blob: 0557615ac6c1f25e11255871ef717a68b5b24ab9 (
plain) (
tree)
|
|
---
- name: Copy container build files
ansible.builtin.copy:
src: gitolite-cgit
dest: "{{ DATA_ROOT }}/git"
owner: "{{ USER }}"
group: "{{ USER }}"
mode: preserve
- name: Build gitolite cgit image
containers.podman.podman_image:
name: gitolite-cgit
path: "{{ DATA_ROOT }}/git/gitolite-cgit"
force: true
register: cgito_build
- name: Gitolite cgit
containers.podman.podman_container:
name: cgito
image: gitolite-cgit
network: "{{ NETWORK }}"
ports:
- "2222:22"
env:
SSH_KEY: "{{ lookup('file', lookup('env', 'HOME') + '/.ssh/memzero.pub') }}"
volumes:
# Use 'Z' to privately relable selinux contexts.
- "{{ DATA_ROOT }}/git/repos:/var/lib/git:Z"
recreate: "{{ cgito_build.changed }}"
notify: Restart nginx
- name: Open port for gitolite ssh port
ansible.builtin.iptables:
chain: INPUT
protocol: tcp
match: tcp
destination_port: 2222
jump: ACCEPT
comment: Accept gitolite SSH connections.
become: true
|