mirror of
https://framagit.org/YunoHost-Apps/gitea_ynh.git
synced 2024-11-21 10:31:36 +01:00
Fix linter
This commit is contained in:
parent
d43bc11857
commit
fc1befe9f8
@ -21,7 +21,7 @@ FORCE_PRIVATE = false
|
||||
DOMAIN = __DOMAIN__
|
||||
HTTP_PORT = __PORT__
|
||||
HTTP_ADDR = 127.0.0.1
|
||||
ROOT_URL = https://__URL__/
|
||||
ROOT_URL = https://__DOMAIN____PATH_URL__
|
||||
DISABLE_SSH = false
|
||||
SSH_PORT = __SSH_PORT__
|
||||
OFFLINE_MODE = false
|
||||
|
@ -6,11 +6,6 @@ location __PATH__/ {
|
||||
client_max_body_size 200M;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
|
||||
# Force https
|
||||
if ($scheme = http) {
|
||||
rewrite ^ https://$server_name$request_uri? permanent;
|
||||
}
|
||||
|
||||
# Include SSOWAT user panel.
|
||||
include conf.d/yunohost_panel.conf.inc;
|
||||
}
|
||||
|
1
doc/DESCRIPTION.md
Normal file
1
doc/DESCRIPTION.md
Normal file
@ -0,0 +1 @@
|
||||
Gitea is a fork of Gogs a self-hosted Git service written in Go. Alternative to Github.
|
77
doc/DISCLAIMER.md
Normal file
77
doc/DISCLAIMER.md
Normal file
@ -0,0 +1,77 @@
|
||||
Additional informations
|
||||
-----------------------
|
||||
|
||||
### Notes on SSH usage
|
||||
|
||||
If you want to use Gitea with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gitea:
|
||||
|
||||
```bash
|
||||
PubkeyAuthentication yes
|
||||
AuthorizedKeysFile /home/%u/.ssh/authorized_keys
|
||||
ChallengeResponseAuthentication no
|
||||
PasswordAuthentication no
|
||||
UsePAM no
|
||||
```
|
||||
|
||||
You also need to add your public key to your Gitea profile.
|
||||
|
||||
If you use ssh on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`:
|
||||
|
||||
```bash
|
||||
Host domain.tld
|
||||
port 2222 # change this with the port you use
|
||||
```
|
||||
|
||||
### Upgrade
|
||||
|
||||
By default a backup is made before the upgrade. To avoid this you have theses following possibilites:
|
||||
- Pass the `NO_BACKUP_UPGRADE` env variable with `1` at each upgrade. By example `NO_BACKUP_UPGRADE=1 yunohost app upgrade gitea`.
|
||||
- Set the settings `disable_backup_before_upgrade` to `1`. You can set this with this command:
|
||||
|
||||
`yunohost app setting gitea disable_backup_before_upgrade -v 1`
|
||||
|
||||
After this settings will be applied for **all** next upgrade.
|
||||
|
||||
From command line:
|
||||
|
||||
`yunohost app upgrade gitea`
|
||||
|
||||
### Backup
|
||||
|
||||
This app use now the core-only feature of the backup. To keep the integrity of the data and to have a better guarantee of the restoration is recommended to proceed like this:
|
||||
|
||||
- Stop gitea service with theses following command:
|
||||
|
||||
`systemctl stop gitea.service`
|
||||
|
||||
- Launch the backup of gitea with this following command:
|
||||
|
||||
`yunohost backup create --app gitea`
|
||||
|
||||
- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/gitea`.
|
||||
- Restart the gitea service with theses command:
|
||||
|
||||
`systemctl start gitea.service`
|
||||
|
||||
### Remove
|
||||
|
||||
Due of the backup core only feature the data directory in `/home/gitea` **is not removed**. It need to be removed manually to purge app user data.
|
||||
|
||||
### LFS setup
|
||||
To use a repository with an `LFS` setup, you need to activate-it on `/opt/gitea/custom/conf/app.ini`
|
||||
```ini
|
||||
[server]
|
||||
LFS_START_SERVER = true
|
||||
LFS_HTTP_AUTH_EXPIRY = 20m
|
||||
```
|
||||
By default Nginx is setup with a max value to updload files at 200 Mo. It's possible to change this value on `/etc/nginx/conf.d/my.domain.tld.d/gitea.conf`.
|
||||
```
|
||||
client_max_body_size 200M;
|
||||
```
|
||||
Don't forget to restart Gitea `sudo systemctl restart gitea.service`.
|
||||
|
||||
> This settings are restored to the default config when Gitea is updated. Don't forget to restore your setup after all updates.
|
||||
|
||||
### Git command access with HTTPS
|
||||
|
||||
If you want to use the git command (like `git clone`, `git pull`, `git push`), you need to set this app as **public**.
|
@ -6,6 +6,12 @@
|
||||
"en": "Lightweight Git forge",
|
||||
"fr": "Forge Git légère"
|
||||
},
|
||||
"upstream": {
|
||||
"license": "free",
|
||||
"website": "https://gitea.io/",
|
||||
"admindoc": "https://docs.gitea.io/",
|
||||
"code": "https://github.com/go-gitea/gitea"
|
||||
},
|
||||
"url": "http://gitea.io",
|
||||
"license": "MIT",
|
||||
"version": "1.16.5~ynh1",
|
||||
@ -29,39 +35,20 @@
|
||||
"install" : [
|
||||
{
|
||||
"name": "domain",
|
||||
"type": "domain",
|
||||
"ask": {
|
||||
"en": "Choose a domain for Gitea",
|
||||
"fr": "Choisissez un domaine pour Gitea"
|
||||
},
|
||||
"example": "domain.org"
|
||||
"type": "domain"
|
||||
},
|
||||
{
|
||||
"name": "path",
|
||||
"type": "path",
|
||||
"ask": {
|
||||
"en": "Choose a path for Gitea",
|
||||
"fr": "Choisissez un chemin pour Gitea"
|
||||
},
|
||||
"example": "/gitea",
|
||||
"default": "/gitea"
|
||||
},
|
||||
{
|
||||
"name": "admin",
|
||||
"type": "user",
|
||||
"ask": {
|
||||
"en": "Choose the Gitea administrator (must be an existing YunoHost user)",
|
||||
"fr": "Choisissez l'administrateur de Gitea (doit être un utilisateur YunoHost existant)"
|
||||
},
|
||||
"example": "johndoe"
|
||||
"type": "user"
|
||||
},
|
||||
{
|
||||
"name": "is_public",
|
||||
"type": "boolean",
|
||||
"ask": {
|
||||
"en": "Is it a public site?",
|
||||
"fr": "Est-ce un site public ?"
|
||||
},
|
||||
"help": {
|
||||
"en": "A public server means that everybody is able to access to the main page of the forge, on the public profile of the user and on the public repository. But you still can limit the access to each repository if you set it as private. Note that to be able to use the remote Git command (clone, pull, push) with HTTP and to use the API by (by example with a smartphone), you need to set this application as public.",
|
||||
"fr": "Un serveur public signifie que tout le monde peut accéder à la page principale de la forge, au profil public des utilisateurs et aux dépôts publics. Vous pouvez également définir les dépôts comme étant privés. Notez que pour pouvoir utiliser les commandes Git distantes (clone, pull, push) avec HTTP et pour pouvoir utiliser l'API (par exemple avec un smartphone), vous devez paramétrer cette application comme étant publique."
|
||||
|
@ -4,7 +4,7 @@
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
dbname=$app
|
||||
dbuser=$app
|
||||
db_user=$app
|
||||
final_path="/opt/$app"
|
||||
DATADIR="/home/$app"
|
||||
REPO_PATH="$DATADIR/repositories"
|
||||
@ -53,29 +53,7 @@ config_nginx() {
|
||||
|
||||
config_gitea() {
|
||||
ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+")
|
||||
ynh_backup_if_checksum_is_different --file "$final_path/custom/conf/app.ini"
|
||||
|
||||
cp ../conf/app.ini "$final_path/custom/conf"
|
||||
usermod -s /bin/bash $app
|
||||
|
||||
if [ "$path_url" = "/" ]
|
||||
then
|
||||
ynh_replace_string --match_string __URL__ --replace_string "$domain" --target_file "$final_path/custom/conf/app.ini"
|
||||
else
|
||||
ynh_replace_string --match_string __URL__ --replace_string "$domain${path_url%/}" --target_file "$final_path/custom/conf/app.ini"
|
||||
fi
|
||||
|
||||
ynh_replace_string --match_string __REPOS_PATH__ --replace_string "$REPO_PATH" --target_file "$final_path/custom/conf/app.ini"
|
||||
ynh_replace_string --match_string __DB_PASSWORD__ --replace_string "$dbpass" --target_file "$final_path/custom/conf/app.ini"
|
||||
ynh_replace_string --match_string __DB_USER__ --replace_string "$dbuser" --target_file "$final_path/custom/conf/app.ini"
|
||||
ynh_replace_string --match_string __DOMAIN__ --replace_string "$domain" --target_file "$final_path/custom/conf/app.ini"
|
||||
ynh_replace_string --match_string __KEY__ --replace_string "$key" --target_file "$final_path/custom/conf/app.ini"
|
||||
ynh_replace_string --match_string __DATA_PATH__ --replace_string "$DATA_PATH" --target_file "$final_path/custom/conf/app.ini"
|
||||
ynh_replace_string --match_string __PORT__ --replace_string $port --target_file "$final_path/custom/conf/app.ini"
|
||||
ynh_replace_string --match_string __APP__ --replace_string $app --target_file "$final_path/custom/conf/app.ini"
|
||||
ynh_replace_string --match_string __SSH_PORT__ --replace_string $ssh_port --target_file "$final_path/custom/conf/app.ini"
|
||||
|
||||
ynh_store_file_checksum --file "$final_path/custom/conf/app.ini"
|
||||
ynh_add_config --template="app.ini" --destination="$final_path/custom/conf/app.ini"
|
||||
}
|
||||
|
||||
set_permission() {
|
||||
@ -89,10 +67,3 @@ set_permission() {
|
||||
chmod u=rwX,g=rX,o= "/home/$app"
|
||||
chmod u=rwX,g=rX,o= "/var/log/$app"
|
||||
}
|
||||
|
||||
set_access_settings() {
|
||||
if [ "$is_public" == '1' ];
|
||||
then
|
||||
ynh_permission_update --permission "main" --add "visitors"
|
||||
fi
|
||||
}
|
||||
|
@ -22,7 +22,7 @@ domain=$YNH_APP_NEW_DOMAIN
|
||||
path_url=$(ynh_normalize_url_path --path_url ${YNH_APP_NEW_PATH:-'/'})
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
dbpass=$(ynh_app_setting_get --app $app --key mysqlpwd)
|
||||
DB_PASSWORD=$(ynh_app_setting_get --app $app --key mysqlpwd)
|
||||
admin=$(ynh_app_setting_get --app $app --key adminusername)
|
||||
key=$(ynh_app_setting_get --app $app --key secret_key)
|
||||
port=$(ynh_app_setting_get --app $app --key web_port)
|
||||
|
@ -41,7 +41,7 @@ fi
|
||||
|
||||
# Generate random password and key
|
||||
ynh_script_progression --message="Defining db password and key..."
|
||||
dbpass=$(ynh_string_random)
|
||||
DB_PASSWORD=$(ynh_string_random)
|
||||
key=$(ynh_string_random)
|
||||
|
||||
# Find available ports
|
||||
@ -49,9 +49,8 @@ port=$(ynh_find_port --port 6000)
|
||||
|
||||
# Store Settings
|
||||
ynh_script_progression --message="Storing installation settings..."
|
||||
ynh_app_setting_set --app $app --key mysqlpwd --value $dbpass
|
||||
ynh_app_setting_set --app $app --key mysqlpwd --value $DB_PASSWORD
|
||||
ynh_app_setting_set --app $app --key adminusername --value $admin
|
||||
ynh_app_setting_set --app $app --key is_public --value $is_public
|
||||
ynh_app_setting_set --app $app --key secret_key --value $key
|
||||
ynh_app_setting_set --app $app --key web_port --value $port
|
||||
|
||||
@ -61,7 +60,7 @@ ynh_app_setting_set --app $app --key web_port --value $port
|
||||
|
||||
# Initialize database and store mysql password for upgrade
|
||||
ynh_script_progression --message="Configuring MySQL database..."
|
||||
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
|
||||
ynh_mysql_create_db "$dbname" "$db_user" "$DB_PASSWORD"
|
||||
|
||||
# Add users
|
||||
ynh_script_progression --message="Configuring system user..."
|
||||
@ -99,14 +98,14 @@ ynh_script_progression --message="Configuring application, step 2/2..."
|
||||
systemctl start "$app".service
|
||||
|
||||
# Wait untill login_source mysql table is created
|
||||
while ! $(ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
|
||||
while ! $(ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
|
||||
do
|
||||
sleep 2
|
||||
done
|
||||
|
||||
# Add ldap config
|
||||
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
|
||||
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
|
||||
ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" < ../conf/login_source.sql
|
||||
|
||||
# SETUP FAIL2BAN
|
||||
ynh_script_progression --message="Configuring fail2ban..."
|
||||
@ -118,7 +117,10 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
|
||||
|
||||
# Unprotect root from SSO if public
|
||||
ynh_script_progression --message="Protecting directory"
|
||||
set_access_settings
|
||||
if [ "$is_public" == '1' ];
|
||||
then
|
||||
ynh_permission_update --permission "main" --add "visitors"
|
||||
fi
|
||||
|
||||
# Create permission
|
||||
ynh_script_progression --message="Configuring permissions"
|
||||
|
@ -27,7 +27,7 @@ systemctl stop "$app".service
|
||||
# Drop MySQL database and user
|
||||
ynh_script_progression --message="Removing databases..."
|
||||
ynh_mysql_drop_db "$dbname" 2>/dev/null
|
||||
ynh_mysql_drop_user "$dbuser" 2>/dev/null
|
||||
ynh_mysql_drop_user "$db_user" 2>/dev/null
|
||||
|
||||
# Delete app directory and configurations
|
||||
ynh_script_progression --message="Removing code..."
|
||||
|
@ -19,14 +19,11 @@ ynh_script_progression --message="Loading settings..."
|
||||
# Retrieve old app settings
|
||||
domain=$(ynh_app_setting_get --app $app --key domain)
|
||||
path_url=$(ynh_app_setting_get --app $app --key path)
|
||||
dbpass=$(ynh_app_setting_get --app $app --key mysqlpwd)
|
||||
DB_PASSWORD=$(ynh_app_setting_get --app $app --key mysqlpwd)
|
||||
admin=$(ynh_app_setting_get --app $app --key adminusername)
|
||||
port=$(ynh_app_setting_get --app $app --key web_port)
|
||||
upstream_version=$(ynh_app_setting_get $app upstream_version)
|
||||
|
||||
# Check domain/path availability with app helper
|
||||
ynh_webpath_available --domain $domain --path_url $path_url || ynh_die --message "$domain is not available as domain, please use an other domain."
|
||||
|
||||
# Check user parameter
|
||||
ynh_user_exists "$admin" \
|
||||
|| ynh_die --message "The chosen admin user does not exist."
|
||||
@ -48,8 +45,8 @@ ynh_restore
|
||||
|
||||
# Create and restore the database
|
||||
ynh_script_progression --message="Restoring database..." --weight=3
|
||||
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
|
||||
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./db.sql
|
||||
ynh_mysql_create_db "$dbname" "$db_user" "$DB_PASSWORD"
|
||||
ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" < ./db.sql
|
||||
|
||||
# Restore systemd files
|
||||
systemctl daemon-reload
|
||||
|
@ -18,10 +18,9 @@ ynh_abort_if_errors
|
||||
ynh_script_progression --message="Loading installation settings..."
|
||||
domain=$(ynh_app_setting_get --app $app --key domain)
|
||||
path_url=$(ynh_normalize_url_path --path_url $(ynh_app_setting_get --app $app --key path))
|
||||
dbpass=$(ynh_app_setting_get --app $app --key mysqlpwd)
|
||||
DB_PASSWORD=$(ynh_app_setting_get --app $app --key mysqlpwd)
|
||||
admin=$(ynh_app_setting_get --app $app --key adminusername)
|
||||
key=$(ynh_app_setting_get --app $app --key secret_key)
|
||||
is_public=$(ynh_app_setting_get --app $app --key is_public)
|
||||
port=$(ynh_app_setting_get --app $app --key web_port)
|
||||
upstream_version=$(ynh_app_setting_get --app $app --key upstream_version)
|
||||
|
||||
@ -56,7 +55,7 @@ ynh_handle_app_migration --migration_id=gogs --migration_list=gogs_migrations
|
||||
if [[ $migration_process -eq 1 ]]; then
|
||||
# Reload variables
|
||||
dbname=$app
|
||||
dbuser=$app
|
||||
db_user=$app
|
||||
final_path="/opt/$app"
|
||||
DATADIR="/home/$app"
|
||||
REPO_PATH="$DATADIR/repositories"
|
||||
@ -74,7 +73,7 @@ if [[ $migration_process -eq 1 ]]; then
|
||||
|
||||
# Restore authentication from SQL database
|
||||
ynh_replace_string --match_string __APP__ --replace_string "$app" --target_file ../conf/login_source.sql
|
||||
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
|
||||
ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" < ../conf/login_source.sql
|
||||
|
||||
# Fix hooks
|
||||
if [[ -e $REPO_PATH ]];then
|
||||
@ -224,11 +223,7 @@ if ! ynh_permission_exists --permission admin; then
|
||||
ynh_permission_create --permission 'admin' --allowed "$admin"
|
||||
# Update ldap config
|
||||
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
|
||||
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
|
||||
fi
|
||||
if [ "$is_public" == '1' ];
|
||||
then
|
||||
ynh_permission_update --permission "main" --add "visitors"
|
||||
ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" < ../conf/login_source.sql
|
||||
fi
|
||||
|
||||
# Add gitea to YunoHost's monitored services
|
||||
|
Loading…
Reference in New Issue
Block a user