Ver código fonte

Remove cgit/gitolite git repo hosting

Thomas Buck 6 anos atrás
pai
commit
03f37267df

+ 0
- 6
README.md Ver arquivo

@@ -38,7 +38,6 @@ What do you get if you point Sovereign at a server? All kinds of good stuff!
38 38
 -   Firewall management via [Uncomplicated Firewall (ufw)](https://wiki.ubuntu.com/UncomplicatedFirewall).
39 39
 -   Intrusion prevention via [fail2ban](http://www.fail2ban.org/) and rootkit detection via [rkhunter](http://rkhunter.sourceforge.net).
40 40
 -   SSH configuration preventing root login and insecure password authentication
41
--   Git hosting via [cgit](http://git.zx2c4.com/cgit/about/) and [gitolite](https://github.com/sitaramc/gitolite).
42 41
 -   Read-it-later via [Wallabag](https://www.wallabag.org/)
43 42
 -   A bunch of nice-to-have tools like [mosh](http://mosh.mit.edu) and [htop](http://htop.sourceforge.net) that make life with a server a little easier.
44 43
 
@@ -103,10 +102,6 @@ Ansible (the tool setting up your server) runs locally on your computer and send
103 102
 Modify the settings in the `group_vars/sovereign` folder to your liking. If you want to see how they’re used in context, just search for the corresponding string.
104 103
 All of the variables in `group_vars/sovereign` must be set for sovereign to function.
105 104
 
106
-For Git hosting, copy your public key into place:
107
-
108
-	cp ~/.ssh/id_rsa.pub roles/git/files/gitolite.pub
109
-
110 105
 Finally, replace the `host.example.net` in the file `hosts`. If your SSH daemon listens on a non-standard port, add a colon and the port number after the IP address. In that case you also need to add your custom port to the task `Set firewall rules for web traffic and SSH` in the file `roles/common/tasks/ufw.yml`.
111 106
 
112 107
 ### 5. Set up DNS
@@ -122,7 +117,6 @@ Create `A` or `CNAME` records which point to your server's IP address:
122 117
 * `read.example.com` (for Wallabag)
123 118
 * `news.example.com` (for Selfoss)
124 119
 * `cloud.example.com` (for ownCloud)
125
-* `git.example.com` (for cgit)
126 120
 
127 121
 ### 6. Run the Ansible Playbooks
128 122
 

+ 1
- 1
roles/common/files/letsencrypt-gencert Ver arquivo

@@ -1,6 +1,6 @@
1 1
 #!/bin/bash
2 2
 d="$1"
3
-for i in www mail autoconfig read news cloud git; do
3
+for i in www mail autoconfig read news cloud; do
4 4
   if (getent hosts $i.$1 > /dev/null); then
5 5
     d="$d,$i.$1";
6 6
   fi

+ 0
- 3
roles/git/defaults/main.yml Ver arquivo

@@ -1,3 +0,0 @@
1
-cgit_version: 1.1
2
-cgit_domain: "git.{{ domain }}"
3
-gitolite_version: 3.6.4

