From 58a81dc2ea748cf769d88b7515a39c6587d37ce2 Mon Sep 17 00:00:00 2001 From: binary Date: Fri, 15 Jan 2021 15:48:42 +0100 Subject: Add nginx and sourcehut role --- roles/srht/tasks/main.yml | 92 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 roles/srht/tasks/main.yml (limited to 'roles/srht/tasks/main.yml') diff --git a/roles/srht/tasks/main.yml b/roles/srht/tasks/main.yml new file mode 100644 index 0000000..076557f --- /dev/null +++ b/roles/srht/tasks/main.yml @@ -0,0 +1,92 @@ + +# srht ~~ roles/srht/tasks/main.yml +# Srht git server + +--- + +- name: ensure srht repository is enabled + lineinfile: + path: /etc/apk/repositories + regexp: "^https://mirror.sr.ht" + line: "https://mirror.sr.ht/alpine/v3.12/sr.ht" + +- name: ensure signing key for sourcehut repository is installed + shell: | + wget -q -O /etc/apk/keys/alpine@sr.ht.rsa.pub https://mirror.sr.ht/alpine/alpine@sr.ht.rsa.pub + apk update + +- name: ensure sourcehut is installed + package: name="{{ item }}" state=present + loop: "{{ srht_services }}" + +- name: generate srht service key + shell: srht-keygen service | rev | cut -d " " -f 1 | rev + register: srht_key_service + +- name: generate srht network key + shell: srht-keygen network | rev | cut -d " " -f 1 | rev + register: srht_key_network + +- name: generate srht webhook key + shell: srht-keygen webhook | rev | cut -d " " -f 1 | rev + register: srht_key_webhook + +- name: generate srht nginx configuration + template: + src: "{{ item }}.srht.conf.j2" + dest: "/etc/nginx/conf.d/{{ item }}.srht.conf" + owner: "{{ user_root }}" + group: "{{ group_root }}" + mode: 0644 + loop: + - "meta" + - "hub" + +- name: generate srht example configuration + template: + src: config.ini.j2 + dest: /etc/sr.ht/config.example.ini + owner: "{{ user_root }}" + group: "{{ group_root }}" + mode: 0644 + +- name: debug hint for example configuration + debug: + msg: + - srht configuration example at /etc/sr.ht/config.example.ini + - copy and modify it to /etc/sr.ht/config.ini + +- name: create database for srht services + shell: psql -c 'create database "{{ item }}.sr.ht"' + register: result + failed_when: result.rc != 0 and "already exists" not in result.stderr + ignore_errors: true + loop: + - "meta" + - "git" + - "hub" + become: true + become_user: postgres + +- name: init database for srht services + shell: "{{ item }}srht-initdb" + loop: + - "meta" + - "git" + - "hub" + +- name: enable and restart srht services + service: + name: "{{ item }}" + state: restarted + enabled: true + loop: "{{ srht_services }}" + +- name: enable and restart srht api services + service: + name: "{{ item }}" + state: restarted + enabled: true + loop: + - "meta.sr.ht-api" + - "git.sr.ht-api" -- cgit v1.2.3