1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/gogs_ynh.git synced 2024-09-03 20:36:23 +02:00

Merge pull request #48 from YunoHost-Apps/testing

Testing
This commit is contained in:
Éric Gaspar 2021-11-29 16:13:35 +01:00 committed by GitHub
commit 880bf59f0c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
29 changed files with 1406 additions and 919 deletions

17
.gitattributes vendored
View file

@ -1,17 +0,0 @@
# Auto detect text files and perform LF normalization
* text=auto
# Custom for Visual Studio
*.cs diff=csharp
# Standard to msysgit
*.doc diff=astextplain
*.DOC diff=astextplain
*.docx diff=astextplain
*.DOCX diff=astextplain
*.dot diff=astextplain
*.DOT diff=astextplain
*.pdf diff=astextplain
*.PDF diff=astextplain
*.rtf diff=astextplain
*.RTF diff=astextplain

135
.github/workflows/updater.sh vendored Executable file
View file

@ -0,0 +1,135 @@
#!/bin/bash
#=================================================
# PACKAGE UPDATING HELPER
#=================================================
# This script is meant to be run by GitHub Actions
# The YunoHost-Apps organisation offers a template Action to run this script periodically
# Since each app is different, maintainers can adapt its contents so as to perform
# automatic actions when a new upstream release is detected.
# Remove this exit command when you are ready to run this Action
#exit 1
#=================================================
# FETCHING LATEST RELEASE AND ITS ASSETS
#=================================================
# Fetching information
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
# Later down the script, we assume the version has only digits and dots
# Sometimes the release name starts with a "v", so let's filter it out.
# You may need more tweaks here if the upstream repository has different naming conventions.
if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
version=${version:1}
fi
# Setting up the environment variables
echo "Current version: $current_version"
echo "Latest release from upstream: $version"
echo "VERSION=$version" >> $GITHUB_ENV
# For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update"
exit 0
fi
# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.)
echo "${#assets[@]} available asset(s)"
#=================================================
# UPDATE SOURCE FILES
#=================================================
# Here we use the $assets variable to get the resources published in the upstream release.
# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like.
# Let's loop over the array of assets URLs
for asset_url in ${assets[@]}; do
echo "Handling asset at $asset_url"
# Assign the asset to a source file in conf/ directory
# Here we base the source file name upon a unique keyword in the assets url (admin vs. update)
# Leave $src empty to ignore the asset
case $asset_url in
*"gogs_"*"_linux_amd64.zip")
src="amd64"
;;
*"gogs_"*"_linux_armv7.zip")
src="armhf"
;;
*"gogs_"*"_linux_386.zip")
src="i386"
;;
esac
# If $src is not empty, let's process the asset
if [ ! -z "$src" ]; then
# Create the temporary directory
tempdir="$(mktemp -d)"
# Download sources and calculate checksum
filename=${asset_url##*/}
curl --silent -4 -L $asset_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Delete temporary directory
rm -rf $tempdir
# Get extension
if [[ $filename == *.tar.gz ]]; then
extension=tar.gz
else
extension=${filename##*.}
fi
# Rewrite source file
cat <<EOT > conf/$src.src
SOURCE_URL=$asset_url
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true
EOT
echo "... conf/$src.src updated"
else
echo "... asset ignored"
fi
done
#=================================================
# SPECIFIC UPDATE STEPS
#=================================================
# Any action on the app's source code can be done.
# The GitHub Action workflow takes care of committing all changes after this script ends.
#=================================================
# GENERIC FINALIZATION
#=================================================
# Replace new version in manifest
echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
# No need to update the README, yunohost-bot takes care of it
# The Action will proceed only if the PROCEED environment variable is set to true
echo "PROCEED=true" >> $GITHUB_ENV
exit 0

49
.github/workflows/updater.yml vendored Normal file
View file

@ -0,0 +1,49 @@
# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
# This file should be enough by itself, but feel free to tune it to your needs.
# It calls updater.sh, which is where you should put the app-specific update steps.
name: Check for new upstream releases
on:
# Allow to manually trigger the workflow
workflow_dispatch:
# Run it every day at 6:00 UTC
schedule:
- cron: '0 6 * * *'
jobs:
updater:
runs-on: ubuntu-latest
steps:
- name: Fetch the source code
uses: actions/checkout@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run the updater script
id: run_updater
run: |
# Setting up Git user
git config --global user.name 'yunohost-bot'
git config --global user.email 'yunohost-bot@users.noreply.github.com'
# Run the updater script
/bin/bash .github/workflows/updater.sh
- name: Commit changes
id: commit
if: ${{ env.PROCEED == 'true' }}
run: |
git commit -am "Upgrade to v$VERSION"
- name: Create Pull Request
id: cpr
if: ${{ env.PROCEED == 'true' }}
uses: peter-evans/create-pull-request@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Update to version ${{ env.VERSION }}
committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
signoff: false
base: testing
branch: ci-auto-update-v${{ env.VERSION }}
delete-branch: true
title: 'Upgrade to version ${{ env.VERSION }}'
body: |
Upgrade to v${{ env.VERSION }}
draft: false

50
.gitignore vendored
View file

@ -1,50 +0,0 @@
# Windows image file caches
Thumbs.db
ehthumbs.db
# Folder config file
Desktop.ini
# Recycle Bin used on file shares
$RECYCLE.BIN/
# Windows Installer files
*.cab
*.msi
*.msm
*.msp
# Windows shortcuts
*.lnk
# =========================
# Operating System Files
# =========================
# OSX
# =========================
.DS_Store
.AppleDouble
.LSOverride
# Thumbnails
._*
# Files that might appear on external disk
.Spotlight-V100
.Trashes
# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk
# From kateproject
.kateproject
.kateproject.d
.directory
*.tar.gz

113
README.md
View file

@ -1,47 +1,49 @@
# Gogs package for YunoHost <!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
It shall NOT be edited by hand.
-->
Gogs is a self-hosted Git service written in Go. Alternative to Github. # Gogs for YunoHost
- [Gogs website](http://gogs.io)
[![Integration level](https://dash.yunohost.org/integration/gogs.svg)](https://ci-apps.yunohost.org/jenkins/job/gogs%20%28Community%29/lastBuild/consoleFull) [![Integration level](https://dash.yunohost.org/integration/gogs.svg)](https://dash.yunohost.org/appci/app/gogs) ![](https://ci-apps.yunohost.org/ci/badges/gogs.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/gogs.maintain.svg)
[![Install Gogs with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=gogs)
[![Install Gogs with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=gogs) *[Lire ce readme en français.](./README_fr.md)*
# IMPORTANT INFORMATION > *This package allows you to install Gogs quickly and simply on a YunoHost server.
If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
**Note that this package will not be longer be maintened by the actual maintener. ## Overview
The idea is to migrate to [gitea](https://github.com/YunoHost-Apps/gitea_ynh) which is more featured.**
For the old install you can migrate to gitea easly by juste upgrading your actuall gogs instance with the gitea source by this command: Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its particularity is that it is light and can run on an ARM card, which makes it suitable for self-hosting. Gogs has a web interface similar to that of GitHub.
```
sudo yunohost app upgrade -u https://github.com/YunoHost-Apps/gitea_ynh gogs
```
**Note that this command contains some risk of data lost. So it's important to make a backup of the app before the install.**
To make a backup you can use this command:
```
sudo yunohost backup create --debug --apps gogs
```
For the new install just install gitea by this command: ### Features
```
sudo yunohost app install -l Gitea https://github.com/YunoHost-Apps/gitea_ynh
```
## Requirements - User dashboard, user profile and activity timeline.
A functional instance of [YunoHost](https://yunohost.org) - User, organization and repository management.
- Repository and organization webhooks, including Slack, Discord and Dingtalk.
- Repository Git hooks, deploy keys and Git LFS.
- Repository issues, pull requests, wiki, protected branches and collaboration.
- Migrate and mirror repositories with wiki from other code hosts.
- Web editor for quick editing repository files and wiki.
- Jupyter Notebook and PDF rendering.
- Authentication via SMTP, LDAP.
- Customize HTML templates, static files and many others.
## Installation
From the command-line:
`sudo yunohost app install -l Gogs https://github.com/YunoHost-Apps/gogs_ynh` **Shipped version:** 0.12.3~ynh1
## Upgrade **Demo:** https://try.gogs.io/user/login
From the command-line:
`sudo yunohost app upgrade -u https://github.com/YunoHost-Apps/gogs_ynh gogs` ## Screenshots
![](./doc/screenshots/screenshot.png)
## Disclaimers / important information
## Notes on SSH usage ## Notes on SSH usage
If you want to use Gogs with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs:
If you want to use Gogs with SSH and be able to pull/push with you SSH key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs:
```bash ```bash
PubkeyAuthentication yes PubkeyAuthentication yes
@ -53,51 +55,34 @@ UsePAM no
You also need to add your public key to your Gogs profile. You also need to add your public key to your Gogs profile.
If you use ssh on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`: If you use SSH on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`:
```bash ```bash
Host domain.tld Host domain.tld
port 2222 # change this with the port you use port 2222 # change this with the port you use
``` ```
## Info on upgrading from the old package version (gogs <0.9.xx)
Previous versions of this package used to build Gogs from sources instead of using the pre-compiled binary. It also left data in many places which was not good. The upgrade tries to take care of moving everything to the right place **BUT it's strongly advised to do a backup of your repositories and of the Gogs directory before the update**. Your avatars and issue attachments files may be lost in the process.
Also, in some cases, Gogs will not restart properly during the update. If so, you can rerun the update safely or try to start Gogs with `sudo systemctl restart gogs.service`.
Sources and issues of the old package can be found [here](https://github.com/YunoHost-Apps/gogs_ynh_old/)
## Info
Gogs v0.11.66
- [YunoHost forum thread](https://forum.yunohost.org/t/gogs-package-an-awesome-github-alternative/1127)
Architecture: this package is compatible with amd64, i386 and arm. The package will try to detect it with the command uname -m and fail if it can't detect the architecture. If that happens please open an issue describing your hardware and the result of the command `uname -m`.
## Private Mode ## Private Mode
Actually it's possible to access to the git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings.
## Issue Actually it's possible to access to the Git repositories by the `git` command over HTTP also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings.
Any issue is welcome here : https://github.com/YunoHost-Apps/gogs_ynh/issues ## Documentation and resources
## License * Official app website: http://gogs.io
Gogs is published under the MIT License: * Official admin documentation: https://gogs.io/docs
https://github.com/gogits/gogs/blob/master/LICENSE * Upstream app code repository: https://github.com/gogs/gogs
* YunoHost documentation for this app: https://yunohost.org/app_gogs
* Report a bug: https://github.com/YunoHost-Apps/gogs_ynh/issues
This package is published under the MIT License. ## Developer info
Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/gogs_ynh/tree/testing).
## Developper info To try the testing branch, please proceed like that.
Please do your pull requests to the `dev` branch.
Test or upgrade to dev version:
```bash
sudo su - admin
git clone -b dev https://github.com/YunoHost-Apps/gogs_ynh
# to install
sudo yunohost app install -l Gogs /home/admin/gogs_ynh
# to upgrade
sudo yunohost app upgrade -f /home/admin/gogs_ynh gogs
``` ```
sudo yunohost app install https://github.com/YunoHost-Apps/gogs_ynh/tree/testing --debug
or
sudo yunohost app upgrade gogs -u https://github.com/YunoHost-Apps/gogs_ynh/tree/testing --debug
```
**More info regarding app packaging:** https://yunohost.org/packaging_apps

71
README_fr.md Normal file
View file

@ -0,0 +1,71 @@
# Gogs pour YunoHost
[![Niveau d'intégration](https://dash.yunohost.org/integration/gogs.svg)](https://dash.yunohost.org/appci/app/gogs) ![](https://ci-apps.yunohost.org/ci/badges/gogs.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/gogs.maintain.svg)
[![Installer Gogs avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=gogs)
*[Read this readme in english.](./README.md)*
*[Lire ce readme en français.](./README_fr.md)*
> *Ce package vous permet d'installer Gogs rapidement et simplement sur un serveur YunoHost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
## Vue d'ensemble
Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go. Sa particularité est dêtre léger et pouvant fonctionner sur carte ARM, ce qui fait quil est adapté à lauto-hébergement. Gogs a une interface web similaire à celle de GitHub.
**Version incluse :** 0.12.3~ynh1
**Démo :** https://try.gogs.io/user/login
## Captures d'écran
![](./doc/screenshots/screenshot.png)
## Avertissements / informations importantes
## Notes on SSH usage
If you want to use Gogs with SSH and be able to pull/push with you SSH key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs:
```bash
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
```
You also need to add your public key to your Gogs profile.
If you use SSH on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`:
```bash
Host domain.tld
port 2222 # change this with the port you use
```
## Private Mode
Actually it's possible to access to the Git repositories by the `git` command over HTTP also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings.
## Documentations et ressources
* Site officiel de l'app : http://gogs.io
* Documentation officielle de l'admin : https://gogs.io/docs
* Dépôt de code officiel de l'app : https://github.com/gogs/gogs
* Documentation YunoHost pour cette app : https://yunohost.org/app_gogs
* Signaler un bug : https://github.com/YunoHost-Apps/gogs_ynh/issues
## Informations pour les développeurs
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/gogs_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
```
sudo yunohost app install https://github.com/YunoHost-Apps/gogs_ynh/tree/testing --debug
ou
sudo yunohost app upgrade gogs -u https://github.com/YunoHost-Apps/gogs_ynh/tree/testing --debug
```
**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps

View file

@ -1,9 +1,9 @@
;; General ;; General
; Manifest ; Manifest
domain="domain.tld" (DOMAIN) domain="domain.tld"
path="/path" (PATH) path="/path"
admin="john" (USER) admin="john"
is_public=1 (PUBLIC|public=1|private=0) is_public=1
; Checks ; Checks
pkg_linter=1 pkg_linter=1
setup_sub_dir=1 setup_sub_dir=1
@ -12,30 +12,10 @@
setup_private=1 setup_private=1
setup_public=1 setup_public=1
upgrade=1 upgrade=1
upgrade=1 from_commit=aa075b2051ffad7b0b6fef3a9c767376d5bdbfab #upgrade=1 from_commit=
upgrade=1 from_commit=1cbec051e1171de5a8ed1e850eb4fb3506114da5
upgrade=1 from_commit=5a706ed246392c1ce39c47a648cb93e2996e80d3
backup_restore=1 backup_restore=1
multi_instance=1 multi_instance=1
incorrect_path=0
port_already_use=1 (6000)
change_url=1 change_url=1
;;; Levels
Level 1=auto
Level 2=auto
Level 3=auto
# https://github.com/YunoHost-Apps/gogs_ynh/blob/master/conf/login_source.sql
Level 4=1
Level 5=auto
Level 6=auto
Level 7=auto
Level 8=0
Level 9=0
Level 10=0
;;; Upgrade options ;;; Upgrade options
; commit=aa075b2051ffad7b0b6fef3a9c767376d5bdbfab ; commit=
name=Before multi_instance and refactoring name=
; commit=1cbec051e1171de5a8ed1e850eb4fb3506114da5
name=From V0.10.18
; commit=5a706ed246392c1ce39c47a648cb93e2996e80d3
name=The oldest package

5
conf/amd64.src Normal file
View file

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/gogs/gogs/releases/download/v0.12.3/gogs_0.12.3_linux_amd64.zip
SOURCE_SUM=0eeab278aaf8fc999329e611fe0709e95e08c26d15bdf60d499268f144e40406
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=true

View file

@ -1,50 +1,25 @@
; App name that shows on every page title ;https://github.com/gogits/gogs/blob/master/conf/app.ini
APP_NAME = Gogs: Go Git Service
; The name of the system user that runs Gogs ; The brand name of the application, can be your company or team name.
BRAND_NAME = Gogs
; The system user who should be running the applications. It has no effect on Windows,
; otherwise, it should match the value of $USER environment variable.
RUN_USER = __APP__ RUN_USER = __APP__
; Either "dev", "prod" or "test" ; The running mode of the application, can be either "dev", "prod" or "test".
RUN_MODE = prod RUN_MODE = prod
[server] [server]
PROTOCOL = http ; The public-facing URL for the application.
EXTERNAL_URL = https://__URL__/
; The public-facing domain name for the application.
DOMAIN = __DOMAIN__ DOMAIN = __DOMAIN__
ROOT_URL = https://__URL__/ ; The protocol that is used to serve direct traffic to the application.
HTTP_ADDR = 0.0.0.0 ; Currently supports "http", "https", "fcgi" and "unix".
PROTOCOL = http
; The address to be listened by the application.
HTTP_ADDR = 127.0.0.1
; The port number to be listened by the application.
HTTP_PORT = __PORT__ HTTP_PORT = __PORT__
; Permission for unix socket
UNIX_SOCKET_PERMISSION = 666
; Local (DMZ) URL for Gogs workers (such as SSH update) accessing web service.
; In most cases you do not need to change the default value.
; Alter it only if your SSH server node is not the same as HTTP node.
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
; Disable SSH feature when not available
DISABLE_SSH = false
; Whether use builtin SSH server or not.
START_SSH_SERVER = false
; Domain name to be exposed in SSH clone URL
SSH_DOMAIN = %(DOMAIN)s
; Port number to be exposed in SSH clone URL
SSH_PORT = 22
; Network interface builtin SSH server listens on
SSH_LISTEN_HOST = 0.0.0.0
; Port number builtin SSH server listens on
SSH_LISTEN_PORT = %(SSH_PORT)s
; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
SSH_ROOT_PATH =
; Indicate whether to rewrite authorized_keys at start, ignored when use builtin SSH server
REWRITE_AUTHORIZED_KEYS_AT_START = false
; Choose the ciphers to support for SSH connections
SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
; Directory to create temporary files when test publick key using ssh-keygen,
; default is system temporary directory.
SSH_KEY_TEST_PATH =
; Path to ssh-keygen, default is 'ssh-keygen' and let shell find out which one to call.
SSH_KEYGEN_PATH = ssh-keygen
; Indicate whether to check minimum key size with corresponding type
MINIMUM_KEY_SIZE_CHECK = false
; Disable CDN even in "prod" mode
OFFLINE_MODE = false
DISABLE_ROUTER_LOG = false
; Generate steps: ; Generate steps:
; $ ./gogs cert -ca=true -duration=8760h0m0s -host=myhost.example.com ; $ ./gogs cert -ca=true -duration=8760h0m0s -host=myhost.example.com
; ;
@ -54,267 +29,326 @@ DISABLE_ROUTER_LOG = false
; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes ; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
CERT_FILE = custom/https/cert.pem CERT_FILE = custom/https/cert.pem
KEY_FILE = custom/https/key.pem KEY_FILE = custom/https/key.pem
; Allowed TLS version values: SSL30, TLS10, TLS11, TLS12 ; The minimum allowed TLS version, currently supports "TLS10", "TLS11", "TLS12", and "TLS13".
TLS_MIN_VERSION = TLS10 TLS_MIN_VERSION = TLS12
; File permission when serve traffic via Unix domain socket.
UNIX_SOCKET_PERMISSION = 666
; Local (DMZ) URL for workers (e.g. SSH update) accessing web service.
; In most cases you do not need to change the default value.
; Alter it only if your SSH server node is not the same as HTTP node.
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
; Upper level of template and static file path ; Whether to disable using CDN for static files regardless.
; default is the path where Gogs is executed OFFLINE_MODE = false
STATIC_ROOT_PATH = ; Whether to disable logging in router.
; Default path for App data DISABLE_ROUTER_LOG = true
APP_DATA_PATH = __DATA_PATH__ ; Whether to enable application level GZIP compression.
; Application level GZIP support
ENABLE_GZIP = false ENABLE_GZIP = false
; Landing page for non-logged users, can be "home" or "explore"
LANDING_PAGE = explore ; The path for storing application specific data.
APP_DATA_PATH = __DATADIR__/data
; Whether to enable to load assets (i.e. "conf", "templates", "public") from disk instead of embedded bindata.
LOAD_ASSETS_FROM_DISK = false
; The landing page URL for anonymous users, the value should not include
; subpath that is handled by the reverse proxy.
LANDING_URL = /explore
; Whether to disable SSH access to the application entirely.
DISABLE_SSH = false
; The domain name to be exposed in SSH clone URL.
SSH_DOMAIN = %(DOMAIN)s
; The port number to be exposed in SSH clone URL.
SSH_PORT = 22
; The path of SSH root directory, default is "$HOME/.ssh".
SSH_ROOT_PATH =
; The path to ssh-keygen, default is "ssh-keygen" and let shell find out which one to call.
SSH_KEYGEN_PATH = ssh-keygen
; The directory to create temporary files when test a public key using ssh-keygen,
; default is the system temporary directory.
SSH_KEY_TEST_PATH =
; Whether to check minimum public key size with corresponding type.
MINIMUM_KEY_SIZE_CHECK = false
; Whether to rewrite "~/.ssh/authorized_keys" file at start, ignored when use builtin SSH server.
REWRITE_AUTHORIZED_KEYS_AT_START = false
; Whether to start a builtin SSH server.
START_SSH_SERVER = false
; The network interface for builtin SSH server to listen on.
SSH_LISTEN_HOST = 0.0.0.0
; The port number for builtin SSH server to listen on.
SSH_LISTEN_PORT = %(SSH_PORT)s
; The list of accepted ciphers for connections to builtin SSH server.
SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
; The list of accepted MACs for connections to builtin SSH server.
SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1
; Define allowed algorithms and their minimum key length (use -1 to disable a type).
[ssh.minimum_key_sizes]
ED25519 = 256
ECDSA = 256
RSA = 2048
DSA = 1024
[repository] [repository]
; Root path for storing repositories's data, default is "~/<username>/gogs-repositories" ; The root path for storing managed repositories, default is "~/gogs-repositories"
ROOT = __REPOS_PATH__ ROOT = __DATADIR__/repositories
; The script type server supports, sometimes could be "sh" ; The script type server supports, sometimes could be "sh".
SCRIPT_TYPE = bash SCRIPT_TYPE = bash
; Default ANSI charset for an unrecognized charset ; Default ANSI charset for an unrecognized charset.
ANSI_CHARSET = ANSI_CHARSET =
; Force every new repository to be private ; Whether to force every new repository to be private.
FORCE_PRIVATE = false FORCE_PRIVATE = false
; Global maximum creation limit of repository per user, -1 means no limit ; The global limit of number of repositories a user can create, -1 means no limit.
MAX_CREATION_LIMIT = -1 MAX_CREATION_LIMIT = -1
; Mirror sync queue length, increase if mirror syncing starts hanging ; Preferred Licenses to place at the top of the list.
MIRROR_QUEUE_LENGTH = 1000 ; Name must match file name in "conf/license" or "custom/conf/license".
; Patch test queue length, increase if pull request patch testing starts hanging PREFERRED_LICENSES = Apache License 2.0, MIT License
PULL_REQUEST_QUEUE_LENGTH = 1000 ; Whether to disable Git interaction with repositories via HTTP/HTTPS protocol.
; Preferred Licenses to place at the top of the list
; Name must match file name in conf/license or custom/conf/license
PREFERRED_LICENSES = Apache License 2.0,MIT License
; Disable ability to interact with repositories by HTTP protocol
DISABLE_HTTP_GIT = false DISABLE_HTTP_GIT = false
; Enable ability to migrate repository by local path ; Whether to enable ability to migrate repository by server local path.
ENABLE_LOCAL_PATH_MIGRATION = false ENABLE_LOCAL_PATH_MIGRATION = false
; Concurrency is used to retrieve commits information. This variable define ; Whether to enable render mode for raw file. There are potential security risks.
; the maximum number of tasks that can be run at the same time. Usually, the
; value depend of how many CPUs (cores) you have. If the value is set to zero
; or under, GOGS will automatically detect the number of CPUs your system have
COMMITS_FETCH_CONCURRENCY = 0
; Enable render mode for raw file
ENABLE_RAW_FILE_RENDER_MODE = false ENABLE_RAW_FILE_RENDER_MODE = false
; The maximum number of goroutines that can be run at the same time for a single
; fetch request. Usually, the value depend of how many CPU (cores) you have. If
; the value is non-positive, it matches the number of CPUs available to the application.
COMMITS_FETCH_CONCURRENCY = 0
[repository.editor] [repository.editor]
; List of file extensions that should have line wraps in the CodeMirror editor. ; List of file extensions that should have line wraps in the CodeMirror editor.
; Separate extensions with a comma. To line wrap files without extension, just put a comma ; Separate extensions with a comma.
LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd, LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd
; Valid file modes that have a preview API associated with them, such as api/v1/markdown. ; Valid file modes that have a preview API associated with them, such as "/api/v1/markdown".
; Separate values by commas. Preview tab in edit mode won't show if the file extension doesn't match ; Separate values by commas. Preview tab in edit mode won't show if the file extension doesn't match.
PREVIEWABLE_FILE_MODES = markdown PREVIEWABLE_FILE_MODES = markdown
[repository.upload] [repository.upload]
; Enable repository file uploads. ; Whether to enable repository file uploads.
ENABLED = true ENABLED = true
; Path to temporarily store uploads (default path gets cleaned by Gogs in every start) ; The path to temporarily store uploads (content under this path gets wiped out on every start).
TEMP_PATH = data/tmp/uploads TEMP_PATH = __DATADIR__/data/tmp/uploads
; File types that are allowed to be uploaded, e.g. image/jpeg|image/png. Leave empty means allow any file type ; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type.
ALLOWED_TYPES = ALLOWED_TYPES =
; Maximum size of each file in MB ; The maximum size of each file in MB.
FILE_MAX_SIZE = 3 FILE_MAX_SIZE = 3
; Maximum number of files per upload ; The maximum number of files per upload.
MAX_FILES = 5 MAX_FILES = 5
; Attachment settings for releases [database]
[release.attachment] ; The database backend, either "postgres", "mysql" "sqlite3" or "mssql".
; Whether attachments are enabled. Defaults to `true` ; You can connect to TiDB with MySQL protocol.
TYPE = mysql
HOST = 127.0.0.1:3306
NAME = __DB_NAME__
USER = __DB_USER__
PASSWORD = __DB_PWD__
; For "postgres" only, either "disable", "require" or "verify-full".
SSL_MODE = disable
; For "sqlite3" only, make sure to use absolute path.
PATH = data/gogs.db
; The maximum open connections of the pool.
MAX_OPEN_CONNS = 30
; The maximum idle connections of the pool.
MAX_IDLE_CONNS = 30
[security]
; Whether to show the install page, set this to "true" to bypass it.
INSTALL_LOCK = true
; The secret to encrypt cookie values, 2FA code, etc.
; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
SECRET_KEY = __KEY__
; The days remembered for auto-login.
LOGIN_REMEMBER_DAYS = 7
; The cookie name to store auto-login information.
COOKIE_REMEMBER_NAME = gogs_incredible
; The cookie name to store logged in username.
COOKIE_USERNAME = gogs_awesome
; Whether to set secure cookie.
COOKIE_SECURE = false
; Whether to set cookie to indicate user login status.
ENABLE_LOGIN_STATUS_COOKIE = false
; The cookie name to store user login status.
LOGIN_STATUS_COOKIE_NAME = login_status
[email]
; Whether to enable the email service.
ENABLED = true ENABLED = true
; Path for attachments. Defaults to `data/attachments` ; The prefix prepended to the subject line.
PATH = data/attachments SUBJECT_PREFIX = `[%(BRAND_NAME)s] `
; One or more allowed types, e.g. image/jpeg|image/png ; The SMTP server with its port, e.g. smtp.mailgun.org:587, smtp.gmail.com:587, smtp.qq.com:465
; If the port ends is "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409.
; If the server supports STARTTLS it will always be used.
HOST = 127.0.0.1:25
; The email from address (RFC 5322). This can be just an email address, or the `"Name" <email@example.com>` format.
FROM = "Gogs" <gogs-noreply@__DOMAIN__>
; The login user.
USER = "Gogs" <gogs-noreply@__DOMAIN__>
; The login password.
PASSWORD =
; Whether to disable HELO operation when the hostname is different.
DISABLE_HELO =
; The custom hostname for HELO operation, default is from system.
HELO_HOSTNAME =
; Whether to skip verifying the certificate of the server. Only use this for self-signed certificates.
SKIP_VERIFY = true
; Whether to use client certificates.
USE_CERTIFICATE = false
CERT_FILE = custom/email/cert.pem
KEY_FILE = custom/email/key.pem
; Whether to use "text/plain" as content format.
USE_PLAIN_TEXT = false
; Whether to attach a plaintext alternative to the MIME message while sending HTML emails.
; It is used to support older mail clients and make spam filters happier.
ADD_PLAIN_TEXT_ALT = false
[auth]
; The valid duration of activate code in minutes.
ACTIVATE_CODE_LIVES = 180
; The valid duration of reset password code in minutes.
RESET_PASSWORD_CODE_LIVES = 180
; Whether to require email confirmation for adding new email addresses.
; Enable this option will also require user to confirm the email for registration.
REQUIRE_EMAIL_CONFIRMATION = false
; Whether to disallow anonymous users visiting the site.
REQUIRE_SIGNIN_VIEW = false
; Whether to disable self-registration. When disabled, accounts would have to be created by admins.
DISABLE_REGISTRATION = true
; Whether to enable captcha validation for registration
ENABLE_REGISTRATION_CAPTCHA = true
; Whether to enable reverse proxy authentication via HTTP header.
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
; Whether to automatically create new users for reverse proxy authentication.
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
; The HTTP header used as username for reverse proxy authentication.
REVERSE_PROXY_AUTHENTICATION_HEADER = X-WEBAUTH-USER
[user]
; Whether to enable email notifications for users.
ENABLE_EMAIL_NOTIFICATION = false
[session]
; The session provider, either "memory", "file", or "redis".
PROVIDER = memory
; The configuration for respective provider:
; - memory: does not need any config yet
; - file: session file path, e.g. `data/sessions`
; - redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
PROVIDER_CONFIG = data/sessions
; The cookie name to store the session identifier.
COOKIE_NAME = i_like_gogs
; Whether to set cookie in HTTPS only.
COOKIE_SECURE = false
; The GC interval in seconds for session data.
GC_INTERVAL = 3600
; The maximum life time in seconds for a session.
MAX_LIFE_TIME = 86400
; The cookie name for CSRF token.
CSRF_COOKIE_NAME = _csrf
[cache]
; The cache adapter, either "memory", "redis", or "memcache".
ADAPTER = memory
; For "memory" only, GC interval in seconds.
INTERVAL = 60
; For "redis" and "memcache", connection host address:
; - redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; - memcache: `127.0.0.1:11211`
HOST =
[http]
; The value for "Access-Control-Allow-Origin" header, default is not to present.
ACCESS_CONTROL_ALLOW_ORIGIN =
[lfs]
; The storage backend for uploading new objects.
STORAGE = local
; The root path to store LFS objects on local file system.
OBJECTS_PATH = __DATADIR__/data/lfs-objects
[attachment]
; Whether to enabled upload attachments in general.
ENABLED = true
; The path to store attachments on the file system.
PATH = __DATADIR__/data/attachments
; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type.
ALLOWED_TYPES = image/jpeg|image/png
; The maximum size of each file in MB.
MAX_SIZE = 4
; The maximum number of files per upload.
MAX_FILES = 5
[release.attachment]
; Whether to enabled upload attachments for releases.
ENABLED = true
; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type.
ALLOWED_TYPES = */* ALLOWED_TYPES = */*
; Max size of each file. Defaults to 32MB ; The maximum size of each file in MB.
MAX_SIZE = 32 MAX_SIZE = 32
; Max number of files per upload. Defaults to 10 ; The maximum number of files per upload.
MAX_FILES = 10 MAX_FILES = 10
[time]
; Specifies the format for fully outputed dates.
; Values should be one of the following:
; ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano.
; For more information about the format see http://golang.org/pkg/time/#pkg-constants.
FORMAT = RFC1123
[picture]
; The path to store user avatars on the file system.
AVATAR_UPLOAD_PATH = __DATADIR__/data/avatars
; The path to store repository avatars on the file system.
REPOSITORY_AVATAR_UPLOAD_PATH = __DATADIR__/data/repo-avatars
; Chinese users can use a custom avatar source, such as http://cn.gravatar.com/avatar/.
GRAVATAR_SOURCE = gravatar
; Whether to disable Gravatar, this value will be forced to be true in offline mode.
DISABLE_GRAVATAR = false
; Whether to enable federated avatar lookup uses DNS to discover avatar associated
; with emails, see https://www.libravatar.org for details.
; This value will be forced to be false in offline mode or when Gravatar is disabled.
ENABLE_FEDERATED_AVATAR = false
[markdown] [markdown]
; Enable hard line break extension ; Whether to enable hard line break extension.
ENABLE_HARD_LINE_BREAK = false ENABLE_HARD_LINE_BREAK = false
; List of custom URL-Schemes that are allowed as links when rendering Markdown ; The list of custom URL schemes that are allowed as links when rendering Markdown.
; for example git,magnet ; For example, "git" (for "git://") and "magnet" (for "magnet://").
CUSTOM_URL_SCHEMES = CUSTOM_URL_SCHEMES =
; List of file extensions that should be rendered/edited as Markdown ; The list of file extensions that should be rendered/edited as Markdown.
; Separate extensions with a comma. To render files w/o extension as markdown, just put a comma ; Separate extensions with a comma. To render files with no extension as markdown, just put a comma.
FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd
[smartypants] [smartypants]
; Whether to enable the Smartypants extension.
ENABLED = false ENABLED = false
FRACTIONS = true FRACTIONS = true
DASHES = true DASHES = true
LATEX_DASHES = true LATEX_DASHES = true
ANGLED_QUOTES = true ANGLED_QUOTES = true
[http]
; Value for Access-Control-Allow-Origin header, default is not to present
ACCESS_CONTROL_ALLOW_ORIGIN =
; Define allowed algorithms and their minimum key length (use -1 to disable a type)
[ssh.minimum_key_sizes]
ED25519 = 256
ECDSA = 256
RSA = 2048
DSA = 1024
[database]
; Either "mysql", "postgres" or "sqlite3", you can connect to TiDB with MySQL protocol
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = __DB_USER__
USER = __DB_USER__
PASSWD = __DB_PASSWORD__
; For "postgres" only, either "disable", "require" or "verify-full"
SSL_MODE = disable
; For "sqlite3" and "tidb", use absolute path when you start as service
PATH = data/gogs.db
[admin] [admin]
; Disable regular (non-admin) users to create organizations ; Whether to disable regular (non-admin) users to create organizations.
DISABLE_REGULAR_ORG_CREATION = false DISABLE_REGULAR_ORG_CREATION = false
[security]
INSTALL_LOCK = true
; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
SECRET_KEY = __KEY__
; Auto-login remember days
LOGIN_REMEMBER_DAYS = 7
COOKIE_USERNAME = gogs_awesome
COOKIE_REMEMBER_NAME = gogs_incredible
COOKIE_SECURE = false
; Reverse proxy authentication header name of user name
REVERSE_PROXY_AUTHENTICATION_USER = REMOTE_USER
; Enable to set cookie to indicate user login status
ENABLE_LOGIN_STATUS_COOKIE = false
LOGIN_STATUS_COOKIE_NAME = login_status
[service]
ACTIVE_CODE_LIVE_MINUTES = 180
RESET_PASSWD_CODE_LIVE_MINUTES = 180
; User need to confirm e-mail for registration
REGISTER_EMAIL_CONFIRM = false
; Does not allow register and admin create account only
DISABLE_REGISTRATION = true
; User must sign in to view anything.
REQUIRE_SIGNIN_VIEW = __PRIVATE_MODE__
; Mail notification
ENABLE_NOTIFY_MAIL = true
; More detail: https://github.com/gogits/gogs/issues/165
ENABLE_REVERSE_PROXY_AUTHENTICATION = true
ENABLE_REVERSE_PROXY_AUTO_REGISTERATION = true
; Enable captcha validation for registration
ENABLE_CAPTCHA = false
[webhook] [webhook]
; Types are enabled for users to use, can be "gogs", "slack", "discord", "dingtalk" ; The list of enabled types for users to use, can be "gogs", "slack", "discord", "dingtalk".
TYPES = gogs, slack, discord, dingtalk TYPES = gogs, slack, discord, dingtalk
; Hook task queue length, increase if webhook shooting starts hanging ; Deliver timeout in seconds.
QUEUE_LENGTH = 1000
; Deliver timeout in seconds
DELIVER_TIMEOUT = 15 DELIVER_TIMEOUT = 15
; Allow insecure certification ; Whether to allow insecure certification.
SKIP_TLS_VERIFY = false SKIP_TLS_VERIFY = false
; Number of history information in each page ; The number of history information in each page.
PAGING_NUM = 10 PAGING_NUM = 10
[mailer] ; General settings of loggers.
ENABLED = true
; Buffer length of channel, keep it as it is if you don't know what it is.
SEND_BUFFER_LEN = 100
; Prefix prepended to the subject line
SUBJECT_PREFIX = `[%(APP_NAME)s] `
; Mail server
; Gmail: smtp.gmail.com:587
; QQ: smtp.qq.com:465
; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
HOST = 127.0.0.1:25
; Disable HELO operation when hostname are different.
DISABLE_HELO =
; Custom hostname for HELO operation, default is from system.
HELO_HOSTNAME =
; Do not verify the certificate of the server. Only use this for self-signed certificates
SKIP_VERIFY = true
; Use client certificate
USE_CERTIFICATE = false
CERT_FILE = custom/mailer/cert.pem
KEY_FILE = custom/mailer/key.pem
; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
FROM = "Gogs" <gogs-noreply@__DOMAIN__>
; Mailer user name and password
USER =
PASSWD =
; Use text/plain as format of content
USE_PLAIN_TEXT = false
[cache]
; Either "memory", "redis", or "memcache", default is "memory"
ADAPTER = memory
; For "memory" only, GC interval in seconds, default is 60
INTERVAL = 60
; For "redis" and "memcache", connection host address
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; memcache: `127.0.0.1:11211`
HOST =
[session]
; Either "memory", "file", or "redis", default is "memory"
PROVIDER = memory
; Provider config options
; memory: not have any config yet
; file: session file path, e.g. `data/sessions`
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
PROVIDER_CONFIG = data/sessions
; Session cookie name
COOKIE_NAME = i_like_gogits
; If you use session in https only, default is false
COOKIE_SECURE = false
; Enable set cookie, default is true
ENABLE_SET_COOKIE = true
; Session GC time interval, default is 3600
GC_INTERVAL_TIME = 3600
; Session life time, default is 86400
SESSION_LIFE_TIME = 86400
; Cookie name for CSRF
CSRF_COOKIE_NAME = _csrf
[picture]
; Path to store user uploaded avatars
AVATAR_UPLOAD_PATH = __DATA_PATH__/avatars
; Chinese users can choose "duoshuo"
; or a custom avatar source, like: http://cn.gravatar.com/avatar/
GRAVATAR_SOURCE = gravatar
; This value will be forced to be true in offline mode.
DISABLE_GRAVATAR = false
; Federated avatar lookup uses DNS to discover avatar associated
; with emails, see https://www.libravatar.org
; This value will be forced to be false in offline mode or Gravatar is disbaled.
ENABLE_FEDERATED_AVATAR = false
; Attachment settings for issues
[attachment]
; Whether attachments are enabled. Defaults to `true`
ENABLED = true
; Path for attachments. Defaults to `data/attachments`
PATH = __DATA_PATH__/attachments
; One or more allowed types, e.g. image/jpeg|image/png
ALLOWED_TYPES = image/jpeg|image/png
; Max size of each file. Defaults to 4MB
MAX_SIZE = 4
; Max number of files per upload. Defaults to 5
MAX_FILES = 5
[time]
; Specifies the format for fully outputed dates. Defaults to RFC1123
; Special supported values are ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano
; For more information about the format see http://golang.org/pkg/time/#pkg-constants
FORMAT =
; General settings of loggers
[log] [log]
ROOT_PATH = /var/log/__APP__ ; The root path for all log files, default is "log/" subdirectory.
; Can be "console" and "file", default is "console" ROOT_PATH =/var/log/__APP__
; Can be "console", "file", "slack" and "discord".
; Use comma to separate multiple modes, e.g. "console, file" ; Use comma to separate multiple modes, e.g. "console, file"
MODE = file MODE = file
; Buffer length of channel, keep it as it is if you don't know what it is. ; Buffer length of channel, keep it as it is if you don't know what it is.
@ -324,38 +358,38 @@ LEVEL = Warn
; For "console" mode only ; For "console" mode only
[log.console] [log.console]
; leave empty to inherit ; Comment out to inherit
LEVEL = ; LEVEL =
; For "file" mode only ; For "file" mode only
[log.file] [log.file]
; leave empty to inherit ; Comment out to inherit
LEVEL = ; LEVEL =
; This enables automated log rotate (switch of following options) ; Whether to enable automated log rotate (switch of following options).
LOG_ROTATE = true LOG_ROTATE = true
; Segment log daily ; Whether to segment log files daily.
DAILY_ROTATE = true DAILY_ROTATE = true
; Max size shift of single file, default is 28 means 1 << 28, 256MB ; The maximum size shift of single file, default is 28 means 1 << 28 = 256MB.
MAX_SIZE_SHIFT = 28 MAX_SIZE_SHIFT = 28
; Max line number of single file ; The maximum number of lines of single file.
MAX_LINES = 1000000 MAX_LINES = 1000000
; Expired days of log file (delete after max days) ; The expired days of log file (delete after max days).
MAX_DAYS = 7 MAX_DAYS = 7
; For "slack" mode only ; For "slack" mode only
[log.slack] [log.slack]
; leave empty to inherit ; Comment out to inherit
LEVEL = ; LEVEL =
; Webhook URL ; Webhook URL
URL = URL =
[log.discord] [log.discord]
; leave empty to inherit ; Comment out to inherit
LEVEL = ; LEVEL =
; Webhook URL ; Webhook URL
URL = URL =
; Username displayed in webhook ; The username to be displayed in notification.
USERNAME = %(APP_NAME)s USERNAME = %(BRAND_NAME)s
[log.xorm] [log.xorm]
; Enable file rotation ; Enable file rotation
@ -367,14 +401,24 @@ MAX_SIZE = 100
; Maximum days to keep logger files ; Maximum days to keep logger files
MAX_DAYS = 3 MAX_DAYS = 3
[log.gorm]
; Whether to enable file rotation.
ROTATE = true
; Whether to rotate file every day.
ROTATE_DAILY = true
; The maximum file size in MB before next rotate.
MAX_SIZE = 100
; The maximum days to keep files.
MAX_DAYS = 3
[cron] [cron]
; Enable running cron tasks periodically. ; Enable running cron tasks periodically.
ENABLED = true ENABLED = true
; Run cron tasks when Gogs starts. ; Run cron tasks when Gogs starts.
RUN_AT_START = false RUN_AT_START = false
; Update mirrors
[cron.update_mirrors] [cron.update_mirrors]
; Defines how often the mirror syncer checks if any mirror needs to be synchronized (based on the mirror update interval).
SCHEDULE = @every 10m SCHEDULE = @every 10m
; Repository health check ; Repository health check
@ -400,12 +444,12 @@ OLDER_THAN = 24h
[git] [git]
; Disables highlight of added and removed changes ; Disables highlight of added and removed changes
DISABLE_DIFF_HIGHLIGHT = false DISABLE_DIFF_HIGHLIGHT = false
; Max number of files shown in diff view
MAX_GIT_DIFF_FILES = 100
; Max number of lines allowed of a single file in diff view ; Max number of lines allowed of a single file in diff view
MAX_GIT_DIFF_LINES = 1000 MAX_GIT_DIFF_LINES = 1000
; Max number of characters of a line allowed in diff view ; Max number of characters of a line allowed in diff view
MAX_GIT_DIFF_LINE_CHARACTERS = 500 MAX_GIT_DIFF_LINE_CHARACTERS = 2000
; Max number of files shown in diff view
MAX_GIT_DIFF_FILES = 100
; Arguments for command 'git gc', e.g. "--aggressive --auto" ; Arguments for command 'git gc', e.g. "--aggressive --auto"
; see more on http://git-scm.com/docs/git-gc/1.7.5 ; see more on http://git-scm.com/docs/git-gc/1.7.5
GC_ARGS = GC_ARGS =
@ -416,10 +460,12 @@ MIGRATE = 600
MIRROR = 300 MIRROR = 300
CLONE = 300 CLONE = 300
PULL = 300 PULL = 300
DIFF = 60
GC = 60 GC = 60
[mirror] [mirror]
; Default interval in hours between each check ; Defines the default interval (in hours) until the next sync for a mirror (after a successful mirror sync).
; It can be overridden individually for each mirror repository in the settings.
DEFAULT_INTERVAL = 8 DEFAULT_INTERVAL = 8
[api] [api]
@ -458,9 +504,23 @@ NEWS_FEED_PAGING_NUM = 20
; Number of commits that are showed in one page ; Number of commits that are showed in one page
COMMITS_PAGING_NUM = 30 COMMITS_PAGING_NUM = 30
[prometheus]
; Whether to enable Prometheus metrics.
ENABLED = false
; Whether to enable HTTP Basic Authentication to protect metrics data.
ENABLE_BASIC_AUTH = false
; The username for HTTP Basic Authentication.
BASIC_AUTH_USERNAME =
; The password for HTTP Basic Authentication.
BASIC_AUTH_PASSWORD =
; Extension mapping to highlight class
; e.g. .toml=ini
[highlight.mapping]
[i18n] [i18n]
LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR,gl-ES,uk-UA,en-GB,hu-HU,sk-SK,id-ID,fa-IR,vi-VN LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR,gl-ES,uk-UA,en-GB,hu-HU,sk-SK,id-ID,fa-IR,vi-VN,pt-PT
NAMES = English,简体中文,繁體中文(香港),繁體中文(臺灣),Deutsch,français,Nederlands,latviešu,русский,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어,galego,українська,English (United Kingdom),Magyar,Slovenčina,Indonesian,Persian,Vietnamese NAMES = English,简体中文,繁體中文(香港),繁體中文(臺灣),Deutsch,français,Nederlands,latviešu,русский,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어,galego,українська,English (United Kingdom),Magyar,Slovenčina,Indonesian,Persian,Vietnamese,português
; Used for datetimepicker ; Used for datetimepicker
[i18n.datelang] [i18n.datelang]
@ -493,14 +553,9 @@ sk-SK = sk
id-ID = id id-ID = id
fa-IR = fa fa-IR = fa
vi-VN = vi vi-VN = vi
pt-PT = pt
; Extension mapping to highlight class
; e.g. .toml=ini
[highlight.mapping]
[other] [other]
SHOW_FOOTER_BRANDING = false SHOW_FOOTER_BRANDING = false
; Show version information about Gogs and Go in the footer
SHOW_FOOTER_VERSION = true
; Show time of template execution in the footer ; Show time of template execution in the footer
SHOW_FOOTER_TEMPLATE_LOAD_TIME = true SHOW_FOOTER_TEMPLATE_LOAD_TIME = true

View file

@ -1,11 +0,0 @@
SOURCE_URL=https://github.com/gogits/gogs/releases/download/v0.11.79/raspi2_armv6.zip
SOURCE_SUM=a7d17f6dc542fd2d88f884271bca9c62729fbd725fdb310616b2987dba382631
# (Optional) Program to check the integrity (sha256sum, md5sum...)
# default: sha256
SOURCE_SUM_PRG=sha256sum
# (Optional) Archive format
# default: tar.gz
SOURCE_FORMAT=zip
# (Optional) Put false if sources are directly in the archive root
# default: true
SOURCE_IN_SUBDIR=true

5
conf/armhf.src Normal file
View file

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/gogs/gogs/releases/download/v0.12.3/gogs_0.12.3_linux_armv7.zip
SOURCE_SUM=9116d4f1baf6a47dc3a47cfce8f435ad77f7939f2e80323f31382913e895ab35
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=true

View file

@ -1,11 +1,5 @@
SOURCE_URL=https://github.com/gogits/gogs/releases/download/v0.11.79/linux_386.zip SOURCE_URL=https://github.com/gogs/gogs/releases/download/v0.12.3/gogs_0.12.3_linux_386.zip
SOURCE_SUM=ad1a89eb01723a4b289b7b8773fd018f78b0dad801101f27c1af0f2d649edeeb SOURCE_SUM=bcf7a31ad61865217eca93f4d90ede15837c857accb2394782ebf4a7805e1cbc
# (Optional) Program to check the integrity (sha256sum, md5sum...)
# default: sha256
SOURCE_SUM_PRG=sha256sum SOURCE_SUM_PRG=sha256sum
# (Optional) Archive format
# default: tar.gz
SOURCE_FORMAT=zip SOURCE_FORMAT=zip
# (Optional) Put false if sources are directly in the archive root
# default: true
SOURCE_IN_SUBDIR=true SOURCE_IN_SUBDIR=true

View file

@ -2,7 +2,7 @@
# #
id = 1 id = 1
type = ldap_bind_dn type = ldap_bind_dn
name = Yunohost LDAP name = YunoHost LDAP
is_activated = true is_activated = true
[config] [config]

View file

@ -1,15 +1,11 @@
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ { location __PATH__/ {
proxy_pass http://localhost:__PORT__/; proxy_pass http://localhost:__PORT__/;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_buffering off; proxy_buffering off;
fastcgi_param REMOTE_USER $remote_user; fastcgi_param REMOTE_USER $remote_user;
client_max_body_size 200M; client_max_body_size 200M;
proxy_set_header X-Real-IP $remote_addr;
# Force https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
# Include SSOWAT user panel. # Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc; include conf.d/yunohost_panel.conf.inc;

View file

@ -1,24 +1,48 @@
[Unit] [Unit]
Description=Gogs (Go Git Service) Description=Gogs (Go Git Service)
After=syslog.target After=syslog.target network.target mysql.service slapd.service redis.service
After=network.target
After=mysql.service
After=slapd.service
[Service] [Service]
# Modify these two values and uncomment them if you have
# repos with lots of files and get an HTTP error 500 because
# of that
###
#LimitMEMLOCK=infinity
#LimitNOFILE=65535
Type=simple Type=simple
User=__APP__ User=__APP__
Group=__APP__ Group=__APP__
WorkingDirectory=/home/__APP__ WorkingDirectory=__DATADIR__
ExecStart=/opt/__APP__/gogs web ExecStart=__FINALPATH__/gogs web
Restart=always Restart=always
Environment=USER=__APP__ HOME=/home/__APP__ Environment=USER=__APP__ HOME=__DATADIR__
[Install]
WantedBy=multi-user.target
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

View file

@ -1,11 +0,0 @@
SOURCE_URL=https://github.com/gogits/gogs/releases/download/v0.11.79/linux_amd64.zip
SOURCE_SUM=85f60494de63e6c4af16faba9bc739eb7c9e5477de1f16d11c6665495141162f
# (Optional) Program to check the integrity (sha256sum, md5sum...)
# default: sha256
SOURCE_SUM_PRG=sha256sum
# (Optional) Archive format
# default: tar.gz
SOURCE_FORMAT=zip
# (Optional) Put false if sources are directly in the archive root
# default: true
SOURCE_IN_SUBDIR=true

14
doc/DESCRIPTION.md Normal file
View file

@ -0,0 +1,14 @@
Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its particularity is that it is light and can run on an ARM card, which makes it suitable for self-hosting. Gogs has a web interface similar to that of GitHub.
### Features
- User dashboard, user profile and activity timeline.
- User, organization and repository management.
- Repository and organization webhooks, including Slack, Discord and Dingtalk.
- Repository Git hooks, deploy keys and Git LFS.
- Repository issues, pull requests, wiki, protected branches and collaboration.
- Migrate and mirror repositories with wiki from other code hosts.
- Web editor for quick editing repository files and wiki.
- Jupyter Notebook and PDF rendering.
- Authentication via SMTP, LDAP.
- Customize HTML templates, static files and many others.

1
doc/DESCRIPTION_fr.md Normal file
View file

@ -0,0 +1 @@
Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go. Sa particularité est dêtre léger et pouvant fonctionner sur carte ARM, ce qui fait quil est adapté à lauto-hébergement. Gogs a une interface web similaire à celle de GitHub.

24
doc/DISCLAIMER.md Normal file
View file

@ -0,0 +1,24 @@
## Notes on SSH usage
If you want to use Gogs with SSH and be able to pull/push with you SSH key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs:
```bash
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
```
You also need to add your public key to your Gogs profile.
If you use SSH on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`:
```bash
Host domain.tld
port 2222 # change this with the port you use
```
## Private Mode
Actually it's possible to access to the Git repositories by the `git` command over HTTP also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings.

Binary file not shown.

After

Width:  |  Height:  |  Size: 69 KiB

View file

@ -3,15 +3,22 @@
"id": "gogs", "id": "gogs",
"packaging_format": 1, "packaging_format": 1,
"description": { "description": {
"en": "Lightweight Git forge", "en": "Lightweight self-hosted Git forge",
"fr": "Forge Git légère" "fr": "Forge Git légère auto-hébergé"
}, },
"version": "0.12.3~ynh1",
"url": "http://gogs.io", "url": "http://gogs.io",
"upstream": {
"license": "MIT",
"website": "http://gogs.io",
"demo": "https://try.gogs.io/user/login",
"admindoc": "https://gogs.io/docs",
"code": "https://github.com/gogs/gogs"
},
"license": "MIT", "license": "MIT",
"version": "0.11.66~ynh2",
"maintainer": { "maintainer": {
"name": "Josué Tille", "name": "",
"email": "josue@tille.ch" "email": ""
}, },
"previous_maintainers": { "previous_maintainers": {
"name": "tostaki", "name": "tostaki",
@ -23,44 +30,30 @@
"mysql" "mysql"
], ],
"requirements": { "requirements": {
"yunohost": ">= 3.8.1" "yunohost": ">= 4.3.0"
}, },
"arguments": { "arguments": {
"install" : [ "install" : [
{ {
"name": "domain", "name": "domain",
"type": "domain", "type": "domain"
"ask": {
"en": "Choose a domain for Gogs",
"fr": "Choisissez un domaine pour Gogs"
},
"example": "domain.org"
}, },
{ {
"name": "path", "name": "path",
"type": "path", "type": "path",
"ask": {
"en": "Choose a path for Gogs",
"fr": "Choisissez un chemin pour Gogs"
},
"example": "/gogs", "example": "/gogs",
"default": "/gogs" "default": "/gogs"
}, },
{ {
"name": "admin", "name": "admin",
"type": "user", "type": "user"
"ask": {
"en": "Choose the Gogs administrator (must be an existing YunoHost user)",
"fr": "Choisissez l'administrateur de Gogs (doit être un utilisateur YunoHost existant)"
},
"example": "johndoe"
}, },
{ {
"name": "is_public", "name": "is_public",
"type": "boolean", "type": "boolean",
"ask": { "help": {
"en": "Is it a public site?", "en": "If enabled, Gogs will be accessible by people who do not have an account. This can be changed later via the webadmin.",
"fr": "Est-ce un site public ?" "fr": "Si cette case est cochée, Gogs sera accessible aux personnes nayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin."
}, },
"default": true "default": true
} }

View file

@ -1,108 +1,17 @@
#================================================= #!/bin/bash
# SET ALL CONSTANTS
#=================================================
app=$YNH_APP_INSTANCE_NAME
dbname=$app
dbuser=$app
final_path="/opt/$app"
DATADIR="/home/$app"
REPO_PATH="$DATADIR/repositories"
DATA_PATH="$DATADIR/data"
# Detect the system architecture to download the right tarball
# NOTE: `uname -m` is more accurate and universal than `arch`
# See https://en.wikipedia.org/wiki/Uname
if [ -n "$(uname -m | grep 64)" ]; then
architecture="x86-64"
elif [ -n "$(uname -m | grep 86)" ]; then
architecture="i386"
elif [ -n "$(uname -m | grep arm)" ]; then
architecture="arm"
else
ynh_die "Unable to detect your achitecture, please open a bug describing \
your hardware and the result of the command \"uname -m\"." 1
fi
#================================================= #=================================================
# DEFINE ALL COMMON FONCTIONS # COMMON VARIABLES
#================================================= #=================================================
create_dir() { #=================================================
mkdir -p "$final_path/data" # PERSONAL HELPERS
mkdir -p "$final_path/custom/conf/auth.d" #=================================================
mkdir -p "$DATA_PATH/avatars"
mkdir -p "$DATA_PATH/attachments"
mkdir -p "/var/log/$app"
}
config_nginx() { #=================================================
if [ "$path_url" != "/" ] # EXPERIMENTAL HELPERS
then #=================================================
ynh_replace_string "^#sub_path_only" "" "../conf/nginx.conf"
fi
ynh_add_nginx_config
}
config_gogs() { #=================================================
ynh_backup_if_checksum_is_different "$final_path/custom/conf/app.ini" # FUTURE OFFICIAL HELPERS
ynh_backup_if_checksum_is_different "$final_path/custom/conf/auth.d/ldap.conf" #=================================================
cp ../conf/app.ini "$final_path/custom/conf"
cp ../conf/ldap.conf "$final_path/custom/conf/auth.d/ldap.conf"
if [ "$path_url" = "/" ]
then
ynh_replace_string "__URL__" "$domain" "$final_path/custom/conf/app.ini"
else
ynh_replace_string "__URL__" "$domain${path_url%/}" "$final_path/custom/conf/app.ini"
fi
ynh_replace_string "__REPOS_PATH__" "$REPO_PATH" "$final_path/custom/conf/app.ini"
ynh_replace_string "__DB_PASSWORD__" "$dbpass" "$final_path/custom/conf/app.ini"
ynh_replace_string "__DB_USER__" "$dbuser" "$final_path/custom/conf/app.ini"
ynh_replace_string "__DOMAIN__" "$domain" "$final_path/custom/conf/app.ini"
ynh_replace_string "__KEY__" "$key" "$final_path/custom/conf/app.ini"
ynh_replace_string "__DATA_PATH__" "$DATA_PATH" "$final_path/custom/conf/app.ini"
ynh_replace_string "__PORT__" $port "$final_path/custom/conf/app.ini"
ynh_replace_string "__APP__" $app "$final_path/custom/conf/app.ini"
if [[ "$is_public" = '1' ]]
then
ynh_replace_string "__PRIVATE_MODE__" "false" "$final_path/custom/conf/app.ini"
else
ynh_replace_string "__PRIVATE_MODE__" "true" "$final_path/custom/conf/app.ini"
fi
ynh_replace_string "__ADMIN__" "$admin" "$final_path/custom/conf/auth.d/ldap.conf"
ynh_store_file_checksum "$final_path/custom/conf/app.ini"
ynh_store_file_checksum "$final_path/custom/conf/auth.d/ldap.conf"
}
set_permission() {
chown -R $app:$app "$final_path"
chown -R $app:$app "/home/$app"
chown -R $app:$app "/var/log/$app"
chmod u=rwX,g=rX,o= "$final_path"
chmod u=rwX,g=rX,o= "/home/$app"
chmod u=rwX,g=rX,o= "/var/log/$app"
}
set_access_settings() {
if [ "$is_public" = '1' ]
then
ynh_app_setting_set $app unprotected_uris "/"
else
# For an access to the git server by https in private mode we need to allow the access to theses URL :
# - "DOMAIN/PATH/USER/REPOSITORY/info/refs"
# - "DOMAIN/PATH/USER/REPOSITORY/git-upload-pack"
# - "DOMAIN/PATH/USER/REPOSITORY/git-receive-pack"
excaped_domain=${domain//'.'/'%.'}
excaped_domain=${excaped_domain//'-'/'%-'}
excaped_path=${path_url//'.'/'%.'}
excaped_path=${excaped_path//'-'/'%-'}
ynh_app_setting_set $app skipped_regex "$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-receive%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-upload%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/info/refs"
fi
}

View file

@ -3,36 +3,80 @@
#================================================= #=================================================
# GENERIC START # GENERIC START
#================================================= #=================================================
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#=================================================
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
# Exit if an error occurs during the execution of the script #=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_abort_if_errors ynh_abort_if_errors
# Load common variables and helpers #=================================================
source ../settings/scripts/experimental_helper.sh # LOAD SETTINGS
source ../settings/scripts/_common.sh #=================================================
ynh_print_info --message="Loading installation settings..."
# Retrieve app settings app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get "$app" domain)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#================================================= #=================================================
# STANDARD BACKUP STEPS # DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
#=================================================
# BACKUP THE APP MAIN DIR
#================================================= #=================================================
# Copy the app source files ynh_backup --src_path="$final_path"
ynh_backup "$final_path"
# Copy the data files #=================================================
ynh_backup "$DATADIR" # BACKUP THE DATA DIR
#=================================================
# Copy the conf files ynh_backup --src_path="$datadir" --is_big
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf"
ynh_backup "/etc/systemd/system/${app}.service"
# Backup logs #=================================================
ynh_backup "/var/log/$app" # BACKUP THE NGINX CONFIGURATION
#=================================================
# Dump the database ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_mysql_dump_db "$dbname" > ./db.sql
#=================================================
# BACKUP LOGROTATE
#=================================================
ynh_backup --src_path="/etc/logrotate.d/$app"
#=================================================
# BACKUP SYSTEMD
#=================================================
ynh_backup --src_path="/etc/systemd/system/$app.service"
#=================================================
# BACKUP VARIOUS FILES
#=================================================
ynh_backup --src_path="/var/log/$app"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_print_info --message="Backing up the MySQL database..."
ynh_mysql_dump_db --database="$db_name" > db.sql
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

View file

@ -1,52 +1,149 @@
#!/bin/bash #!/bin/bash
#================================================= #=================================================
# GENERIC START # GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#================================================= #=================================================
# IMPORT GENERIC HELPERS source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN
new_path=$YNH_APP_NEW_PATH
app=$YNH_APP_INSTANCE_NAME
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port)
admin=$(ynh_app_setting_get --app=$app --key=admin)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
key=$(ynh_app_setting_get --app=$app --key=key)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
path_url=$(ynh_app_setting_get --app=$app --key=path)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
# Import common cmd #=================================================
source ./experimental_helper.sh # CHECK WHICH PARTS SHOULD BE CHANGED
source ./_common.sh #=================================================
# RETRIEVE ARGUMENTS change_domain=0
old_domain=$YNH_APP_OLD_DOMAIN if [ "$old_domain" != "$new_domain" ]
domain=$YNH_APP_NEW_DOMAIN then
path_url=$(ynh_normalize_url_path ${YNH_APP_NEW_PATH:-'/'}) change_domain=1
app=$YNH_APP_INSTANCE_NAME fi
dbpass=$(ynh_app_setting_get "$app" mysqlpwd) change_path=0
admin=$(ynh_app_setting_get "$app" adminusername) if [ "$old_path" != "$new_path" ]
key=$(ynh_app_setting_get "$app" secret_key) then
port=$(ynh_app_setting_get "$app" web_port) change_path=1
is_public=$(ynh_app_setting_get "$app" is_public) fi
#================================================= #=================================================
# STANDARD MODIFICATIONS # STANDARD MODIFICATIONS
#================================================= #=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=2
# Change the domain for nginx ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
if [ "$old_domain" != "$domain" ]
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=3
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the NGINX config file
if [ $change_path -eq 1 ]
then then
# Delete file checksum for the old conf file location # Make a backup of the original NGINX config file if modified
ynh_delete_file_checksum "/etc/nginx/conf.d/$old_domain.d/$app.conf" ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
# Set global variables for NGINX helper
mv "/etc/nginx/conf.d/$old_domain.d/$app.conf" "/etc/nginx/conf.d/$domain.d/$app.conf" domain="$old_domain"
path_url="$new_path"
# Store file checksum for the new config file location # Create a dedicated NGINX config
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_add_nginx_config
fi fi
config_nginx # Change the domain for NGINX
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum --file="$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
# Update gogs config #=================================================
config_gogs # SPECIFIC MODIFICATIONS
#=================================================
# RELOAD services if [ "$path_url" = "/" ]
ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log" then
sleep 1 url="$new_domain"
else
url="$new_domain${new_path%/}"
fi
domain=$new_domain
ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/conf/app.ini"
chmod 400 "$final_path/custom/conf/app.ini"
chown $app:$app "$final_path/custom/conf/app.ini"
#=================================================
# GENERIC FINALISATION
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=2
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Change of URL completed for $app" --last

View file

@ -1,61 +0,0 @@
# Delete a file checksum from the app settings
#
# $app should be defined when calling this helper
#
# usage: ynh_remove_file_checksum file
# | arg: file - The file for which the checksum will be deleted
ynh_delete_file_checksum () {
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_delete $app $checksum_setting_name
}
# Start or restart a service and follow its booting
#
# usage: ynh_check_starting "Line to match" [Log file] [Timeout] [Service name]
#
# | arg: Line to match - The line to find in the log to attest the service have finished to boot.
# | arg: Log file - The log file to watch
# | arg: Service name
# /var/log/$app/$app.log will be used if no other log is defined.
# | arg: Timeout - The maximum time to wait before ending the watching. Defaut 300 seconds.
ynh_check_starting () {
local line_to_match="$1"
local service_name="${4:-$app}"
local app_log="${2:-/var/log/$service_name/$service_name.log}"
local timeout=${3:-300}
ynh_clean_check_starting () {
# Stop the execution of tail.
kill -s 15 $pid_tail 2>&1
ynh_secure_remove "$templog" 2>&1
}
echo "Starting of $service_name" >&2
systemctl stop $service_name
local templog="$(mktemp)"
# Following the starting of the app in its log
tail -F -n0 "$app_log" > "$templog" &
# Get the PID of the tail command
local pid_tail=$!
systemctl start $service_name
local i=0
for i in `seq 1 $timeout`
do
# Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
if grep --quiet "$line_to_match" "$templog"
then
echo "The service $service_name has correctly started." >&2
break
fi
echo -n "." >&2
sleep 1
done
if [ $i -eq $timeout ]
then
echo "The service $service_name didn't fully started before the timeout." >&2
fi
echo ""
ynh_clean_check_starting
}

View file

@ -3,91 +3,193 @@
#================================================= #=================================================
# GENERIC START # GENERIC START
#================================================= #=================================================
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
# Load common variables and helpers #=================================================
source ./experimental_helper.sh # RETRIEVE ARGUMENTS FROM THE MANIFEST
source ./_common.sh #=================================================
# Retrieve arguments # Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url=$(ynh_normalize_url_path $YNH_APP_ARG_PATH) path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC is_public=$YNH_APP_ARG_IS_PUBLIC
architecture=$YNH_ARCH
# Check domain/path availability
ynh_webpath_available $domain $path_url || ynh_die "$domain is not available as domain, please use an other domain."
ynh_webpath_register $app $domain $path_url
# Check user parameter
ynh_user_exists "$admin" \
|| ynh_die "The chosen admin user does not exist."
# Check Final Path availability
test ! -e "$final_path" || ynh_die "This path already contains a folder"
# Generate random password and key
dbpass=$(ynh_string_random)
key=$(ynh_string_random) key=$(ynh_string_random)
# Find available ports app=$YNH_APP_INSTANCE_NAME
port=$(ynh_find_port 6000)
# Store Settings #=================================================
ynh_app_setting_set $app mysqlpwd $dbpass # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
ynh_app_setting_set $app adminusername $admin #=================================================
ynh_app_setting_set $app is_public $is_public ynh_script_progression --message="Validating installation parameters..." --weight=1
ynh_app_setting_set $app secret_key $key
ynh_app_setting_set $app web_port $port final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=key --value=$key
#================================================= #=================================================
# STANDARD MODIFICATIONS # STANDARD MODIFICATIONS
#================================================= #=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding an available port..." --weight=1
# Initialize database and store mysql password for upgrade # Find an available port
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass" port=$(ynh_find_port --port=6000)
ynh_app_setting_set --app=$app --key=port --value=$port
# Add users #=================================================
# We can't use the official helper because we need to set the shell for the login # CREATE A MYSQL DATABASE
test getent passwd "$app" &>/dev/null || \ #=================================================
useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \ ynh_script_progression --message="Creating a MySQL database..." --weight=3
ynh_die "Unable to create $app system account"
db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=3
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir=$final_path --source_id="$architecture"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# CREATE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Creating a data directory..." --weight=1
datadir=/home/yunohost.app/$app
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
mkdir -p $datadir
# create needed directories # create needed directories
create_dir mkdir -p "$final_path/custom/conf/auth.d"
mkdir -p "$datadir/data/repositories"
mkdir -p "$datadir/data/avatars"
mkdir -p "$datadir/data/attachments"
# Install Gogs chmod 750 "$datadir"
ynh_setup_source $final_path $architecture chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
# Configure gogs with app.ini file #=================================================
config_gogs # MODIFY A CONFIG FILE
#=================================================
if [ "$path_url" = "/" ]
then
url="$domain"
else
url="$domain${path_url%/}"
fi
ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/conf/app.ini"
chmod 400 "$final_path/custom/conf/app.ini"
chown $app:$app "$final_path/custom/conf/app.ini"
ynh_add_config --template="../conf/ldap.conf" --destination="$final_path/custom/conf/auth.d/ldap.conf"
# Configure init script # Configure init script
ynh_add_systemd_config ynh_add_systemd_config
# Modify Nginx configuration file and copy it to Nginx conf directory #=================================================
config_nginx # NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=2
# Create a dedicated NGINX config
ynh_add_nginx_config
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1
# Set permissions # Use logrotate to manage application logfile(s)
set_permission ynh_use_logrotate
# Unprotect root from SSO if public chown -R $app:$app "/var/log/$app"
set_access_settings chmod u=rwX,g=rX,o= "/var/log/$app"
# Add Gogs to YunoHost's monitored services #=================================================
yunohost service add "$app" --log "/var/log/$app/$app.log" # INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
# Configure logrotate yunohost service add $app --description="Lightweight Git forge" --log="/var/log/$app/$app.log"
ynh_use_logrotate "/var/log/$app"
# Reload services #=================================================
ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log" # START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=3
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary or protect it
if [ $is_public -eq 1 ]
then
ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last

View file

@ -3,44 +3,102 @@
#================================================= #=================================================
# GENERIC START # GENERIC START
#================================================= #=================================================
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
# Load common variables and helpers #=================================================
source ./experimental_helper.sh # LOAD SETTINGS
source ./_common.sh #=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
port=$(ynh_app_setting_get --app=$app --key=port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#================================================= #=================================================
# STANDARD REMOVE # STANDARD REMOVE
#================================================= #=================================================
# REMOVE SERVICE INTEGRATION IN YUNOHOST
#=================================================
# Stop gogs # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
systemctl stop "$app".service if ynh_exec_warn_less yunohost service status $app >/dev/null
then
ynh_script_progression --message="Removing $app service integration..." --weight=1
yunohost service remove $app
fi
# Drop MySQL database and user #=================================================
ynh_mysql_drop_db "$dbname" 2>/dev/null # STOP AND REMOVE SERVICE
ynh_mysql_drop_user "$dbuser" 2>/dev/null #=================================================
ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
# Retrieve domain from app settings # Remove the dedicated systemd config
domain=$(ynh_app_setting_get "$app" domain) ynh_remove_systemd_config
# Delete app directory and configurations #=================================================
ynh_secure_remove "$final_path" # REMOVE THE MYSQL DATABASE
ynh_secure_remove "$DATADIR" #=================================================
ynh_secure_remove "/var/log/$app" ynh_script_progression --message="Removing the MySQL database..." --weight=2
# Remove a database if it exists, along with the associated user
ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory..." --weight=3
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE DATA DIR
#=================================================
# Remove the app data directory with the command `yunohost app remove gogs --purge`
if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
then
ynh_script_progression --message="Removing $app data directory..." --weight=2
ynh_secure_remove --file="$datadir"
fi
ynh_secure_remove --file="/var/log/$app"
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Removing logrotate configuration..." --weight=1
# Remove the app-specific logrotate config # Remove the app-specific logrotate config
ynh_remove_logrotate ynh_remove_logrotate
# Remove nginx config #=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
# Remove the dedicated NGINX config
ynh_remove_nginx_config ynh_remove_nginx_config
# Remove gogs user and data #=================================================
ynh_system_user_delete $app # REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user..." --weight=1
# Remove init script # Delete a system user
ynh_remove_systemd_config ynh_system_user_delete --username=$app
# Remove monitor #=================================================
yunohost service remove "$app" # END OF SCRIPT
#=================================================
ynh_script_progression --message="Removal of $app completed" --last

View file

@ -3,67 +3,135 @@
#================================================= #=================================================
# GENERIC START # GENERIC START
#================================================= #=================================================
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#=================================================
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
# Load common variables and helpers #=================================================
source ../settings/scripts/experimental_helper.sh # LOAD SETTINGS
source ../settings/scripts/_common.sh #=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
# Retrieve old app settings app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get "$app" domain)
path_url=$(ynh_app_setting_get "$app" path)
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
admin=$(ynh_app_setting_get "$app" adminusername)
# Check domain/path availability with app helper domain=$(ynh_app_setting_get --app=$app --key=domain)
ynh_webpath_available $domain $path_url || ynh_die "$domain is not available as domain, please use an other domain." path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
admin=$(ynh_app_setting_get --app=$app --key=admin)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
# Check user parameter #=================================================
ynh_user_exists "$admin" \ # CHECK IF THE APP CAN BE RESTORED
|| ynh_die "The chosen admin user does not exist." #=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=2
# Check Final Path availability test ! -d $final_path || ynh_die --message="There is already a directory: $final_path "
test ! -e "$final_path" || ynh_die "This path already contains a folder"
#================================================= #=================================================
# STANDARD RESTORATION STEPS # STANDARD RESTORATION STEPS
#================================================= #=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1
# Add users ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
# We can't use the official helper because we need to set the shell for the login
test getent passwd "$app" &>/dev/null || \
useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \
ynh_die "Unable to create $app system account"
# Restore all files #=================================================
ynh_restore # RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
# Create and restore the database # Create the dedicated user (if not existing)
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass" ynh_system_user_create --username=$app --home_dir="$final_path"
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./db.sql
# Restore systemd files #=================================================
systemctl daemon-reload # RESTORE THE APP MAIN DIR
systemctl enable "$app".service #=================================================
ynh_script_progression --message="Restoring $app main directory..." --weight=10
ynh_restore_file --origin_path="$final_path"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# RESTORE THE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Restoring the data directory..." --weight=1
ynh_restore_file --origin_path="$datadir" --not_mandatory
mkdir -p $datadir
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
#=================================================
# RESTORE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the MySQL database..." --weight=3
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Restoring the systemd configuration..." --weight=5
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
ynh_restore_file --origin_path="/var/log/$app"
chown -R $app:$app "/var/log/$app"
chmod u=rwX,g=rX,o= "/var/log/$app"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="Lightweight Git forge" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=3
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
# Set permissions ynh_systemd_action --service_name=nginx --action=reload
set_permission
# Configure logrotate #=================================================
ynh_use_logrotate "/var/log/$app" # END OF SCRIPT
#=================================================
# Add Gogs to YunoHost's monitored services ynh_script_progression --message="Restoration completed for $app" --last
yunohost service add "$app" --log /var/log/"$app"/"$app".log
# Reload services
systemctl reload nginx.service
ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log"

View file

@ -3,118 +3,146 @@
#================================================= #=================================================
# GENERIC START # GENERIC START
#================================================= #=================================================
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
# Load common variables and helpers #=================================================
source ./experimental_helper.sh # LOAD SETTINGS
source ./_common.sh #=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
# Retrieve app settings app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get "$app" domain)
path_url=$(ynh_normalize_url_path $(ynh_app_setting_get "$app" path)) domain=$(ynh_app_setting_get --app=$app --key=domain)
dbpass=$(ynh_app_setting_get "$app" mysqlpwd) path_url=$(ynh_app_setting_get --app=$app --key=path)
admin=$(ynh_app_setting_get "$app" adminusername) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
key=$(ynh_app_setting_get "$app" secret_key) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
is_public=$(ynh_app_setting_get "$app" is_public) db_user=$db_name
port=$(ynh_app_setting_get "$app" web_port) db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
admin=$(ynh_app_setting_get --app=$app --key=admin)
port=$(ynh_app_setting_get --app=$app --key=port)
architecture=$YNH_ARCH
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
ynh_clean_setup () { ynh_clean_setup () {
# Restore it if the upgrade fails
ynh_restore_upgradebackup ynh_restore_upgradebackup
} }
# Exit if an error occurs during the execution of the script
# Stop service ynh_abort_if_errors
systemctl stop "$app".service
#================================================= #=================================================
# MIGRATION FROM OLD VERSION # ENSURE DOWNWARD COMPATIBILITY
#================================================= #=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# Update settings is_public to new standard # Cleaning legacy permissions
if [ "$is_public" = "Yes" ]; then if ynh_legacy_permissions_exists; then
ynh_app_setting_set $app is_public 1 # Fixe is_public en booléen ynh_legacy_permissions_delete_all
is_public=1
elif [ "$is_public" = "No" ]; then ynh_app_setting_delete --app=$app --key=is_public
ynh_app_setting_set $app is_public 0
is_public=0
fi fi
if [[ $port == "" ]] #=================================================
then # STANDARD UPGRADE STEPS
port=$(ynh_find_port 6000) #=================================================
ynh_app_setting_set $app web_port $port # STOP SYSTEMD SERVICE
fi #=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=2
# handle upgrade from old package installation ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
# this test that /etc/gogs exist since this was used in the old package
# but not in the new
# this code will be removed in the future
if [ -d "/etc/gogs" ]
then
# create needed directories if not already created
create_dir
# move repositories to new dir
old_repo_path=$(ynh_app_setting_get "$app" repopath)
mv "${old_repo_path:-/home/yunohost.app/gogs}"/* "$REPO_PATH" || true # Avoid if the directory is empty
# cleanup old dir and conf
ynh_secure_remove /opt/gogs
ynh_secure_remove /etc/gogs
ynh_secure_remove /opt/gogs_src
# create needed directories if not already created
create_dir
fi
# end of old package upgrade
# test if user gogs is locked because of an old installation of the package.
# if it's blocked, unlock it to allow ssh usage with git
if [[ $(grep "$app" /etc/shadow | cut -d: -f2) == '!' ]]
then
usermod -p '*' "$app"
fi
# Remove old authentification mecanisme, actually the registry in the database has been replaced by a config file
if [[ ! -e "$final_path/custom/conf/auth.d/ldap.conf" ]]
then
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "DELETE FROM login_source WHERE name = 'Yunohost LDAP';"
mkdir -p "$final_path/custom/conf/auth.d"
fi
#================================================= #=================================================
# STANDARD UPGRADE STEPS # STANDARD UPGRADE STEPS
#================================================= #=================================================
# Clean template to fix issue : https://github.com/gogits/gogs/issues/4585 # Clean template to fix issue : https://github.com/gogits/gogs/issues/4585
ynh_secure_remove "/opt/gogs/templates" ynh_secure_remove --file="$final_path/templates"
# Install Gogs #=================================================
ynh_setup_source $final_path $architecture # DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=3
# Configure gogs with app.ini file ynh_app_setting_set --app=$app --key=final_path --value=$final_path
config_gogs # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir=$final_path --source_id="$architecture" --keep="$final_path/custom/conf/app.ini $final_path/custom/conf/auth.d/ldap.conf"
# Configure init script chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config ynh_add_systemd_config
# Modify Nginx configuration file and copy it to Nginx conf directory #=================================================
config_nginx # NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2
# Create a dedicated NGINX config
ynh_add_nginx_config
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1
# Unprotect root from SSO if public # Use logrotate to manage application logfile(s)
set_access_settings ynh_use_logrotate
# Set permissions chown -R $app:$app "/var/log/$app"
set_permission chmod u=rwX,g=rX,o= "/var/log/$app"
# Reload services #=================================================
ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log" # INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
yunohost service add $app --description="Lightweight Git forge" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last