+ 0
- 176
roles/git/files/home_git_.gitolite.rc Ver arquivo

@@ -1,176 +0,0 @@
1
-# configuration variables for gitolite
2
-
3
-# This file is in perl syntax.  But you do NOT need to know perl to edit it --
4
-# just mind the commas, use single quotes unless you know what you're doing,
5
-# and make sure the brackets and braces stay matched up!
6
-
7
-# (Tip: perl allows a comma after the last item in a list also!)
8
-
9
-# HELP for commands can be had by running the command with "-h".
10
-
11
-# HELP for all the other FEATURES can be found in the documentation (look for
12
-# "list of non-core programs shipped with gitolite" in the master index) or
13
-# directly in the corresponding source file.
14
-
15
-%RC = (
16
-
17
-    # ------------------------------------------------------------------
18
-
19
-    # default umask gives you perms of '0700'; see the rc file docs for
20
-    # how/why you might change this
21
-    UMASK                           =>  0027,
22
-
23
-    # look for "git-config" in the documentation
24
-    GIT_CONFIG_KEYS                 =>  'gitweb\.(owner|description|category)',
25
-
26
-    # comment out if you don't need all the extra detail in the logfile
27
-    LOG_EXTRA                       =>  1,
28
-
29
-    # roles.  add more roles (like MANAGER, TESTER, ...) here.
30
-    #   WARNING: if you make changes to this hash, you MUST run 'gitolite
31
-    #   compile' afterward, and possibly also 'gitolite trigger POST_COMPILE'
32
-    ROLES => {
33
-        READERS                     =>  1,
34
-        WRITERS                     =>  1,
35
-    },
36
-
37
-    # ------------------------------------------------------------------
38
-
39
-    # rc variables used by various features
40
-
41
-    # the 'info' command prints this as additional info, if it is set
42
-        # SITE_INFO                 =>  'Please see http://blahblah/gitolite for more help',
43
-
44
-    # the 'desc' command uses this
45
-        # WRITER_CAN_UPDATE_DESC    =>  1,
46
-
47
-    # the CpuTime feature uses these
48
-        # display user, system, and elapsed times to user after each git operation
49
-        # DISPLAY_CPU_TIME          =>  1,
50
-        # display a warning if total CPU times (u, s, cu, cs) crosses this limit
51
-        # CPU_TIME_WARN_LIMIT       =>  0.1,
52
-
53
-    # the Mirroring feature needs this
54
-        # HOSTNAME                  =>  "foo",
55
-
56
-    # if you enabled 'Shell', you need this
57
-        # SHELL_USERS_LIST          =>  "$ENV{HOME}/.gitolite.shell-users",
58
-
59
-    # ------------------------------------------------------------------
60
-
61
-    # suggested locations for site-local gitolite code (see cust.html)
62
-
63
-        # this one is managed directly on the server
64
-        # LOCAL_CODE                =>  "$ENV{HOME}/local",
65
-
66
-        # or you can use this, which lets you put everything in a subdirectory
67
-        # called "local" in your gitolite-admin repo.  For a SECURITY WARNING
68
-        # on this, see http://gitolite.com/gitolite/cust.html#pushcode
69
-        # LOCAL_CODE                =>  "$rc{GL_ADMIN_BASE}/local",
70
-
71
-    # ------------------------------------------------------------------
72
-
73
-    # List of commands and features to enable
74
-
75
-    ENABLE => [
76
-
77
-        # COMMANDS
78
-
79
-            # These are the commands enabled by default
80
-            'help',
81
-            'desc',
82
-            'info',
83
-            'perms',
84
-            'writable',
85
-
86
-            # Uncomment or add new commands here.
87
-            # 'create',
88
-            # 'fork',
89
-            # 'mirror',
90
-            # 'sskm',
91
-            # 'D',
92
-
93
-        # These FEATURES are enabled by default.
94
-
95
-            # essential (unless you're using smart-http mode)
96
-            'ssh-authkeys',
97
-
98
-            # creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz'
99
-            'git-config',
100
-
101
-            # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out
102
-            'daemon',
103
-
104
-            # creates projects.list file; if you don't use gitweb, comment this out
105
-            'gitweb',
106
-
107
-        # These FEATURES are disabled by default; uncomment to enable.  If you
108
-        # need to add new ones, ask on the mailing list :-)
109
-
110
-        # user-visible behaviour
111
-
112
-            # prevent wild repos auto-create on fetch/clone
113
-            # 'no-create-on-read',
114
-            # no auto-create at all (don't forget to enable the 'create' command!)
115
-            # 'no-auto-create',
116
-
117
-            # access a repo by another (possibly legacy) name
118
-            # 'Alias',
119
-
120
-            # give some users direct shell access
121
-            # 'Shell',
122
-
123
-            # set default roles from lines like 'option default.roles-1 = ...', etc.
124
-            # 'set-default-roles',
125
-
126
-        # system admin stuff
127
-
128
-            # enable mirroring (don't forget to set the HOSTNAME too!)
129
-            # 'Mirroring',
130
-
131
-            # allow people to submit pub files with more than one key in them
132
-            # 'ssh-authkeys-split',
133
-
134
-            # selective read control hack
135
-            # 'partial-copy',
136
-
137
-            # manage local, gitolite-controlled, copies of read-only upstream repos
138
-            # 'upstream',
139
-
140
-            # updates 'description' file instead of 'gitweb.description' config item
141
-            # 'cgit',
142
-
143
-            # allow repo-specific hooks to be added
144
-            # 'repo-specific-hooks',
145
-
146
-        # performance, logging, monitoring...
147
-
148
-            # be nice
149
-            # 'renice 10',
150
-
151
-            # log CPU times (user, system, cumulative user, cumulative system)
152
-            # 'CpuTime',
153
-
154
-        # syntactic_sugar for gitolite.conf and included files
155
-
156
-            # allow backslash-escaped continuation lines in gitolite.conf
157
-            # 'continuation-lines',
158
-
159
-            # create implicit user groups from directory names in keydir/
160
-            # 'keysubdirs-as-groups',
161
-
162
-            # allow simple line-oriented macros
163
-            # 'macros',
164
-
165
-    ],
166
-
167
-);
168
-
169
-# ------------------------------------------------------------------------------
170
-# per perl rules, this should be the last line in such a file:
171
-1;
172
-
173
-# Local variables:
174
-# mode: perl
175
-# End:
176
-# vim: set syn=perl:

