opnxng-deploy-playbook/config-tasks/gitea-netrc.yml

# ----------------------------------------------------------------------------------------------------
# Store git credentials with GPG and .netrc because SSH is too complicated for Gitea on Docker

    - name: Remove existing .netrc
      file:
        path: "/home/{{ control_user }}/.netrc"
        state: absent
      delegate_to: "{{ control_host }}"

    - name: Remove existing .netrc.gpg
      file:
        path: "/home/{{ control_user }}/.netrc.gpg"
        state: absent
      delegate_to: "{{ control_host }}"

# ----------------------------------------------------------------------------------------------------

    - name: Reminder to generate GPG key by hand
      pause:
        prompt: "Generate GPG key using gpg --gen-key"
      delegate_to: "{{ control_host }}"

    - name: Set up .netrc
      template:
        src: "conf/.netrc.j2"
        dest: "/home/{{ control_user }}/.netrc"
        owner: 1000
        group: 1000
        mode: 0755
      delegate_to: "{{ control_host }}"

    - name: Encrypt .netrc
      command: gpg -e -r opnxng@tuta.io /home/{{ control_user }}/.netrc
      delegate_to: "{{ control_host }}"

    - name: Clear .netrc
      copy: 
        content: '# Clear' 
        dest: "/home/{{ control_user }}/.netrc"
      delegate_to: "{{ control_host }}"

    - name: Remove .netrc
      file:
        path: "/home/{{ control_user }}/.netrc"
        state: absent
      delegate_to: "{{ control_host }}"

    - name: Curl git-credential-netrc
      shell: curl -s 'https://raw.githubusercontent.com/git/git/master/contrib/credential/netrc/git-credential-netrc.perl' > /usr/bin/git-credential-netrc
      ignore_errors: true
      delegate_to: "{{ control_host }}"
      become: true

    - name: Set git-credential-netrc permissions
      command: chmod 755 /usr/bin/git-credential-netrc
      become: true
      delegate_to: "{{ control_host }}"

    - name: Use git-credential-netrc
      command: git config --global credential.helper "/usr/bin/git-credential-netrc -f ~/.netrc.gpg -v"
      delegate_to: "{{ control_host }}"
Fixed config-tasks 2023-11-11 21:29:49 +08:00			`# ----------------------------------------------------------------------------------------------------`
			`# Store git credentials with GPG and .netrc because SSH is too complicated for Gitea on Docker`

Gitea: theming and added .netrc 2023-11-10 01:58:47 +08:00			`- name: Remove existing .netrc`
Gitea: fixed runner 2023-11-10 03:38:57 +08:00			`file:`
Gitea: theming and added .netrc 2023-11-10 01:58:47 +08:00			`path: "/home/{{ control_user }}/.netrc"`
			`state: absent`
			`delegate_to: "{{ control_host }}"`

			`- name: Remove existing .netrc.gpg`
Gitea: fixed runner 2023-11-10 03:38:57 +08:00			`file:`
Gitea: theming and added .netrc 2023-11-10 01:58:47 +08:00			`path: "/home/{{ control_user }}/.netrc.gpg"`
			`state: absent`
			`delegate_to: "{{ control_host }}"`

			`# ----------------------------------------------------------------------------------------------------`

			`- name: Reminder to generate GPG key by hand`
			`pause:`
			`prompt: "Generate GPG key using gpg --gen-key"`
			`delegate_to: "{{ control_host }}"`

			`- name: Set up .netrc`
			`template:`
			`src: "conf/.netrc.j2"`
			`dest: "/home/{{ control_user }}/.netrc"`
			`owner: 1000`
			`group: 1000`
			`mode: 0755`
			`delegate_to: "{{ control_host }}"`

			`- name: Encrypt .netrc`
			`command: gpg -e -r opnxng@tuta.io /home/{{ control_user }}/.netrc`
			`delegate_to: "{{ control_host }}"`

			`- name: Clear .netrc`
			`copy:`
			`content: '# Clear'`
			`dest: "/home/{{ control_user }}/.netrc"`
			`delegate_to: "{{ control_host }}"`

			`- name: Remove .netrc`
Gitea: fixed runner 2023-11-10 03:38:57 +08:00			`file:`
Gitea: theming and added .netrc 2023-11-10 01:58:47 +08:00			`path: "/home/{{ control_user }}/.netrc"`
			`state: absent`
			`delegate_to: "{{ control_host }}"`

			`- name: Curl git-credential-netrc`
			`shell: curl -s 'https://raw.githubusercontent.com/git/git/master/contrib/credential/netrc/git-credential-netrc.perl' > /usr/bin/git-credential-netrc`
			`ignore_errors: true`
			`delegate_to: "{{ control_host }}"`
			`become: true`

			`- name: Set git-credential-netrc permissions`
			`command: chmod 755 /usr/bin/git-credential-netrc`
			`become: true`
			`delegate_to: "{{ control_host }}"`

			`- name: Use git-credential-netrc`
			`command: git config --global credential.helper "/usr/bin/git-credential-netrc -f ~/.netrc.gpg -v"`
			`delegate_to: "{{ control_host }}"`