diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2010-01-25 22:05:23 -0200 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2010-01-25 22:05:23 -0200 |
| commit | 5f5aa68b1702d90063c5819b2db757428a10d345 (patch) | |
| tree | b14d719f906f1142e2d5da5bf43f3e6a5153201c | |
| parent | 25c9378cd03d6c8324f80959418049de1ce392ab (diff) | |
| download | puppet-ikiwiki-5f5aa68b1702d90063c5819b2db757428a10d345.tar.gz puppet-ikiwiki-5f5aa68b1702d90063c5819b2db757428a10d345.tar.bz2 | |
Trying to fix permission issue
| -rw-r--r-- | manifests/init.pp | 24 | ||||
| -rw-r--r-- | templates/deploy.sh.erb | 8 | ||||
| -rw-r--r-- | templates/ikiwiki.setup.erb | 4 | ||||
| -rw-r--r-- | templates/update.sh.erb | 29 |
4 files changed, 53 insertions, 12 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 8a0048e..7997903 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -15,6 +15,14 @@ class ikiwiki { mode => 755, } + file { "/usr/local/sbin/ikiwiki-refresh": + ensure => present, + content => template('ikiwiki/refresh.sh.erb'), + owner => root, + group => root, + mode => 755, + } + define instance($base_url = false, $ensure = 'present', $description = false, $adminuser = 'yourname', $adminemail = 'me@example.org', $instance = 'ikiwiki') { @@ -35,13 +43,14 @@ class ikiwiki { owner => root, group => root, mode => 644, - notify => Exec["ikiwiki --setup /etc/ikiwiki/$name.setup"], + notify => Exec["ikiwiki_refresh_${name}"], } case $ensure { 'present': { - exec { "ikiwiki --setup /etc/ikiwiki/$name.setup": - user => www-data, + exec { "ikiwiki_refresh_${name}": + command => "/usr/local/sbin/ikiwiki-refresh $name $instance", + user => root, refreshonly => true, } @@ -56,7 +65,7 @@ class ikiwiki { owner => www-data, group => www-data, recurse => true, - notify => Exec["ikiwiki --setup /etc/ikiwiki/$name.setup"], + notify => Exec["ikiwiki_refresh_${name}"], require => File["${apache_sites_folder}/${name}"], } } @@ -83,14 +92,17 @@ class ikiwiki { # gitosis can do a setuid to it and write to ikiwiki # folders without messing the permission scheme. # + # The same is valid for the cgi. + # # See http://ikiwiki.info/rcs/git/ # http://ikiwiki.info/forum/multi-user_setup_of_ikiwiki__44___gitosis_and_apache2_in_Debian_Sid/ # - file { "/var/git/repositories/${name}.git/hooks/post-update": + file { [ "/var/git/repositories/${name}.git/hooks/post-update", + "${apache_sites_folder}/${name}/${instance}/ikiwiki.cgi" ]: ensure => present, owner => www-data, group => gitosis, - mode => 4550, + mode => 6550, } } } diff --git a/templates/deploy.sh.erb b/templates/deploy.sh.erb index aac3de7..751264d 100644 --- a/templates/deploy.sh.erb +++ b/templates/deploy.sh.erb @@ -7,7 +7,7 @@ SITE=$BASE/$NAME CONF="/etc/ikiwiki" WEB_OWNER="www-data" WEB_GROUP="www-data" -REPO_OWNER="www-data" +REPO_OWNER="gitosis" REPO_GROUP="gitosis" REPO="/var/git/repositories/$NAME.git" @@ -37,8 +37,6 @@ EOF ikiwiki-makerepo git $SITE/"$INSTANCE"_src/ $REPO touch $REPO/git-daemon-export-ok ( cd $REPO/$NAME.git && git --bare update-server-info ) -ikiwiki --setup /etc/ikiwiki/$NAME.setup -# Set permissions -chown -R $WEB_OWNER.$WEB_GROUP $SITE/"$INSTANCE"_src $SITE/$INSTANCE -chown -R $REPO_OWNER.$REPO_GROUP $REPO +# Refresh the instance +ikiwiki-refresh $NAME $INSTANCE diff --git a/templates/ikiwiki.setup.erb b/templates/ikiwiki.setup.erb index 359932c..a2f40d1 100644 --- a/templates/ikiwiki.setup.erb +++ b/templates/ikiwiki.setup.erb @@ -64,7 +64,8 @@ use IkiWiki::Setup::Standard { # The cgi wrapper. cgi => 1, wrapper => "<%= apache_sites_folder %>/<%= name %>/ikiwiki/ikiwiki.cgi", - wrappermode => "06755", + wrappermode => "06750", + wrappergroup => "gitosis", }, #{ # # The svn post-commit wrapper. @@ -84,6 +85,7 @@ use IkiWiki::Setup::Standard { # what you want. wrapper => "/var/git/repositories/<%= name %>.git/hooks/post-update", wrappermode => "04550", + wrappergroup => "gitosis", }, #{ # # The monotone netsync hook. diff --git a/templates/update.sh.erb b/templates/update.sh.erb new file mode 100644 index 0000000..e158f58 --- /dev/null +++ b/templates/update.sh.erb @@ -0,0 +1,29 @@ +#!/bin/bash + +NAME="$1" +INSTANCE="$2" +BASE="<%= apache_sites_folder %>" +SITE=$BASE/$NAME +CONF="/etc/ikiwiki" +WEB_OWNER="www-data" +WEB_GROUP="www-data" +REPO_OWNER="gitosis" +REPO_GROUP="gitosis" +REPO="/var/git/repositories/$NAME.git" + +if [ -z "$INSTANCE" ]; then + echo "Usage:`basename $0` <site> <instance>" +fi + +if [ ! -e "$CONF/$NAME" ]; then + echo "No config file for $NAME" +fi + +# Setup +ikiwiki --setup /etc/ikiwiki/$NAME.setup + +# Fix permissions +chown -R $WEB_OWNER.$WEB_GROUP $SITE/"$INSTANCE"_src $SITE/$INSTANCE +chown -R $REPO_OWNER.$REPO_GROUP $REPO +chown $WEB_OWNER.$REPO_GROUP $REPO/hooks/post-update +chown $WEB_OWNER.$REPO_GROUP $SITE/$INSTANCE/ikiwiki.cgi |