From f83652e0e723af7afbeb3494ed888db76d5efa82 Mon Sep 17 00:00:00 2001 From: binary Date: Sun, 17 Jan 2021 19:21:43 +0100 Subject: Add cgit deploiement role with configuration --- roles/cgit/files/about-filter.sh | 3 ++ roles/cgit/meta/main.yml | 3 +- roles/cgit/tasks/main.yml | 80 +++++++++++++++++++++++++++++++++ roles/cgit/templates/cgit.httpd.conf.j2 | 17 +++++++ roles/cgit/templates/cgitrc.j2 | 37 +++++++++++++++ roles/cgit/vars/main.yml | 10 ++++- 6 files changed, 148 insertions(+), 2 deletions(-) create mode 100644 roles/cgit/files/about-filter.sh create mode 100644 roles/cgit/templates/cgit.httpd.conf.j2 create mode 100644 roles/cgit/templates/cgitrc.j2 diff --git a/roles/cgit/files/about-filter.sh b/roles/cgit/files/about-filter.sh new file mode 100644 index 0000000..6193824 --- /dev/null +++ b/roles/cgit/files/about-filter.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +cat - diff --git a/roles/cgit/meta/main.yml b/roles/cgit/meta/main.yml index 99fcea4..02b67be 100644 --- a/roles/cgit/meta/main.yml +++ b/roles/cgit/meta/main.yml @@ -5,4 +5,5 @@ --- dependencies: - - role: git + - { role: git, tags: "dependency" } + - { role: httpd_pre, tags: "dependency" } diff --git a/roles/cgit/tasks/main.yml b/roles/cgit/tasks/main.yml index 3a20a59..424a07e 100644 --- a/roles/cgit/tasks/main.yml +++ b/roles/cgit/tasks/main.yml @@ -9,6 +9,86 @@ name: cgit state: present +- name: generate cgit configuration file + template: + src: cgitrc.j2 + dest: /var/www/conf/cgitrc + owner: "{{ user_root }}" + group: "{{ group_root }}" + mode: 0644 + +- name: generate cgit configuration for httpd + template: + src: cgit.httpd.conf.j2 + dest: /etc/httpd.d/cgit.conf + owner: "{{ user_root }}" + group: "{{ group_root }}" + mode: 0644 + +- name: copy utility in httpd chroot + copy: + src: "/bin/{{ item }}" + dest: /var/www/bin + remote_src: true + loop: + - "sh" + - "cat" + +- name: copy about-filter generator + copy: + src: about-filter.sh + dest: /var/www/bin/about-filter.sh + owner: "{{ user_root }}" + group: "{{ group_root }}" + mode: 0755 + +- name: unmount potential existing filesystem in target directory + shell: "umount /var/www/{{ cgit_git_dir_chroot }}" + +- name: ensure cgit web directory exists + file: + path: /var/www/{{ cgit_git_dir_chroot }} + owner: www + group: daemon + mode: 0644 + state: directory + +- name: enable shared git directory in /etc/exports + lineinfile: + path: /etc/exports + regexp: "^{{ cgit_git_dir }}" + line: "{{ cgit_git_dir }} -mapall=root -alldirs -network=127.0.0.1 -mask=255.255.255.255 -ro" + owner: "{{ user_root }}" + group: "{{ group_root }}" + mode: 0644 + create: true + +- name: enable shared git directory in /etc/exports + lineinfile: + path: /etc/fstab + regexp: "^localhost:{{ cgit_git_dir }}" + line: "localhost:{{ cgit_git_dir }} /var/www/{{ cgit_git_dir_chroot }} nfs rw,nodev,nosuid,soft,intr 0 0" + +- name: start and enable share directory + service: + name: "{{ item }}" + state: restarted + enabled: true + loop: + - "portmap" + - "nfsd" + +- name: start and enable mountd + shell: | + rcctl enable mountd + pkill -9 mountd + rcctl start mountd + +- name: ensure nfs volume is mounted + shell: mount -A + register: result + failed_when: result.rc != 0 and "Device busy" is not in result.stderr + - name: start and enable slowcgi service service: name: slowcgi diff --git a/roles/cgit/templates/cgit.httpd.conf.j2 b/roles/cgit/templates/cgit.httpd.conf.j2 new file mode 100644 index 0000000..a8b4707 --- /dev/null +++ b/roles/cgit/templates/cgit.httpd.conf.j2 @@ -0,0 +1,17 @@ + +# httpd ~~ /etc/httpd.d/cgit.conf" +# managed by Ansible + +ext_ip="0.0.0.0" +server "cgit" { + listen on $ext_ip port {{ cgit_port }} + + # serve cgit static files directly: cgit.css and cgit.png + location "/cgit.*" { + root "/cgit" + no fastcgi + } + # cgit CGI + root "/cgi-bin/cgit.cgi" + fastcgi socket "/run/slowcgi.sock" +} diff --git a/roles/cgit/templates/cgitrc.j2 b/roles/cgit/templates/cgitrc.j2 new file mode 100644 index 0000000..1c316f3 --- /dev/null +++ b/roles/cgit/templates/cgitrc.j2 @@ -0,0 +1,37 @@ + +# cgit ~~ /var/www/conf/cgitrc +# managed by Ansible + +# visuals +css={{ cgit_config_css }} +logo={{ cgit_config_logo }} +favicon={{ cgit_config_favicon }} + +# readme +readme=:README.md +readme=:README.org +readme=:README +about-filter=/bin/about-filter.sh + +# features +enable-commit-graph=1 +enable-http-clone=1 +enable-index-links=1 +max-stats=quarter +robots=noindex, nofollow + +# git +clone-url=git://git.{{ global.domain_name }}/$CGIT_REPO_URL ssh://git@git.{{ global.domain_name }}/$CGIT_REPO_URL http://git.{{ global.domain_name }}/$CGIT_REPO_URL + +# instance id +root-title=git.{{ global.domain_name }} +root-desc={{ cgit_config_root_desc }} +root-readme={{ cgit_config_root_readme }} + +# archives +snapshots=tar.gz + +# sections +section-from-path=1 +section-sort=1 +scan-path={{ cgit_git_dir_chroot }} diff --git a/roles/cgit/vars/main.yml b/roles/cgit/vars/main.yml index 70ab89a..aa2f526 100644 --- a/roles/cgit/vars/main.yml +++ b/roles/cgit/vars/main.yml @@ -6,4 +6,12 @@ cgit_user: "git" cgit_group: "git" -cgit_dir: "/data/git/" +cgit_git_dir: "/data/git" +cgit_git_dir_chroot: "/htdocs/cgit" +cgit_port: 1235 + +cgit_config_favicon: "http://rgoncalves.se/logo.png" +cgit_config_logo: "http://rgoncalves.se/logo.png" +cgit_config_css: "http://rgoncalves.se/style/cgit.css" +cgit_config_root_desc: "development hub" +cgit_config_root_readme: "http://rgoncalves.se" -- cgit v1.2.3