From b692b09c0011edfcd04813e8883268b86b2fbfc7 Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Wed, 2 Aug 2023 16:37:48 +0200 Subject: [PATCH] rename bundle:gitea to bundle:forgejo --- PORT_MAP.md | 2 +- bundles/{gitea => forgejo}/files/app.ini | 3 +- .../files/forgejo.service} | 7 +- bundles/forgejo/items.py | 65 ++++++++++++++++++ bundles/{gitea => forgejo}/metadata.py | 56 ++++++--------- bundles/gitea/items.py | 68 ------------------- .../files/ssh-keys/carlene.key.vault} | 0 .../files/ssh-keys/carlene.pub} | 0 8 files changed, 91 insertions(+), 110 deletions(-) rename bundles/{gitea => forgejo}/files/app.ini (96%) rename bundles/{gitea/files/gitea.service => forgejo/files/forgejo.service} (55%) create mode 100644 bundles/forgejo/items.py rename bundles/{gitea => forgejo}/metadata.py (56%) delete mode 100644 bundles/gitea/items.py rename data/{gitea/files/ssh-keys/rx300.key.vault => forgejo/files/ssh-keys/carlene.key.vault} (100%) rename data/{gitea/files/ssh-keys/rx300.pub => forgejo/files/ssh-keys/carlene.pub} (100%) diff --git a/PORT_MAP.md b/PORT_MAP.md index 453040d..fd5c46b 100644 --- a/PORT_MAP.md +++ b/PORT_MAP.md @@ -36,7 +36,7 @@ Rule of thumb: keep ports below 10000 free for stuff that reserves ports. | 20090 | matrix-media-repo | prometheus metrics | | 21000 | pleroma | pleroma | | 21010 | grafana | grafana | -| 22000 | gitea | forgejo | +| 22000 | forgejo | forgejo | | 22010 | jenkins-ci | Jenkins CI | | 22020 | travelynx | Travelynx Web | | 22030 | octoprint | OctoPrint Web Interface | diff --git a/bundles/gitea/files/app.ini b/bundles/forgejo/files/app.ini similarity index 96% rename from bundles/gitea/files/app.ini rename to bundles/forgejo/files/app.ini index b55f210..557a20c 100644 --- a/bundles/gitea/files/app.ini +++ b/bundles/forgejo/files/app.ini @@ -1,9 +1,10 @@ APP_NAME = ${app_name} RUN_USER = git RUN_MODE = prod +WORK_PATH = /var/lib/forgejo [repository] -ROOT = /home/git/gitea-repositories +ROOT = /var/lib/forgejo/repositories MAX_CREATION_LIMIT = 0 DEFAULT_BRANCH = main diff --git a/bundles/gitea/files/gitea.service b/bundles/forgejo/files/forgejo.service similarity index 55% rename from bundles/gitea/files/gitea.service rename to bundles/forgejo/files/forgejo.service index 24f1505..76a5096 100644 --- a/bundles/gitea/files/gitea.service +++ b/bundles/forgejo/files/forgejo.service @@ -5,14 +5,13 @@ After=network.target Requires=postgresql.service [Service] -RestartSec=2s +RestartSec=10 Type=simple User=git Group=git -WorkingDirectory=/var/lib/gitea/ -ExecStart=/usr/local/bin/gitea web -c /etc/gitea/app.ini +WorkingDirectory=/var/lib/forgejo +ExecStart=/usr/local/bin/forgejo web -c /etc/forgejo/app.ini Restart=always -Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea [Install] WantedBy=multi-user.target diff --git a/bundles/forgejo/items.py b/bundles/forgejo/items.py new file mode 100644 index 0000000..cb51771 --- /dev/null +++ b/bundles/forgejo/items.py @@ -0,0 +1,65 @@ +users = { + 'git': { + 'home': '/var/lib/forgejo', + }, +} + +directories = { + '/var/lib/forgejo/.ssh': { + 'mode': '0700', + 'owner': 'git', + 'group': 'git', + }, + '/var/lib/forgejo': { + 'owner': 'git', + 'mode': '0700', + 'triggers': { + 'svc_systemd:forgejo:restart', + }, + }, +} + +files = { + '/usr/local/lib/systemd/system/forgejo.service': { + 'content_type': 'mako', + 'context': node.metadata.get('forgejo'), + 'triggers': { + 'action:systemd-reload', + 'svc_systemd:forgejo:restart', + }, + }, + '/etc/forgejo/app.ini': { + 'content_type': 'mako', + 'context': node.metadata.get('forgejo'), + 'triggers': { + 'svc_systemd:forgejo:restart', + }, + }, + '/usr/local/bin/forgejo': { + 'content_type': 'download', + 'source': node.metadata.get('forgejo/url'), + 'content_hash': node.metadata.get('forgejo/sha1', None), + 'mode': '0755', + 'triggers': { + 'svc_systemd:forgejo:restart', + }, + }, +} + +if node.metadata.get('forgejoinstall_ssh_key', False): + files['/var/lib/forgejo/.ssh/id_ed25519'] = { + 'content': repo.vault.decrypt_file(f'forgejo/files/ssh-keys/{node.name}.key.vault'), + 'mode': '0600', + 'owner': 'git', + 'group': 'git', + } + +svc_systemd = { + 'forgejo': { + 'needs': { + 'file:/etc/forgejo/app.ini', + 'file:/usr/local/bin/forgejo', + 'file:/usr/local/lib/systemd/system/forgejo.service', + }, + }, +} diff --git a/bundles/gitea/metadata.py b/bundles/forgejo/metadata.py similarity index 56% rename from bundles/gitea/metadata.py rename to bundles/forgejo/metadata.py index 2b9bcbe..d94eb9f 100644 --- a/bundles/gitea/metadata.py +++ b/bundles/forgejo/metadata.py @@ -1,33 +1,32 @@ defaults = { 'backups': { 'paths': { - '/home/git', - '/var/lib/gitea', + '/var/lib/forgejo', }, }, - 'gitea': { + 'forgejo': { 'app_name': 'Forgejo', 'database': { - 'username': 'gitea', - 'password': repo.vault.password_for('{} postgresql gitea'.format(node.name)), - 'database': 'gitea', + 'username': 'forgejo', + 'password': repo.vault.password_for('{} postgresql forgejo'.format(node.name)), + 'database': 'forgejo', }, 'disable_registration': True, 'email_domain_blocklist': set(), 'enable_git_hooks': False, - 'internal_token': repo.vault.password_for('{} gitea internal_token'.format(node.name)), - 'lfs_secret_key': repo.vault.password_for('{} gitea lfs_secret_key'.format(node.name)), - 'oauth_secret_key': repo.vault.password_for('{} gitea oauth_secret_key'.format(node.name)), - 'security_secret_key': repo.vault.password_for('{} gitea security_secret_key'.format(node.name)), + 'internal_token': repo.vault.password_for('{} forgejo internal_token'.format(node.name)), + 'lfs_secret_key': repo.vault.password_for('{} forgejo lfs_secret_key'.format(node.name)), + 'oauth_secret_key': repo.vault.password_for('{} forgejo oauth_secret_key'.format(node.name)), + 'security_secret_key': repo.vault.password_for('{} forgejo security_secret_key'.format(node.name)), }, 'icinga2_api': { - 'gitea': { + 'forgejo': { 'services': { 'FORGEJO PROCESS': { - 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_systemd_unit gitea', + 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_systemd_unit forgejo', }, 'FORGEJO UPDATE': { - 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_forgejo_for_new_release codeberg.org forgejo/forgejo v$(gitea --version | cut -d" " -f3)', + 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_forgejo_for_new_release