Git/yunohost-gitea_ynh
1
0
Fork 0
mirror of https://framagit.org/YunoHost-Apps/gitea_ynh.git synced 2024-11-21 10:31:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #38 from YunoHost-Apps/testing

Browse Source 
Upgrade to 1.17.1
This commit is contained in:
Josue-T 2022-08-30 06:56:01 +02:00 committed by GitHub
commit 6c7d277601
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
40 changed files with 629 additions and 280 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
.github/ISSUE_TEMPLATE.md vendored Normal file
View File

@ -0,0 +1,55 @@
---
name: Bug report
about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently.
---
**How to post a meaningful bug report**
1. *Read this whole template first.*
2. *Determine if you are on the right place:*
- *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!*
- *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.*
- *When in doubt, post here and we will figure it out together.*
3. *Delete the italic comments as you write over them below, and remove this guide.*
---
### Describe the bug
*A clear and concise description of what the bug is.*
### Context
- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...*
- YunoHost version: x.x.x
- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...*
- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes*
- If yes, please explain:
- Using, or trying to install package version/branch:
- If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`*
### Steps to reproduce
- *If you performed a command from the CLI, the command itself is enough. For example:*
```sh
sudo yunohost app install the_app
```
- *If you used the webadmin, please perform the equivalent command from the CLI first.*
- *If the error occurs in your browser, explain what you did:*
1. *Go to '...'*
2. *Click on '...'*
3. *Scroll down to '...'*
4. *See error*
### Expected behavior
*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.*
### Logs
*When an operation fails, YunoHost provides a simple way to share the logs.*
- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.*
- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.*
*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)*
*If applicable and useful, add screenshots to help explain your problem.*

16
.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View File

@ -0,0 +1,16 @@
## Problem
- *Description of why you made this PR*
## Solution
- *And how do you fix that problem*
## PR Status
- [ ] Code finished and ready to be reviewed/tested
- [ ] The fix/enhancement were manually tested (if applicable)
## Automatic tests
Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization)

163
README.md
View File

@ -1,92 +1,64 @@
Gitea package for YunoHost
==========================
[![Integration level](https://dash.yunohost.org/integration/gitea.svg)](https://dash.yunohost.org/appci/app/gitea) ![](https://ci-apps.yunohost.org/ci/badges/gitea.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/gitea.maintain.svg)
[![Install gitea with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=gitea)
> *This package allow you to install gitea quickly and simply on a YunoHost server.
If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.*
Overview
--------
Gitea is a fork of Gogs a self-hosted Git service written in Go. Alternative to Github.
**Shipped version:** 1.14.5
Screenshots
-----------
![](https://gitea.io/images/screenshot.png)
Documentation
-------------
* Official documentation: https://docs.gitea.io/
* YunoHost documentation: There no other documentations, feel free to contribute.
YunoHost specific features
--------------------------
### Multi-users support
LDAP and HTTP auth are supported.
### Supported architectures
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/gitea%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/gitea/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/gitea%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/gitea/)
<!--Limitations
------------
* Any known limitations.
<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
It shall NOT be edited by hand.
-->
Additional informations
-----------------------
# Gitea for YunoHost
[![Integration level](https://dash.yunohost.org/integration/gitea.svg)](https://dash.yunohost.org/appci/app/gitea) ![Working status](https://ci-apps.yunohost.org/ci/badges/gitea.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/gitea.maintain.svg)
[![Install Gitea with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=gitea)
*[Lire ce readme en français.](./README_fr.md)*
> *This package allows you to install Gitea quickly and simply on a YunoHost server.
If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
## Overview
Gitea is a fork of Gogs a self-hosted Git service written in Go. Alternative to GitHub.
**Shipped version:** 1.17.1~ynh1
## Screenshots
![Screenshot of Gitea](./doc/screenshots/screenshot.png)
## Disclaimers / important information
## Additional informations
### Notes on SSH usage
If you want to use Gitea with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gitea:
If you want to use Gitea with SSH and be able to pull/push with your SSH key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration `/etc/ssh/sshd_config` that works with Gitea:
```bash
PubkeyAuthentication yes
AuthorizedKeysFile /home/%u/.ssh/authorized_keys
AuthorizedKeysFile /home/yunohost.app/%u/.ssh/authorized_keys
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
```
You also need to add your public key to your Gitea profile.
You must also add your public key to your Gitea profile.
If you use ssh on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`:
When using SSH on any port other than 22, you need to add these lines to your SSH configuration `~/.ssh/config`:
```bash
Host domain.tld
port 2222 # change this with the port you use
```
You will also need to add the `gitea` user in the ssh permission with this command:
```
sudo adduser gitea ssh.app
```
### Architecture
This package is compatible with amd64, i386 and arm. The package will try to detect it with the command uname -m and fail if it can't detect the architecture. If that happens please open an issue describing your hardware and the result of the command `uname -m`.
### Upgrade
By default a backup is made before the upgrade. To avoid this you have theses following possibilites:
- Pass the `NO_BACKUP_UPGRADE` env variable with `1` at each upgrade. By example `NO_BACKUP_UPGRADE=1 yunohost app upgrade gitea`.
- Set the settings `disable_backup_before_upgrade` to `1`. You can set this with this command:
By default, a backup is performed before upgrading. To avoid this, you have the following options:
- Pass the `NO_BACKUP_UPGRADE` env variable with `1` at each upgrade. For example `NO_BACKUP_UPGRADE=1 yunohost app upgrade gitea`.
- Set `disable_backup_before_upgrade` to `1`. You can set it with this command:
`yunohost app setting gitea disable_backup_before_upgrade -v 1`
After this settings will be applied for **all** next upgrade.
After that, the settings will be applied for **all** the next updates.
From command line:
@ -94,74 +66,63 @@ From command line:
### Backup
This app use now the core-only feature of the backup. To keep the integrity of the data and to have a better guarantee of the restoration is recommended to proceed like this:
This application now uses the core-only feature of the backup. To keep the integrity of the data and to have a better guarantee of the restoration it is recommended to proceed as follows:
- Stop gitea service with theses following command:
- Stop Gitea service with this command:
`systemctl stop gitea.service`
- Launch the backup of gitea with this following command:
- Launch Gitea backup with this command:
`yunohost backup create --app gitea`
- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/gitea`.
- Restart the gitea service with theses command:
- Backup your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/yunohost.app/gitea`.
- Restart Gitea service with theses command:
`systemctl start gitea.service`
### Remove
Due of the backup core only feature the data directory in `/home/gitea` **is not removed**. It need to be removed manually to purge app user data.
Due of the backup core only feature the data directory in `/home/yunohost.app/gitea` **is not removed**. It must be manually deleted to purge user data from the app.
### LFS setup
To use a repository with an `LFS` setup, you need to activate-it on `/opt/gitea/custom/conf/app.ini`
To use a repository with an `LFS` setup, you need to activate it on `/opt/gitea/custom/conf/app.ini`
```ini
[server]
LFS_START_SERVER = true
LFS_HTTP_AUTH_EXPIRY = 20m
```
By default Nginx is setup with a max value to updload files at 200 Mo. It's possible to change this value on `/etc/nginx/conf.d/my.domain.tld.d/gitea.conf`.
By default, NGINX is configured with a maximum value for uploading files at 200 MB. It's possible to change this value on `/etc/nginx/conf.d/my.domain.tld.d/gitea.conf`.
```
client_max_body_size 200M;
```
Don't forget to restart Gitea `sudo systemctl restart gitea.service`.
> This settings are restored to the default config when Gitea is updated. Don't forget to restore your setup after all updates.
> These settings are restored to the default configuration when updating Gitea. Remember to restore your configuration after all updates.
### Git command access with HTTPS
If you want to use the git command (like `git clone`, `git pull`, `git push`), you need to set this app as **public**.
If you want to use the Git command (like `git clone`, `git pull`, `git push`), you need to set this app as **public**.
Links
-----
## Documentation and resources
* Report a bug: https://framagit.org/YunoHost-Apps/gitea_ynh/issues
* App website: http://gitea.io
* YunoHost website: https://yunohost.org/
* Official app website: <https://gitea.io/>
* Official admin documentation: <https://docs.gitea.io/>
* Upstream app code repository: <https://github.com/go-gitea/gitea>
* YunoHost documentation for this app: <https://yunohost.org/app_gitea>
* Report a bug: <https://github.com/YunoHost-Apps/gitea_ynh/issues>
---
## Developer info
Install
-------
Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/gitea_ynh/tree/testing).
From command line:
To try the testing branch, please proceed like that.
`sudo yunohost app install -l gitea https://github.com/YunoHost-Apps/gitea_ynh`
``` bash
sudo yunohost app install https://github.com/YunoHost-Apps/gitea_ynh/tree/testing --debug
or
sudo yunohost app upgrade gitea -u https://github.com/YunoHost-Apps/gitea_ynh/tree/testing --debug
```
Upgrade
-------
From command line:
`sudo yunohost app upgrade gitea -u https://github.com/YunoHost-Apps/gitea_ynh`
License
-------
Gitea is published under the MIT License:
https://github.com/go-gitea/gitea/blob/master/LICENSE
This package is published under the MIT License.
Todo
----
**More info regarding app packaging:** <https://yunohost.org/packaging_apps>

128
README_fr.md Normal file
View File

@ -0,0 +1,128 @@
<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
It shall NOT be edited by hand.
-->
# Gitea pour YunoHost
[![Niveau d'intégration](https://dash.yunohost.org/integration/gitea.svg)](https://dash.yunohost.org/appci/app/gitea) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/gitea.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/gitea.maintain.svg)
[![Installer Gitea avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=gitea)
*[Read this readme in english.](./README.md)*
> *Ce package vous permet d'installer Gitea rapidement et simplement sur un serveur YunoHost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
## Vue d'ensemble
Gitea is a fork of Gogs a self-hosted Git service written in Go. Alternative to GitHub.
**Version incluse :** 1.17.1~ynh1
## Captures d'écran
![Capture d'écran de Gitea](./doc/screenshots/screenshot.png)
## Avertissements / informations importantes
## Additional informations
### Notes on SSH usage
If you want to use Gitea with SSH and be able to pull/push with your SSH key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration `/etc/ssh/sshd_config` that works with Gitea:
```bash
PubkeyAuthentication yes
AuthorizedKeysFile /home/yunohost.app/%u/.ssh/authorized_keys
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
```
You must also add your public key to your Gitea profile.
When using SSH on any port other than 22, you need to add these lines to your SSH configuration `~/.ssh/config`:
```bash
Host domain.tld
port 2222 # change this with the port you use
```
### Upgrade
By default, a backup is performed before upgrading. To avoid this, you have the following options:
- Pass the `NO_BACKUP_UPGRADE` env variable with `1` at each upgrade. For example `NO_BACKUP_UPGRADE=1 yunohost app upgrade gitea`.
- Set `disable_backup_before_upgrade` to `1`. You can set it with this command:
`yunohost app setting gitea disable_backup_before_upgrade -v 1`
After that, the settings will be applied for **all** the next updates.
From command line:
`yunohost app upgrade gitea`
### Backup
This application now uses the core-only feature of the backup. To keep the integrity of the data and to have a better guarantee of the restoration it is recommended to proceed as follows:
- Stop Gitea service with this command:
`systemctl stop gitea.service`
- Launch Gitea backup with this command:
`yunohost backup create --app gitea`
- Backup your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/yunohost.app/gitea`.
- Restart Gitea service with theses command:
`systemctl start gitea.service`
### Remove
Due of the backup core only feature the data directory in `/home/yunohost.app/gitea` **is not removed**. It must be manually deleted to purge user data from the app.
### LFS setup
To use a repository with an `LFS` setup, you need to activate it on `/opt/gitea/custom/conf/app.ini`
```ini
[server]
LFS_START_SERVER = true
LFS_HTTP_AUTH_EXPIRY = 20m
```
By default, NGINX is configured with a maximum value for uploading files at 200 MB. It's possible to change this value on `/etc/nginx/conf.d/my.domain.tld.d/gitea.conf`.
```
client_max_body_size 200M;
```
Don't forget to restart Gitea `sudo systemctl restart gitea.service`.
> These settings are restored to the default configuration when updating Gitea. Remember to restore your configuration after all updates.
### Git command access with HTTPS
If you want to use the Git command (like `git clone`, `git pull`, `git push`), you need to set this app as **public**.
## Documentations et ressources
* Site officiel de l'app : <https://gitea.io/>
* Documentation officielle de l'admin : <https://docs.gitea.io/>
* Dépôt de code officiel de l'app : <https://github.com/go-gitea/gitea>
* Documentation YunoHost pour cette app : <https://yunohost.org/app_gitea>
* Signaler un bug : <https://github.com/YunoHost-Apps/gitea_ynh/issues>
## Informations pour les développeurs
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/gitea_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
``` bash
sudo yunohost app install https://github.com/YunoHost-Apps/gitea_ynh/tree/testing --debug
ou
sudo yunohost app upgrade gitea -u https://github.com/YunoHost-Apps/gitea_ynh/tree/testing --debug
```
**Plus d'infos sur le packaging d'applications :** <https://yunohost.org/packaging_apps>

18
check_process
View File

@ -1,9 +1,9 @@
;; General
; Manifest
domain="domain.tld" (DOMAIN)
path="/path" (PATH)
admin="john" (USER)
is_public=1 (PUBLIC|public=1|private=0)
domain="domain.tld"
path="/path"
admin="john"
is_public=1
; Checks
pkg_linter=1
setup_sub_dir=1
@ -12,7 +12,9 @@
setup_private=1
setup_public=1
upgrade=1
upgrade=1 from_commit=349992d4f3921e4e1adb37a0cace4a5a9eb67099
#1.14.5
upgrade=1 from_commit=7ea357724f2371aa1173f15ba5a7502609a0a131
upgrade=1 from_commit=bd3fe9a8467864391ffaf96426036ab731833f99
upgrade=1 from_commit=4e078e91129725c8b09ba551ab2a04e0328a45b3
backup_restore=1
multi_instance=1
@ -20,7 +22,9 @@
port_already_use=1 (6000)
change_url=1
;;; Upgrade options
; commit=349992d4f3921e4e1adb37a0cace4a5a9eb67099
name=First package version
; commit=7ea357724f2371aa1173f15ba5a7502609a0a131
name=1.14.5
; commit=bd3fe9a8467864391ffaf96426036ab731833f99
name=Just after group permission support
; commit=4e078e91129725c8b09ba551ab2a04e0328a45b3
name=Gogs code, check migration from gogs

11
conf/app.ini
View File

@ -21,12 +21,14 @@ FORCE_PRIVATE = false
DOMAIN = __DOMAIN__
HTTP_PORT = __PORT__
HTTP_ADDR = 127.0.0.1
ROOT_URL = https://__URL__/
ROOT_URL = https://__DOMAIN____PATH_URL__
DISABLE_SSH = false
SSH_PORT = __SSH_PORT__
OFFLINE_MODE = false
APP_DATA_PATH = __DATA_PATH__
LANDING_PAGE = explore
LFS_START_SERVER = true
LFS_JWT_SECRET = __LFS_KEY__
[mailer]
ENABLED = true
@ -40,8 +42,8 @@ ENABLE_NOTIFY_MAIL = true
DISABLE_REGISTRATION = true
ENABLE_CAPTCHA = false
REQUIRE_SIGNIN_VIEW = false
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
ENABLE_REVERSE_PROXY_AUTO_REGISTERATION = false
ENABLE_REVERSE_PROXY_AUTHENTICATION = true
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = true
[picture]
AVATAR_UPLOAD_PATH = __DATA_PATH__/avatars
@ -72,4 +74,5 @@ XORM = file
[security]
INSTALL_LOCK = true
SECRET_KEY = __KEY__
REVERSE_PROXY_AUTHENTICATION_USER = REMOTE_USER
REVERSE_PROXY_AUTHENTICATION_USER = REMOTE-USER
REVERSE_PROXY_TRUSTED_PROXIES = 127.0.0.0/8,::1/128

6
conf/login_source.sql
View File

@ -1,6 +1,6 @@
INSERT INTO `__APP__`.`login_source`
(`id`, `type`, `name`, `is_actived`, `cfg`, `created_unix`, `updated_unix`)
(`id`, `type`, `name`, `is_active`, `cfg`, `created_unix`, `updated_unix`)
VALUES
('1', '2', 'Yunohost LDAP', '1', '{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(&(uid=%s)(objectClass=posixAccount)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))","AdminFilter":"(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org)","Enabled":true}', '1464014433', '1464015955')
('1', '2', 'YunoHost LDAP', '1', '{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(&(uid=%s)(objectClass=posixAccount)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))","AdminFilter":"(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org)","Enabled":true}', '1464014433', '1464015955')
ON DUPLICATE KEY
UPDATE cfg='{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(&(uid=%s)(objectClass=posixAccount)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))","AdminFilter":"(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org)","Enabled":true}';
UPDATE cfg='{"Name":"YunoHost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(&(uid=%s)(objectClass=posixAccount)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))","AdminFilter":"(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org)","Enabled":true}';

6
conf/nginx.conf
View File

@ -3,15 +3,9 @@ location __PATH__/ {
proxy_pass http://localhost:__PORT__/;
proxy_set_header Host $host;
proxy_buffering off;
fastcgi_param REMOTE_USER $remote_user;
client_max_body_size 200M;
proxy_set_header X-Real-IP $remote_addr;
# Force https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}

4
conf/source/arm.src
View File

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.14.5/gitea-1.14.5-linux-arm-6
SOURCE_SUM=2808bea62a84389e123b94331de7b330f8b9b9149bff1e8758d6c7adae88ef5a
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.17.1/gitea-1.17.1-linux-arm-6
SOURCE_SUM=3229ddb4b4d9523c4dad2978c5af4da002a82f6dd65f4942e48ff9ea523f1f98
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

4
conf/source/arm64.src
View File

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.14.5/gitea-1.14.5-linux-arm64
SOURCE_SUM=43a9b559d8a080cbf55aac8961074a25018e83edfe70d7dc8666b9acff794b09
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.17.1/gitea-1.17.1-linux-arm64
SOURCE_SUM=21a5fc2b2b31939bf81dac5f872af154c0b2070340beb30660fbfa90911b637b
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

5
conf/source/arm64_1.14.src Normal file
View File

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.14.6/gitea-1.14.6-linux-arm64
SOURCE_SUM=d0e177368445748dcbfc3a082e2f1c68317d1490e11574224fb12ca01e91e15e
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

5
conf/source/arm64_1.15.src Normal file
View File

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.15.11/gitea-1.15.11-linux-arm64
SOURCE_SUM=a41a702d24e463c44dbc57a30551938a5e4c9377995065aca07e9dfbb22d5afc
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

5
conf/source/arm64_1.16.src Normal file
View File

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.16.9/gitea-1.16.9-linux-arm64
SOURCE_SUM=c468cb92fee1fc917923fd2728449fb9da97e5e9e4322d531716b3c6571ceb20
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

5
conf/source/arm_1.14.src Normal file
View File

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.14.6/gitea-1.14.6-linux-arm-6
SOURCE_SUM=4c075c11ee6b89b6c436c94e47290cf7daeff2006bb7ca1fbe6f22db4482e16f
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

5
conf/source/arm_1.15.src Normal file
View File

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.15.11/gitea-1.15.11-linux-arm-6
SOURCE_SUM=c60d364d8cb7e25b341cb7d9988cbc7b3485ff5aa994e021980dc47996a870f9
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

5
conf/source/arm_1.16.src Normal file
View File

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.16.9/gitea-1.16.9-linux-arm-6
SOURCE_SUM=0f0af0169b17927db6e8fe8711ef40c139d366983653034d6601e27761c3aa2b
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

4
conf/source/armv7.src
View File

@ -1,8 +1,8 @@
# The armv7 build is brocken
# See : https://github.com/go-gitea/gitea/issues/6700
# Use temporary the armv6 binary
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.14.5/gitea-1.14.5-linux-arm-6
SOURCE_SUM=2808bea62a84389e123b94331de7b330f8b9b9149bff1e8758d6c7adae88ef5a
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.17.1/gitea-1.17.1-linux-arm-6
SOURCE_SUM=3229ddb4b4d9523c4dad2978c5af4da002a82f6dd65f4942e48ff9ea523f1f98
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

8
conf/source/armv7_1.14.src Normal file
View File

@ -0,0 +1,8 @@
# The armv7 build is brocken
# See : https://github.com/go-gitea/gitea/issues/6700
# Use temporary the armv6 binary
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.14.6/gitea-1.14.6-linux-arm-6
SOURCE_SUM=4c075c11ee6b89b6c436c94e47290cf7daeff2006bb7ca1fbe6f22db4482e16f
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

8
conf/source/armv7_1.15.src Normal file
View File

@ -0,0 +1,8 @@
# The armv7 build is brocken
# See : https://github.com/go-gitea/gitea/issues/6700
# Use temporary the armv6 binary
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.15.11/gitea-1.15.11-linux-arm-6
SOURCE_SUM=c60d364d8cb7e25b341cb7d9988cbc7b3485ff5aa994e021980dc47996a870f9
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

8
conf/source/armv7_1.16.src Normal file
View File

@ -0,0 +1,8 @@
# The armv7 build is brocken
# See : https://github.com/go-gitea/gitea/issues/6700
# Use temporary the armv6 binary
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.16.9/gitea-1.16.9-linux-arm-6
SOURCE_SUM=0f0af0169b17927db6e8fe8711ef40c139d366983653034d6601e27761c3aa2b
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

4
conf/source/i386.src
View File

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.14.5/gitea-1.14.5-linux-386
SOURCE_SUM=4d144f146f85d8b87fd93809019e3d1fd1b691d1fcb1bd5ea3801e0dc5a87e84
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.17.1/gitea-1.17.1-linux-386
SOURCE_SUM=013b1e527c20f68aebd82b9e43aa85bfcad76b9bc7934d5891bb823a19a9d9c6
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

5
conf/source/i386_1.14.src Normal file
View File

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.14.6/gitea-1.14.6-linux-386
SOURCE_SUM=1a3382eb4faf60a5f5c590843f8e7cd1f7d0e78e99fe2511f86368340c0cfe2e
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

5
conf/source/i386_1.15.src Normal file
View File

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.15.11/gitea-1.15.11-linux-386
SOURCE_SUM=bad15648236e8da71de1a09b9fe0f21d955605c3aba92f6bcf7dc1f490791a8d
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

5
conf/source/i386_1.16.src Normal file
View File

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.16.9/gitea-1.16.9-linux-386
SOURCE_SUM=de40bf7cd20fe42f0d32bfc7401480cec7e1496297cb726acc94afd9d190bf9f
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

4
conf/source/x86-64.src
View File

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.14.5/gitea-1.14.5-linux-amd64
SOURCE_SUM=8a6f7983bd47690e6087e14b7a32d6fb0b8868b137da0ea5edff28c32763ca6d
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.17.1/gitea-1.17.1-linux-amd64
SOURCE_SUM=eafd476ee2a303d758448314272add00898d045439ab0d353ff4286c5e63496f
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

5
conf/source/x86-64_1.14.src Normal file
View File

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.14.6/gitea-1.14.6-linux-amd64
SOURCE_SUM=20cc0a89421695320b077c9fe4f16996f03aaf9d24f661f8d2255794551c849b
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

5
conf/source/x86-64_1.15.src Normal file
View File

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.15.11/gitea-1.15.11-linux-amd64
SOURCE_SUM=e2f62b67c311116fbf8e52b4c162dbd7684ce9c7f0370642c1d402fece43aa8f
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

5
conf/source/x86-64_1.16.src Normal file
View File

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/go-gitea/gitea/releases/download/v1.16.9/gitea-1.16.9-linux-amd64
SOURCE_SUM=821dd30afed9ae42b18e727174b078ea9118a6ccc5106d8246bebf8180fcbef3
SOURCE_SUM_PRG=sha256sum
SOURCE_FILENAME=gitea
SOURCE_EXTRACT=false

34
conf/systemd.service
View File

@ -15,10 +15,40 @@ After=slapd.service
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=/home/__APP__
WorkingDirectory=/home/yunohost.app/__APP__
ExecStart=/opt/__APP__/gitea web
Restart=always
Environment=USER=__APP__ HOME=/home/__APP__
Environment=USER=__APP__ HOME=/home/yunohost.app/__APP__
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install]
WantedBy=multi-user.target

1
doc/DESCRIPTION.md Normal file
View File

@ -0,0 +1 @@
Gitea is a fork of Gogs a self-hosted Git service written in Go. Alternative to GitHub.

77
doc/DISCLAIMER.md Normal file
View File

@ -0,0 +1,77 @@
## Additional informations
### Notes on SSH usage
If you want to use Gitea with SSH and be able to pull/push with your SSH key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration `/etc/ssh/sshd_config` that works with Gitea:
```bash
PubkeyAuthentication yes
AuthorizedKeysFile /home/yunohost.app/%u/.ssh/authorized_keys
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
```
You must also add your public key to your Gitea profile.
When using SSH on any port other than 22, you need to add these lines to your SSH configuration `~/.ssh/config`:
```bash
Host domain.tld
port 2222 # change this with the port you use
```
### Upgrade
By default, a backup is performed before upgrading. To avoid this, you have the following options:
- Pass the `NO_BACKUP_UPGRADE` env variable with `1` at each upgrade. For example `NO_BACKUP_UPGRADE=1 yunohost app upgrade gitea`.
- Set `disable_backup_before_upgrade` to `1`. You can set it with this command:
`yunohost app setting gitea disable_backup_before_upgrade -v 1`
After that, the settings will be applied for **all** the next updates.
From command line:
`yunohost app upgrade gitea`
### Backup
This application now uses the core-only feature of the backup. To keep the integrity of the data and to have a better guarantee of the restoration it is recommended to proceed as follows:
- Stop Gitea service with this command:
`systemctl stop gitea.service`
- Launch Gitea backup with this command:
`yunohost backup create --app gitea`
- Backup your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/yunohost.app/gitea`.
- Restart Gitea service with theses command:
`systemctl start gitea.service`
### Remove
Due of the backup core only feature the data directory in `/home/yunohost.app/gitea` **is not removed**. It must be manually deleted to purge user data from the app.
### LFS setup
To use a repository with an `LFS` setup, you need to activate it on `/opt/gitea/custom/conf/app.ini`
```ini
[server]
LFS_START_SERVER = true
LFS_HTTP_AUTH_EXPIRY = 20m
```
By default, NGINX is configured with a maximum value for uploading files at 200 MB. It's possible to change this value on `/etc/nginx/conf.d/my.domain.tld.d/gitea.conf`.
```
client_max_body_size 200M;
```
Don't forget to restart Gitea `sudo systemctl restart gitea.service`.
> These settings are restored to the default configuration when updating Gitea. Remember to restore your configuration after all updates.
### Git command access with HTTPS
If you want to use the Git command (like `git clone`, `git pull`, `git push`), you need to set this app as **public**.

BIN
doc/screenshots/screenshot.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 96 KiB

33
manifest.json
View File

@ -6,9 +6,15 @@
"en": "Lightweight Git forge",
"fr": "Forge Git légère"
},
"upstream": {
"license": "MIT",
"website": "https://gitea.io/",
"admindoc": "https://docs.gitea.io/",
"code": "https://github.com/go-gitea/gitea"
},
"url": "http://gitea.io",
"license": "MIT",
"version": "1.14.5~ynh1",
"version": "1.17.1~ynh1",
"maintainer": {
"name": "Josué Tille",
"email": "josue@tille.ch"
@ -29,41 +35,22 @@
"install" : [
{
"name": "domain",
"type": "domain",
"ask": {
"en": "Choose a domain for Gitea",
"fr": "Choisissez un domaine pour Gitea"
},
"example": "domain.org"
"type": "domain"
},
{
"name": "path",
"type": "path",
"ask": {
"en": "Choose a path for Gitea",
"fr": "Choisissez un chemin pour Gitea"
},
"example": "/gitea",
"default": "/gitea"
},
{
"name": "admin",
"type": "user",
"ask": {
"en": "Choose the Gitea administrator (must be an existing YunoHost user)",
"fr": "Choisissez l'administrateur de Gitea (doit être un utilisateur YunoHost existant)"
},
"example": "johndoe"
"type": "user"
},
{
"name": "is_public",
"type": "boolean",
"ask": {
"en": "Is it a public site?",
"fr": "Est-ce un site public ?"
},
"help": {
"en": "A public server means that everybody is able to access to the pain page of the forge, on the public profile of the user and on the public repository. But you still can limit the access to each repository if you set it as private. Note that to be able to use the remote Git command (clone, pull, push) with HTTP and to use the API by (by example with a smartphone), you need to set this application as public.",
"en": "A public server means that everybody is able to access to the main page of the forge, on the public profile of the user and on the public repository. But you still can limit the access to each repository if you set it as private. Note that to be able to use the remote Git command (clone, pull, push) with HTTP and to use the API by (by example with a smartphone), you need to set this application as public.",
"fr": "Un serveur public signifie que tout le monde peut accéder à la page principale de la forge, au profil public des utilisateurs et aux dépôts publics. Vous pouvez également définir les dépôts comme étant privés. Notez que pour pouvoir utiliser les commandes Git distantes (clone, pull, push) avec HTTP et pour pouvoir utiliser l'API (par exemple avec un smartphone), vous devez paramétrer cette application comme étant publique."
},
"default": true

53
scripts/_common.sh
View File

@ -4,12 +4,12 @@
app=$YNH_APP_INSTANCE_NAME
dbname=$app
dbuser=$app
db_user=$app
final_path="/opt/$app"
DATADIR="/home/$app"
REPO_PATH="$DATADIR/repositories"
DATA_PATH="$DATADIR/data"
SSH_PATH="$DATADIR/.ssh"
datadir="/home/yunohost.app/$app"
repos_path="$datadir/repositories"
data_path="$datadir/data"
ssh_path="$datadir/.ssh"
# Detect the system architecture to download the right tarball
# NOTE: `uname -m` is more accurate and universal than `arch`
@ -36,10 +36,10 @@ fi
create_dir() {
mkdir -p "$final_path/data"
mkdir -p "$final_path/custom/conf"
mkdir -p "$SSH_PATH"
mkdir -p "$REPO_PATH"
mkdir -p "$DATA_PATH/avatars"
mkdir -p "$DATA_PATH/attachments"
mkdir -p "$ssh_path"
mkdir -p "$repos_path"
mkdir -p "$data_path/avatars"
mkdir -p "$data_path/attachments"
mkdir -p "/var/log/$app"
}
@ -53,46 +53,17 @@ config_nginx() {
config_gitea() {
ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+")
ynh_backup_if_checksum_is_different --file "$final_path/custom/conf/app.ini"
cp ../conf/app.ini "$final_path/custom/conf"
usermod -s /bin/bash $app
if [ "$path_url" = "/" ]
then
ynh_replace_string --match_string __URL__ --replace_string "$domain" --target_file "$final_path/custom/conf/app.ini"
else
ynh_replace_string --match_string __URL__ --replace_string "$domain${path_url%/}" --target_file "$final_path/custom/conf/app.ini"
fi
ynh_replace_string --match_string __REPOS_PATH__ --replace_string "$REPO_PATH" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __DB_PASSWORD__ --replace_string "$dbpass" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __DB_USER__ --replace_string "$dbuser" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __DOMAIN__ --replace_string "$domain" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __KEY__ --replace_string "$key" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __DATA_PATH__ --replace_string "$DATA_PATH" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __PORT__ --replace_string $port --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __APP__ --replace_string $app --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __SSH_PORT__ --replace_string $ssh_port --target_file "$final_path/custom/conf/app.ini"
ynh_store_file_checksum --file "$final_path/custom/conf/app.ini"
ynh_add_config --template="app.ini" --destination="$final_path/custom/conf/app.ini"
}
set_permission() {
chown -R $app:$app "$final_path"
chown -R $app:$app "/home/$app"
chown -R $app:$app "$datadir"
chown -R $app:$app "/var/log/$app"
chmod u=rwX,g=rX,o= "$final_path"
chmod u=rwx,g=rx,o= "$final_path/gitea"
chmod u=rwx,g=rx,o= "$final_path/custom/conf/app.ini"
chmod u=rwX,g=rX,o= "/home/$app"
chmod u=rwX,g=rX,o= "$datadir"
chmod u=rwX,g=rX,o= "/var/log/$app"
}
set_access_settings() {
if [ "$is_public" == '1' ];
then
ynh_permission_update --permission "main" --add "visitors"
fi
}

2
scripts/backup
View File

@ -32,7 +32,7 @@ ynh_backup --src_path "$final_path"
# Copy the data files
ynh_print_info --message="Backing up user data..."
ynh_backup --src_path "$DATADIR" --is_big=1
ynh_backup --src_path "$datadir" --is_big=1
ynh_print_info --message="Backing up configuration..."

5
scripts/change_url
View File

@ -22,9 +22,10 @@ domain=$YNH_APP_NEW_DOMAIN
path_url=$(ynh_normalize_url_path --path_url ${YNH_APP_NEW_PATH:-'/'})
app=$YNH_APP_INSTANCE_NAME
dbpass=$(ynh_app_setting_get --app $app --key mysqlpwd)
db_password=$(ynh_app_setting_get --app $app --key mysqlpwd)
admin=$(ynh_app_setting_get --app $app --key adminusername)
key=$(ynh_app_setting_get --app $app --key secret_key)
lfs_key=$(ynh_app_setting_get --app $app --key lfs_key)
port=$(ynh_app_setting_get --app $app --key web_port)
upstream_version=$(ynh_app_setting_get $app upstream_version)
@ -55,7 +56,7 @@ config_gitea
# RELOAD services
ynh_script_progression --message="Starting services..."
ynh_systemd_action -l "Starting new server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 -a restart
ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 -a restart
sleep 1
# Store the checksum with the 'INTERNAL_TOKEN' value.

38
scripts/install
View File

@ -33,26 +33,27 @@ ynh_user_exists "$admin" \
# Check Final Path availability
test ! -e "$final_path" || ynh_die --message "This path already contains a folder"
if [ -e "$DATADIR" ]; then
old_data_dir_path="$DATADIR$(date '+%Y%m%d.%H%M%S')"
if [ -e "$datadir" ]; then
old_data_dir_path="$datadir$(date '+%Y%m%d.%H%M%S')"
ynh_print_warn "A data directory already exist. Data was renamed to $old_data_dir_path"
mv "$DATADIR" "$old_data_dir_path"
mv "$datadir" "$old_data_dir_path"
fi
# Generate random password and key
ynh_script_progression --message="Defining db password and key..."
dbpass=$(ynh_string_random)
db_password=$(ynh_string_random)
key=$(ynh_string_random)
lfs_key=$(ynh_string_random)
# Find available ports
port=$(ynh_find_port --port 6000)
# Store Settings
ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set --app $app --key mysqlpwd --value $dbpass
ynh_app_setting_set --app $app --key mysqlpwd --value $db_password
ynh_app_setting_set --app $app --key adminusername --value $admin
ynh_app_setting_set --app $app --key is_public --value $is_public
ynh_app_setting_set --app $app --key secret_key --value $key
ynh_app_setting_set --app $app --key lfs_key --value $lfs_key
ynh_app_setting_set --app $app --key web_port --value $port
#=================================================
@ -61,11 +62,13 @@ ynh_app_setting_set --app $app --key web_port --value $port
# Initialize database and store mysql password for upgrade
ynh_script_progression --message="Configuring MySQL database..."
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
ynh_mysql_create_db "$dbname" "$db_user" "$db_password"
# Add users
ynh_script_progression --message="Configuring system user..."
ynh_system_user_create --username=$app --home_dir=/home/$app --use_shell
ynh_system_user_create --username=$app --home_dir=$datadir --use_shell
# Add ssh permission for gitea user
adduser $app ssh.app
# create needed directories
create_dir
@ -97,14 +100,14 @@ ynh_script_progression --message="Configuring application, step 2/2..."
systemctl start "$app".service
# Wait untill login_source mysql table is created
while ! $(ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
while ! $(ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
do
sleep 2
done
# Add ldap config
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ../conf/login_source.sql
# SETUP FAIL2BAN
ynh_script_progression --message="Configuring fail2ban..."
@ -115,16 +118,19 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
#=================================================
# Unprotect root from SSO if public
ynh_script_progression --message="Protecting directory"
set_access_settings
ynh_script_progression --message="Configuring permissions..."
if [ "$is_public" == '1' ];
then
ynh_permission_update --permission "main" --add "visitors"
fi
# Create permission
ynh_script_progression --message="Configuring permissions"
ynh_permission_create --permission="admin" --allowed=$admin
# Add gitea to YunoHost's monitored services
ynh_script_progression --message="Register gitea service..."
yunohost service add "$app" --log "/var/log/$app/gitea.log"
ynh_script_progression --message="Register Gitea service..."
yunohost service add "$app" --log="/var/log/$app/gitea.log"
# Configure logrotate
ynh_script_progression --message="Configuring log rotation..."
@ -135,8 +141,8 @@ ynh_app_setting_set --app $app --key upstream_version --value $(ynh_app_upstream
# Reload services
ynh_script_progression --message="Starting gitea services..." --weight=3
ynh_systemd_action -l "Starting new server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10
sleep 1
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
# Store the checksum with the 'INTERNAL_TOKEN' value.
# Should be removed when the issue https://github.com/go-gitea/gitea/issues/3246 is fixed

4
scripts/remove
View File

@ -27,7 +27,7 @@ systemctl stop "$app".service
# Drop MySQL database and user
ynh_script_progression --message="Removing databases..."
ynh_mysql_drop_db "$dbname" 2>/dev/null
ynh_mysql_drop_user "$dbuser" 2>/dev/null
ynh_mysql_drop_user "$db_user" 2>/dev/null
# Delete app directory and configurations
ynh_script_progression --message="Removing code..."
@ -58,7 +58,7 @@ yunohost service remove "$app"
ynh_script_progression --message="Removing fail2ban configuration..."
ynh_remove_fail2ban_config
ynh_print_info --message="Due of the backup core only feature the data directory in '$DATADIR' was not removed. It need to be removed manually to purge app user data."
ynh_print_info --message="Due of the backup core only feature the data directory in '$datadir' was not removed. It need to be removed manually to purge app user data."
ynh_script_progression --message="Removal of $app completed" --last
sleep 1

17
scripts/restore
View File

@ -19,14 +19,11 @@ ynh_script_progression --message="Loading settings..."
# Retrieve old app settings
domain=$(ynh_app_setting_get --app $app --key domain)
path_url=$(ynh_app_setting_get --app $app --key path)
dbpass=$(ynh_app_setting_get --app $app --key mysqlpwd)
db_password=$(ynh_app_setting_get --app $app --key mysqlpwd)
admin=$(ynh_app_setting_get --app $app --key adminusername)
port=$(ynh_app_setting_get --app $app --key web_port)
upstream_version=$(ynh_app_setting_get $app upstream_version)
# Check domain/path availability with app helper
ynh_webpath_available --domain $domain --path_url $path_url || ynh_die --message "$domain is not available as domain, please use an other domain."
# Check user parameter
ynh_user_exists "$admin" \
|| ynh_die --message "The chosen admin user does not exist."
@ -40,7 +37,7 @@ test ! -e "$final_path" || ynh_die --message "This path already contains a folde
# Add users
ynh_script_progression --message="Configuring system user..."
ynh_system_user_create --username=$app --home_dir=/home/$app --use_shell
ynh_system_user_create --username=$app --home_dir=$datadir --use_shell
# Restore all files
ynh_script_progression --message="Restoring files..." --weight=10
@ -48,8 +45,8 @@ ynh_restore
# Create and restore the database
ynh_script_progression --message="Restoring database..." --weight=3
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./db.sql
ynh_mysql_create_db "$dbname" "$db_user" "$db_password"
ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ./db.sql
# Restore systemd files
systemctl daemon-reload
@ -72,13 +69,13 @@ ynh_script_progression --message="Configuring log rotation..."
ynh_use_logrotate --logfile "/var/log/$app"
# Add gitea to YunoHost's monitored services
ynh_script_progression --message="Register gitea service..."
yunohost service add "$app" --log /var/log/"$app"/gitea.log
ynh_script_progression --message="Register Gitea service..."
yunohost service add "$app" --log=/var/log/$app/gitea.log
# Reload services
ynh_script_progression --message="Reloading services..."
systemctl reload nginx.service
ynh_systemd_action -l "Starting new server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10
ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10
sleep 1
ynh_script_progression --message="Restoration completed for $app" --last

138
scripts/upgrade
View File

@ -11,29 +11,33 @@ source ./_common.sh
# IMPORT GENERIC HELPERS
source /usr/share/yunohost/helpers
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
# Retrieve app settings
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
domain=$(ynh_app_setting_get --app $app --key domain)
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_normalize_url_path --path_url $(ynh_app_setting_get --app $app --key path))
dbpass=$(ynh_app_setting_get --app $app --key mysqlpwd)
admin=$(ynh_app_setting_get --app $app --key adminusername)
key=$(ynh_app_setting_get --app $app --key secret_key)
is_public=$(ynh_app_setting_get --app $app --key is_public)
port=$(ynh_app_setting_get --app $app --key web_port)
upstream_version=$(ynh_app_setting_get --app $app --key upstream_version)
db_password=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
admin=$(ynh_app_setting_get --app=$app --key=adminusername)
key=$(ynh_app_setting_get --app=$app --key=secret_key)
lfs_key=$(ynh_app_setting_get --app=$app --key=lfs_key)
port=$(ynh_app_setting_get --app=$app --key=web_port)
upstream_version=$(ynh_app_setting_get --app=$app --key=upstream_version)
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1
# We stop the service before to set ynh_clean_setup
ynh_systemd_action --service_name=$app --action="stop"
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=10
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
# We stop the service before to set ynh_clean_setup
ynh_systemd_action --service_name=$app.service --action=stop
# Backup the current version of the app
if [ "0$(ynh_app_setting_get --app=$app --key=disable_backup_before_upgrade)" -ne 1 ]
then
ynh_backup_before_upgrade
@ -44,28 +48,42 @@ then
}
fi
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# If lfs_key doesn't exist, create it
if [ -z "$lfs_key" ]; then
lfs_key=$(ynh_string_random)
ynh_app_setting_set --app=$app --key=lfs_key --value=$lfs_key
fi
#=================================================
# MIGRATION FROM GOGS
#=================================================
[[ $YNH_APP_ID == "gogs" ]] \
&& [[ "$(cat "/opt/$app/templates/.VERSION")" != 0.11.79.1211 ]] \
&& ynh_die --message "It look like that you have an old gogs install. You need first upgrade gogs instance (id : $gogs_migrate_id) and after migrate to gitea."
&& ynh_die --message "It look like that you have an old Gogs install. You need first upgrade Gogs instance (id: $gogs_migrate_id) and after migrate to Gitea."
ynh_handle_app_migration --migration_id=gogs --migration_list=gogs_migrations
if [[ $migration_process -eq 1 ]]; then
# Reload variables
dbname=$app
dbuser=$app
db_user=$app
final_path="/opt/$app"
DATADIR="/home/$app"
REPO_PATH="$DATADIR/repositories"
DATA_PATH="$DATADIR/data"
datadir="/home/""$app"
repos_path="$datadir/repositories"
data_path="$datadir/data"
# Replace the user
ynh_system_user_delete $old_app
test getent passwd "$app" &>/dev/null || \
useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \
useradd -d "$datadir" --system --user-group "$app" --shell /bin/bash || \
ynh_die --message "Unable to create $app system account"
# Clean old binary
@ -74,14 +92,14 @@ if [[ $migration_process -eq 1 ]]; then
# Restore authentication from SQL database
ynh_replace_string --match_string __APP__ --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ../conf/login_source.sql
# Fix hooks
if [[ -e $REPO_PATH ]];then
ls $REPO_PATH/*/*.git/hooks/pre-receive | while read p; do
if [[ -e $repos_path ]];then
ls $repos_path/*/*.git/hooks/pre-receive | while read p; do
ynh_secure_remove --file=$p
done
ls $REPO_PATH/*/*.git/hooks/post-receive | while read p; do
ls $repos_path/*/*.git/hooks/post-receive | while read p; do
ynh_secure_remove --file=$p
done
fi
@ -89,10 +107,14 @@ if [[ $migration_process -eq 1 ]]; then
upstream_version="0.0.1"
fi
# Move data directory
if [ -e "/home/""$app" ] && [ ! -e $datadir ]; then
mv "/home/""$app" "$datadir"
fi
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
ynh_script_progression --message="Configuring application..."
# Clean template to fix issue : https://github.com/gogits/gogs/issues/4585
@ -105,14 +127,13 @@ config_gitea
ynh_script_progression --message="Updating systemd units..."
ynh_add_systemd_config
# Modify Nginx configuration file and copy it to Nginx conf directory
ynh_script_progression --message="Configuring nginx..." --weight=1
# Modify Nginx configuration file and copy it to NGINX conf directory
ynh_script_progression --message="Configuring NGINX..." --weight=1
config_nginx
#=================================================
# DB migration
#=================================================
ynh_script_progression --message="Upgrading database and sources..." --weight=6
# Before the version 1.7 the upstream version was not stored
@ -129,7 +150,7 @@ fi
restart_gitea() {
# Set permissions
set_permission
ynh_systemd_action -l "Starting new server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 30
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
# Leave the time to update the database schema
sleep 5
systemctl stop $app
@ -195,14 +216,31 @@ case $upstream_version in
ynh_setup_source $final_path source/${architecture}_1.13
restart_gitea
;&
"1.13."* )
ynh_setup_source $final_path source/${architecture}_1.14
restart_gitea
;&
"1.14."* )
ynh_setup_source $final_path source/${architecture}_1.15
restart_gitea
;&
"1.15."* )
ynh_setup_source $final_path source/${architecture}_1.16
restart_gitea
;&
"1.16."* )
ynh_setup_source $final_path source/${architecture}_1.16
restart_gitea
;&
esac
# Install gitea source
ynh_setup_source $final_path source/$architecture
restart_gitea
# SETUP FAIL2BAN
ynh_script_progression --message="Configuring fail2ban..."
ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Failed authentication attempt for .* from <HOST>" --max_retry 5
ynh_script_progression --message="Configuring Fail2Ban..."
ynh_add_fail2ban_config --logpath="/var/log/$app/gitea.log" --failregex=".*Failed authentication attempt for .* from <HOST>" --max_retry 5
#=================================================
# GENERIC FINALIZATION
@ -212,46 +250,42 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
ynh_script_progression --message="Update permission..."
if ! ynh_permission_exists --permission admin; then
ynh_app_setting_delete --app $app --key unprotected_uris
ynh_permission_create --permission 'admin' --allowed "$admin"
ynh_permission_create --permission="admin" --allowed="$admin"
# Update ldap config
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
fi
if [ "$is_public" == '1' ];
then
ynh_permission_update --permission "main" --add "visitors"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/login_source.sql"
ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ../conf/login_source.sql
fi
# Add gitea to YunoHost's monitored services
ynh_script_progression --message="Register gitea service..."
yunohost service add "$app" --log "/var/log/$app/gitea.log"
ynh_script_progression --message="Register Gitea service..."
yunohost service add "$app" --log="/var/log/$app/gitea.log"
# Add ssh permission for gitea user
adduser $app ssh.app
# Set permissions
ynh_script_progression --message="Protecting directory"
set_permission
# Save Version
ynh_app_setting_set --app $app --key upstream_version --value $(ynh_app_upstream_version)
# Unprotect root from SSO if public
ynh_script_progression --message="Configuring permissions..."
set_access_settings
ynh_app_setting_set --app=$app --key=upstream_version --value=$(ynh_app_upstream_version)
# Reload services
ynh_script_progression --message="Starting gitea services..." --weight=3
ynh_systemd_action -l "Starting new server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10
sleep 1
ynh_script_progression --message="Starting Gitea services..." --weight=3
#ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10
#sleep 1
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
# Store the checksum with the 'INTERNAL_TOKEN' value.
# Should be removed when the issue https://github.com/go-gitea/gitea/issues/3246 is fixed
ynh_store_file_checksum --file "$final_path/custom/conf/app.ini"
ynh_store_file_checksum --file="$final_path/custom/conf/app.ini"
#=================================================
# FINISH MIGRATION PROCESS
#=================================================
if [[ $migration_process -eq 1 ]]; then
echo "gogs has been successfully migrated to Gitea! \
echo "Gogs has been successfully migrated to Gitea! \
A last scheduled operation will run in a couple of minutes to finish the \
migration in YunoHost side. Do not proceed any application operation while \
you don't see Gogs as installed." >&2