diff options
Diffstat (limited to 'roles/git/tasks')
-rw-r--r-- | roles/git/tasks/cgit.yml | 111 | ||||
-rw-r--r-- | roles/git/tasks/gitweb.yml | 104 | ||||
-rw-r--r-- | roles/git/tasks/main.yml | 2 |
3 files changed, 112 insertions, 105 deletions
diff --git a/roles/git/tasks/cgit.yml b/roles/git/tasks/cgit.yml new file mode 100644 index 0000000..a8be1fc --- /dev/null +++ b/roles/git/tasks/cgit.yml @@ -0,0 +1,111 @@ +- name: Install cgit + apt: pkg={{ item }} + with_items: + - cgit + - highlight + - uwsgi + +- name: Configure cgit + copy: src=etc/cgitrc + dest=/etc/cgitrc + owner=root group=root + mode=0644 + register: r1 + notify: + - Restart uWSGI + +- name: Copy /usr/lib/cgit/filters/syntax-highlighting2.sh + copy: src=usr/lib/cgit/filters/syntax-highlighting2.sh + dest=/usr/lib/cgit/filters/syntax-highlighting2.sh + owner=root group=root + mode=0755 + register: r2 + notify: + - Restart uWSGI + +- name: Create a user 'cgit' + user: name=cgit system=yes + home=/var/www + shell=/usr/sbin/nologin + password=! + state=present + register: r3 + notify: + - Restart uWSGI + +- name: Create /etc/uwsgi/apps-available/{cgit,git-http-backend}.ini + copy: src=etc/uwsgi/apps-available/{{ item }}.ini + dest=/etc/uwsgi/apps-available/{{ item }}.ini + owner=root group=root + mode=0644 + register: r4 + with_items: + - cgit + - git-http-backend + notify: + - Restart uWSGI + +- name: Create /etc/uwsgi/apps-enabled/{cgit,git-http-backend}.ini + file: src=../apps-available/{{ item }}.ini + dest=/etc/uwsgi/apps-enabled/{{ item }}.ini + owner=root group=root + state=link force=yes + register: r5 + with_items: + - cgit + - git-http-backend + notify: + - Restart uWSGI + +- name: Start uWSGI + service: name=nginx state=started + when: not (r1.changed or r2.changed or r3.changed or r4.changed or r5.changed) + +- meta: flush_handlers + +- name: Add 'cgit' & 'www-data' to the group 'gitolite' + user: name={{ item }} groups=gitolite append=yes + with_items: + # for the cgit interface + - cgit + # for pulls over HTTP/HTTPS + - www-data + + +- name: Generate a private key and a X.509 certificate for Nginx + command: genkeypair.sh x509 + --pubkey=/etc/nginx/ssl/git.fripost.org.pem + --privkey=/etc/nginx/ssl/git.fripost.org.key + --ou=WWW --cn=git.fripost.org --dns=git.fripost.org + -t rsa -b 4096 -h sha512 + register: r1 + changed_when: r1.rc == 0 + failed_when: r1.rc > 1 + notify: + - Restart Nginx + tags: + - genkey + +- name: Copy /etc/nginx/sites-available/git + copy: src=etc/nginx/sites-available/git + dest=/etc/nginx/sites-available/git + owner=root group=root + mode=0644 + register: r2 + notify: + - Restart Nginx + +- name: Create /etc/nginx/sites-enabled/git + file: src=../sites-available/git + dest=/etc/nginx/sites-enabled/git + owner=root group=root + state=link force=yes + register: r3 + notify: + - Restart Nginx + +- name: Start Nginx + service: name=nginx state=started + when: not (r1.changed or r2.changed or r3.changed) + +- meta: flush_handlers diff --git a/roles/git/tasks/gitweb.yml b/roles/git/tasks/gitweb.yml deleted file mode 100644 index e0aaa4f..0000000 --- a/roles/git/tasks/gitweb.yml +++ /dev/null @@ -1,104 +0,0 @@ -- name: Install gitweb - apt: pkg={{ item }} - with_items: - - gitweb - - libfcgi-perl - # for git-http-backend - - fcgiwrap - -- name: Configure gitweb - copy: src=etc/gitweb.conf - dest=/etc/gitweb.conf - owner=root group=root - mode=0644 - notify: - - Restart gitweb - -- name: Create a user 'gitweb' - user: name=gitweb system=yes - home=/var/www - shell=/usr/sbin/nologin - password=! - state=present - -- name: Add 'gitweb' & 'www-data' to the group 'gitolite' - user: name={{ item }} groups=gitolite append=yes - with_items: - # for the gitweb interface - - gitweb - # for pulls over HTTP/HTTPS - - www-data - -# XXX workaround encoding issues in FCGI mode -# http://git.661346.n2.nabble.com/Gitweb-running-as-FCGI-does-not-print-its-output-in-UTF-8-td7573415.html -# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720308 -- name: Copy gitweb.cgi wrapper to fix encoding - copy: src=usr/lib/cgi-bin/gitweb-wrapper.fcgi - dest=/usr/lib/cgi-bin/gitweb-wrapper.fcgi - owner=root group=root - mode=0755 - -- name: Copy gitweb.{service,socket} - copy: src=lib/systemd/system/{{ item }} - dest=/lib/systemd/system/{{ item }} - owner=root group=root - mode=0644 - notify: - - systemctl daemon-reload - - Restart gitweb - with_items: - - gitweb.service - - gitweb.socket - -- meta: flush_handlers - -- name: Enable gitweb - service: name=gitweb enabled=yes - -- name: Start gitweb - service: name=gitweb state=started - - -- name: Generate a private key and a X.509 certificate for Nginx - command: genkeypair.sh x509 - --pubkey=/etc/nginx/ssl/git.fripost.org.pem - --privkey=/etc/nginx/ssl/git.fripost.org.key - --ou=WWW --cn=git.fripost.org --dns=git.fripost.org --dns=gitweb.fripost.org - -t rsa -b 4096 -h sha512 - register: r1 - changed_when: r1.rc == 0 - failed_when: r1.rc > 1 - notify: - - Restart Nginx - tags: - - genkey - -- name: Copy /etc/nginx/sites-available/{git,gitweb} - copy: src=etc/nginx/sites-available/{{ item }} - dest=/etc/nginx/sites-available/{{ item }} - owner=root group=root - mode=0644 - with_items: - - git - - gitweb - register: r2 - notify: - - Restart Nginx - -- name: Create /etc/nginx/sites-enabled/{git,gitweb} - file: src=../sites-available/{{ item }} - dest=/etc/nginx/sites-enabled/{{ item }} - owner=root group=root - state=link force=yes - with_items: - - git - - gitweb - register: r3 - notify: - - Restart Nginx - -- name: Start Nginx - service: name=nginx state=started - when: not (r1.changed or r2.changed or r3.changed) - -- meta: flush_handlers diff --git a/roles/git/tasks/main.yml b/roles/git/tasks/main.yml index b5422b7..da9f876 100644 --- a/roles/git/tasks/main.yml +++ b/roles/git/tasks/main.yml @@ -1,2 +1,2 @@ - include: gitolite.yml tags=gitolite -- include: gitweb.yml tags=gitweb +- include: cgit.yml tags=cgit |