From 68ec78715c683fac725427aa2b9af060e03c40ac Mon Sep 17 00:00:00 2001
From: Kristian Klausen <kristian@klausen.dk>
Date: Wed, 27 Jul 2022 23:32:32 +0200
Subject: [PATCH] aurweb: Mirror aur.git to GitHub[1]

This is meant as a extra "backup" and as another way for our users to
fetch PKGBUILDs from the AUR. It also allows the community to create
their own (perhaps better) "AUR" API/database as all essential data is
now available (this + [2]).

At the monent this is experimental and we aren't committing to keeping
it around.

[1] https://github.com/archlinux/aur
[2] http://aur.archlinux.org/packages-meta-ext-v1.json.gz
---
 roles/aurweb/files/id_ed25519                 | 26 +++++++++++++++++++
 roles/aurweb/tasks/main.yml                   | 22 ++++++++++++++++
 .../templates/aurweb-github-mirror.service.j2 |  5 ++++
 .../templates/aurweb-github-mirror.timer.j2   |  6 +++++
 4 files changed, 59 insertions(+)
 create mode 100644 roles/aurweb/files/id_ed25519
 create mode 100644 roles/aurweb/templates/aurweb-github-mirror.service.j2
 create mode 100644 roles/aurweb/templates/aurweb-github-mirror.timer.j2

diff --git a/roles/aurweb/files/id_ed25519 b/roles/aurweb/files/id_ed25519
new file mode 100644
index 000000000..f1437673c
--- /dev/null
+++ b/roles/aurweb/files/id_ed25519
@@ -0,0 +1,26 @@
+$ANSIBLE_VAULT;1.1;AES256
+65643765636633396230333637306331636165366332306665663533623333313332313066633563
+6439383933626130376161336231653730316161326533360a666466643161653134663238356466
+35653438646664313562303035303635323135613431323861356533656332616531353536656132
+6536333163333764310a373536313064616432303238373231306464386430333839363631363032
+39323263633839653731643031616236643964326364303261333762663731356234653664373836
+30353439303961663564376231663763616634343130343037613336656237623431646631376530
+64346633383461353662643463633437656133636464323534643562303230636532313334336232
+63323564306334383037323930343265383531333439343864303634303036643165623061633537
+32343662613731653533366639636561363736343934346164663265633939623931383331383135
+30653238663337343733643264333535656166386334663138613933643534633638623161373734
+63643336393862656631393938393536626439306130343062643162663531623032666330366634
+63656638646132386332346337313866313431373061373166643763346363386433303832633430
+38336132326464303161633030626333376239323939333039613638376431383633653337313462
+38316362383336626430326437653663326262326334373538616434376666653635393732306135
+31336238333463643236353732356334663238633736643036613161346630613831616266343061
+33383261366135623263383834306332326334366463623132383265323032366139396364316463
+30303865306363636663363934393136306534396539333033353037336531323462393432663935
+30656432346239363065303630383235326137666635386437663835396464643039656532613835
+30313362353739323834363831326533613065393061316639323139396364346335306239663135
+32373238663732613434646634663563613865623965356432333162353466316633633731303738
+63656633636232376439666165663462333334396439303734633031646130303037343464393332
+61653237666436353931363562356434363731656138623932366334323761383166336330323637
+34383866623930653665623138623537653832333962303362663962626536636136303435303632
+34656531646233333161326535366631653537396637353733353066373737353431656363363336
+6231
diff --git a/roles/aurweb/tasks/main.yml b/roles/aurweb/tasks/main.yml
index f4bbc32a6..27cfa7785 100644
--- a/roles/aurweb/tasks/main.yml
+++ b/roles/aurweb/tasks/main.yml
@@ -27,6 +27,24 @@
 
 - name: make aur user
   user: name="{{ aurweb_user }}" shell=/bin/bash createhome=yes
+  register: aur_user
+
+- name: create .ssh for the aur user
+  file: path={{ aur_user.home }}/.ssh state=directory owner={{ aur_user.name }} group={{ aur_user.name }} mode=0700
+
+- name: install SSH key for mirroring to GitHub
+  copy: src=id_ed25519 dest={{ aur_user.home }}/.ssh/ owner={{ aur_user.name }} group={{ aur_user.name }} mode=0600
+
+- name: fetch host keys for github.com
+  command: ssh-keyscan github.com
+  args:
+    creates: "{{ aur_user.home }}/.ssh/known_hosts"
+  register: github_host_keys
+
+- name: write github.com host keys to the aur user's known_hosts
+  lineinfile: name={{ aur_user.home }}/.ssh/known_hosts create=yes line={{ item }} owner={{ aur_user.name }} group={{ aur_user.name }} mode=0644
+  loop: "{{ github_host_keys.stdout_lines }}"
+  when: github_host_keys.changed
 
 - name: Create directory
   file: path={{ aurweb_dir }} state=directory owner={{ aurweb_user }} group=http mode=0775
@@ -69,6 +87,8 @@
     - aurweb-usermaint.service
     - aurweb-usermaint.timer
     - aurweb.service
+    - aurweb-github-mirror.service
+    - aurweb-github-mirror.timer
   when: release.changed
 
 - name: stop AUR systemd services and timers
@@ -82,6 +102,7 @@
     - aurweb-tuvotereminder.timer
     - aurweb-usermaint.timer
     - aurweb.service
+    - aurweb-github-mirror.timer
   when: release.changed
 
 - name: clone aurweb repo
@@ -299,4 +320,5 @@
     - aurweb-tuvotereminder.timer
     - aurweb-usermaint.timer
     - aurweb.service
+    - aurweb-github-mirror.timer
   when: release.changed
diff --git a/roles/aurweb/templates/aurweb-github-mirror.service.j2 b/roles/aurweb/templates/aurweb-github-mirror.service.j2
new file mode 100644
index 000000000..5fcb62594
--- /dev/null
+++ b/roles/aurweb/templates/aurweb-github-mirror.service.j2
@@ -0,0 +1,5 @@
+[Service]
+Type=oneshot
+User={{ aurweb_user }}
+WorkingDirectory={{ aurweb_git_dir }}
+ExecStart=git push --all git@github.com:archlinux/aur.git
diff --git a/roles/aurweb/templates/aurweb-github-mirror.timer.j2 b/roles/aurweb/templates/aurweb-github-mirror.timer.j2
new file mode 100644
index 000000000..3fddde367
--- /dev/null
+++ b/roles/aurweb/templates/aurweb-github-mirror.timer.j2
@@ -0,0 +1,6 @@
+[Timer]
+OnCalendar=minutely
+RandomizedDelaySec=1m
+
+[Install]
+WantedBy=timers.target
-- 
GitLab