From 61397108726057d45f604092a52afbdc6a548a09 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Tue, 25 Jun 2013 16:10:21 +0000 Subject: Add mgagit module --- deployment/mgagit/manifests/init.pp | 62 ++++++++++++ deployment/mgagit/templates/gitolite.rc | 161 ++++++++++++++++++++++++++++++++ deployment/mgagit/templates/mgagit.conf | 14 +++ 3 files changed, 237 insertions(+) create mode 100644 deployment/mgagit/manifests/init.pp create mode 100644 deployment/mgagit/templates/gitolite.rc create mode 100644 deployment/mgagit/templates/mgagit.conf (limited to 'deployment') diff --git a/deployment/mgagit/manifests/init.pp b/deployment/mgagit/manifests/init.pp new file mode 100644 index 00000000..6b346f72 --- /dev/null +++ b/deployment/mgagit/manifests/init.pp @@ -0,0 +1,62 @@ +class mgagit( + $ldap_server = 'ldap.mageia.org', + $binddn = 'uid=mgagit,ou=People,dc=mageia,dc=org', + $bindpw +){ + $git_login = 'git' + $git_homedir = "/var/lib/${git_login}" + $gitolite_dir = "${git_homedir}/.gitolite" + $gitolite_keydir = "${gitolite_dir}/keydir" + $gitolite_confdir = "${gitolite_dir}/conf" + $gitolite_conf = "${gitolite_confdir}/gitolite.conf" + $gitoliterc = "$git_homedir/.gitolite.rc" + $bindpwfile = '/etc/mgagit.secret' + + package { ['mgagit', 'gitolite']: + ensure => installed, + } + + group { $git_login: + ensure => present, + } + user { $git_login: + ensure => present, + comment => 'Git user', + home => $git_homedir, + managedhome => true, + git => $git_login, + } + + file { '/etc/mgagit.conf': + ensure => present, + owner => root, + group => root, + mode => '0644', + content => template('mgagit/mgagit.conf'), + require => Package['mgagit'], + } + + file { [$gitolite_dir, $gitolite_keydir, $gitolite_confdir]: + ensure => directory, + owner => $git_login, + group => $git_login, + mode => '0755', + } + + file { $gitoliterc: + ensure => present, + owner => $git_login, + group => $git_login, + mode => '0644', + content => template('mgagit/gitolite.rc'), + } + + file { $bindpwfile: + ensure => present, + owner => $git_login, + group => $git_login, + mode => '0600', + content => inline_template('<%= @bindpw %>'), + } +} +# vim: sw=2 diff --git a/deployment/mgagit/templates/gitolite.rc b/deployment/mgagit/templates/gitolite.rc new file mode 100644 index 00000000..b21fd383 --- /dev/null +++ b/deployment/mgagit/templates/gitolite.rc @@ -0,0 +1,161 @@ +# configuration variables for gitolite + +# This file is in perl syntax. But you do NOT need to know perl to edit it -- +# just mind the commas, use single quotes unless you know what you're doing, +# and make sure the brackets and braces stay matched up! + +# (Tip: perl allows a comma after the last item in a list also!) + +# HELP for commands can be had by running the command with "-h". + +# HELP for all the other FEATURES can be found in the documentation (look for +# "list of non-core programs shipped with gitolite" in the master index) or +# directly in the corresponding source file. + +%RC = ( + + # ------------------------------------------------------------------ + + # default umask gives you perms of '0700'; see the rc file docs for + # how/why you might change this + UMASK => 0077, + + # look for "git-config" in the documentation + GIT_CONFIG_KEYS => '', + + # comment out if you don't need all the extra detail in the logfile + LOG_EXTRA => 1, + + # roles. add more roles (like MANAGER, TESTER, ...) here. + # WARNING: if you make changes to this hash, you MUST run 'gitolite + # compile' afterward, and possibly also 'gitolite trigger POST_COMPILE' + ROLES => { + READERS => 1, + WRITERS => 1, + }, + + # ------------------------------------------------------------------ + + # rc variables used by various features + + # the 'info' command prints this as additional info, if it is set + # SITE_INFO => 'Please see http://blahblah/gitolite for more help', + + # the 'desc' command uses this + # WRITER_CAN_UPDATE_DESC => 1, + + # the CpuTime feature uses these + # display user, system, and elapsed times to user after each git operation + # DISPLAY_CPU_TIME => 1, + # display a warning if total CPU times (u, s, cu, cs) crosses this limit + # CPU_TIME_WARN_LIMIT => 0.1, + + # the Mirroring feature needs this + # HOSTNAME => "foo", + + # if you enabled 'Shell', you need this + # SHELL_USERS_LIST => "$ENV{HOME}/.gitolite.shell-users", + + # ------------------------------------------------------------------ + + # List of commands and features to enable + + ENABLE => [ + + # COMMANDS + + # These are the commands enabled by default + 'help', + 'desc', + 'info', + 'perms', + 'writable', + + # Uncomment or add new commands here. + # 'create', + # 'fork', + # 'mirror', + # 'sskm', + # 'D', + + # These FEATURES are enabled by default. + + # essential (unless you're using smart-http mode) + 'ssh-authkeys', + + # creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz' + 'git-config', + + # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out + 'daemon', + + # creates projects.list file; if you don't use gitweb, comment this out + 'gitweb', + + # These FEATURES are disabled by default; uncomment to enable. If you + # need to add new ones, ask on the mailing list :-) + + # user-visible behaviour + + # prevent wild repos auto-create on fetch/clone + # 'no-create-on-read', + # no auto-create at all (don't forget to enable the 'create' command!) + # 'no-auto-create', + + # access a repo by another (possibly legacy) name + # 'Alias', + + # give some users direct shell access + # 'Shell', + + # set default roles from lines like 'option default.roles-1 = ...', etc. + # 'set-default-roles', + + # system admin stuff + + # enable mirroring (don't forget to set the HOSTNAME too!) + # 'Mirroring', + + # allow people to submit pub files with more than one key in them + # 'ssh-authkeys-split', + + # selective read control hack + # 'partial-copy', + + # manage local, gitolite-controlled, copies of read-only upstream repos + # 'upstream', + + # updates 'description' file instead of 'gitweb.description' config item + # 'cgit', + + # performance, logging, monitoring... + + # be nice + # 'renice 10', + + # log CPU times (user, system, cumulative user, cumulative system) + # 'CpuTime', + + # syntactic_sugar for gitolite.conf and included files + + # allow backslash-escaped continuation lines in gitolite.conf + # 'continuation-lines', + + # create implicit user groups from directory names in keydir/ + # 'keysubdirs-as-groups', + + # allow simple line-oriented macros + # 'macros', + + ], + +); + +# ------------------------------------------------------------------------------ +# per perl rules, this should be the last line in such a file: +1; + +# Local variables: +# mode: perl +# End: +# vim: set syn=perl: diff --git a/deployment/mgagit/templates/mgagit.conf b/deployment/mgagit/templates/mgagit.conf new file mode 100644 index 00000000..97c11844 --- /dev/null +++ b/deployment/mgagit/templates/mgagit.conf @@ -0,0 +1,14 @@ +--- +use_ldap: yes +ldapserver: <%= @ldap_server %> +binddn: <%= @binddb %> +bindpwfile: <%= @bindpwfile %> +pubkey_dir: <%= @gitolite_keydir %> +gitolite_config: <%= @gitolite_conf %> +repos_config: + - prefix: infrastructure/repositories + gl_template: repodef_repo + repos: + - name: software + maintainer: '@mga-packager' + description: Software repositories definitions -- cgit v1.2.1