Update to version 1.10.0

Check for version update with script expected version versus installed
version

dicos/50_gitea.xml

@@ -1,7 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <creole>
     <files>
-        <!-- Je suis un commentaire -->
         <file filelist='gitea-nginx' name='/etc/nginx/sites-available/gitea' source='gitea.nginx' mkdir='True' rm='True'/>
         <file filelist='gitea' name='/usr/share/eole/bastion/data/51-gitea-nat_rules' mkdir='True' rm='True' mode='0755'/>
         <file filelist='gitea' name='/etc/eole/eole-db.d/gitea-db.yml' rm='True' mkdir='True'/>
@@ -14,15 +13,13 @@
         <container name='forge' id='101'>
             <package>apt-transport-https</package>
             <package>git-core</package>
-            <!-- FIXME this have to be installed <package>gitea</package> -->
             <file filelist='gitea' name='/etc/gitea/conf/app.ini' source='gitea.conf' mkdir='True' rm='True' mode='770' owner='root' group='gitservice'/>
-            <!-- <service servicelist='xxxx'>nom-du-service-a-lancer-dans-le-conteneur</service> -->
             <service servicelist='gitea'>forge</service>
             <service_access service='gitea_without_nginx'>
               <port service_accesslist="gitea_without_nginx" port_type="SymLinkOption">gitea_http_port</port>
             </service_access>
             <service_access service='gitea_ssh'>
-              <tcpwrapper>sshd</tcpwrapper>
+              <port service_accesslist="gitea_ssh'" port_type="SymLinkOption">gitea_ssh_port</port>
             </service_access>
         </container>
     </containers>

pretemplate/01-gitea-init

@@ -16,81 +16,120 @@ HOMEDIR="${WKDIR}/${USER}"
 OS="linux"
 ARCH="amd64"
 
-APPVERSION="1.8.2"
+APPVERSION="1.10.0"
 APPNAME="gitea"
 APPBINARY="gitea"
 APPSIG="7C9E68152594688862D62AF62D9AE806EC1592E2"
 APPASC="${APPNAME}-${APPVERSION}-${OS}-${ARCH}.asc"
-KEYSERV="pgp.mit.edu"
+KEYSERV="hkp://p80.pool.sks-keyservers.net:80"
 DLSERV="dl.gitea.io"
 APPDIR="${WKDIR}/gitea"
 APPBINDIR="${APPDIR}/bin"
 APPCONFDIR="/etc/${APPNAME}"
 
-if [[ -d ${APPCONFDIR} ]]
-then
-   exit 0
-fi
+function configure_proxy {
+   proxy=$(CreoleGet activer_proxy_client non)
+   if [[ ${proxy} == "oui" ]]
+   then
+      prAddr=$(CreoleGet proxy_client_adresse)
+      prPort=$(CreoleGet proxy_client_port)
+      export HTTP_PROXY=http://${prAddr}:${prPort}
+      export http_proxy=http://${prAddr}:${prPort}
+      export HTTPS_PROXY=http://${prAddr}:${prPort}
+      export https_proxy=http://${prAddr}:${prPort}
+   fi
+}
 
-proxy=$(CreoleGet activer_proxy_client non)
+function create_app_dir {
+   
+   mkdir -p "${APPDIR}"
+   chown ${USER}:${GROUP} "${APPDIR}" -R
 
-if [[ ${proxy} == "oui" ]]
-then
-   prAddr=$(CreoleGet proxy_client_adresse)
-   prPort=$(CreoleGet proxy_client_port)
-   export HTTP_PROXY=http://${prAddr}:${prPort}
-   export http_proxy=http://${prAddr}:${prPort}
-   export HTTPS_PROXY=http://${prAddr}:${prPort}
-   export https_proxy=http://${prAddr}:${prPort}
-fi
+   # Create app structure
+   mkdir -p ${APPDIR}/{custom,data,indexers,public,log}
+   chown ${USER}:${GROUP} ${APPDIR}/{data,indexers,log}
+   chmod 750 ${APPDIR}/{data,indexers,log}
+   mkdir -p "${APPCONFDIR}"
+   chown root:${GROUP} ${APPCONFDIR}
+   chmod 770 "${APPCONFDIR}"
 
-if [[ ! -d ${APPDIR} ]] 
-then
-   mkdir -p ${APPDIR}
-   chown ${USER}:${GROUP} ${APPDIR} -R
-fi
+   mkdir -p "${APPBINDIR}"
+   chown ${USER}:${GROUP} "${APPBINDIR}"
 
-# Create app user and group
-groupadd ${GROUP}
-adduser \
-   --shell ${USERSHELL} \
-   --gecos "${GECOS}" \
-   --ingroup ${GROUP} \
-   --disabled-password \
-   --home ${HOMEDIR} \
-   ${USER}
+}
 