codeberg.org forgejo/forgejo v$(forgejo --version | cut -d" " -f3)', 'vars.notification.mail': True, 'check_interval': '60m', }, @@ -41,29 +40,22 @@ defaults = { }, 'postgresql': { 'roles': { - 'gitea': { - 'password': repo.vault.password_for('{} postgresql gitea'.format(node.name)), + 'forgejo': { + 'password': repo.vault.password_for('{} postgresql forgejo'.format(node.name)), }, }, 'databases': { - 'gitea': { - 'owner': 'gitea', + 'forgejo': { + 'owner': 'forgejo', }, }, }, 'zfs': { 'datasets': { - 'tank/gitea': {}, - 'tank/gitea/home': { - 'mountpoint': '/home/git', + 'tank/forgejo': { + 'mountpoint': '/var/lib/forgejo', 'needed_by': { - 'directory:/home/git', - }, - }, - 'tank/gitea/var': { - 'mountpoint': '/var/lib/gitea', - 'needed_by': { - 'directory:/var/lib/gitea', + 'directory:/var/lib/forgejo', }, }, }, @@ -82,7 +74,7 @@ def nginx(metadata): 'nginx': { 'vhosts': { 'forgejo': { - 'domain': metadata.get('gitea/domain'), + 'domain': metadata.get('forgejo/domain'), 'locations': { '/': { 'target': 'http://127.0.0.1:22000', @@ -97,11 +89,3 @@ def nginx(metadata): }, }, } - - -@metadata_reactor.provides( - 'icinga2_api/gitea/services', -) -def icinga_check_for_new_release(metadata): - return { - } diff --git a/bundles/gitea/items.py b/bundles/gitea/items.py deleted file mode 100644 index e071483..0000000 --- a/bundles/gitea/items.py +++ /dev/null @@ -1,68 +0,0 @@ -users = { - 'git': {}, -} - -directories = { - '/home/git': { - 'mode': '0755', - 'owner': 'git', - 'group': 'git', - }, - '/home/git/.ssh': { - 'mode': '0755', - 'owner': 'git', - 'group': 'git', - }, - '/var/lib/gitea': { - 'owner': 'git', - 'mode': '0700', - 'triggers': { - 'svc_systemd:gitea:restart', - }, - }, -} - -files = { - '/etc/systemd/system/gitea.service': { - 'content_type': 'mako', - 'context': node.metadata.get('gitea'), - 'triggers': { - 'action:systemd-reload', - 'svc_systemd:gitea:restart', - }, - }, - '/etc/gitea/app.ini': { - 'content_type': 'mako', - 'context': node.metadata.get('gitea'), - 'triggers': { - 'svc_systemd:gitea:restart', - }, - }, - '/usr/local/bin/gitea': { - 'content_type': 'download', - 'source': node.metadata.get('gitea/url'), - 'content_hash': node.metadata.get('gitea/sha1', None), - 'mode': '0755', - 'triggers': { - 'svc_systemd:gitea:restart', - }, - }, -} - -if node.metadata['gitea'].get('install_ssh_key', False): - files['/home/git/.ssh/id_ed25519'] = { - 'content': repo.vault.decrypt_file(f'gitea/files/ssh-keys/{node.name}.key.vault'), - 'mode': '0600', - 'owner': 'git', - 'group': 'git', - } - -svc_systemd = { - 'gitea': { - 'needs': { - 'file:/etc/gitea/app.ini', - 'file:/etc/systemd/system/gitea.service', - 'file:/usr/local/bin/gitea', - }, - }, -} diff --git a/data/gitea/files/ssh-keys/rx300.key.vault b/data/forgejo/files/ssh-keys/carlene.key.vault similarity index 100% rename from data/gitea/files/ssh-keys/rx300.key.vault rename to data/forgejo/files/ssh-keys/carlene.key.vault diff --git a/data/gitea/files/ssh-keys/rx300.pub b/data/forgejo/files/ssh-keys/carlene.pub similarity index 100% rename from data/gitea/files/ssh-keys/rx300.pub rename to data/forgejo/files/ssh-keys/carlene.pub