Add mgagit module

3 files changed, 237 insertions, 0 deletions

diff --git a/deployment/mgagit/manifests/init.pp b/deployment/mgagit/manifests/init.pp
new file mode 100644
index 00000000..6b346f72
--- /dev/null
+++ b/deployment/mgagit/manifests/init.pp
@@ -0,0 +1,62 @@
+class mgagit(
+  $ldap_server = 'ldap.mageia.org',
+  $binddn = 'uid=mgagit,ou=People,dc=mageia,dc=org',
+  $bindpw
+){
+  $git_login = 'git'
+  $git_homedir = "/var/lib/${git_login}"
+  $gitolite_dir = "${git_homedir}/.gitolite"
+  $gitolite_keydir = "${gitolite_dir}/keydir"
+  $gitolite_confdir = "${gitolite_dir}/conf"
+  $gitolite_conf = "${gitolite_confdir}/gitolite.conf"
+  $gitoliterc = "$git_homedir/.gitolite.rc"
+  $bindpwfile = '/etc/mgagit.secret'
+
+  package { ['mgagit', 'gitolite']:
+    ensure => installed,
+  }
+
+  group { $git_login:
+    ensure => present,
+  }
+  user { $git_login:
+    ensure      => present,
+    comment     => 'Git user',
+    home        => $git_homedir,
+    managedhome => true,
+    git         => $git_login,
+  }
+
+  file { '/etc/mgagit.conf':
+    ensure  => present,
+    owner   => root,
+    group   => root,
+    mode    => '0644',
+    content => template('mgagit/mgagit.conf'),
+    require => Package['mgagit'],
+  }
+
+  file { [$gitolite_dir, $gitolite_keydir, $gitolite_confdir]:
+    ensure => directory,
+    owner  => $git_login,
+    group  => $git_login,
+    mode   => '0755',
+  }
+
+  file { $gitoliterc:
+    ensure  => present,
+    owner   => $git_login,
+    group   => $git_login,
+    mode    => '0644',
+    content => template('mgagit/gitolite.rc'),
+  }
+
+  file { $bindpwfile:
+    ensure  => present,
+    owner   => $git_login,
+    group   => $git_login,
+    mode    => '0600',
+    content => inline_template('<%= @bindpw %>'),
+  }
+}
+# vim: sw=2
diff --git a/deployment/mgagit/templates/gitolite.rc b/deployment/mgagit/templates/gitolite.rc
new file mode 100644
index 00000000..b21fd383
--- /dev/null
+++ b/deployment/mgagit/templates/gitolite.rc
@@ -0,0 +1,161 @@
+# configuration variables for gitolite
+
+# This file is in perl syntax.  But you do NOT need to know perl to edit it --
+# just mind the commas, use single quotes unless you know what you're doing,
+# and make sure the brackets and braces stay matched up!
+
+# (Tip: perl allows a comma after the last item in a list also!)
+
+# HELP for commands can be had by running the command with "-h".
+
+# HELP for all the other FEATURES can be found in the documentation (look for
+# "list of non-core programs shipped with gitolite" in the master index) or
+# directly in the corresponding source file.
+
+%RC = (
+
+    # ------------------------------------------------------------------
+
+    # default umask gives you perms of '0700'; see the rc file docs for
+    # how/why you might change this
+    UMASK                           =>  0077,
+
+    # look for "git-config" in the documentation
+    GIT_CONFIG_KEYS                 =>  '',
+
+    # comment out if you don't need all the extra detail in the logfile
+    LOG_EXTRA                       =>  1,
+
+    # roles.  add more roles (like MANAGER, TESTER, ...) here.
