gitea/install
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
install/setup.sh
iliyan ivanov f544aef439
fix: persist secrets 
optional ssh and gpg keys init
2019-06-26 03:12:49 +03:00

168 lines
6.0 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
set -e
curp="$(cd "$(dirname "$0")" && pwd)"
# prefer gitea executable in project folder and fallback to $PATH
[[ -x "$curp/gitea" ]] && giteae="$curp/gitea" \
|| giteae=$(command -v gitea 2>/dev/null) \
|| { echo "gitea executable not found!" 1>&2;exit 1; }
set_in_file() {
# ensure there is a line with $1=$2 in file $3
grep -q "^$1=" "$3" && sed "s/^$1=.*/$1=$2/" -i "$3" \
|| echo "$1=$2" >> "$3"
}
gen_app_ini() {
source "$curp/.defaults.sh"
tempini="$curp/custom/conf/app.ini.temp"
realini="$curp/custom/conf/app.ini"
for x in $(find "$curp/.defaults" -type f -name "*.sh"); do
source "$x"
done
truncate -s 0 "$tempini"
# first build the template
for x in $( ( set -o posix ; set ) |grep -o '^A_DEFAULT_SETTINGS.*=' | cut -d '=' -f1); do
echo -e "${!x}\n" >> "$tempini"
done
# then replace variables in the template
for x in $(cat "$tempini" | grep -o '{{%.*%}}' | sed -e 's/^{{%//' -e 's/%}}//' | sort | uniq); do
sed -i -e "s#{{%$x%}}#$(echo -n "${!x}"|sed -z 's/\n/\\n/g')#" "$tempini"
done
[[ "$(sha1sum "$tempini" | cut -d ' ' -f1 | tr -d '\n')" != "$(sha1sum "$realini" | cut -d ' ' -f1 | tr -d '\n')" ]] \
&& mv "$tempini" "$realini" || rm "$tempini"
}
create_admin() {
if [ -z "${ADMIN_PASSWORD}" ]; then
ADMIN_PASSWORD=$(head /dev/urandom | tr -dc 'A-Za-z0-9_' | head -c 32)
echo "pass: ${ADMIN_PASSWORD}"
set_in_file "ADMIN_PASSWORD" "${ADMIN_PASSWORD}" "$curp/.custom_defaults.sh"
fi
set +e
output=$("$giteae" admin create-user \
--username "${ADMIN_USER}" \
--email "${ADMIN_EMAIL}" \
--password "${ADMIN_PASSWORD}" \
--admin \
--access-token)
ecode="$?"
set -e
echo "$output" 1>&2
if [ "$ecode" -ne 0 ]; then
echo "command exited with status code: $ecode"
return "$ecode"
else
ADMIN_TOKEN=$(echo -n "$output" | grep 'Access token was successfully created' | rev | cut -d ' ' -f1 | rev)
echo "token: ${ADMIN_TOKEN}"
set_in_file "ADMIN_TOKEN" "${ADMIN_TOKEN}" "$curp/.custom_defaults.sh"
fi
}
create_org() {
orgid=$(curl --silent -X POST "${apiurl}/orgs" \
-H "Authorization: token ${ADMIN_TOKEN}" \
-H "accept: application/json" \
-H "Content-Type: application/json" \
-d "{ \"username\": \"$1\", \"visibility\": \"limited\"}" | jq -r '.id')
[[ "$orgid" != "null" ]] && sleep 1 || true
}
create_repo() {
repoid=$(curl --silent -X POST "${apiurl}$2" \
-H "Authorization: token ${ADMIN_TOKEN}" \
-H "accept: application/json" \
-H "Content-Type: application/json" \
-d "{\"auto_init\": false, \"private\": true, \"name\": \"$1\"}" | jq -r '.id')
[[ "$repoid" != "null" ]] && sleep 5 || true
}
# load local file
touch "$curp/.custom_defaults.sh" && chmod 0600 "$curp/.custom_defaults.sh"
source "$curp/.custom_defaults.sh"
if [ -z "${ADMIN_EMAIL}" ]; then
while [ -z "${ADMIN_EMAIL}" ]; do
read -p "ADMIN_EMAIL=" ADMIN_EMAIL
done
set_in_file "ADMIN_EMAIL" "${ADMIN_EMAIL}" "$curp/.custom_defaults.sh"
