From edd69388fcbf2a85ea67c04f8b46f98ad9dcdf36 Mon Sep 17 00:00:00 2001 From: Valentin Gologuzov Date: Thu, 23 Jul 2015 13:27:05 +0200 Subject: [PATCH] [copr][dist-git] custom dist-git config, running dist-git init script; ssh config for copr-service --- roles/copr/dist_git/files/dist-git.conf | 62 +++++++++++++++++++++++++ roles/copr/dist_git/files/ssh_config | 3 ++ roles/copr/dist_git/tasks/main.yml | 8 +++- 3 files changed, 72 insertions(+), 1 deletion(-) create mode 100644 roles/copr/dist_git/files/dist-git.conf create mode 100644 roles/copr/dist_git/files/ssh_config diff --git a/roles/copr/dist_git/files/dist-git.conf b/roles/copr/dist_git/files/dist-git.conf new file mode 100644 index 0000000000..dd055615d9 --- /dev/null +++ b/roles/copr/dist_git/files/dist-git.conf @@ -0,0 +1,62 @@ +# What to do AFTER changing this config: +# 1. /etc/gitolite/admins <- usernames of gitolite admins +# 2. /etc/cron.d/dist-git/dist_git_sync.cron <- enable auto-sync +# /cgit_pkg_list.cron <- enable cgit auto-sync + + +[acls] + +# user groups on the server associated with dist-git +# example: +# user_groups=cvsadmin,fedora-arm,fedora-sparc,fedora-ia64,fedora-s390,fedora-ppc,provenpackager +user_groups=cvsadmin +# user groups with write access to all repositories +# example: +# admin_groups=cvsadmin,fedora-arm,fedora-s390,fedora-ppc +admin_groups=cvsadmin + +# comma separated list of active branches to create ACLs for +# example: +active_branches=el5,el6,el7,epel7,f21,f22,master + +# a "regex"ish list of the reserved branches +# example: +# reserved_branches=f[0-9][0-9],epel[0-9],epel[0-9][0-9],el[0-9],olpc[0-9] +reserved_branches=f[0-9][0-9],epel[0-9],epel[0-9][0-9],el[0-9],olpc[0-9] + +# url of package database - acls (data in json format) +# You can leave it empty if you don't want to use it. +# example: +# pkgdb_acls_url=https://admin.fedoraproject.org/pkgdb/api/vcs?format=json +pkgdb_acls_url= + +# url of package database - groups (data in json format) +# You can leave it empty if you don't want to use it. +# example: +# pkgdb_groups_url=https://admin.fedoraproject.org/pkgdb/api/groups?format=json +pkgdb_groups_url= + + + +[notifications] + +# email notifications: +# example: +# email_domain=fedoraproject.org +email_domain=example.com + +# List of email adresses to be notified about changes +# $PACKAGE can be used as a package name +# example: +# pkg_owner_emails=$PACKAGE-owner@fedoraproject.org,scm-commits@lists.fedoraproject.org +pkg_owner_emails=$PACKAGE-owner@example.com,commits@lists.example.com + + + +[git] + +# the default author of git branches +# example: +# default_branch_author=Fedora Release Engineering +default_branch_author=Copr Dist Git + diff --git a/roles/copr/dist_git/files/ssh_config b/roles/copr/dist_git/files/ssh_config new file mode 100644 index 0000000000..41dff51a6b --- /dev/null +++ b/roles/copr/dist_git/files/ssh_config @@ -0,0 +1,3 @@ +Host * + StrictHostKeyChecking no + UserKnownHostsFile /dev/null diff --git a/roles/copr/dist_git/tasks/main.yml b/roles/copr/dist_git/tasks/main.yml index 37617d5021..5895972863 100644 --- a/roles/copr/dist_git/tasks/main.yml +++ b/roles/copr/dist_git/tasks/main.yml @@ -41,8 +41,8 @@ - name: prepare authorized key, so copr-service could interact with gitolite authorized_key: user="copr-dist-git" key="{{pubkey}}" key_options="command=\"HOME=/var/lib/dist-git/git/ /usr/share/gitolite3/gitolite-shell $USER \"'" - ## keys done + - name: install config for copr-dist-git template: src=copr-dist-git.conf.j2 dest=/etc/copr/copr-dist-git.conf mode=0644 @@ -58,6 +58,10 @@ notify: - restart httpd +- copy: src="dist-git.conf" dest="/etc/dist-git/dist-git.conf" mode=0644 + +- copy: src="ssh_config" dest="/home/copr-service/.ssh/config" owner=copr-service group=cdic mode=0600 + - lineinfile: dest=/etc/cgitrc regexp="^project-list=" line="project-list=/var/lib/dist-git/git/pkgs-git-repos-list" - lineinfile: dest=/etc/cgitrc regexp="^scan-path=" line="scan-path=/var/lib/dist-git/git/rpms/" @@ -66,6 +70,8 @@ - command: "systemctl daemon-reload" +- command: "/usr/share/dist-git/dist_git_sync.sh" + - name: ensure that services are enabled and started service: name="{{ item }}" enabled=yes state=started with_items: