1 files changed, 170 insertions, 0 deletions

diff --git a/deployment/mgagit/manifests/init.pp b/deployment/mgagit/manifests/init.pp
new file mode 100644
index 00000000..42753b03
--- /dev/null
+++ b/deployment/mgagit/manifests/init.pp
@@ -0,0 +1,170 @@
+class mgagit(
+  $git_dir = '/git',
+  $ldap_server = "ldap.${::domain}",
+  $binddn = 'uid=mgagit,ou=People,dc=mageia,dc=org',
+  $vhost = "projects.${::domain}",
+  $bindpw
+){
+  $git_login = 'git'
+  $git_homedir = "/var/lib/${git_login}"
+  $gitolite_dir = "${git_homedir}/.gitolite"
+  $gitolite_keydir = "${gitolite_dir}/keydir"
+  $gitolite_tmpldir = '/etc/mgagit/tmpl'
+  $gitolite_confdir = "${gitolite_dir}/conf"
+  $gitolite_hooksdir = "${gitolite_dir}/hooks"
+  $gitolite_commonhooksdir = "${gitolite_hooksdir}/common"
+  $gitolite_conf = "${gitolite_confdir}/gitolite.conf"
+  $gitoliterc = "${git_homedir}/.gitolite.rc"
+  $bindpwfile = '/etc/mgagit.secret'
+  $reposconf_dir = "${git_homedir}/repos-config"
+  $vhostdir = "${git_homedir}/www"
+
+  package { ['mgagit', 'gitolite', 'python3-bugz']:
+    ensure => installed,
+  }
+
+  group { $git_login:
+    ensure => present,
+  }
+
+  user { $git_login:
+    ensure      => present,
+    home        => $git_homedir,
+    managehome  => true,
+    gid         => $git_login,
+  }
+
+  file { '/etc/mgagit.conf':
+    ensure  => present,
+    owner   => root,
+    group   => root,
+    mode    => '0644',
+    content => template('mgagit/mgagit.conf'),
+    require => Package['mgagit'],
+  }
+
+  file { "${gitolite_commonhooksdir}/git_multimail.py":
+    ensure  => present,
+    owner   => $git_login,
+    group   => $git_login,
+    mode    => '0644',
+    source  => 'puppet:///modules/mgagit/git_multimail.py',
+    require => File[$gitolite_commonhooksdir],
+  }
+
+  file { "${gitolite_commonhooksdir}/post-receive":
+    ensure  => present,
+    owner   => $git_login,
+    group   => $git_login,
+    mode    => '0755',
+    content => template('mgagit/git-post-receive-hook'),
+    require => File[$gitolite_commonhooksdir],
+  }
+
+  file { "${gitolite_commonhooksdir}/post-update":
+    ensure  => present,
+    owner   => $git_login,
+    group   => $git_login,
+    mode    => '0755',
+    content => template('mgagit/git-post-update-hook'),
+    require => File[$gitolite_commonhooksdir],
+  }
+
+  file { $gitolite_tmpldir:
+    ensure  => directory,
+    owner   => root,
+    group   => root,
+    mode    => '0755',
+  }
+
+  file { "${gitolite_tmpldir}/group.gl":
+    ensure => 'link',
+    target => '/usr/share/mgagit/tmpl/group.gl',
+  }
+
+  file { "${gitolite_tmpldir}/repodef_repo.gl":
+    ensure  => present,
+    owner   => root,
+    group   => root,
+    mode    => '0644',
+    content => template('mgagit/repodef_repo.gl'),
+  }
+
+  mgagit::tmpl { 'artwork':
+    tmpldir => $gitolite_tmpldir,
+    ml      => 'atelier',
+  }
+
+  mgagit::tmpl { 'doc':
+    tmpldir => $gitolite_tmpldir,
+    ml      => 'atelier', # NB This is wrong, we should have a doc-commits@ ML (and thus remove this line)
+  }
+
+  mgagit::tmpl { 'infrastructure':
+    tmpldir => $gitolite_tmpldir,
+    group   => 'sysadmin',
+    ml      => 'sysadmin',
+  }
+
+  mgagit::tmpl { 'org':
+    tmpldir => $gitolite_tmpldir,
+    group   => 'board',
+    ml      => 'board',
+  }
+
+  mgagit::tmpl { 'qa':
+    tmpldir => $gitolite_tmpldir,
+  }
+
+  mgagit::tmpl { 'soft':
+    tmpldir => $gitolite_tmpldir,
+    group   => 'packagers-committers',
+  }
+
+  mgagit::tmpl { 'web':
+    tmpldir => $gitolite_tmpldir,
+    ml      => 'atelier',
+  }
+
+  file { [$gitolite_dir, $gitolite_keydir, $gitolite_confdir,
+          $gitolite_hooksdir, $gitolite_commonhooksdir,
+          $reposconf_dir, $vhostdir]:
+    ensure => directory,
+    owner  => $git_login,
+    group  => $git_login,
+    mode   => '0755',
+  }
+
+  file { $gitoliterc:
+    ensure  => present,
+    owner   => $git_login,
+    group   => $git_login,
+    mode    => '0644',
+    content => template('mgagit/gitolite.rc'),
+  }
+
+  file { $bindpwfile:
+    ensure  => present,
+    owner   => $git_login,
+    group   => $git_login,
+    mode    => '0600',
+    content => inline_template('<%= @bindpw %>'),
+  }
+
+  file { $git_dir:
+    ensure => directory,
+    owner  => $git_login,
+    group  => $git_login,
+    mode   => '0755',
+  }
+
+  file { "${git_homedir}/repositories":
+    ensure => 'link',
+    target => $git_dir,
+  }
+
+  apache::vhost::base { $vhost:
+    location => $vhostdir,
+  }
+}
+# vim: sw=2