Git/yunohost-gitea_ynh
1
0
Fork 0
mirror of https://framagit.org/YunoHost-Apps/gitea_ynh.git synced 2024-11-21 10:31:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add gogs code for CI

Browse Source
This commit is contained in:
Josué Tille 2019-02-28 15:03:21 +01:00
parent d474571ed8
commit 4e078e9112
No known key found for this signature in database
GPG Key ID: D5E068C6DFA8681D
16 changed files with 613 additions and 194 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
README.md
View File

@ -1,69 +1 @@
# Gitea package for YunoHost
Gitea is a fork of Gogs a self-hosted Git service written in Go. Alternative to Github.
- [Gitea website](http://gitea.io)
[![Integration level](https://dash.yunohost.org/integration/gitea.svg)](https://ci-apps.yunohost.org/jenkins/job/gitea%20%28Community%29/lastBuild/consoleFull)
[![Install Gitea with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=gitea)
## Requirements
A functional instance of [YunoHost](https://yunohost.org)
## Installation
From the command-line:
`sudo yunohost app install https://github.com/YunoHost-Apps/gitea_ynh`
## Upgrade
From the command-line:
`sudo yunohost app upgrade Gitea -u https://github.com/YunoHost-Apps/gogs_ynh gogs`
## Notes on SSH usage
If you want to use Gitea with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gitea:
```bash
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
```
You also need to add your public key to your Gitea profile.
If you use ssh on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`:
```bash
Host domain.tld
port 2222 # change this with the port you use
```
Architecture: this package is compatible with amd64, i386 and arm. The package will try to detect it with the command uname -m and fail if it can't detect the architecture. If that happens please open an issue describing your hardware and the result of the command `uname -m`.
## Issue
Any issue is welcome here : https://github.com/YunoHost-Apps/gogs_ynh/issues
## License
Gitea is published under the MIT License:
https://github.com/go-gitea/gitea/blob/master/LICENSE
This package is published under the MIT License.
## Developper info
Please do your pull requests to the `dev` branch.
Test or upgrade to dev version:
```bash
sudo su - admin
git clone -b dev https://github.com/YunoHost-Apps/gogs_ynh
# to install
sudo yunohost app install -l Gogs /home/admin/gogs_ynh
# to upgrade
sudo yunohost app upgrade -f /home/admin/gogs_ynh gogs
```
# Please not install the app from this branch. It's only for the CI

2
check_process
View File

@ -24,7 +24,7 @@
Level 1=auto
Level 2=auto
Level 3=auto
# https://github.com/YunoHost-Apps/gitea_ynh/blob/master/conf/login_source.sql
# https://github.com/YunoHost-Apps/gogs_ynh/blob/master/conf/login_source.sql
Level 4=1
Level 5=auto
Level 6=auto

