gitolite.pp 3.56 KB
Newer Older
intrigeri's avatar
intrigeri committed
1
# Wrapper around the gitolite class with Tails-specific functionality and stuff
2
class tails::gitolite (
intrigeri's avatar
intrigeri committed
3
  $with_git_annex            = false,
4
  $git_annex_use_backport    = false,
5
  $git_annex_with_recommends = 'default',
6
) {
intrigeri's avatar
intrigeri committed
7
8

  class { '::gitolite':
9
10
11
    admin_key         => 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+mdQZg1zWYTOwYvs9Anhn+SIAVsg47gj/nGdjVTZu9hehX9GCeU40OwI0qKIASpegweELwHjuRZ5Fhx9UGKYlWKa+fT/xpYg7wGeXM65N4KmzcppyYHjErerGPNbA4glAsmUmmv/IG69hgHVhezclu64lj6KeIYvyD6kEv1mu4yts584tLOip1Sig3XS4dyB5BRqDhD60CN5qQ55kYCLRxw6QfResl+Dqw6GDa8FOuHik0IESGaRAHqVeR+NC+xo2jMj05yi2WclLMIuV6orM9NI3WxCyHDpGXKeT5huR1OJeCW9mzkq0Z1bFswioX2NJsYO9VOunSsmp+XQkOw3y8mTYToCi8DWlAJ3yeu7aB51ofwgDfBY+gyyW/X8wrqzCTJ9VMScgfBm/4GLaJns8hYxtsBVYT6P+syC7kqVs+v2cr2pHQpleLb50MRVnuFPTILOdRMME7SOPqIuwlDDes1ItVHm5oR177q5BI9ywC2Anu/S26i+tE+8g0080voNNS5Pykbhz+o4S8DuO2pA0+ijzYB4t3Ic6bcUcC8RE7G5LG5V3Go8/pewvZUEXlGn7H7ti3raPjMZY5crrrU4rS851TD/wuu6kZdU1k3IFrxUFW5wt4IKS6sc5tZw8HO5jZc4WjZLbceoqiGW5TuTmORjLxseGbk7X8sMEjP9rpQ== intrigeri@ensifera',
    gituser           => gitolite,
    deploy_gitoliterc => false,
intrigeri's avatar
intrigeri committed
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
  }
  package { 'git-daemon-run': ensure => present }
  file { '/etc/sv/git-daemon/run':
    mode    => '0755',
    owner   => root,
    group   => root,
    content => '#!/bin/sh
exec 2>&1
echo "git-daemon starting"
exec chpst -ugitolite "$(git --exec-path)"/git-daemon --reuseaddr --base-path=/var/lib/gitolite/repositories
',
    require => Package['git-daemon-run'],
  }
  service { 'git-daemon':
    provider => runit,
    require  => [
      Package['git-daemon-run'],
      File['/etc/sv/git-daemon/run']
    ],
  }

33
34
35
36
37
38
39
  # Make it easier to rotate logs ourselves
  file_line { 'single_log_file':
    path    => '/var/lib/gitolite/.gitolite.rc',
    match   => '#?\s*\$GL_LOGT\s*=\s*".*";',
    line    => "\$GL_LOGT = \"\$GL_ADMINDIR/logs/gitolite.log\";",
  }

intrigeri's avatar
intrigeri committed
40
41
42
43
44
45
46
47
48
49
50
  # Rotate logs
  file { '/etc/logrotate.d/gitolite':
    owner  => root,
    group  => root,
    mode   => '0644',
    source => [
      'puppet:///modules/site_tails/gitolite/logrotate',
      'puppet:///modules/tails/gitolite/logrotate'
    ],
  }

intrigeri's avatar
intrigeri committed
51
52
53
54
55
56
57
  # Mirroring support
  exec { 'SSH key pair for gitolite@puppet-git.lizard':
    command => 'ssh-keygen -t rsa -b 4096 -N "" -f /var/lib/gitolite/.ssh/id_rsa',
    user    => gitolite,
    creates => '/var/lib/gitolite/.ssh/id_rsa',
  }
  file { '/var/lib/gitolite/.ssh/config':
intrigeri's avatar
intrigeri committed
58
    source => 'puppet:///modules/tails/gitolite/ssh/config',
intrigeri's avatar
intrigeri committed
59
60
61
62
63
    owner  => gitolite,
    group  => gitolite,
    mode   => '0600',
  }

64
  # git-annex support
intrigeri's avatar
intrigeri committed
65
  if $with_git_annex == true {
66
67
68
69
70

    $gitolite_local_lib = '/usr/local/lib/gitolite'
    $adc_path           = "${gitolite_local_lib}/adc"
    $adc_ua_path        = "${adc_path}/ua"

71
72
73
74
    class { '::tails::git_annex':
      use_backport    => $git_annex_use_backport,
      with_recommends => $git_annex_with_recommends,
    }
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101

    file { [$gitolite_local_lib, $adc_path, $adc_ua_path]:
      ensure => directory,
      owner  => root,
      group  => gitolite,
      mode   => '0750',
    }

    file_line { 'support_git-annex':
      path    => '/var/lib/gitolite/.gitolite.rc',
      match   => '#?\s*\$GL_ADC_PATH\s*=\s*".*";',
      line    => "\$GL_ADC_PATH = \"$adc_path\";",
      require => [
        File["${adc_ua_path}/git-annex-shell"],
        Package['git-annex'],
      ],
    }

    file { "${adc_ua_path}/git-annex-shell":
      source => '/usr/share/doc/gitolite/examples/adc/git-annex-shell',
      owner  => root,
      group  => gitolite,
      mode   => '0750',
    }

  }

102
  class { '::tails::gitolite::hooks::common': }
103
  class { '::tails::gitolite::hooks::jenkins_jobs': }
104

intrigeri's avatar
intrigeri committed
105
}