From 40c94030a1861c3c766daa263a6cb738334d4605 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Sat, 6 Oct 2018 22:54:05 +0200 Subject: [PATCH] Make pagure(_hook).cfg share pagure_shared.cfg Signed-off-by: Patrick Uiterwijk --- roles/distgit/pagure/templates/pagure.cfg | 106 +--------------- .../distgit/pagure/templates/pagure_hook.cfg | 81 +----------- .../pagure/templates/pagure_shared.cfg | 120 ++++++++++++++++++ 3 files changed, 122 insertions(+), 185 deletions(-) create mode 100644 roles/distgit/pagure/templates/pagure_shared.cfg diff --git a/roles/distgit/pagure/templates/pagure.cfg b/roles/distgit/pagure/templates/pagure.cfg index 063674215e..19a2aee4c7 100644 --- a/roles/distgit/pagure/templates/pagure.cfg +++ b/roles/distgit/pagure/templates/pagure.cfg @@ -46,13 +46,6 @@ FROM_EMAIL = 'pagure@pkgs.fedoraproject.org' DOMAIN_EMAIL_NOTIFICATIONS = 'src.fedoraproject.org' {% endif %} -### The URL at which the project is available. -{% if env == 'staging' %} -APP_URL = 'https://src.stg.fedoraproject.org/' -{% else %} -APP_URL = 'https://src.fedoraproject.org/' -{% endif %} - ### Datagrepper info for the user profile {% if env == 'staging' %} DATAGREPPER_URL = 'https://apps.stg.fedoraproject.org/datagrepper' @@ -83,44 +76,6 @@ IP_ALLOWED_INTERNAL = ['127.0.0.1', 'localhost', '::1', '10.5.126.51'] {% else %} #EVENTSOURCE_SOURCE = 'https://src.stg.fedoraproject.org:8088' {% endif %} -REDIS_HOST = '0.0.0.0' -REDIS_PORT = 6379 -REDIS_DB = 0 - -WEBHOOK = True - -### Folder containing to the git repos -GIT_FOLDER = '/srv/git/repositories' - -### Folder containing the docs repos -#DOCS_FOLDER = '/srv/git/repositories/docs' -ENABLE_DOCS = False -DOCS_FOLDER = None - -### Folder containing the pull-requests repos -REQUESTS_FOLDER = '/srv/git/repositories/requests' - -### Folder containing the tickets repos -#TICKETS_FOLDER = '/srv/git/repositories/tickets' -ENABLE_TICKETS = False -TICKETS_FOLDER = None - -### Folder containing the clones of the remotes git repo -REMOTE_GIT_FOLDER = '/srv/git/remotes' - -### Folder where to run gl-compile-conf from -GITOLITE_HOME = '/srv/git/' - -### Configuration file for gitolite -GITOLITE_CONFIG = '/srv/git/.gitolite/conf/gitolite.conf' - -### File to include at the top of the gitolite configuration file -GITOLITE_PRE_CONFIG = '/var/tmp/gitolite-prefix.txt' - -### Temp folder to be used to make the clones to work around bug in libgit2: -## refs: https://github.com/libgit2/libgit2/issues/2965 -## and https://github.com/libgit2/libgit2/issues/2797 -TMP_FOLDER = '/srv/tmp' # Optional configuration @@ -255,16 +210,7 @@ LOGGING = { # Configuration item that are specific for this odd pagure instance -PROJECT_TICKETS = False -ENABLE_NEW_PROJECTS = True ENABLE_UI_NEW_PROJECTS = False -ENABLE_DEL_PROJECTS = False -ENABLE_DEL_FORKS = True -ENABLE_TICKETS = False -ENABLE_GROUP_MNGT = False -DEPLOY_KEY = False -LOCAL_SSH_KEY = False -ALLOW_DELETE_BRANCH = False ALLOWED_PREFIX = ['rpms', 'modules', 'container', 'tests'] EXCLUDE_GROUP_INDEX = ['packager'] EMAIL_ON_WATCHCOMMITS = False @@ -272,8 +218,6 @@ PRIVATE_PROJECTS = False FEDMSG_NOTIFICATIONS = True PR_TARGET_MATCHING_BRANCH = True -DISABLED_PLUGINS = ['IRC', 'Pagure tickets', 'Read the Doc', 'Fedmsg'] - ALWAYS_FEDMSG_ON_COMMITS = True ACLS = { @@ -312,11 +256,6 @@ RESULTSDB_URL = 'https://taskotron.fedoraproject.org/resultsdb_api/' FAS_URL = 'https://admin.fedoraproject.org/accounts' {% endif %} -GITOLITE_BACKEND = 'distgit' -GITOLITE_CELERY_QUEUE = 'gitolite_queue' - -CASE_SENSITIVE = True - THEME_TEMPLATE_FOLDER = '/usr/share/pagure_dist_git/template/' THEME = 'srcfpo' @@ -345,49 +284,6 @@ ADMIN_API_ACLS = [ 'create_branch', ] -BLACKLISTED_GROUPS = ['forks', 'group'] - PROJECT_NAME_REGEX = '^[a-zA-z0-9_][a-zA-Z0-9-_\.+]*$' -{% if env == "staging" %} -ALLOW_HTTP_PUSH = True - -# repoSpanner setup - -# For now, repoSpanner is enabled on a per-repo basis -REPOSPANNER_NEW_REPO = None -REPOSPANNER_NEW_REPO_ADMIN_OVERRIDE = True -REPOSPANNER_NEW_FORK = True -REPOSPANNER_ADMIN_MIGRATION = True -REPOSPANNER_REGIONS = { - 'rpms': {'url': 'https://fedora01.rpms.stg.fedoraproject.org:8443', - 'repo_prefix': '', - 'hook': None, - 'ca': '/etc/pagure/ca.crt', - 'admin_cert': {'cert': '/etc/pagure/fedora_rpms_admin.crt', - 'key': '/etc/pagure/fedora_rpms_admin.key'}, - 'push_cert': {'cert': '/etc/pagure/fedora_rpms_push.crt', - 'key': '/etc/pagure/fedora_rpms_push.key'} - } -} -REPOSPANNER_PSEUDO_FOLDER = '/srv/git/repositories/pseudo' -SSH_KEYS_USERNAME_LOOKUP = True -SSH_KEYS_OPTIONS = 'restrict,command="/usr/libexec/pagure/aclchecker.py %(username)s"' -SSH_COMMAND_REPOSPANNER = ([ - "/usr/libexec/repobridge", - "--extra", "username", "%(username)s", - "--extra", "repotype", "%(repotype)s", - "--extra", "project_name", "%(project_name)s", - "--extra", "project_user", "%(project_user)s", - "--extra", "project_namespace", "%(project_namespace)s", - "%(cmd)s", - "'pagure/%(repotype)s/%(reponame)s'", -], {"REPOBRIDGE_CONFIG": "/etc/repobridge/rpms.json"}) -SSH_COMMAND_NON_REPOSPANNER = ([ - "/usr/share/gitolite3/gitolite-shell", - "%(username)s", - "%(cmd)s", - "%(reponame)s", -], {}) - -{% endif %} +{% include "pagure_shared.cfg" %} diff --git a/roles/distgit/pagure/templates/pagure_hook.cfg b/roles/distgit/pagure/templates/pagure_hook.cfg index f8a7094ee6..ef27926914 100644 --- a/roles/distgit/pagure/templates/pagure_hook.cfg +++ b/roles/distgit/pagure/templates/pagure_hook.cfg @@ -5,83 +5,4 @@ os.umask(0o002) DB_URL = 'postgresql://{{ distgit_pagure_db_ro_user }}:{{ distgit_pagure_db_ro_pass }}@{{ distgit_pagure_db_host }}/{{ distgit_pagure_db_name }}' -### The URL at which the project is available. -{% if env == 'staging' %} -APP_URL = 'https://src.stg.fedoraproject.org/' -{% else %} -APP_URL = 'https://src.fedoraproject.org/' -{% endif %} - -WEBHOOK = True -### Folder containing to the git repos -GIT_FOLDER = '/srv/git/repositories' - -### Folder containing