From 0a75c2eedccecc0ee886d90599c9e5efe0911342 Mon Sep 17 00:00:00 2001 From: Someone Date: Fri, 4 Oct 2024 13:42:36 +0200 Subject: [PATCH] [roles/server/git-server] install gitolite3 --- .../default/compact_gitolite_repos.service | 18 ++ .../files/default/compact_gitolite_repos.sh | 20 +++ .../default/compact_gitolite_repos.timer | 17 ++ .../server/git-server/files/default/gitconfig | 13 ++ .../git-server/files/default/gitolite.rc | 161 ++++++++++++++++++ roles/server/git-server/tasks/main.yml | 144 ++++++++++++++++ 6 files changed, 373 insertions(+) create mode 100644 roles/server/git-server/files/default/compact_gitolite_repos.service create mode 100644 roles/server/git-server/files/default/compact_gitolite_repos.sh create mode 100644 roles/server/git-server/files/default/compact_gitolite_repos.timer create mode 100644 roles/server/git-server/files/default/gitconfig create mode 100644 roles/server/git-server/files/default/gitolite.rc create mode 100644 roles/server/git-server/tasks/main.yml diff --git a/roles/server/git-server/files/default/compact_gitolite_repos.service b/roles/server/git-server/files/default/compact_gitolite_repos.service new file mode 100644 index 0000000..8b31a6e --- /dev/null +++ b/roles/server/git-server/files/default/compact_gitolite_repos.service @@ -0,0 +1,18 @@ +# +################################################ +### Managed by someone's ansible provisioner ### +################################################ +# Part of: https://git.somenet.org/root/pub/somesible.git +# 2017-2024 by someone +# + +[Unit] +Description=Run gitolite repo compacter + +[Service] +Type=oneshot +User=git +Group=git +Nice=10 +ExecStart=/bin/sh -c '/srv/gitolite/compact_gitolite_repos.sh 2>&1 >/srv/gitolite/compact_gitolite_repos.sh.log ' +WorkingDirectory=/srv/gitolite diff --git a/roles/server/git-server/files/default/compact_gitolite_repos.sh b/roles/server/git-server/files/default/compact_gitolite_repos.sh new file mode 100644 index 0000000..3f1e046 --- /dev/null +++ b/roles/server/git-server/files/default/compact_gitolite_repos.sh @@ -0,0 +1,20 @@ +#!/bin/bash +################################################ +### Managed by someone's ansible provisioner ### +################################################ +# Part of: https://git.somenet.org/root/pub/somesible.git +# 2017-2024 by someone +# + +date -Isec > /tmp/compactGitRepos.txt +echo "------OLD------" >> /tmp/compactGitRepos.txt +find /srv/gitolite/repositories -path '*.git' -type d -print0 | sort -z | du -scm --files0-from=- >> /tmp/compactGitRepos.txt +echo "------NEW------" >> /tmp/compactGitRepos.txt +find /srv/gitolite/repositories -path '*.git/config' -type f -execdir echo "------------------------------------------" \; -execdir pwd \; -execdir git gc --prune=all \; +find /srv/gitolite/repositories -path '*.git' -type d -print0 | sort -z | du -scm --files0-from=- > /tmp/compactGitRepos.new.txt +echo "-----STATS-----" +cat /tmp/compactGitRepos.txt +cat /tmp/compactGitRepos.new.txt +echo "$(grep 'total$' /tmp/compactGitRepos.txt) before" +echo "repo count: `echo "$(cat /tmp/compactGitRepos.new.txt|wc -l)-1" | bc`" +rm -f /tmp/compactGitRepos.txt /tmp/compactGitRepos.new.txt diff --git a/roles/server/git-server/files/default/compact_gitolite_repos.timer b/roles/server/git-server/files/default/compact_gitolite_repos.timer new file mode 100644 index 0000000..86b6ea4 --- /dev/null +++ b/roles/server/git-server/files/default/compact_gitolite_repos.timer @@ -0,0 +1,17 @@ +# +################################################ +### Managed by someone's ansible provisioner ### +################################################ +# Part of: https://git.somenet.org/root/pub/somesible.git +# 2017-2024 by someone +# + +[Unit] +Description=Run weekly gitolite repo compacter + +[Timer] +OnCalendar=weekly +Persistent=true + +[Install] +WantedBy=timers.target diff --git a/roles/server/git-server/files/default/gitconfig b/roles/server/git-server/files/default/gitconfig new file mode 100644 index 0000000..66b38e8 --- /dev/null +++ b/roles/server/git-server/files/default/gitconfig @@ -0,0 +1,13 @@ +# +################################################ +### Managed by someone's ansible provisioner ### +################################################ +# Part of: https://git.somenet.org/root/pub/somesible.git +# 2017-2024 by someone +# + +[user] + email = git@git.somenet.org + name = git +[gc] + auto = 0 diff --git a/roles/server/git-server/files/default/gitolite.rc b/roles/server/git-server/files/default/gitolite.rc new file mode 100644 index 0000000..8e821b5 --- /dev/null +++ b/roles/server/git-server/files/default/gitolite.rc @@ -0,0 +1,161 @@ +# +################################################ +### Managed by someone's ansible provisioner ### +################################################ +# Part of: https://git.somenet.org/root/pub/somesible.git +# 2017-2024 by someone +# + +# configuration variables for gitolite + +# This file is in perl syntax. But you do NOT need to know perl to edit it -- +# just mind the commas, use single quotes unless you know what you're doing, +# and make sure the brackets and braces stay matched up! + +# (Tip: perl allows a comma after the last item in a list also!) + +# HELP for commands (see COMMANDS list below) can be had by running the +# command with "-h" as the sole argument. + +# HELP for all the other external programs (the syntactic sugar helpers and +# the various programs/functions in the 8 trigger lists), can be found in +# doc/non-core.mkd (http://sitaramc.github.com/gitolite/non-core.html) or in +# the corresponding source file itself. + +%RC = ( + # if you're using mirroring, you need a hostname. This is *one* simple + # word, not a full domain name. See documentation if in doubt + # HOSTNAME => 'darkstar', + UMASK => 0027, + + # look in the "GIT-CONFIG" section in the README for what to do + GIT_CONFIG_KEYS => 'gitweb\.(owner|description)', + + # comment out if you don't need all the extra detail in the logfile + # LOG_EXTRA => 1, + + # settings used by external programs; uncomment and change as needed. You + # can add your own variables for use in your own external programs; take a + # look at the info and desc commands for perl and shell samples. + LOCAL_CODE => "$ENV{HOME}/.gitolite/local-code", + + # used by the CpuTime trigger + # DISPLAY_CPU_TIME => 1, + # CPU_TIME_WARN_LIMIT => 0.1, + # used by the desc command + # WRITER_CAN_UPDATE_DESC => 1, + # used by the info command + # SITE_INFO => 'dein GITOLITE.RC: SITE_INFO. Please see http://blahblah/gitolite for more help', + + # add more roles (like MANAGER, TESTER, ...) here. + # WARNING: if you make changes to this hash, you MUST run 'gitolite + # compile' afterward, and possibly also 'gitolite trigger POST_COMPILE' + ROLES => + { + READERS => 1, + WRITERS => 1, + MANAGER => 1, + }, + # uncomment (and change) this if you wish + # DEFAULT_ROLE_PERMS => 'READERS @all', + + # comment out or uncomment as needed + # these are available to remote users + COMMANDS => + { + 'help' => 1, + 'desc' => 1, + # 'fork' => 1, + 'info' => 1, + # 'mirror' => 1, + 'perms' => 1, + # 'sskm' => 1, + 'writable' => 1, + 'D' => 1, + }, + + # comment out or uncomment as needed + # these will run in sequence during the conf file parse + SYNTACTIC_SUGAR => + [ + # 'continuation-lines', + # 'keysubdirs-as-groups', + ], + + # comment out or uncomment as needed + # these will run in sequence to modify the input (arguments and environment) + INPUT => + [ + 'CpuTime::input', + # 'Shell::input', + # 'Alias::input', + # 'Mirroring::input', + ], + + # comment out or uncomment as needed + # these will run in sequence just after the first access check is done + ACCESS_1 => + [ + ], + + # comment out or uncomment as needed + # these will run in sequence just before the actual git command is invoked + PRE_GIT => + [ + 'renice 5', + 'pre-git-log-access', + # 'Mirroring::pre_git', + # 'partial-copy', + ], + + # comment out or uncomment as needed + # these will run in sequence just after the second access check is done + ACCESS_2 => + [ + ], + + # comment out or uncomment as needed + # these will run in sequence after the git command returns + POST_GIT => + [ + # 'Mirroring::post_git', + 'post-push', + 'CpuTime::post_git', + ], + + # comment out or uncomment as needed + # these will run in sequence before a new wild repo is created + PRE_CREATE => + [ + 'pre-create-init-repo', + ], + + # comment out or uncomment as needed + # these will run in sequence after a new repo is created + POST_CREATE => + [ + 'post-create-init-repo', + 'post-compile/update-git-configs', + 'post-compile/update-gitweb-access-list', + 'post-compile/update-git-daemon-access-list', + ], + + # comment out or