diff options
Diffstat (limited to 'roles')
-rw-r--r-- | roles/git/tasks/main.yml | 42 | ||||
-rw-r--r-- | roles/git/templates/no-interactive-login.j2 | 7 | ||||
-rw-r--r-- | roles/git/vars/main.yml | 1 |
3 files changed, 46 insertions, 4 deletions
diff --git a/roles/git/tasks/main.yml b/roles/git/tasks/main.yml index 24a9d2d..70b887d 100644 --- a/roles/git/tasks/main.yml +++ b/roles/git/tasks/main.yml @@ -4,18 +4,26 @@ --- -- name: create git group +- name: ensure git package is present + package: name=git state=present + +- name: ensure git group exists group: name: "{{ git_group }}" state: present -- name: create git user +- name: ensure git user exists user: name: "{{ git_user }}" group: "{{ git_group }}" - shell: "{{ path_gitshell }}" + shell: "{{ git_shell }}" + home: "/home/{{ git_user }}" + create_home: false + +- name: ensure git home directory is not created + file: path="/home/{{ git_user }}" state=absent -- name: create git-only directory +- name: ensure git-only directory exists file: path: "{{ git_dir }}" owner: "{{ git_user }}" @@ -23,3 +31,29 @@ state: directory mode: 0750 +- name: link git user home directory with git root repository + file: + src: "{{ git_dir }}" + dest: "/home/{{ git_user }}" + owner: "{{ git_user }}" + group: "{{ git_group }}" + mode: 0750 + force: true + state: link + +- name: ensure git-shell-commands directory exists + file: + path: "/home/{{ git_user }}/git-shell-commands" + owner: "{{ git_user }}" + group: "{{ git_group }}" + state: directory + mode: 0755 + +- name: generate git-shell no-login prompt + template: + src: no-interactive-login.j2 + dest: "/home/{{ git_user }}/git-shell-commands/no-interactive-login" + owner: "{{ git_user }}" + group: "{{ git_group }}" + mode: 0744 + when: git_nologin is defined and git_nologin diff --git a/roles/git/templates/no-interactive-login.j2 b/roles/git/templates/no-interactive-login.j2 new file mode 100644 index 0000000..bfe6011 --- /dev/null +++ b/roles/git/templates/no-interactive-login.j2 @@ -0,0 +1,7 @@ +#!/bin/sh + +cat <<EOF + ▍ git + ▍ + ▍no-interactive-login +EOF diff --git a/roles/git/vars/main.yml b/roles/git/vars/main.yml index 7e02867..6f7ffb8 100644 --- a/roles/git/vars/main.yml +++ b/roles/git/vars/main.yml @@ -8,3 +8,4 @@ git_user: "git" git_group: "git" git_dir: "/data/git" +git_shell: "/bin/sh" |