the docs repos -DOCS_FOLDER = None - -### Folder containing the pull-requests repos -REQUESTS_FOLDER = '/srv/git/repositories/requests' - -### Folder containing the tickets repos -TICKETS_FOLDER = None - -### Folder containing the clones of the remotes git repo -REMOTE_GIT_FOLDER = '/srv/git/remotes' - -### Folder where to run gl-compile-conf from -GITOLITE_HOME = '/srv/git/' - -### Configuration file for gitolite -GITOLITE_CONFIG = '/srv/git/.gitolite/conf/gitolite.conf' - -### File to include at the top of the gitolite configuration file -GITOLITE_PRE_CONFIG = '/var/tmp/gitolite-prefix.txt' - -### Temp folder to be used to make the clones to work around bug in libgit2: -## refs: https://github.com/libgit2/libgit2/issues/2965 -## and https://github.com/libgit2/libgit2/issues/2797 -TMP_FOLDER = '/srv/tmp' - -REDIS_HOST = '0.0.0.0' -REDIS_PORT = 6379 -REDIS_DB = 0 - -# Configuration item that are specific for this odd pagure instance -CASE_SENSITIVE = True - -PROJECT_TICKETS = False -ENABLE_NEW_PROJECTS = True -ENABLE_DEL_PROJECTS = False -ENABLE_DEL_FORKS = True -ENABLE_TICKETS = False -ENABLE_GROUP_MNGT = False -DEPLOY_KEY = False -LOCAL_SSH_KEY = False -ALLOW_DELETE_BRANCH = False - -DISABLED_PLUGINS = ['IRC', 'Pagure tickets', 'Read the Doc'] - -GITOLITE_BACKEND = 'distgit' -GITOLITE_CELERY_QUEUE = 'gitolite_queue' - -BLACKLISTED_GROUPS = ['forks', 'group'] - -{% if env == "staging" %} -SSH_KEYS_USERNAME_LOOKUP = True -SSH_COMMAND_REPOSPANNER = ([ - "/usr/libexec/repobridge", - "--extra", "username", "%(username)s", - "--extra", "repotype", "%(repotype)s", - "--extra", "project_name", "%(project_name)s", - "--extra", "project_user", "%(project_user)s", - "--extra", "project_namespace", "%(project_namespace)s", - "%(cmd)s", - "'%(repotype)s/%(reponame)s'", -], {"REPOBRIDGE_CONFIG": "/etc/repobridge/rpms.json"}) -SSH_COMMAND_NON_REPOSPANNER = ([ - "/usr/share/gitolite3/gitolite-shell", - "%(username)s", - "%(cmd)s", - "%(reponame)s", -], {}) -{% endif %} +{% include "pagure_shared.cfg" %} diff --git a/roles/distgit/pagure/templates/pagure_shared.cfg b/roles/distgit/pagure/templates/pagure_shared.cfg new file mode 100644 index 0000000000..b7a80a51cd --- /dev/null +++ b/roles/distgit/pagure/templates/pagure_shared.cfg @@ -0,0 +1,120 @@ +### The URL at which the project is available. +{% if env == 'staging' %} +APP_URL = 'https://src.stg.fedoraproject.org/' +{% else %} +APP_URL = 'https://src.fedoraproject.org/' +{% endif %} + +WEBHOOK = True +### Folder containing to the git repos +GIT_FOLDER = '/srv/git/repositories' + +### Folder containing the docs repos +ENABLE_DOCS = False +DOCS_FOLDER = None + +### Folder containing the pull-requests repos +REQUESTS_FOLDER = '/srv/git/repositories/requests' + +### Folder containing the tickets repos +ENABLE_TICKETS = False +TICKETS_FOLDER = None + +### Folder containing the clones of the remotes git repo +REMOTE_GIT_FOLDER = '/srv/git/remotes' + +### Folder where to run