git: add runner to mirror github projects

5 files changed, 80 insertions, 0 deletions

diff --git a/roles/git/files/runner-mirror/Dockerfile b/roles/git/files/runner-mirror/Dockerfile
new file mode 100644
index 0000000..112548a
--- /dev/null
+++ b/roles/git/files/runner-mirror/Dockerfile
@@ -0,0 +1,15 @@
+FROM alpine:latest
+
+RUN apk add --update-cache --upgrade --no-cache --purge \
+      git openssh-client tzdata                         \
+    && rm -rf /var/cache/apk
+
+ENV TZ=Europe/Berlin
+WORKDIR /tmp
+
+# Copy ssh config.
+COPY config /root/.ssh/config
+
+COPY mirror.sh /
+COPY periodic.sh /
+ENTRYPOINT ["/periodic.sh"]
diff --git a/roles/git/files/runner-mirror/config b/roles/git/files/runner-mirror/config
new file mode 100644
index 0000000..7e88cb7
--- /dev/null
+++ b/roles/git/files/runner-mirror/config
@@ -0,0 +1,4 @@
+host git.memzero.de
+    identityfile /mirror.key
+    user git
+    port 8022
diff --git a/roles/git/files/runner-mirror/mirror.sh b/roles/git/files/runner-mirror/mirror.sh
new file mode 100755
index 0000000..a517b86
--- /dev/null
+++ b/roles/git/files/runner-mirror/mirror.sh
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+function mirror() {
+    local repo=$1
+
+    if [ ! -d $repo ]; then
+        git clone --mirror https://github.com/johannst/$repo
+    else
+        git -C $repo fetch --all --prune
+    fi
+
+    git -C $repo push --mirror ssh://git.memzero.de/mirror/$repo
+}
+
+function lock() {
+    # Open lock file.
+    exec 42<> /tmp/mirror.lock
+    # Get exclusive lock.
+    flock -x 42
+    # Automatically unlock on exit.
+    trap "flock -u 42" EXIT
+}
+
+# Ensure only a single script instance runs at a time.
+lock
+
+mkdir -p mirrors
+pushd mirrors
+
+for R in $(cat /projects.list | awk -F '/' '/mirror/ { print $2 }'); do
+    echo "==> REPO: $R"
+    mirror $R
+done
diff --git a/roles/git/files/runner-mirror/periodic.sh b/roles/git/files/runner-mirror/periodic.sh
new file mode 100755
index 0000000..0eab0d0
--- /dev/null
+++ b/roles/git/files/runner-mirror/periodic.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+while true; do
+    /mirror.sh
+
+    echo "Sleep @ $(date)"
+    sleep 8h
+done
diff --git a/roles/git/tasks/main.yml b/roles/git/tasks/main.yml
index 75dec39..2d0e065 100644
--- a/roles/git/tasks/main.yml
+++ b/roles/git/tasks/main.yml
@@ -9,6 +9,7 @@
   loop:
     - gitolite-cgit
     - runner-zola
+    - runner-mirror
 
 - name: Build gitolite cgit image
   containers.podman.podman_image:
@@ -63,3 +64,22 @@
       # Use 'z' to shared-ly relable selinux contexts.
       - "{{ DATA_ROOT }}/nginx/www:/www:z"
     recreate: "{{ runner_zola_build.changed }}"
+
+- name: Build mirror runner image
+  containers.podman.podman_image:
+    name: runner-mirror
+    path: "{{ DATA_ROOT }}/git/runner-mirror"
+    force: true
+  register: runner_mirror_build
+
+- name: Start mirror runner
+  containers.podman.podman_container:
+    name: runner-mirror
+    image: runner-mirror
+    network: "{{ NETWORK }}"
+    volumes:
+      # Use 'z' to shared-ly relable selinux contexts.
+      - "{{ DATA_ROOT }}/git/repos/projects.list:/projects.list:ro,z"
+      # Use 'Z' to privately relable selinux contexts.
+      - "{{ DATA_ROOT }}/git/runner-mirror/mirror.key:/mirror.key:ro,Z"
+    recreate: "{{ runner_mirror_build.changed }}"