fi
for x in LFS_JWT_SECRET SECRET_KEY INTERNAL_TOKEN JWT_SECRET; do
# https://github.com/go-gitea/gitea/issues/3246
# these variables need to be the same every run !!!
if [ -z "${!x}" ]; then
declare "$x"="$(head /dev/urandom | tr -dc 'A-Za-z0-9_' | head -c 40)"
fi
set_in_file "$x" "${!x}" "$curp/.custom_defaults.sh"
done
mkdir -p "$curp/custom/conf/" "$curp/log"
[ -z "$ADMIN_USER" ] && ADMIN_USER="$USER"
# generate app.ini
gen_app_ini
# migrate database
"$giteae" migrate 1>>"$curp/log/db_init.log" 2>>"$curp/log/db_init.log"
# create admin user
[ -z "${ADMIN_TOKEN}" ] && admininit=$(create_admin 2>>"$curp/log/admin_init.log")
SCREEN_SES_NAME=${SCREEN_SES_NAME:-gitea-dev}
# run gitea in screen
if ! screen -S ${SCREEN_SES_NAME} -Q "select" . > /dev/null 2>&1; then
screen -S "${SCREEN_SES_NAME}" -d -m -- sh -c "\"$giteae\" web 2>&1 | tee \"$curp/log/web.log\""
SLEEP_SECS=10
echo "Sleeping for ${SLEEP_SECS} seconds for web service to start!" 1>&2
for x in $(seq ${SLEEP_SECS} -1 1); do
echo -n "$x " 1>&2
sleep 1
done
echo "" 1>&2
fi
# reload .custom_defaults as they may have been changed
source "$curp/.custom_defaults.sh"
serverurl="$(cat custom/conf/app.ini | grep '^ROOT_URL.*=' | rev | cut -d '=' -f1 | rev | tr -d '[:space:]')"
pushuri="$(echo "$serverurl" | perl -pe "s#(https?://)#\${1}${ADMIN_USER}:${ADMIN_PASSWORD}@#" )"
apiurl="$serverurl/api/v1"
# setup GPG keys
for x in $GPGIDS; do
curl --silent -X POST "$apiurl/user/gpg_keys" \
-H "Authorization: token ${ADMIN_TOKEN}" \
-H "accept: application/json" -H "Content-Type: application/json" \
-d "{ \"armored_public_key\": $(gpg --export --armor $x | python -c 'import json,sys; print(json.dumps(sys.stdin.read()))')}"
done
# setup ssh keys @TODO: per repo deploy keys
for x in $SSHKEYFILES; do
curl --silent -X POST "$apiurl/admin/users/${ADMIN_USER}/keys" \
-H "Authorization: token ${ADMIN_TOKEN}" \
-H "accept: application/json" -H "Content-Type: application/json" \
-d "{ \"key\": $(cat "$x" | cut -d ' ' -f1,2 | python -c 'import json,sys; print(json.dumps(sys.stdin.read()))'), \"read_only\": false ,\"title\":\"$(cat "$x" | cut -d ' ' -f3)\"}"
done
# init ripos
for REPO in ${REPOS}; do
repoPath="$(echo "$REPO" | cut -d ':' -f1 | tr -d '[:space:]')"
repoOrg="$(echo "$REPO" | cut -d ':' -f2 | tr -d '[:space:]')"
repoName="$(echo "$REPO" | cut -d ':' -f3 | tr -d '[:space:]')"
[ -z "$repoName" ] && repoName="$(basename "$repoPath")"
if [ -z "$repoOrg" ]; then
repoAPIEP="/user/repos"
repoOwner="${ADMIN_USER}"
else
create_org "$repoOrg"
repoAPIEP="/org/$repoOrg/repos"
repoOwner="$repoOrg"
fi
create_repo "${repoName}" "${repoAPIEP}" 1>&2
(
cd "$repoPath"
git push "$pushuri/${repoOwner}/${repoName}.git" master
)
done
Reference in New Issue View Git Blame Copy Permalink