2 Commits

Author SHA1 Message Date
  Lukasz Jarosz 5ac7ef3d58 joined remotely created repo with local repo 6 years ago
  Lukasz Jarosz e93f38aa59 working state 6 years ago

+ 2
- 0
.gitignore View File

@@ -41,3 +41,5 @@ Temporary Items
41 41
 # .nfs files are created when an open file is removed but is still being accessed
42 42
 .nfs*
43 43
 
44
+.atom-build.yml
45
+

+ 8
- 0
Dockerfile View File

@@ -0,0 +1,8 @@
1
+FROM gitea/gitea:latest
2
+
3
+LABEL maintainer="Lukasz Jarosz <lukasz@jarosz.pl>"
4
+
5
+COPY files /
6
+
7
+RUN apk update && \
8
+    apk add --no-cache mariadb mariadb-client nginx pwgen su-exec python3

+ 1
- 0
files/etc/s6/mariadb/finish View File

@@ -0,0 +1 @@
1
+#!/bin/sh

+ 9
- 0
files/etc/s6/mariadb/run View File

@@ -0,0 +1,9 @@
1
+#!/bin/sh
2
+
3
+DATADIR=${DATADIR:-"/data/mariadb"}
4
+MYSQL_OPTS=${MYSQL_OPTS:-""}
5
+
6
+[[ -f ./setup ]] && source ./setup
7
+
8
+exec su-exec mysql:mysql mysqld --datadir=$DATADIR --console $MYSQL_OPTS
9
+

+ 41
- 0
files/etc/s6/mariadb/setup View File

@@ -0,0 +1,41 @@
1
+#!/bin/sh
2
+
3
+if [ ! -d /run/mysqld ]; then
4
+  echo "/run/mysqld not found so creating one"
5
+  mkdir -p /run/mysqld
6
+fi
7
+chown mysql:mysql /run/mysqld
8
+
9
+if [ ! -d $DATADIR ]; then
10
+  echo "initializing db because $DATADIR is missing"
11
+
12
+  echo "creating $DATADIR and ensuring permissions"
13
+  mkdir -p $DATADIR
14
+  chown mysql:mysql $DATADIR
15
+
16
+
17
+  echo "installing db"
18
+  su-exec mysql:mysql mysql_install_db --force --datadir=$DATADIR
19
+
20
+  echo "pushing initialization data into server"
21
+  su-exec mysql:mysql mysqld --datadir=$DATADIR &
22
+  pid="$!"
23
+
24
+  for i in {30..0}; do
25
+    if echo 'SELECT 1' | mysql &> /dev/null; then
26
+      break
27
+    fi
28
+    echo 'MySQL init process in progress...'
29
+    sleep 5
30
+	done
31
+
32
+  envsubst "`printf '${%s} ' $(sh -c "env|cut -d'=' -f1")`" < /etc/templates/dbinit.sql > /tmp/dbinit.sql
33
+  cat /tmp/dbinit.sql | mysql
34
+
35
+  if ! kill -s TERM "$pid" || ! wait "$pid"; then
36
+    echo >&2 'MySQL init process failed.'
37
+    exit 1
38
+  fi
39
+
40
+  #rm /tmp/dbinit.sql
41
+fi

+ 1
- 0
files/etc/s6/nginx/finish View File

@@ -0,0 +1 @@
1
+#!/bin/sh

+ 11
- 0
files/etc/s6/nginx/run View File

@@ -0,0 +1,11 @@
1
+#!/bin/sh
2
+
3
+[[ -f ./setup ]] && source ./setup
4
+
5
+if ! nginx -q -t -c /etc/nginx/nginx.conf; then
6
+  echo "Bad nginx configuration file"
7
+  exit 1
8
+fi
9
+
10
+exec 2>&1 # pipe stderr to stdout
11
+exec nginx -c /etc/nginx/nginx.conf -g 'daemon off;'

+ 13
- 0
files/etc/s6/nginx/setup View File

@@ -0,0 +1,13 @@
1
+#!/bin/sh
2
+if [ ! -d /run/nginx ]; then
3
+  mkdir -p /run/nginx
4
+  chown nginx /run/nginx
5
+fi
6
+
7
+while [ ! -f /data/gitea/conf/app.ini ]; do
8
+  echo "Gitea configuration is still not ready waiting 10 seconds..."
9
+  sleep 10
10
+done
11
+
12
+GITEA_DOMAIN=$(iniget /data/gitea/conf/app.ini server DOMAIN)
13
+GITEA_DOMAIN=${GITEA_DOMAIN:-"localhost"} envsubst '${GITEA_DOMAIN}' < /etc/templates/nginx.conf > /etc/nginx/nginx.conf

+ 44
- 0
files/etc/templates/app.ini View File

@@ -0,0 +1,44 @@
1
+APP_NAME = $APP_NAME
2
+RUN_MODE = $RUN_MODE
3
+
4
+[repository]
5
+ROOT = /data/git/repositories
6
+
7
+[repository.upload]
8
+TEMP_PATH = /data/gitea/uploads
9
+
10
+[server]
11
+APP_DATA_PATH = /data/gitea
12
+SSH_DOMAIN       = $SSH_DOMAIN
13
+HTTP_ADDR        = 127.0.0.1
14
+HTTP_PORT        = $HTTP_PORT
15
+ROOT_URL         = $ROOT_URL
16
+DISABLE_SSH      = $DISABLE_SSH
17
+SSH_PORT         = $SSH_PORT
18
+
19
+[database]
20
+DB_TYPE = $DB_TYPE
21
+HOST    = $DB_HOST
22
+NAME    = $DB_NAME
23
+USER    = $DB_USER
24
+PASSWD  = $DB_PASSWD
25
+
26
+[session]
27
+PROVIDER_CONFIG = /data/gitea/sessions
28
+
29
+[picture]
30
+AVATAR_UPLOAD_PATH = /data/gitea/avatars
31
+
32
+[attachment]
33
+PATH = /data/gitea/attachments
34
+
35
+[log]
36
+ROOT_PATH = /data/gitea/log
37
+
38
+[security]
39
+INSTALL_LOCK = $INSTALL_LOCK
40
+SECRET_KEY   = $SECRET_KEY
41
+
42
+[service]
43
+DISABLE_REGISTRATION = $DISABLE_REGISTRATION
44
+REQUIRE_SIGNIN_VIEW  = $REQUIRE_SIGNIN_VIEW

+ 6
- 0
files/etc/templates/dbinit.sql View File

@@ -0,0 +1,6 @@
1
+DELETE FROM mysql.user WHERE user NOT IN ('mysql.sys', 'mysqlxsys', 'root') OR host NOT IN ('localhost');
2
+GRANT ALL ON *.* TO root@localhost WITH GRANT OPTION;
3
+DROP DATABASE IF EXISTS test;
4
+
5
+CREATE DATABASE IF NOT EXISTS $DB_NAME CHARACTER SET utf8 COLLATE utf8_general_ci;
6
+GRANT ALL ON $DB_NAME.* TO '$DB_USER'@localhost IDENTIFIED BY '$DB_PASSWD';

+ 124
- 0
files/etc/templates/nginx.conf View File

@@ -0,0 +1,124 @@
1
+# as simple as nginx user
2
+user nginx;
3
+
4
+# Set number of worker processes automatically based on number of CPU cores.
5
+worker_processes auto;
6
+
7
+# Enables the use of JIT for regular expressions to speed-up their processing.
8
+pcre_jit on;
9
+
10
+# Configures default error logger.
11
+error_log /var/log/nginx/error.log warn;
12
+
13
+
14
+events {
15
+	# The maximum number of simultaneous connections that can be opened by
16
+	# a worker process.
17
+	worker_connections 1024;
18
+}
19
+
20
+http {
21
+	# Includes mapping of file name extensions to MIME types of responses
22
+	# and defines the default type.
23
+	include /etc/nginx/mime.types;
24
+	default_type application/octet-stream;
25
+
26
+	# Name servers used to resolve names of upstream servers into addresses.
27
+	# It's also needed when using tcpsocket and udpsocket in Lua modules.
28
+	#resolver 208.67.222.222 208.67.220.220;
29
+
30
+	# Don't tell nginx version to clients.
31
+	server_tokens off;
32
+
33
+	# Specifies the maximum accepted body size of a client request, as
34
+	# indicated by the request header Content-Length. If the stated content
35
+	# length is greater than this size, then the client receives the HTTP
36
+	# error code 413. Set to 0 to disable.
37
+	client_max_body_size 1m;
38
+
39
+	# Timeout for keep-alive connections. Server will close connections after
40
+	# this time.
41
+	keepalive_timeout 65;
42
+
43
+	# Sendfile copies data between one FD and other from within the kernel,
44
+	# which is more efficient than read() + write().
45
+	sendfile on;
46
+
47
+	# Don't buffer data-sends (disable Nagle algorithm).
48
+	# Good for sending frequent small bursts of data in real time.
49
+	tcp_nodelay on;
50
+
51
+	# Causes nginx to attempt to send its HTTP response head in one packet,
52
+	# instead of using partial frames.
53
+	#tcp_nopush on;
54
+
55
+
56
+	# Path of the file with Diffie-Hellman parameters for EDH ciphers.
57
+	#ssl_dhparam /etc/ssl/nginx/dh2048.pem;
58
+
59
+	# Specifies that our cipher suits should be preferred over client ciphers.
60
+	ssl_prefer_server_ciphers on;
61
+
62
+	# Enables a shared SSL cache with size that can hold around 8000 sessions.
63
+	ssl_session_cache shared:SSL:2m;
64
+
65
+
66
+	# Enable gzipping of responses.
67
+	#gzip on;
68
+
69
+	# Set the Vary HTTP header as defined in the RFC 2616.
70
+	gzip_vary on;
71
+
72
+	# Enable checking the existence of precompressed files.
73
+	#gzip_static on;
74
+
75
+
76
+	# Specifies the main log format.
77
+	#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
78
+	#		'$status $body_bytes_sent "$http_referer" '
79
+	#		'"$http_user_agent" "$http_x_forwarded_for"';
80
+
81
+	# Sets the path, format, and configuration for a buffered log write.
82
+	#access_log /var/log/nginx/access.log main;
83
+
84
+  server {
85
+    listen 80;
86
+    listen [::]:80;
87
+
88
+    server_name $GITEA_DOMAIN;
89
+    client_max_body_size 200M;
90
+
91
+    location / {
92
+      proxy_pass http://localhost:3000;
93
+      proxy_set_header Host $host;
94
+      proxy_set_header X-Real-IP $remote_addr;
95
+    }
96
+
97
+  }
98
+}
99
+
100
+
101
+
102
+# redirect to ssl
103
+#server {
104
+#  listen 80;
105
+#  listen [::]:80;
106
+#  server_name $GITEA_DOMAIN;
107
+#  return 301 https://$server_name$request_uri;
108
+#}
109
+
110
+#server {
111
+#  listen 443 ssl http2;
112
+#  listen [::]:443 ssl http2;
113
+#  server_name $GITEA_DOMAIN;
114
+#  client_max_body_size 50M;
115
+#  ssl_certificate /data/ssl/cert.crt;
116
+#  ssl_certificate_key /data/ssl/cert.key;
117
+#  location / {
118
+#    proxy_pass http://localhost:3000;
119
+#    proxy_set_header Host $host;
120
+#    proxy_set_header X-Real-IP $remote_addr;
121
+#  }
122
+#}
123
+
124
+