-# Create app structure
-mkdir -p ${APPDIR}/{custom,data,indexers,public,log}
-chown ${USER}:${GROUP} ${APPDIR}/{data,indexers,log}
-chmod 750 ${APPDIR}/{data,indexers,log}
-mkdir ${APPCONFDIR}
-chown root:${GROUP} ${APPCONFDIR}
-chmod 770 ${APPCONFDIR}
+function create_user_and_group {
+   local existing_group=$(getent group ${GROUP})
+   if [ -z "${existing_group}" ]; then
+      groupadd ${GROUP}
+   fi
 
-if [[ ! -d ${APPBINDIR} ]]
-then
-   mkdir -p ${APPBINDIR}
-   chown ${USER}:${GROUP} ${APPBINDIR}
-fi
+   local existing_user=$(getent passwd ${USER})
+   if [ -z "${existing_user}" ]; then
+      adduser \
+         --shell ${USERSHELL} \
+         --gecos "${GECOS}" \
+         --ingroup ${GROUP} \
+         --disabled-password \
+         --home ${HOMEDIR} \
+         ${USER}
+   fi
+}
 
-cd $APPBINDIR
-if [[ ! -f ${APPBINARY} ]]
-then
-  wget -O ${APPBINARY} https://${DLSERV}/${APPNAME}/${APPVERSION}/${APPNAME}-${APPVERSION}-${OS}-${ARCH}
-  if [[ $? -eq  0 ]]
-  then
-     chmod +x ${APPBINARY}
-  else
-     echo "Error downloading binary for ${APPNAME}"
-     return 123
-  fi
-fi
+function download_binary {
+   local temp_bin=$(mktemp)
 
-if [[ ! -f ${APPASC} ]] 
-then
-   wget -O ${APPASC} https://${DLSERV}/${APPNAME}/${APPVERSION}/${APPASC}
+   wget -O "${temp_bin}" https://${DLSERV}/${APPNAME}/${APPVERSION}/${APPNAME}-${APPVERSION}-${OS}-${ARCH}
+   if [[ $? -ne  0 ]]
+   then
+      echo "Error downloading binary for ${APPNAME}"
+      return 123
+   fi
+
+   wget -O "${temp_bin}.asc" https://${DLSERV}/${APPNAME}/${APPVERSION}/${APPASC}
    gpg --keyserver ${KEYSERV} --recv ${APPSIG}
-   gpg --verify ${APPNAME}-${APPVERSION}-${OS}-${ARCH}.asc ${APPBINARY}
-fi
-cd -
+   gpg --verify "${temp_bin}.asc" "${temp_bin}"
+
+   if [[ $? -ne  0 ]]
+   then
+      echo "Error downloading binary for ${APPNAME}"
+      return 123
+   fi
+
+   cd $APPBINDIR
+   chmod +x "${temp_bin}"
+   mv -f "${temp_bin}" ${APPBINARY}
+   cd -
+}
+
+function current_gitea_version {
+   if [[ ! -f "${APPBINDIR}/${APPBINARY}" ]]
+   then
+      return
+   fi
+   "${APPBINDIR}/${APPBINARY}" --version | cut -d' ' -f 3
+}
+
+function main {
+   
+   # Check that installed version if ok
+   local current_version=$(current_gitea_version)
+   if [ "$current_version" == "$APPVERSION" ]; then
+      exit 0
+   fi
+   
+   if [ -z "$current_version" ]
+   then
+      echo "Installing Gitea ${APPVERSION}..."
+   else
+      echo "Upgrade Gitea from ${current_version} to ${APPVERSION}..."
+   fi
+   
+   configure_proxy
+   create_user_and_group
+   create_app_dir
+   download_binary
+   
+}
+
+main

tmpl/gitea-db.yml

@@ -34,8 +34,7 @@ createscript: "/usr/share/eole/db/gitea/gen/00-create-gitea-db.sql"
 %set cnt_prefix = %%getVar('container_path_reseau', '')
 pwd_files:
     - {file: '%%cnt_prefix/etc/gitea/conf/app.ini',
-       pattern: 'PASSWD   = ',
-       end_pattern: '',
+       pattern: 'PASSWD   = `',
+       end_pattern: '`',
        owner: 'root:gitservice',
        mod: '660' }
-

tmpl/gitea.conf

@@ -30,6 +30,7 @@ HTTP_ADDR =
 HTTP_PORT = %%gitea_http_port
 ; Disable SSH feature when not available
 DISABLE_SSH = false
+START_SSH_SERVER = true
 SSH_PORT = %%gitea_ssh_port
 ; Disable CDN even in "prod" mode
 OFFLINE_MODE = false
@@ -70,7 +71,7 @@ HOST = %%{gitea_dbserver}:%%{gitea_dbport}
 %end if
 NAME = gitea
 USER = gitea 
-PASSWD   = gitea1234
+PASSWD   = `gitea1234`
 ; For "postgres" only, either "disable", "require" or "verify-full"
 SSL_MODE = disable
 ; For "sqlite3" only