@@ -5,8 +5,9 @@ An [Ansible][] [role][] for deploying [gitolite][] on [Debian][] >=9.

 Installs [gitolite][], creates a [dedicated user][] to run it (defaults to

 `git`), prepares for [administering gitolite directly on the server][], allows

 (explicit) [user created repos][] with [multiple `OWNERS`][] and `user/USER/*`

-[personal branches][] for `USERS`, and allows users to run [`symbolic-ref`][]

-(e.g. to change `HEAD`, the default branch).

+[personal branches][] for `USERS`, allows users to run [`symbolic-ref`][] (e.g.

+to change `HEAD`, the default branch), and prepares for [integration with a

+webserver][].

 [`ansible-role-gitolite`]: https://git.rcrnstn.net/rcrnstn/ansible-role-gitolite

 [Ansible]: https://docs.ansible.com/ansible

@@ -19,6 +20,7 @@ Installs [gitolite][], creates a [dedicated user][] to run it (defaults to

 [multiple `OWNERS`]: https://gitolite.com/gitolite/wild#specifying-owners

 [personal branches]: https://gitolite.com/gitolite/user#personal-branches

 [`symbolic-ref`]: https://git-scm.com/docs/git-symbolic-ref

+[integration with a webserver]: https://gitolite.com/gitolite/gitweb-daemon.html

 ## Try out

@@ -1,4 +1,6 @@

 ---

 gitolite_user_name: "git"

+gitolite_user_group: "{{ gitolite_user_name }}"

 gitolite_user_home: "/home/{{ gitolite_user_name }}"

+gitolite_webserver_user_name: "www-data"

@@ -18,7 +18,7 @@

     # default umask gives you perms of '0700'; see the rc file docs for

     # how/why you might change this

-    UMASK                           =>  0077,

+    UMASK                           =>  0027,

     # look for "git-config" in the documentation

     GIT_CONFIG_KEYS                 =>  '',

@@ -165,7 +165,7 @@

             # 'upstream',

             # updates 'description' file instead of 'gitweb.description' config item

-            # 'cgit',

+            'cgit',

             # allow repo-specific hooks to be added

             # 'repo-specific-hooks',

@@ -17,9 +17,16 @@

     - name: "Create gitolite user '{{ gitolite_user_name }}'"

       user:

         name: "{{ gitolite_user_name }}"

+        group: "{{ gitolite_user_group }}"

         home: "{{ gitolite_user_home }}"

         shell: "/bin/bash"

+    - name: "Add '{{ gitolite_webserver_user_name }}' to the '{{ gitolite_user_group }}' group"

+      user:

+        name: "{{ gitolite_webserver_user_name }}"

+        groups: "{{ gitolite_user_group }}"

+        append: yes

+

 - become: yes

   become_user: "{{ gitolite_user_name }}"

   vars:

@@ -71,3 +78,13 @@

               RW+ user/USER/ = USERS

               RW = WRITERS

               R = READERS

+

+    - name: "Allow group read access to gitolite files"

+      file:

+        path: "{{ item }}"

+        mode: 'g+rX'

+        recurse: yes

+        state: 'directory'

+      loop:

+        - "{{ gitolite_user_home }}/repositories"

+        - "{{ gitolite_user_home }}/.gitolite"