+    #   WARNING: if you make changes to this hash, you MUST run 'gitolite
+    #   compile' afterward, and possibly also 'gitolite trigger POST_COMPILE'
+    ROLES => {
+        READERS                     =>  1,
+        WRITERS                     =>  1,
+    },
+
+    # ------------------------------------------------------------------
+
+    # rc variables used by various features
+
+    # the 'info' command prints this as additional info, if it is set
+        # SITE_INFO                 =>  'Please see http://blahblah/gitolite for more help',
+
+    # the 'desc' command uses this
+        # WRITER_CAN_UPDATE_DESC    =>  1,
+
+    # the CpuTime feature uses these
+        # display user, system, and elapsed times to user after each git operation
+        # DISPLAY_CPU_TIME          =>  1,
+        # display a warning if total CPU times (u, s, cu, cs) crosses this limit
+        # CPU_TIME_WARN_LIMIT       =>  0.1,
+
+    # the Mirroring feature needs this
+        # HOSTNAME                  =>  "foo",
+
+    # if you enabled 'Shell', you need this
+        # SHELL_USERS_LIST          =>  "$ENV{HOME}/.gitolite.shell-users",
+
+    # ------------------------------------------------------------------
+
+    # List of commands and features to enable
+
+    ENABLE => [
+
+        # COMMANDS
+
+            # These are the commands enabled by default
+            'help',
+            'desc',
+            'info',
+            'perms',
+            'writable',
+
+            # Uncomment or add new commands here.
+            # 'create',
+            # 'fork',
+            # 'mirror',
+            # 'sskm',
+            # 'D',
+
+        # These FEATURES are enabled by default.
+
+            # essential (unless you're using smart-http mode)
+            'ssh-authkeys',
+
+            # creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz'
+            'git-config',
+
+            # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out
+            'daemon',
+
+            # creates projects.list file; if you don't use gitweb, comment this out
+            'gitweb',
+
+        # These FEATURES are disabled by default; uncomment to enable.  If you
+        # need to add new ones, ask on the mailing list :-)
+
+        # user-visible behaviour
+
+            # prevent wild repos auto-create on fetch/clone
+            # 'no-create-on-read',
+            # no auto-create at all (don't forget to enable the 'create' command!)
+            # 'no-auto-create',
+
+            # access a repo by another (possibly legacy) name
+            # 'Alias',
+
+            # give some users direct shell access
+            # 'Shell',
+
+            # set default roles from lines like 'option default.roles-1 = ...', etc.
+            # 'set-default-roles',
+
+        # system admin stuff
+
+            # enable mirroring (don't forget to set the HOSTNAME too!)
+            # 'Mirroring',
+
+            # allow people to submit pub files with more than one key in them
+            # 'ssh-authkeys-split',
+
+            # selective read control hack
+            # 'partial-copy',
+
+            # manage local, gitolite-controlled, copies of read-only upstream repos
+            # 'upstream',
+
+            # updates 'description' file instead of 'gitweb.description' config item
+            # 'cgit',
+
+        # performance, logging, monitoring...
+
+            # be nice
+            # 'renice 10',
+
+            # log CPU times (user, system, cumulative user, cumulative system)
+            # 'CpuTime',
+
+        # syntactic_sugar for gitolite.conf and included files
+
+            # allow backslash-escaped continuation lines in gitolite.conf
+            # 'continuation-lines',
+
+            # create implicit user groups from directory names in keydir/
+            # 'keysubdirs-as-groups',
+
+            # allow simple line-oriented macros
+            # 'macros',
+
+    ],
+
+);
+
+# ------------------------------------------------------------------------------
+# per perl rules, this should be the last line in such a file:
+1;
+
+# Local variables:
+# mode: perl
+# End:
+# vim: set syn=perl:
diff --git a/deployment/mgagit/templates/mgagit.conf b/deployment/mgagit/templates/mgagit.conf
new file mode 100644
index 00000000..97c11844
--- /dev/null
+++ b/deployment/mgagit/templates/mgagit.conf
@@ -0,0 +1,14 @@
+---
+use_ldap: yes
+ldapserver: <%= @ldap_server %>
+binddn: <%= @binddb %>
+bindpwfile: <%= @bindpwfile %>
+pubkey_dir: <%= @gitolite_keydir %>
+gitolite_config: <%= @gitolite_conf %>
+repos_config:
+  - prefix: infrastructure/repositories
+    gl_template: repodef_repo
+    repos:
+      - name: software
+        maintainer: '@mga-packager'
+        description: Software repositories definitions