Tag git setup foo

2020-12-30 11:38:27 +01:00 · 2020-12-30 11:38:27 +01:00 · 6fbea50682
commit 6fbea50682
--- a/gerboweb/deploy/cgit-logo-orig.png
+++ b/gerboweb/deploy/cgit-logo-orig.png
--- a/gerboweb/deploy/cgit-logo.png
+++ b/gerboweb/deploy/cgit-logo.png
--- a/gerboweb/deploy/cgitrc
+++ b/gerboweb/deploy/cgitrc
@ -1,11 +1,24 @@
 css=/cgit.css
-logo= /cgit.png
+logo=/cgit.png

 enable-http-clone=1
 robots=noindex, nofollow
 virtual-root=/

 readme=:README.rst
+readme=:readme.rst
+readme=:README.md
+readme=:readme.md
+readme=:README.txt
+readme=:readme.txt
+readme=:README.mkd
+readme=:readme.mkd
+readme=:README.htm
+readme=:readme.htm
+readme=:README.html
+readme=:readme.html
+readme=:README
+readme=:readme
 about-filter=/usr/libexec/cgit/filters/about-formatting.sh

 enable-index-links=1
@ -18,3 +31,11 @@ source-filter=/usr/libexec/cgit/filters/syntax-highlighting.py

 project-list=/var/lib/gitolite3/projects.list
 scan-path=/var/lib/gitolite3/repositories
+
+mimetype.gif=image/gif
+mimetype.html=text/html
+mimetype.jpg=image/jpeg
+mimetype.jpeg=image/jpeg
+mimetype.pdf=application/pdf
+mimetype.png=image/png
+mimetype.svg=image/svg+xml
--- a/gerboweb/deploy/playbook.yml
+++ b/gerboweb/deploy/playbook.yml
@ -35,20 +35,24 @@
  hosts: wendelstein
  tasks:
    - name: Set hostname
+      tags: setup
      hostname:
        name: wendelstein.jaseg.net

    - name: Install common admin tools
+      tags: setup
      dnf:
        name: htop,tmux,fish,mosh,neovim,sqlite
        state: latest

    - name: Install host requisites
+      tags: setup
      dnf:
          name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,python3-libselinux,git,iptables-services,python3-pycryptodomex,zip,python3-uwsgidecorators,nsd
          state: latest

    - name: Disable password-based root login
+      tags: setup
      lineinfile:
        path: /etc/ssh/sshd_config
        regexp: '^PermitRootLogin'
@ -56,12 +60,14 @@
      register: disable_root_pw_ssh

    - name: Restart sshd
+      tags: setup
      systemd:
          name: sshd
          state: restarted
      when: disable_root_pw_ssh is changed

    - name: Configure iptables firewall service
+      tags: setup
      copy:
        src: iptables.rules
        dest: /etc/sysconfig/iptables
@ -70,13 +76,18 @@
        mode: 0664

    - name: Enable iptables firewall service
+      tags: setup
      systemd:
        name: iptables
        enabled: yes
        state: started

    - name: Create containers
-      include_tasks: setup_containers.yml
+      tags: setup
+      include_tasks:
+          file: setup_containers.yml
+          apply:
+              tags: setup
      vars:
        containers:
          - gerboweb
@ -84,31 +95,72 @@
          - pogojig

    - name: Setup web server
-      include_tasks: setup_webserver.yml
+      tags: www
+      include_tasks:
+          file: setup_webserver.yml
+          apply:
+              tags: www

    - name: Setup gerboweb
-      include_tasks: setup_gerboweb.yml
+      tags: gerboweb
+      include_tasks:
+          file: setup_gerboweb.yml
+          apply: 
+              tags: gerboweb

    - name: Setup clippy
-      include_tasks: setup_clippy.yml
+      tags: clippy
+      include_tasks:
+          file: setup_clippy.yml
+          apply:
+              tags: clippy

    - name: Setup secure download
-      include_tasks: setup_secure_download.yml
+      tags: secure-download
+      include_tasks:
+          file: setup_secure_download.yml
+          apply:
+              tags: secure-download

    - name: Setup tracespace
-      include_tasks: setup_tracespace.yml
+      tags: pogojig
+      include_tasks:
+          file: setup_tracespace.yml
+          apply:
+              tags: pogojig

    - name: Setup openjscad
-      include_tasks: setup_openjscad.yml
+      tags: pogojig
+      include_tasks:
+          file: setup_openjscad.yml
+          apply:
+              tags: pogojig

    - name: Setup pogojig
-      include_tasks: setup_pogojig.yml
+      tags: pogojig
+      include_tasks:
+          file: setup_pogojig.yml
+          apply:
+              tags: pogojig

    - name: Setup notification proxy
-      include_tasks: setup_notification_proxy.yml
+      tags: notification-proxy
+      include_tasks:
+          file: setup_notification_proxy.yml
+          apply:
+              tags:
+                  notification-proxy

    - name: Setup semi-public git server
-      include_tasks: setup_git.yml
+      tags: git
+      include_tasks:
+          file: setup_git.yml
+          apply:
+              tags: git

    - name: Setup private DynDNS service
-      include_tasks: setup_dyndns.yml
+      tags: dyndns
+      include_tasks:
+          file: setup_dyndns.yml
+          apply:
+              tags: dyndns
--- a/gerboweb/deploy/setup_git.yml
+++ b/gerboweb/deploy/setup_git.yml
@ -43,26 +43,34 @@
      name: uwsgi-app@cgit.socket
      enabled: yes

- name: Copy gitolite admin pubkey
-  copy:
-      src: ~/.ssh/id_ed25519.gitolite.pub
-      dest: /tmp/jaseg-gitolite.pub
-      owner: gitolite3
-      group: gitolite3
+- name: Check if gitolite ssh config exists
+  stat:
+      path: /var/lib/gitolite3/.ssh/authorized_keys
+  register: gitolite_ssh_keys_stat

- name: Run gitolite initialization
-  command: gitolite setup -pk /tmp/jaseg-gitolite.pub
-  become: true
-  become_method: su
-  become_user: gitolite3
-  become_flags: '-s /bin/sh'
-  args:
-      creates: /var/lib/gitolite3/projects.list
+- name: Gitolite admin key setup
+  block:
+    - name: Copy gitolite admin pubkey
+      copy:
+          src: ~/.ssh/id_ed25519.gitolite.pub
+          dest: /tmp/jaseg-gitolite.pub
+          owner: gitolite3
+          group: gitolite3

- name: Remove leftover admin pubkey
-  file:
-      state: absent
-      path: /tmp/jaseg-gitolite.pub
+    - name: Run gitolite initialization
+      command: gitolite setup -pk /tmp/jaseg-gitolite.pub
+      become: true
+      become_method: su
+      become_user: gitolite3
+      become_flags: '-s /bin/sh'
+      args:
+          creates: /var/lib/gitolite3/projects.list
+
+    - name: Remove leftover admin pubkey
+      file:
+          state: absent
+          path: /tmp/jaseg-gitolite.pub
+  when: not gitolite_ssh_keys_stat.stat.exists

 - name: Allow uwsgi group to access gitolite repo dir
  file:
@ -113,3 +121,9 @@
      home: "{{ getent_passwd['gitolite3'][4] }}"
      uid: "{{ getent_passwd['gitolite3'][1] }}"

+- name: Hack to fix cgit handling for restructuredtext readmes
+  file:
+      src: /usr/bin/rst2html
+      dest: /usr/bin/rst2html.py
+      state: link
+