diff --git a/README.md b/README.md index 1eebca0..035f2fe 100644 --- a/README.md +++ b/README.md @@ -28,3 +28,9 @@ et `templates`. - config-cgit.conf : template de configuration pour la compilation de cgit. Ici, tout est installé dans le même dossier (/home/git). - cgit-nginx : template pour la configuration nginx de cgit +- cgitrc : la configuration de cgit + +### Clé SSH + +Pour pouvoir créer l'administrateur du git, il faut mettre sa clé SSH dans le +dossier `files` et changer la variable qui contient son nom (`admin_key`). diff --git a/main.yml b/main.yml index eda24be..d63108f 100644 --- a/main.yml +++ b/main.yml @@ -23,12 +23,8 @@ vars_files: - vars/sites.yml + - vars/cgit.yml vars: - git_user: "git" - home_user: "/home/{{ git_user }}" - path_tmp_cgit: "{{ home_user }}/tmp" - path_cgit: "{{ home_user }}/cgit" - path_gitolite: "{{ home_user }}/gitolite" pre_tasks: - name: update de la machine @@ -45,6 +41,7 @@ - certbot - git - sudo + - python3-pip roles: - installations diff --git a/roles/installations/tasks/cgit.yml b/roles/installations/tasks/cgit.yml index 3ef3546..0d6e1c6 100644 --- a/roles/installations/tasks/cgit.yml +++ b/roles/installations/tasks/cgit.yml @@ -32,6 +32,10 @@ - fcgiwrap - python3-zipp +- name: installation de pygments + ansible.builtin.pip: + name: pygments + - name: création utilisateur cgit ansible.builtin.user: name: "{{ git_user }}" @@ -45,7 +49,7 @@ repo: "https://git.zx2c4.com/cgit" single_branch: yes -- name: configuration de cgit +- name: configuration de la compilation de cgit template: src: "config-cgit.conf" dest: "{{ path_tmp_cgit }}/cgit.conf" @@ -60,6 +64,69 @@ chdir: "{{ path_tmp_cgit }}" target: install +- name: configuration de cgit + template: + src: "cgitrc" + dest: "{{ path_cgit }}" + mode: 0644 + +- name: clonage de gitolite + ansible.builtin.git: + dest: "{{ path_gitolite }}" + repo: "https://github.com/sitaramc/gitolite" + single_branch: yes + +- name: installation de gitolite + ansible.builtin.command: + cmd: "{{ path_gitolite }}/install -to {{ home_user }}/bin" + +- name: upload de la clé SSH de l'admin + ansible.builtin.copy: + src: "../files/{{ admin_key }}" + dest: "/tmp/{{ admin_key }}" + +- name: configuration du premier utilisateur + ansible.builtin.command: + cmd: "{{ home_user }}/bin/gitolite setup -pk /tmp/{{ admin_key }}" + +- name: déplacement des dossiers de configuration de gitolite + ansible.builtin.copy: + src: "/root/{{ item }}" + dest: "{{ home_user }}" + remote_src: yes + owner: "{{ git_user }}" + group: "{{ git_user }}" + loop: + - ".gitolite" + - ".gitolite.rc" + - "projects.list" + - "repositories" + +- name: configuration des droits du dossier repositories + file: + path: "{{ home_user }}/repositories" + mode: 0705 + state: directory + recurse: yes + +- name: configuration des droits des dossiers de cgit et gitolite + file: + path: "{{ item }}" + owner: "{{ git_user }}" + group: "{{ git_user }}" + recurse: yes + state: directory + loop: + - "{{ home_user }}/bin" + - "{{ path_cgit }}" + - "{{ path_gitolite }}" + +- name: configuration des dépots + ansible.builtin.lineinfile: + path: "{{ home_user }}/.gitolite.rc" + regex: "UMASK" + line: "\tUMASK => 0072," + - name: configuration de Nginx template: src: "cgit-nginx" @@ -72,51 +139,9 @@ dest: /etc/nginx/sites-enabled/cgit.conf state: link -- name: clonage de gitolite - ansible.builtin.git: - dest: "{{ path_gitolite }}" - repo: "https://github.com/sitaramc/gitolite" - single_branch: yes - -- name: configuration des droits des dossiers - file: - path: "{{ item }}" - owner: "{{ git_user }}" - group: "{{ git_user }}" - recurse: yes - state: directory - loop: - - "{{ home_user }}/bin" - - "{{ home_user }}/etc" - - "{{ path_cgit }}" - - "{{ path_gitolite }}" - -- name: installation de gitolite - command: - cmd: "{{ path_gitolite }}/install -to {{ home_user }}/bin" - -- name: création de la liste de projets - file: - path: "{{ home_user }}/projects.list" - mode: 0705 - state: touch - owner: "{{ git_user }}" - group: "{{ git_user }}" - -- name: configuration des droits du dossier repositories - file: - path: "{{ home_user }}/repositories" - mode: 0705 - state: directory - recurse: yes - owner: "{{ git_user }}" - group: "{{ git_user }}" - - name: démarrage par défaut de fcgiwrap ansible.builtin.service: name: fcgiwrap enabled: yes notify: - restart fcgiwrap - - # TODO fin de configuration de gitolite (premier utilisateur) diff --git a/roles/installations/templates/cgitrc b/roles/installations/templates/cgitrc new file mode 100644 index 0000000..ba09d79 --- /dev/null +++ b/roles/installations/templates/cgitrc @@ -0,0 +1,127 @@ +# Make cgit generate link using absolute URL +virtual-root=/ + +# Enable caching of up to 1000 output entriess +cache-size=1000 + +# cache time to live +cache-dynamic-ttl=5 +cache-repo-ttl=5 + +# Specify some default clone urls using macro expansion +clone-url=http://{{ cgit_site }}/$CGIT_REPO_URL git://{{ cgit_site }}/$CGIT_REPO_URL + +# Specify the css url +css=/cgit.css + +# Show owner on index page +enable-index-owner=1 + +# Source gitweb.description, gitweb.owner from each project config +enable-git-config=1 + +# Allow http transport git clone +enable-git-clone=1 + +# Show extra links for each repository on the index page +enable-index-links=1 + +# Remove .git suffix from project display +remove-suffix=1 + +# Enable ASCII art commit history graph on the log pages +enable-commit-graph=1 + +# Show number of affected files per commit on the log pages +enable-log-filecount=1 + +# Show number of added/removed lines per commit on the log pages +enable-log-linecount=1 + +# Sort branches by date +branch-sort=age + +# Add a cgit favicon +favicon=/favicon.ico + +# Use a custom logo +logo=/cgit.png + +# Enable statistics per week, month and quarter +max-stats=quarter + +# Set the title and heading of the repository index page +root-title=git de rick + +# Set a subheading for the repository index page +root-desc=Spread the code + +# Include some more info about example.com on the index page +#root-readme=/var/www/git/about.htm + +# Allow download of tar.gz, tar.bz2 and zip-files +snapshots=tar.bz2 zip + +## +## List of common mimetypes +## + +mimetype.gif=image/gif +mimetype.html=text/html +mimetype.jpg=image/jpeg +mimetype.jpeg=image/jpeg +mimetype.pdf=application/pdf +mimetype.png=image/png +mimetype.svg=image/svg+xml + +# Highlight source code with python pygments-based highligher +source-filter={{ path_cgit }}/filters/syntax-highlighting.py + +# Format markdown, restructuredtext, manpages, text files, and html files +# through the right converters +about-filter={{ path_cgit }}/filters/about-formatting.sh + +## +## Search for these files in the root of the default branch of repositories +## for coming up with the about page: +## +readme=:README.md +readme=:readme.md +readme=:README.mkd +readme=:readme.mkd +readme=:README.rst +readme=:readme.rst +readme=:README.html +readme=:readme.html +readme=:README.htm +readme=:readme.htm +readme=:README.txt +readme=:readme.txt +readme=:README +readme=:readme +readme=:INSTALL.md +readme=:install.md +readme=:INSTALL.mkd +readme=:install.mkd +readme=:INSTALL.rst +readme=:install.rst +readme=:INSTALL.html +readme=:install.html +readme=:INSTALL.htm +readme=:install.htm +readme=:INSTALL.txt +readme=:install.txt +readme=:INSTALL +readme=:install + +## +## List of repositories. +## PS: Any repositories listed when section is unset will not be +## displayed under a section heading +## PPS: This list could be kept in a different file (e.g. '/etc/cgitrepos') +## and included like this: +## include=/etc/cgitrepos +## + +project-list={{ home_user }}/projects.list +scan-path={{ home_user }}/repositories diff --git a/vars/cgit.yml b/vars/cgit.yml new file mode 100644 index 0000000..02c3e30 --- /dev/null +++ b/vars/cgit.yml @@ -0,0 +1,7 @@ +--- +git_user: "git" +home_user: "/home/{{ git_user }}" +path_tmp_cgit: "{{ home_user }}/tmp" +path_cgit: "{{ home_user }}/cgit" +path_gitolite: "{{ home_user }}/gitolite" +admin_key: "cgit.pub"