YunoHost-Apps/gogs_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/gogs_ynh.git synced 2024-09-03 20:36:23 +02:00
Code Issues Activity Actions

Merge pull request #48 from YunoHost-Apps/testing

Browse source 
Testing
This commit is contained in:
Éric Gaspar 2021-11-29 16:13:35 +01:00 committed by GitHub
commit 880bf59f0c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
29 changed files with 1406 additions and 919 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
.gitattributes vendored
View file

@ -1,17 +0,0 @@
# Auto detect text files and perform LF normalization
* text=auto
# Custom for Visual Studio
*.cs diff=csharp
# Standard to msysgit
*.doc diff=astextplain
*.DOC diff=astextplain
*.docx diff=astextplain
*.DOCX diff=astextplain
*.dot diff=astextplain
*.DOT diff=astextplain
*.pdf diff=astextplain
*.PDF diff=astextplain
*.rtf diff=astextplain
*.RTF diff=astextplain

135
.github/workflows/updater.sh vendored Executable file
View file

@ -0,0 +1,135 @@
#!/bin/bash
#=================================================
# PACKAGE UPDATING HELPER
#=================================================
# This script is meant to be run by GitHub Actions
# The YunoHost-Apps organisation offers a template Action to run this script periodically
# Since each app is different, maintainers can adapt its contents so as to perform
# automatic actions when a new upstream release is detected.
# Remove this exit command when you are ready to run this Action
#exit 1
#=================================================
# FETCHING LATEST RELEASE AND ITS ASSETS
#=================================================
# Fetching information
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
# Later down the script, we assume the version has only digits and dots
# Sometimes the release name starts with a "v", so let's filter it out.
# You may need more tweaks here if the upstream repository has different naming conventions.
if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
version=${version:1}
fi
# Setting up the environment variables
echo "Current version: $current_version"
echo "Latest release from upstream: $version"
echo "VERSION=$version" >> $GITHUB_ENV
# For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update"
exit 0
fi
# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.)
echo "${#assets[@]} available asset(s)"
#=================================================
# UPDATE SOURCE FILES
#=================================================
# Here we use the $assets variable to get the resources published in the upstream release.
# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like.
# Let's loop over the array of assets URLs
for asset_url in ${assets[@]}; do
echo "Handling asset at $asset_url"
# Assign the asset to a source file in conf/ directory
# Here we base the source file name upon a unique keyword in the assets url (admin vs. update)
# Leave $src empty to ignore the asset
case $asset_url in
*"gogs_"*"_linux_amd64.zip")
src="amd64"
;;
*"gogs_"*"_linux_armv7.zip")
src="armhf"
;;
*"gogs_"*"_linux_386.zip")
src="i386"
;;
esac
# If $src is not empty, let's process the asset
if [ ! -z "$src" ]; then
# Create the temporary directory
tempdir="$(mktemp -d)"
# Download sources and calculate checksum
filename=${asset_url##*/}
curl --silent -4 -L $asset_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Delete temporary directory
rm -rf $tempdir
# Get extension
if [[ $filename == *.tar.gz ]]; then
extension=tar.gz
else
extension=${filename##*.}
fi
# Rewrite source file
cat <<EOT > conf/$src.src
SOURCE_URL=$asset_url
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true
EOT
echo "... conf/$src.src updated"
else
echo "... asset ignored"
fi
done
#=================================================
# SPECIFIC UPDATE STEPS
#=================================================
# Any action on the app's source code can be done.
# The GitHub Action workflow takes care of committing all changes after this script ends.
#=================================================
# GENERIC FINALIZATION
#=================================================
# Replace new version in manifest
echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
# No need to update the README, yunohost-bot takes care of it
# The Action will proceed only if the PROCEED environment variable is set to true
echo "PROCEED=true" >> $GITHUB_ENV
exit 0

49
.github/workflows/updater.yml vendored Normal file
View file

@ -0,0 +1,49 @@
# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
# This file should be enough by itself, but feel free to tune it to your needs.
# It calls updater.sh, which is where you should put the app-specific update steps.
name: Check for new upstream releases
on:
# Allow to manually trigger the workflow
workflow_dispatch:
# Run it every day at 6:00 UTC
schedule:
- cron: '0 6 * * *'
jobs:
updater:
runs-on: ubuntu-latest
steps:
- name: Fetch the source code
uses: actions/checkout@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run the updater script
id: run_updater
run: |
# Setting up Git user
git config --global user.name 'yunohost-bot'
git config --global user.email 'yunohost-bot@users.noreply.github.com'
# Run the updater script
/bin/bash .github/workflows/updater.sh
- name: Commit changes
id: commit
if: ${{ env.PROCEED == 'true' }}
run: |
git commit -am "Upgrade to v$VERSION"
- name: Create Pull Request
id: cpr
if: ${{ env.PROCEED == 'true' }}
uses: peter-evans/create-pull-request@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Update to version ${{ env.VERSION }}
committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
signoff: false
base: testing
branch: ci-auto-update-v${{ env.VERSION }}
delete-branch: true
title: 'Upgrade to version ${{ env.VERSION }}'
body: |
Upgrade to v${{ env.VERSION }}
draft: false

50
.gitignore vendored
View file

@ -1,50 +0,0 @@
# Windows image file caches
Thumbs.db
ehthumbs.db
# Folder config file
Desktop.ini
# Recycle Bin used on file shares
$RECYCLE.BIN/
# Windows Installer files
*.cab
*.msi
*.msm
*.msp
# Windows shortcuts
*.lnk
# =========================
# Operating System Files
# =========================
# OSX
# =========================
.DS_Store
.AppleDouble
.LSOverride
# Thumbnails
._*
# Files that might appear on external disk
.Spotlight-V100
.Trashes
# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk
# From kateproject
.kateproject
.kateproject.d
.directory
*.tar.gz

113
README.md
View file

@ -1,47 +1,49 @@
# Gogs package for YunoHost
<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
It shall NOT be edited by hand.
-->
Gogs is a self-hosted Git service written in Go. Alternative to Github.
- [Gogs website](http://gogs.io)
# Gogs for YunoHost
[![Integration level](https://dash.yunohost.org/integration/gogs.svg)](https://ci-apps.yunohost.org/jenkins/job/gogs%20%28Community%29/lastBuild/consoleFull)
[![Integration level](https://dash.yunohost.org/integration/gogs.svg)](https://dash.yunohost.org/appci/app/gogs) ![](https://ci-apps.yunohost.org/ci/badges/gogs.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/gogs.maintain.svg)
[![Install Gogs with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=gogs)
[![Install Gogs with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=gogs)
*[Lire ce readme en français.](./README_fr.md)*
# IMPORTANT INFORMATION
> *This package allows you to install Gogs quickly and simply on a YunoHost server.
If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
**Note that this package will not be longer be maintened by the actual maintener.
The idea is to migrate to [gitea](https://github.com/YunoHost-Apps/gitea_ynh) which is more featured.**
## Overview
For the old install you can migrate to gitea easly by juste upgrading your actuall gogs instance with the gitea source by this command:
```
sudo yunohost app upgrade -u https://github.com/YunoHost-Apps/gitea_ynh gogs
```
**Note that this command contains some risk of data lost. So it's important to make a backup of the app before the install.**
To make a backup you can use this command:
```
sudo yunohost backup create --debug --apps gogs
```
Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its particularity is that it is light and can run on an ARM card, which makes it suitable for self-hosting. Gogs has a web interface similar to that of GitHub.
For the new install just install gitea by this command:
```
sudo yunohost app install -l Gitea https://github.com/YunoHost-Apps/gitea_ynh
```
### Features
## Requirements
A functional instance of [YunoHost](https://yunohost.org)
- User dashboard, user profile and activity timeline.
- User, organization and repository management.
- Repository and organization webhooks, including Slack, Discord and Dingtalk.
- Repository Git hooks, deploy keys and Git LFS.
- Repository issues, pull requests, wiki, protected branches and collaboration.
- Migrate and mirror repositories with wiki from other code hosts.
- Web editor for quick editing repository files and wiki.
- Jupyter Notebook and PDF rendering.
- Authentication via SMTP, LDAP.
- Customize HTML templates, static files and many others.
## Installation
From the command-line:
`sudo yunohost app install -l Gogs https://github.com/YunoHost-Apps/gogs_ynh`
**Shipped version:** 0.12.3~ynh1
## Upgrade
From the command-line:
**Demo:** https://try.gogs.io/user/login
`sudo yunohost app upgrade -u https://github.com/YunoHost-Apps/gogs_ynh gogs`
## Screenshots
![](./doc/screenshots/screenshot.png)
## Disclaimers / important information
## Notes on SSH usage
If you want to use Gogs with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs:
If you want to use Gogs with SSH and be able to pull/push with you SSH key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs:
```bash
PubkeyAuthentication yes
@ -53,51 +55,34 @@ UsePAM no
You also need to add your public key to your Gogs profile.
If you use ssh on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`:
If you use SSH on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`:
```bash
Host domain.tld
port 2222 # change this with the port you use
```
## Info on upgrading from the old package version (gogs <0.9.xx)
Previous versions of this package used to build Gogs from sources instead of using the pre-compiled binary. It also left data in many places which was not good. The upgrade tries to take care of moving everything to the right place **BUT it's strongly advised to do a backup of your repositories and of the Gogs directory before the update**. Your avatars and issue attachments files may be lost in the process.
Also, in some cases, Gogs will not restart properly during the update. If so, you can rerun the update safely or try to start Gogs with `sudo systemctl restart gogs.service`.
Sources and issues of the old package can be found [here](https://github.com/YunoHost-Apps/gogs_ynh_old/)
## Info
Gogs v0.11.66
- [YunoHost forum thread](https://forum.yunohost.org/t/gogs-package-an-awesome-github-alternative/1127)
Architecture: this package is compatible with amd64, i386 and arm. The package will try to detect it with the command uname -m and fail if it can't detect the architecture. If that happens please open an issue describing your hardware and the result of the command `uname -m`.
## Private Mode
Actually it's possible to access to the git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings.
## Issue
Actually it's possible to access to the Git repositories by the `git` command over HTTP also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings.
Any issue is welcome here : https://github.com/YunoHost-Apps/gogs_ynh/issues
## Documentation and resources
## License
Gogs is published under the MIT License:
https://github.com/gogits/gogs/blob/master/LICENSE
* Official app website: http://gogs.io
* Official admin documentation: https://gogs.io/docs
* Upstream app code repository: https://github.com/gogs/gogs
* YunoHost documentation for this app: https://yunohost.org/app_gogs
* Report a bug: https://github.com/YunoHost-Apps/gogs_ynh/issues
This package is published under the MIT License.
## Developer info
Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/gogs_ynh/tree/testing).
## Developper info
Please do your pull requests to the `dev` branch.
Test or upgrade to dev version:
```bash
sudo su - admin
git clone -b dev https://github.com/YunoHost-Apps/gogs_ynh
# to install
sudo yunohost app install -l Gogs /home/admin/gogs_ynh
# to upgrade
sudo yunohost app upgrade -f /home/admin/gogs_ynh gogs
To try the testing branch, please proceed like that.
```
sudo yunohost app install https://github.com/YunoHost-Apps/gogs_ynh/tree/testing --debug
or
sudo yunohost app upgrade gogs -u https://github.com/YunoHost-Apps/gogs_ynh/tree/testing --debug
```
**More info regarding app packaging:** https://yunohost.org/packaging_apps

71
README_fr.md Normal file
View file

@ -0,0 +1,71 @@
# Gogs pour YunoHost
[![Niveau d'intégration](https://dash.yunohost.org/integration/gogs.svg)](https://dash.yunohost.org/appci/app/gogs) ![](https://ci-apps.yunohost.org/ci/badges/gogs.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/gogs.maintain.svg)
[![Installer Gogs avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=gogs)
*[Read this readme in english.](./README.md)*
*[Lire ce readme en français.](./README_fr.md)*
> *Ce package vous permet d'installer Gogs rapidement et simplement sur un serveur YunoHost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
## Vue d'ensemble
Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go. Sa particularité est dêtre léger et pouvant fonctionner sur carte ARM, ce qui fait quil est adapté à lauto-hébergement. Gogs a une interface web similaire à celle de GitHub.
**Version incluse :** 0.12.3~ynh1
**Démo :** https://try.gogs.io/user/login
## Captures d'écran
![](./doc/screenshots/screenshot.png)
## Avertissements / informations importantes
## Notes on SSH usage
If you want to use Gogs with SSH and be able to pull/push with you SSH key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs:
```bash
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
```
You also need to add your public key to your Gogs profile.
If you use SSH on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`:
```bash
Host domain.tld
port 2222 # change this with the port you use
```
## Private Mode
Actually it's possible to access to the Git repositories by the `git` command over HTTP also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings.
## Documentations et ressources
* Site officiel de l'app : http://gogs.io
* Documentation officielle de l'admin : https://gogs.io/docs
* Dépôt de code officiel de l'app : https://github.com/gogs/gogs
* Documentation YunoHost pour cette app : https://yunohost.org/app_gogs
* Signaler un bug : https://github.com/YunoHost-Apps/gogs_ynh/issues
## Informations pour les développeurs
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/gogs_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
```
sudo yunohost app install https://github.com/YunoHost-Apps/gogs_ynh/tree/testing --debug
ou
sudo yunohost app upgrade gogs -u https://github.com/YunoHost-Apps/gogs_ynh/tree/testing --debug
```
**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps

34
check_process
View file

@ -1,9 +1,9 @@
;; General
; Manifest
domain="domain.tld" (DOMAIN)
path="/path" (PATH)
admin="john" (USER)
is_public=1 (PUBLIC|public=1|private=0)
domain="domain.tld"
path="/path"
admin="john"
is_public=1
; Checks
pkg_linter=1
setup_sub_dir=1
@ -12,30 +12,10 @@
setup_private=1
setup_public=1
upgrade=1
upgrade=1 from_commit=aa075b2051ffad7b0b6fef3a9c767376d5bdbfab
upgrade=1 from_commit=1cbec051e1171de5a8ed1e850eb4fb3506114da5
upgrade=1 from_commit=5a706ed246392c1ce39c47a648cb93e2996e80d3
#upgrade=1 from_commit=
backup_restore=1
multi_instance=1
incorrect_path=0
port_already_use=1 (6000)
change_url=1
;;; Levels
Level 1=auto
Level 2=auto
Level 3=auto
# https://github.com/YunoHost-Apps/gogs_ynh/blob/master/conf/login_source.sql
Level 4=1
Level 5=auto
Level 6=auto
Level 7=auto
Level 8=0
Level 9=0
Level 10=0
;;; Upgrade options
; commit=aa075b2051ffad7b0b6fef3a9c767376d5bdbfab
name=Before multi_instance and refactoring
; commit=1cbec051e1171de5a8ed1e850eb4fb3506114da5
name=From V0.10.18
; commit=5a706ed246392c1ce39c47a648cb93e2996e80d3
name=The oldest package
; commit=
name=

5
conf/amd64.src Normal file
View file

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/gogs/gogs/releases/download/v0.12.3/gogs_0.12.3_linux_amd64.zip
SOURCE_SUM=0eeab278aaf8fc999329e611fe0709e95e08c26d15bdf60d499268f144e40406
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=true

617
conf/app.ini
View file

@ -1,50 +1,25 @@
; App name that shows on every page title
APP_NAME = Gogs: Go Git Service
; The name of the system user that runs Gogs
;https://github.com/gogits/gogs/blob/master/conf/app.ini
; The brand name of the application, can be your company or team name.
BRAND_NAME = Gogs
; The system user who should be running the applications. It has no effect on Windows,
; otherwise, it should match the value of $USER environment variable.
RUN_USER = __APP__
; Either "dev", "prod" or "test"
; The running mode of the application, can be either "dev", "prod" or "test".
RUN_MODE = prod
[server]
PROTOCOL = http
; The public-facing URL for the application.
EXTERNAL_URL = https://__URL__/
; The public-facing domain name for the application.
DOMAIN = __DOMAIN__
ROOT_URL = https://__URL__/
HTTP_ADDR = 0.0.0.0
; The protocol that is used to serve direct traffic to the application.
; Currently supports "http", "https", "fcgi" and "unix".
PROTOCOL = http
; The address to be listened by the application.
HTTP_ADDR = 127.0.0.1
; The port number to be listened by the application.
HTTP_PORT = __PORT__
; Permission for unix socket
UNIX_SOCKET_PERMISSION = 666
; Local (DMZ) URL for Gogs workers (such as SSH update) accessing web service.
; In most cases you do not need to change the default value.
; Alter it only if your SSH server node is not the same as HTTP node.
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
; Disable SSH feature when not available
DISABLE_SSH = false
; Whether use builtin SSH server or not.
START_SSH_SERVER = false
; Domain name to be exposed in SSH clone URL
SSH_DOMAIN = %(DOMAIN)s
; Port number to be exposed in SSH clone URL
SSH_PORT = 22
; Network interface builtin SSH server listens on
SSH_LISTEN_HOST = 0.0.0.0
; Port number builtin SSH server listens on
SSH_LISTEN_PORT = %(SSH_PORT)s
; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
SSH_ROOT_PATH =
; Indicate whether to rewrite authorized_keys at start, ignored when use builtin SSH server
REWRITE_AUTHORIZED_KEYS_AT_START = false
; Choose the ciphers to support for SSH connections
SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
; Directory to create temporary files when test publick key using ssh-keygen,
; default is system temporary directory.
SSH_KEY_TEST_PATH =
; Path to ssh-keygen, default is 'ssh-keygen' and let shell find out which one to call.
SSH_KEYGEN_PATH = ssh-keygen
; Indicate whether to check minimum key size with corresponding type
MINIMUM_KEY_SIZE_CHECK = false
; Disable CDN even in "prod" mode
OFFLINE_MODE = false
DISABLE_ROUTER_LOG = false
; Generate steps:
; $ ./gogs cert -ca=true -duration=8760h0m0s -host=myhost.example.com
;
@ -54,267 +29,326 @@ DISABLE_ROUTER_LOG = false
; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
CERT_FILE = custom/https/cert.pem
KEY_FILE = custom/https/key.pem
; Allowed TLS version values: SSL30, TLS10, TLS11, TLS12
TLS_MIN_VERSION = TLS10
; The minimum allowed TLS version, currently supports "TLS10", "TLS11", "TLS12", and "TLS13".
TLS_MIN_VERSION = TLS12
; File permission when serve traffic via Unix domain socket.
UNIX_SOCKET_PERMISSION = 666
; Local (DMZ) URL for workers (e.g. SSH update) accessing web service.
; In most cases you do not need to change the default value.
; Alter it only if your SSH server node is not the same as HTTP node.
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
; Upper level of template and static file path
; default is the path where Gogs is executed
STATIC_ROOT_PATH =
; Default path for App data
APP_DATA_PATH = __DATA_PATH__
; Application level GZIP support
; Whether to disable using CDN for static files regardless.
OFFLINE_MODE = false
; Whether to disable logging in router.
DISABLE_ROUTER_LOG = true
; Whether to enable application level GZIP compression.
ENABLE_GZIP = false
; Landing page for non-logged users, can be "home" or "explore"
LANDING_PAGE = explore
; The path for storing application specific data.
APP_DATA_PATH = __DATADIR__/data
; Whether to enable to load assets (i.e. "conf", "templates", "public") from disk instead of embedded bindata.
LOAD_ASSETS_FROM_DISK = false
; The landing page URL for anonymous users, the value should not include
; subpath that is handled by the reverse proxy.
LANDING_URL = /explore
; Whether to disable SSH access to the application entirely.
DISABLE_SSH = false
; The domain name to be exposed in SSH clone URL.
SSH_DOMAIN = %(DOMAIN)s
; The port number to be exposed in SSH clone URL.
SSH_PORT = 22
; The path of SSH root directory, default is "$HOME/.ssh".
SSH_ROOT_PATH =
; The path to ssh-keygen, default is "ssh-keygen" and let shell find out which one to call.
SSH_KEYGEN_PATH = ssh-keygen
; The directory to create temporary files when test a public key using ssh-keygen,
; default is the system temporary directory.
SSH_KEY_TEST_PATH =
; Whether to check minimum public key size with corresponding type.
MINIMUM_KEY_SIZE_CHECK = false
; Whether to rewrite "~/.ssh/authorized_keys" file at start, ignored when use builtin SSH server.
REWRITE_AUTHORIZED_KEYS_AT_START = false
; Whether to start a builtin SSH server.
START_SSH_SERVER = false
; The network interface for builtin SSH server to listen on.
SSH_LISTEN_HOST = 0.0.0.0
; The port number for builtin SSH server to listen on.
SSH_LISTEN_PORT = %(SSH_PORT)s
; The list of accepted ciphers for connections to builtin SSH server.
SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
; The list of accepted MACs for connections to builtin SSH server.
SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1
; Define allowed algorithms and their minimum key length (use -1 to disable a type).
[ssh.minimum_key_sizes]
ED25519 = 256
ECDSA = 256
RSA = 2048
DSA = 1024
[repository]
; Root path for storing repositories's data, default is "~/<username>/gogs-repositories"
ROOT = __REPOS_PATH__
; The script type server supports, sometimes could be "sh"
; The root path for storing managed repositories, default is "~/gogs-repositories"
ROOT = __DATADIR__/repositories
; The script type server supports, sometimes could be "sh".
SCRIPT_TYPE = bash
; Default ANSI charset for an unrecognized charset
; Default ANSI charset for an unrecognized charset.
ANSI_CHARSET =
; Force every new repository to be private
; Whether to force every new repository to be private.
FORCE_PRIVATE = false
; Global maximum creation limit of repository per user, -1 means no limit
; The global limit of number of repositories a user can create, -1 means no limit.
MAX_CREATION_LIMIT = -1
; Mirror sync queue length, increase if mirror syncing starts hanging
MIRROR_QUEUE_LENGTH = 1000
; Patch test queue length, increase if pull request patch testing starts hanging
PULL_REQUEST_QUEUE_LENGTH = 1000
; Preferred Licenses to place at the top of the list
; Name must match file name in conf/license or custom/conf/license
PREFERRED_LICENSES = Apache License 2.0,MIT License
; Disable ability to interact with repositories by HTTP protocol
; Preferred Licenses to place at the top of the list.
; Name must match file name in "conf/license" or "custom/conf/license".
PREFERRED_LICENSES = Apache License 2.0, MIT License
; Whether to disable Git interaction with repositories via HTTP/HTTPS protocol.
DISABLE_HTTP_GIT = false
; Enable ability to migrate repository by local path
; Whether to enable ability to migrate repository by server local path.
ENABLE_LOCAL_PATH_MIGRATION = false
; Concurrency is used to retrieve commits information. This variable define
; the maximum number of tasks that can be run at the same time. Usually, the
; value depend of how many CPUs (cores) you have. If the value is set to zero
; or under, GOGS will automatically detect the number of CPUs your system have
COMMITS_FETCH_CONCURRENCY = 0
; Enable render mode for raw file
; Whether to enable render mode for raw file. There are potential security risks.
ENABLE_RAW_FILE_RENDER_MODE = false
; The maximum number of goroutines that can be run at the same time for a single
; fetch request. Usually, the value depend of how many CPU (cores) you have. If
; the value is non-positive, it matches the number of CPUs available to the application.
COMMITS_FETCH_CONCURRENCY = 0
[repository.editor]
; List of file extensions that should have line wraps in the CodeMirror editor.
; Separate extensions with a comma. To line wrap files without extension, just put a comma
LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd,
; Valid file modes that have a preview API associated with them, such as api/v1/markdown.
; Separate values by commas. Preview tab in edit mode won't show if the file extension doesn't match
; Separate extensions with a comma.
LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd
; Valid file modes that have a preview API associated with them, such as "/api/v1/markdown".
; Separate values by commas. Preview tab in edit mode won't show if the file extension doesn't match.
PREVIEWABLE_FILE_MODES = markdown
[repository.upload]
; Enable repository file uploads.
; Whether to enable repository file uploads.
ENABLED = true
; Path to temporarily store uploads (default path gets cleaned by Gogs in every start)
TEMP_PATH = data/tmp/uploads
; File types that are allowed to be uploaded, e.g. image/jpeg|image/png. Leave empty means allow any file type
; The path to temporarily store uploads (content under this path gets wiped out on every start).
TEMP_PATH = __DATADIR__/data/tmp/uploads
; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type.
ALLOWED_TYPES =
; Maximum size of each file in MB
; The maximum size of each file in MB.
FILE_MAX_SIZE = 3
; Maximum number of files per upload
; The maximum number of files per upload.
MAX_FILES = 5
; Attachment settings for releases
[release.attachment]
; Whether attachments are enabled. Defaults to `true`
[database]
; The database backend, either "postgres", "mysql" "sqlite3" or "mssql".
; You can connect to TiDB with MySQL protocol.
TYPE = mysql
HOST = 127.0.0.1:3306
NAME = __DB_NAME__
USER = __DB_USER__
PASSWORD = __DB_PWD__
; For "postgres" only, either "disable", "require" or "verify-full".
SSL_MODE = disable
; For "sqlite3" only, make sure to use absolute path.
PATH = data/gogs.db
; The maximum open connections of the pool.
MAX_OPEN_CONNS = 30
; The maximum idle connections of the pool.
MAX_IDLE_CONNS = 30
[security]
; Whether to show the install page, set this to "true" to bypass it.
INSTALL_LOCK = true
; The secret to encrypt cookie values, 2FA code, etc.
; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
SECRET_KEY = __KEY__
; The days remembered for auto-login.
LOGIN_REMEMBER_DAYS = 7
; The cookie name to store auto-login information.
COOKIE_REMEMBER_NAME = gogs_incredible
; The cookie name to store logged in username.
COOKIE_USERNAME = gogs_awesome
; Whether to set secure cookie.
COOKIE_SECURE = false
; Whether to set cookie to indicate user login status.
ENABLE_LOGIN_STATUS_COOKIE = false
; The cookie name to store user login status.
LOGIN_STATUS_COOKIE_NAME = login_status
[email]
; Whether to enable the email service.
ENABLED = true
; Path for attachments. Defaults to `data/attachments`
PATH = data/attachments
; One or more allowed types, e.g. image/jpeg|image/png
; The prefix prepended to the subject line.
SUBJECT_PREFIX = `[%(BRAND_NAME)s] `
; The SMTP server with its port, e.g. smtp.mailgun.org:587, smtp.gmail.com:587, smtp.qq.com:465
; If the port ends is "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409.
; If the server supports STARTTLS it will always be used.
HOST = 127.0.0.1:25
; The email from address (RFC 5322). This can be just an email address, or the `"Name" <email@example.com>` format.
FROM = "Gogs" <gogs-noreply@__DOMAIN__>
; The login user.
USER = "Gogs" <gogs-noreply@__DOMAIN__>
; The login password.
PASSWORD =
; Whether to disable HELO operation when the hostname is different.
DISABLE_HELO =
; The custom hostname for HELO operation, default is from system.
HELO_HOSTNAME =
; Whether to skip verifying the certificate of the server. Only use this for self-signed certificates.
SKIP_VERIFY = true
; Whether to use client certificates.
USE_CERTIFICATE = false
CERT_FILE = custom/email/cert.pem
KEY_FILE = custom/email/key.pem
; Whether to use "text/plain" as content format.
USE_PLAIN_TEXT = false
; Whether to attach a plaintext alternative to the MIME message while sending HTML emails.
; It is used to support older mail clients and make spam filters happier.
ADD_PLAIN_TEXT_ALT = false
[auth]
; The valid duration of activate code in minutes.
ACTIVATE_CODE_LIVES = 180
; The valid duration of reset password code in minutes.
RESET_PASSWORD_CODE_LIVES = 180
; Whether to require email confirmation for adding new email addresses.
; Enable this option will also require user to confirm the email for registration.
REQUIRE_EMAIL_CONFIRMATION = false
; Whether to disallow anonymous users visiting the site.
REQUIRE_SIGNIN_VIEW = false
; Whether to disable self-registration. When disabled, accounts would have to be created by admins.
DISABLE_REGISTRATION = true
; Whether to enable captcha validation for registration
ENABLE_REGISTRATION_CAPTCHA = true
; Whether to enable reverse proxy authentication via HTTP header.
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
; Whether to automatically create new users for reverse proxy authentication.
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
; The HTTP header used as username for reverse proxy authentication.
REVERSE_PROXY_AUTHENTICATION_HEADER = X-WEBAUTH-USER
[user]
; Whether to enable email notifications for users.
ENABLE_EMAIL_NOTIFICATION = false
[session]
; The session provider, either "memory", "file", or "redis".
PROVIDER = memory
; The configuration for respective provider:
; - memory: does not need any config yet
; - file: session file path, e.g. `data/sessions`
; - redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
PROVIDER_CONFIG = data/sessions
; The cookie name to store the session identifier.
COOKIE_NAME = i_like_gogs
; Whether to set cookie in HTTPS only.
COOKIE_SECURE = false
; The GC interval in seconds for session data.
GC_INTERVAL = 3600
; The maximum life time in seconds for a session.
MAX_LIFE_TIME = 86400
; The cookie name for CSRF token.
CSRF_COOKIE_NAME = _csrf
[cache]
; The cache adapter, either "memory", "redis", or "memcache".
ADAPTER = memory
; For "memory" only, GC interval in seconds.
INTERVAL = 60
; For "redis" and "memcache", connection host address:
; - redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; - memcache: `127.0.0.1:11211`
HOST =
[http]
; The value for "Access-Control-Allow-Origin" header, default is not to present.
ACCESS_CONTROL_ALLOW_ORIGIN =
[lfs]
; The storage backend for uploading new objects.
STORAGE = local
; The root path to store LFS objects on local file system.
OBJECTS_PATH = __DATADIR__/data/lfs-objects
[attachment]
; Whether to enabled upload attachments in general.
ENABLED = true
; The path to store attachments on the file system.
PATH = __DATADIR__/data/attachments
; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type.
ALLOWED_TYPES = image/jpeg|image/png
; The maximum size of each file in MB.
MAX_SIZE = 4
; The maximum number of files per upload.
MAX_FILES = 5
[release.attachment]
; Whether to enabled upload attachments for releases.
ENABLED = true
; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type.
ALLOWED_TYPES = */*
; Max size of each file. Defaults to 32MB
; The maximum size of each file in MB.
MAX_SIZE = 32
; Max number of files per upload. Defaults to 10
; The maximum number of files per upload.
MAX_FILES = 10
[time]
; Specifies the format for fully outputed dates.
; Values should be one of the following:
; ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano.
; For more information about the format see http://golang.org/pkg/time/#pkg-constants.
FORMAT = RFC1123
[picture]
; The path to store user avatars on the file system.
AVATAR_UPLOAD_PATH = __DATADIR__/data/avatars
; The path to store repository avatars on the file system.
REPOSITORY_AVATAR_UPLOAD_PATH = __DATADIR__/data/repo-avatars
; Chinese users can use a custom avatar source, such as http://cn.gravatar.com/avatar/.
GRAVATAR_SOURCE = gravatar
; Whether to disable Gravatar, this value will be forced to be true in offline mode.
DISABLE_GRAVATAR = false
; Whether to enable federated avatar lookup uses DNS to discover avatar associated
; with emails, see https://www.libravatar.org for details.
; This value will be forced to be false in offline mode or when Gravatar is disabled.
ENABLE_FEDERATED_AVATAR = false
[markdown]
; Enable hard line break extension
; Whether to enable hard line break extension.
ENABLE_HARD_LINE_BREAK = false
; List of custom URL-Schemes that are allowed as links when rendering Markdown
; for example git,magnet
; The list of custom URL schemes that are allowed as links when rendering Markdown.
; For example, "git" (for "git://") and "magnet" (for "magnet://").
CUSTOM_URL_SCHEMES =
; List of file extensions that should be rendered/edited as Markdown
; Separate extensions with a comma. To render files w/o extension as markdown, just put a comma
; The list of file extensions that should be rendered/edited as Markdown.
; Separate extensions with a comma. To render files with no extension as markdown, just put a comma.
FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd
[smartypants]
; Whether to enable the Smartypants extension.
ENABLED = false
FRACTIONS = true
DASHES = true
LATEX_DASHES = true
ANGLED_QUOTES = true
[http]
; Value for Access-Control-Allow-Origin header, default is not to present
ACCESS_CONTROL_ALLOW_ORIGIN =
; Define allowed algorithms and their minimum key length (use -1 to disable a type)
[ssh.minimum_key_sizes]
ED25519 = 256
ECDSA = 256
RSA = 2048
DSA = 1024
[database]
; Either "mysql", "postgres" or "sqlite3", you can connect to TiDB with MySQL protocol
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = __DB_USER__
USER = __DB_USER__
PASSWD = __DB_PASSWORD__
; For "postgres" only, either "disable", "require" or "verify-full"
SSL_MODE = disable
; For "sqlite3" and "tidb", use absolute path when you start as service
PATH = data/gogs.db
[admin]
; Disable regular (non-admin) users to create organizations
; Whether to disable regular (non-admin) users to create organizations.
DISABLE_REGULAR_ORG_CREATION = false
[security]
INSTALL_LOCK = true
; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
SECRET_KEY = __KEY__
; Auto-login remember days
LOGIN_REMEMBER_DAYS = 7
COOKIE_USERNAME = gogs_awesome
COOKIE_REMEMBER_NAME = gogs_incredible
COOKIE_SECURE = false
; Reverse proxy authentication header name of user name
