107 lines
2.6 KiB
YAML
107 lines
2.6 KiB
YAML
---
|
|
- hosts: git.crypto-libertarian.com
|
|
module_defaults:
|
|
apt:
|
|
force_apt_get: true
|
|
update_cache: true
|
|
cache_valid_time: 86400
|
|
roles:
|
|
- name: kotovalexarian.common
|
|
tags: common
|
|
handlers:
|
|
- name: Restart Apache
|
|
systemd:
|
|
name: apache2.service
|
|
state: restarted
|
|
tasks:
|
|
- name: Install system packages
|
|
apt:
|
|
name:
|
|
- cgit
|
|
- finger
|
|
- git
|
|
- python3-markdown
|
|
- python3-pygments
|
|
|
|
- name: Create system group
|
|
group:
|
|
name: git
|
|
|
|
- name: Create system user
|
|
user:
|
|
name: git
|
|
group: git
|
|
create_home: true
|
|
|
|
- name: Create directory for SSH configuration
|
|
file:
|
|
state: directory
|
|
path: /home/git/.ssh
|
|
owner: git
|
|
group: git
|
|
mode: 'u=rwx,g=,o='
|
|
|
|
- name: Create SSH configuration of authorized keys
|
|
copy:
|
|
src: ../../files/authorized_keys
|
|
dest: /home/git/.ssh/authorized_keys
|
|
owner: git
|
|
group: git
|
|
mode: 'u=rw,g=,o='
|
|
|
|
- name: Disable system info message
|
|
copy:
|
|
content: ''
|
|
dest: /home/git/.hushlogin
|
|
owner: root
|
|
group: root
|
|
mode: 'u=rw,g=r,o=r'
|
|
|
|
- name: Add git shell
|
|
copy:
|
|
src: ../../files/shells
|
|
dest: /etc/shells
|
|
owner: root
|
|
group: root
|
|
mode: 'u=rw,g=r,o=r'
|
|
|
|
- name: Detect shell
|
|
shell: "/usr/bin/finger git | grep -oP 'Shell: \\K.*'"
|
|
register: detect_shell_result
|
|
changed_when: false
|
|
|
|
- name: Use git shell
|
|
command: '/usr/bin/chsh git -s /usr/bin/git-shell'
|
|
when: detect_shell_result.stdout != '/usr/bin/git-shell'
|
|
|
|
- name: Disable Apache configuration
|
|
command: '/usr/sbin/a2disconf cgit'
|
|
register: disable_apache_configuration_result
|
|
changed_when: >
|
|
disable_apache_configuration_result.stdout is search('Disabling conf')
|
|
notify: Restart Apache
|
|
|
|
- name: Add Apache site
|
|
copy:
|
|
src: ../../files/git.crypto-libertarian.com.conf
|
|
dest: /etc/apache2/sites-available/git.crypto-libertarian.com.conf
|
|
owner: root
|
|
group: root
|
|
mode: 'u=rw,g=r,o=r'
|
|
notify: Restart Apache
|
|
|
|
- name: Enable Apache site
|
|
command: '/usr/sbin/a2ensite git.crypto-libertarian.com.conf'
|
|
register: enable_apache_site_result
|
|
changed_when: >
|
|
enable_apache_site_result.stdout is search('Enabling site')
|
|
notify: Restart Apache
|
|
|
|
- name: Install cgit configuration
|
|
copy:
|
|
src: ../../files/cgitrc
|
|
dest: /etc/cgitrc
|
|
owner: root
|
|
group: root
|
|
mode: 'u=rw,g=r,o=r'
|