+ 0
- 62
roles/git/tasks/cgit.yml Ver arquivo

@@ -1,62 +0,0 @@
1
-
2
-- name: Install cgit dependencies
3
-  apt: pkg={{ item }} state=present
4
-  with_items:
5
-    - groff
6
-    - libssl-dev
7
-    - python3-pip
8
-  tags:
9
-    - dependencies
10
-
11
-- name: Install cgit pip dependencies python 3
12
-  pip:
13
-    name: "{{ item }}"
14
-    executable: pip3
15
-  with_items:
16
-    - docutils
17
-    - pygments
18
-    - markdown
19
-
20
-- name: Download cgit release
21
-  get_url: url=http://git.zx2c4.com/cgit/snapshot/cgit-{{ cgit_version }}.tar.xz
22
-           dest=/root/cgit-{{ cgit_version }}.tar.xz
23
-
24
-- name: Decompress cgit source
25
-  unarchive: src=/root/cgit-{{ cgit_version }}.tar.xz
26
-             dest=/root copy=no
27
-             creates=/root/cgit-{{ cgit_version }}/configure
28
-
29
-- name: Build and install cgit
30
-  shell: make get-git ; make ; make install
31
-         executable=/bin/bash
32
-         chdir=/root/cgit-{{ cgit_version }}
33
-         creates=/var/www/htdocs/cgit/cgit.cgi
34
-
35
-- name: Copy cgitrc
36
-  template: src=etc_cgitrc.j2 dest=/etc/cgitrc
37
-            group=www-data
38
-            owner=root
39
-
40
-- name: Rename existing Apache cgit virtualhost
41
-  command: mv /etc/apache2/sites-available/cgit /etc/apache2/sites-available/cgit.conf removes=/etc/apache2/sites-available/cgit
42
-
43
-- name: Remove old sites-enabled/cgit symlink (new one will be created by a2ensite)
44
-  file: path=/etc/apache2/sites-enabled/cgit state=absent
45
-
46
-- name: Configure the Apache HTTP server for cgit
47
-  template: src=etc_apache2_sites-available_cgit.j2
48
-            dest=/etc/apache2/sites-available/cgit.conf
49
-            group=root
50
-            owner=root
51
-
52
-- name: Enable Apache CGI module
53
-  command: a2enmod cgi creates=/etc/apache2/mods-enabled/cgi.load
54
-  notify: restart apache
55
-
56
-- name: Enable Apache rewrite module
57
-  command: a2enmod rewrite creates=/etc/apache2/mods-enabled/rewrite.load
58
-  notify: restart apache
59
-
60
-- name:  Enable cgit site
61
-  command: a2ensite cgit.conf creates=/etc/apache2/sites-enabled/cgit.conf
62
-  notify: restart apache

