Rename git role to gitserver

10 files changed, 0 insertions, 396 deletions

diff --git a/roles/git/files/.htpasswd b/roles/git/files/.htpasswd
deleted file mode 100644
index 1402a2f..0000000
--- a/roles/git/files/.htpasswd
+++ /dev/null
@@ -1,7 +0,0 @@
-$ANSIBLE_VAULT;1.1;AES256
-61343632623939306230623762623761363339376231646232313165353432643830383064663066
-6163383831306632333339653130323764393166333464380a613264613935633336643734376161
-37643564663361646564376437663431343937663937656233323164393837626163386430643063
-6234633164303239310a663961373664666465353234373261633662653864633830336132316139
-33616333643963353630623866613765363131656137653561393733633361303138383662626364
-3930656564303830646333306666643262383263313939373266
diff --git a/roles/git/files/git.conf b/roles/git/files/git.conf
deleted file mode 100644
index 1434cda..0000000
--- a/roles/git/files/git.conf
+++ /dev/null
@@ -1,16 +0,0 @@
-# Source: https://gist.github.com/kierdwyn/3745400e6a184f621b92
-
-location ~ /.+/(info/refs|git-upload-pack|git-receive-pack) {
-    # Set chunks to unlimited, as the body's can be huge.
-    client_max_body_size 0;
-
-    include fastcgi_params;
-    fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
-    fastcgi_param GIT_HTTP_EXPORT_ALL "";
-    fastcgi_param GIT_PROJECT_ROOT /srv/git;
-    fastcgi_param PATH_INFO $uri;
-    # Forward REMOTE_USER as we want to know when we are authenticated.
-    fastcgi_param REMOTE_USER $remote_user;
-
-    fastcgi_pass unix:/run/fcgiwrap.sock;
-}
diff --git a/roles/git/files/git.ilvokhin.com b/roles/git/files/git.ilvokhin.com
deleted file mode 100644
index d94585f..0000000
--- a/roles/git/files/git.ilvokhin.com
+++ /dev/null
@@ -1,26 +0,0 @@
-server {
-    server_name git.ilvokhin.com;
-
-    auth_basic "Restricted";
-    auth_basic_user_file /etc/nginx/auth/git/.htpasswd;
-
-    # Asterisk (*) is here to match both git.conf and cgit.conf (if the latter
-    # exists), because cgit comes with a separate role, but they share one
-    # server (git.ilvokhin.com) for usage convenience.
-    include includes/*git.conf;
-
-    listen 443 ssl;
-    ssl_certificate /etc/letsencrypt/live/git.ilvokhin.com/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/git.ilvokhin.com/privkey.pem;
-}
-
-server {
-    if ($host = git.ilvokhin.com) {
-        return 301 https://$host$request_uri;
-    }
-
-    server_name git.ilvokhin.com;
-    listen 80;
-
-    return 404;
-}
diff --git a/roles/git/files/id_rsa b/roles/git/files/id_rsa
deleted file mode 100644
index 4398f82..0000000
--- a/roles/git/files/id_rsa
+++ /dev/null
@@ -1,136 +0,0 @@
-$ANSIBLE_VAULT;1.1;AES256
-34336539613662653738386238613339326134393961643237383132653634373939363663396161
-6536323463323938303138623433653837346639353530330a336132353837323062396231303033
-34313230383637623938316231306432653237636463636464653438393736363331633436626534
-6437323539636337340a333465666561353362626162616130376163643363643536653262313835
-30613037613430386363663733383466373434396634346439656638626332386361643536353565
-63653662653134353939343632356231386436393334643564363561643663316632613166303832
-65393663656233303039633461376534313231333833613134316161303462656335616439313039
-66343166396136383362303539383961336166373334333163646133303232373433396163633331
-65333536666231623038333165356137396532313034613431666333313337313836336538326465
-31373136376138353863303035653961313330323264633465653163653235306164303164346366
-63343238343866353332306461666465613932306232633738646330346563343330653737643265
-39623930623339383539303634613638343436366530626139656662313364666637363232396234
-35393135366562363966636263316534643530333432393564336230343336633565626236343837
-33626335336565643364363062643764353439346365623862623935303331633339353138303831
-30353762313332323230626561623964326633623030383661346539643566323530623564353832
-35336236333562333533646337343539623237643431653734623831333036363064613832356337
-32333136633134656430643336646237636230626165346534633230373561666464316636306631
-30653137653737663337393839323533393166306634663636613262336330366562356464393563
-64643432323936616263356562343131376631356162623039666531653137363736343631393532
-39303835663431376261393561383233333930333334363036383036376235366562373534383336
-66646436633935386539363466393035353837633632656665616466313231613239656638306235
-33313334633437636533323965356361383761613332663336376661613262386263323131613338
-63653565313961303361313133653638376430663833383166393634366137643461393231316266
-66633262663935373233303065313636326663336232663630343531396639396263343964313836
-37373230636238626561316434376230356434383536663663363538313465306331623761313633
-39623136666632623261663832383433626633313365623662326138303135616234653366346638
-66303066343034353336656466663662353038626566613038613139323032613233333364666563
-66356365396136323831383165636532346630633736643236663134633234663832306563366637
-38666261343662393766316366366239633331356662333239363832653738323337623530333836
-39363462626661306531333535666138393165363037643333353230306161653537323730386631
-34623232333766373030383866323832333063363761333261643938303037653564666632646164
-38373934656338643865373162626262386432383931633132356636383637353865646665663161
-63623630343535663031616664363731663964626265356635383437363364663863666434323033
-39343262623561346631643763653738633832646336303764356633623635613930323035663265
-32653166663535643163643139383261363235333934386335363537303263613437393430643633
-64323866366534346130623737383539353536353233383033316561323863383561383032623165
-33633864386236633137313336346633316166633466623763383837323339366364343837373638
-32383733663465613038356338356633626461623537363930613439316163333131663331366333
-64613031336337623234313734343966326533396263336361653637613633326536303461613662
-38333439616364666637316463623239353134666430646139363363633530336234353334313131
-64396239353632636662313162643336373663613239643264333638393533346530396461393732
-38663334626236313266656463363630326131356230663963636138383466353465643135396532
-30646333393931383033343138663866633663633365633666353663326630363466396338316136
-38643739376336653134343132336330383935393236326536356138323139383264396639663265
-65316664656433643766646364393733386338616662316335303435643436316537643734343263
-38323437343065396261613763346661663930386434323730663264363338303330663664386135
-39336135663735643838663030343138393939343033356536343038343333343361643838396635
-34643865326261613139346561326661663837336438376633316165323065333332633532336433
-32653832643137653830663737623936363733626561313963313865366361333830666131653766
-39623862636632316537323963376534363266386535646262343439373665393331313534636338
-33343139313564313463346530346665323435633535343164633038363865303239393838663636
-65356139656432653466343833346266623333313034343063326331343738383462396339363062
-64663565633338303034666234663665613231343662376261306636303766383239343639666539
-30323534333336346530396264656132363862316434393737663832323437333934383538316664
-31303833313539623835343537373263333962393931353666626162366464616561316462366431
-34383736633530646633353439376562613966323335383936376234373464373534353665386563
-66393563353862333732386335346437623336646261383366366262376165633939373861643239
-35643434336638613339323361323539626632353165313930376661303834373231613735313433
-31303465393037633363333565643565636531623630646366633137346333643531623361303433
-64376634643338363635353037313537366339323037376662653939323965396363343133633164
-37323835336438623662613933376264633133656666323234353133363733396363393739636137
-61323434353965323638633231366239663332356165373064336438313037623136333431376362
-35653930373934653365333538646363616164613430393538303830313335346463306336303233
-32616261646435346366663736626430383234336530663239383331326466353562316162366663
-35623531636335666238376265656230326366336532333233356632376461653961346435613161
-38633363323065393635313362336537383461653232643533613161383931383435613138373339
-38396463663261336335343864633165386562656536313939323863653439653764363839366137
-61646664356332636361383235343634616335616135356439306531333338376234316538303764
-35353830356361373266373734636534376661636662336366343232386465623730346535663836
-31366563653266353337323239666231356435323933626463663466646364303762666162373863
-33663031663837313035313962393864356438623565393835613939306432393166363536636232
-66613062346237396362373263613861356138393632376535306438653766623732366333396365
-31633064636365643162316136656137303536353537393962623066366130613139366664643038
