diff options
| author | Ray Strode <rstrode@redhat.com> | 2016-12-06 02:43:42 +0000 |
|---|---|---|
| committer | Ray Strode <rstrode@redhat.com> | 2016-12-06 02:57:36 +0000 |
| commit | ba5b6717156e000c5fad6353ea83823380e7c797 (patch) | |
| tree | 413cc4315a5ce0c19d1194c5cb8b490870313c2b | |
| parent | b0f97fdd289794cd188556c713a551bc740ac2e7 (diff) | |
do github mirroring from dedicated user
It's too iffy and fragile to have a private key shared between multiple
users. This commit cobbles together a systemd service to farm off the
syncing to a dedicated github user.
| -rwxr-xr-x | github-mirror | 13 | ||||
| -rw-r--r-- | github-mirror.service | 9 | ||||
| -rw-r--r-- | github-mirror.socket | 8 | ||||
| -rwxr-xr-x | set-up-post-receive-hooks.sh | 2 | ||||
| -rwxr-xr-x | signal-github-mirror | 1 |
5 files changed, 32 insertions, 1 deletions
diff --git a/github-mirror b/github-mirror new file mode 100755 index 0000000..aa33cd5 --- /dev/null +++ b/github-mirror @@ -0,0 +1,13 @@ +#!/bin/sh + +[ -z $LISTEN_FDS -o $LISTEN_FDS -ne 1 ] && exit 1 + +mkdir -p /run/github-mirror + +( + while read -u 3 repository; do + (cd "$repository"; /git/bin/post-receive-mirror-github) & + done +) & + +echo $! > /run/github-mirror/pid diff --git a/github-mirror.service b/github-mirror.service new file mode 100644 index 0000000..581a877 --- /dev/null +++ b/github-mirror.service @@ -0,0 +1,9 @@ +[Unit] +Description=mirror /git to github + +[Service] +User=github-mirror +Sockets=github-mirror.socket +ExecStart=/git/bin/github-mirror +PIDFile=/run/github-mirror/pid +Type=forking diff --git a/github-mirror.socket b/github-mirror.socket new file mode 100644 index 0000000..52e6ba6 --- /dev/null +++ b/github-mirror.socket @@ -0,0 +1,8 @@ +[Unit] +Description=mirror /git to github +After=systemd-user-sessions.service plymouth-quit-wait.service +After=rc-local.service + +[Socket] +ListenFIFO=/run/github-mirror/named-pipe +Service=github-mirror.service diff --git a/set-up-post-receive-hooks.sh b/set-up-post-receive-hooks.sh index 936df41..032e0ce 100755 --- a/set-up-post-receive-hooks.sh +++ b/set-up-post-receive-hooks.sh @@ -20,7 +20,7 @@ done EOF [ -e hooks/post-receive ] && mv hooks/post-receive hooks/post-receive.d/00-post-receive -ln -s /git/bin/post-receive-mirror-github hooks/post-receive.d/01-github +ln -sf /git/bin/signal-github-mirror hooks/post-receive.d/01-github mv hooks/post-receive-new-$$ hooks/post-receive chmod +x hooks/post-receive diff --git a/signal-github-mirror b/signal-github-mirror new file mode 100755 index 0000000..3f259bb --- /dev/null +++ b/signal-github-mirror @@ -0,0 +1 @@ +echo "$PWD" > /run/github-mirror/named-pipe |