--- - become: yes block: - name: "Install gitolite" apt: name: 'gitolite3' state: 'present' # https://docs.ansible.com/ansible/latest/user_guide/become.html#risks-of-becoming-an-unprivileged-user - name: "Install acl" apt: name: 'acl' state: 'present' - name: "Create gitolite user '{{ gitolite_user_name }}'" user: name: "{{ gitolite_user_name }}" group: "{{ gitolite_user_group }}" home: "{{ gitolite_user_home }}" shell: "/bin/bash" - name: "Add '{{ gitolite_webserver_user_name }}' to the '{{ gitolite_user_group }}' group" user: name: "{{ gitolite_webserver_user_name }}" groups: "{{ gitolite_user_group }}" append: yes - become: yes become_user: "{{ gitolite_user_name }}" vars: default_repos: - "gitolite-admin" - "testing" block: - name: "Run dummy setup" command: cmd: "gitolite setup -a dummy" creates: "{{ gitolite_user_home }}/.gitolite" - name: "Remove directories of default repos" file: path: "{{ gitolite_user_home }}/repositories/{{ item }}.git" state: 'absent' notify: 'gitolite compile' loop: "{{ default_repos }}" - name: "Remove config of default repos" replace: path: "{{ gitolite_user_home }}/.gitolite/conf/gitolite.conf" regexp: '^[ \t\n]*repo[ \t]+{{ item }}((?!^repo)(.|\n))*' notify: 'gitolite compile' loop: "{{ default_repos }}" - name: "Create keydir" file: path: "{{ gitolite_user_home }}/.gitolite/keydir" state: 'directory' notify: 'gitolite compile' - name: "Write gitolite.rc" copy: src: "gitolite.rc" dest: "{{ gitolite_user_home }}/.gitolite.rc" notify: 'gitolite compile' - name: "Allow user created repos" blockinfile: path: "{{ gitolite_user_home }}/.gitolite/conf/gitolite.conf" marker: "# {mark} User created repos" block: | repo CREATOR/[^/]+ C = @all RW+ = CREATOR RW+ = OWNERS RW+ user/USER/ = USERS RW = WRITERS R = READERS - name: "Allow group read access to gitolite files" file: path: "{{ item }}" mode: 'g+rX' recurse: yes state: 'directory' loop: - "{{ gitolite_user_home }}/repositories" - "{{ gitolite_user_home }}/.gitolite" - name: "Set SETGID on gitolite logs directory" file: path: "{{ gitolite_user_home }}/.gitolite/logs" mode: 'g+s' state: 'directory' - name: "Allow group write access to existing gitolite logs" file: path: "{{ gitolite_user_home }}/.gitolite/logs" mode: 'g+rwX' recurse: yes state: 'directory' - name: "Allow group write access to future gitolite logs" acl: path: "{{ gitolite_user_home }}/.gitolite/logs" etype: 'group' permissions: 'rwX' default: yes state: 'present' - name: "Get local custom code directory" command: "gitolite query-rc LOCAL_CODE" register: gitolite_query_local_code changed_when: False - name: "Set local code direcory facts" set_fact: gitolite_post_compile_dir: "{{ gitolite_query_local_code.stdout }}/triggers/post-compile" gitolite_hooks_dir: "{{ gitolite_query_local_code.stdout }}/hooks/common" - name: "Create local code directories" file: path: "{{ item }}" state: 'directory' loop: - "{{ gitolite_post_compile_dir }}" - "{{ gitolite_hooks_dir }}" - name: "Override 'update-gitweb-access-list' post-compile trigger" copy: src: "update-gitweb-access-list" dest: "{{ gitolite_post_compile_dir }}/update-gitweb-access-list" notify: 'gitolite compile' - name: "Clone dependencies" git: repo: "{{ item }}" dest: "{{ gitolite_deps_dir }}/{{ item | basename }}" loop: "{{ gitolite_deps }}" - name: "Symlink 'git-multihook'" file: src: "{{ gitolite_deps_dir }}/git-multihook/git-multihook" dest: "{{ gitolite_hooks_dir }}/git-multihook" state: 'link' - name: "Run 'git-multihook'" command: "{{ gitolite_hooks_dir | quote }}/git-multihook update" register: result changed_when: result.stdout != ""