Add cgit deploiement role with configuration

author: binary <me@rgoncalves.se> 2021-01-17 19:21:43 +0100
committer: binary <me@rgoncalves.se> 2021-01-17 19:22:13 +0100
commit: f83652e0e723af7afbeb3494ed888db76d5efa82 (patch)
tree: c0d11d4ededb8c3b1804e2bb9d8f05b67ad05bf8 /roles/cgit
parent: 58a81dc2ea748cf769d88b7515a39c6587d37ce2 (diff)
download: infrastructure-f83652e0e723af7afbeb3494ed888db76d5efa82.tar.gz
6 files changed, 148 insertions, 2 deletions
diff --git a/roles/cgit/files/about-filter.sh b/roles/cgit/files/about-filter.sh
new file mode 100644
index 0000000..6193824
--- /dev/null
+++ b/roles/cgit/files/about-filter.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+cat -
diff --git a/roles/cgit/meta/main.yml b/roles/cgit/meta/main.yml
index 99fcea4..02b67be 100644
--- a/roles/cgit/meta/main.yml
+++ b/roles/cgit/meta/main.yml
@@ -5,4 +5,5 @@
 ---
 
 dependencies:
-  - role: git
+  - { role: git, tags: "dependency" }
+  - { role: httpd_pre, tags: "dependency" }
diff --git a/roles/cgit/tasks/main.yml b/roles/cgit/tasks/main.yml
index 3a20a59..424a07e 100644
--- a/roles/cgit/tasks/main.yml
+++ b/roles/cgit/tasks/main.yml
@@ -9,6 +9,86 @@
     name: cgit
     state: present
 
