) crosses this limit - # CPU_TIME_WARN_LIMIT => 0.1, - - # the Mirroring feature needs this - # HOSTNAME => "foo", - - # if you enabled 'Shell', you need this - # SHELL_USERS_LIST => "$ENV{HOME}/.gitolite.shell-users", - - # ------------------------------------------------------------------ - - # suggested locations for site-local gitolite code (see cust.html) - - # this one is managed directly on the server - # LOCAL_CODE => "$ENV{HOME}/local", - - # or you can use this, which lets you put everything in a subdirectory - # called "local" in your gitolite-admin repo. For a SECURITY WARNING - # on this, see http://gitolite.com/gitolite/cust.html#pushcode - # LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local", - - # ------------------------------------------------------------------ - - # List of commands and features to enable - - ENABLE => [ - - # COMMANDS - - # These are the commands enabled by default - 'help', - 'desc', - 'info', - 'perms', - 'writable', - - # Uncomment or add new commands here. - # 'create', - # 'fork', - # 'mirror', - # 'sskm', - # 'D', - - # These FEATURES are enabled by default. - - # essential (unless you're using smart-http mode) - 'ssh-authkeys', - - # creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz' - 'git-config', - - # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out - 'daemon', - - # creates projects.list file; if you don't use gitweb, comment this out - 'gitweb', - - # These FEATURES are disabled by default; uncomment to enable. If you - # need to add new ones, ask on the mailing list :-) - - # user-visible behaviour - - # prevent wild repos auto-create on fetch/clone - # 'no-create-on-read', - # no auto-create at all (don't forget to enable the 'create' command!) - # 'no-auto-create', - - # access a repo by another (possibly legacy) name - # 'Alias', - - # give some users direct shell access - # 'Shell', - - # set default roles from lines like 'option default.roles-1 = ...', etc. - # 'set-default-roles', - - # system admin stuff - - # enable mirroring (don't forget to set the HOSTNAME too!) - # 'Mirroring', - - # allow people to submit pub files with more than one key in them - # 'ssh-authkeys-split', - - # selective read control hack - # 'partial-copy', - - # manage local, gitolite-controlled, copies of read-only upstream repos - # 'upstream', - - # updates 'description' file instead of 'gitweb.description' config item - # 'cgit', - - # allow repo-specific hooks to be added - # 'repo-specific-hooks', - - # performance, logging, monitoring... - - # be nice - # 'renice 10', - - # log CPU times (user, system, cumulative user, cumulative system) - # 'CpuTime', - - # syntactic_sugar for gitolite.conf and included files - - # allow backslash-escaped continuation lines in gitolite.conf - # 'continuation-lines', - - # create implicit user groups from directory names in keydir/ - # 'keysubdirs-as-groups', - - # allow simple line-oriented macros - # 'macros', - - ], - -); - -# ------------------------------------------------------------------------------ -# per perl rules, this should be the last line in such a file: -1; - -# Local variables: -# mode: perl -# End: -# vim: set syn=perl: diff --git a/roles/git/files/robots.txt b/roles/git/files/robots.txt new file mode 100644 index 0000000..4ce948f --- /dev/null +++ b/roles/git/files/robots.txt @@ -0,0 +1,3 @@ +User-agent: * +Disallow: /*/snapshot/* +Allow: / diff --git a/roles/git/tasks/cgit.yml b/roles/git/tasks/cgit.yml index fd9f549..3362d2c 100644 --- a/roles/git/tasks/cgit.yml +++ b/roles/git/tasks/cgit.yml @@ -1,59 +1,44 @@ -- name: Install cgit dependencies +- name: Install cgit package and deps (fcgi stuff) apt: pkg={{ item }} state=installed with_items: - - groff - - libssl-dev - - python-pip + - cgit + - fcgiwrap + - spawn-fcgi tags: - dependencies -- name: Install cgit pip dependencies - pip: name={{ item }} - with_items: - - docutils - - pygments - -- name: Download cgit release - get_url: url=http://git.zx2c4.com/cgit/snapshot/cgit-{{ cgit_version }}.tar.xz - dest=/root/cgit-{{ cgit_version }}.tar.xz - -- name: Decompress cgit source - unarchive: src=/root/cgit-{{ cgit_version }}.tar.xz - dest=/root copy=no - creates=/root/cgit-{{ cgit_version }}/configure - -- name: Build and install cgit - shell: make get-git ; make ; make install - executable=/bin/bash - chdir=/root/cgit-{{ cgit_version }} - creates=/var/www/htdocs/cgit/cgit.cgi - - name: Copy cgitrc template: src=etc_cgitrc.j2 dest=/etc/cgitrc group=www-data owner=root -- name: Rename existing Apache cgit virtualhost - command: mv /etc/apache2/sites-available/cgit /etc/apache2/sites-available/cgit.conf removes=/etc/apache2/sites-available/cgit - -- name: Remove old sites-enabled/cgit symlink (new one will be created by a2ensite) - file: path=/etc/apache2/sites-enabled/cgit state=absent +- name: Create static files directory + file: path=/srv/http/cgit + state=directory + owner=www-data + group=www-data + mode=0775 + recurse=yes -- name: Configure the Apache HTTP server for cgit - template: src=etc_apache2_sites-available_cgit.j2 - dest=/etc/apache2/sites-available/cgit.conf +- name: Upload Custom cgit Static Files (css, robots.txt, logo, etc) + copy: src={{ item.src }} dest={{ item.dest }} + group=www-data + owner=root + with_items: + - { src: 'robots.txt', dest: '/srv/http/cgit/robots.txt' } + - { src: 'cgit.png', dest: '/srv/http/cgit/cgit.png' } + - { src: 'cgit.css', dest: '/srv/http/cgit/cgit.css' } + - { src: 'favicon.ico', dest: '/srv/http/cgit/favicon.ico' } + +- name: Configure the nginx HTTP server for cgit + template: src=etc_nginx_sites-available_cgit.j2 + dest=/etc/nginx/sites-available/cgit group=root owner=root -- name: Enable Apache CGI module - command: a2enmod cgi creates=/etc/apache2/mods-enabled/cgi.load - notify: restart apache - -- name: Enable Apache rewrite module - command: a2enmod rewrite creates=/etc/apache2/mods-enabled/rewrite.load - notify: restart apache - -- name: Enable cgit site - command: a2ensite cgit.conf creates=/etc/apache2/sites-enabled/cgit.conf - notify: restart apache +- name: Create symlink to enable cgit config + file: state=link + src=/etc/nginx/sites-available/cgit + dest=/etc/nginx/sites-enabled/cgit + notify: nginx reload diff --git a/roles/git/tasks/gitolite.yml b/roles/git/tasks/gitolite.yml index 8e2538f..09a6ac8 100644 --- a/roles/git/tasks/gitolite.yml +++ b/roles/git/tasks/gitolite.yml @@ -2,7 +2,7 @@ group: name=git state=present - name: Create gitolite user - user: name=git state=present home=/home/git system=yes group=git + user: name=git state=present home={{ gitolite_homedir }} system=yes group=git - name: Add www-data to the git group user: name=www-data groups=git append=yes @@ -13,19 +13,20 @@ - dependencies - name: Copy .gitolite.rc file - copy: src=home_git_.gitolite.rc - dest=/home/git/.gitolite.rc + template: + src=home_git_gitolite_rc.j2 + dest={{ gitolite_homedir }}/.gitolite.rc group=git owner=git mode=0644 - name: Copy SSH public key to server - copy: src=gitolite.pub - dest=/home/git/{{ main_user_name }}.pub + copy: src={{ gitolite_admin_pubkey }} + dest={{ gitolite_homedir}}/{{ main_user_name }}.pub group=git owner=git mode=0644 - name: Setup gitolite command: su - git -c 'gitolite setup -pk {{ main_user_name }}.pub' - chdir=/home/git + chdir={{ gitolite_homedir }} diff --git a/roles/git/templates/etc_apache2_sites-available_cgit.j2 b/roles/git/templates/etc_apache2_sites-available_cgit.j2 deleted file mode 100644 index af59a34..0000000 --- a/roles/git/templates/etc_apache2_sites-available_cgit.j2 +++ /dev/null @@ -1,27 +0,0 @@ - - ServerName {{ cgit_domain }} - - Redirect permanent / https://{{ cgit_domain }}/ - - - - ServerName {{ cgit_domain }} - SSLEngine On - - DocumentRoot /var/www/htdocs/cgit/ - - AllowOverride None - Options +ExecCGI - Order allow,deny - Allow from all - - - Alias /cgit.png /var/www/htdocs/cgit/cgit.png - Alias /cgit.css /var/www/htdocs/cgit/cgit.css - Alias /favicon.ico /var/www/htdocs/cgit/favicon.ico - Alias /robots.txt /var/www/htdocs/cgit/robots.txt - ScriptAlias / /var/www/htdocs/cgit/cgit.cgi/ - - CustomLog /var/log/apache2/cgit_access.log combined - ErrorLog /var/log/apache2/cgit_error.log - diff --git a/roles/git/templates/etc_cgitrc.j2 b/roles/git/templates/etc_cgitrc.j2 index abba971..ea52194 100644 --- a/roles/git/templates/etc_cgitrc.j2 +++ b/roles/git/templates/etc_cgitrc.j2 @@ -3,7 +3,7 @@ cache-size=1000 # Specify some default clone urls using macro expansion -clone-url=git@{{ domain }}:$CGIT_REPO_URL +clone-url=git@{{ cgit_hostname }}:$CGIT_REPO_URL # Specify the css url @@ -15,7 +15,7 @@ enable-index-owner=1 # Allow http transport git clone -enable-http-clone=0 +enable-http-clone=1 # Show extra links for each repository on the index page @@ -51,7 +51,7 @@ max-stats=quarter # Set the title and heading of the repository index page -root-title={{ domain }} git repository +root-title={{ cgit_hostname }} git repository # Set a subheading for the repository index page @@ -62,8 +62,8 @@ root-title={{ domain }} git repository # root-readme=/var/www/htdocs/about.html -# Allow download of tar.gz, tar.bz2 and zip-files -snapshots=tar.gz tar.bz2 zip +# Allow download of tar.gz and zip-files +snapshots=tar.gz zip ## @@ -130,8 +130,8 @@ remove-suffix=1 # A list of subdirectories inside of scan-path # that should loaded as git repositories -project-list=/home/git/projects.list +project-list={{ gitolite_homedir }}/projects.list # A path which will be scanned for repositories -scan-path=/home/git/repositories \ No newline at end of file +scan-path={{ gitolite_homedir }}/repositories diff --git a/roles/git/templates/etc_nginx_sites-available_cgit.j2 b/roles/git/templates/etc_nginx_sites-available_cgit.j2 new file mode 100644 index 0000000..2ad43e3 --- /dev/null +++ b/roles/git/templates/etc_nginx_sites-available_cgit.j2 @@ -0,0 +1,21 @@ + +server { + server_name {{ cgit_hostname }}; + root /srv/http/cgit; + + location / { + try_files $uri @cgit; + } + + location @cgit { + index cgit.cgi; + fastcgi_param SCRIPT_FILENAME $document_root/cgit.cgi; + fastcgi_pass unix:/var/run/fcgiwrap.socket; + fastcgi_param HTTP_HOST $server_name; + fastcgi_param PATH_INFO $uri; + fastcgi_param QUERY_INFO $uri; + include "fastcgi_params"; + + } +} + diff --git a/roles/git/templates/home_git_gitolite_rc.j2 b/roles/git/templates/home_git_gitolite_rc.j2 new file mode 100644 index 0000000..18dbd7b --- /dev/null +++ b/roles/git/templates/home_git_gitolite_rc.j2 @@ -0,0 +1,176 @@ +# configuration variables for gitolite + +# This file is in perl syntax. But you do NOT need to know perl to edit it -- +# just mind the commas, use single quotes unless you know what you're doing, +# and make sure the brackets and braces stay matched up! + +# (Tip: perl allows a comma after the last item in a list also!) + +# HELP for commands can be had by running the command with "-h". + +# HELP for all the other FEATURES can be found in the documentation (look for +# "list of non-core programs shipped with gitolite" in the master index) or +# directly in the corresponding source file. + +%RC = ( + + # ------------------------------------------------------------------ + + # default umask gives you perms of '0700'; see the rc file docs for + # how/why you might change this + UMASK => 0027, + + # look for "git-config" in the documentation + GIT_CONFIG_KEYS => 'gitweb\.