Ajout de la première version de l'éolisation de Gogs

This commit is contained in:
Philippe Caseiro 2015-05-20 16:01:36 +02:00
parent fd3be13a99
commit 930f15e57c
13 changed files with 1025 additions and 0 deletions

42
.gitignore vendored Normal file
View File

@ -0,0 +1,42 @@
# Backup and swap files
*~
*#
*.swp
### Python code
*.py[cod]
# C extensions
*.so
# Packages
*.egg
*.egg-info
dist
build
eggs
parts
bin
var
sdist
develop-eggs
.installed.cfg
lib
lib64
__pycache__
# Installer logs
pip-log.txt
# Unit test / coverage reports
.coverage
.tox
nosetests.xml
# Translations
*.mo
# Mr Developer
.mr.developer.cfg
.project
.pydevproject

26
Makefile Normal file
View File

@ -0,0 +1,26 @@
################################
# Makefile pour eole-gogs
################################
SOURCE=eole-gogs
VERSION=0.6.1
EOLE_VERSION=2.4
PKGAPPS=non
#FLASK_MODULE=<APPLICATION>
################################
# Début de zone à ne pas éditer
################################
include eole.mk
include apps.mk
################################
# Fin de zone à ne pas éditer
################################
# Makefile rules dedicated to application
# if exists
ifneq (, $(strip $(wildcard $(SOURCE).mk)))
include $(SOURCE).mk
endif

64
apps.mk Normal file
View File

@ -0,0 +1,64 @@
#
# NE PAS EDITER CE FICHIER
#
# Voir Makefile
##########################
# Application web envole #
##########################
ifneq (, $(filter oui web, $(PKGAPPS)))
#
# Sanity check
#
ifeq (, $(filter-out X.X, $(strip $(VERSION))))
$(error $$(VERSION) variable has incorrect value '$(VERSION)')
endif
# Where to store web application files
WEB_PATH := $(DESTDIR)/var/www/html
# Envole
sharenvole_PROG_DIR := $(DESTDIR)/usr/share/envole/$(SOURCE)
src_$(SOURCE)-$(VERSION)_REC_DIR := $(WEB_PATH)/$(SOURCE)
src_plugins-$(VERSION)_REC_DIR := $(WEB_PATH)/$(SOURCE)/plugin
src_lang-$(VERSION)_REC_DIR := $(WEB_PATH)/$(SOURCE)/lang
endif
##########################
# Application EOLE flask #
##########################
ifneq (, $(filter flask, $(PKGAPPS)))
#
# Sanity check
#
ifeq (, $(filter-out XXX, $(strip $(FLASK_MODULE))))
$(error $$(FLASK_MODULE) variable has incorrect value '$(FLASK_MODULE)')
endif
ifeq (, $(strip $(wildcard src/$(FLASK_MODULE).conf)))
$(error missing eoleflask configuration file 'src/$(FLASK_MODULE).conf')
endif
# Everything is related to mount point
APPS_MOUNT_POINT := $(shell sed -ne 's|^"MOUNT_POINT"[[:space:]]*:[[:space:]]*"/\([^"]*\)",|\1|p' \
src/$(FLASK_MODULE).conf)
ifeq (, $(strip $(APPS_MOUNT_POINT)))
$(error no "MOUNT_POINT" in eoleflask configuration file 'src/$(FLASK_MODULE).conf')
endif
# eole-flask configuration
src_DATA_DIR := $(DESTDIR)/etc/eole/flask/available
# Where to store flask application files
FLASK_PATH := $(eole_DIR)/flask/$(APPS_MOUNT_POINT)
# static files
src_$(FLASK_MODULE)_static_REC_DIR := $(FLASK_PATH)/static
src_$(FLASK_MODULE)_templates_REC_DIR := $(FLASK_PATH)/templates
src_$(FLASK_MODULE)_instance_REC_DIR := $(FLASK_PATH)/resources
endif

71
dicos/50_gogs.xml Normal file
View File

@ -0,0 +1,71 @@
<?xml version="1.0" encoding="utf-8"?>
<creole>
<files>
<!-- Je suis un commentaire -->
<file filelist='gogs-nginx' name='/etc/nginx/sites-available/gogs' source='gogs.nginx' mkdir='True' rm='True'/>
<file filelist='gogs' name='/usr/share/eole/bastion/data/51-gogs-nat_rules' mkdir='True' rm='True' mode='0755'/>
<file filelist='gogs' name='/usr/share/eole/mysql/eole-gogs/gen/00-create-gogs-db.sql' mkdir='True' rm='True'/>
<service_access service='gogs_with_nginx'>
<port service_accesslist="gogs_with_nginx">443</port>
</service_access>
</files>
<containers>
<container name='forge' id='101'>
<package>apt-transport-https</package>
<package>sqlite3</package>
<package>gogs</package>
<file filelist='gogs' name='/etc/gogs/conf/app.ini' source='gogs.conf' mkdir='True' rm='True'/>
<!-- <service servicelist='xxxx'>nom-du-service-a-lancer-dans-le-conteneur</service> -->
<service servicelist='gogs'>gogs</service>
<service_access service='gogs_without_nginx'>
<port service_accesslist="gogs_without_nginx" port_type="SymLinkOption">git_http_port</port>
</service_access>
</container>
</containers>
<variables>
<family name='services'>
<variable name='activer_gogs' type='oui/non' description='Activer la forge Gogs'>
<value>non</value>
</variable>
</family>
<family name='forge'>
<variable name='gogs_web_name' type='string' description='Nom DNS de la forge' mandatory='True'/>
<variable name='git_root' type='string' description='Repertoire des dépôts git' mandatory='True'>
<value>/var/db/gogs/repo</value>
</variable>
<variable name='git_http_port' type='string' description='Port HTTP pour la forge' mode='expert'>
<value>3000</value>
</variable>
<variable name='git_ssh_port' type='string' description='Port SSH pour la forge' mode='expert'>
<value>2222</value>
</variable>
<variable name='gogs_db_file' type='string' description='Fichier de base de données' mode='expert'>
<value>/var/db/gogs/gogs.db</value>
</variable>
<variable name='git_domain' type='string' description='Domaine git ... fixme ...' mode='expert'>
<value>localhost</value>
</variable>
</family>
</variables>
<constraints>
<condition name='disabled_if_in' source='activer_gogs'>
<param>non</param>
<target type='filelist'>gogs</target>
<target type='filelist'>gogs-nginx</target>
<target type='servicelist'>gogs</target>
<target type='family'>forge</target>
</condition>
<condition name='disabled_if_in' source='activer_revprox'>
<param>non</param>
<target type='filelist'>gogs-nginx</target>
<target type='service_accesslist'>gogs_with_nginx</target>
</condition>
<condition name='disabled_if_in' source='activer_revprox'>
<param>oui</param>
<target type='service_accesslist'>gogs_without_nginx</target>
</condition>
</constraints>
<help>
<variable name='activer_gogs'>Activer la forge gogs, gogs est une forge basée sur Git clone de github</variable>
</help>
</creole>

216
eole.mk Normal file
View File

@ -0,0 +1,216 @@
#
# NE PAS EDITER CE FICHIER
#
# Utiliser <appli>.mk à inclure à la fin de Makefile
#################
# Sanity checks #
#################
ifeq (, $(DESTDIR))
$(warning $$(DESTDIR) is empty, installation will be done in /)
endif
ifeq (, $(filter-out XXX-XXX, $(strip $(SOURCE))))
$(error $$(SOURCE) variable has incorrect value '$(SOURCE)')
endif
#########################
# Variables definitions #
#########################
INSTALL := install
INSTALL_DATA := install -m 644
INSTALL_PROGRAM := install -m 755
INSTALL_DIRECTORY := install -m 755 -d
INSTALL_RECURSIVE := cp -dr --no-preserve=ownership
# Standard path
bin_PROG_DIR := $(DESTDIR)/usr/bin
sbin_PROG_DIR := $(DESTDIR)/usr/sbin
man8_DATA_DIR := $(DESTDIR)/usr/share/man/fr.UTF-8/man8
# Base
eole_DIR := $(DESTDIR)/usr/share/eole
ifeq ($(strip $(EOLE_VERSION)), 2.3)
diagnose_PROG_DIR := $(eole_DIR)/diagnose/module
else
diagnose_PROG_DIR := $(eole_DIR)/diagnose/
endif
# Creole
creole_DIR := $(eole_DIR)/creole
dicos_DATA_DIR := $(creole_DIR)/dicos
tmpl_DATA_DIR := $(creole_DIR)/distrib
preservice_PROG_DIR := $(eole_DIR)/preservice
pretemplate_PROG_DIR := $(eole_DIR)/pretemplate
posttemplate_PROG_DIR := $(eole_DIR)/posttemplate
postservice_PROG_DIR := $(eole_DIR)/postservice
ifeq ($(strip $(EOLE_VERSION)), 2.3)
firewall_DATA_DIR := $(eole_DIR)/firewall
endif
bacula_restore_DATA_DIR := $(eole_DIR)/bacula/restore
bacula_fichier_DATA_DIR := $(DESTDIR)/etc/bacula/baculafichiers.d
ifeq ($(strip $(EOLE_VERSION)), 2.3)
schedule_pre_PROG_DIR := $(eole_DIR)/schedule/pre
schedule_post_PROG_DIR := $(eole_DIR)/schedule/post
else
schedule_scripts_PROG_DIR := $(eole_DIR)/schedule/scripts
endif
extra_REC_DIR := $(creole_DIR)/extra
# Zéphir
zephir_DATA_DIR := $(DESTDIR)/usr/share/zephir
zephir_configs_DATA_DIR := $(zephir_DATA_DIR)/monitor/configs
zephir_srv_DATA_DIR := $(zephir_configs_DATA_DIR)/services
zephir_scripts_PROG_DIR := $(zephir_DATA_DIR)/scripts
# SSO
sso_DATA_DIR := $(DESTDIR)/usr/share/sso
sso_filtres_DATA_DIR := $(sso_DATA_DIR)/app_filters
sso_user-info_DATA_DIR := $(sso_DATA_DIR)/user_infos
# EAD
ead_DATA_DIR := $(DESTDIR)/usr/share/ead2/backend/config
ead_actions_DATA_DIR := $(ead_DATA_DIR)/actions
ead_perms_DATA_DIR := $(ead_DATA_DIR)/perms
ead_roles_DATA_DIR := $(ead_DATA_DIR)/roles
# Program libraries goes under /usr/lib/<PROGRAM>/
lib_$(SOURCE)_DATA_DIR := $(DESTDIR)/usr/lib/$(SOURCE)
# Scripts Eole
scripts_PROG_DIR := $(eole_DIR)/sbin
lib_eole_DATA_DIR := $(DESTDIR)/usr/lib/eole
# LDAP
ldap_passwords_DATA_DIR := $(eole_DIR)/annuaire/password_files
# LXC
lxc_DATA_DIR := $(eole_DIR)/lxc
lxc_fstab_DATA_DIR := $(lxc_DATA_DIR)/fstab
lxc_hosts_DATA_DIR := $(lxc_DATA_DIR)/hosts
# SQL
sql_DATA_DIR := $(eole_DIR)/mysql/$(SOURCE)
sql_gen_DATA_DIR := $(sql_DATA_DIR)/gen
sql_updates_DATA_DIR := $(sql_DATA_DIR)/updates
sql_conf_gen_DATA_DIR := $(eole_DIR)/applications/gen
sql_conf_passwords_DATA_DIR := $(eole_DIR)/applications/passwords
sql_conf_updates_DATA_DIR := $(eole_DIR)/applications/updates/$(SOURCE)
# Certifs
certs_DATA_DIR := $(eole_DIR)/certs
# Logrotate
logrotate_DATA_DIR := $(DESTDIR)/etc/logrotate.d
# Cron
cron_PROG_DIR := $(DESTDIR)/etc/cron.daily
# Python modules
ifneq ($(DESTDIR),)
PYTHON_OPTS := --root $(DESTDIR)
endif
# Translation
TRANSLATION_SRC := translation
TRANSLATION_DEST := $(DESTDIR)/usr/share/locale
PO_FILES = $(wildcard $(TRANSLATION_SRC)/*/*.po)
MO_FOLDERS = $(addprefix $(TRANSLATION_DEST), $(addsuffix LC_MESSAGES,$(subst $(TRANSLATION_SRC),,$(dir $(PO_FILES)))))
#############################################
# Common directories and files installation #
#############################################
all:
$(MO_FOLDERS):
$(INSTALL_DIRECTORY) $@
$(PO_FILES): $(MO_FOLDERS)
msgfmt -o $(TRANSLATION_DEST)$(subst $(TRANSLATION_SRC),,$(addsuffix LC_MESSAGES,$(dir $@)))/$(notdir $(@:.po=.mo)) $@
install-lang: $(PO_FILES)
install:: install-dirs install-files install-lang
# $1 = command to run
# $2 = source directory
# $3 = destination directory
define fc_install_file
if [ -d $2 ]; then \
for file in `ls -1 $2/`; do \
$1 $2/$$file $3 || true; \
done; \
fi
endef
##
## Directory creation
##
# use % to catch local name in $*
# data, program and recursive directory require a corresponding
# directory in local sources
%_DATA_DIR %_PROG_DIR %REC_DIR:
test ! -d $(subst _,/,$*) || $(INSTALL_DIRECTORY) $($@)
# Create the directory referenced by the variable without a local one.
%_DIR:
$(INSTALL_DIRECTORY) $($@)
##
## Install files present directly under data, program and recursive directories
##
# $* : name of variable
# $($*): value of variable
%-instdata:
$(call fc_install_file, $(INSTALL_DATA), $(subst _,/,$(subst _DATA_DIR,,$*)), $($*))
%-instprog:
$(call fc_install_file, $(INSTALL_PROGRAM), $(subst _,/,$(subst _PROG_DIR,,$*)), $($*))
%-instrec:
$(call fc_install_file, $(INSTALL_RECURSIVE), $(subst _,/,$(subst _REC_DIR,,$*)), $($*))
# Use second expansion as variables may be created in included
# Makefiles
.SECONDEXPANSION:
# List of all directories
installdirs_LIST = $(foreach V, $(filter %_DIR, $(.VARIABLES)), \
$(if $(filter file, $(origin $(V))), \
$(V)))
# List of data directories
installdata_LIST = $(filter %_DATA_DIR, $(installdirs_LIST))
# List of program directories
installprog_LIST = $(filter %_PROG_DIR, $(installdirs_LIST))
# List of recursive directories
installrec_LIST = $(filter %_REC_DIR, $(installdirs_LIST))
# Expand directories to create as dependency
# Use double-colon to permit user to define additionnal install-dirs
install-dirs:: $$(installdirs_LIST)
# Expand files to install as dependency
# Use double-colon to permit user to define additionnal install-files
install-files:: install-data-files install-prog-files install-rec-dirs
install-data-files: $$(patsubst %,%-instdata,$$(installdata_LIST))
install-prog-files: $$(patsubst %,%-instprog,$$(installprog_LIST))
install-rec-dirs: $$(patsubst %,%-instrec,$$(installrec_LIST))
# Installation of python modules
ifeq ($(shell test -f setup.py && echo 0), 0)
install-files::
python setup.py install --no-compile --install-layout=deb $(PYTHON_OPTS)
endif
.PHONY: install install-dirs install-files install-data-files install-prog-files install-rec-dirs

11
posttemplate/01-gogs-nginx Executable file
View File

@ -0,0 +1,11 @@
#!/bin/bash
ENABLE=`CreoleGet activer_gogs 'non'`
if [ -L /etc/nginx/sites-enabled/gogs ];then
rm -f /etc/nginx/sites-enabled/gogs
fi
if [ "${ENABLE}" = 'oui' ];then
ln -s /etc/nginx/sites-available/gogs /etc/nginx/sites-enabled/gogs
fi

221
scripts/skelton Executable file
View File

@ -0,0 +1,221 @@
#!/bin/sh
#------------------------------------------------------------------------
# ${SELF} (${SELF_VERSION}) - Display a message on standard output
# Copyright © 2014 Pôle de compétences EOLE <eole@ac-dijon.fr>
#
# License CeCILL:
# * in french: http://www.cecill.info/licences/Licence_CeCILL_V2-fr.html
# * in english http://www.cecill.info/licences/Licence_CeCILL_V2-en.html
#------------------------------------------------------------------------
# Changes:
# 0.0.4 Add log utilities with a dedicated developper documentation
# 0.0.3 Add “--sources” option to write “${SELF}” code on standard output
# 0.0.2 Take care of DEBUG=yes environment variable
# 0.0.1 Initial release
#------------------------------------------------------------------------
# Usage: ${SELF} [--message <TEXT> | <OPTION>]
#
# Display a message on standard output.
#
# Options:
# --------
#
# -m, --message <TEXT> Display <TEXT> on standard output.
# Default: “${MESSAGE}"
# -d, --debug Enable debug messages
# -h, --help Show this message
# -v, --version Display version and copyright information
# -c, --copyright Display copyright information
# -l, --licence Display licence information
# --changes Display ChangeLog information
# -s, --sources Output software sources on standard output.
#
# Mandatory dependencies:
# -----------------------
# * “sh” like shell
# * “echo” with “-e” option
# * perl
#
# Optional dependencies:
# ----------------------
# None
#
# Bugs:
# ----
# Report bug to Équipe EOLE <eole@ac-dijon.fr>
# bugtracker: http://dev-eole.ac-dijon.fr/projects/<EOLE-SKELETOR>/issues
#------------------------------------------------------------------------
# Debug, first thing to do if something goes wrong, even in utilities
#
# “${DEBUG}” can be:
# - “all” to set “-x” option of the shell
# - “true” to enable the “debug()” function, set by “--debug” option
set -e
if [ "${DEBUG}" = 'all' ]
then
set -x
fi
#------------------------------------------------------------------------
# Utilities for developpers:
#
# log ($@): write all parameters on standard output and call “flog()” to
# write them in a file named “${LOG_FILE}” if it's:
# - defined
# - not a symlink
# - a file or a named pipe or a socket
# - writable or its parent directory is writable to create
# a regular file.
#
# warn($@): call “log()” with all parameters, output of log() is
# redirected to standard error.
#
# die($@): call “warn()” with all parameters, exit with code stored in
# “${EXIT_CODE}” or “1” if it does not exit.
#
# debug($@): call “warn()” with all parameters if “${DEBUG}" is
# “true”, the message is prefixed by the script name stored
# in “${SELF}”
#
# flog ($@): write all parameters prefixed by current date and time
# in a file named “${LOG_FILE}" if the variable is not empty.
# The caller is responsible of the writable check of “${LOG_FILE}”.
# Take care of “-e” option to echo
type shopt > /dev/null && ECHO=echo || ECHO=/bin/echo
## Logger functions
# Check if “log()” could write to “${LOG_FILE}”
log_writable() {
# First: check that filename is defined and not a symlink
# Second: check that filename is a file, a named pipe or a socket
# Thirt: if filename is writable or if its parent directory is writable
[ -n "${1}" -a ! -L "${1}" ] \
&& [ -f "${1}" -o -p "${1}" -o -S "${1}" ] \
&& [ -w "${1}" -o -w "$(dirname ${1})" ]
}
flog() { [ -z "${LOG_FILE}" ] || ${ECHO} -e "$(date "+%Y-%m-%d %H:%M:%S"): $@" >> "${LOG_FILE}"; }
log() { ${ECHO} -e "$@"; log_writable "${LOG_FILE}" && flog "$@" || true; }
warn() { log "$@" >&2; }
debug() { [ "${DEBUG}" = all -o "${DEBUG}" = true ] && warn "${SELF}: $@" || true; }
die() { warn "$@"; exit ${EXIT_CODE:-1}; }
## Common option functions
# Display list of changes
changes(){
${ECHO} -e "${SELF}\n"
perl -lne "s<\\$\\{([^\\}]+)\\}><\$ENV{\$1}>gxms;
print substr(\$_, 2) if (/^# Changes/ .. /^\$/) =~ /^\\d+\$/" < "${0}"
}
# Set SELF_VERSION variable
self_version() {
[ -z "${SELF_VERSION}" ] || return
export SELF_VERSION=$(changes 2>&1 \
| perl -lane 'if (m/^\s+\d+(?:\.\d+)*/) {print $F[0]; exit}')
}
# Display usage
usage() {
self_version
perl -lne "s<\\$\\{([^\\}]+)\\}><\$ENV{\$1}>gxms;
print substr(\$_, 2) if (/^# Usage/ .. /^\$/) =~ /^\\d+\$/" < "${0}"
}
# Display licence
licence() {
self_version
perl -lne "s<\\$\\{([^\\}]+)\\}><\$ENV{\$1}>gxms;
print substr(\$_, 2) if (/^# ${SELF} \(${SELF_VERSION}\)/ .. /^\$/) =~ /^\\d+\$/" < "${0}"
}
# Display sources making the software AGPL-3 ready
sources() {
cat < "${0}"
}
#------------------------------------------------------------------------
# Global variables:
#
# Use “export” to make them available to subprocesses
#
# Empty log file by default
LOG_FILE=
# Used by common options functions, do not unexport or they fail
export SELF=$(basename $(readlink -e "${0}"))
export SELF_VERSION= # Set by function, here for reference
# Program specific variables, export to use it in “usage()”
export MESSAGE="Hello World!"
#------------------------------------------------------------------------
# Options
TEMP=$(getopt -o m:dhvcls --long message:,debug,help,version,copyright,licence,changes,sources -- "$@")
test $? = 0 || exit 1
eval set -- "${TEMP}"
while true
do
case "${1}" in
# Default options for utilities
-h|--help)
usage
exit 0
;;
-v|--version)
licence | head -n 2
exit 0
;;
-c|--copyright)
licence | tail -n +2
exit 0
;;
-l|--licence)
licence
exit 0
;;
--changes)
changes
exit 0
;;
-s|--sources)
sources
exit 0
;;
-d|--debug)
DEBUG=true
shift
;;
# Program options
-m|--message)
[ -n "${2}" ] || die "Message must not be empty"
export MESSAGE="${2}"
shift 2
;;
# End of options
--)
shift
break
;;
*)
die "Error: unknown argument '${1}'"
;;
esac
done
#------------------------------------------------------------------------
# Start program
debug "This is a debug message on standard error"
${ECHO} "${MESSAGE}"

