forked from sovereign/sovereign
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
7 changed files
with
287 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
#!/usr/bin/perl | ||
|
||
use strict; | ||
use warnings; | ||
use File::Temp qw/tempdir/; | ||
use File::Copy; | ||
use Sys::Hostname; | ||
|
||
my $fh; | ||
my $hostname = hostname; | ||
|
||
my $dir = tempdir(); | ||
system("git clone /home/git/repositories/gitolite-admin.git $dir"); | ||
chdir "$dir"; | ||
|
||
if (! -f "$dir/keydir/redmine.pub") { | ||
open ($fh, "<", "$dir/conf/gitolite.conf"); | ||
my @lines = <$fh>; | ||
close $fh; | ||
open ($fh, ">", "$dir/conf/gitolite.conf"); | ||
my $inadmin; | ||
foreach my $line (@lines) { | ||
chomp $line; | ||
if (!$inadmin && $line =~ /^repo\s*gitolite-admin/) { | ||
$inadmin = 1; | ||
} elsif ($inadmin && $line =~ /RW\+/) { | ||
$line .= ' redmine' unless ($line =~ /redmine/); | ||
$inadmin = 0; | ||
} | ||
print $fh "$line\n"; | ||
} | ||
close $fh; | ||
system("sudo -u redmine cat /var/lib/redmine/.ssh/id_rsa.pub > $dir/keydir/redmine.pub"); | ||
system("git add conf/gitolite.conf keydir/redmine.pub"); | ||
system("git commit --author='git on $hostname <git\@$hostname>' -m 'Add redmine to gitolite-admin repo'"); | ||
system("gitolite push"); | ||
} | ||
chdir "/tmp"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
--- | ||
# Install the git_hosting plugin | ||
|
||
- name: Get bootstrap-kit Redmine plugin | ||
git: repo=https://github.com/jbox-web/redmine_bootstrap_kit.git dest=/usr/share/redmine/plugins/redmine_bootstrap_kit | ||
|
||
- name: Get git_hosting plugin | ||
git: repo=https://github.com/jbox-web/redmine_git_hosting.git dest=/usr/share/redmine/plugins/redmine_git_hosting version={{ redmine_git_hosting_version }} | ||
|
||
- name: Install required gems for Redmine | ||
command: /usr/local/bin/bundle install --without development test chdir=/usr/share/redmine | ||
|
||
- name: Run plugin migration | ||
command: /usr/local/bin/rake redmine:plugins:migrate chdir=/usr/share/redmine | ||
environment: | ||
RAILS_ENV: production | ||
NAME: redmine_git_hosting | ||
notify: restart apache | ||
|
||
- name: Copy SSH keys for Redmine to git hosting plugin | ||
file: src=/var/lib/redmine/.ssh/id_rsa{{ item }} dest=/usr/share/redmine/plugins/redmine_git_hosting/ssh_keys/redmine_gitolite_admin_id_rsa{{ item }} owner=redmine state=hard | ||
with_items: | ||
- "" | ||
- ".pub" | ||
|
||
- name: Copy SSH public key for Redmine to gitolite | ||
file: src=/var/lib/redmine/.ssh/id_rsa.pub dest=/home/git/redmine_gitolite_admin_id_rsa.pub owner=git group=git mode=0644 state=hard | ||
|
||
- name: Install sudoers file for redmine and git | ||
template: src=etc_sudoers.d_redmine-gitolite.j2 dest=/etc/sudoers.d/redmine-gitolite mode=0440 owner=root group=root | ||
|
||
- name: Create log files for git_hosting | ||
file: path=/usr/share/redmine/log/git_hosting.log mode=0644 owner=redmine state=touch | ||
|
||
- name: Change ownership of git_hosting directories | ||
file: path=/usr/share/redmine/plugins/redmine_git_hosting/bin mode=0755 owner=redmine state=directory recurse=yes | ||
|
||
- name: Create known_hosts file for redmine | ||
file: path=/var/lib/redmine/.ssh/known_hosts mode=0644 owner=redmine state=touch | ||
|
||
- name: Add localhost as known host for redmine | ||
shell: 'grep -qE "`ssh-keyscan localhost`" /var/lib/redmine/.ssh/known_hosts || ssh-keyscan localhost >> /var/lib/redmine/.ssh/known_hosts' | ||
sudo: yes | ||
sudo_user: redmine | ||
|
||
- name: Copy script to add redmine permissions to gitolite | ||
copy: src=add_redmine_to_gitolite.pl dest=/tmp/add_redmine_to_gitolite mode=0755 | ||
|
||
- name: Add redmine permissions to gitolite | ||
command: /tmp/add_redmine_to_gitolite | ||
sudo: yes | ||
sudo_user: git |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,3 +2,4 @@ | |
|
||
- include: redmine.yml tags=redmine | ||
|
||
- include: git_hosting.yml tags=redmine |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
redmine ALL=(git) NOPASSWD:ALL | ||
git ALL=(redmine) NOPASSWD:ALL |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,176 @@ | ||
# configuration variables for gitolite | ||
|
||
# This file is in perl syntax. But you do NOT need to know perl to edit it -- | ||
# just mind the commas, use single quotes unless you know what you're doing, | ||
# and make sure the brackets and braces stay matched up! | ||
|
||
# (Tip: perl allows a comma after the last item in a list also!) | ||
|
||
# HELP for commands can be had by running the command with "-h". | ||
|
||
# HELP for all the other FEATURES can be found in the documentation (look for | ||
# "list of non-core programs shipped with gitolite" in the master index) or | ||
# directly in the corresponding source file. | ||
|
||
%RC = ( | ||
|
||
