samba

gitea direct config metadata
stop nextcloud preview generation
2022-09-15 00:55:06 +02:00 · 2022-09-15 00:54:58 +02:00 · 2022-09-15 00:53:45 +02:00 · 2022-09-15 00:53:06 +02:00 · 2022-09-15 00:51:52 +02:00 · 2022-09-15 00:31:31 +02:00
10 changed files with 83 additions and 56 deletions
--- a/bundles/bind/items.py
+++ b/bundles/bind/items.py
@ -1,7 +1,5 @@
 from ipaddress import ip_address, ip_interface
 from datetime import datetime
 import json
 from bundlewrap.metadata import MetadataJSONEncoder
 from hashlib import sha3_512
--- a/bundles/gitea/files/app.ini
+++ b/bundles/gitea/files/app.ini
@ -1,3 +1,4 @@
 [DEFAULT]
 APP_NAME = ckn-gitea
 RUN_USER = git
 RUN_MODE = prod
@ -13,40 +14,24 @@ MEMBERS_PAGING_NUM = 100
 [server]
 PROTOCOL = http
 SSH_DOMAIN = ${domain}
 DOMAIN = ${domain}
 HTTP_ADDR = 0.0.0.0
 HTTP_PORT = 3500
 ROOT_URL = https://${domain}/
 DISABLE_SSH = true
 SSH_PORT = 22
 LFS_START_SERVER = true
 LFS_CONTENT_PATH = /var/lib/gitea/data/lfs
 LFS_JWT_SECRET = ${lfs_secret_key}
 OFFLINE_MODE = true
 START_SSH_SERVER = false
 DISABLE_ROUTER_LOG = true
 LANDING_PAGE = explore
 [database]
 DB_TYPE = postgres
 HOST = ${database.get('host')}:${database.get('port')}
 NAME = ${database.get('database')}
 USER = ${database.get('username')}
 PASSWD = ${database.get('password')}
 SSL_MODE = disable
 LOG_SQL = false
 [admin]
 DEFAULT_EMAIL_NOTIFICATIONS = onmention
 DISABLE_REGULAR_ORG_CREATION = true
 [security]
 INTERNAL_TOKEN = ${internal_token}
 INSTALL_LOCK = true
 SECRET_KEY = ${security_secret_key}
 LOGIN_REMEMBER_DAYS = 30
 DISABLE_GIT_HOOKS = ${str(not enable_git_hooks).lower()}
 [openid]
 ENABLE_OPENID_SIGNIN = false
@ -62,12 +47,6 @@ REQUIRE_SIGNIN_VIEW = false
 DEFAULT_KEEP_EMAIL_PRIVATE = true
 DEFAULT_ALLOW_CREATE_ORGANIZATION = false
 DEFAULT_ENABLE_TIMETRACKING = true
 NO_REPLY_ADDRESS = noreply.${domain}
 [mailer]
 ENABLED = true
 MAILER_TYPE = sendmail
 FROM = "${app_name}" <noreply@${domain}>
 [session]
 PROVIDER = file
@ -80,9 +59,6 @@ ENABLE_FEDERATED_AVATAR = false
 MODE = console
 LEVEL = warn
 [oauth2]
 JWT_SECRET = ${oauth_secret_key}
 [other]
 SHOW_FOOTER_BRANDING = true
 SHOW_FOOTER_TEMPLATE_LOAD_TIME = false
--- a/bundles/gitea/items.py
+++ b/bundles/gitea/items.py
@ -1,3 +1,7 @@
 from os.path import join
 from bundlewrap.utils.dicts import merge_dict
 version = version=node.metadata.get('gitea/version')
 downloads['/usr/local/bin/gitea'] = {
@ -34,7 +38,12 @@ actions = {
 }
 files['/etc/gitea/app.ini'] = {
-    'content_type': 'mako',
+    'content': repo.libs.ini.dumps(
        merge_dict(
            repo.libs.ini.parse(open(join(repo.path, 'bundles', 'gitea', 'files', 'app.ini')).read()),
            node.metadata.get('gitea/conf'),
        ),
    ),
    'owner': 'git',
    'context': node.metadata['gitea'],
    'triggers': {
--- a/bundles/gitea/metadata.py
+++ b/bundles/gitea/metadata.py
@ -11,18 +11,7 @@ defaults = {
        },
    },
    'gitea': {
-        'database': {
+        'conf': {},
            'host': 'localhost',
            'port': '5432',
            'username': 'gitea',
            'password': database_password,
            'database': 'gitea',
        },
        'app_name': 'Gitea',
        'lfs_secret_key': repo.vault.password_for(f'{node.name} gitea lfs_secret_key', length=43),
        'security_secret_key': repo.vault.password_for(f'{node.name} gitea security_secret_key'),
        'oauth_secret_key': repo.vault.password_for(f'{node.name} gitea oauth_secret_key', length=43),
        'internal_token': repo.vault.password_for(f'{node.name} gitea internal_token'),
    },
    'postgresql': {
        'roles': {
@ -69,6 +58,45 @@ defaults = {
 }
@metadata_reactor.provides(
    'gitea/conf',
 )
 def conf(metadata):
    domain = metadata.get('gitea/domain')
    return {
        'gitea': {
            'conf': {
                'server': {
                    'SSH_DOMAIN': domain,
                    'DOMAIN': domain,
                    'ROOT_URL': f'https://{domain}/',
                    'LFS_JWT_SECRET': repo.vault.password_for(f'{node.name} gitea lfs_secret_key', length=43),
                },
                'security': {
                    'INTERNAL_TOKEN': repo.vault.password_for(f'{node.name} gitea internal_token'),
                    'SECRET_KEY': repo.vault.password_for(f'{node.name} gitea security_secret_key'),
                },
                'database': {
                    'DB_TYPE': 'postgres',
                    'HOST': 'localhost:5432',
                    'NAME': 'gitea',
                    'USER': 'gitea',
                    'PASSWD': database_password,
                    'SSL_MODE': 'disable',
                    'LOG_SQL': 'false',
                },
                'service': {
                    'NO_REPLY_ADDRESS': f'noreply.{domain}',
                },
                'oauth2': {
                    'JWT_SECRET': repo.vault.password_for(f'{node.name} gitea oauth_secret_key', length=43),
                },
            },
        },
    }
@metadata_reactor.provides(
    'zfs/datasets',
 )
--- a/bundles/nextcloud/files/managed.config.php
+++ b/bundles/nextcloud/files/managed.config.php
@ -39,4 +39,5 @@ $CONFIG = array (
  "logfile" => "",
  "loglevel" => 3,
  "default_phone_region" => "DE",
  "versions_retention_obligation" => "auto, 90",
 );
--- a/bundles/nextcloud/files/rescan
+++ b/bundles/nextcloud/files/rescan
@ -2,4 +2,4 @@
 php /opt/nextcloud/occ files:scan --all
 php /opt/nextcloud/occ files:scan-app-data
-php /opt/nextcloud/occ preview:generate-all
+#php /opt/nextcloud/occ preview:generate-all
--- a/bundles/samba/files/smb.conf
+++ b/bundles/samba/files/smb.conf
@ -7,6 +7,8 @@
  unix password sync = no
  server min protocol = SMB3
  server smb encrypt = required
  local master = yes
  preferred master = yes
 % for name, confs in shares.items():
 [${name}]
--- a/bundles/ssh/files/ssh_config
+++ b/bundles/ssh/files/ssh_config
@ -4,6 +4,7 @@ Host *
    GSSAPIAuthentication yes
    StrictHostKeyChecking yes
    GlobalKnownHostsFile /etc/ssh/ssh_known_hosts
-    ControlMaster auto
+    # fixme: prevents backup server from sleeping
-    ControlPath ~/.ssh/multiplex-%C
+    # ControlMaster auto
-    ControlPersist 5m
+    # ControlPath ~/.ssh/multiplex-%C
    # ControlPersist 5m
--- a/libs/ini.py
+++ b/libs/ini.py
@ -1,5 +1,7 @@
 from configparser import ConfigParser
 import json
 from bundlewrap.metadata import MetadataJSONEncoder
 class Writable():
    data = ''
@ -21,7 +23,7 @@ def parse(text):
    }
 def dumps(dict):
-    sorted_dict = json.loads(json.dumps(dict, sort_keys=True))
+    sorted_dict = json.loads(json.dumps(dict, sort_keys=True, cls=MetadataJSONEncoder))
    parser = CaseSensitiveConfigParser()
    parser.read_dict(sorted_dict)
--- a/nodes/home.server.py
+++ b/nodes/home.server.py
@ -63,6 +63,16 @@
            'version': '1.17.1',
            'sha256': 'eafd476ee2a303d758448314272add00898d045439ab0d353ff4286c5e63496f',
            'domain': 'git.sublimity.de',
            'conf': {
                'mailer': {
                    'ENABLED': True,
                    'FROM': 'gitea@sublimity.de',
                    'MAILER_TYPE': 'smtp',
                    'HOST': 'mail.sublimity.de:587',
                    'USER': 'gitea@sublimity.de',
                    'PASSWD': '!decrypt:encrypt$gAAAAABjIlbZprmcIe_YktYgTU85VRSRz1MkyA7lNSDptWzGMrZ1N_YUXWoAIjWp4Lrmi8J0XYH9Pazhmz1vaIGUqUEsEnJXNh5n6-0Z0gcpePFC7x-Aj_M=',
                },
            },
        },
        'gollum': {
            'domain': 'wiki.sublimity.de',
Author	SHA1	Message	Date
cronekorkn	af274d0076	samba	2022-09-15 00:55:06 +02:00
cronekorkn	c67b3b2393	gitea direct config metadata	2022-09-15 00:54:58 +02:00
cronekorkn	d2da2eb387	stop nextcloud preview generation	2022-09-15 00:53:45 +02:00
cronekorkn	dc9e38d4ba	nextcloud limit version retention	2022-09-15 00:53:06 +02:00
cronekorkn	1fb71a0f25	remove obsolete includes	2022-09-15 00:51:52 +02:00
cronekorkn	2712d212b6	multiplex prevents backup server from sleeping	2022-09-15 00:31:31 +02:00