531
conf/app.ini
View File

@ -1,51 +1,506 @@
;https://github.com/gogits/gogs/blob/master/conf/app.ini
APP_NAME = Gitea
; App name that shows on every page title
APP_NAME = Gogs: Go Git Service
; The name of the system user that runs Gogs
RUN_USER = __APP__
; Either "dev", "prod" or "test"
RUN_MODE = prod
[server]
PROTOCOL = http
DOMAIN = __DOMAIN__
ROOT_URL = https://__URL__/
HTTP_ADDR = 0.0.0.0
HTTP_PORT = __PORT__
; Permission for unix socket
UNIX_SOCKET_PERMISSION = 666
; Local (DMZ) URL for Gogs workers (such as SSH update) accessing web service.
; In most cases you do not need to change the default value.
; Alter it only if your SSH server node is not the same as HTTP node.
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
; Disable SSH feature when not available
DISABLE_SSH = false
; Whether use builtin SSH server or not.
START_SSH_SERVER = false
; Domain name to be exposed in SSH clone URL
SSH_DOMAIN = %(DOMAIN)s
; Port number to be exposed in SSH clone URL
SSH_PORT = 22
; Network interface builtin SSH server listens on
SSH_LISTEN_HOST = 0.0.0.0
; Port number builtin SSH server listens on
SSH_LISTEN_PORT = %(SSH_PORT)s
; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
SSH_ROOT_PATH =
; Indicate whether to rewrite authorized_keys at start, ignored when use builtin SSH server
REWRITE_AUTHORIZED_KEYS_AT_START = false
; Choose the ciphers to support for SSH connections
SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
; Directory to create temporary files when test publick key using ssh-keygen,
; default is system temporary directory.
SSH_KEY_TEST_PATH =
; Path to ssh-keygen, default is 'ssh-keygen' and let shell find out which one to call.
SSH_KEYGEN_PATH = ssh-keygen
; Indicate whether to check minimum key size with corresponding type
MINIMUM_KEY_SIZE_CHECK = false
; Disable CDN even in "prod" mode
OFFLINE_MODE = false
DISABLE_ROUTER_LOG = false
; Generate steps:
; $ ./gogs cert -ca=true -duration=8760h0m0s -host=myhost.example.com
;
; Or from a .pfx file exported from the Windows certificate store (do
; not forget to export the private key):
; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
CERT_FILE = custom/https/cert.pem
KEY_FILE = custom/https/key.pem
; Allowed TLS version values: SSL30, TLS10, TLS11, TLS12
TLS_MIN_VERSION = TLS10
; Upper level of template and static file path
; default is the path where Gogs is executed
STATIC_ROOT_PATH =
; Default path for App data
APP_DATA_PATH = __DATA_PATH__
; Application level GZIP support
ENABLE_GZIP = false
; Landing page for non-logged users, can be "home" or "explore"
LANDING_PAGE = explore
[repository]
; Root path for storing repositories's data, default is "~/<username>/gogs-repositories"
ROOT = __REPOS_PATH__
; The script type server supports, sometimes could be "sh"
SCRIPT_TYPE = bash
; Default ANSI charset for an unrecognized charset
ANSI_CHARSET =
; Force every new repository to be private
FORCE_PRIVATE = false
; Global maximum creation limit of repository per user, -1 means no limit
MAX_CREATION_LIMIT = -1
; Mirror sync queue length, increase if mirror syncing starts hanging
MIRROR_QUEUE_LENGTH = 1000
; Patch test queue length, increase if pull request patch testing starts hanging
PULL_REQUEST_QUEUE_LENGTH = 1000
; Preferred Licenses to place at the top of the list
; Name must match file name in conf/license or custom/conf/license
PREFERRED_LICENSES = Apache License 2.0,MIT License
; Disable ability to interact with repositories by HTTP protocol
DISABLE_HTTP_GIT = false
; Enable ability to migrate repository by local path
ENABLE_LOCAL_PATH_MIGRATION = false
; Concurrency is used to retrieve commits information. This variable define
; the maximum number of tasks that can be run at the same time. Usually, the
; value depend of how many CPUs (cores) you have. If the value is set to zero
; or under, GOGS will automatically detect the number of CPUs your system have
COMMITS_FETCH_CONCURRENCY = 0
; Enable render mode for raw file
ENABLE_RAW_FILE_RENDER_MODE = false
[repository.editor]
; List of file extensions that should have line wraps in the CodeMirror editor.
