#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS source /usr/share/yunohost/helpers # Exit if an error occurs during the execution of the script ynh_abort_if_errors # Load common variables and helpers source ./experimental_helper.sh source ./_common.sh # Retrieve arguments domain=$YNH_APP_ARG_DOMAIN path_url=$(ynh_normalize_url_path $YNH_APP_ARG_PATH) admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC upstream_version=$(ynh_app_upstream_version) # Register (book) web path ynh_webpath_register --app $app --domain $domain --path_url $path_url # Check user parameter ynh_user_exists "$admin" \ || ynh_die --message "The chosen admin user does not exist." # Check Final Path availability test ! -e "$final_path" || ynh_die --message "This path already contains a folder" # Generate random password and key dbpass=$(ynh_string_random) key=$(ynh_string_random) # Find available ports port=$(ynh_find_port 6000) # Store Settings ynh_app_setting_set --app $app --key mysqlpwd --value $dbpass ynh_app_setting_set --app $app --key adminusername --value $admin ynh_app_setting_set --app $app --key is_public --value $is_public ynh_app_setting_set --app $app --key secret_key --value $key ynh_app_setting_set --app $app --key web_port --value $port #================================================= # STANDARD MODIFICATIONS #================================================= # Configure init script ynh_add_systemd_config # Modify Nginx configuration file and copy it to Nginx conf directory config_nginx # Initialize database and store mysql password for upgrade ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass" # Add users # We can't use the official helper (for now) because we need to set the shell for the login test getent passwd "$app" &>/dev/null || \ useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \ ynh_die --message "Unable to create $app system account" # Should be replaced by this when getops is available in the helper ynh_system_user_create (probably in Yunohost 3.5) # ynh_system_user_create --username= $app --home_dir=/opt/yunohost/$app --use_shell # create needed directories create_dir # Configure init script ynh_add_systemd_config # Modify Nginx configuration file and copy it to Nginx conf directory config_nginx # Configure gitea with app.ini file config_gitea # Install gitea ynh_setup_source $final_path source/$architecture # Set permissions set_permission # Start gitea for building mysql tables systemctl start "$app".service # Wait till login_source mysql table is created while ! $(ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null) do sleep 2 done # Add ldap config ynh_replace_string "__ADMIN__" "$admin" ../conf/login_source.sql ynh_replace_string "__APP__" "$app" ../conf/login_source.sql ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql # SETUP FAIL2BAN ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Failed authentication attempt for .* from " --max_retry 5 #================================================= # GENERIC FINALIZATION #================================================= # Unprotect root from SSO if public set_access_settings # Add gitea to YunoHost's monitored services yunohost service add "$app" --log "/var/log/$app/gitea.log" # Configure logrotate ynh_use_logrotate "/var/log/$app" # Save Version ynh_app_setting_set --app $app --key upstream_version --value $(ynh_app_upstream_version) # Reload services ynh_systemd_action -l "Serving \[::\]:$port with pid" -p "/var/log/$app/gitea.log" -t 10 sleep 1 # Store the checksum with the 'INTERNAL_TOKEN' value. # Should be removed when the issue https://github.com/go-gitea/gitea/issues/3246 is fixed ynh_store_file_checksum --file "$final_path/custom/conf/app.ini"