diff options
author | Alec Warner <antarus@gentoo.org> | 2020-06-02 00:30:01 -0700 |
---|---|---|
committer | Alec Warner <antarus@gentoo.org> | 2020-06-02 00:30:01 -0700 |
commit | aef3bb04284074945ffc900d9461e0b8d251d9ab (patch) | |
tree | 3c2b0cc7994513a867ee9ffacd8661666b94d3e4 | |
parent | local/require-signed-push: fix typo (diff) | |
download | githooks-aef3bb04284074945ffc900d9461e0b8d251d9ab.tar.gz githooks-aef3bb04284074945ffc900d9461e0b8d251d9ab.tar.bz2 githooks-aef3bb04284074945ffc900d9461e0b8d251d9ab.zip |
Add github mirror hooks to githooks.
Signed-off-by: Alec Warner <antarus@gentoo.org>
-rwxr-xr-x | github-mirror/github-mirror | 25 | ||||
-rwxr-xr-x | github-mirror/github-ssh-wrapper | 9 |
2 files changed, 34 insertions, 0 deletions
diff --git a/github-mirror/github-mirror b/github-mirror/github-mirror new file mode 100755 index 0000000..9b048e1 --- /dev/null +++ b/github-mirror/github-mirror @@ -0,0 +1,25 @@ +#!/bin/sh +# based on https://github.com/miracle2k/gitolite-simple-mirror/blob/master/post-receive + +# simple gitolite mirroring + +# flush STDIN coming from git, because gitolite's own post-receive.mirrorpush +# script does the same thing +[ -t 0 ] || cat >/dev/null + +if [ -z "${GL_REPO}" ]; then + echo "GL_REPO not set" >&2 + exit 1 +fi + +targets=$(git config --get gentoo.mirror.url) +[ -z "${targets}" ] && exit 0 + +export GIT_SSH_KEY=$(git config --get gentoo.mirror.pubkey) +: ${GIT_SSH_KEY:=/home/mgorny/github-mirror/gentoo_github_id_rsa} +export GIT_SSH=/home/mgorny/github-mirror/github-ssh-wrapper + +for target in ${targets}; do + # --force because someone may accidentally push into the mirror + git push --mirror --force ${target} +done diff --git a/github-mirror/github-ssh-wrapper b/github-mirror/github-ssh-wrapper new file mode 100755 index 0000000..cb4f432 --- /dev/null +++ b/github-mirror/github-ssh-wrapper @@ -0,0 +1,9 @@ +#!/bin/sh +# Use via GIT_SSH +# Github is terrible and requires old ciphers/kex/macs +CIPHERS='-o Ciphers=chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc' +KEX='-o KexAlgorithms=curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1' +MACS='-o MACs=hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-sha1' + +# Now run it +exec ssh ${GIT_SSH_KEY:+-i} ${GIT_SSH_KEY} $CIPHERS $KEX $MACS "$@" |