uncomment as needed + # these will run in sequence after post-update + POST_COMPILE => + [ + 'post-compile/ssh-authkeys', + 'post-compile/update-git-configs', + 'post-compile/update-gitweb-access-list', + 'post-compile/update-git-daemon-access-list', + ], +); + +# ------------------------------------------------------------------------------ +# per perl rules, this should be the last line in such a file: +1; + +# Local variables: +# mode: perl +# End: +# vim: set syn=perl: diff --git a/roles/server/git-server/tasks/main.yml b/roles/server/git-server/tasks/main.yml new file mode 100644 index 0000000..c269b63 --- /dev/null +++ b/roles/server/git-server/tasks/main.yml @@ -0,0 +1,144 @@ +##################################### +### someone"s ansible provisioner ### +##################################### +# Part of: https://git.somenet.org/root/pub/somesible.git +# 2017-2024 by someone +# +--- +- name: install gitolite3 + apt: + pkg: + - markdown + - gitolite3 + state: present + policy_rc_d: 101 + tags: "online" + ignore_errors: "{{ignore_online_errors | bool}}" + + +- name: create git user + user: + name: "git" + home: "/srv/gitolite" + shell: "/bin/bash" + system: yes + state: present + + +- name: create gitolite homedir + file: + path: "/srv/gitolite" + state: directory + mode: 0710 + owner: "git" + group: "git" + + +- name: create gitolite .ssh dir + file: + path: "/srv/gitolite/.ssh" + state: directory + mode: 0700 + owner: "git" + group: "git" + + +- name: copy gitconfig + copy: + src: "{{item}}" + dest: "/srv/gitolite/.gitconfig" + mode: 0640 + owner: "git" + group: "git" + with_first_found: + - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/gitconfig" + - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/gitconfig" + - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/gitconfig" + - "default/gitconfig" + + +- name: copy gitolite.rc + copy: + src: "{{item}}" + dest: "/srv/gitolite/.gitolite.rc" + mode: 0640 + owner: "git" + group: "git" + with_first_found: + - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/gitolite.rc" + - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/gitolite.rc" + - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/gitolite.rc" + - "default/gitolite.rc" + + +- name: setup gitolite + command: "gitolite setup -a gitolite" + become: true + become_user: "git" + + +- name: fix project.list permissions + file: + path: "/srv/gitolite/projects.list" + state: file + mode: 0640 + owner: "git" + group: "git" + + +- name: fix repositories permissions + file: + path: "/srv/gitolite/repositories/" + state: directory + recurse: yes + mode: "u=rwX,g=rX,o-rwx" + owner: "git" + group: "git" + + +- name: copy compact_gitolite_repos.sh + copy: + src: "{{item}}" + dest: "/srv/gitolite/compact_gitolite_repos.sh" + mode: 0750 + owner: "git" + group: "git" + with_first_found: + - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/compact_gitolite_repos.sh" + - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/compact_gitolite_repos.sh" + - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/compact_gitolite_repos.sh" + - "default/compact_gitolite_repos.sh" + + +- name: copy compact_gitolite_repos.service to /etc/systemd/system/ + copy: + src: "{{item}}" + dest: "/etc/systemd/system/compact_gitolite_repos.service" + mode: 0644 + owner: "root" + group: "root" + with_first_found: + - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/compact_gitolite_repos.service" + - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/compact_gitolite_repos.service" + - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/compact_gitolite_repos.service" + - "default/compact_gitolite_repos.service" + + +- name: copy compact_gitolite_repos.timer to /etc/systemd/system/ + copy: + src: "{{item}}" + dest: "/etc/systemd/system/compact_gitolite_repos.timer" + mode: 0644 + owner: "root" + group: "root" + with_first_found: + - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/compact_gitolite_repos.timer" + - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/compact_gitolite_repos.timer" + - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/compact_gitolite_repos.timer" + - "default/compact_gitolite_repos.timer" + + +- name: enable and start compact_gitolite_repos.timer + include_role: name="base/systemd/enable-and-start" + vars: + service_name: compact_gitolite_repos.timer -- 2.43.0