Does anyone have any experience with integrating propellor and gitolite? I'd be happy with just ssh pubkey management. There seem to be two main options. The typical way of managing a gitolite site is by pushing a special git repository "gitolite-admin". There are also a script called ukm. I'm not sure what will be the least hassle. Currently I have to manually commit and push various keys (including the keys needed for access to the propellor repos). Part of the problem could be solved by making the propellor repos available anonymously, but I still have my own ssh key(s) to manage.
Here's my first attempt, so you can snicker at my clumsy Haskell.
gitoliteKeys :: User -> Property UnixLike gitoliteKeys user@(User username) = property' ("set up gitolite keys for " ++ username) $ \w -> do home <- liftIO (User.homedir user) ensureProperty w $ go home where go :: FilePath -> Property UnixLike go home = File.hasContent (home ".gitolite/keydir/zzz/propellor" "bremner@propellor.pub") [ Tethera.Keys.bremner_ssh ] `before` (Cmd.userScriptProperty user [ "gitolite compile", "gitolite trigger POST_COMPILE" ] `changesFile` (home "gitolite/.ssh/authorized_keys"))I think the next step is something like
I didn't see how you were handling keys, Sean. Did I miss something obvious or are you handling them outside propellor?
Anyway, here's my second version
I spent a while talking to the gitolite author, and managed to write something more optimal than "gitolite trigger POST_COMPILE", but then I realized that had my username hardcoded into it. So it takes about 1s longer to run, but is more robust this way.
It's these lines: