From 7671b51616a25fa6cff9c26fe65d5f703ff94e21 Mon Sep 17 00:00:00 2001 From: Sacha Chua Date: Mon, 17 Oct 2022 17:44:06 -0400 Subject: Get wiki role to push updates to the right place in docker Ikiwiki has this three-repo setup with post-update hooks --- roles/wiki/defaults/main.yml | 3 +- roles/wiki/tasks/docker.yml | 66 +++++++++++++++++++--- roles/wiki/tasks/main.yml | 19 +++---- roles/wiki/templates/emacsconf.setup | 2 +- roles/wiki/templates/htmlscrubber.pm | 4 +- roles/wiki/templates/post-update | 20 +++++++ .../wiki/templates/post-update.h00-ikiwiki-wrapper | 6 ++ 7 files changed, 99 insertions(+), 21 deletions(-) create mode 100755 roles/wiki/templates/post-update create mode 100755 roles/wiki/templates/post-update.h00-ikiwiki-wrapper (limited to 'roles/wiki') diff --git a/roles/wiki/defaults/main.yml b/roles/wiki/defaults/main.yml index 421427c..3b890b0 100644 --- a/roles/wiki/defaults/main.yml +++ b/roles/wiki/defaults/main.yml @@ -2,7 +2,7 @@ ikiwiki_git_branch: master ikiwiki_path: /home/ikiwiki ikiwiki_src_dir: "{{ ikiwiki_path }}/emacsconf" -ikiwiki_plugin_path: /home/ikiwiki/.ikiwiki/IkiWiki/Plugin +ikiwiki_plugin_path: /home/ikiwiki/.ikiwiki/ ikiwiki_admin: bandali@gnu.org ikiwiki_dest: /var/www/emacsconf.org ikiwiki_url: https://emacsconf.org @@ -18,4 +18,5 @@ ikiwiki_cookie_jar: "{{ ikiwiki_path }}/.ikiwiki/cookies" ikiwiki_git_wrapper: "{{ ikiwiki_path }}/hooks/emacsconf" ikiwiki_git_test_receive_wrapper: "{{ ikiwiki_path }}/hooks/emacsconf-pre" ikiwiki_git_base_url: //git.emacsconf.org/emacsconf-wiki +ikiwiki_cgi_wrapper: "{{ ikiwiki_path }}/ikiwiki.cgi" diff --git a/roles/wiki/tasks/docker.yml b/roles/wiki/tasks/docker.yml index 1a759a4..be6591c 100644 --- a/roles/wiki/tasks/docker.yml +++ b/roles/wiki/tasks/docker.yml @@ -2,10 +2,13 @@ apt: pkg: - lighttpd - - supervisord + - supervisor + - sudo - name: Create the anon user user: name: anon + state: present + when: docker - name: Set up Ikiwiki setup template: src: emacsconf.setup @@ -14,27 +17,52 @@ group: www-data - name: Set up the ikiwiki directories file: - dest: /var/www/html + dest: "{{ ikiwiki_dest }}" state: directory - owner: www-data + owner: ikiwiki group: www-data + recurse: true - name: Clone the bare git repo git: bare: true repo: "{{ ikiwiki_git_source_mount }}" dest: "{{ ikiwiki_bare_git_dir }}" version: "{{ ikiwiki_git_branch }}" +- name: Set up post-update hook + tags: wip + template: + src: post-update + dest: "{{ ikiwiki_bare_git_dir }}/hooks/post-update" + mode: 0755 +- name: Remove sample + tags: wip + file: + path: "{{ ikiwiki_bare_git_dir }}/hooks/post-update.sample" + state: absent +- name: Set up ikiwiki post-update hook + tags: wip + template: + src: post-update.h00-ikiwiki-wrapper + dest: "{{ ikiwiki_bare_git_dir }}/hooks/post-update.h00-ikiwiki-wrapper" + mode: 0755 - name: Change owner + tags: wip file: dest: "{{ ikiwiki_bare_git_dir }}" recurse: true - owner: www-data + owner: ikiwiki group: www-data - name: Clone the working git repo git: repo: "{{ ikiwiki_bare_git_dir }}" dest: "{{ ikiwiki_src_dir }}" version: "{{ ikiwiki_git_branch }}" +- name: Chown all the files to ikiwiki + file: + dest: "{{ ikiwiki_src_dir }}" + owner: ikiwiki + group: ikiwiki + recurse: true - name: Copy supervisor config template: src: supervisord.conf @@ -43,7 +71,31 @@ service: name: lighttpd state: started -- name: Start supervisord +- name: Start ssh + tags: ssh service: - name: supervisor - state: restarted + name: ssh + state: started +- name: Set up SSH directory + tags: ssh + file: + path: /home/ikiwiki/.ssh + owner: ikiwiki + group: ikiwiki + state: directory + mode: 0700 +- name: Set up SSH authentication + tags: ssh + block: + - name: Copy key + template: + src: "{{ docker_ssh_key }}" + dest: "/home/ikiwiki/.ssh/authorized_keys2" + mode: 0600 + - name: Change ownership + file: + path: "/home/ikiwiki/.ssh" + owner: ikiwiki + group: ikiwiki + recurse: true + when: docker_ssh_key is defined diff --git a/roles/wiki/tasks/main.yml b/roles/wiki/tasks/main.yml index 35c297d..cd7cbdc 100644 --- a/roles/wiki/tasks/main.yml +++ b/roles/wiki/tasks/main.yml @@ -22,29 +22,26 @@ name: ikiwiki group: ikiwiki state: present -- debug: - var: docker -- name: Set up or update repositories - ansible.builtin.git: - repo: git://git.emacsconf.org/emacsconf-wiki - dest: "{{ ikiwiki_src_dir }}" - when: not docker|d(false) - name: Template the config ansible.builtin.template: src: emacsconf.setup dest: "{{ ikiwiki_path }}/emacsconf.setup" owner: ikiwiki +- name: Create the plugin directory + file: + path: "{{ ikiwiki_plugin_path }}/IkiWiki/Plugin" + state: directory - name: Copy Ikiwiki plugins tags: wiki-plugins template: src: "{{ item }}" - dest: "{{ ikiwiki_plugin_path }}/{{ item }}" + dest: "{{ ikiwiki_plugin_path }}/IkiWiki/Plugin/{{ item }}" loop: - copyright.pm - htmlscrubber.pm - license.pm - include: docker.yml - when: docker is true + when: docker - name: Chown all the files to ikiwiki tags: wiki-plugins file: @@ -54,7 +51,9 @@ recurse: true - name: Regenerate all the files tags: wiki-regenerate, wiki-plugins - shell: ikiwiki --setup "{{ ikiwiki_path }}/emacsconf.setup" --rebuild --wrappers + become: true + become_user: ikiwiki + shell: cd ~ikiwiki; ikiwiki --setup "{{ ikiwiki_path }}/emacsconf.setup" --rebuild --wrappers register: output - debug: var: output diff --git a/roles/wiki/templates/emacsconf.setup b/roles/wiki/templates/emacsconf.setup index ea9c4c8..81b089b 100644 --- a/roles/wiki/templates/emacsconf.setup +++ b/roles/wiki/templates/emacsconf.setup @@ -30,7 +30,7 @@ url: {{ ikiwiki_url }} reverse_proxy: 0 # filename of cgi wrapper to generate #cgi_wrapper: /home/ikiwiki/public_html/emacsconf/ikiwiki.cgi -cgi_wrapper: {{ ikiwiki_path }}/ikiwiki.cgi +cgi_wrapper: {{ ikiwiki_cgi_wrapper }} # mode for cgi_wrapper (can safely be made suid) cgi_wrappermode: 06755 # number of seconds to delay CGI requests when overloaded diff --git a/roles/wiki/templates/htmlscrubber.pm b/roles/wiki/templates/htmlscrubber.pm index 1ce95b2..caf78a1 100755 --- a/roles/wiki/templates/htmlscrubber.pm +++ b/roles/wiki/templates/htmlscrubber.pm @@ -93,8 +93,8 @@ sub scrubber { }], default => [undef, { ( map { $_ => 1 } qw{ - version xmlns x y fill font-size font-weight stroke stroke-width stroke-dasharray transform - data-start data-end data-video data-target data-tracks data-track + version xmlns x y fill font-size font-weight stroke stroke-width stroke-dasharray transform opacity + data-start data-end data-video data-target data-tracks data-track kind label srclang default abbr accept accept-charset accesskey align alt axis border cellpadding cellspacing diff --git a/roles/wiki/templates/post-update b/roles/wiki/templates/post-update new file mode 100755 index 0000000..523b8de --- /dev/null +++ b/roles/wiki/templates/post-update @@ -0,0 +1,20 @@ +#!/bin/sh + +# Determine what input the hook needs +# post-update takes args, pre/post-receive take stdin +type=args +stdin='' +[ $0 != hooks/post-update ] && { + type=stdin + stdin=`cat` +} + +for h in $0.*; do + [ -x $h ] || continue + if [ $type = args ] + then + $h $@ || { [ $0 = hooks/pre-receive ] && exit 1; } + else + echo "$stdin" | $h || { [ $0 = hooks/pre-receive ] && exit 1; } + fi +done diff --git a/roles/wiki/templates/post-update.h00-ikiwiki-wrapper b/roles/wiki/templates/post-update.h00-ikiwiki-wrapper new file mode 100755 index 0000000..684ac28 --- /dev/null +++ b/roles/wiki/templates/post-update.h00-ikiwiki-wrapper @@ -0,0 +1,6 @@ +#!/bin/sh + +# bring the mirror up to date with this repo +cd "{{ ikiwiki_src_dir }}" +git fetch --prune +exec {{ ikiwiki_path }}/hooks/emacsconf -- cgit v1.2.3