+ 0
- 31
roles/git/tasks/gitolite.yml Ver arquivo

@@ -1,31 +0,0 @@
1
-- name: Create gitolite group
2
-  group: name=git state=present
3
-
4
-- name: Create gitolite user
5
-  user: name=git state=present home=/home/git system=yes group=git
6
-
7
-- name: Add www-data to the git group
8
-  user: name=www-data groups=git append=yes
9
-
10
-- name: Install gitolite3 package
11
-  apt: pkg=gitolite3 state=present
12
-  tags:
13
-    - dependencies
14
-
15
-- name: Copy .gitolite.rc file
16
-  copy: src=home_git_.gitolite.rc
17
-        dest=/home/git/.gitolite.rc
18
-        group=git
19
-        owner=git
20
-        mode=0644
21
-
22
-- name: Copy SSH public key to server
23
-  copy: src=gitolite.pub
24
-        dest=/home/git/{{ main_user_name }}.pub
25
-        group=git
26
-        owner=git
27
-        mode=0644
28
-
29
-- name: Setup gitolite
30
-  command: su - git -c 'gitolite setup -pk {{ main_user_name }}.pub'
31
-           chdir=/home/git

+ 0
- 4
roles/git/tasks/main.yml Ver arquivo

@@ -1,4 +0,0 @@
1
-- include: gitolite.yml
2
-  tags: gitolite
3
-- include: cgit.yml
4
-  tags: cgit

+ 0
- 26
roles/git/templates/etc_apache2_sites-available_cgit.j2 Ver arquivo

@@ -1,26 +0,0 @@
1
-<VirtualHost *:80>
2
-    ServerName {{ cgit_domain }}
3
-
4
-    Redirect permanent / https://{{ cgit_domain }}/
5
-</VirtualHost>
6
-
7
-<VirtualHost *:443>
8
-    ServerName {{ cgit_domain }}
9
-    SSLEngine On
10
-
11
-    DocumentRoot /var/www/htdocs/cgit/
12
-    <Directory "/var/www/htdocs/cgit/">
13
-        AllowOverride None
14
-        Options +ExecCGI
15
-        Require all granted
16
-    </Directory>
17
-
18
-    Alias /cgit.png         /var/www/htdocs/cgit/cgit.png
19
-    Alias /cgit.css         /var/www/htdocs/cgit/cgit.css
20
-    Alias /favicon.ico      /var/www/htdocs/cgit/favicon.ico
21
-    Alias /robots.txt       /var/www/htdocs/cgit/robots.txt
22
-    ScriptAlias /           /var/www/htdocs/cgit/cgit.cgi/
23
-
24
-    CustomLog /var/log/apache2/cgit_access.log combined
25
-    ErrorLog /var/log/apache2/cgit_error.log
26
-</VirtualHost>