-38323634623438393337396162323964636539393731363030633064663362656132336262323161
-33616231396630323336333230326535353332643734633362616332633763646531396466376263
-33336265313933656435333363363266623237326231396561333131373738336664303963363762
-61613536393065316130316234363463656439356566386566333461353336393231646237663338
-64326131383735303765383437643463383931366162396261306238636361626437363564383837
-61383462663238643036396439393937323465613930393936663338363932363234356531366430
-33363362383930343966636662373764616264613365313863643131623966656164646263626531
-33366465336565633161663433343034356236646666373436346338393066333135383130656331
-61653731373630663034656334613864623835643862663361353738346265626237663462316634
-66383039323830323364343631363463663931356461656436666339376665373362383437643831
-33613965633436366661343034646537653937613165323030303630373737653136636537333132
-66366464663066616336366664366563373439383730343130656236376666313466363562353235
-61646461336531613337303365613965643064336437623664636638373866616264313437346162
-66333065306561343465343463303032663539303536363837623734363339666465343761636533
-65376563343835326432356432643335343961303263653066623661326639626565363232346564
-63333238363862343765653963306663366361626230353733306262386165333736646565326565
-64383737663030636332663262373333613961363731646137663265626165643439336563356431
-30373432363864656661626235653262613038313066626539396662633730303837316566333361
-37336563343232376330316238303966353361656235356566643366376464666632383064356135
-62616262366238303035646630353432633735656337333666316333653462333235396534666462
-38643135643964386139303039663136343365663764643533323533393630313562336339333338
-64616666363730323438386638386137396463636665393736383537363439633836313738363438
-36666433303333633038353363646663373631336335393932653361633132353439313439663937
-63623964663333376337386434306261326166653535326232333337316337656530613865323530
-63333964323836613132346638346439356638396436666438383064626461393534353766656134
-34636161613133336239393335353734306562303039616639316330643535386234336538306530
-39616234376263353166326431353266653136303132343434346235383663303861393865643230
-62623035626630313435643333386234613965353636666134353637653739393730343633653037
-39326337623663616133653632306634343339633132303539353165313536636636353764353833
-34353130373837653962306462646634653662666432373030363432653237366661393565623735
-34356635613666363035633465663835663434323833323163643265643562343266343465306637
-32386439353139623439393861666561343062333031313665363039666135633930366463643539
-66343265376161643234353838303030363666326366323664623033353061393538663335323363
-64313265343236303337613366636566393136643761643565336338663732306432366130666139
-32376437316635343465363233623230343365306336396361396233313662323465633161666435
-36386632373863353963636337373032393430346636663063316262363238346637643534326133
-65636531333965376163613739356637346233323236666264343866373637633933656661656339
-65613139393763643734646233356238383930623739386666363930656562633262376636353466
-31326433333330383234326231383139346263353435356337633966383165653863383533316235
-61313266386365633538353366643538653866313033666365633966623965613666306564313139
-32323339333266646633353964313333616437653837353663383037616465346437313635343766
-39653263323566646431633339663330316631346135643334303065336437613134666364623665
-39396662656331313865376439616330653061626562356438633962626630383163356437326364
-38333266323663313764366561626165646434663565346438383134643832663836626537306534
-34343638313537396134343061323330383538343536656461643938663766353562353836393163
-33623762326661306166383135666164356435643638346432386132663766363232396332623831
-39306433326238326663316533393833316461373935633063303637383733646162366662356432
-36616336383565353264386536356632363164646565313834316165643932333033343136326561
-66376561653639303166656530356632613237653232373665323339636536393066336437613865
-66623865663132623061346263353062376133633361376639336230343233356133613565613862
-36636234313961306565623734633133646663393465383461623166373530366464396166346131
-31616630633930333661323935363731363266393064363738633066356566643234366630646336
-66393631643733656465353436363134646331663363633264356232666266393137353139323039
-62303433623338616438303538333861386237363234343632373863613230313761656265626462
-36626563343339313938326364323765643638303633656631363436613835326535323737623833
-32613634353735616539326362346665636365326461353263333039623432366362376566333166
-35313665353066356439656665353035306163303266623831326438613363656263656239316530
-32643736333862316165306162346561323063303635653930303763343661623931393662376235
-64633238613831303636393235353062373866356235643334383732303962326464373334376439
-35356534396265623535303464313364373833363764346132636335336232663736313034643165
-63353830386239363464666263643261323839323166306636646238663430383331313138333736
-333330303436663236336564306366636564
diff --git a/roles/git/files/id_rsa.pub b/roles/git/files/id_rsa.pub
deleted file mode 100644
index b8b0d6c..0000000
--- a/roles/git/files/id_rsa.pub
+++ /dev/null
@@ -1 +0,0 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4CIFGDMVLHw34NaBVmf1lPlHOF3LtUYkw5S+TTzwgLdKwFcUPV9wHZrCmuIRyAlvEx51h+wqx9HCOZowLt5cYtCspsxrV49xkXmEUUShTmRMMGGsRa06LfYl2S528bl95XRyqqngiUROLWjpWpj4grsfkc+cgnJ8gOK0OAhWZq/w0ip8rNS0ZYc9HR0R5g8lxZtblB7hc4MveIJYmLWC1x+H2jHlZN68I8urGCITigCgKQrGN0wCUNW27m+alAeVXUSk9xI8ALDwu8pwajLVAlYL+FlB588uQ8/4QdPYtrpsxrR9weEVDf7fpLInxQ2bvD9y5XKosL4y20evLmHozykHHf6WhDvEaF4ojq21luVltpBQriTGWlxB4YQCZVU3YoTfvUEbdDXPrvss9+foMK/vY69gQAn0daQ0ZZwzN0kimXJVO9vbQwIc5H0RTjB8ltVYZKWTIEq6YLLxKeaeib8MjyCvjL53KLa/Xyrinj5gzdOwyi1cvuYmlBYf6Lbs= git@git.ilvokhin.com
diff --git a/roles/git/files/init-git-repo.sh b/roles/git/files/init-git-repo.sh
deleted file mode 100755
index 881ee55..0000000
--- a/roles/git/files/init-git-repo.sh
+++ /dev/null
@@ -1,58 +0,0 @@
-#! /usr/bin/env bash
-
-# Usage examples
-#
-# Init private repository and mirror it to github.
-# ./init-git-repo.sh --private --mirror repo.git
-
-private=0
-mirror=0
-repo=""
-
-while [[ $# -gt 0 ]]; do
-    case $1 in
-        -p|--private)
-            private=1
-            shift
-            ;;
-        -m|--mirror)
-            mirror=1
-            shift
-            ;;
-    -*|--*)
-      echo "Unknown option $1" 1>&2
-      exit 1
-      ;;
-    *)
-      repo=$1
-      shift
-      ;;
-  esac
-done
-
-if [ -z $repo ]; then
-    echo "Provide repository name!" 1>&2
-    exit 1
-fi
-
-mkdir $repo
-cd $repo
-git init --bare
-
-if [ $private -eq 0 ]; then
-    touch git-daemon-export-ok
-fi
-
-if [ $mirror -eq 1 ]; then
-    git remote add --mirror github git@github.com:ilvokhin/$repo
-
-    cat > hooks/post-receive <<EOF
-#! /bin/sh
-
-git push --quiet github &
-EOF
-
-    chmod +x hooks/post-receive
-fi
-
-cd ..
diff --git a/roles/git/files/known_hosts b/roles/git/files/known_hosts
deleted file mode 100644
index 5f2b86f..0000000
--- a/roles/git/files/known_hosts
+++ /dev/null
@@ -1,3 +0,0 @@
-github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=
-github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=
-github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl
diff --git a/roles/git/files/no-interactive-login b/roles/git/files/no-interactive-login
deleted file mode 100644
index 7e6f6c5..0000000
--- a/roles/git/files/no-interactive-login
+++ /dev/null
@@ -1,6 +0,0 @@
-#! /usr/bin/env sh
-
-echo "Hello! You've successfully authenticated," \
-     "but I do not provide interactive shell access."
-
-exit 128
diff --git a/roles/git/meta/main.yml b/roles/git/meta/main.yml
deleted file mode 100644
index db5df62..0000000
--- a/roles/git/meta/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-dependencies:
-  - role: certificate
-    vars:
-      domains:
-        - git.ilvokhin.com
-  - role: nginx
-  - role: fcgiwrap
diff --git a/roles/git/tasks/main.yml b/roles/git/tasks/main.yml
deleted file mode 100644
index 49d52a6..0000000
--- a/roles/git/tasks/main.yml
+++ /dev/null
@@ -1,136 +0,0 @@
-- name: Install git
-  ansible.builtin.package:
-    name:
-      - git
-    state: present
-
-- name: Create git user
-  ansible.builtin.user:
-    name: git
-    shell: /usr/bin/git-shell
-    home: /srv/git
-
-- name: Setup SSH directory for Git
-  ansible.builtin.file:
-    path: /srv/git/.ssh
-    state: directory
-    owner: git
-    group: git
-    mode: u+rw,g-w,o-rwx
-
-- name: Update authorized_keys for Git
-  ansible.posix.authorized_key:
-    user: git
-    state: present
-    # Workaround to make it work `with_fileglob`.
