Update to version 1.10.0

Check for version update with script expected version versus installed
version

README.md

@@ -1 +1 @@
-Eolisation de Gogs !
+Eolisation de Gitea !

debian/compat

@@ -1 +0,0 @@
-9

debian/control

@@ -1,16 +0,0 @@
-Source: eole-gitea
-Section: web
-Priority: optional
-Maintainer: Cadoles <eole@ac-dijon.fr>
-Build-Depends: debhelper (>= 9)
-Standards-Version: 3.9.3
-Homepage: https://forge.cadoles.com/Cadoles/eole-gitea
-Vcs-Git: https://forge.cadoles.com/Cadoles/eole-gitea.git
-Vcs-Browser: https://forge.cadoles.com/Cadoles/eole-redis
-
-Package: eole-redis
-Architecture: all
-Depends: ${misc:Depends}, git-core, eole-db, eole-mysql
-Description: Dictionnaires et templates pour la configuration d'un serveur Gitea, testée uniquement avec eolebase
- .
- Pour toute information complémentaire, veuillez vous rendre sur la forge Cadoles.

debian/copyright

@@ -1,44 +0,0 @@
-Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Upstream-Name: {PROJECT}
-Source: {URL}
-
-Files: *
-Copyright: YEAR {UPSTREAM} {AUTHOR} <{MAIL}>
-License: {UPSTREAM LICENSE}
-
-Files: debian/*
-Copyright: 2012 Équipe EOLE <eole@ac-dijon.fr>
-License: CeCILL-2
-
-License: {UPSTREAM LICENSE}
- {TEXT OF THE LICENSE}
-
-License: CeCILL-2
- This software is governed by the CeCILL-2 license under French law and
- abiding by the rules of distribution of free software.  You can  use,
- modify and or redistribute the software under the terms of the CeCILL-2
- license as circulated by CEA, CNRS and INRIA at the following URL
- "http://www.cecill.info";.
- .
- As a counterpart to the access to the source code and  rights to copy,
- modify and redistribute granted by the license, users are provided only
- with a limited warranty  and the software's author,  the holder of the
- economic rights,  and the successive licensors  have only  limited
- liability.
- .
- In this respect, the user's attention is drawn to the risks associated
- with loading,  using,  modifying and/or developing or reproducing the
- software by the user in light of its specific status of free software,
- that may mean  that it is complicated to manipulate,  and  that  also
- therefore means  that it is reserved for developers  and  experienced
- professionals having in-depth computer knowledge. Users are therefore
- encouraged to load and test the software's suitability as regards their
- requirements in conditions enabling the security of their systems and/or
- data to be ensured and,  more generally, to use and operate it in the
- same conditions as regards security.
- .
- The fact that you are presently reading this means that you have had
- knowledge of the CeCILL-2 license and that you accept its terms.
- .
- On Eole systems, the complete text of the CeCILL-2 License can be found
- in '/usr/share/common-licenses/CeCILL-2-en'.

debian/eole-gitea.forge.service

@@ -1 +0,0 @@
-../systemd/forge.service

debian/gbp.conf

@@ -1,3 +0,0 @@
-# Set per distribution debian tag
-[DEFAULT]
-debian-tag = debian/eole/%(version)s

debian/rules

@@ -1,18 +0,0 @@
-#!/usr/bin/make -f
-# -*- makefile -*-
-
-# Uncomment this to turn on verbose mode.
-#export DH_VERBOSE=1
-
-%:
-	dh $@
-
-# Force init script name
-override_dh_installinit:
-	dh_installinit --noscripts -peole-redis --name=redis2-server $@
-
-override_dh_systemd_enable:
-	dh_systemd_enable -peole-redis --name=redis2-server
-
-override_dh_systemd_start:
-	dh_systemd_start -peole-server --no-start --no-restart-on-upgrade redis2-server

debian/source/format

@@ -1 +0,0 @@
-3.0 (native)

dicos/50_gitea.xml

@@ -1,7 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <creole>
     <files>
-        <!-- Je suis un commentaire -->
         <file filelist='gitea-nginx' name='/etc/nginx/sites-available/gitea' source='gitea.nginx' mkdir='True' rm='True'/>
         <file filelist='gitea' name='/usr/share/eole/bastion/data/51-gitea-nat_rules' mkdir='True' rm='True' mode='0755'/>
         <file filelist='gitea' name='/etc/eole/eole-db.d/gitea-db.yml' rm='True' mkdir='True'/>
@@ -14,15 +13,13 @@
         <container name='forge' id='101'>
             <package>apt-transport-https</package>
             <package>git-core</package>
-            <!-- FIXME this have to be installed <package>gitea</package> -->
             <file filelist='gitea' name='/etc/gitea/conf/app.ini' source='gitea.conf' mkdir='True' rm='True' mode='770' owner='root' group='gitservice'/>
-            <!-- <service servicelist='xxxx'>nom-du-service-a-lancer-dans-le-conteneur</service> -->
             <service servicelist='gitea'>forge</service>
             <service_access service='gitea_without_nginx'>
               <port service_accesslist="gitea_without_nginx" port_type="SymLinkOption">gitea_http_port</port>
             </service_access>
             <service_access service='gitea_ssh'>
-              <tcpwrapper>sshd</tcpwrapper>
+              <port service_accesslist="gitea_ssh'" port_type="SymLinkOption">gitea_ssh_port</port>
             </service_access>
         </container>
     </containers>
@@ -48,7 +45,7 @@
 
           <variable name='gitea_web_name' type='string' description='Nom DNS de la forge' mandatory='True'/>
           <variable name='git_root' type='string' description='Repertoire des dépôts git' mandatory='True'>
-            <value>/var/db/gitea/repo</value>
+            <value>/srv/forge/git</value>
           </variable>
           <variable name='gitea_registration' type='oui/non' description="Les utilisateurs peuvent s'enregistrer">
             <value>non</value>

pretemplate/01-gitea-init

@@ -16,81 +16,120 @@ HOMEDIR="${WKDIR}/${USER}"
 OS="linux"
 ARCH="amd64"
 
-APPVERSION="1.5.2"
+APPVERSION="1.10.0"
 APPNAME="gitea"
 APPBINARY="gitea"
 APPSIG="7C9E68152594688862D62AF62D9AE806EC1592E2"
 APPASC="${APPNAME}-${APPVERSION}-${OS}-${ARCH}.asc"
-KEYSERV="pgp.mit.edu"
+KEYSERV="hkp://p80.pool.sks-keyservers.net:80"
 DLSERV="dl.gitea.io"
 APPDIR="${WKDIR}/gitea"
 APPBINDIR="${APPDIR}/bin"
 APPCONFDIR="/etc/${APPNAME}"
 
-if [[ -d ${APPCONFDIR} ]]
-then
-   exit 0
-fi
+function configure_proxy {
+   proxy=$(CreoleGet activer_proxy_client non)
+   if [[ ${proxy} == "oui" ]]
+   then
+      prAddr=$(CreoleGet proxy_client_adresse)
+      prPort=$(CreoleGet proxy_client_port)
+      export HTTP_PROXY=http://${prAddr}:${prPort}
+      export http_proxy=http://${prAddr}:${prPort}
+      export HTTPS_PROXY=http://${prAddr}:${prPort}
+      export https_proxy=http://${prAddr}:${prPort}
+   fi
+}
 
-proxy=$(CreoleGet activer_proxy_client non)
+function create_app_dir {
    
-if [[ ${proxy} == "oui" ]]
-then
-   prAddr=$(CreoleGet proxy_client_adresse)
-   prPort=$(CreoleGet proxy_client_port)
-   export HTTP_PROXY=http://${prAddr}:${prPort}
-   export http_proxy=http://${prAddr}:${prPort}
-   export HTTPS_PROXY=http://${prAddr}:${prPort}
-   export https_proxy=http://${prAddr}:${prPort}
-fi
+   mkdir -p "${APPDIR}"
+   chown ${USER}:${GROUP} "${APPDIR}" -R
 
-if [[ ! -d ${APPDIR} ]] 
-then
-   mkdir -p ${APPDIR}
-   chown ${USER}:${GROUP} ${APPDIR} -R
-fi
+   # Create app structure
+   mkdir -p ${APPDIR}/{custom,data,indexers,public,log}
+   chown ${USER}:${GROUP} ${APPDIR}/{data,indexers,log}
+   chmod 750 ${APPDIR}/{data,indexers,log}
+   mkdir -p "${APPCONFDIR}"
+   chown root:${GROUP} ${APPCONFDIR}
+   chmod 770 "${APPCONFDIR}"
 
-# Create app user and group
-groupadd ${GROUP}
-adduser \
-   --shell ${USERSHELL} \
-   --gecos "${GECOS}" \
-   --ingroup ${GROUP} \
-   --disabled-password \
-   --home ${HOMEDIR} \
-   ${USER}
+   mkdir -p "${APPBINDIR}"
+   chown ${USER}:${GROUP} "${APPBINDIR}"
 
-# Create app structure
-mkdir -p ${APPDIR}/{custom,data,indexers,public,log}
-chown ${USER}:${GROUP} ${APPDIR}/{data,indexers,log}
-chmod 750 ${APPDIR}/{data,indexers,log}
-mkdir ${APPCONFDIR}
-chown root:${GROUP} ${APPCONFDIR}
-chmod 770 ${APPCONFDIR}
+}
 