; Separate extensions with a comma. To line wrap files without extension, just put a comma
LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd,
; Valid file modes that have a preview API associated with them, such as api/v1/markdown.
; Separate values by commas. Preview tab in edit mode won't show if the file extension doesn't match
PREVIEWABLE_FILE_MODES = markdown
[repository.upload]
; Enable repository file uploads.
ENABLED = true
; Path to temporarily store uploads (default path gets cleaned by Gogs in every start)
TEMP_PATH = data/tmp/uploads
; File types that are allowed to be uploaded, e.g. image/jpeg|image/png. Leave empty means allow any file type
ALLOWED_TYPES =
; Maximum size of each file in MB
FILE_MAX_SIZE = 3
; Maximum number of files per upload
MAX_FILES = 5
; Attachment settings for releases
[release.attachment]
; Whether attachments are enabled. Defaults to `true`
ENABLED = true
; Path for attachments. Defaults to `data/attachments`
PATH = data/attachments
; One or more allowed types, e.g. image/jpeg|image/png
ALLOWED_TYPES = */*
; Max size of each file. Defaults to 32MB
MAX_SIZE = 32
; Max number of files per upload. Defaults to 10
MAX_FILES = 10
[markdown]
; Enable hard line break extension
ENABLE_HARD_LINE_BREAK = false
; List of custom URL-Schemes that are allowed as links when rendering Markdown
; for example git,magnet
CUSTOM_URL_SCHEMES =
; List of file extensions that should be rendered/edited as Markdown
; Separate extensions with a comma. To render files w/o extension as markdown, just put a comma
FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd
[smartypants]
ENABLED = false
FRACTIONS = true
DASHES = true
LATEX_DASHES = true
ANGLED_QUOTES = true
[http]
; Value for Access-Control-Allow-Origin header, default is not to present
ACCESS_CONTROL_ALLOW_ORIGIN =
; Define allowed algorithms and their minimum key length (use -1 to disable a type)
[ssh.minimum_key_sizes]
ED25519 = 256
ECDSA = 256
RSA = 2048
DSA = 1024
[database]
; Either "mysql", "postgres" or "sqlite3", you can connect to TiDB with MySQL protocol
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = __DB_USER__
USER = __DB_USER__
PASSWD = __DB_PASSWORD__
; For "postgres" only, either "disable", "require" or "verify-full"
SSL_MODE = disable
PATH = data/gitea.db
[repository]
ROOT = __REPOS_PATH__
FORCE_PRIVATE = false
[server]
DOMAIN = __DOMAIN__
HTTP_PORT = __PORT__
ROOT_URL = https://__URL__/
DISABLE_SSH = false
SSH_PORT = 22
OFFLINE_MODE = false
APP_DATA_PATH = __DATA_PATH__
LANDING_PAGE = explore
[mailer]
ENABLED = true
HOST = 127.0.0.1:25
FROM = "Gitea" <gitea-noreply@__DOMAIN__>
SKIP_VERIFY = true
[service]
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = true
DISABLE_REGISTRATION = true
ENABLE_CAPTCHA = false
REQUIRE_SIGNIN_VIEW = false
ENABLE_REVERSE_PROXY_AUTHENTICATION = true
ENABLE_REVERSE_PROXY_AUTO_REGISTERATION = true
[picture]
AVATAR_UPLOAD_PATH = __DATA_PATH__/avatars
[attachment]
PATH = __DATA_PATH__/attachments
[session]
PROVIDER = memory
[log]
MODE = file
LEVEL = Warn
ROOT_PATH = /var/log/__APP__
; For "sqlite3" and "tidb", use absolute path when you start as service
PATH = data/gogs.db
[admin]
; Disable regular (non-admin) users to create organizations
DISABLE_REGULAR_ORG_CREATION = false
[security]
INSTALL_LOCK = true
; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
SECRET_KEY = __KEY__
; Auto-login remember days
LOGIN_REMEMBER_DAYS = 7
COOKIE_USERNAME = gogs_awesome
COOKIE_REMEMBER_NAME = gogs_incredible
COOKIE_SECURE = false
; Reverse proxy authentication header name of user name
REVERSE_PROXY_AUTHENTICATION_USER = REMOTE_USER
; Enable to set cookie to indicate user login status
ENABLE_LOGIN_STATUS_COOKIE = false
LOGIN_STATUS_COOKIE_NAME = login_status
[service]
ACTIVE_CODE_LIVE_MINUTES = 180
RESET_PASSWD_CODE_LIVE_MINUTES = 180
; User need to confirm e-mail for registration
REGISTER_EMAIL_CONFIRM = false
; Does not allow register and admin create account only
DISABLE_REGISTRATION = true
; User must sign in to view anything.
REQUIRE_SIGNIN_VIEW = __PRIVATE_MODE__
; Mail notification
ENABLE_NOTIFY_MAIL = true
; More detail: https://github.com/gogits/gogs/issues/165
ENABLE_REVERSE_PROXY_AUTHENTICATION = true
ENABLE_REVERSE_PROXY_AUTO_REGISTERATION = true
; Enable captcha validation for registration
ENABLE_CAPTCHA = false
[webhook]
; Types are enabled for users to use, can be "gogs", "slack", "discord", "dingtalk"
TYPES = gogs, slack, discord, dingtalk
; Hook task queue length, increase if webhook shooting starts hanging
QUEUE_LENGTH = 1000
; Deliver timeout in seconds
DELIVER_TIMEOUT = 15
; Allow insecure certification
SKIP_TLS_VERIFY = false
; Number of history information in each page
PAGING_NUM = 10
[mailer]
ENABLED = true
; Buffer length of channel, keep it as it is if you don't know what it is.
SEND_BUFFER_LEN = 100
; Prefix prepended to the subject line
SUBJECT_PREFIX = `[%(APP_NAME)s] `
; Mail server
; Gmail: smtp.gmail.com:587
; QQ: smtp.qq.com:465
; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
HOST = 127.0.0.1:25
; Disable HELO operation when hostname are different.
DISABLE_HELO =
; Custom hostname for HELO operation, default is from system.
HELO_HOSTNAME =
; Do not verify the certificate of the server. Only use this for self-signed certificates
SKIP_VERIFY = true
; Use client certificate
USE_CERTIFICATE = false
CERT_FILE = custom/mailer/cert.pem
KEY_FILE = custom/mailer/key.pem
; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
FROM = "Gogs" <gogs-noreply@__DOMAIN__>
; Mailer user name and password
USER =
PASSWD =
; Use text/plain as format of content
USE_PLAIN_TEXT = false
[cache]
; Either "memory", "redis", or "memcache", default is "memory"
ADAPTER = memory
; For "memory" only, GC interval in seconds, default is 60
INTERVAL = 60
; For "redis" and "memcache", connection host address
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; memcache: `127.0.0.1:11211`
HOST =
[session]
; Either "memory", "file", or "redis", default is "memory"
PROVIDER = memory
; Provider config options
; memory: not have any config yet
; file: session file path, e.g. `data/sessions`
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
PROVIDER_CONFIG = data/sessions
; Session cookie name
COOKIE_NAME = i_like_gogits
; If you use session in https only, default is false
COOKIE_SECURE = false
; Enable set cookie, default is true
ENABLE_SET_COOKIE = true
; Session GC time interval, default is 3600
GC_INTERVAL_TIME = 3600
; Session life time, default is 86400
SESSION_LIFE_TIME = 86400
; Cookie name for CSRF
CSRF_COOKIE_NAME = _csrf
[picture]
; Path to store user uploaded avatars
AVATAR_UPLOAD_PATH = __DATA_PATH__/avatars
; Chinese users can choose "duoshuo"
; or a custom avatar source, like: http://cn.gravatar.com/avatar/
GRAVATAR_SOURCE = gravatar
; This value will be forced to be true in offline mode.
DISABLE_GRAVATAR = false
; Federated avatar lookup uses DNS to discover avatar associated
; with emails, see https://www.libravatar.org
; This value will be forced to be false in offline mode or Gravatar is disbaled.
ENABLE_FEDERATED_AVATAR = false
; Attachment settings for issues
[attachment]
; Whether attachments are enabled. Defaults to `true`
ENABLED = true
; Path for attachments. Defaults to `data/attachments`
PATH = __DATA_PATH__/attachments
; One or more allowed types, e.g. image/jpeg|image/png
ALLOWED_TYPES = image/jpeg|image/png
; Max size of each file. Defaults to 4MB
MAX_SIZE = 4
; Max number of files per upload. Defaults to 5
MAX_FILES = 5
[time]
; Specifies the format for fully outputed dates. Defaults to RFC1123
; Special supported values are ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano
; For more information about the format see http://golang.org/pkg/time/#pkg-constants
FORMAT =
; General settings of loggers
[log]
ROOT_PATH = /var/log/__APP__
; Can be "console" and "file", default is "console"
; Use comma to separate multiple modes, e.g. "console, file"
MODE = file
; Buffer length of channel, keep it as it is if you don't know what it is.
BUFFER_LEN = 100
; Either "Trace", "Info", "Warn", "Error", "Fatal", default is "Trace"
LEVEL = Warn
; For "console" mode only
[log.console]
; leave empty to inherit
LEVEL =
; For "file" mode only
[log.file]
; leave empty to inherit
LEVEL =
; This enables automated log rotate (switch of following options)
LOG_ROTATE = true
; Segment log daily
DAILY_ROTATE = true
; Max size shift of single file, default is 28 means 1 << 28, 256MB
MAX_SIZE_SHIFT = 28
; Max line number of single file
MAX_LINES = 1000000
; Expired days of log file (delete after max days)
MAX_DAYS = 7
; For "slack" mode only
[log.slack]
; leave empty to inherit
LEVEL =
; Webhook URL
URL =
[log.discord]
; leave empty to inherit
LEVEL =
; Webhook URL
URL =
; Username displayed in webhook
USERNAME = %(APP_NAME)s
[log.xorm]
; Enable file rotation
ROTATE = true
; Rotate every day
ROTATE_DAILY = true
; Rotate once file size excesses x MB
MAX_SIZE = 100
; Maximum days to keep logger files
MAX_DAYS = 3
[cron]
; Enable running cron tasks periodically.
ENABLED = true
; Run cron tasks when Gogs starts.
RUN_AT_START = false
; Update mirrors
[cron.update_mirrors]
SCHEDULE = @every 10m
; Repository health check
[cron.repo_health_check]
SCHEDULE = @every 24h
TIMEOUT = 60s
; Arguments for command 'git fsck', e.g. "--unreachable --tags"
; see more on http://git-scm.com/docs/git-fsck/1.7.5
ARGS =
; Check repository statistics
[cron.check_repo_stats]
RUN_AT_START = true
SCHEDULE = @every 24h
; Cleanup repository archives
[cron.repo_archive_cleanup]
RUN_AT_START = false
SCHEDULE = @every 24h
; Time duration to check if archive should be cleaned
OLDER_THAN = 24h
[git]
; Disables highlight of added and removed changes
DISABLE_DIFF_HIGHLIGHT = false
; Max number of lines allowed of a single file in diff view
MAX_GIT_DIFF_LINES = 1000
; Max number of characters of a line allowed in diff view
MAX_GIT_DIFF_LINE_CHARACTERS = 500
; Max number of files shown in diff view
MAX_GIT_DIFF_FILES = 100
; Arguments for command 'git gc', e.g. "--aggressive --auto"
; see more on http://git-scm.com/docs/git-gc/1.7.5
GC_ARGS =
; Operation timeout in seconds
[git.timeout]
MIGRATE = 600
MIRROR = 300
CLONE = 300
PULL = 300
GC = 60
[mirror]
; Default interval in hours between each check
DEFAULT_INTERVAL = 8
[api]
; Max number of items will response in a page
MAX_RESPONSE_ITEMS = 50
[ui]
; Number of repositories that are showed in one explore page
EXPLORE_PAGING_NUM = 20
; Number of issues that are showed in one page
ISSUE_PAGING_NUM = 10
; Number of maximum commits showed in one activity feed
FEED_MAX_COMMIT_NUM = 5
; Value of "theme-color" meta tag, used by Android >= 5.0
; An invalid color like "none" or "disable" will have the default style
; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android
THEME_COLOR_META_TAG = `#ff5343`
; Max size in bytes of files to be displayed (default is 8MB)
MAX_DISPLAY_FILE_SIZE = 8388608
[ui.admin]
; Number of users that are showed in one page
USER_PAGING_NUM = 50
; Number of repos that are showed in one page
REPO_PAGING_NUM = 50
; Number of notices that are showed in one page
NOTICE_PAGING_NUM = 25
; Number of organization that are showed in one page
ORG_PAGING_NUM = 50
[ui.user]
; Number of repos that are showed in one page
REPO_PAGING_NUM = 15
; Number of news feeds that are showed in one page
NEWS_FEED_PAGING_NUM = 20
; Number of commits that are showed in one page
COMMITS_PAGING_NUM = 30
[i18n]
LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR,gl-ES,uk-UA,en-GB,hu-HU,sk-SK,id-ID,fa-IR,vi-VN
NAMES = English,简体中文,繁體中文(香港),繁體中文(臺灣),Deutsch,français,Nederlands,latviešu,русский,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어,galego,українська,English (United Kingdom),Magyar,Slovenčina,Indonesian,Persian,Vietnamese
; Used for datetimepicker
[i18n.datelang]
en-US = en
zh-CN = zh
zh-HK = zh-TW
zh-TW = zh-TW
de-DE = de
fr-FR = fr
nl-NL = nl
lv-LV = lv
ru-RU = ru
ja-JP = ja
es-ES = es
pt-BR = pt-BR
pl-PL = pl
bg-BG = bg
it-IT = it
fi-FI = fi
tr-TR = tr
cs-CZ = cs-CZ
sr-SP = sr
sv-SE = sv
ko-KR = ko
gl-ES = gl
uk-UA = uk
en-GB = en-GB
hu-HU = hu
sk-SK = sk
id-ID = id
fa-IR = fa
vi-VN = vi
; Extension mapping to highlight class
; e.g. .toml=ini
[highlight.mapping]
[other]
SHOW_FOOTER_BRANDING = false
; Show version information about Gogs and Go in the footer
SHOW_FOOTER_VERSION = true
; Show time of template execution in the footer
SHOW_FOOTER_TEMPLATE_LOAD_TIME = true

4
conf/arm.src
View File

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/gogits/gogs/releases/download/v0.11.33/raspi2_armv6.zip
SOURCE_SUM=334bb5a053f3335f8a8c3c85728ff0d0b376d3a0b5b6470a0334b9172441a1af
SOURCE_URL=https://github.com/gogits/gogs/releases/download/v0.11.79/raspi2_armv6.zip
SOURCE_SUM=a7d17f6dc542fd2d88f884271bca9c62729fbd725fdb310616b2987dba382631
# (Optional) Program to check the integrity (sha256sum, md5sum...)
# default: sha256
SOURCE_SUM_PRG=sha256sum

4
conf/i386.src
View File

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.3.3/gitea-1.3.3-linux-386
SOURCE_SUM=1b746cccffca446876ccc71efe328699f002622dab1d438e2142c8d7c23a22d7
SOURCE_URL=https://github.com/gogits/gogs/releases/download/v0.11.79/linux_386.zip
SOURCE_SUM=ad1a89eb01723a4b289b7b8773fd018f78b0dad801101f27c1af0f2d649edeeb
# (Optional) Program to check the integrity (sha256sum, md5sum...)
# default: sha256
SOURCE_SUM_PRG=sha256sum

28
conf/ldap.conf Normal file
View File

@ -0,0 +1,28 @@
# This is an example of LDAP (BindDN) authentication
#
id = 1
type = ldap_bind_dn
name = Yunohost LDAP
is_activated = true
[config]
host = localhost
port = 389
# 0 - Unencrypted, 1 - LDAPS, 2 - StartTLS
security_protocol = 0
skip_verify = false
bind_dn =
bind_password =
user_base = ou=users,dc=yunohost,dc=org
attribute_username = uid
attribute_name = givenName
attribute_surname = sn
attribute_mail = mail
attributes_in_bind = false
filter = (&(objectClass=posixAccount)(uid=%s))
admin_filter = (uid=__ADMIN__)
group_enabled = false
group_dn =
group_filter =
group_member_uid =
user_uid = uid

3
conf/login_source.sql
View File

@ -1,3 +0,0 @@
INSERT INTO `__APP__`.`login_source` (`id`, `type`, `name`, `is_actived`, `cfg`, `created_unix`, `updated_unix`) VALUES
('1', '2', 'Yunohost LDAP', '1', '{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(uid=%s)","AdminFilter":"(uid=__ADMIN__)","Enabled":true}', '1464014433', '1464015955')
ON DUPLICATE KEY UPDATE cfg='{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(uid=%s)","AdminFilter":"(uid=__ADMIN__)","Enabled":true}'

2
conf/nginx.conf
View File

@ -4,7 +4,7 @@ location __PATH__/ {
proxy_set_header Host $host;
proxy_buffering off;
fastcgi_param REMOTE_USER $remote_user;
client_max_body_size 50M;
client_max_body_size 200M;
# Force https
if ($scheme = http) {

2
conf/systemd.service
View File

@ -1,5 +1,5 @@
[Unit]
Description=Gitea
Description=Gogs (Go Git Service)
After=syslog.target
After=network.target
After=mysql.service

4
conf/x86-64.src
View File

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/gogits/gogs/releases/download/v0.11.33/linux_amd64.zip
SOURCE_SUM=7f0841a0451174349bf058e3827a0f46b8a827de0303827a6ff6d20fd03db3ff
SOURCE_URL=https://github.com/gogits/gogs/releases/download/v0.11.79/linux_amd64.zip
SOURCE_SUM=85f60494de63e6c4af16faba9bc739eb7c9e5477de1f16d11c6665495141162f
# (Optional) Program to check the integrity (sha256sum, md5sum...)
# default: sha256
SOURCE_SUM_PRG=sha256sum

32
manifest.json
View File

@ -1,7 +1,7 @@
{
"package_format": 1,
"name": "Gitea",
"id": "gitea",
"name": "Gogs",
"id": "gogs",
"packaging_format": 1,
"description": {
"en": "Lightweight git forge",
@ -9,10 +9,14 @@
},
"url": "http://gogs.io",
"license": "MIT",
"version": "0.11.33~ynh1",
"version": "0.11.66~ynh1",
"maintainer": {
"name": "",
"email": ""
"name": "Josué Tille",
"email": "josue@tille.ch"
},
"previous_maintainers": {
"name": "tostaki",
"email": "maxime@max.privy.place"
},
"multi_instance": true,
"services": [
@ -20,7 +24,7 @@
"mysql"
],
"requirements": {
"yunohost": ">= 2.7.9"
"yunohost": ">= 2.7.12"
},
"arguments": {
"install" : [
@ -28,8 +32,8 @@
"name": "domain",
"type": "domain",
"ask": {
"en": "Choose a domain for Gitea",
"fr": "Choisissez un domaine pour Gitea"
"en": "Choose a domain for Gogs",
"fr": "Choisissez un domaine pour Gogs"
},
"example": "domain.org"
},
@ -37,18 +41,18 @@
"name": "path",
"type": "path",
"ask": {
"en": "Choose a path for Gitea",
"fr": "Choisissez un chemin pour Gitea"
"en": "Choose a path for Gogs",
"fr": "Choisissez un chemin pour Gogs"
},
"example": "/gitea",
"default": "/gitea"
"example": "/gogs",
"default": "/gogs"
},
{
"name": "admin",
"type": "user",
"ask": {
"en": "Choose the Gitea administrator (must be an existing YunoHost user)",
"fr": "Choisissez l'administrateur de Gitea (doit être un utilisateur YunoHost existant)"
"en": "Choose the Gogs administrator (must be an existing YunoHost user)",
"fr": "Choisissez l'administrateur de Gogs (doit être un utilisateur YunoHost existant)"
},
"example": "johndoe"
},

33
scripts/_common.sh
View File

@ -30,8 +30,7 @@ fi
create_dir() {
mkdir -p "$final_path/data"
mkdir -p "$final_path/custom/conf"
mkdir -p "$REPO_PATH"
mkdir -p "$final_path/custom/conf/auth.d"
mkdir -p "$DATA_PATH/avatars"
mkdir -p "$DATA_PATH/attachments"
mkdir -p "/var/log/$app"
@ -47,8 +46,10 @@ config_nginx() {
config_gogs() {
ynh_backup_if_checksum_is_different "$final_path/custom/conf/app.ini"
ynh_backup_if_checksum_is_different "$final_path/custom/conf/auth.d/ldap.conf"
cp ../conf/app.ini "$final_path/custom/conf"
cp ../conf/ldap.conf "$final_path/custom/conf/auth.d/ldap.conf"
if [ "$path_url" = "/" ]
then
@ -66,7 +67,17 @@ config_gogs() {
ynh_replace_string "__PORT__" $port "$final_path/custom/conf/app.ini"
ynh_replace_string "__APP__" $app "$final_path/custom/conf/app.ini"
if [[ "$is_public" = '1' ]]
then
ynh_replace_string "__PRIVATE_MODE__" "false" "$final_path/custom/conf/app.ini"
else
ynh_replace_string "__PRIVATE_MODE__" "true" "$final_path/custom/conf/app.ini"
fi
ynh_replace_string "__ADMIN__" "$admin" "$final_path/custom/conf/auth.d/ldap.conf"
ynh_store_file_checksum "$final_path/custom/conf/app.ini"
ynh_store_file_checksum "$final_path/custom/conf/auth.d/ldap.conf"
}
set_permission() {
@ -77,3 +88,21 @@ set_permission() {
chmod u=rwX,g=rX,o= "/home/$app"
chmod u=rwX,g=rX,o= "/var/log/$app"
}
set_access_settings() {
if [ "$is_public" = '1' ]
then
ynh_app_setting_set $app unprotected_uris "/"
else
# For an access to the git server by https in private mode we need to allow the access to theses URL :
# - "DOMAIN/PATH/USER/REPOSITORY/info/refs"
# - "DOMAIN/PATH/USER/REPOSITORY/git-upload-pack"
# - "DOMAIN/PATH/USER/REPOSITORY/git-receive-pack"
excaped_domain=${domain//'.'/'%.'}
excaped_domain=${excaped_domain//'-'/'%-'}
excaped_path=${path_url//'.'/'%.'}
excaped_path=${excaped_path//'-'/'%-'}
ynh_app_setting_set $app skipped_regex "$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-receive%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-upload%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/info/refs"
fi
}

43
scripts/change_url
View File

@ -14,57 +14,32 @@ ynh_abort_if_errors
source ./experimental_helper.sh
source ./_common.sh
cp -r /etc/yunohost/apps/${app}/conf ../ # Quick hack for https://github.com/YunoHost/yunohost/pull/427
# RETRIEVE ARGUMENTS
old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN
new_path=$YNH_APP_NEW_PATH
domain=$YNH_APP_NEW_DOMAIN
path_url=$(ynh_normalize_url_path ${YNH_APP_NEW_PATH:-'/'})
app=$YNH_APP_INSTANCE_NAME
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
admin=$(ynh_app_setting_get "$app" adminusername)
key=$(ynh_app_setting_get "$app" secret_key)
port=$(ynh_app_setting_get "$app" web_port)
# CHECK THE SYNTAX OF THE PATHS
test -n "$old_path" || old_path="/"
test -n "$new_path" || new_path="/"
new_path=$(ynh_normalize_url_path $new_path)
old_path=$(ynh_normalize_url_path $old_path)
domain="$new_domain"
path_url="$new_path"
# CHECK WHICH PARTS SHOULD BE CHANGED
change_domain=0
if [ "$old_domain" != "$new_domain" ]
then
change_domain=1
fi
change_path=0
if [ "$old_path" != "$new_path" ]
then
change_path=1
fi
is_public=$(ynh_app_setting_get "$app" is_public)
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# MODIFY URL IN NGINX CONF
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the domain for nginx
if [ $change_domain -eq 1 ]
if [ "$old_domain" != "$domain" ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum "$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
ynh_delete_file_checksum "/etc/nginx/conf.d/$old_domain.d/$app.conf"
mv "/etc/nginx/conf.d/$old_domain.d/$app.conf" "/etc/nginx/conf.d/$domain.d/$app.conf"
# Store file checksum for the new config file location
ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf"
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
fi
config_nginx

32
scripts/install
View File

@ -16,7 +16,7 @@ source ./_common.sh
# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
path_url=$(ynh_normalize_url_path $YNH_APP_ARG_PATH)
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
@ -53,7 +53,10 @@ ynh_app_setting_set $app web_port $port
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
# Add users
ynh_system_user_create $app
# We can't use the official helper because we need to set the shell for the login
test getent passwd "$app" &>/dev/null || \
useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \
ynh_die "Unable to create $app system account"
# create needed directories
create_dir
@ -70,32 +73,15 @@ ynh_add_systemd_config
# Modify Nginx configuration file and copy it to Nginx conf directory
config_nginx
# Start gogs for building mysql tables
systemctl start "$app".service
# Set permissions
set_permission
# Wait till login_source mysql table is created
while ! $(ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
do
sleep 2
done
# Add ldap config
ynh_replace_string "__ADMIN__" "$admin" ../conf/login_source.sql
ynh_replace_string "__APP__" "$app" ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
#=================================================
# GENERIC FINALIZATION
#=================================================
# Set permissions
set_permission
# Unprotect root from SSO if public
if [ "$is_public" = '1' ]
then
ynh_app_setting_set $app unprotected_uris "/"
fi
set_access_settings
# Add Gogs to YunoHost's monitored services
yunohost service add "$app" --log "/var/log/$app/$app.log"

5
scripts/restore
View File

@ -35,7 +35,10 @@ test ! -e "$final_path" || ynh_die "This path already contains a folder"
#=================================================
# Add users
ynh_system_user_create $app
# We can't use the official helper because we need to set the shell for the login
test getent passwd "$app" &>/dev/null || \
useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \
ynh_die "Unable to create $app system account"
# Restore all files
ynh_restore

10
scripts/upgrade
View File

@ -80,6 +80,13 @@ then
usermod -p '*' "$app"
fi
# Remove old authentification mecanisme, actually the registry in the database has been replaced by a config file
if [[ ! -e "$final_path/custom/conf/auth.d/ldap.conf" ]]
then
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "DELETE FROM login_source WHERE name = 'Yunohost LDAP';"
mkdir -p "$final_path/custom/conf/auth.d"
fi
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
@ -103,6 +110,9 @@ config_nginx
# GENERIC FINALIZATION
#=================================================
# Unprotect root from SSO if public
set_access_settings
# Set permissions
set_permission