diff options
| -rw-r--r-- | roles/copr/dist_git/files/dist-git-epel-7.repo | 17 | ||||
| -rw-r--r-- | roles/copr/dist_git/files/dist-git.conf | 67 | ||||
| -rw-r--r-- | roles/copr/dist_git/files/httpd/dist-git/git-smart-http.conf | 7 | ||||
| -rw-r--r-- | roles/copr/dist_git/files/httpd/dist-git/lookaside.conf | 6 | ||||
| -rw-r--r-- | roles/copr/dist_git/tasks/main.yml | 77 | ||||
| -rw-r--r-- | roles/copr/dist_git/templates/cgitrc | 2 | ||||
| -rw-r--r-- | roles/copr/dist_git/templates/cgitrc.slow | 4 |
7 files changed, 20 insertions, 160 deletions
diff --git a/roles/copr/dist_git/files/dist-git-epel-7.repo b/roles/copr/dist_git/files/dist-git-epel-7.repo deleted file mode 100644 index 856cdaa4f..000000000 --- a/roles/copr/dist_git/files/dist-git-epel-7.repo +++ /dev/null @@ -1,17 +0,0 @@ -[asamalik-dist-git] -name=Copr repo for dist-git owned by asamalik -baseurl=https://copr-be.cloud.fedoraproject.org/results/asamalik/dist-git/epel-7-$basearch/ -skip_if_unavailable=True -gpgcheck=1 -gpgkey=https://copr-be.cloud.fedoraproject.org/results/asamalik/dist-git/pubkey.gpg -enabled=1 -enabled_metadata=1 - -[msuchy-copr] -name=Copr repo for copr owned by msuchy -baseurl=https://copr-be.cloud.fedoraproject.org/results/@copr/copr/epel-7-$basearch/ -skip_if_unavailable=True -gpgcheck=1 -gpgkey=https://copr-be.cloud.fedoraproject.org/results/@copr/copr/pubkey.gpg -enabled=1 -enabled_metadata=1 diff --git a/roles/copr/dist_git/files/dist-git.conf b/roles/copr/dist_git/files/dist-git.conf index 4144b4405..a6401eb03 100644 --- a/roles/copr/dist_git/files/dist-git.conf +++ b/roles/copr/dist_git/files/dist-git.conf @@ -1,62 +1,7 @@ -# What to do AFTER changing this config: -# 1. /etc/gitolite/admins <- usernames of gitolite admins -# 2. /etc/cron.d/dist-git/dist_git_sync.cron <- enable auto-sync -# /cgit_pkg_list.cron <- enable cgit auto-sync - - -[acls] - -# user groups on the server associated with dist-git -# example: -# user_groups=cvsadmin,fedora-arm,fedora-sparc,fedora-ia64,fedora-s390,fedora-ppc,provenpackager -user_groups=cvsadmin -# user groups with write access to all repositories -# example: -# admin_groups=cvsadmin,fedora-arm,fedora-s390,fedora-ppc -admin_groups=cvsadmin - -# comma separated list of active branches to create ACLs for -# example: -active_branches=el5,el6,el7,epel7,f22,f23,f24,master,custom1 - -# a "regex"ish list of the reserved branches -# example: -# reserved_branches=f[0-9][0-9],epel[0-9],epel[0-9][0-9],el[0-9],olpc[0-9] -reserved_branches=f[0-9][0-9],epel[0-9],epel[0-9][0-9],el[0-9],olpc[0-9],custom[0-9] - -# url of package database - acls (data in json format) -# You can leave it empty if you don't want to use it. -# example: -# pkgdb_acls_url=https://admin.fedoraproject.org/pkgdb/api/vcs?format=json -pkgdb_acls_url= - -# url of package database - groups (data in json format) -# You can leave it empty if you don't want to use it. -# example: -# pkgdb_groups_url=https://admin.fedoraproject.org/pkgdb/api/groups?format=json -pkgdb_groups_url= - - - -[notifications] - -# email notifications: -# example: -# email_domain=fedoraproject.org -email_domain=example.com - -# List of email adresses to be notified about changes -# $PACKAGE can be used as a package name -# example: -# pkg_owner_emails=$PACKAGE-owner@fedoraproject.org,scm-commits@lists.fedoraproject.org -pkg_owner_emails=$PACKAGE-owner@example.com,commits@lists.example.com - - - -[git] - -# the default author of git branches -# example: -# default_branch_author=Fedora Release Engineering <rel-eng@lists.fedoraproject.org> -default_branch_author=Copr Dist Git <copr-devel@lists.fedoraproject.org> +[dist-git] +git_author_name = Copr Dist Git +git_author_email = <copr-devel@lists.fedoraproject.org> +cache_dir = /var/lib/dist-git/cache +gitroot_dir = /var/lib/dist-git/git +gitolite = False diff --git a/roles/copr/dist_git/files/httpd/dist-git/git-smart-http.conf b/roles/copr/dist_git/files/httpd/dist-git/git-smart-http.conf deleted file mode 100644 index af4427b82..000000000 --- a/roles/copr/dist_git/files/httpd/dist-git/git-smart-http.conf +++ /dev/null @@ -1,7 +0,0 @@ -SetEnv GIT_PROJECT_ROOT /var/lib/dist-git/git/rpms -SetEnv GIT_HTTP_EXPORT_ALL -ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/ -<Directory /usr/libexec/git-core> - Options +ExecCGI - Require all granted -</Directory> diff --git a/roles/copr/dist_git/files/httpd/dist-git/lookaside.conf b/roles/copr/dist_git/files/httpd/dist-git/lookaside.conf deleted file mode 100644 index d967d1b0f..000000000 --- a/roles/copr/dist_git/files/httpd/dist-git/lookaside.conf +++ /dev/null @@ -1,6 +0,0 @@ -alias /lookaside /var/lib/dist-git/cache/lookaside -<Directory /var/lib/dist-git/cache/lookaside> - Options Indexes FollowSymLinks - AllowOverride None - Require all granted -</Directory> diff --git a/roles/copr/dist_git/tasks/main.yml b/roles/copr/dist_git/tasks/main.yml index 79602f79c..819d446fe 100644 --- a/roles/copr/dist_git/tasks/main.yml +++ b/roles/copr/dist_git/tasks/main.yml @@ -1,105 +1,60 @@ - include: "mount_fs.yml" -#- copy: src="dist-git-epel-7.repo" dest="/etc/yum.repos.d/" - # pre-create users/groups and copy uids/gids from the current prod copr-dist-git - group: name="packager" state=present gid=987 -- group: name="cvsadmin" state=present gid=1001 -- group: name="copr-dist-git" state=present gid=1002 -- group: name="copr-service" state=present gid=1003 - -- name: create user for git repos - user: name="copr-dist-git" group=copr-dist-git groups=cvsadmin,packager uid=1001 +- group: name="copr-dist-git" state=present gid=1003 -- name: create user for copr-dist-git service - user: name="copr-service" group=copr-service groups=packager,docker,apache,mock generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa uid=1002 +- name: create user for git repos and copr-dist-git service + user: name="copr-dist-git" group=copr-dist-git groups=packager,docker,apache,mock uid=1002 - name: enable copr dist-git repo shell: "dnf -y copr enable clime/dist-git" - when: devel - -- name: install dist-git - dnf: state=latest name="dist-git" - name: install packages dnf: state=present name={{ item }} with_items: - #- epel-release - cgit -# - dist-git - copr-dist-git - rdiff-backup - tmpwatch - highlight -- name: install copr-dist-git +- name: install latest dist-git and copr-dist-git dnf: state=latest name={{ item }} with_items: + - dist-git + - dist-git-selinux - copr-dist-git - name: switch selinux to permissive selinux: policy=targeted state=permissive -- name: ensure git storage path exists - file: path="/var/lib/dist-git/git" state=directory group=packager mode=0775 -#- file: path="/var/lib/dist-git/git/pkgs-git-repos-list" state=file group=packager -# - file: path="/var/lib/dist-git/git/rpms/" state=directory group=packager - when: not devel - -- name: install packages which should be added as requirements - dnf: state=present name={{ item }} - with_items: - - pyrpkg - -- name: make sure directories are owned by copr-service user - file: path={{ item }} owner=copr-service group=copr-service state=directory recurse=yes +- name: make sure directories are owned by copr-dist-git user + file: path={{ item }} owner=copr-dist-git group=copr-dist-git state=directory recurse=yes with_items: - /var/lib/copr-dist-git/ - /var/log/copr-dist-git/ -- name: make sure directories are owned by copr-service:packager user - file: path=/var/lib/dist-git/git owner=copr-service group=packager - when: not devel - -# set ssh key, so that copr-service could access gitolite -- name: read pub key into var - command: cat /home/copr-service/.ssh/id_rsa.pub - register: cat_pubkey - check_mode: no - changed_when: false - -- set_fact: pubkey="{{cat_pubkey.stdout|join('')}}" - -- debug: msg={{pubkey}} - -- name: prepare authorized key, so copr-service could interact with gitolite - authorized_key: user="copr-dist-git" key="{{pubkey}}" key_options="command=\"HOME=/var/lib/dist-git/git/ /usr/share/gitolite3/gitolite-shell $USER \"'" - when: not devel -## keys done - - name: install config for copr-dist-git template: src=copr-dist-git.conf.j2 dest=/etc/copr/copr-dist-git.conf mode=0644 tags: - config -- name: set git variables for copr-service user - copy: src=".gitconfig" dest="/home/copr-service/.gitconfig" +- name: set git variables for copr-dist-git user + copy: src=".gitconfig" dest="/home/copr-dist-git/.gitconfig" - name: set git config username git_config: name=user.name scope=global value="Copr dist git" -- name: install httpd config to serve lookaside and smart-git +- name: install httpd config needed for COPR lookaside cache copy: src="httpd/dist-git/{{ item }}" dest="/etc/httpd/conf.d/dist-git/{{ item }}" with_items: - - lookaside.conf - lookaside-copr.conf - - git-smart-http.conf tags: - config notify: - reload httpd - - name: install copr-dist-git httpd config copy: src="httpd/{{ item }}" dest="/etc/httpd/conf.d/{{ item }}" with_items: @@ -117,15 +72,10 @@ tags: - config -- copy: src="ssh_config" dest="/home/copr-service/.ssh/config" owner=copr-service group=copr-service mode=0600 - - template: src="cgitrc" dest="/etc/cgitrc" owner=root group=root mode=0644 - template: src="cgitrc.slow" dest="/etc/cgitrc.slow" owner=root group=root mode=0644 -- command: "/usr/share/dist-git/dist_git_sync.sh" - when: not devel - - name: allow httpd to run cgit seboolean: name=httpd_enable_cgi state=true persistent=true @@ -146,8 +96,3 @@ - name: Create /var/cache/cgit/repo-list.rc if does not exists (it last 30 minutes to generate) command: /etc/cron.hourly/copr-dist-git creates=/var/cache/cgit/repo-list.rc - -- name: install dist-git-selinux package - dnf: state=present name={{ item }} - with_items: - - dist-git-selinux # this takes several hours to finish due to fs relabelling diff --git a/roles/copr/dist_git/templates/cgitrc b/roles/copr/dist_git/templates/cgitrc index 658cadf72..1b5f96a31 100644 --- a/roles/copr/dist_git/templates/cgitrc +++ b/roles/copr/dist_git/templates/cgitrc @@ -80,6 +80,6 @@ source-filter=/usr/libexec/cgit/filters/syntax-highlighting.sh #repo.owner=fooman@example.com #repo.readme=info/web/about.html project-list=/var/lib/copr-dist-git/cgit_pkg_list -#scan-path=/var/lib/dist-git/git/repositories +#scan-path=/var/lib/dist-git/git include=/var/cache/cgit/repo-list.rc clone-prefix=http://{{ dist_git_base_url }}/git diff --git a/roles/copr/dist_git/templates/cgitrc.slow b/roles/copr/dist_git/templates/cgitrc.slow index 8af9069e9..f06c932d6 100644 --- a/roles/copr/dist_git/templates/cgitrc.slow +++ b/roles/copr/dist_git/templates/cgitrc.slow @@ -80,6 +80,6 @@ mimetype.svg=image/svg+xml #repo.owner=fooman@example.com #repo.readme=info/web/about.html project-list=/var/lib/copr-dist-git/cgit_pkg_list -#scan-path=/var/lib/dist-git/git/rpms +#scan-path=/var/lib/dist-git/git clone-prefix=http://copr-dist-git.fedorainfracloud.org/git -scan-path=/var/lib/dist-git/git/rpms +scan-path=/var/lib/dist-git/git |