aboutsummaryrefslogtreecommitdiff
path: root/roles/git
diff options
context:
space:
mode:
authorJohannes Stoelp <johannes.stoelp@gmail.com>2023-08-26 23:22:18 +0200
committerJohannes Stoelp <johannes.stoelp@gmail.com>2023-08-26 23:22:18 +0200
commit1887e1cca6e988786c600660f2e1090bf69cbf2e (patch)
tree679b01f4007bda29e22028e3aab1181e7fd69fb7 /roles/git
parent2cab07c316fe414f0b1061b40fd7a9ae0e0b6a9c (diff)
downloadansible-memzero-1887e1cca6e988786c600660f2e1090bf69cbf2e.tar.gz
ansible-memzero-1887e1cca6e988786c600660f2e1090bf69cbf2e.zip
git: add runner to mirror github projects
Diffstat (limited to 'roles/git')
-rw-r--r--roles/git/files/runner-mirror/Dockerfile15
-rw-r--r--roles/git/files/runner-mirror/config4
-rwxr-xr-xroles/git/files/runner-mirror/mirror.sh33
-rwxr-xr-xroles/git/files/runner-mirror/periodic.sh8
-rw-r--r--roles/git/tasks/main.yml20
5 files changed, 80 insertions, 0 deletions
diff --git a/roles/git/files/runner-mirror/Dockerfile b/roles/git/files/runner-mirror/Dockerfile
new file mode 100644
index 0000000..112548a
--- /dev/null
+++ b/roles/git/files/runner-mirror/Dockerfile
@@ -0,0 +1,15 @@
+FROM alpine:latest
+
+RUN apk add --update-cache --upgrade --no-cache --purge \
+ git openssh-client tzdata \
+ && rm -rf /var/cache/apk
+
+ENV TZ=Europe/Berlin
+WORKDIR /tmp
+
+# Copy ssh config.
+COPY config /root/.ssh/config
+
+COPY mirror.sh /
+COPY periodic.sh /
+ENTRYPOINT ["/periodic.sh"]
diff --git a/roles/git/files/runner-mirror/config b/roles/git/files/runner-mirror/config
new file mode 100644
index 0000000..7e88cb7
--- /dev/null
+++ b/roles/git/files/runner-mirror/config
@@ -0,0 +1,4 @@
+host git.memzero.de
+ identityfile /mirror.key
+ user git
+ port 8022
diff --git a/roles/git/files/runner-mirror/mirror.sh b/roles/git/files/runner-mirror/mirror.sh
new file mode 100755
index 0000000..a517b86
--- /dev/null
+++ b/roles/git/files/runner-mirror/mirror.sh
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+function mirror() {
+ local repo=$1
+
+ if [ ! -d $repo ]; then
+ git clone --mirror https://github.com/johannst/$repo
+ else
+ git -C $repo fetch --all --prune
+ fi
+
+ git -C $repo push --mirror ssh://git.memzero.de/mirror/$repo
+}
+
+function lock() {
+ # Open lock file.
+ exec 42<> /tmp/mirror.lock
+ # Get exclusive lock.
+ flock -x 42
+ # Automatically unlock on exit.
+ trap "flock -u 42" EXIT
+}
+
+# Ensure only a single script instance runs at a time.
+lock
+
+mkdir -p mirrors
+pushd mirrors
+
+for R in $(cat /projects.list | awk -F '/' '/mirror/ { print $2 }'); do
+ echo "==> REPO: $R"
+ mirror $R
+done
diff --git a/roles/git/files/runner-mirror/periodic.sh b/roles/git/files/runner-mirror/periodic.sh
new file mode 100755
index 0000000..0eab0d0
--- /dev/null
+++ b/roles/git/files/runner-mirror/periodic.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+while true; do
+ /mirror.sh
+
+ echo "Sleep @ $(date)"
+ sleep 8h
+done
diff --git a/roles/git/tasks/main.yml b/roles/git/tasks/main.yml
index 75dec39..2d0e065 100644
--- a/roles/git/tasks/main.yml
+++ b/roles/git/tasks/main.yml
@@ -9,6 +9,7 @@
loop:
- gitolite-cgit
- runner-zola
+ - runner-mirror
- name: Build gitolite cgit image
containers.podman.podman_image:
@@ -63,3 +64,22 @@
# Use 'z' to shared-ly relable selinux contexts.
- "{{ DATA_ROOT }}/nginx/www:/www:z"
recreate: "{{ runner_zola_build.changed }}"
+
+- name: Build mirror runner image
+ containers.podman.podman_image:
+ name: runner-mirror
+ path: "{{ DATA_ROOT }}/git/runner-mirror"
+ force: true
+ register: runner_mirror_build
+
+- name: Start mirror runner
+ containers.podman.podman_container:
+ name: runner-mirror
+ image: runner-mirror
+ network: "{{ NETWORK }}"
+ volumes:
+ # Use 'z' to shared-ly relable selinux contexts.
+ - "{{ DATA_ROOT }}/git/repos/projects.list:/projects.list:ro,z"
+ # Use 'Z' to privately relable selinux contexts.
+ - "{{ DATA_ROOT }}/git/runner-mirror/mirror.key:/mirror.key:ro,Z"
+ recreate: "{{ runner_mirror_build.changed }}"