-if [[ ! -d ${APPBINDIR} ]]
-then
-   mkdir -p ${APPBINDIR}
-   chown ${USER}:${GROUP} ${APPBINDIR}
-fi
+function create_user_and_group {
+   local existing_group=$(getent group ${GROUP})
+   if [ -z "${existing_group}" ]; then
+      groupadd ${GROUP}
+   fi
 
-cd $APPBINDIR
-if [[ ! -f ${APPBINARY} ]]
-then
-  wget -O ${APPBINARY} https://${DLSERV}/${APPNAME}/${APPVERSION}/${APPNAME}-${APPVERSION}-${OS}-${ARCH}
-  if [[ $? -eq  0 ]]
-  then
-     chmod +x ${APPBINARY}
-  else
-     echo "Error downloading binary for ${APPNAME}"
-     return 123
-  fi
-fi
+   local existing_user=$(getent passwd ${USER})
+   if [ -z "${existing_user}" ]; then
+      adduser \
+         --shell ${USERSHELL} \
+         --gecos "${GECOS}" \
+         --ingroup ${GROUP} \
+         --disabled-password \
+         --home ${HOMEDIR} \
+         ${USER}
+   fi
+}
 
-if [[ ! -f ${APPASC} ]] 
-then
-   wget -O ${APPASC} https://${DLSERV}/${APPNAME}/${APPVERSION}/${APPASC}
+function download_binary {
+   local temp_bin=$(mktemp)
+
+   wget -O "${temp_bin}" https://${DLSERV}/${APPNAME}/${APPVERSION}/${APPNAME}-${APPVERSION}-${OS}-${ARCH}
+   if [[ $? -ne  0 ]]
+   then
+      echo "Error downloading binary for ${APPNAME}"
+      return 123
+   fi
+
+   wget -O "${temp_bin}.asc" https://${DLSERV}/${APPNAME}/${APPVERSION}/${APPASC}
    gpg --keyserver ${KEYSERV} --recv ${APPSIG}
-   gpg --verify ${APPNAME}-${APPVERSION}-${OS}-${ARCH}.asc ${APPBINARY}
-fi
-cd -
+   gpg --verify "${temp_bin}.asc" "${temp_bin}"
+
+   if [[ $? -ne  0 ]]
+   then
+      echo "Error downloading binary for ${APPNAME}"
+      return 123
+   fi
+
+   cd $APPBINDIR
+   chmod +x "${temp_bin}"
+   mv -f "${temp_bin}" ${APPBINARY}
+   cd -
+}
+
+function current_gitea_version {
+   if [[ ! -f "${APPBINDIR}/${APPBINARY}" ]]
+   then
+      return
+   fi
+   "${APPBINDIR}/${APPBINARY}" --version | cut -d' ' -f 3
+}
+
+function main {
+   
+   # Check that installed version if ok
+   local current_version=$(current_gitea_version)
+   if [ "$current_version" == "$APPVERSION" ]; then
+      exit 0
+   fi
+   
+   if [ -z "$current_version" ]
+   then
+      echo "Installing Gitea ${APPVERSION}..."
+   else
+      echo "Upgrade Gitea from ${current_version} to ${APPVERSION}..."
+   fi
+   
+   configure_proxy
+   create_user_and_group
+   create_app_dir
+   download_binary
+   
+}
+
+main

systemd/forge.service

@@ -10,7 +10,7 @@ After=redis.service
 [Service]
 #LimitMEMLOCK=infinity
 #LimitNOFILE=65535
-RestartSec=2s
+RestartSec=4s
 Type=simple
 User=git
 Group=gitservice

tmpl/gitea-db.yml

@@ -34,8 +34,7 @@ createscript: "/usr/share/eole/db/gitea/gen/00-create-gitea-db.sql"
 %set cnt_prefix = %%getVar('container_path_reseau', '')
 pwd_files:
     - {file: '%%cnt_prefix/etc/gitea/conf/app.ini',
-       pattern: 'PASSWD   = ',
-       end_pattern: '',
+       pattern: 'PASSWD   = `',
+       end_pattern: '`',
        owner: 'root:gitservice',
        mod: '660' }
-

tmpl/gitea.conf

@@ -30,6 +30,7 @@ HTTP_ADDR =
 HTTP_PORT = %%gitea_http_port
 ; Disable SSH feature when not available
 DISABLE_SSH = false
+START_SSH_SERVER = true
 SSH_PORT = %%gitea_ssh_port
 ; Disable CDN even in "prod" mode
 OFFLINE_MODE = false
@@ -70,7 +71,7 @@ HOST = %%{gitea_dbserver}:%%{gitea_dbport}
 %end if
 NAME = gitea
 USER = gitea 
-PASSWD=gitea1234
+PASSWD   = `gitea1234`
 ; For "postgres" only, either "disable", "require" or "verify-full"
 SSL_MODE = disable
 ; For "sqlite3" only