Skip to content
Snippets Groups Projects
Commit c32fd29a authored by Jan Philipp Timme's avatar Jan Philipp Timme
Browse files

Allow way more flexibility regarding permissions before/after cloning/deploying

parent 2cfd9cfc
Branches
No related tags found
No related merge requests found
deploy:
config:
deploy_directory: /srv/repo
deploy_directory_before_clone_user: deployer
deploy_directory_before_clone_group: deployer
deploy_directory_before_clone_mode: 770
deploy_directory_after_clone_user: deployer
deploy_directory_after_clone_group: deployer
deploy_directory_after_clone_mode: 770
venv_directory: /srv/venv
cert_directory: /etc/hsh-certs
static_directory: /srv/static
......
......@@ -8,16 +8,18 @@ deploy_packages:
- order: 0
- pkgs: [git]
deploy_target_directory:
{# Ensure deploy_directory exists with proper permissions to deploy before actually deploying into it. #}
deploy_target_directory_before_clone_permissions:
file.directory:
- name: {{ deploy.config.deploy_directory }}
- user: deployer
- group: deployer
- mode: 770
- user: {{ deploy.config.deploy_directory_before_clone_user }}
- group: {{ deploy.config.deploy_directory_before_clone_group }}
- mode: {{ deploy.config.deploy_directory_before_clone_mode }}
- require:
- user: deployer
- group: deployer
{% for project_name, project_config in deploy.projects.items() if project_config.get('gitlab', False) %}
{% set repo_config = project_config.gitlab %}
......@@ -29,6 +31,8 @@ deploy_{{ project_name }}_clone_git:
- force_fetch: true
- force_reset: true # ignore local repos changed!
- target: {{ project_config.path }}
- require:
- file: deploy_target_directory_before_clone_permissions
deploy_{{ project_name }}_clone_directory_permissions:
file.directory:
......@@ -59,3 +63,17 @@ deploy_{{ project_name }}_run_after_clone_command:
{% endif %}
{% endfor%}
{# Allow fixing permissions of deploy_directory after cloning all projects in there. #}
deploy_target_directory_after_clone_permissions:
file.directory:
- name: {{ deploy.config.deploy_directory }}
- user: {{ deploy.config.deploy_directory_after_clone_user }}
- group: {{ deploy.config.deploy_directory_after_clone_group }}
- mode: {{ deploy.config.deploy_directory_after_clone_mode }}
- require:
- user: deployer
- group: deployer
{% for project_name, project_config in deploy.projects.items() if project_config.get('gitlab', False) %}
- git: deploy_{{ project_name }}_clone_git
{% endfor %}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment