Updating to 1.16.8

Check for version update with script expected version versus installed
version

Makefile

@@ -3,8 +3,8 @@
 ################################
 
 SOURCE=eole-gitea
-VERSION=1.5.2
-EOLE_VERSION=2.6.2
+VERSION=1.13.2
+EOLE_VERSION=2.7.2
 PKGAPPS=non
 #FLASK_MODULE=<APPLICATION>
 

dicos/50_gitea.xml

@@ -1,7 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <creole>
     <files>
-        <!-- Je suis un commentaire -->
         <file filelist='gitea-nginx' name='/etc/nginx/sites-available/gitea' source='gitea.nginx' mkdir='True' rm='True'/>
         <file filelist='gitea' name='/usr/share/eole/bastion/data/51-gitea-nat_rules' mkdir='True' rm='True' mode='0755'/>
         <file filelist='gitea' name='/etc/eole/eole-db.d/gitea-db.yml' rm='True' mkdir='True'/>
@@ -11,120 +10,124 @@
         </service_access>
     </files>
     <containers>
-        <container name='forge' id='101'>
-            <package>apt-transport-https</package>
-            <package>git-core</package>
-            <!-- FIXME this have to be installed <package>gitea</package> -->
-            <file filelist='gitea' name='/etc/gitea/conf/app.ini' source='gitea.conf' mkdir='True' rm='True' mode='770' owner='root' group='gitservice'/>
-            <!-- <service servicelist='xxxx'>nom-du-service-a-lancer-dans-le-conteneur</service> -->
-            <service servicelist='gitea'>forge</service>
-            <service_access service='gitea_without_nginx'>
-              <port service_accesslist="gitea_without_nginx" port_type="SymLinkOption">gitea_http_port</port>
-            </service_access>
-            <service_access service='gitea_ssh'>
-              <tcpwrapper>sshd</tcpwrapper>
-            </service_access>
-        </container>
+       <container name='forge' id='101'>
+          <package>apt-transport-https</package>
+          <package>git</package>
+          <file filelist='gitea' name='/etc/gitea/conf/app.ini' source='gitea.conf' mkdir='True' rm='True' mode='770' owner='root' group='gitservice'/>
+          <service servicelist='gitea'>forge</service>
+          <service_access service='gitea_without_nginx'>
+             <port service_accesslist="gitea_without_nginx" port_type="SymLinkOption">gitea_http_port</port>
+          </service_access>
+          <service_access service='gitea_ssh'>
+             <port service_accesslist="gitea_ssh'" port_type="SymLinkOption">gitea_ssh_port</port>
+          </service_access>
+       </container>
     </containers>
     <variables>
-        <family name='services'>
+       <family name='services'>
           <variable name='activer_gitea' type='oui/non' description='Activer la forge Gitea'>
-                <value>non</value>
-            </variable>
-        </family>
-        <family name='forge'>
+             <value>non</value>
+          </variable>
+       </family>
+       <family name='forge'>
           <variable name='gitea_name' type='string' description='Nom de la forge' mandatory='True'>
-            <value>Forge Numérique EOLE</value>
+             <value>Forge Numérique EOLE</value>
           </variable>
           <variable name='gitea_mail' type='oui/non' description="Activer l'envois de courriels">
-            <value>non</value>
+             <value>non</value>
           </variable>
           <variable name='gitea_mail_from' type='string' description="Adresse courriel a l'origine des messages de la forge"/>
-		      <variable name='gitea_mail_auth' type='oui/non' description="Utiliser un compte pour le serveur smtp">
-		    	  <value>non</value>
-	    	  </variable>
-		      <variable name='gitea_email_user' type='string' description="Nom de l'utilisateur SMTP"/>
-		      <variable name='gitea_email_password' type='string' description="Mot de passe de l'utilisateur"/>
+          <variable name='gitea_smtp_srv' type='string' description="Adresse IP ou DNS du serveur SMTP à utiliser"/>
+          <variable name='gitea_smtp_prt' type='port' description="Port du serveur SMTP à utiliser"/>
+          <variable name='gitea_mail_auth' type='oui/non' description="Utiliser un compte pour le serveur smtp">
+             <value>non</value>
+          </variable>
+          <variable name='gitea_email_user' type='string' description="Nom de l'utilisateur SMTP"/>
+          <variable name='gitea_email_password' type='string' description="Mot de passe de l'utilisateur"/>
 
           <variable name='gitea_web_name' type='string' description='Nom DNS de la forge' mandatory='True'/>
           <variable name='git_root' type='string' description='Repertoire des dépôts git' mandatory='True'>
-            <value>/srv/forge/git</value>
+             <value>/srv/forge/git</value>
           </variable>
           <variable name='gitea_registration' type='oui/non' description="Les utilisateurs peuvent s'enregistrer">
-            <value>non</value>
+             <value>non</value>
           </variable>
           <variable name='gitea_http_port' type='string' description='Port HTTP pour la forge' mode='expert'>
-            <value>6000</value>
+             <value>6000</value>
           </variable>
           <variable name='gitea_ssh_port' type='string' description='Port SSH pour la forge' mode='expert'>
-            <value>2222</value>
+             <value>2222</value>
           </variable>
           <variable name='gitea_db_file' type='string' description='Fichier de base de données' mode='expert'>
-            <value>/var/db/gitea/gitea.db</value>
+             <value>/var/db/gitea/gitea.db</value>
           </variable>
           <variable name='gitea_domain' type='string' description='Domaine git ... fixme ...' mode='expert'>
-            <value>localhost</value>
+             <value>localhost</value>
           </variable>
-		      <variable name='gitea_nginx' type='oui/non' hidden='True'/>
+          <variable name='gitea_nginx' type='oui/non' hidden='True'/>
           <variable type='string' name='gitea_db_mode' description='Serveur de bases de données à utiliser'/>
-        </family>
-        <family name="BDD Forge" mode="expert">
+       </family>
+       <family name="BDD Forge" mode="expert">
           <variable type='string' name='gitea_dbserver' description='Adresse du serveur de base de données'/>
           <variable type='number' name='gitea_dbport' description="Port d'écoute du serveur de base de données"/>
           <variable type='string' name='gitea_allow_hosts' description="Hôtes authorisés à utiliser la base de données" multi='True'/>
           <variable type='string' name='gitea_dbuser' description='Utilisateur du serveur de base de données'/>
           <variable type='string' name='gitea_dbpass' description='Fichier de mot de passe du serveur'/>
-        </family>
+       </family>
     </variables>
     <constraints>
-        <condition name='hidden_if_in' source='gitea_mail'>
-            <param>non</param>
-            <target type='variable'>gitea_mail_from</target>
-        </condition>
-        <condition name='disabled_if_in' source='activer_gitea'>
-            <param>non</param>
-            <target type='filelist'>gitea</target>
-            <target type='filelist'>gitea-nginx</target>
-            <target type='servicelist'>gitea</target>
-            <target type='family'>forge</target>
-            <target type='service_accesslist'>gitea_ssh</target>
-        </condition>
-		<condition name='disabled_if_in' source='gitea_mail_auth'>
-			<param>non</param>
-			<target type='variable'>gitea_email_user</target>
-			<target type='variable'>gitea_email_password</target>
-		</condition>
-    <fill name='calc_multi_condition' target='gitea_nginx'>
-            <param>oui</param>
-            <param name="operator">OR</param>
-            <param type="eole" name="condition_1" optional="True">activer_nginx_web</param>
-            <param name="condition_2">non</param>
-            <param name='match'>oui</param>
-            <param name='mismatch'>non</param>
-        </fill>
+       <condition name='hidden_if_in' source='gitea_mail'>
+          <param>non</param>
+          <target type='variable'>gitea_mail_from</target>
+          <target type='variable'>gitea_smtp_srv</target>
+          <target type='variable'>gitea_smtp_prt</target>
+          <target type='variable'>gitea_email_user</target>
+          <target type='variable'>gitea_email_password</target>
+       </condition>
+       <condition name='disabled_if_in' source='activer_gitea'>
+          <param>non</param>
+          <target type='filelist'>gitea</target>
+          <target type='filelist'>gitea-nginx</target>
+          <target type='servicelist'>gitea</target>
+          <target type='family'>forge</target>
+          <target type='service_accesslist'>gitea_ssh</target>
+       </condition>
+       <condition name='disabled_if_in' source='gitea_mail_auth'>
+          <param>non</param>
+          <target type='variable'>gitea_email_user</target>
+          <target type='variable'>gitea_email_password</target>
+       </condition>
+       <fill name='calc_multi_condition' target='gitea_nginx'>
+          <param>oui</param>
+          <param name="operator">OR</param>
+          <param type="eole" name="condition_1" optional="True">activer_nginx_web</param>
+          <param name="condition_2">non</param>
+          <param name='match'>oui</param>
+          <param name='mismatch'>non</param>
+       </fill>
 
-        
-        <condition name='disabled_if_in' source='gitea_nginx'>
+
+       <condition name='disabled_if_in' source='gitea_nginx'>
           <param>non</param>
           <target type='filelist'>gitea-nginx</target>
           <target type='service_accesslist'>gitea_with_nginx</target>
-        </condition>
-        <condition name='disabled_if_in' source='gitea_nginx'>
+       </condition>
+       <condition name='disabled_if_in' source='gitea_nginx'>
           <param>oui</param>
           <target type='service_accesslist'>gitea_without_nginx</target>
-        </condition>
+       </condition>
 
-        <check name='valid_enum' target='gitea_db_mode'>
-            <param>['default', 'externe', 'local']</param>
-        </check>
-        <condition name='disabled_if_in' source='gitea_db_mode'>
-            <param>local</param>
-            <target type='family'>BDD Forge</target>
-        </condition>
-        <condition name='disabled_if_in' source='gitea_db_mode'>
-            <param>default</param>
-            <target type='family'>BDD Forge</target>
-        </condition>
+       <check name='valid_enum' target='gitea_db_mode'>
+          <param>['default', 'externe', 'local']</param>
+       </check>
+       <condition name='disabled_if_in' source='gitea_db_mode'>
+          <param>local</param>
+          <target type='family'>BDD Forge</target>
+       </condition>
+       <condition name='disabled_if_in' source='gitea_db_mode'>
+          <param>default</param>
+          <target type='family'>BDD Forge</target>
+       </condition>
     </constraints>
     <help>
         <variable name='activer_gitea'>Activer la forge Gitea, Gitea est une forge basée sur Git clone de github (fork de gogs)</variable>

pretemplate/01-gitea-init

@@ -16,81 +16,120 @@ HOMEDIR="${WKDIR}/${USER}"
 OS="linux"
 ARCH="amd64"
 
-APPVERSION="1.8.2"
+APPVERSION="1.16.8"
 APPNAME="gitea"
 APPBINARY="gitea"
 APPSIG="7C9E68152594688862D62AF62D9AE806EC1592E2"
 APPASC="${APPNAME}-${APPVERSION}-${OS}-${ARCH}.asc"
-KEYSERV="pgp.mit.edu"
+KEYSERV="hkp://p80.pool.sks-keyservers.net:80"
 DLSERV="dl.gitea.io"
 APPDIR="${WKDIR}/gitea"
 APPBINDIR="${APPDIR}/bin"
 APPCONFDIR="/etc/${APPNAME}"
 
-if [[ -d ${APPCONFDIR} ]]
-then
-   exit 0
-fi
+function configure_proxy {
+   proxy=$(CreoleGet activer_proxy_client non)
+   if [[ ${proxy} == "oui" ]]
+   then
+      prAddr=$(CreoleGet proxy_client_adresse)
+      prPort=$(CreoleGet proxy_client_port)
+      export HTTP_PROXY=http://${prAddr}:${prPort}
+      export http_proxy=http://${prAddr}:${prPort}
+      export HTTPS_PROXY=http://${prAddr}:${prPort}
+      export https_proxy=http://${prAddr}:${prPort}
+   fi
+}
 
-proxy=$(CreoleGet activer_proxy_client non)
+function create_app_dir {
+   
+   mkdir -p "${APPDIR}"
+   chown ${USER}:${GROUP} "${APPDIR}" -R
 
-if [[ ${proxy} == "oui" ]]
-then
-   prAddr=$(CreoleGet proxy_client_adresse)
-   prPort=$(CreoleGet proxy_client_port)
-   export HTTP_PROXY=http://${prAddr}:${prPort}
-   export http_proxy=http://${prAddr}:${prPort}
-   export HTTPS_PROXY=http://${prAddr}:${prPort}
-   export https_proxy=http://${prAddr}:${prPort}
-fi
+   # Create app structure
+   mkdir -p ${APPDIR}/{custom,data,indexers,public,log}
+   chown ${USER}:${GROUP} ${APPDIR}/{data,indexers,log}
+   chmod 750 ${APPDIR}/{data,indexers,log}
+   mkdir -p "${APPCONFDIR}"
+   chown root:${GROUP} ${APPCONFDIR}
+   chmod 770 "${APPCONFDIR}"
 
-if [[ ! -d ${APPDIR} ]] 
-then
-   mkdir -p ${APPDIR}
-   chown ${USER}:${GROUP} ${APPDIR} -R
-fi
+   mkdir -p "${APPBINDIR}"
+   chown ${USER}:${GROUP} "${APPBINDIR}"
 
-# Create app user and group
-groupadd ${GROUP}
-adduser \
-   --shell ${USERSHELL} \
-   --gecos "${GECOS}" \
-   --ingroup ${GROUP} \
-   --disabled-password \
-   --home ${HOMEDIR} \
-   ${USER}
+}
 
-# Create app structure
-mkdir -p ${APPDIR}/{custom,data,indexers,public,log}
-chown ${USER}:${GROUP} ${APPDIR}/{data,indexers,log}
-chmod 750 ${APPDIR}/{data,indexers,log}
-mkdir ${APPCONFDIR}
-chown root:${GROUP} ${APPCONFDIR}
-chmod 770 ${APPCONFDIR}
+function create_user_and_group {
+   local existing_group=$(getent group ${GROUP})
+   if [ -z "${existing_group}" ]; then
+      groupadd ${GROUP}
+   fi
 
-if [[ ! -d ${APPBINDIR} ]]
-then
-   mkdir -p ${APPBINDIR}
-   chown ${USER}:${GROUP} ${APPBINDIR}
-fi
+   local existing_user=$(getent passwd ${USER})
+   if [ -z "${existing_user}" ]; then
+      adduser \
+         --shell ${USERSHELL} \
+         --gecos "${GECOS}" \
+         --ingroup ${GROUP} \
+         --disabled-password \
+         --home ${HOMEDIR} \
+         ${USER}
+   fi
+}
 
-cd $APPBINDIR
-if [[ ! -f ${APPBINARY} ]]
-then
-  wget -O ${APPBINARY} https://${DLSERV}/${APPNAME}/${APPVERSION}/${APPNAME}-${APPVERSION}-${OS}-${ARCH}
-  if [[ $? -eq  0 ]]
-  then
-     chmod +x ${APPBINARY}
-  else
-     echo "Error downloading binary for ${APPNAME}"
-     return 123
-  fi
-fi
+function download_binary {
+   local temp_bin=$(mktemp)
 
-if [[ ! -f ${APPASC} ]] 
-then
-   wget -O ${APPASC} https://${DLSERV}/${APPNAME}/${APPVERSION}/${APPASC}
+   wget -O "${temp_bin}" https://${DLSERV}/${APPNAME}/${APPVERSION}/${APPNAME}-${APPVERSION}-${OS}-${ARCH}
+   if [[ $? -ne  0 ]]
+   then
+      echo "Error downloading binary for ${APPNAME}"
+      return 123
+   fi
+
+   wget -O "${temp_bin}.asc" https://${DLSERV}/${APPNAME}/${APPVERSION}/${APPASC}
    gpg --keyserver ${KEYSERV} --recv ${APPSIG}
-   gpg --verify ${APPNAME}-${APPVERSION}-${OS}-${ARCH}.asc ${APPBINARY}
-fi
-cd -
+   gpg --verify "${temp_bin}.asc" "${temp_bin}"
+
+   if [[ $? -ne  0 ]]
+   then
+      echo "Error downloading binary for ${APPNAME}"
+      return 123
+   fi
+
+   cd $APPBINDIR
+   chmod +x "${temp_bin}"
+   mv -f "${temp_bin}" ${APPBINARY}
+   cd -
+}
+
+function current_gitea_version {
+   if [[ ! -f "${APPBINDIR}/${APPBINARY}" ]]
+   then
+      return
+   fi
+   "${APPBINDIR}/${APPBINARY}" --version | cut -d' ' -f 3
+}
+
+function main {
+   
+   # Check that installed version if ok
+   local current_version=$(current_gitea_version)
+   if [ "$current_version" == "$APPVERSION" ]; then
+      exit 0
+   fi
+   
+   if [ -z "$current_version" ]
+   then
+      echo "Installing Gitea ${APPVERSION}..."
+   else
+      echo "Upgrade Gitea from ${current_version} to ${APPVERSION}..."
+   fi
+   
+   configure_proxy
+   create_user_and_group
+   create_app_dir
+   download_binary
+   
+}
+
+main

tmpl/gitea-db.yml

@@ -34,8 +34,7 @@ createscript: "/usr/share/eole/db/gitea/gen/00-create-gitea-db.sql"
 %set cnt_prefix = %%getVar('container_path_reseau', '')
 pwd_files:
     - {file: '%%cnt_prefix/etc/gitea/conf/app.ini',
-       pattern: 'PASSWD   = ',
-       end_pattern: '',
+       pattern: 'PASSWD   = `',
+       end_pattern: '`',
        owner: 'root:gitservice',
        mod: '660' }
-

