summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--roles/gitserver/files/git-daemon.service14
-rw-r--r--roles/gitserver/tasks/main.yml11
2 files changed, 24 insertions, 1 deletions
diff --git a/roles/gitserver/files/git-daemon.service b/roles/gitserver/files/git-daemon.service
new file mode 100644
index 0000000..e08d066
--- /dev/null
+++ b/roles/gitserver/files/git-daemon.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=Git Daemon Instance
+
+[Service]
+User=git
+# The '-' is to ignore non-zero exit statuses
+ExecStart=-/usr/lib/git-core/git-daemon --inetd --base-path=/srv/git
+StandardInput=socket
+StandardOutput=inherit
+StandardError=journal
+ProtectSystem=full
+ProtectHome=on
+PrivateDevices=on
+NoNewPrivileges=on
diff --git a/roles/gitserver/tasks/main.yml b/roles/gitserver/tasks/main.yml
index fb1377e..fdcf55a 100644
--- a/roles/gitserver/tasks/main.yml
+++ b/roles/gitserver/tasks/main.yml
@@ -65,11 +65,20 @@
group: git
mode: u+rwx,g+r,o+r
+- name: Configure git-daemon systemd service
+ ansible.builtin.copy:
+ src: files/git-daemon.service
+ dest: /usr/lib/systemd/system/git-daemon@.service
+ owner: root
+ group: root
+ mode: u+rw,g+r,o+r
+
- name: Enable git-daemon
- ansible.builtin.service:
+ ansible.builtin.systemd_service:
name: git-daemon.socket
enabled: yes
state: started
+ daemon_reload: true
- name: Setup auth directory for git
ansible.builtin.file:
generated by cgit v1.2.3-70-g09d2 (git 2.49.0) at 2025-04-28 07:42:20 +0000