# ------------------------------------------------------------------ | ||
|
||
# default umask gives you perms of '0700'; see the rc file docs for | ||
# how/why you might change this | ||
UMASK => 0027, | ||
|
||
# look for "git-config" in the documentation | ||
GIT_CONFIG_KEYS => '.*', | ||
|
||
# comment out if you don't need all the extra detail in the logfile | ||
LOG_EXTRA => 1, | ||
|
||
# roles. add more roles (like MANAGER, TESTER, ...) here. | ||
# WARNING: if you make changes to this hash, you MUST run 'gitolite | ||
# compile' afterward, and possibly also 'gitolite trigger POST_COMPILE' | ||
ROLES => { | ||
READERS => 1, | ||
WRITERS => 1, | ||
}, | ||
|
||
# ------------------------------------------------------------------ | ||
|
||
# rc variables used by various features | ||
|
||
# the 'info' command prints this as additional info, if it is set | ||
# SITE_INFO => 'Please see http://blahblah/gitolite for more help', | ||
|
||
# the 'desc' command uses this | ||
# WRITER_CAN_UPDATE_DESC => 1, | ||
|
||
# the CpuTime feature uses these | ||
# display user, system, and elapsed times to user after each git operation | ||
# DISPLAY_CPU_TIME => 1, | ||
# display a warning if total CPU times (u, s, cu, cs) crosses this limit | ||
# CPU_TIME_WARN_LIMIT => 0.1, | ||
|
||
# the Mirroring feature needs this | ||
# HOSTNAME => "foo", | ||
|
||
# if you enabled 'Shell', you need this | ||
# SHELL_USERS_LIST => "$ENV{HOME}/.gitolite.shell-users", | ||
|
||
# ------------------------------------------------------------------ | ||
|
||
# suggested locations for site-local gitolite code (see cust.html) | ||
|
||
# this one is managed directly on the server | ||
# LOCAL_CODE => "$ENV{HOME}/local", | ||
|
||
# or you can use this, which lets you put everything in a subdirectory | ||
# called "local" in your gitolite-admin repo. For a SECURITY WARNING | ||
# on this, see http://gitolite.com/gitolite/cust.html#pushcode | ||
# LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local", | ||
|
||
# ------------------------------------------------------------------ | ||
|
||
# List of commands and features to enable | ||
|
||
ENABLE => [ | ||
|
||
# COMMANDS | ||
|
||
# These are the commands enabled by default | ||
'help', | ||
'desc', | ||
'info', | ||
'perms', | ||
'writable', | ||
|
||
# Uncomment or add new commands here. | ||
# 'create', | ||
# 'fork', | ||
# 'mirror', | ||
# 'sskm', | ||
# 'D', | ||
|
||
# These FEATURES are enabled by default. | ||
|
||
# essential (unless you're using smart-http mode) | ||
'ssh-authkeys', | ||
|
||
# creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz' | ||
'git-config', | ||
|
||
# creates git-daemon-export-ok files; if you don't use git-daemon, comment this out | ||
'daemon', | ||
|
||
# creates projects.list file; if you don't use gitweb, comment this out | ||
'gitweb', | ||
|
||
# These FEATURES are disabled by default; uncomment to enable. If you | ||
# need to add new ones, ask on the mailing list :-) | ||
|
||
# user-visible behaviour | ||
|
||
# prevent wild repos auto-create on fetch/clone | ||
# 'no-create-on-read', | ||
# no auto-create at all (don't forget to enable the 'create' command!) | ||
# 'no-auto-create', | ||
|
||
# access a repo by another (possibly legacy) name | ||
# 'Alias', | ||
|
||
# give some users direct shell access | ||
# 'Shell', | ||
|
||
# set default roles from lines like 'option default.roles-1 = ...', etc. | ||
# 'set-default-roles', | ||
|
||
# system admin stuff | ||
|
||
# enable mirroring (don't forget to set the HOSTNAME too!) | ||
# 'Mirroring', | ||
|
||
# allow people to submit pub files with more than one key in them | ||
# 'ssh-authkeys-split', | ||
|
||
# selective read control hack | ||
# 'partial-copy', | ||
|
||
# manage local, gitolite-controlled, copies of read-only upstream repos | ||
# 'upstream', | ||
|
||
# updates 'description' file instead of 'gitweb.description' config item | ||
# 'cgit', | ||
|
||
# allow repo-specific hooks to be added | ||
# 'repo-specific-hooks', | ||
|
||
# performance, logging, monitoring... | ||
|
||
# be nice | ||
# 'renice 10', | ||
|
||
# log CPU times (user, system, cumulative user, cumulative system) | ||
# 'CpuTime', | ||
|
||
# syntactic_sugar for gitolite.conf and included files | ||
|
||
# allow backslash-escaped continuation lines in gitolite.conf | ||
# 'continuation-lines', | ||
|
||
# create implicit user groups from directory names in keydir/ | ||
# 'keysubdirs-as-groups', | ||
|
||
# allow simple line-oriented macros | ||
# 'macros', | ||
|
||
], | ||
|
||
); | ||
|
||
# ------------------------------------------------------------------------------ | ||
# per perl rules, this should be the last line in such a file: | ||
1; | ||
|
||
# Local variables: | ||
# mode: perl | ||
# End: | ||
# vim: set syn=perl: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters