diff --git a/README.md b/README.md index 36b8c5a..8aa70fd 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ Overview Gitea is a fork of Gogs a self-hosted Git service written in Go. Alternative to Github. -**Shipped version:** 1.11.3 +**Shipped version:** 1.11.4 Screenshots ----------- @@ -71,6 +71,21 @@ Host domain.tld Architecture: this package is compatible with amd64, i386 and arm. The package will try to detect it with the command uname -m and fail if it can't detect the architecture. If that happens please open an issue describing your hardware and the result of the command `uname -m`. +### LFS setup +To use a repository with an `LFS` setup, you need to activate-it on `/opt/gitea/custom/conf/app.ini` +```ini +[server] +LFS_START_SERVER = true +LFS_HTTP_AUTH_EXPIRY = 20m +``` +By default Nginx is setup with a max value to updload files at 200 Mo. It's possible to change this value on `/etc/nginx/conf.d/my.domain.tld.d/gitea.conf`. +``` +client_max_body_size 200M; +``` +Don't forget to restart Gitea `sudo systemctl restart gitea.service`. + +> This settings are restored to the default config when Gitea is updated. Don't forget to restore your setup after all updates. + ### Git command access with HTTPS If you want to use the git command (like `git clone`, `git pull`, `git push`), you need to set this app as **public**. diff --git a/conf/login_source.sql b/conf/login_source.sql index 7454918..ee9da47 100644 --- a/conf/login_source.sql +++ b/conf/login_source.sql @@ -1,3 +1,6 @@ -INSERT INTO `__APP__`.`login_source` (`id`, `type`, `name`, `is_actived`, `cfg`, `created_unix`, `updated_unix`) VALUES -('1', '2', 'Yunohost LDAP', '1', '{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(uid=%s)","AdminFilter":"(uid=__ADMIN__)","Enabled":true}', '1464014433', '1464015955') -ON DUPLICATE KEY UPDATE cfg='{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(uid=%s)","AdminFilter":"(uid=__ADMIN__)","Enabled":true}' +INSERT INTO `__APP__`.`login_source` +(`id`, `type`, `name`, `is_actived`, `cfg`, `created_unix`, `updated_unix`) +VALUES +('1', '2', 'Yunohost LDAP', '1', '{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(&(uid=%s)(objectClass=posixAccount)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))","AdminFilter":"(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org)","Enabled":true}', '1464014433', '1464015955') +ON DUPLICATE KEY +UPDATE cfg='{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(&(uid=%s)(objectClass=posixAccount)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))","AdminFilter":"(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org)","Enabled":true}'; diff --git a/conf/source/arm.src b/conf/source/arm.src index da70eb6..2934cfb 100644 --- a/conf/source/arm.src +++ b/conf/source/arm.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.11.3/gitea-1.11.3-linux-arm-6 -SOURCE_SUM=578180011bc0f08208dcf6222d6e9c524efc1b2a5e62ef0858f3e8a742106c8a +SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.11.4/gitea-1.11.4-linux-arm-6 +SOURCE_SUM=402db838819576b9ca8f0b5cdd5d624acb06b70a4440324710c9f48e3730ab02 SOURCE_SUM_PRG=sha256sum SOURCE_FILENAME=gitea SOURCE_EXTRACT=false diff --git a/conf/source/armv7.src b/conf/source/armv7.src index 41046f0..4942b88 100644 --- a/conf/source/armv7.src +++ b/conf/source/armv7.src @@ -1,8 +1,8 @@ # The armv7 build is brocken # See : https://github.com/go-gitea/gitea/issues/6700 # Use temporary the armv6 binary -SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.11.3/gitea-1.11.3-linux-arm-6 -SOURCE_SUM=578180011bc0f08208dcf6222d6e9c524efc1b2a5e62ef0858f3e8a742106c8a +SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.11.4/gitea-1.11.4-linux-arm-6 +SOURCE_SUM=402db838819576b9ca8f0b5cdd5d624acb06b70a4440324710c9f48e3730ab02 SOURCE_SUM_PRG=sha256sum SOURCE_FILENAME=gitea SOURCE_EXTRACT=false diff --git a/conf/source/i386.src b/conf/source/i386.src index 08fa821..5c6d7c9 100644 --- a/conf/source/i386.src +++ b/conf/source/i386.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.11.3/gitea-1.11.3-linux-386 -SOURCE_SUM=9b85e8615a68424bb4621f9430c440955394c385969d2e86d94796373992d229 +SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.11.4/gitea-1.11.4-linux-386 +SOURCE_SUM=d37fdd1ab43d861650198aba8b850e7bf121dac4a03e61fb38bf463eba01f53a SOURCE_SUM_PRG=sha256sum SOURCE_FILENAME=gitea SOURCE_EXTRACT=false diff --git a/conf/source/x86-64.src b/conf/source/x86-64.src index 6d07d43..7642d7f 100644 --- a/conf/source/x86-64.src +++ b/conf/source/x86-64.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.11.3/gitea-1.11.3-linux-amd64 -SOURCE_SUM=bd4d3d4f2d3998ebd1fecc1e8fc09971bc822aa8437a72b7131bee6b944f5d51 +SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.11.4/gitea-1.11.4-linux-amd64 +SOURCE_SUM=4408c781069c36cbb1b5923ae924e67ceee661ba9c9bd6c73cd7408c9cd62af6 SOURCE_SUM_PRG=sha256sum SOURCE_FILENAME=gitea SOURCE_EXTRACT=false diff --git a/manifest.json b/manifest.json index 37eda47..2154f00 100644 --- a/manifest.json +++ b/manifest.json @@ -9,7 +9,7 @@ }, "url": "http://gitea.io", "license": "MIT", - "version": "1.11.3~ynh1", + "version": "1.11.4~ynh1", "maintainer": { "name": "rafi59", "email": "rafi59_dev@srvmaison.fr.nf" @@ -20,7 +20,7 @@ "mysql" ], "requirements": { - "yunohost": ">= 3.6.4" + "yunohost": ">= 3.7.0.6" }, "arguments": { "install" : [ diff --git a/scripts/_common.sh b/scripts/_common.sh index d6e5689..d52dfc7 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -87,10 +87,8 @@ set_permission() { } set_access_settings() { - if [ "$is_public" = '1' ] + if [ "$is_public" == '1' ]; then - ynh_app_setting_set --app $app --key unprotected_uris --value "/" - else - ynh_app_setting_delete --app $app --key skipped_regex + ynh_permission_update --permission "main" --add "visitors" fi } diff --git a/scripts/change_url b/scripts/change_url index a57b886..de3079f 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -55,7 +55,7 @@ config_gitea # RELOAD services ynh_script_progression --message="Starting services..." -ynh_systemd_action -l "Starting new server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 +ynh_systemd_action -l "Starting new server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 -a restart sleep 1 # Store the checksum with the 'INTERNAL_TOKEN' value. diff --git a/scripts/experimental_helper.sh b/scripts/experimental_helper.sh index ec89165..23d0e32 100644 --- a/scripts/experimental_helper.sh +++ b/scripts/experimental_helper.sh @@ -237,6 +237,9 @@ ynh_handle_app_migration () { new_label=$(echo $new_app_id | cut -c1 | tr [:lower:] [:upper:])$(echo $new_app_id | cut -c2-) ynh_app_setting_set $new_app label $new_label fi + + yunohost tools shell -c "from yunohost.permission import permission_delete; permission_delete('$old_app.main', force=True, sync_perm=False)" + yunohost tools shell -c "from yunohost.permission import permission_create; permission_create('$new_app.main', url='/' , sync_perm=True)" #================================================= # MOVE FILES TO THE NEW DESTINATION @@ -327,7 +330,6 @@ ynh_handle_app_migration () { app=$new_app - # Set migration_process to 1 to inform that an upgrade has been made migration_process=1 fi diff --git a/scripts/install b/scripts/install index 57901c4..f5687ad 100644 --- a/scripts/install +++ b/scripts/install @@ -90,14 +90,13 @@ ynh_script_progression --message="Configuring application, step 2/2..." # Start gitea for building mysql tables systemctl start "$app".service -# Wait till login_source mysql table is created +# Wait untill login_source mysql table is created while ! $(ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null) do sleep 2 done # Add ldap config -ynh_replace_string --match_string "__ADMIN__" --replace_string "$admin" --target_file ../conf/login_source.sql ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql @@ -113,6 +112,10 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile ynh_script_progression --message="Protecting directory" set_access_settings +# Create permission +ynh_script_progression --message="Configuring permissions" +ynh_permission_create --permission="admin" --allowed=$admin + # Add gitea to YunoHost's monitored services ynh_script_progression --message="Register gitea service..." yunohost service add "$app" --log "/var/log/$app/gitea.log" diff --git a/scripts/upgrade b/scripts/upgrade index 58eccbf..fb7e3f3 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -65,7 +65,6 @@ if [[ $migration_process -eq 1 ]]; then ynh_secure_remove --file=$final_path/custom/conf/auth.d # Restore authentication from SQL database - ynh_replace_string --match_string __ADMIN__ --replace_string "$admin" --target_file ../conf/login_source.sql ynh_replace_string --match_string __APP__ --replace_string "$app" --target_file ../conf/login_source.sql ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql @@ -189,6 +188,20 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile # GENERIC FINALIZATION #================================================= +# Set all permissions +ynh_script_progression --message="Update permission..." +if ! ynh_permission_exists --permission admin; then + ynh_app_setting_delete --app $app --key unprotected_uris + ynh_permission_create --permission 'admin' --allowed "$admin" + # Update ldap config + ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql + ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql +fi +if [ "$is_public" == '1' ]; +then + ynh_permission_update --permission "main" --add "visitors" +fi + # Set permissions ynh_script_progression --message="Protecting directory" set_permission