пре 10 година · 158503b6ca
--- a/roles/git/tasks/cgit.yml
+++ b/roles/git/tasks/cgit.yml
@@ -0,0 +1,26 @@
 
				
				+
			
 
				
				+- name: Download cgit release
			
 
				
				+  get_url: url=http://git.zx2c4.com/cgit/snapshot/cgit-{{ cgit_version }}.tar.xz
			
 
				
				+           dest=/root/cgit-{{ cgit_version }}.tar.xz
			
 
				
				+
			
 
				
				+- name: Decompress cgit source
			
 
				
				+  command: tar xvfJ /root/cgit-{{ cgit_version }}.tar.xz
			
 
				
				+           chdir=/root
			
 
				
				+           creates=/root/cgit-{{ cgit_version }}/configure
			
 
				
				+
			
 
				
				+- name: Build and install cgit
			
 
				
				+  shell: make get-git ; make ; make install
			
 
				
				+         executable=/bin/bash
			
 
				
				+         chdir=/root/cgit-{{ cgit_version }}
			
 
				
				+         creates=/var/www/htdocs/cgit/cgit.cgi
			
 
				
				+
			
 
				
				+- name: Copy cgit apache config
			
 
				
				+  template: src=etc_apache2_sites-available_cgit.j2
			
 
				
				+            dest=/etc/apache2/sites-available/cgit
			
 
				
				+            group=www-data
			
 
				
				+            owner=www-data
			
 
				
				+  notify: restart apache
			
 
				
				+
			
 
				
				+- name: Enable the cgit server
			
 
				
				+  command: a2ensite cgit creates=/etc/apache2/sites-enabled/cgit
			
 
				
				+  notify: restart apache
			
--- a/roles/git/tasks/main.yml
+++ b/roles/git/tasks/main.yml
@@ -0,0 +1 @@
 
				
				+- include: cgit.yml tags=cgit
			
--- a/roles/git/templates/etc_apache2_sites-available_cgit.j2
+++ b/roles/git/templates/etc_apache2_sites-available_cgit.j2
@@ -0,0 +1,36 @@
 
				
				+<VirtualHost *:80>
			
 
				
				+    ServerName {{ cgit_domain }}
			
 
				
				+
			
 
				
				+    Redirect permanent / https://{{ cgit_domain }}/
			
 
				
				+</VirtualHost>
			
 
				
				+
			
 
				
				+<VirtualHost *:443>
			
 
				
				+    ServerName {{ cgit_domain }}
			
 
				
				+
			
 
				
				+    SSLEngine on
			
 
				
				+    SSLProtocol ALL -SSLv2
			
 
				
				+    SSLHonorCipherOrder On
			
 
				
				+    SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
			
 
				
				+    SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt
			
 
				
				+    SSLCertificateKeyFile   /etc/ssl/private/wildcard_private.key
			
 
				
				+    SSLCACertificateFile    /etc/ssl/certs/wildcard_ca.pem
			
 
				
				+    Header add Strict-Transport-Security "max-age=15768000; includeSubdomains"
			
 
				
				+
			
 
				
				+    DocumentRoot /var/www/htdocs/cgit/
			
 
				
				+
			
 
				
				+    <Directory "/var/www/htdocs/cgit/">
			
 
				
				+        AllowOverride None
			
 
				
				+        Options +ExecCGI
			
 
				
				+        Order allow,deny
			
 
				
				+        Allow from all
			
 
				
				+    </Directory>
			
 
				
				+
			
 
				
				+    Alias       /cgit.png   /var/www/htdocs/cgit/cgit.png
			
 
				
				+    Alias       /cgit.css   /var/www/htdocs/cgit/cgit.css
			
 
				
				+    ScriptAlias /           /var/www/htdocs/cgit/cgit.cgi/
			
 
				
				+    RewriteRule ^$          / [R]
			
 
				
				+    RewriteRule ^/(.*)$     /cgit.cgi/$1 [PT]
			
 
				
				+
			
 
				
				+    CustomLog /var/log/apache2/cgit_access.log combined
			
 
				
				+    ErrorLog /var/log/apache2/cgit_error.log
			
 
				
				+</VirtualHost>
			
--- a/site.yml
+++ b/site.yml
@@ -21,3 +21,4 @@
 
				
				     - vpn
			
 
				
				     - tarsnap
			
 
				
				     - news
			
 
				
				+    - git
			
--- a/vars/defaults.yml
+++ b/vars/defaults.yml
@@ -97,3 +97,7 @@ selfoss_domain: "news.{{ domain }}"
 
				
				 selfoss_db_username: selfoss
			
 
				
				 # selfoss_db_password: (required)
			
 
				
				 selfoss_db_database: selfoss
			
 
				
				+
			
 
				
				+# git
			
 
				
				+cgit_version: 0.10.1
			
 
				
				+cgit_domain: "git.{{ domain }}"