+ 0
- 137
roles/git/templates/etc_cgitrc.j2 Ver arquivo

@@ -1,137 +0,0 @@
1
-# Enable caching of up to 1000 output entries
2
-cache-size=1000
3
-
4
-
5
-# Specify some default clone urls using macro expansion
6
-clone-url=git@{{ domain }}:$CGIT_REPO_URL
7
-
8
-
9
-# Specify the css url
10
-# css=/css/cgit.css
11
-
12
-
13
-# Show owner on index page
14
-enable-index-owner=1
15
-
16
-
17
-# Allow http transport git clone
18
-enable-http-clone=0
19
-
20
-
21
-# Show extra links for each repository on the index page
22
-enable-index-links=1
23
-
24
-
25
-# Enable ASCII art commit history graph on the log pages
26
-enable-commit-graph=1
27
-
28
-
29
-# Show number of affected files per commit on the log pages
30
-enable-log-filecount=1
31
-
32
-
33
-# Show number of added/removed lines per commit on the log pages
34
-enable-log-linecount=1
35
-
36
-
37
-# Sort branches by date
38
-branch-sort=age
39
-
40
-
41
-# Add a cgit favicon
42
-# favicon=/favicon.ico
43
-
44
-
45
-# Use a custom logo
46
-# logo=/img/mylogo.png
47
-
48
-
49
-# Enable statistics per week, month and quarter
50
-max-stats=quarter
51
-
52
-
53
-# Set the title and heading of the repository index page
54
-root-title={{ domain }} git repository
55
-
56
-
57
-# Set a subheading for the repository index page
58
-# root-desc=tracking the foobar development
59
-
60
-
61
-# Include some more info about example.com on the index page
62
-# root-readme=/var/www/htdocs/about.html
63
-
64
-
65
-# Allow download of tar.gz, tar.bz2 and zip-files
66
-snapshots=tar.gz tar.bz2 zip
67
-
68
-
69
-##
70
-## List of common mimetypes
71
-##
72
-
73
-mimetype.gif=image/gif
74
-mimetype.html=text/html
75
-mimetype.jpg=image/jpeg
76
-mimetype.jpeg=image/jpeg
77
-mimetype.pdf=application/pdf
78
-mimetype.png=image/png
79
-mimetype.svg=image/svg+xml
80
-
81
-
82
-# Highlight source code with python pygments-based highlighter
83
-source-filter=/usr/local/lib/cgit/filters/syntax-highlighting.py
84
-
85
-# Format markdown, restructuredtext, manpages, text files, and html files
86
-# through the right converters
87
-about-filter=/usr/local/lib/cgit/filters/about-formatting.sh
88
-
89
-##
90
-## Search for these files in the root of the default branch of repositories
91
-## for coming up with the about page:
92
-##
93
-readme=:README.md
94
-readme=:readme.md
95
-readme=:README.mkd
96
-readme=:readme.mkd
97
-readme=:README.rst
98
-readme=:readme.rst
99
-readme=:README.html
100
-readme=:readme.html
101
-readme=:README.htm
102
-readme=:readme.htm
103
-readme=:README.txt
104
-readme=:readme.txt
105
-readme=:README
106
-readme=:readme
107
-readme=:INSTALL.md
108
-readme=:install.md
109
-readme=:INSTALL.mkd
110
-readme=:install.mkd
111
-readme=:INSTALL.rst
112
-readme=:install.rst
113
-readme=:INSTALL.html
114
-readme=:install.html
115
-readme=:INSTALL.htm
116
-readme=:install.htm
117
-readme=:INSTALL.txt
118
-readme=:install.txt
119
-readme=:INSTALL
120
-readme=:install
121
-
122
-
123
-# Allow cgit to use git config to set	any repo specific settings
124
-enable-git-config=1
125
-
126
-
127
-# Removes .git suffix for the url and name
128
-remove-suffix=1
129
-
130
-
131
-# A list of subdirectories inside of scan-path
132
-# that should loaded as git repositories
133
-project-list=/home/git/projects.list
134
-
135
-
136
-# A path which will be scanned for repositories
137
-scan-path=/home/git/repositories

+ 0
- 1
site.yml Ver arquivo

@@ -16,6 +16,5 @@
16 16
     - owncloud
17 17
     - vpn
18 18
     - news
19
-    - git
20 19
     - readlater
21 20
     - monitoring  # Monitoring role should be last. See roles/monitoring/README.md

+ 0
- 15
tests.py Ver arquivo

@@ -122,21 +122,6 @@ class WebTests(unittest.TestCase):
122 122
             r.content
123 123
         )
124 124
 
125
-    def test_cgit_http(self):
126
-        """CGit web interface is displaying home page"""
127
-        r = requests.get('http://git.' + TEST_SERVER, verify=False)
128
-
129
-        # We should be redirected to https
130
-        self.assertEquals(r.history[0].status_code, 301)
131
-        self.assertEquals(r.url, 'https://git.' + TEST_SERVER + '/')
132
-
133
-        # 200 - We should be at the repository page
134
-        self.assertEquals(r.status_code, 200)
135
-        self.assertIn(
136
-            'git repository',
137
-            r.content
138
-        )
139
-
140 125
 
141 126
 class IRCTests(unittest.TestCase):
142 127
     def test_irc_auth(self):

Carregando…
Cancelar
Salvar