tmpl/gitea.conf

@@ -30,6 +30,7 @@ HTTP_ADDR =
 HTTP_PORT = %%gitea_http_port
 ; Disable SSH feature when not available
 DISABLE_SSH = false
+START_SSH_SERVER = true
 SSH_PORT = %%gitea_ssh_port
 ; Disable CDN even in "prod" mode
 OFFLINE_MODE = false
@@ -59,18 +60,18 @@ DB_TYPE = mysql
 %set %%dbMode = %%getVar("gitea_db_mode")
 %if %%dbMode == "default"
    %if %%edb_local == "oui"
-HOST = 127.0.0.1:3306
+HOST = /var/run/mysqld/mysqld.sock
    %else
 HOST = %%{edb_host}:%%{edb_port}
    %end if
 %elif %%dbMode == "local"
-HOST = 127.0.0.1:3306
+HOST = /var/run/mysqld/mysqld.sock
 %elif %%dbMode == "externe"
 HOST = %%{gitea_dbserver}:%%{gitea_dbport}
 %end if
 NAME = gitea
 USER = gitea 
-PASSWD   = gitea1234
+PASSWD   = `gitea1234`
 ; For "postgres" only, either "disable", "require" or "verify-full"
 SSL_MODE = disable
 ; For "sqlite3" only
@@ -136,11 +137,7 @@ SUBJECT = %(APP_NAME)s
 ; Gmail: smtp.gmail.com:587
 ; QQ: smtp.qq.com:25
 ; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
-   %if %%getVar('activer_exim_relay_smtp','non') == 'oui'
-HOST = %%exim_relay_smtp:25
-   %else
-HOST = 127.0.0.1
-   %end if
+HOST = %%gitea_smtp_srv:%%gitea_srv_prt
 ; Do not verify the certificate of the server. Only use this for self-signed certificates
 SKIP_VERIFY = true
 ; Use client certificate
@@ -239,13 +236,17 @@ AVATAR_UPLOAD_PATH = data/avatars
 GRAVATAR_SOURCE = gravatar
 DISABLE_GRAVATAR = false
 
+[repository.upload]
+ALLOWED_TYPES = application/zip|application/gzip|application/x-gzip|application/x-gtar|application/x-tgz|application/x-compressed-tar|text/plain
+
 [attachment]
 ; Whether attachments are enabled. Defaults to `true`
 ENABLE = true
 ; Path for attachments. Defaults to `data/attachments`
 PATH = data/attachments
 ; One or more allowed types, e.g. image/jpeg|image/png
-ALLOWED_TYPES = image/jpeg|image/png
+; ALLOWED_TYPES = image/jpeg|image/png
+ALLOWED_TYPES = */*
 ; Max size of each file. Defaults to 32MB
 MAX_SIZE = 32
 ; Max number of files per upload. Defaults to 10
@@ -265,15 +266,15 @@ MODE = console, file
 ; Buffer length of channel, keep it as it is if you don't know what it is.
 BUFFER_LEN = 10000
 ; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
-LEVEL = Trace
+LEVEL = Info
 
 ; For "console" mode only
 [log.console]
-LEVEL =
+LEVEL = Info
 
 ; For "file" mode only
 [log.file]
-LEVEL =
+LEVEL = Info
 ; This enables automated log rotate(switch of following options), default is true
 LOG_ROTATE = true
 ; Max line number of single file, default is 1000000
@@ -287,7 +288,7 @@ MAX_DAYS = 7
 
 ; For "conn" mode only
 [log.conn]
-LEVEL =
+LEVEL = Info
 ; Reconnect host for every single message, default is false
 RECONNECT_ON_MSG = false
 ; Try to reconnect when connection is lost, default is false
@@ -299,7 +300,7 @@ ADDR =
 
 ; For "smtp" mode only
 [log.smtp]
-LEVEL =
+LEVEL = Info
 ; Name displayed in mail title, default is "Diagnostic message from serve"
 SUBJECT = Diagnostic message from serve
 ; Mail server
@@ -312,7 +313,7 @@ RECEIVERS =
 
 ; For "database" mode only
 [log.database]
-LEVEL =
+LEVEL = Info
 ; Either "mysql" or "postgres"
 DRIVER =
 ; Based on xorm, e.g.: root:root@localhost/gitea?charset=utf8