(owner|description|category)', + + # comment out if you don't need all the extra detail in the logfile + LOG_EXTRA => 1, + + # roles. add more roles (like MANAGER, TESTER, ...) here. + # WARNING: if you make changes to this hash, you MUST run 'gitolite + # compile' afterward, and possibly also 'gitolite trigger POST_COMPILE' + ROLES => { + READERS => 1, + WRITERS => 1, + }, + + # ------------------------------------------------------------------ + + # rc variables used by various features + + # the 'info' command prints this as additional info, if it is set + # SITE_INFO => 'Please search for "gitolite" or email site admin for more help', + + # the 'desc' command uses this + # WRITER_CAN_UPDATE_DESC => 1, + + # the CpuTime feature uses these + # display user, system, and elapsed times to user after each git operation + # DISPLAY_CPU_TIME => 1, + # display a warning if total CPU times (u, s, cu, cs) crosses this limit + # CPU_TIME_WARN_LIMIT => 0.1, + + # the Mirroring feature needs this + HOSTNAME => "{{ gitolite_hostname }}", + + # if you enabled 'Shell', you need this + # SHELL_USERS_LIST => "$ENV{HOME}/.gitolite.shell-users", + + # ------------------------------------------------------------------ + + # suggested locations for site-local gitolite code (see cust.html) + + # this one is managed directly on the server + # LOCAL_CODE => "$ENV{HOME}/local", + + # or you can use this, which lets you put everything in a subdirectory + # called "local" in your gitolite-admin repo. For a SECURITY WARNING + # on this, see http://gitolite.com/gitolite/cust.html#pushcode + # LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local", + + # ------------------------------------------------------------------ + + # List of commands and features to enable + + ENABLE => [ + + # COMMANDS + + # These are the commands enabled by default + 'help', + 'desc', + 'info', + 'perms', + 'writable', + + # Uncomment or add new commands here. + # 'create', + # 'fork', + # 'mirror', + # 'sskm', + # 'D', + + # These FEATURES are enabled by default. + + # essential (unless you're using smart-http mode) + 'ssh-authkeys', + + # creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz' + 'git-config', + + # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out + 'daemon', + + # creates projects.list file; if you don't use gitweb, comment this out + 'gitweb', + + # These FEATURES are disabled by default; uncomment to enable. If you + # need to add new ones, ask on the mailing list :-) + + # user-visible behaviour + + # prevent wild repos auto-create on fetch/clone + # 'no-create-on-read', + # no auto-create at all (don't forget to enable the 'create' command!) + 'no-auto-create', + + # access a repo by another (possibly legacy) name + # 'Alias', + + # give some users direct shell access + # 'Shell', + + # set default roles from lines like 'option default.roles-1 = ...', etc. + # 'set-default-roles', + + # system admin stuff + + # enable mirroring (don't forget to set the HOSTNAME too!) + # 'Mirroring', + + # allow people to submit pub files with more than one key in them + 'ssh-authkeys-split', + + # selective read control hack + # 'partial-copy', + + # manage local, gitolite-controlled, copies of read-only upstream repos + # 'upstream', + + # updates 'description' file instead of 'gitweb.description' config item + # 'cgit', + + # allow repo-specific hooks to be added + # 'repo-specific-hooks', + + # performance, logging, monitoring... + + # be nice + # 'renice 10', + + # log CPU times (user, system, cumulative user, cumulative system) + # 'CpuTime', + + # syntactic_sugar for gitolite.conf and included files + + # allow backslash-escaped continuation lines in gitolite.conf + # 'continuation-lines', + + # create implicit user groups from directory names in keydir/ + 'keysubdirs-as-groups', + + # allow simple line-oriented macros + # 'macros', + + ], + +); + +# ------------------------------------------------------------------------------ +# per perl rules, this should be the last line in such a file: +1; + +# Local variables: +# mode: perl +# End: +# vim: set syn=perl: -- cgit v1.2.3