cronekorkn/bundlewrap
1
0
Fork 0
Code Issues Pull requests 8 Projects Releases Wiki Activity

gitea direct config metadata

Browse source
This commit is contained in:
cronekorkn 2022-09-15 00:54:58 +02:00
parent d2da2eb387
commit c67b3b2393
Signed by: cronekorkn
SSH key fingerprint: SHA256:v0410ZKfuO1QHdgKBsdQNF64xmTxOF8osF1LIqwTcVw
5 changed files with 65 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
bundles/gitea/files/app.ini
View file

@ -1,3 +1,4 @@
[DEFAULT]
APP_NAME = ckn-gitea APP_NAME = ckn-gitea
RUN_USER = git RUN_USER = git
RUN_MODE = prod RUN_MODE = prod
@ -13,40 +14,24 @@ MEMBERS_PAGING_NUM = 100
[server] [server]
PROTOCOL = http PROTOCOL = http
SSH_DOMAIN = ${domain}
DOMAIN = ${domain}
HTTP_ADDR = 0.0.0.0 HTTP_ADDR = 0.0.0.0
HTTP_PORT = 3500 HTTP_PORT = 3500
ROOT_URL = https://${domain}/
DISABLE_SSH = true DISABLE_SSH = true
SSH_PORT = 22 SSH_PORT = 22
LFS_START_SERVER = true LFS_START_SERVER = true
LFS_CONTENT_PATH = /var/lib/gitea/data/lfs LFS_CONTENT_PATH = /var/lib/gitea/data/lfs
LFS_JWT_SECRET = ${lfs_secret_key}
OFFLINE_MODE = true OFFLINE_MODE = true
START_SSH_SERVER = false START_SSH_SERVER = false
DISABLE_ROUTER_LOG = true DISABLE_ROUTER_LOG = true
LANDING_PAGE = explore LANDING_PAGE = explore
[database]
DB_TYPE = postgres
HOST = ${database.get('host')}:${database.get('port')}
NAME = ${database.get('database')}
USER = ${database.get('username')}
PASSWD = ${database.get('password')}
SSL_MODE = disable
LOG_SQL = false
[admin] [admin]
DEFAULT_EMAIL_NOTIFICATIONS = onmention DEFAULT_EMAIL_NOTIFICATIONS = onmention
DISABLE_REGULAR_ORG_CREATION = true DISABLE_REGULAR_ORG_CREATION = true
[security] [security]
INTERNAL_TOKEN = ${internal_token}
INSTALL_LOCK = true INSTALL_LOCK = true
SECRET_KEY = ${security_secret_key}
LOGIN_REMEMBER_DAYS = 30 LOGIN_REMEMBER_DAYS = 30
DISABLE_GIT_HOOKS = ${str(not enable_git_hooks).lower()}
[openid] [openid]
ENABLE_OPENID_SIGNIN = false ENABLE_OPENID_SIGNIN = false
@ -62,12 +47,6 @@ REQUIRE_SIGNIN_VIEW = false
DEFAULT_KEEP_EMAIL_PRIVATE = true DEFAULT_KEEP_EMAIL_PRIVATE = true
DEFAULT_ALLOW_CREATE_ORGANIZATION = false DEFAULT_ALLOW_CREATE_ORGANIZATION = false
DEFAULT_ENABLE_TIMETRACKING = true DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.${domain}
[mailer]
ENABLED = true
MAILER_TYPE = sendmail
FROM = "${app_name}" <noreply@${domain}>
[session] [session]
PROVIDER = file PROVIDER = file
@ -80,9 +59,6 @@ ENABLE_FEDERATED_AVATAR = false
MODE = console MODE = console
LEVEL = warn LEVEL = warn
[oauth2]
JWT_SECRET = ${oauth_secret_key}
[other] [other]
SHOW_FOOTER_BRANDING = true SHOW_FOOTER_BRANDING = true
SHOW_FOOTER_TEMPLATE_LOAD_TIME = false SHOW_FOOTER_TEMPLATE_LOAD_TIME = false

11
bundles/gitea/items.py
View file

@ -1,3 +1,7 @@
from os.path import join
from bundlewrap.utils.dicts import merge_dict
version = version=node.metadata.get('gitea/version') version = version=node.metadata.get('gitea/version')
downloads['/usr/local/bin/gitea'] = { downloads['/usr/local/bin/gitea'] = {
@ -34,7 +38,12 @@ actions = {
} }
files['/etc/gitea/app.ini'] = { files['/etc/gitea/app.ini'] = {
'content_type': 'mako', 'content': repo.libs.ini.dumps(
merge_dict(
repo.libs.ini.parse(open(join(repo.path, 'bundles', 'gitea', 'files', 'app.ini')).read()),
node.metadata.get('gitea/conf'),
),
),
'owner': 'git', 'owner': 'git',
'context': node.metadata['gitea'], 'context': node.metadata['gitea'],
'triggers': { 'triggers': {

52
bundles/gitea/metadata.py
View file

@ -11,18 +11,7 @@ defaults = {
}, },
}, },
'gitea': { 'gitea': {
'database': { 'conf': {},
'host': 'localhost',
'port': '5432',
'username': 'gitea',
'password': database_password,
'database': 'gitea',
},
'app_name': 'Gitea',
'lfs_secret_key': repo.vault.password_for(f'{node.name} gitea lfs_secret_key', length=43),
'security_secret_key': repo.vault.password_for(f'{node.name} gitea security_secret_key'),
'oauth_secret_key': repo.vault.password_for(f'{node.name} gitea oauth_secret_key', length=43),
'internal_token': repo.vault.password_for(f'{node.name} gitea internal_token'),
}, },
'postgresql': { 'postgresql': {
'roles': { 'roles': {
@ -69,6 +58,45 @@ defaults = {
} }
@metadata_reactor.provides(
'gitea/conf',
)
def conf(metadata):
domain = metadata.get('gitea/domain')
return {
'gitea': {
'conf': {
'server': {
'SSH_DOMAIN': domain,
'DOMAIN': domain,
'ROOT_URL': f'https://{domain}/',
'LFS_JWT_SECRET': repo.vault.password_for(f'{node.name} gitea lfs_secret_key', length=43),
},
'security': {
'INTERNAL_TOKEN': repo.vault.password_for(f'{node.name} gitea internal_token'),
'SECRET_KEY': repo.vault.password_for(f'{node.name} gitea security_secret_key'),
},
'database': {
'DB_TYPE': 'postgres',
'HOST': 'localhost:5432',
'NAME': 'gitea',
'USER': 'gitea',
'PASSWD': database_password,
'SSL_MODE': 'disable',
'LOG_SQL': 'false',
},
'service': {
'NO_REPLY_ADDRESS': f'noreply.{domain}',
},
'oauth2': {
'JWT_SECRET': repo.vault.password_for(f'{node.name} gitea oauth_secret_key', length=43),
},
},
},
}
@metadata_reactor.provides( @metadata_reactor.provides(
'zfs/datasets', 'zfs/datasets',
) )

6
libs/ini.py
View file

@ -1,5 +1,7 @@
from configparser import ConfigParser from configparser import ConfigParser
import json import json
from bundlewrap.metadata import MetadataJSONEncoder
class Writable(): class Writable():
data = '' data = ''
@ -14,14 +16,14 @@ class CaseSensitiveConfigParser(ConfigParser):
def parse(text): def parse(text):
config = CaseSensitiveConfigParser() config = CaseSensitiveConfigParser()
config.read_string(text) config.read_string(text)
return { return {
section: dict(config.items(section)) section: dict(config.items(section))
for section in config.sections() for section in config.sections()
} }
def dumps(dict): def dumps(dict):
sorted_dict = json.loads(json.dumps(dict, sort_keys=True)) sorted_dict = json.loads(json.dumps(dict, sort_keys=True, cls=MetadataJSONEncoder))
parser = CaseSensitiveConfigParser() parser = CaseSensitiveConfigParser()
parser.read_dict(sorted_dict) parser.read_dict(sorted_dict)

10
nodes/home.server.py
View file

@ -63,6 +63,16 @@
'version': '1.17.1', 'version': '1.17.1',
'sha256': 'eafd476ee2a303d758448314272add00898d045439ab0d353ff4286c5e63496f', 'sha256': 'eafd476ee2a303d758448314272add00898d045439ab0d353ff4286c5e63496f',
'domain': 'git.sublimity.de', 'domain': 'git.sublimity.de',
'conf': {
'mailer': {
'ENABLED': True,
'FROM': 'gitea@sublimity.de',
'MAILER_TYPE': 'smtp',
'HOST': 'mail.sublimity.de:587',
'USER': 'gitea@sublimity.de',
'PASSWD': '!decrypt:encrypt$gAAAAABjIlbZprmcIe_YktYgTU85VRSRz1MkyA7lNSDptWzGMrZ1N_YUXWoAIjWp4Lrmi8J0XYH9Pazhmz1vaIGUqUEsEnJXNh5n6-0Z0gcpePFC7x-Aj_M=',
},
},
}, },
'gollum': { 'gollum': {
'domain': 'wiki.sublimity.de', 'domain': 'wiki.sublimity.de',