# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# limitations under the License.
#
-include_recipe "apache"
include_recipe "networking"
-
-package "gitweb"
-
-apache_module "rewrite"
+include_recipe "xinetd"
git_directory = node[:git][:directory]
directory git_directory do
- owner "git"
- group "git"
- mode 02775
+ owner node[:git][:user]
+ group node[:git][:group]
+ mode 0o2775
end
-template "/etc/gitweb.conf" do
- source "gitweb.conf.erb"
- owner "root"
- group "root"
- mode 0644
-end
-
-apache_site node[:git][:host] do
- template "apache.erb"
- directory git_directory
-end
-
-template "#{git_directory}/robots.txt" do
- source "robots.txt.erb"
- owner "root"
- group "root"
- mode 0644
-end
-
-firewall_rule "accept-git" do
- action :accept
- source "net"
- dest "fw"
- proto "tcp:syn"
- dest_ports "git"
- source_ports "1024:"
+if node[:git][:allowed_nodes]
+ search(:node, node[:git][:allowed_nodes]).sort_by { |n| n[:fqdn] }.each do |n|
+ n.interfaces(:role => :external).each do |interface|
+ firewall_rule "accept-git" do
+ action :accept
+ family interface[:family]
+ source "#{interface[:zone]}:#{interface[:address]}"
+ dest "fw"
+ proto "tcp:syn"
+ dest_ports "git"
+ source_ports "1024:"
+ end
+ end
+ end
+else
+ firewall_rule "accept-git" do
+ action :accept
+ source "net"
+ dest "fw"
+ proto "tcp:syn"
+ dest_ports "git"
+ source_ports "1024:"
+ end
end
Dir.new(git_directory).select { |name| name =~ /\.git$/ }.each do |repository|
template "#{git_directory}/#{repository}/hooks/post-update" do
source "post-update.erb"
owner "root"
- group "git"
- mode 0755
+ group node[:git][:group]
+ mode 0o755
end
- if repository != "dns.git"
- template "#{git_directory}/#{repository}/hooks/post-receive" do
- source "post-receive.erb"
- owner "root"
- group "git"
- mode 0755
- variables :repository => "#{git_directory}/#{repository}"
- end
+ next unless node[:recipes].include?("trac") && repository != "dns.git" && repository != "chef.git"
+
+ template "#{git_directory}/#{repository}/hooks/post-receive" do
+ source "post-receive.erb"
+ owner "root"
+ group node[:git][:group]
+ mode 0o755
+ variables :repository => "#{git_directory}/#{repository}"
end
end
+
+template "/etc/cron.daily/git-backup" do
+ source "backup.cron.erb"
+ owner "root"
+ group "root"
+ mode 0o755
+end
+
+template "/etc/xinetd.d/git" do
+ source "xinetd.erb"
+ owner "root"
+ group "root"
+ mode 0o644
+ notifies :reload, "service[xinetd]"
+end