+- name: generate cgit configuration file
+  template:
+    src: cgitrc.j2
+    dest: /var/www/conf/cgitrc
+    owner: "{{ user_root }}"
+    group: "{{ group_root }}"
+    mode: 0644
+
+- name: generate cgit configuration for httpd
+  template:
+    src: cgit.httpd.conf.j2
+    dest: /etc/httpd.d/cgit.conf
+    owner: "{{ user_root }}"
+    group: "{{ group_root }}"
+    mode: 0644
+
+- name: copy utility in httpd chroot
+  copy:
+    src: "/bin/{{ item }}"
+    dest: /var/www/bin
+    remote_src: true
+  loop:
+    - "sh"
+    - "cat"
+
+- name: copy about-filter generator
+  copy:
+    src: about-filter.sh
+    dest: /var/www/bin/about-filter.sh
+    owner: "{{ user_root }}"
+    group: "{{ group_root }}"
+    mode: 0755
+
+- name: unmount potential existing filesystem in target directory
+  shell: "umount /var/www/{{ cgit_git_dir_chroot }}"
+
+- name: ensure cgit web directory exists
+  file:
+    path: /var/www/{{ cgit_git_dir_chroot }}
+    owner: www
+    group: daemon
+    mode: 0644
+    state: directory
+
+- name: enable shared git directory in /etc/exports
+  lineinfile:
+    path: /etc/exports
+    regexp: "^{{ cgit_git_dir }}"
+    line: "{{ cgit_git_dir }} -mapall=root -alldirs -network=127.0.0.1 -mask=255.255.255.255 -ro"
+    owner: "{{ user_root }}"
+    group: "{{ group_root }}"
+    mode: 0644
+    create: true
+
+- name: enable shared git directory in /etc/exports
+  lineinfile:
+    path: /etc/fstab
+    regexp: "^localhost:{{ cgit_git_dir }}"
+    line: "localhost:{{ cgit_git_dir }} /var/www/{{ cgit_git_dir_chroot }} nfs rw,nodev,nosuid,soft,intr 0 0"
+
+- name: start and enable share directory
+  service:
+    name: "{{ item }}"
+    state: restarted
+    enabled: true
+  loop:
+    - "portmap"
+    - "nfsd"
+
+- name: start and enable mountd
+  shell: |
+    rcctl enable mountd
+    pkill -9 mountd
+    rcctl start mountd
+
+- name: ensure nfs volume is mounted
+  shell: mount -A
+  register: result
+  failed_when: result.rc != 0 and "Device busy" is not in result.stderr
+
 - name: start and enable slowcgi service
   service:
     name: slowcgi
diff --git a/roles/cgit/templates/cgit.httpd.conf.j2 b/roles/cgit/templates/cgit.httpd.conf.j2
new file mode 100644
index 0000000..a8b4707
--- /dev/null
+++ b/roles/cgit/templates/cgit.httpd.conf.j2
@@ -0,0 +1,17 @@
+
+# httpd ~~ /etc/httpd.d/cgit.conf"
+# managed by Ansible
+
+ext_ip="0.0.0.0"
+server "cgit" {
+	listen on $ext_ip port {{ cgit_port }}
+
+	# serve cgit static files directly: cgit.css and cgit.png
+	location "/cgit.*" {
+		root "/cgit"
+			no fastcgi	
+	}
+	# cgit CGI
+	root "/cgi-bin/cgit.cgi"
+	fastcgi socket "/run/slowcgi.sock"
+}
diff --git a/roles/cgit/templates/cgitrc.j2 b/roles/cgit/templates/cgitrc.j2
new file mode 100644
index 0000000..1c316f3
--- /dev/null
+++ b/roles/cgit/templates/cgitrc.j2
@@ -0,0 +1,37 @@
+
+# cgit ~~ /var/www/conf/cgitrc
+# managed by Ansible
+
+# visuals
+css={{ cgit_config_css }}
+logo={{ cgit_config_logo }}
+favicon={{ cgit_config_favicon }}
+
+# readme
+readme=:README.md
+readme=:README.org
+readme=:README
+about-filter=/bin/about-filter.sh
+
+# features
+enable-commit-graph=1
+enable-http-clone=1
+enable-index-links=1
+max-stats=quarter
+robots=noindex, nofollow
+
+# git
+clone-url=git://git.{{ global.domain_name }}/$CGIT_REPO_URL ssh://git@git.{{ global.domain_name }}/$CGIT_REPO_URL http://git.{{ global.domain_name }}/$CGIT_REPO_URL
+
+# instance id
+root-title=git.{{ global.domain_name }}
+root-desc={{ cgit_config_root_desc }}
+root-readme={{ cgit_config_root_readme }}
+
+# archives
+snapshots=tar.gz
+
+# sections
+section-from-path=1
+section-sort=1
+scan-path={{ cgit_git_dir_chroot }}
diff --git a/roles/cgit/vars/main.yml b/roles/cgit/vars/main.yml
index 70ab89a..aa2f526 100644
--- a/roles/cgit/vars/main.yml
+++ b/roles/cgit/vars/main.yml
@@ -6,4 +6,12 @@
 
 cgit_user: "git"
 cgit_group: "git"
-cgit_dir: "/data/git/"
+cgit_git_dir: "/data/git"
+cgit_git_dir_chroot: "/htdocs/cgit"
+cgit_port: 1235
+
+cgit_config_favicon: "http://rgoncalves.se/logo.png"
+cgit_config_logo: "http://rgoncalves.se/logo.png"
+cgit_config_css: "http://rgoncalves.se/style/cgit.css"
+cgit_config_root_desc: "development hub"
+cgit_config_root_readme: "http://rgoncalves.se"
author	binary <me@rgoncalves.se>	2021-01-17 19:21:43 +0100
committer	binary <me@rgoncalves.se>	2021-01-17 19:22:13 +0100
commit	f83652e0e723af7afbeb3494ed888db76d5efa82 (patch)
tree	c0d11d4ededb8c3b1804e2bb9d8f05b67ad05bf8 /roles/cgit
parent	58a81dc2ea748cf769d88b7515a39c6587d37ce2 (diff)
download	infrastructure-f83652e0e723af7afbeb3494ed888db76d5efa82.tar.gz