From f369998d1508dbe3c6977c89d168bb79bef1d220 Mon Sep 17 00:00:00 2001 From: Emmanuel Garette Date: Tue, 3 Jan 2023 11:36:37 +0100 Subject: [PATCH] gitea to forgejo --- seed/forgejo/DEBUG.md | 10 ++ .../{gitea => forgejo}/applicationservice.yml | 4 +- .../dictionaries/31_forgejo.xml} | 40 ++--- .../manual/image/postinstall/forgejo.sh | 26 +++ .../manual/image/preinstall/forgejo.sh} | 0 seed/{gitea => forgejo}/templates/app.ini | 35 ++-- seed/forgejo/templates/forgejo.service | 39 +++++ .../templates/forgejo.yml} | 2 +- seed/forgejo/templates/sysuser-forgejo.conf | 2 + seed/forgejo/templates/tmpfile-forgejo.conf | 4 + .../tests/test_forgejo.py} | 165 ++++++++++++------ seed/gitea/DEBUG.md | 10 -- seed/gitea/README.md | 88 ---------- seed/gitea/manual/image/postinstall/gitea.sh | 25 --- seed/gitea/templates/gitea.service | 24 --- seed/gitea/templates/sysuser-gitea.conf | 2 - seed/gitea/templates/tmpfile-gitea.conf | 4 - seed/nginx-common/templates/nginx.conf | 115 ------------ seed/nginx-https/templates/nginx.index.html | 10 -- .../templates/error.html | 0 .../templates/nginx.index.html | 10 -- .../templates/index.html} | 0 seed/openldap/templates/default.slapd | 48 ----- 23 files changed, 237 insertions(+), 426 deletions(-) create mode 100644 seed/forgejo/DEBUG.md rename seed/{gitea => forgejo}/applicationservice.yml (57%) rename seed/{gitea/dictionaries/31_gitea.xml => forgejo/dictionaries/31_forgejo.xml} (74%) create mode 100644 seed/forgejo/manual/image/postinstall/forgejo.sh rename seed/{gitea/manual/image/preinstall/gitea.sh => forgejo/manual/image/preinstall/forgejo.sh} (100%) rename seed/{gitea => forgejo}/templates/app.ini (79%) create mode 100644 seed/forgejo/templates/forgejo.service rename seed/{gitea/templates/gitea.yml => forgejo/templates/forgejo.yml} (93%) create mode 100644 seed/forgejo/templates/sysuser-forgejo.conf create mode 100644 seed/forgejo/templates/tmpfile-forgejo.conf rename seed/{gitea/tests/test_gitea.py => forgejo/tests/test_forgejo.py} (62%) delete mode 100644 seed/gitea/DEBUG.md delete mode 100644 seed/gitea/README.md delete mode 100644 seed/gitea/manual/image/postinstall/gitea.sh delete mode 100644 seed/gitea/templates/gitea.service delete mode 100644 seed/gitea/templates/sysuser-gitea.conf delete mode 100644 seed/gitea/templates/tmpfile-gitea.conf delete mode 100644 seed/nginx-common/templates/nginx.conf delete mode 100644 seed/nginx-https/templates/nginx.index.html rename seed/{nginx-common => nginx-reverse-proxy}/templates/error.html (100%) delete mode 100644 seed/nginx-reverse-proxy/templates/nginx.index.html rename seed/{nginx-common/templates/nginx.index.html => nginx-static/templates/index.html} (100%) delete mode 100644 seed/openldap/templates/default.slapd diff --git a/seed/forgejo/DEBUG.md b/seed/forgejo/DEBUG.md new file mode 100644 index 0000000..0826c49 --- /dev/null +++ b/seed/forgejo/DEBUG.md @@ -0,0 +1,10 @@ +Créer un utilisateur +===================== + +su - forgejo -s /bin/bash -c "forgejo admin user create --username gnunux --password Njw_csh7DeeZtWDxC6WVXDdB-9A --email gnunux@gnunux.info --admin -c /etc/forgejo/app.ini" + +DEBUG +===== + +sed -i 's/info/debug/g' /etc/forgejo/app.ini +systemctl restart forgejo diff --git a/seed/gitea/applicationservice.yml b/seed/forgejo/applicationservice.yml similarity index 57% rename from seed/gitea/applicationservice.yml rename to seed/forgejo/applicationservice.yml index 5948eb3..c6a2d18 100644 --- a/seed/gitea/applicationservice.yml +++ b/seed/forgejo/applicationservice.yml @@ -1,6 +1,6 @@ format: '0.1' -description: Gitea, a community managed lightweight code hosting solution -website: https://gitea.io/ +description: Forgejo, a community managed lightweight code hosting solution +website: https://forgejo.org/ depends: - base-fedora-36 - postgresql-client diff --git a/seed/gitea/dictionaries/31_gitea.xml b/seed/forgejo/dictionaries/31_forgejo.xml similarity index 74% rename from seed/gitea/dictionaries/31_gitea.xml rename to seed/forgejo/dictionaries/31_forgejo.xml index b41f158..d08ef42 100644 --- a/seed/gitea/dictionaries/31_gitea.xml +++ b/seed/forgejo/dictionaries/31_forgejo.xml @@ -1,11 +1,11 @@ - - /sysusers.d/0gitea.conf - /tmpfiles.d/0gitea.conf - /etc/gitea/app.ini - /tests/gitea.yml + + /sysusers.d/0forgejo.conf + /tmpfiles.d/0forgejo.conf + /etc/forgejo/app.ini + /tests/forgejo.yml @@ -16,17 +16,17 @@ - gitea + forgejo - - + + Gitea: Git avec une tasse de thé - - @@ -38,10 +38,10 @@ 3000 - gitea + forgejo - gitea + forgejo @@ -72,29 +72,29 @@ domain_name_eth0 secret_key - gitea + forgejo cleartext hide_secret 105 - gitea_secret_key + forgejo_secret_key domain_name_eth0 internal_token - gitea + forgejo cleartext hide_secret 105 - gitea_internal_token + forgejo_internal_token domain_name_eth0 lfs_jwt_secret - gitea + forgejo cleartext hide_secret 43 - gitea_lfs_jwt_secret + forgejo_lfs_jwt_secret revprox_client_external_domainnames diff --git a/seed/forgejo/manual/image/postinstall/forgejo.sh b/seed/forgejo/manual/image/postinstall/forgejo.sh new file mode 100644 index 0000000..a091a9a --- /dev/null +++ b/seed/forgejo/manual/image/postinstall/forgejo.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +set -ex + +gpg --keyserver keys.openpgp.org --recv EB114F5E6C0DC2BCDD183550A4B61A2DC5923710 + +JSON==$(wget -q 'https://codeberg.org/api/v1/repos/forgejo/forgejo/releases?draft=false&pre-release=false&limit=1' --header 'accept: application/json' -O -) +VERS=$(echo JSON| jq -r '.[0].name') + +mkdir -p ~/forgejo/ + +if [ ! -f ~/"forgejo/forgejo-$VERS-linux-amd64.xz" ]; then + rm -rf ~/"forgejo/forgejo-*-linux-amd64.xz" + wget $(echo $JSON | jq -r '.[0].assets | map(select(.name | endswith("linux-amd64.xz"))) | .[0].browser_download_url') -O ~/"forgejo/forgejo-$VERS-linux-amd64.xz" +fi +if [ ! -f ~/"forgejo/forgejo-$VERS-linux-amd64.xz.asc" ]; then + rm -rf ~/"forgejo/forgejo-*-linux-amd64.xz.asc" + wget $(echo $JSON | jq -r '.[0].assets | map(select(.name | endswith("linux-amd64.xz"))) | .[0].browser_download_url') -O ~/"forgejo/forgejo-$VERS-linux-amd64.xz.asc" +fi + +gpg --verify ~/"forgejo/forgejo-$VERS-linux-amd64.xz.asc" ~/"forgejo/forgejo-$VERS-linux-amd64.xz" + +cp -a ~/"forgejo/forgejo-$VERS-linux-amd64.xz" . +xz -d "forgejo-$VERS-linux-amd64.xz" +mv "forgejo-$VERS-linux-amd64" "$IMAGE_NAME_RISOTTO_IMAGE_DIR_TMP/usr/bin/forgejo" +chmod +x "$IMAGE_NAME_RISOTTO_IMAGE_DIR_TMP/usr/bin/forgejo" diff --git a/seed/gitea/manual/image/preinstall/gitea.sh b/seed/forgejo/manual/image/preinstall/forgejo.sh similarity index 100% rename from seed/gitea/manual/image/preinstall/gitea.sh rename to seed/forgejo/manual/image/preinstall/forgejo.sh diff --git a/seed/gitea/templates/app.ini b/seed/forgejo/templates/app.ini similarity index 79% rename from seed/gitea/templates/app.ini rename to seed/forgejo/templates/app.ini index dd6175c..66ea491 100644 --- a/seed/gitea/templates/app.ini +++ b/seed/forgejo/templates/app.ini @@ -1,6 +1,6 @@ -# GNUNUX https://github.com/go-gitea/gitea/blob/main/custom/conf/app.example.ini -APP_NAME = %%gitea_title -RUN_USER = gitea +# GNUNUX https://codeberg.org/forgejo/forgejo/raw/branch/forgejo/custom/conf/app.example.ini +APP_NAME = %%forgejo_title +RUN_USER = forgejo RUN_MODE = prod [database] @@ -15,34 +15,37 @@ CHARSET = utf8 LOG_SQL = false [repository] -ROOT = /srv/gitea/lib/data/gitea-repositories +ROOT = /srv/forgejo/lib/data/forgejo-repositories DEFAULT_BRANCH = main [server] SSH_DOMAIN = %%revprox_client_external_domainnames[0] DOMAIN = %%revprox_client_external_domainnames[0] HTTP_PORT = 3000 -ROOT_URL = https://%%revprox_client_external_domainnames[0]/gitea/ +ROOT_URL = https://%%revprox_client_external_domainnames[0]%%revprox_client_external_domainnames[0]revprox_client_location LOCAL_ROOT_URL = https://%%domain_name_eth0:3000/ DISABLE_SSH = false START_SSH_SERVER = true SSH_LISTEN_PORT = 2222 SSH_PORT = 2222 LFS_START_SERVER = true -LFS_CONTENT_PATH = /srv/gitea/lib/data/lfs -LFS_JWT_SECRET = %%gitea_lfs_jwt_secret +LFS_JWT_SECRET = %%forgejo_lfs_jwt_secret OFFLINE_MODE = true PROTOCOL = https CERT_FILE = %%revprox_client_cert_file KEY_FILE = %%revprox_client_key_file +[lfs] +PATH = /srv/forgejo/lib/data/lfs + [mailer] -ENABLED = true -HOST = %%smtp_relay_address -FROM = %%gitea_mail_sender -USER = %%smtp_relay_user@%%ip_eth0 -PASSWD = %%smtp_relay_password -IS_TLS_ENABLED = true +ENABLED = true +SMTP_ADDR = %%smtp_relay_address +SMTP_PORT = 25 +FROM = %%forgejo_mail_sender +USER = %%smtp_relay_user@%%ip_eth0 +PASSWD = %%smtp_relay_password +PROTOCOL = smtp+starttls ;USE_CERTIFICATE = false ;CERT_FILE = custom/mailer/cert.pem ;KEY_FILE = custom/mailer/key.pem @@ -97,11 +100,11 @@ HOST = network=tcp,addr=%%redis_client_server_domainname:6379,username=%%redis_c [log] MODE = console LEVEL = info -ROOT_PATH = /srv/gitea/lib/log +ROOT_PATH = /srv/forgejo/lib/log ROUTER = console [security] INSTALL_LOCK = true -SECRET_KEY = %%gitea_secret_key -INTERNAL_TOKEN = %%gitea_internal_token +SECRET_KEY = %%forgejo_secret_key +INTERNAL_TOKEN = %%forgejo_internal_token PASSWORD_HASH_ALGO = pbkdf2 diff --git a/seed/forgejo/templates/forgejo.service b/seed/forgejo/templates/forgejo.service new file mode 100644 index 0000000..136c221 --- /dev/null +++ b/seed/forgejo/templates/forgejo.service @@ -0,0 +1,39 @@ +#GNUNUX https://codeberg.org/forgejo/forgejo/raw/branch/forgejo/contrib/systemd/forgejo.service +[Unit] +Description=Forgejo (Beyond coding. We forge.) +After=syslog.target +After=network.target +#>GNUNUX +After=risotto.target +#{data["username"]} - Dashboard - {data["gitea_title"]}', +# f'{data["username"]} - Tableau de bord - {data["forgejo_title"]}', + f'{data["username"]} - Dashboard - {data["forgejo_title"]}', ) return AUTHENTICATION +class SSHConfig: + def __enter__(self): + self.old_file = '{CONFIG_SSH}.old' + if isfile(CONFIG_SSH) and not isfile(self.old_file): + move(CONFIG_SSH, self.old_file) + with open(CONFIG_SSH, 'w') as fh: + fh.write(f"""Host * +User forgejo +PubkeyAcceptedKeyTypes +ssh-rsa +StrictHostKeyChecking no +IdentityFile {KEY_FILE} +""") + + def __exit__(self, *args): + if isfile(self.old_file): + move(self.old_file, CONFIG_SSH) + else: + unlink(CONFIG_SSH) + + +class GITConfig: + def __enter__(self): + self.old_file = '{CONFIG_GIT}.old' + if isfile(CONFIG_GIT) and not isfile(self.old_file): + move(CONFIG_GIT, self.old_file) + with open(CONFIG_GIT, 'w') as fh: + conf_file = f'{environ["MACHINE_TEST_DIR"]}/reverse-proxy.yml' + with open(conf_file) as yaml: + data = load(yaml, Loader=SafeLoader) + path = join(environ["MACHINE_TEST_DIR"], data["ca_certificate"]) + cert = glob(path) + fh.write(f"""[http] + sslCAInfo = {cert[0]} +""") + + def __exit__(self, *args): + if isfile(self.old_file): + move(self.old_file, CONFIG_GIT) + else: + unlink(CONFIG_GIT) + + def get_info(authentication, url, with_uid=False, @@ -77,7 +127,7 @@ def get_info(authentication, def add_ssh_key(authentication, data): - # Send key to gitea + # Send key to forgejo url = f'{data["base_url"]}user/settings/keys' is_already_key, csrf = get_info(authentication, url, found_string='test_key_risotto') if is_already_key: @@ -87,7 +137,7 @@ def add_ssh_key(authentication, data): key_dir = dirname(KEY_FILE) if not isdir(key_dir): makedirs(key_dir) - cmd = ['/usr/bin/ssh-keygen', '-N', '', '-f', KEY_FILE] + cmd = ['/usr/bin/ssh-keygen', '-t', 'rsa', '-N', '', '-f', KEY_FILE] run(cmd) with open(f'{KEY_FILE}.pub') as fh: key = fh.read() @@ -104,12 +154,12 @@ def delete_ssh_key(authentication, data): is_already_key, csrf = get_info(authentication, url, found_string='test_key_risotto') -def test_gitea(): +def test_forgejo(): data = get_data() get_authentication(data) -def test_gitea_repos(): +def test_forgejo_repos(): data = get_data() authentication = get_authentication(data) if 'FIRST_RUN' in environ: @@ -124,7 +174,7 @@ def test_gitea_repos(): assert json['data'][0]['full_name'] == f'{username}/test_persistent' -def test_gitea_create_repo(): +def test_forgejo_create_repo(): data = get_data() authentication = get_authentication(data) url = f'{data["base_url"]}repo/create' @@ -144,24 +194,31 @@ def test_repo(): if 'FIRST_RUN' in environ: # delete_ssh_key(authentication, data) add_ssh_key(authentication, data) + if not isfile(KEY_FILE): + if isfile(GITEA_KEY_FILE): + move(GITEA_KEY_FILE, KEY_FILE) + move(GITEA_KEY_FILE + '.pub', KEY_FILE + '.pub') + else: + raise Exception(f'cannot find ssh key "{KEY_FILE}", do you run with FIRST_RUN?') with TemporaryDirectory() as tmpdirname: username = data['username'].split('@', 1)[0] dns = data['base_url'].split('/', 3)[2] - ssh_url = f'ssh://{GITEA_USERNAME}@{dns}:2222/{username}/test.git' - with MookDnsSystem(dns, data['ip']): - filename = join(tmpdirname, 'test.txt') - with open(filename, 'w') as fh: - fh.write('test') - repo = init(tmpdirname) - add(repo, filename) - commit(repo, message=b'test commit') - push(repo=repo, - remote_location=ssh_url, - refspecs='master', - ) - lst = list(repo.get_walker()) - assert len(lst) == 1 - assert lst[0].commit.message == b'test commit' + ssh_url = f'ssh://{GITEA_USERNAME}@{dns}:{GITEA_PORT}/{username}/test.git' + with SSHConfig(): + with MookDnsSystem(dns, data['ip']): + filename = join(tmpdirname, 'test.txt') + with open(filename, 'w') as fh: + fh.write('test') + repo = init(tmpdirname) + add(repo, filename) + commit(repo, message=b'test commit') + push(repo=repo, + remote_location=ssh_url, + refspecs='master', + ) + lst = list(repo.get_walker()) + assert len(lst) == 1 + assert lst[0].commit.message == b'test commit' def test_clone_http(): @@ -174,14 +231,19 @@ def test_clone_http(): username = data['username'].split('@', 1)[0] dns = data['base_url'].split('/', 3)[2] http_url = f'{data["base_url"]}{username}/test.git' - with MookDnsSystem(dns, data['revprox_ip']): - repo = clone(http_url, tmpdirname) - lst = list(repo.get_walker()) - assert len(lst) == 1 - assert lst[0].commit.message == b'test commit' + with SSHConfig(): + with MookDnsSystem(dns, data['revprox_ip']): + try: + repo = clone(http_url, tmpdirname) + except: + with GITConfig(): + repo = clone(http_url, tmpdirname) + lst = list(repo.get_walker()) + assert len(lst) == 1 + assert lst[0].commit.message == b'test commit' -def test_gitea_delete_repo(): +def test_forgejo_delete_repo(): repo_name = 'test' data = get_data() authentication = get_authentication(data) @@ -206,21 +268,22 @@ def test_repo_persistent(): with TemporaryDirectory() as tmpdirname: username = data['username'].split('@', 1)[0] dns = data['base_url'].split('/', 3)[2] - ssh_url = f'ssh://{GITEA_USERNAME}@{dns}:2222/{username}/test_persistent.git' - with MookDnsSystem(dns, data['ip']): - if 'FIRST_RUN' in environ: - filename = join(tmpdirname, 'test.txt') - with open(filename, 'w') as fh: - fh.write('test') - repo = init(tmpdirname) - add(repo, filename) - commit(repo, message=b'test commit') - push(repo=repo, - remote_location=ssh_url, - refspecs='master', - ) - else: - repo = clone(ssh_url, tmpdirname) - lst = list(repo.get_walker()) - assert len(lst) == 1 - assert lst[0].commit.message == b'test commit' + ssh_url = f'ssh://{GITEA_USERNAME}@{dns}:{GITEA_PORT}/{username}/test_persistent.git' + with SSHConfig(): + with MookDnsSystem(dns, data['ip']): + if 'FIRST_RUN' in environ: + filename = join(tmpdirname, 'test.txt') + with open(filename, 'w') as fh: + fh.write('test') + repo = init(tmpdirname) + add(repo, filename) + commit(repo, message=b'test commit') + push(repo=repo, + remote_location=ssh_url, + refspecs='master', + ) + else: + repo = clone(ssh_url, tmpdirname) + lst = list(repo.get_walker()) + assert len(lst) == 1 + assert lst[0].commit.message == b'test commit' diff --git a/seed/gitea/DEBUG.md b/seed/gitea/DEBUG.md deleted file mode 100644 index 26232ba..0000000 --- a/seed/gitea/DEBUG.md +++ /dev/null @@ -1,10 +0,0 @@ -Créer un utilisateur -===================== - -su - gitea -s /bin/bash -c "gitea admin user create --username gnunux --password Njw_csh7DeeZtWDxC6WVXDdB-9A --email gnunux@gnunux.info --admin -c /etc/gitea/app.ini" - -DEBUG -===== - -sed -i 's/info/debug/g' /etc/gitea/app.ini -systemctl restart gitea diff --git a/seed/gitea/README.md b/seed/gitea/README.md deleted file mode 100644 index 5a58c72..0000000 --- a/seed/gitea/README.md +++ /dev/null @@ -1,88 +0,0 @@ ---- -gitea: none -include_toc: true ---- - -# gitea - -[All applications services for this dataset.](../README.md) - -## Description - -Gitea, a community managed lightweight code hosting solution. - -[For more informations](https://gitea.io/) - -## Dependances - -- [base-fedora-36](../base-fedora-36/README.md) - - [base-fedora](../base-fedora/README.md) - - [systemd](../systemd/README.md) - - [base-machine](../base-machine/README.md) - - [base](../base/README.md) - - [dns-local](../dns-local/README.md) -- [postgresql-client](../postgresql-client/README.md) -- [reverse-proxy-client](../reverse-proxy-client/README.md) -- [relay-mail-client](../relay-mail-client/README.md) -- [redis-client](../redis-client/README.md) -- [oauth2-client](../oauth2-client/README.md) - -## Variables - -### Général (*general*) - -#### network (*general.network*) - -| Description | Values | -|---------------------------------------------------|----------| -| *[**incoming_ports**](dictionaries/31_gitea.xml)* | 2222 | - -#### Redis (*general.redis*) - -| Description | Values | -|-----------------------------------------------------------|----------| -| *[**redis_client_key_owner**](dictionaries/31_gitea.xml)* | gitea | - -#### Gitea (*general.gitea*) - -Git forge Gitea - -| Description | Values | Type | -|-----------------------------------------------------------------------------------------------------------|----------------------------------|------------------------------------------------------------------------------------------------------------------------| -| **Titre de la forge** (*[gitea_title](dictionaries/31_gitea.xml)*) | Gitea: Git avec une tasse de thé | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | -| **Les courriels sont envoyés à partir de cet adresse** (*[gitea_mail_sender](dictionaries/31_gitea.xml)*) | | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | - -#### revprox (*general.revprox*) - -| Description | Values | -|--------------------------------------------------------------|----------| -| *[**revprox_client_port**](dictionaries/31_gitea.xml)* | 3000 | -| *[**revprox_client_cert_owner**](dictionaries/31_gitea.xml)* | gitea | -| *[**revprox_client_cert_group**](dictionaries/31_gitea.xml)* | gitea | - -##### revprox_client (*general.revprox.revprox_client*) - -| Description | Values | -|------------------------------------------------------------------|----------| -| *[**revprox_client_local_location**](dictionaries/31_gitea.xml)* | / | - -#### oauth2_client (*general.oauth2_client*) - -| Description | Values | -|-----------------------------------------------------------------------|----------------------| -| *[**oauth2_is_client_application**](dictionaries/31_gitea.xml)* | True | -| *[**oauth2_client_name**](dictionaries/31_gitea.xml)* | Forge | -| *[**oauth2_client_description**](dictionaries/31_gitea.xml)* | Forge logiciel Gitea | -| *[**oauth2_client_category**](dictionaries/31_gitea.xml)* | Développement | -| *[**oauth2_client_logo**](dictionaries/31_gitea.xml)* | silique_note.png | -| *[**oauth2_client_token_signature_algo**](dictionaries/31_gitea.xml)* | RS256 | - -##### external (*general.oauth2_client.external*) - -| Description | -|-------------------------------------------------------| -| *[oauth2_client_external](dictionaries/31_gitea.xml)* | - - -- [+]: variable is multiple -- **bold**: variable is mandatory diff --git a/seed/gitea/manual/image/postinstall/gitea.sh b/seed/gitea/manual/image/postinstall/gitea.sh deleted file mode 100644 index 534a58e..0000000 --- a/seed/gitea/manual/image/postinstall/gitea.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -set -ex - -gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 - -VERS=$(wget https://dl.gitea.io/gitea/version.json -q -O - | jq -r '.latest.version') - -mkdir -p ~/gitea/ - -if [ ! -f ~/"gitea/gitea-$VERS-linux-amd64.xz" ]; then - rm -rf ~/"gitea/gitea-*-linux-amd64.xz" - wget "https://dl.gitea.io/gitea/$VERS/gitea-$VERS-linux-amd64.xz" -O ~/"gitea/gitea-$VERS-linux-amd64.xz" -fi -if [ ! -f ~/"gitea/gitea-$VERS-linux-amd64.xz.asc" ]; then - rm -rf ~/"gitea/gitea-*-linux-amd64.xz.asc" - wget "https://dl.gitea.io/gitea/$VERS/gitea-$VERS-linux-amd64.xz.asc" -O ~/"gitea/gitea-$VERS-linux-amd64.xz.asc" -fi - -gpg --verify ~/"gitea/gitea-$VERS-linux-amd64.xz.asc" ~/"gitea/gitea-$VERS-linux-amd64.xz" - -cp -a ~/"gitea/gitea-$VERS-linux-amd64.xz" . -xz -d "gitea-$VERS-linux-amd64.xz" -mv "gitea-$VERS-linux-amd64" "$IMAGE_NAME_RISOTTO_IMAGE_DIR_TMP/usr/bin/gitea" -chmod +x "$IMAGE_NAME_RISOTTO_IMAGE_DIR_TMP/usr/bin/gitea" diff --git a/seed/gitea/templates/gitea.service b/seed/gitea/templates/gitea.service deleted file mode 100644 index abb4929..0000000 --- a/seed/gitea/templates/gitea.service +++ /dev/null @@ -1,24 +0,0 @@ -#ORIGIN https://raw.githubusercontent.com/go-gitea/gitea/main/contrib/systemd/gitea.service -[Unit] -Description=Gitea (Git with a cup of tea) -After=risotto.target - -[Service] -# Modify these two values and uncomment them if you have -# repos with lots of files and get an HTTP error 500 because -# of that -### -#LimitMEMLOCK=infinity -#LimitNOFILE=65535 -RestartSec=2s -Type=simple -User=gitea -Group=gitea -WorkingDirectory=/srv/gitea/lib/ -ExecStart=/usr/bin/gitea web --config /etc/gitea/app.ini -ExecStartPre=-/bin/bash -c 'if /usr/bin/gitea admin auth list --config /etc/gitea/app.ini | grep "OAuth2"; then echo "UPDATE";id=$(/usr/bin/gitea --config /etc/gitea/app.ini admin auth list |tail -n 1|awk "{ print \$1}");/usr/bin/gitea admin auth update-oauth --id $id --name "%%domain_name_eth0" --provider "openidConnect" --key "%%oauth2_client_id" --secret "%%oauth2_client_secret" --scopes "profile email" --auto-discover-url "https://%%oauth2_client_server_domainname/.well-known/openid-configuration" --config /etc/gitea/app.ini;else echo "CONFIGURE"; /usr/bin/gitea admin auth add-oauth --name "%%domain_name_eth0" --provider "openidConnect" --key "%%oauth2_client_id" --secret "%%oauth2_client_secret" --scopes "profile email" --auto-discover-url "https://%%oauth2_client_server_domainname/.well-known/openid-configuration" --config /etc/gitea/app.ini;fi;sleep 2; echo "CONFIGURATION DONE"' -Restart=always -Environment=USER=gitea HOME=/srv/gitea/home GITEA_WORK_DIR=/srv/gitea/lib - -[Install] -WantedBy=multi-user.target diff --git a/seed/gitea/templates/sysuser-gitea.conf b/seed/gitea/templates/sysuser-gitea.conf deleted file mode 100644 index 5c68947..0000000 --- a/seed/gitea/templates/sysuser-gitea.conf +++ /dev/null @@ -1,2 +0,0 @@ -g gitea 999 - -u gitea 999:999 "Git Version Control" /srv/gitea/home /bin/nologin diff --git a/seed/gitea/templates/tmpfile-gitea.conf b/seed/gitea/templates/tmpfile-gitea.conf deleted file mode 100644 index 059dc73..0000000 --- a/seed/gitea/templates/tmpfile-gitea.conf +++ /dev/null @@ -1,4 +0,0 @@ -d /srv/gitea/lib/custom 750 gitea gitea - - -d /srv/gitea/lib/data 750 gitea gitea - - -d /srv/gitea/lib/log 750 gitea gitea - - -d /srv/gitea/home 750 gitea gitea - - diff --git a/seed/nginx-common/templates/nginx.conf b/seed/nginx-common/templates/nginx.conf deleted file mode 100644 index ddb9d6e..0000000 --- a/seed/nginx-common/templates/nginx.conf +++ /dev/null @@ -1,115 +0,0 @@ -# For more information on configuration, see: -# * Official English Documentation: http://nginx.org/en/docs/ -# * Official Russian Documentation: http://nginx.org/ru/docs/ - -%if %%os_name == 'Fedora' -user nginx; -%else -user www-data; -%end if -worker_processes auto; -#GNUNUX error_log /var/log/nginx/error.log; -#>GNUNUX -error_log syslog:server=unix:/dev/log; -#GNUNUX - access_log syslog:server=unix:/dev/log combined; - error_log syslog:server=unix:/dev/log error; - # - - -Welcome - - - - - diff --git a/seed/nginx-common/templates/error.html b/seed/nginx-reverse-proxy/templates/error.html similarity index 100% rename from seed/nginx-common/templates/error.html rename to seed/nginx-reverse-proxy/templates/error.html diff --git a/seed/nginx-reverse-proxy/templates/nginx.index.html b/seed/nginx-reverse-proxy/templates/nginx.index.html deleted file mode 100644 index eeef59d..0000000 --- a/seed/nginx-reverse-proxy/templates/nginx.index.html +++ /dev/null @@ -1,10 +0,0 @@ - - - -Welcome - - - - - diff --git a/seed/nginx-common/templates/nginx.index.html b/seed/nginx-static/templates/index.html similarity index 100% rename from seed/nginx-common/templates/nginx.index.html rename to seed/nginx-static/templates/index.html diff --git a/seed/openldap/templates/default.slapd b/seed/openldap/templates/default.slapd deleted file mode 100644 index d8a0544..0000000 --- a/seed/openldap/templates/default.slapd +++ /dev/null @@ -1,48 +0,0 @@ -# Location of the slapd configuration to use. If using the cn=config -# backend to store configuration in LDIF, set this variable to the -# directory containing the cn=config data; otherwise set it to the location -# of your slapd.conf file. If empty, use the compiled-in default -# (/etc/ldap/slapd.d). -SLAPD_CONF="/etc/ldap/slapd.conf" - -# System account to run the slapd server under. If empty the server -# will run as root. -SLAPD_USER="openldap" - -# System group to run the slapd server under. If empty the server will -# run in the primary group of its user. -SLAPD_GROUP="openldap" - -# Path to the pid file of the slapd server. If not set the init.d script -# will try to figure it out from $SLAPD_CONF (/etc/ldap/slapd.d by -# default) -SLAPD_PIDFILE= - -# slapd normally serves ldap only on all TCP-ports 389. slapd can also -# service requests on TCP-port 636 (ldaps) and requests via unix -# sockets. -# Example usage: -# SLAPD_SERVICES="ldap://127.0.0.1:389/ ldaps:/// ldapi:///" -SLAPD_SERVICES="ldaps:///" - -# If SLAPD_NO_START is set, the init script will not start or restart -# slapd (but stop will still work). Uncomment this if you are -# starting slapd via some other means or if you don't want slapd normally -# started at boot. -#SLAPD_NO_START=1 - -# If SLAPD_SENTINEL_FILE is set to path to a file and that file exists, -# the init script will not start or restart slapd (but stop will still -# work). Use this for temporarily disabling startup of slapd (when doing -# maintenance, for example, or through a configuration management system) -# when you don't want to edit a configuration file. -SLAPD_SENTINEL_FILE=/etc/ldap/noslapd - -# For Kerberos authentication (via SASL), slapd by default uses the system -# keytab file (/etc/krb5.keytab). To use a different keytab file, -# uncomment this line and change the path. -#export KRB5_KTNAME=/etc/krb5.keytab - -# Additional options to pass to slapd -SLAPD_OPTIONS="" -