gitolite.pp 3.22 KB
Newer Older
intrigeri's avatar
intrigeri committed
1
# Wrapper around the gitolite class with Tails-specific functionality and stuff
2
class tails::gitolite (
3
4
5
  Boolean $with_git_annex           = false,
  String $git_annex_with_recommends = 'default',
  String $ssh_pubkey_name           = 'gitolite@puppet-git.lizard',
6
  Boolean $log_extra                = false,
7
) {
intrigeri's avatar
intrigeri committed
8

groente's avatar
groente committed
9
10
  ensure_packages(['git'])

intrigeri's avatar
intrigeri committed
11
  class { '::gitolite':
intrigeri's avatar
intrigeri committed
12
    admin_key         => 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+mdQZg1zWYTOwYvs9Anhn+SIAVsg47gj/nGdjVTZu9hehX9GCeU40OwI0qKIASpegweELwHjuRZ5Fhx9UGKYlWKa+fT/xpYg7wGeXM65N4KmzcppyYHjErerGPNbA4glAsmUmmv/IG69hgHVhezclu64lj6KeIYvyD6kEv1mu4yts584tLOip1Sig3XS4dyB5BRqDhD60CN5qQ55kYCLRxw6QfResl+Dqw6GDa8FOuHik0IESGaRAHqVeR+NC+xo2jMj05yi2WclLMIuV6orM9NI3WxCyHDpGXKeT5huR1OJeCW9mzkq0Z1bFswioX2NJsYO9VOunSsmp+XQkOw3y8mTYToCi8DWlAJ3yeu7aB51ofwgDfBY+gyyW/X8wrqzCTJ9VMScgfBm/4GLaJns8hYxtsBVYT6P+syC7kqVs+v2cr2pHQpleLb50MRVnuFPTILOdRMME7SOPqIuwlDDes1ItVHm5oR177q5BI9ywC2Anu/S26i+tE+8g0080voNNS5Pykbhz+o4S8DuO2pA0+ijzYB4t3Ic6bcUcC8RE7G5LG5V3Go8/pewvZUEXlGn7H7ti3raPjMZY5crrrU4rS851TD/wuu6kZdU1k3IFrxUFW5wt4IKS6sc5tZw8HO5jZc4WjZLbceoqiGW5TuTmORjLxseGbk7X8sMEjP9rpQ== intrigeri@ensifera', # lint:ignore:140chars -- SSH key
groente's avatar
groente committed
13
14
15
    gituser           => gitolite3,
    package           => gitolite3,
    version           => 3,
16
    deploy_gitoliterc => false,
17
    backward_compat   => true,
intrigeri's avatar
intrigeri committed
18
  }
19
  file { '/etc/systemd/system/git-daemon.service':
intrigeri's avatar
intrigeri committed
20
21
    owner   => root,
    group   => root,
22
23
24
25
26
    mode    => '0644',
    content => '[Unit]
Description=Git Daemon Instance

[Service]
groente's avatar
groente committed
27
28
User=gitolite3
Group=gitolite3
groente's avatar
groente committed
29
ExecStart=/usr/lib/git-core/git-daemon --reuseaddr --base-path=/var/lib/gitolite3/repositories /var/lib/gitolite3/repositories
30
31
32

[Install]
WantedBy=multi-user.target
intrigeri's avatar
intrigeri committed
33
34
',
  }
35

intrigeri's avatar
intrigeri committed
36
  service { 'git-daemon':
intrigeri's avatar
intrigeri committed
37
38
39
    ensure    => running,
    provider  => systemd,
    require   => [
40
41
      Package['git'],
      File['/etc/systemd/system/git-daemon.service']
intrigeri's avatar
intrigeri committed
42
    ],
43
44
45
46
    subscribe => File['/etc/systemd/system/git-daemon.service'],
  }
  exec { 'systemctl enable git-daemon.service':
    creates => '/etc/systemd/system/multi-user.target.wants/git-daemon.service',
intrigeri's avatar
intrigeri committed
47
48
49
  }

  # Mirroring support
50
51
  sshkeys::set_client_key_pair { $ssh_pubkey_name:
    keyname => $ssh_pubkey_name,
intrigeri's avatar
intrigeri committed
52
    user    => gitolite,
groente's avatar
groente committed
53
    home    => '/var/lib/gitolite3',
intrigeri's avatar
intrigeri committed
54
  }
55
56
57
58
59
  sshkeys::set_client_key_pair { 'gitolite@puppet-git.lizard_role-weblate-gatekeeper':
    user     => gitolite,
    home     => '/var/lib/gitolite3',
    filename => 'id_rsa_role-weblate-gatekeeper',
  }
groente's avatar
groente committed
60
  file { '/var/lib/gitolite3/.ssh/config':
intrigeri's avatar
intrigeri committed
61
    source => 'puppet:///modules/tails/gitolite/ssh/config',
groente's avatar
groente committed
62
63
    owner  => gitolite3,
    group  => gitolite3,
intrigeri's avatar
intrigeri committed
64
65
66
    mode   => '0600',
  }

67
  # git-annex support
intrigeri's avatar
intrigeri committed
68
  if $with_git_annex == true {
69

groente's avatar
groente committed
70
    file { '/etc/gitolite3/gitolite.rc':
71
72
73
74
      content => epp('tails/gitolite/gitolite-with-annex-shell.rc.epp', { log_extra => $log_extra }),
      owner   => root,
      group   => root,
      mode    => '0644',
groente's avatar
groente committed
75
    }
76

77
78
79
    class { '::tails::git_annex':
      with_recommends => $git_annex_with_recommends,
    }
80
81
82

  }

83
  class { '::tails::gitolite::weblate_gatekeeper': }
84
  class { '::tails::gitolite::hooks::common': }
85
  class { '::tails::gitolite::hooks::jenkins_jobs': }
86
  class { '::tails::gitolite::hooks::tails': }
87
  class { '::tails::gitolite::hooks::puppet': }
88

intrigeri's avatar
intrigeri committed
89
}