[purchases] Configure automatic deployment, describe the repository and make it public.

diff --git a/payments.git/deploy.yaml b/payments.git/deploy.yaml
new file mode 100644 (file)
index 0000000..9280484
--- /dev/null
+++ b/payments.git/deploy.yaml
@@ -0,0 +1,59 @@
+# Copyright (c) 2023 Jakub Czajka <jakub@ekhem.eu.org>
+# License: GPL-3.0 or later.
+
+- hosts: servers
+  vars:
+    dest: "{{ ansible_local.env.vars.prod_dir }}/payments"
+    repo: "{{ ansible_local.env.vars.git_home_dir }}/payments.git"
+    site: payments.conf
+  tasks:
+    - name: Create destination directory
+      file:
+        path: "{{ dest }}"
+        state: directory
+        mode: 0775
+        owner: git
+        group: www-data
+      become: true
+    - name: Checkout scripts to the destination directory
+      command: git --work-tree={{ dest }} --git-dir={{ repo }} checkout main \
+        --force *.sh
+      become: true
+    - find:
+        paths: "{{ dest }}"
+        file_type: file
+        patterns: "*.sh"
+      register: scripts
+    - name: Make payments scripts executable
+      file:
+        path: "{{ item.path }}"
+        mode: 0744
+        owner: www-data
+        group: www-data
+      become: true
+      with_items: "{{ scripts.files }}"
+
+    - name: Install fcgiwrap and nginx
+      package:
+        name:
+          - fcgiwrap
+          - nginx
+        state: latest
+      become: true
+    - name: Checkout site to /etc/nginx/sites-available
+      command: git --work-tree=/etc/nginx/sites-available --git-dir={{ repo }} \
+        checkout main --force {{ site }}
+      become: true
+    - name: Enable site in nginx
+      shell: envsubst < /etc/nginx/sites-available/{{ site }} \
+        > /etc/nginx/sites-enabled/{{ site }}
+      environment: "{{ ansible_local.env.vars }}"
+      become: true
+    - name: Restart fcgiwrap and nginx
+      service:
+        name: "{{ item }}"
+        state: restarted
+      become: true
+      with_items:
+        - fcgiwrap
+        - nginx

diff --git a/payments.git/description b/payments.git/description
new file mode 100644 (file)
index 0000000..76aa9f6
--- /dev/null
+++ b/payments.git/description
@@ -0,0 +1 @@
+HTTP interface for a database tracking purchases.

diff --git a/payments.git/git-daemon-export-ok b/payments.git/git-daemon-export-ok
new file mode 100644 (file)
index 0000000..e69de29

diff --git a/payments.git/hooks/post-receive b/payments.git/hooks/post-receive
new file mode 100755 (executable)
index 0000000..8226a87
--- /dev/null
+++ b/payments.git/hooks/post-receive
@@ -0,0 +1,13 @@
+#!/bin/sh
+# Copyright (c) 2023 Jakub Czajka <jakub@ekhem.eu.org>
+# License: GPL-3.0 or later.
+
+while read old_revision new_revision branch
+do
+    if [ "${branch}" != "refs/heads/main" ]
+    then
+        echo "${branch} is not the main branch so not deploying."
+        exit 0
+    fi
+    sudo ansible-playbook --connection=local deploy.yaml
+done