22
sql/conf/gen/gogs.py Normal file
View File

@ -0,0 +1,22 @@
#-*-coding:utf-8-*-
###########################################################################
#
# mon_appli.py
#
###########################################################################
"""
Configuration pour la création de la base de données de mon appli
"""
from eolesql.db_test import db_exists, test_var
gogs_TABLEFILENAMES = [ '/usr/share/eole/mysql/eole-gogs/gen/00-create-gogs-db.sql' ]
def test():
"""
test l'existence de la base de donnée zarafa
"""
return test_var('activer_gogs') and not db_exists('gogs')
conf_dict = dict(filenames=gogs_TABLEFILENAMES,
test=test)

View File

@ -0,0 +1,5 @@
[gogs]
username=gogs
template=PASSWD=
container=forge
filename=/etc/gogs/conf/app.ini

View File

@ -0,0 +1,14 @@
-- example de création d'une base de données MySQL
-- création de la base de donnée
CREATE DATABASE gogs CHARACTER SET utf8 COLLATE utf8_general_ci;
-- création du user de la base
grant all privileges on gogs.* to gogs@%%container_ip_forge identified by 'gogs1234';
flush privileges ;
-- connexion à la base
\r ma_database
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";

9
tmpl/51-gogs-nat_rules Normal file
View File

@ -0,0 +1,9 @@
#!/bin/bash
#
# Rules for SSH git clone
#
/sbin/iptables -A eth0-cont -s 0/0 -p tcp --syn --dport %%git_ssh_port -d %%container_ip_forge -j ACCEPT
%if %%getVar('mode_conteneur_actif','non') == 'oui'
/sbin/iptables -t nat -A PREROUTING -i eth0 -s 0/0 -p tcp --syn --dport %%git_ssh_port -j DNAT --to-destination %%container_ip_forge:%%git_ssh_port
%end if

299
tmpl/gogs.conf Normal file
View File

@ -0,0 +1,299 @@
# NEVER EVER MODIFY THIS FILE
# PLEASE MAKE CHANGES ON CORRESPONDING CUSTOM CONFIG FILE
; App name that shows on every page title
APP_NAME = Gogs: Go Git Service
; Change it if you run locally
RUN_USER = gogs
; Either "dev", "prod" or "test", default is "dev"
RUN_MODE = prod
[repository]
ROOT = %%git_root
SCRIPT_TYPE = bash
[server]
PROTOCOL = https
%if %%getVar('activer_revprox','non') == 'oui'
DOMAIN = localhost
%else
DOMAIN = %%container_ip_forge
%end if
ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
HTTP_ADDR =
HTTP_PORT = %%git_http_port
; Disable SSH feature when not available
DISABLE_SSH = false
SSH_PORT = %%git_ssh_port
; Disable CDN even in "prod" mode
OFFLINE_MODE = false
DISABLE_ROUTER_LOG = false
; Generate steps:
; $ cd path/to/gogs/custom/https
; $ ./gogs cert -ca=true -duration=8760h0m0s -host=myhost.example.com
;
; Or from a .pfx file exported from the Windows certificate store (do
; not forget to export the private key):
; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
CERT_FILE = %%server_pem
KEY_FILE = %%server_key
; Upper level of template and static file path
; default is the path where Gogs is executed
STATIC_ROOT_PATH =
; Application level GZIP support
ENABLE_GZIP = false
; Landing page for non-logged users, can be "home" or "explore"
LANDING_PAGE = home
[database]
; Either "mysql", "postgres" or "sqlite3", it's your choice
DB_TYPE = mysql
HOST = %%container_ip_mysql:3306
NAME = gogs
USER = gogs
PASSWD=gogs1234
; For "postgres" only, either "disable", "require" or "verify-full"
SSL_MODE = disable
; For "sqlite3" only
; PATH = %%gogs_db_file
[admin]
[security]
INSTALL_LOCK = true
; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
SECRET_KEY = !#@FDEWREWR&*(
; Auto-login remember days
LOGIN_REMEMBER_DAYS = 7
COOKIE_USERNAME = gogs_awesome
COOKIE_REMEMBER_NAME = gogs_incredible
; Reverse proxy authentication header name of user name
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
[service]
ACTIVE_CODE_LIVE_MINUTES = 180
RESET_PASSWD_CODE_LIVE_MINUTES = 180
; User need to confirm e-mail for registration
REGISTER_EMAIL_CONFIRM = false
; Does not allow register and admin create account only
DISABLE_REGISTRATION = false
; User must sign in to view anything.
REQUIRE_SIGNIN_VIEW = false
; Cache avatar as picture
ENABLE_CACHE_AVATAR = false
; Mail notification
ENABLE_NOTIFY_MAIL = false
; More detail: https://github.com/gogits/gogs/issues/165
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
; Do not check minimum key size with corresponding type
DISABLE_MINIMUM_KEY_SIZE_CHECK = false
[webhook]
; Cron task interval in minutes
TASK_INTERVAL = 1
; Deliver timeout in seconds
DELIVER_TIMEOUT = 5
; Allow insecure certification
SKIP_TLS_VERIFY = false
[mailer]
ENABLED = false
; Buffer length of channel, keep it as it is if you don't know what it is.
SEND_BUFFER_LEN = 10
; Name displayed in mail title
SUBJECT = %(APP_NAME)s
; Mail server
; Gmail: smtp.gmail.com:587
; QQ: smtp.qq.com:25
; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
HOST =
; Do not verify the certificate of the server. Only use this for self-signed certificates
SKIP_VERIFY =
; Use client certificate
USE_CERTIFICATE = false
CERT_FILE = custom/mailer/cert.pem
KEY_FILE = custom/mailer/key.pem
; Mail from address, RFC 5322. This can be just an email address, or the "Name" <email@example.com> format
FROM =
; Mailer user name and password
USER =
PASSWD =
[oauth]
ENABLED = false
[oauth.github]
ENABLED = false
CLIENT_ID =
CLIENT_SECRET =
SCOPES = https://api.github.com/user
AUTH_URL = https://github.com/login/oauth/authorize
TOKEN_URL = https://github.com/login/oauth/access_token
; Get client id and secret from
; https://console.developers.google.com/project
[oauth.google]
ENABLED = false
CLIENT_ID =
CLIENT_SECRET =
SCOPES = https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
AUTH_URL = https://accounts.google.com/o/oauth2/auth
TOKEN_URL = https://accounts.google.com/o/oauth2/token
[oauth.qq]
ENABLED = false
CLIENT_ID =
CLIENT_SECRET =
SCOPES = get_user_info
; QQ 互联
AUTH_URL = https://graph.qq.com/oauth2.0/authorize
TOKEN_URL = https://graph.qq.com/oauth2.0/token
[oauth.weibo]
ENABLED = false
CLIENT_ID =
CLIENT_SECRET =
SCOPES = all
AUTH_URL = https://api.weibo.com/oauth2/authorize
TOKEN_URL = https://api.weibo.com/oauth2/access_token
[cache]
; Either "memory", "redis", or "memcache", default is "memory"
ADAPTER = memory
; For "memory" only, GC interval in seconds, default is 60
INTERVAL = 60
; For "redis" and "memcache", connection host address
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; memcache: `127.0.0.1:11211`
HOST =
[session]
; Either "memory", "file", "redis" or "mysql", default is "memory"
PROVIDER = memory
; Provider config options
; memory: not have any config yet
; file: session file path, e.g. `data/sessions`
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
PROVIDER_CONFIG = data/sessions
; Session cookie name
COOKIE_NAME = i_like_gogits
; If you use session in https only, default is false
COOKIE_SECURE = false
; Enable set cookie, default is true
ENABLE_SET_COOKIE = true
; Session GC time interval, default is 86400
GC_INTERVAL_TIME = 86400
; Session life time, default is 86400
SESSION_LIFE_TIME = 86400
[picture]
; The place to picture data, either "server" or "qiniu", default is "server"
SERVICE = server
AVATAR_UPLOAD_PATH = data/avatars
; Chinese users can choose "duoshuo"
GRAVATAR_SOURCE = gravatar
DISABLE_GRAVATAR = false
[attachment]
; Whether attachments are enabled. Defaults to `true`
ENABLE = true
; Path for attachments. Defaults to `data/attachments`
PATH = data/attachments
; One or more allowed types, e.g. image/jpeg|image/png
ALLOWED_TYPES = image/jpeg|image/png
; Max size of each file. Defaults to 32MB
MAX_SIZE = 32
; Max number of files per upload. Defaults to 10
MAX_FILES = 10
[time]
; Specifies the format for fully outputed dates. Defaults to RFC1123
; Special supported values are ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano
; For more information about the format see http://golang.org/pkg/time/#pkg-constants
FORMAT =
[log]
ROOT_PATH =
; Either "console", "file", "conn", "smtp" or "database", default is "console"
; Use comma to separate multiple modes, e.g. "console, file"
MODE = console
; Buffer length of channel, keep it as it is if you don't know what it is.
BUFFER_LEN = 10000
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
LEVEL = Trace
; For "console" mode only
[log.console]
LEVEL =
; For "file" mode only
[log.file]
LEVEL =
; This enables automated log rotate(switch of following options), default is true
LOG_ROTATE = true
; Max line number of single file, default is 1000000
MAX_LINES = 1000000
; Max size shift of single file, default is 28 means 1 << 28, 256MB
MAX_SIZE_SHIFT = 28
; Segment log daily, default is true
DAILY_ROTATE = true
; Expired days of log file(delete after max days), default is 7
MAX_DAYS = 7
; For "conn" mode only
[log.conn]
LEVEL =
; Reconnect host for every single message, default is false
RECONNECT_ON_MSG = false
; Try to reconnect when connection is lost, default is false
RECONNECT = false
; Either "tcp", "unix" or "udp", default is "tcp"
PROTOCOL = tcp
; Host address
ADDR =
; For "smtp" mode only
[log.smtp]
LEVEL =
; Name displayed in mail title, default is "Diagnostic message from serve"
SUBJECT = Diagnostic message from serve
; Mail server
HOST =
; Mailer user name and password
USER =
PASSWD =
; Receivers, can be one or more, e.g. ["1@example.com","2@example.com"]
RECEIVERS =
; For "database" mode only
[log.database]
LEVEL =
; Either "mysql" or "postgres"
DRIVER =
; Based on xorm, e.g.: root:root@localhost/gogs?charset=utf8
CONN =
[git]
MAX_GIT_DIFF_LINES = 10000
; Arguments for command 'git gc', e.g.: "--aggressive --auto"
; see more on http://git-scm.com/docs/git-gc/1.7.5
GC_ARGS =
; Git health check.
[git.fsck]
ENABLE = true
; Execution interval in hours. Default is 24.
INTERVAL = 24
; Arguments for command 'git fsck', e.g.: "--unreachable --tags"
; see more on http://git-scm.com/docs/git-fsck/1.7.5
ARGS =
[i18n]
LANGS = en-US,zh-CN,zh-HK,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL
NAMES = English,简体中文,繁體中文,Deutsch,Français,Nederlands,Latviešu,Русский,日本语,Español,Português,Polski
[other]
SHOW_FOOTER_BRANDING = false

25
tmpl/gogs.nginx Normal file
View File

@ -0,0 +1,25 @@
server {
listen 443;
ssl on;
ssl_certificate %%server_cert;
ssl_certificate_key %%server_key;
ssl_client_certificate /etc/ssl/certs/ca.crt;
access_log /var/log/nginx/revprox.revprox_http.access-ssl.log;
server_name %%gogs_web_name;
error_page 403 404 502 503 504 /nginx.html;
location = /nginx.html{
root /usr/share/nginx/www;
}
location / {
proxy_pass https://%%container_ip_forge:%%git_http_port;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Destination $dest;
set $dest $http_destination;
#2132
index 50x.html;
root /usr/share/nginx/www/;
}
}