aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--roles/git/tasks/main.yml42
-rw-r--r--roles/git/templates/no-interactive-login.j27
-rw-r--r--roles/git/vars/main.yml1
3 files changed, 46 insertions, 4 deletions
diff --git a/roles/git/tasks/main.yml b/roles/git/tasks/main.yml
index 24a9d2d..70b887d 100644
--- a/roles/git/tasks/main.yml
+++ b/roles/git/tasks/main.yml
@@ -4,18 +4,26 @@
---
-- name: create git group
+- name: ensure git package is present
+ package: name=git state=present
+
+- name: ensure git group exists
group:
name: "{{ git_group }}"
state: present
-- name: create git user
+- name: ensure git user exists
user:
name: "{{ git_user }}"
group: "{{ git_group }}"
- shell: "{{ path_gitshell }}"
+ shell: "{{ git_shell }}"
+ home: "/home/{{ git_user }}"
+ create_home: false
+
+- name: ensure git home directory is not created
+ file: path="/home/{{ git_user }}" state=absent
-- name: create git-only directory
+- name: ensure git-only directory exists
file:
path: "{{ git_dir }}"
owner: "{{ git_user }}"
@@ -23,3 +31,29 @@
state: directory
mode: 0750
+- name: link git user home directory with git root repository
+ file:
+ src: "{{ git_dir }}"
+ dest: "/home/{{ git_user }}"
+ owner: "{{ git_user }}"
+ group: "{{ git_group }}"
+ mode: 0750
+ force: true
+ state: link
+
+- name: ensure git-shell-commands directory exists
+ file:
+ path: "/home/{{ git_user }}/git-shell-commands"
+ owner: "{{ git_user }}"
+ group: "{{ git_group }}"
+ state: directory
+ mode: 0755
+
+- name: generate git-shell no-login prompt
+ template:
+ src: no-interactive-login.j2
+ dest: "/home/{{ git_user }}/git-shell-commands/no-interactive-login"
+ owner: "{{ git_user }}"
+ group: "{{ git_group }}"
+ mode: 0744
+ when: git_nologin is defined and git_nologin
diff --git a/roles/git/templates/no-interactive-login.j2 b/roles/git/templates/no-interactive-login.j2
new file mode 100644
index 0000000..bfe6011
--- /dev/null
+++ b/roles/git/templates/no-interactive-login.j2
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+cat <<EOF
+ ▍ git
+ ▍
+ ▍no-interactive-login
+EOF
diff --git a/roles/git/vars/main.yml b/roles/git/vars/main.yml
index 7e02867..6f7ffb8 100644
--- a/roles/git/vars/main.yml
+++ b/roles/git/vars/main.yml
@@ -8,3 +8,4 @@ git_user: "git"
git_group: "git"
git_dir: "/data/git"
+git_shell: "/bin/sh"
remember that computers suck.