-    # https://github.com/ansible/ansible/issues/48819#issuecomment-623851751
-    key: "{{ lookup('file', item) }}"
-    key_options: no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty
-  with_fileglob:
-    - misc/pubkeys/*.pub
-
-# Private key is required to mirror repositories to GitHub.
-- name: Copy private key for Git
-  ansible.builtin.copy:
-    src: files/id_rsa
-    dest: /srv/git/.ssh/id_rsa
-    owner: git
-    group: git
-    mode: u+rw,g-rwx,o-rwx
-
-# We need to know github.com ssh keys before pushing there, otherwise
-# post-receive will fail asking to verify authenticity of host.
-# Run `ssh-keyscan github.com` to re-generate keys if required.
-- name: Copy known_hosts for Git
-  ansible.builtin.copy:
-    src: files/known_hosts
-    dest: /srv/git/.ssh/known_hosts
-    owner: git
-    group: git
-    mode: u+rw,g-rwx,o-rwx
-
-- name: Setup git-shell-commands directory
-  ansible.builtin.file:
-    path: /srv/git/git-shell-commands
-    state: directory
-    owner: git
-    group: git
-    mode: u+rwx,g+r,o+rx
-
-- name: Copy no-interactive-login command
-  ansible.builtin.copy:
-    src: files/no-interactive-login
-    dest: /srv/git/git-shell-commands
-    owner: git
-    group: git
-    mode: u+rwx,g+r,o+r
-
-- name: Enable git-daemon
-  ansible.builtin.service:
-    name: git-daemon.socket
-    enabled: yes
-    state: started
-
-- name: Setup auth directory for git
-  ansible.builtin.file:
-    path: /etc/nginx/auth/git
-    state: directory
-    owner: root
-    group: root
-    mode: u+rw,g+r,o+r
-
-# Alternative approach is to use community.general.htpasswd module to manage
-# .htpasswd file. Unfortunetly, there are couple of drawbacks:
-# * Target systems should have passlib Python library installed.
-# * Passwords might leak in the Ansible debug output, or even non-debug
-#   without no_log.
-# Seems like managing good old file is more convenient at the moment.
-
-- name: Copy git .htpasswd file to manage HTTP passwords
-  ansible.builtin.copy:
-    src: files/.htpasswd
-    dest: /etc/nginx/auth/git/.htpasswd
-    owner: root
-    group: root
-    mode: u+rw,g+rw,o+r
-
-- name: Copy git.conf to handle git HTTP requests
-  ansible.builtin.copy:
-    src: files/git.conf
-    dest: /etc/nginx/includes/git.conf
-    owner: root
-    group: root
-    mode: u+rw,g+rw,o+r
-  notify:
-    - Reload nginx
-
-- name: Configure nginx for git.ilvokhin.com
-  ansible.builtin.copy:
-    src: files/git.ilvokhin.com
-    dest: /etc/nginx/sites-available
-    owner: root
-    group: root
-    mode: u+rw,g+r,o+r
-  notify:
-    - Reload nginx
-
-- name: Enable git.ilvokhin.com site
-  ansible.builtin.file:
-    src: /etc/nginx/sites-available/git.ilvokhin.com
-    dest: /etc/nginx/sites-enabled/git.ilvokhin.com
-    owner: root
-    group: root
-    mode: u+rw,g+r,o+r
-    state: link
-  notify:
-    - Reload nginx
-
-- name: Copy managing scripts
-  ansible.builtin.copy:
-    src: files/init-git-repo.sh
-    dest: /srv/git/init-git-repo.sh
-    owner: git
-    group: git
-    mode: u+rwx,g-rwx,o-rwx
-
-# TODO: figure out proper permissions to fix HTTP protocol push.