REVERSE_PROXY_AUTHENTICATION_USER = REMOTE_USER
; Enable to set cookie to indicate user login status
ENABLE_LOGIN_STATUS_COOKIE = false
LOGIN_STATUS_COOKIE_NAME = login_status
[service]
ACTIVE_CODE_LIVE_MINUTES = 180
RESET_PASSWD_CODE_LIVE_MINUTES = 180
; User need to confirm e-mail for registration
REGISTER_EMAIL_CONFIRM = false
; Does not allow register and admin create account only
DISABLE_REGISTRATION = true
; User must sign in to view anything.
REQUIRE_SIGNIN_VIEW = __PRIVATE_MODE__
; Mail notification
ENABLE_NOTIFY_MAIL = true
; More detail: https://github.com/gogits/gogs/issues/165
ENABLE_REVERSE_PROXY_AUTHENTICATION = true
ENABLE_REVERSE_PROXY_AUTO_REGISTERATION = true
; Enable captcha validation for registration
ENABLE_CAPTCHA = false
[webhook]
; Types are enabled for users to use, can be "gogs", "slack", "discord", "dingtalk"
; The list of enabled types for users to use, can be "gogs", "slack", "discord", "dingtalk".
TYPES = gogs, slack, discord, dingtalk
; Hook task queue length, increase if webhook shooting starts hanging
QUEUE_LENGTH = 1000
; Deliver timeout in seconds
; Deliver timeout in seconds.
DELIVER_TIMEOUT = 15
; Allow insecure certification
; Whether to allow insecure certification.
SKIP_TLS_VERIFY = false
; Number of history information in each page
; The number of history information in each page.
PAGING_NUM = 10
[mailer]
ENABLED = true
; Buffer length of channel, keep it as it is if you don't know what it is.
SEND_BUFFER_LEN = 100
; Prefix prepended to the subject line
SUBJECT_PREFIX = `[%(APP_NAME)s] `
; Mail server
; Gmail: smtp.gmail.com:587
; QQ: smtp.qq.com:465
; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
HOST = 127.0.0.1:25
; Disable HELO operation when hostname are different.
DISABLE_HELO =
; Custom hostname for HELO operation, default is from system.
HELO_HOSTNAME =
; Do not verify the certificate of the server. Only use this for self-signed certificates
SKIP_VERIFY = true
; Use client certificate
USE_CERTIFICATE = false
CERT_FILE = custom/mailer/cert.pem
KEY_FILE = custom/mailer/key.pem
; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
FROM = "Gogs" <gogs-noreply@__DOMAIN__>
; Mailer user name and password
USER =
PASSWD =
; Use text/plain as format of content
USE_PLAIN_TEXT = false
[cache]
; Either "memory", "redis", or "memcache", default is "memory"
ADAPTER = memory
; For "memory" only, GC interval in seconds, default is 60
INTERVAL = 60
; For "redis" and "memcache", connection host address
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; memcache: `127.0.0.1:11211`
HOST =
[session]
; Either "memory", "file", or "redis", default is "memory"
PROVIDER = memory
; Provider config options
; memory: not have any config yet
; file: session file path, e.g. `data/sessions`
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
PROVIDER_CONFIG = data/sessions
; Session cookie name
COOKIE_NAME = i_like_gogits
; If you use session in https only, default is false
COOKIE_SECURE = false
; Enable set cookie, default is true
ENABLE_SET_COOKIE = true
; Session GC time interval, default is 3600
GC_INTERVAL_TIME = 3600
; Session life time, default is 86400
SESSION_LIFE_TIME = 86400
; Cookie name for CSRF
CSRF_COOKIE_NAME = _csrf
[picture]
; Path to store user uploaded avatars
AVATAR_UPLOAD_PATH = __DATA_PATH__/avatars
; Chinese users can choose "duoshuo"
; or a custom avatar source, like: http://cn.gravatar.com/avatar/
GRAVATAR_SOURCE = gravatar
; This value will be forced to be true in offline mode.
DISABLE_GRAVATAR = false
; Federated avatar lookup uses DNS to discover avatar associated
; with emails, see https://www.libravatar.org
; This value will be forced to be false in offline mode or Gravatar is disbaled.
ENABLE_FEDERATED_AVATAR = false
; Attachment settings for issues
[attachment]
; Whether attachments are enabled. Defaults to `true`
ENABLED = true
; Path for attachments. Defaults to `data/attachments`
PATH = __DATA_PATH__/attachments
; One or more allowed types, e.g. image/jpeg|image/png
ALLOWED_TYPES = image/jpeg|image/png
; Max size of each file. Defaults to 4MB
MAX_SIZE = 4
; Max number of files per upload. Defaults to 5
MAX_FILES = 5
[time]
; Specifies the format for fully outputed dates. Defaults to RFC1123
; Special supported values are ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano
; For more information about the format see http://golang.org/pkg/time/#pkg-constants
FORMAT =
; General settings of loggers
; General settings of loggers.
[log]
ROOT_PATH = /var/log/__APP__
; Can be "console" and "file", default is "console"
; The root path for all log files, default is "log/" subdirectory.
ROOT_PATH =/var/log/__APP__
; Can be "console", "file", "slack" and "discord".
; Use comma to separate multiple modes, e.g. "console, file"
MODE = file
; Buffer length of channel, keep it as it is if you don't know what it is.
@ -324,38 +358,38 @@ LEVEL = Warn
; For "console" mode only
[log.console]
; leave empty to inherit
LEVEL =
; Comment out to inherit
; LEVEL =
; For "file" mode only
[log.file]
; leave empty to inherit
LEVEL =
; This enables automated log rotate (switch of following options)
; Comment out to inherit
; LEVEL =
; Whether to enable automated log rotate (switch of following options).
LOG_ROTATE = true
; Segment log daily
; Whether to segment log files daily.
DAILY_ROTATE = true
; Max size shift of single file, default is 28 means 1 << 28, 256MB
; The maximum size shift of single file, default is 28 means 1 << 28 = 256MB.
MAX_SIZE_SHIFT = 28
; Max line number of single file
; The maximum number of lines of single file.
MAX_LINES = 1000000
; Expired days of log file (delete after max days)
; The expired days of log file (delete after max days).
MAX_DAYS = 7
; For "slack" mode only
[log.slack]
; leave empty to inherit
LEVEL =
; Comment out to inherit
; LEVEL =
; Webhook URL
URL =
[log.discord]
; leave empty to inherit
LEVEL =
; Comment out to inherit
; LEVEL =
; Webhook URL
URL =
; Username displayed in webhook
USERNAME = %(APP_NAME)s
; The username to be displayed in notification.
USERNAME = %(BRAND_NAME)s
[log.xorm]
; Enable file rotation
@ -367,14 +401,24 @@ MAX_SIZE = 100
; Maximum days to keep logger files
MAX_DAYS = 3
[log.gorm]
; Whether to enable file rotation.
ROTATE = true
; Whether to rotate file every day.
ROTATE_DAILY = true
; The maximum file size in MB before next rotate.
MAX_SIZE = 100
; The maximum days to keep files.
MAX_DAYS = 3
[cron]
; Enable running cron tasks periodically.
ENABLED = true
; Run cron tasks when Gogs starts.
RUN_AT_START = false
; Update mirrors
[cron.update_mirrors]
; Defines how often the mirror syncer checks if any mirror needs to be synchronized (based on the mirror update interval).
SCHEDULE = @every 10m
; Repository health check
@ -400,12 +444,12 @@ OLDER_THAN = 24h
[git]
; Disables highlight of added and removed changes
DISABLE_DIFF_HIGHLIGHT = false
; Max number of files shown in diff view
MAX_GIT_DIFF_FILES = 100
; Max number of lines allowed of a single file in diff view
MAX_GIT_DIFF_LINES = 1000
; Max number of characters of a line allowed in diff view
MAX_GIT_DIFF_LINE_CHARACTERS = 500
; Max number of files shown in diff view
MAX_GIT_DIFF_FILES = 100
MAX_GIT_DIFF_LINE_CHARACTERS = 2000
; Arguments for command 'git gc', e.g. "--aggressive --auto"
; see more on http://git-scm.com/docs/git-gc/1.7.5
GC_ARGS =
@ -416,10 +460,12 @@ MIGRATE = 600
MIRROR = 300
CLONE = 300
PULL = 300
DIFF = 60
GC = 60
[mirror]
; Default interval in hours between each check
; Defines the default interval (in hours) until the next sync for a mirror (after a successful mirror sync).
; It can be overridden individually for each mirror repository in the settings.
DEFAULT_INTERVAL = 8
[api]
@ -458,9 +504,23 @@ NEWS_FEED_PAGING_NUM = 20
; Number of commits that are showed in one page
COMMITS_PAGING_NUM = 30
[prometheus]
; Whether to enable Prometheus metrics.
ENABLED = false
; Whether to enable HTTP Basic Authentication to protect metrics data.
ENABLE_BASIC_AUTH = false
; The username for HTTP Basic Authentication.
BASIC_AUTH_USERNAME =
; The password for HTTP Basic Authentication.
BASIC_AUTH_PASSWORD =
; Extension mapping to highlight class
; e.g. .toml=ini
[highlight.mapping]
[i18n]
LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR,gl-ES,uk-UA,en-GB,hu-HU,sk-SK,id-ID,fa-IR,vi-VN
NAMES = English,简体中文,繁體中文(香港),繁體中文(臺灣),Deutsch,français,Nederlands,latviešu,русский,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어,galego,українська,English (United Kingdom),Magyar,Slovenčina,Indonesian,Persian,Vietnamese
LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR,gl-ES,uk-UA,en-GB,hu-HU,sk-SK,id-ID,fa-IR,vi-VN,pt-PT
NAMES = English,简体中文,繁體中文(香港),繁體中文(臺灣),Deutsch,français,Nederlands,latviešu,русский,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어,galego,українська,English (United Kingdom),Magyar,Slovenčina,Indonesian,Persian,Vietnamese,português
; Used for datetimepicker
[i18n.datelang]
@ -493,14 +553,9 @@ sk-SK = sk
id-ID = id
fa-IR = fa
vi-VN = vi
; Extension mapping to highlight class
; e.g. .toml=ini
[highlight.mapping]
pt-PT = pt
[other]
SHOW_FOOTER_BRANDING = false
; Show version information about Gogs and Go in the footer
SHOW_FOOTER_VERSION = true
; Show time of template execution in the footer
SHOW_FOOTER_TEMPLATE_LOAD_TIME = true

11
conf/arm.src
View file

@ -1,11 +0,0 @@
SOURCE_URL=https://github.com/gogits/gogs/releases/download/v0.11.79/raspi2_armv6.zip
SOURCE_SUM=a7d17f6dc542fd2d88f884271bca9c62729fbd725fdb310616b2987dba382631
# (Optional) Program to check the integrity (sha256sum, md5sum...)
# default: sha256
SOURCE_SUM_PRG=sha256sum
# (Optional) Archive format
# default: tar.gz
SOURCE_FORMAT=zip
# (Optional) Put false if sources are directly in the archive root
# default: true
SOURCE_IN_SUBDIR=true

5
conf/armhf.src Normal file
View file

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/gogs/gogs/releases/download/v0.12.3/gogs_0.12.3_linux_armv7.zip
SOURCE_SUM=9116d4f1baf6a47dc3a47cfce8f435ad77f7939f2e80323f31382913e895ab35
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=true

10
conf/i386.src
View file

@ -1,11 +1,5 @@
SOURCE_URL=https://github.com/gogits/gogs/releases/download/v0.11.79/linux_386.zip
SOURCE_SUM=ad1a89eb01723a4b289b7b8773fd018f78b0dad801101f27c1af0f2d649edeeb
# (Optional) Program to check the integrity (sha256sum, md5sum...)
# default: sha256
SOURCE_URL=https://github.com/gogs/gogs/releases/download/v0.12.3/gogs_0.12.3_linux_386.zip
SOURCE_SUM=bcf7a31ad61865217eca93f4d90ede15837c857accb2394782ebf4a7805e1cbc
SOURCE_SUM_PRG=sha256sum
# (Optional) Archive format
# default: tar.gz
SOURCE_FORMAT=zip
# (Optional) Put false if sources are directly in the archive root
# default: true
SOURCE_IN_SUBDIR=true

2
conf/ldap.conf
View file

@ -2,7 +2,7 @@
#
id = 1
type = ldap_bind_dn
name = Yunohost LDAP
name = YunoHost LDAP
is_activated = true
[config]

14
conf/nginx.conf
View file

@ -1,15 +1,11 @@
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ {
proxy_pass http://localhost:__PORT__/;
proxy_set_header Host $host;
proxy_pass http://localhost:__PORT__/;
proxy_set_header Host $host;
proxy_buffering off;
fastcgi_param REMOTE_USER $remote_user;
client_max_body_size 200M;
# Force https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
fastcgi_param REMOTE_USER $remote_user;
client_max_body_size 200M;
proxy_set_header X-Real-IP $remote_addr;
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;

50
conf/systemd.service
View file

@ -1,24 +1,48 @@
[Unit]
Description=Gogs (Go Git Service)
After=syslog.target
After=network.target
After=mysql.service
After=slapd.service
After=syslog.target network.target mysql.service slapd.service redis.service
[Service]
# Modify these two values and uncomment them if you have
# repos with lots of files and get an HTTP error 500 because
# of that
###
#LimitMEMLOCK=infinity
#LimitNOFILE=65535
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=/home/__APP__
ExecStart=/opt/__APP__/gogs web
WorkingDirectory=__DATADIR__
ExecStart=__FINALPATH__/gogs web
Restart=always
Environment=USER=__APP__ HOME=/home/__APP__
Environment=USER=__APP__ HOME=__DATADIR__
[Install]
WantedBy=multi-user.target
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install]
WantedBy=multi-user.target

11
conf/x86-64.src
View file

@ -1,11 +0,0 @@
SOURCE_URL=https://github.com/gogits/gogs/releases/download/v0.11.79/linux_amd64.zip
SOURCE_SUM=85f60494de63e6c4af16faba9bc739eb7c9e5477de1f16d11c6665495141162f
# (Optional) Program to check the integrity (sha256sum, md5sum...)
# default: sha256
SOURCE_SUM_PRG=sha256sum
# (Optional) Archive format
# default: tar.gz
SOURCE_FORMAT=zip
# (Optional) Put false if sources are directly in the archive root
# default: true
SOURCE_IN_SUBDIR=true

14
doc/DESCRIPTION.md Normal file
View file

@ -0,0 +1,14 @@
Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its particularity is that it is light and can run on an ARM card, which makes it suitable for self-hosting. Gogs has a web interface similar to that of GitHub.
### Features
- User dashboard, user profile and activity timeline.
- User, organization and repository management.
- Repository and organization webhooks, including Slack, Discord and Dingtalk.
- Repository Git hooks, deploy keys and Git LFS.
- Repository issues, pull requests, wiki, protected branches and collaboration.
- Migrate and mirror repositories with wiki from other code hosts.
- Web editor for quick editing repository files and wiki.
- Jupyter Notebook and PDF rendering.
- Authentication via SMTP, LDAP.
- Customize HTML templates, static files and many others.

1
doc/DESCRIPTION_fr.md Normal file
View file

@ -0,0 +1 @@
Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go. Sa particularité est dêtre léger et pouvant fonctionner sur carte ARM, ce qui fait quil est adapté à lauto-hébergement. Gogs a une interface web similaire à celle de GitHub.

24
doc/DISCLAIMER.md Normal file
View file

@ -0,0 +1,24 @@
## Notes on SSH usage
If you want to use Gogs with SSH and be able to pull/push with you SSH key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs:
```bash
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
```
You also need to add your public key to your Gogs profile.
If you use SSH on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`:
```bash
Host domain.tld
port 2222 # change this with the port you use
```
## Private Mode
Actually it's possible to access to the Git repositories by the `git` command over HTTP also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings.

BIN
doc/screenshots/screenshot.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 69 KiB

43
manifest.json
View file

@ -3,15 +3,22 @@
"id": "gogs",
"packaging_format": 1,
"description": {
"en": "Lightweight Git forge",
"fr": "Forge Git légère"
"en": "Lightweight self-hosted Git forge",
"fr": "Forge Git légère auto-hébergé"
},
"version": "0.12.3~ynh1",
"url": "http://gogs.io",
"upstream": {
"license": "MIT",
"website": "http://gogs.io",
"demo": "https://try.gogs.io/user/login",
"admindoc": "https://gogs.io/docs",
"code": "https://github.com/gogs/gogs"
},
"license": "MIT",
"version": "0.11.66~ynh2",
"maintainer": {
"name": "Josué Tille",
"email": "josue@tille.ch"
"name": "",
"email": ""
},
"previous_maintainers": {
"name": "tostaki",
@ -23,44 +30,30 @@
"mysql"
],
"requirements": {
"yunohost": ">= 3.8.1"
"yunohost": ">= 4.3.0"
},
"arguments": {
"install" : [
{
"name": "domain",
"type": "domain",
"ask": {
"en": "Choose a domain for Gogs",
"fr": "Choisissez un domaine pour Gogs"
},
"example": "domain.org"
"type": "domain"
},
{
"name": "path",
"type": "path",
"ask": {
"en": "Choose a path for Gogs",
"fr": "Choisissez un chemin pour Gogs"
},
"example": "/gogs",
"default": "/gogs"
},
{
"name": "admin",
"type": "user",
"ask": {
"en": "Choose the Gogs administrator (must be an existing YunoHost user)",
"fr": "Choisissez l'administrateur de Gogs (doit être un utilisateur YunoHost existant)"
},
"example": "johndoe"
"type": "user"
},
{
"name": "is_public",
"type": "boolean",
"ask": {
"en": "Is it a public site?",
"fr": "Est-ce un site public ?"
"help": {
"en": "If enabled, Gogs will be accessible by people who do not have an account. This can be changed later via the webadmin.",
"fr": "Si cette case est cochée, Gogs sera accessible aux personnes nayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin."
},
"default": true
}

113
scripts/_common.sh
View file

@ -1,108 +1,17 @@
#=================================================
# SET ALL CONSTANTS
#=================================================
app=$YNH_APP_INSTANCE_NAME
dbname=$app
dbuser=$app
final_path="/opt/$app"
DATADIR="/home/$app"
REPO_PATH="$DATADIR/repositories"
DATA_PATH="$DATADIR/data"
# Detect the system architecture to download the right tarball
# NOTE: `uname -m` is more accurate and universal than `arch`
# See https://en.wikipedia.org/wiki/Uname
if [ -n "$(uname -m | grep 64)" ]; then
architecture="x86-64"
elif [ -n "$(uname -m | grep 86)" ]; then
architecture="i386"
elif [ -n "$(uname -m | grep arm)" ]; then
architecture="arm"
else
ynh_die "Unable to detect your achitecture, please open a bug describing \
your hardware and the result of the command \"uname -m\"." 1
fi
#!/bin/bash
#=================================================
# DEFINE ALL COMMON FONCTIONS
# COMMON VARIABLES
#=================================================
create_dir() {
mkdir -p "$final_path/data"
mkdir -p "$final_path/custom/conf/auth.d"
mkdir -p "$DATA_PATH/avatars"
mkdir -p "$DATA_PATH/attachments"
mkdir -p "/var/log/$app"
}
#=================================================
# PERSONAL HELPERS
#=================================================
config_nginx() {
if [ "$path_url" != "/" ]
then
ynh_replace_string "^#sub_path_only" "" "../conf/nginx.conf"
fi
ynh_add_nginx_config
}
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
config_gogs() {
ynh_backup_if_checksum_is_different "$final_path/custom/conf/app.ini"
ynh_backup_if_checksum_is_different "$final_path/custom/conf/auth.d/ldap.conf"
cp ../conf/app.ini "$final_path/custom/conf"
cp ../conf/ldap.conf "$final_path/custom/conf/auth.d/ldap.conf"
if [ "$path_url" = "/" ]
then
ynh_replace_string "__URL__" "$domain" "$final_path/custom/conf/app.ini"
else
ynh_replace_string "__URL__" "$domain${path_url%/}" "$final_path/custom/conf/app.ini"
fi
ynh_replace_string "__REPOS_PATH__" "$REPO_PATH" "$final_path/custom/conf/app.ini"
ynh_replace_string "__DB_PASSWORD__" "$dbpass" "$final_path/custom/conf/app.ini"
ynh_replace_string "__DB_USER__" "$dbuser" "$final_path/custom/conf/app.ini"
ynh_replace_string "__DOMAIN__" "$domain" "$final_path/custom/conf/app.ini"
ynh_replace_string "__KEY__" "$key" "$final_path/custom/conf/app.ini"
ynh_replace_string "__DATA_PATH__" "$DATA_PATH" "$final_path/custom/conf/app.ini"
ynh_replace_string "__PORT__" $port "$final_path/custom/conf/app.ini"
ynh_replace_string "__APP__" $app "$final_path/custom/conf/app.ini"
if [[ "$is_public" = '1' ]]
then
ynh_replace_string "__PRIVATE_MODE__" "false" "$final_path/custom/conf/app.ini"
else
ynh_replace_string "__PRIVATE_MODE__" "true" "$final_path/custom/conf/app.ini"
fi
ynh_replace_string "__ADMIN__" "$admin" "$final_path/custom/conf/auth.d/ldap.conf"
ynh_store_file_checksum "$final_path/custom/conf/app.ini"
ynh_store_file_checksum "$final_path/custom/conf/auth.d/ldap.conf"
}
set_permission() {
chown -R $app:$app "$final_path"
chown -R $app:$app "/home/$app"
chown -R $app:$app "/var/log/$app"
chmod u=rwX,g=rX,o= "$final_path"
chmod u=rwX,g=rX,o= "/home/$app"
chmod u=rwX,g=rX,o= "/var/log/$app"
}
set_access_settings() {
if [ "$is_public" = '1' ]
then
ynh_app_setting_set $app unprotected_uris "/"
else
# For an access to the git server by https in private mode we need to allow the access to theses URL :
# - "DOMAIN/PATH/USER/REPOSITORY/info/refs"
# - "DOMAIN/PATH/USER/REPOSITORY/git-upload-pack"
# - "DOMAIN/PATH/USER/REPOSITORY/git-receive-pack"
excaped_domain=${domain//'.'/'%.'}
excaped_domain=${excaped_domain//'-'/'%-'}
excaped_path=${path_url//'.'/'%.'}
excaped_path=${excaped_path//'-'/'%-'}
ynh_app_setting_set $app skipped_regex "$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-receive%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-upload%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/info/refs"
fi
}
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================

82
scripts/backup
View file

@ -3,36 +3,80 @@
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
# Exit if an error occurs during the execution of the script
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_abort_if_errors
# Load common variables and helpers
source ../settings/scripts/experimental_helper.sh
source ../settings/scripts/_common.sh
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# STANDARD BACKUP STEPS
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
# Copy the app source files
ynh_backup "$final_path"
ynh_backup --src_path="$final_path"
# Copy the data files
ynh_backup "$DATADIR"
#=================================================
# BACKUP THE DATA DIR
#=================================================
# Copy the conf files
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf"
ynh_backup "/etc/systemd/system/${app}.service"
ynh_backup --src_path="$datadir" --is_big
# Backup logs
ynh_backup "/var/log/$app"
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
# Dump the database
ynh_mysql_dump_db "$dbname" > ./db.sql
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP LOGROTATE
#=================================================
ynh_backup --src_path="/etc/logrotate.d/$app"
#=================================================
# BACKUP SYSTEMD
#=================================================
ynh_backup --src_path="/etc/systemd/system/$app.service"
#=================================================
# BACKUP VARIOUS FILES
#=================================================
ynh_backup --src_path="/var/log/$app"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_print_info --message="Backing up the MySQL database..."
ynh_mysql_dump_db --database="$db_name" > db.sql
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

157
scripts/change_url
View file

@ -1,52 +1,149 @@
#!/bin/bash
#=================================================
# GENERIC START
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# IMPORT GENERIC HELPERS
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN
new_path=$YNH_APP_NEW_PATH
app=$YNH_APP_INSTANCE_NAME
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port)
admin=$(ynh_app_setting_get --app=$app --key=admin)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
key=$(ynh_app_setting_get --app=$app --key=key)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
path_url=$(ynh_app_setting_get --app=$app --key=path)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
# Import common cmd
source ./experimental_helper.sh
source ./_common.sh
#=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED
#=================================================
# RETRIEVE ARGUMENTS
old_domain=$YNH_APP_OLD_DOMAIN
domain=$YNH_APP_NEW_DOMAIN
path_url=$(ynh_normalize_url_path ${YNH_APP_NEW_PATH:-'/'})
app=$YNH_APP_INSTANCE_NAME
change_domain=0
if [ "$old_domain" != "$new_domain" ]
then
change_domain=1
fi
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
admin=$(ynh_app_setting_get "$app" adminusername)
key=$(ynh_app_setting_get "$app" secret_key)
port=$(ynh_app_setting_get "$app" web_port)
is_public=$(ynh_app_setting_get "$app" is_public)
change_path=0
if [ "$old_path" != "$new_path" ]
then
change_path=1
fi
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=2
# Change the domain for nginx
if [ "$old_domain" != "$domain" ]
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=3
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the NGINX config file
if [ $change_path -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum "/etc/nginx/conf.d/$old_domain.d/$app.conf"
mv "/etc/nginx/conf.d/$old_domain.d/$app.conf" "/etc/nginx/conf.d/$domain.d/$app.conf"
# Store file checksum for the new config file location
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
# Make a backup of the original NGINX config file if modified
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
# Set global variables for NGINX helper
domain="$old_domain"
path_url="$new_path"
# Create a dedicated NGINX config
ynh_add_nginx_config
fi
config_nginx
# Change the domain for NGINX
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum --file="$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
# Update gogs config
config_gogs
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
# RELOAD services
ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log"
sleep 1
if [ "$path_url" = "/" ]
then
url="$new_domain"
else
url="$new_domain${new_path%/}"
fi
domain=$new_domain
ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/conf/app.ini"
chmod 400 "$final_path/custom/conf/app.ini"
chown $app:$app "$final_path/custom/conf/app.ini"
#=================================================
# GENERIC FINALISATION
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=2
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Change of URL completed for $app" --last

61
scripts/experimental_helper.sh
View file

@ -1,61 +0,0 @@
# Delete a file checksum from the app settings
#
# $app should be defined when calling this helper
#
# usage: ynh_remove_file_checksum file
# | arg: file - The file for which the checksum will be deleted
ynh_delete_file_checksum () {
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_delete $app $checksum_setting_name
}
# Start or restart a service and follow its booting
#
# usage: ynh_check_starting "Line to match" [Log file] [Timeout] [Service name]
#
# | arg: Line to match - The line to find in the log to attest the service have finished to boot.
# | arg: Log file - The log file to watch
# | arg: Service name
# /var/log/$app/$app.log will be used if no other log is defined.
# | arg: Timeout - The maximum time to wait before ending the watching. Defaut 300 seconds.
ynh_check_starting () {
local line_to_match="$1"
local service_name="${4:-$app}"
local app_log="${2:-/var/log/$service_name/$service_name.log}"
local timeout=${3:-300}
ynh_clean_check_starting () {
# Stop the execution of tail.
kill -s 15 $pid_tail 2>&1
ynh_secure_remove "$templog" 2>&1
}
echo "Starting of $service_name" >&2
systemctl stop $service_name
local templog="$(mktemp)"
# Following the starting of the app in its log
tail -F -n0 "$app_log" > "$templog" &
# Get the PID of the tail command
local pid_tail=$!
systemctl start $service_name
local i=0
for i in `seq 1 $timeout`
do
# Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
if grep --quiet "$line_to_match" "$templog"
then
echo "The service $service_name has correctly started." >&2
break
fi
echo -n "." >&2
sleep 1
done
if [ $i -eq $timeout ]
then
echo "The service $service_name didn't fully started before the timeout." >&2
fi
echo ""
ynh_clean_check_starting
}

204
scripts/install
View file

@ -3,91 +3,193 @@
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
# Load common variables and helpers
source ./experimental_helper.sh
source ./_common.sh
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path_url=$(ynh_normalize_url_path $YNH_APP_ARG_PATH)
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
# Check domain/path availability
ynh_webpath_available $domain $path_url || ynh_die "$domain is not available as domain, please use an other domain."
ynh_webpath_register $app $domain $path_url
# Check user parameter
ynh_user_exists "$admin" \
|| ynh_die "The chosen admin user does not exist."
# Check Final Path availability
test ! -e "$final_path" || ynh_die "This path already contains a folder"
# Generate random password and key
dbpass=$(ynh_string_random)
architecture=$YNH_ARCH
key=$(ynh_string_random)
# Find available ports
port=$(ynh_find_port 6000)
app=$YNH_APP_INSTANCE_NAME
# Store Settings
ynh_app_setting_set $app mysqlpwd $dbpass
ynh_app_setting_set $app adminusername $admin
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set $app secret_key $key
ynh_app_setting_set $app web_port $port
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=1
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=key --value=$key
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding an available port..." --weight=1
# Initialize database and store mysql password for upgrade
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
# Find an available port
port=$(ynh_find_port --port=6000)
ynh_app_setting_set --app=$app --key=port --value=$port
# Add users
# We can't use the official helper because we need to set the shell for the login
test getent passwd "$app" &>/dev/null || \
useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \
ynh_die "Unable to create $app system account"
#=================================================
# CREATE A MYSQL DATABASE
#=================================================
ynh_script_progression --message="Creating a MySQL database..." --weight=3
db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=3
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir=$final_path --source_id="$architecture"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# CREATE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Creating a data directory..." --weight=1
datadir=/home/yunohost.app/$app
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
mkdir -p $datadir
# create needed directories
create_dir
mkdir -p "$final_path/custom/conf/auth.d"
mkdir -p "$datadir/data/repositories"
mkdir -p "$datadir/data/avatars"
mkdir -p "$datadir/data/attachments"
# Install Gogs
ynh_setup_source $final_path $architecture
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
# Configure gogs with app.ini file
config_gogs
#=================================================
# MODIFY A CONFIG FILE
#=================================================
if [ "$path_url" = "/" ]
then
url="$domain"
else
url="$domain${path_url%/}"
fi
ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/conf/app.ini"
chmod 400 "$final_path/custom/conf/app.ini"
chown $app:$app "$final_path/custom/conf/app.ini"
ynh_add_config --template="../conf/ldap.conf" --destination="$final_path/custom/conf/auth.d/ldap.conf"
# Configure init script
ynh_add_systemd_config
# Modify Nginx configuration file and copy it to Nginx conf directory
config_nginx
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=2
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1
# Set permissions
set_permission
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
# Unprotect root from SSO if public
set_access_settings
chown -R $app:$app "/var/log/$app"
chmod u=rwX,g=rX,o= "/var/log/$app"
# Add Gogs to YunoHost's monitored services
yunohost service add "$app" --log "/var/log/$app/$app.log"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
# Configure logrotate
ynh_use_logrotate "/var/log/$app"
yunohost service add $app --description="Lightweight Git forge" --log="/var/log/$app/$app.log"
# Reload services
ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=3
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary or protect it
if [ $is_public -eq 1 ]
then
ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last

102
scripts/remove
View file

@ -3,44 +3,102 @@
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
# Load common variables and helpers
source ./experimental_helper.sh
source ./_common.sh
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
port=$(ynh_app_setting_get --app=$app --key=port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# STANDARD REMOVE
#=================================================
# REMOVE SERVICE INTEGRATION IN YUNOHOST
#=================================================
# Stop gogs
systemctl stop "$app".service
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status $app >/dev/null
then
ynh_script_progression --message="Removing $app service integration..." --weight=1
yunohost service remove $app
fi
# Drop MySQL database and user
ynh_mysql_drop_db "$dbname" 2>/dev/null
ynh_mysql_drop_user "$dbuser" 2>/dev/null
#=================================================
# STOP AND REMOVE SERVICE
#=================================================
ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
# Retrieve domain from app settings
domain=$(ynh_app_setting_get "$app" domain)
# Remove the dedicated systemd config
ynh_remove_systemd_config
# Delete app directory and configurations
ynh_secure_remove "$final_path"
ynh_secure_remove "$DATADIR"
ynh_secure_remove "/var/log/$app"
#=================================================
# REMOVE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Removing the MySQL database..." --weight=2
# Remove a database if it exists, along with the associated user
ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory..." --weight=3
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE DATA DIR
#=================================================
# Remove the app data directory with the command `yunohost app remove gogs --purge`
if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
then
ynh_script_progression --message="Removing $app data directory..." --weight=2
ynh_secure_remove --file="$datadir"
fi
ynh_secure_remove --file="/var/log/$app"
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Removing logrotate configuration..." --weight=1
# Remove the app-specific logrotate config
ynh_remove_logrotate
# Remove nginx config
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
# Remove the dedicated NGINX config
ynh_remove_nginx_config
# Remove gogs user and data
ynh_system_user_delete $app
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user..." --weight=1
# Remove init script
ynh_remove_systemd_config
# Delete a system user
ynh_system_user_delete --username=$app
# Remove monitor
yunohost service remove "$app"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Removal of $app completed" --last

146
scripts/restore
View file

@ -3,67 +3,135 @@
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
# Load common variables and helpers
source ../settings/scripts/experimental_helper.sh
source ../settings/scripts/_common.sh
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
# Retrieve old app settings
domain=$(ynh_app_setting_get "$app" domain)
path_url=$(ynh_app_setting_get "$app" path)
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
admin=$(ynh_app_setting_get "$app" adminusername)
app=$YNH_APP_INSTANCE_NAME
# Check domain/path availability with app helper
ynh_webpath_available $domain $path_url || ynh_die "$domain is not available as domain, please use an other domain."
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
admin=$(ynh_app_setting_get --app=$app --key=admin)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
# Check user parameter
ynh_user_exists "$admin" \
|| ynh_die "The chosen admin user does not exist."
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=2
# Check Final Path availability
test ! -e "$final_path" || ynh_die "This path already contains a folder"
test ! -d $final_path || ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1
# Add users
# We can't use the official helper because we need to set the shell for the login
test getent passwd "$app" &>/dev/null || \
useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \
ynh_die "Unable to create $app system account"
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
# Restore all files
ynh_restore
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
# Create and restore the database
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./db.sql
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
# Restore systemd files
systemctl daemon-reload
systemctl enable "$app".service
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring $app main directory..." --weight=10
ynh_restore_file --origin_path="$final_path"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# RESTORE THE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Restoring the data directory..." --weight=1
ynh_restore_file --origin_path="$datadir" --not_mandatory
mkdir -p $datadir
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
#=================================================
# RESTORE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the MySQL database..." --weight=3
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Restoring the systemd configuration..." --weight=5
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
ynh_restore_file --origin_path="/var/log/$app"
chown -R $app:$app "/var/log/$app"
chmod u=rwX,g=rX,o= "/var/log/$app"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="Lightweight Git forge" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=3
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
# Set permissions
set_permission
ynh_systemd_action --service_name=nginx --action=reload
# Configure logrotate
ynh_use_logrotate "/var/log/$app"
#=================================================
# END OF SCRIPT
#=================================================
# Add Gogs to YunoHost's monitored services
yunohost service add "$app" --log /var/log/"$app"/"$app".log
# Reload services
systemctl reload nginx.service
ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log"
ynh_script_progression --message="Restoration completed for $app" --last

184
scripts/upgrade
View file

@ -3,118 +3,146 @@
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
# Load common variables and helpers
source ./experimental_helper.sh
source ./_common.sh
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
path_url=$(ynh_normalize_url_path $(ynh_app_setting_get "$app" path))
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
admin=$(ynh_app_setting_get "$app" adminusername)
key=$(ynh_app_setting_get "$app" secret_key)
is_public=$(ynh_app_setting_get "$app" is_public)
port=$(ynh_app_setting_get "$app" web_port)
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
admin=$(ynh_app_setting_get --app=$app --key=admin)
port=$(ynh_app_setting_get --app=$app --key=port)
architecture=$YNH_ARCH
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Stop service
systemctl stop "$app".service
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# MIGRATION FROM OLD VERSION
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# Update settings is_public to new standard
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set $app is_public 1 # Fixe is_public en booléen
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set $app is_public 0
is_public=0
# Cleaning legacy permissions
if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app=$app --key=is_public
fi
if [[ $port == "" ]]
then
port=$(ynh_find_port 6000)
ynh_app_setting_set $app web_port $port
fi
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=2
# handle upgrade from old package installation
# this test that /etc/gogs exist since this was used in the old package
# but not in the new
# this code will be removed in the future
if [ -d "/etc/gogs" ]
then
# create needed directories if not already created
create_dir
# move repositories to new dir
old_repo_path=$(ynh_app_setting_get "$app" repopath)
mv "${old_repo_path:-/home/yunohost.app/gogs}"/* "$REPO_PATH" || true # Avoid if the directory is empty
# cleanup old dir and conf
ynh_secure_remove /opt/gogs
ynh_secure_remove /etc/gogs
ynh_secure_remove /opt/gogs_src
# create needed directories if not already created
create_dir
fi
# end of old package upgrade
# test if user gogs is locked because of an old installation of the package.
# if it's blocked, unlock it to allow ssh usage with git
if [[ $(grep "$app" /etc/shadow | cut -d: -f2) == '!' ]]
then
usermod -p '*' "$app"
fi
# Remove old authentification mecanisme, actually the registry in the database has been replaced by a config file
if [[ ! -e "$final_path/custom/conf/auth.d/ldap.conf" ]]
then
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "DELETE FROM login_source WHERE name = 'Yunohost LDAP';"
mkdir -p "$final_path/custom/conf/auth.d"
fi
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# Clean template to fix issue : https://github.com/gogits/gogs/issues/4585
ynh_secure_remove "/opt/gogs/templates"
ynh_secure_remove --file="$final_path/templates"
# Install Gogs
ynh_setup_source $final_path $architecture
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=3
# Configure gogs with app.ini file
config_gogs
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir=$final_path --source_id="$architecture" --keep="$final_path/custom/conf/app.ini $final_path/custom/conf/auth.d/ldap.conf"
# Configure init script
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config
# Modify Nginx configuration file and copy it to Nginx conf directory
config_nginx
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1
# Unprotect root from SSO if public
set_access_settings
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
# Set permissions
set_permission
chown -R $app:$app "/var/log/$app"
chmod u=rwX,g=rX,o= "/var/log/$app"
# Reload services
ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
yunohost service add $app --description="Lightweight Git forge" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last