gl-compile-conf from +GITOLITE_HOME = '/srv/git/' + +### Configuration file for gitolite +GITOLITE_CONFIG = '/srv/git/.gitolite/conf/gitolite.conf' + +### File to include at the top of the gitolite configuration file +GITOLITE_PRE_CONFIG = '/var/tmp/gitolite-prefix.txt' + +### Temp folder to be used to make the clones to work around bug in libgit2: +## refs: https://github.com/libgit2/libgit2/issues/2965 +## and https://github.com/libgit2/libgit2/issues/2797 +TMP_FOLDER = '/srv/tmp' + +REDIS_HOST = '0.0.0.0' +REDIS_PORT = 6379 +REDIS_DB = 0 + +# Configuration item that are specific for this odd pagure instance +CASE_SENSITIVE = True + +PROJECT_TICKETS = False +ENABLE_NEW_PROJECTS = True +ENABLE_DEL_PROJECTS = False +ENABLE_DEL_FORKS = True +ENABLE_TICKETS = False +ENABLE_GROUP_MNGT = False +DEPLOY_KEY = False +LOCAL_SSH_KEY = False +ALLOW_DELETE_BRANCH = False + +DISABLED_PLUGINS = ['IRC', 'Pagure tickets', 'Read the Doc', 'Fedmsg'] + +GITOLITE_BACKEND = 'distgit' +GITOLITE_CELERY_QUEUE = 'gitolite_queue' + +BLACKLISTED_GROUPS = ['forks', 'group'] + +# ACL settings +ACL_DEBUG = False +ACL_BLOCK_UNSPECIFIED = False +ACL_PROTECTED_NAMESPACES = ['rpms', 'modules', 'container'] +RCM_GROUP = 'relenggroup' +RCM_BRANCHES = ['refs/heads/f[0-9]+'] +# Pushing to c* stuff is never allowed +BLACKLIST_RES = ['refs/heads/c[0-9]+.*'] +# Pushing to (f|epel|el|olpc)(num+) that is not previously approved +# (supported branches) is not allowed. +BLACKLIST_SECOND_RES = ['refs/heads/f[0-9]+', + 'refs/heads/epel[0-9]+', + 'refs/heads/el[0-9]+', + 'refs/heads/olpc[0-9]+'] + +{% if env == "staging" %} +ALLOW_HTTP_PUSH = True + +# repoSpanner setup + +# For now, repoSpanner is enabled on a per-repo basis +REPOSPANNER_NEW_REPO = None +REPOSPANNER_NEW_REPO_ADMIN_OVERRIDE = True +REPOSPANNER_NEW_FORK = True +REPOSPANNER_ADMIN_MIGRATION = True +REPOSPANNER_REGIONS = { + 'rpms': {'url': 'https://fedora01.rpms.stg.fedoraproject.org:8443', + 'repo_prefix': '', + 'hook': None, + 'ca': '/etc/pagure/ca.crt', + 'admin_cert': {'cert': '/etc/pagure/fedora_rpms_admin.crt', + 'key': '/etc/pagure/fedora_rpms_admin.key'}, + 'push_cert': {'cert': '/etc/pagure/fedora_rpms_push.crt', + 'key': '/etc/pagure/fedora_rpms_push.key'} + } +} +REPOSPANNER_PSEUDO_FOLDER = '/srv/git/repositories/pseudo' +SSH_KEYS_USERNAME_LOOKUP = True +SSH_KEYS_OPTIONS = 'restrict,command="/usr/libexec/pagure/aclchecker.py %(username)s"' +SSH_COMMAND_REPOSPANNER = ([ + "/usr/libexec/repobridge", + "--extra", "username", "%(username)s", + "--extra", "repotype", "%(repotype)s", + "--extra", "project_name", "%(project_name)s", + "--extra", "project_user", "%(project_user)s", + "--extra", "project_namespace", "%(project_namespace)s", + "%(cmd)s", + "'pagure/%(repotype)s/%(reponame)s'", +], {"REPOBRIDGE_CONFIG": "/etc/repobridge/rpms.json"}) +SSH_COMMAND_NON_REPOSPANNER = ([ + "/usr/share/gitolite3/gitolite-shell", + "%(username)s", + "%(cmd)s", + "%(reponame)s", +], {}) + +{% endif %}