From 938bf3c804ef28e3a68e8d3eddc6cb97c03ee3b2 Mon Sep 17 00:00:00 2001 From: Michael Scherer Date: Tue, 16 Dec 2014 17:11:22 +0100 Subject: Use sudo to deploy and run ansible as a regular user --- roles/local_deploy/files/ansible_run.sudoers | 1 + roles/local_deploy/files/extract_wrapper.sh | 4 ++++ roles/local_deploy/files/post-receive.private.sh | 2 +- roles/local_deploy/files/post-receive.public.sh | 5 +++-- 4 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 roles/local_deploy/files/ansible_run.sudoers create mode 100644 roles/local_deploy/files/extract_wrapper.sh (limited to 'roles/local_deploy/files') diff --git a/roles/local_deploy/files/ansible_run.sudoers b/roles/local_deploy/files/ansible_run.sudoers new file mode 100644 index 0000000..ea995ab --- /dev/null +++ b/roles/local_deploy/files/ansible_run.sudoers @@ -0,0 +1 @@ +%admins ALL=(ALL) NOPASSWD: /usr/local/bin/ansible_run.sh diff --git a/roles/local_deploy/files/extract_wrapper.sh b/roles/local_deploy/files/extract_wrapper.sh new file mode 100644 index 0000000..240fb71 --- /dev/null +++ b/roles/local_deploy/files/extract_wrapper.sh @@ -0,0 +1,4 @@ +#!/bin/bash +export GIT_DIR=$1 +GIT_WORK_TREE=/etc/ansible/ git checkout -q -f + diff --git a/roles/local_deploy/files/post-receive.private.sh b/roles/local_deploy/files/post-receive.private.sh index e6d6abb..527c520 100644 --- a/roles/local_deploy/files/post-receive.private.sh +++ b/roles/local_deploy/files/post-receive.private.sh @@ -1,2 +1,2 @@ #!/bin/sh -GIT_WORK_TREE=/etc/ansible/ git checkout -q -f +sudo /usr/local/bin/extract_wrapper.sh diff --git a/roles/local_deploy/files/post-receive.public.sh b/roles/local_deploy/files/post-receive.public.sh index ce4da28..adcfa80 100644 --- a/roles/local_deploy/files/post-receive.public.sh +++ b/roles/local_deploy/files/post-receive.public.sh @@ -1,4 +1,5 @@ #!/bin/sh -GIT_WORK_TREE=/etc/ansible/ git checkout -q -f +sudo /usr/local/bin/extract_wrapper.sh $GIT_DIR +#GIT_WORK_TREE=/etc/ansible/ git checkout -q -f # run ansible -/usr/local/bin/ansible_run.sh +sudo /usr/local/bin/ansible_run.sh -- cgit