+ 56
- 0
files/usr/bin/entrypoint View File

@@ -0,0 +1,56 @@
1
+#!/bin/sh
2
+# generic variables
3
+GITEA_DIRS="/data/gitea/conf /data/gitea/log /data/git /data/ssh"
4
+
5
+# ensuring s6 service files permissions
6
+chmod +x /etc/s6/**/*
7
+
8
+### COPIED FROM ORIGINAL /usr/bin/entrypoint
9
+
10
+if [ "${USER}" != "git" ]; then
11
+    # rename user
12
+    sed -i -e "s/^git\:/${USER}\:/g" /etc/passwd
13
+    # switch sshd config to different user
14
+    sed -i -e "s/AllowUsers git/AllowUsers ${USER}/g" /etc/ssh/sshd_config
15
+fi
16
+
17
+## Change GID for USER?
18
+if [ -n "${USER_GID}" ] && [ "${USER_GID}" != "`id -g ${USER}`" ]; then
19
+    sed -i -e "s/^${USER}:\([^:]*\):[0-9]*/${USER}:\1:${USER_GID}/" /etc/group
20
+    sed -i -e "s/^${USER}:\([^:]*\):\([0-9]*\):[0-9]*/${USER}:\1:\2:${USER_GID}/" /etc/passwd
21
+fi
22
+
23
+## Change UID for USER?
24
+if [ -n "${USER_UID}" ] && [ "${USER_UID}" != "`id -u ${USER}`" ]; then
25
+    sed -i -e "s/^${USER}:\([^:]*\):[0-9]*:\([0-9]*\)/${USER}:\1:${USER_UID}:\2/" /etc/passwd
26
+fi
27
+
28
+### END OF COPY
29
+
30
+# create missing dirs if they doesn't exist
31
+for DIR in $GITEA_DIRS; do
32
+  mkdir -p $DIR
33
+done
34
+
35
+# configuration bootstrap (if configuration file exists it takes precedence over shell variables)
36
+set -a
37
+if [ -f /data/gitea/conf/app.ini ]; then
38
+  DB_HOST=$(iniget /data/gitea/conf/app.ini database HOST)
39
+  DB_TYPE=$(iniget /data/gitea/conf/app.ini database DB_TYPE)
40
+  DB_USER=$(iniget /data/gitea/conf/app.ini database USER)
41
+  DB_NAME=$(iniget /data/gitea/conf/app.ini database NAME)
42
+  DB_PASSWD=$(iniget /data/gitea/conf/app.ini database NAME)
43
+else
44
+  DB_HOST="localhost:3306"
45
+  DB_TYPE="mysql"
46
+  DB_USER=${DB_USER:-"gitea"}
47
+  DB_NAME=${DB_NAME:-"gitea"}
48
+
49
+  if [ -z "${DB_PASSWD}" ] ; then
50
+    export DB_PASSWD=$(pwgen -1 32)
51
+    echo "Automagically generated database password: $DB_PASSWD"
52
+  fi
53
+fi
54
+set +a
55
+
56
+exec /bin/s6-svscan /etc/s6

+ 23
- 0
files/usr/bin/iniget View File

@@ -0,0 +1,23 @@
1
+#!/usr/bin/env python3
2
+import sys
3
+import configparser
4
+import io
5
+
6
+filename = sys.argv[1]
7
+section  = sys.argv[2]
8
+variable = sys.argv[3]
9
+
10
+
11
+try:
12
+    with open(filename, "r") as f:
13
+        stream = io.StringIO()
14
+        stream.write("[DEFAULT]\n")
15
+        stream.write(f.read())
16
+
17
+        cfg = configparser.ConfigParser(strict=False)
18
+        cfg.read_string(stream.getvalue())
19
+        sys.stdout.write(cfg.get(section, variable))
20
+        exit(0)
21
+except:
22
+    sys.stdout.write("")
23
+    exit(1)

Loading…
Cancel
Save