e/Incus-Gitea
e/Incus-Gitea
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
cd93f12bd6
Incus-Gitea/gitea.sh
imnotacoder-eeeee cd93f12bd6 fixed everything and now a masterscript
2024-07-31 21:56:36 -04:00

305 lines
8.3 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -e
CONTAINER_NAME="gitea"
WEB_PORT="3000"
SSH_PORT="2222"
PROFILE_NAME="gitea-profile"
ROOT_DISK_SIZE="20GB"
NETWORK_NAME="incusbr0"
DB_USER="gitea"
DB_PASS="gitea_password" # Default password, can be overridden with -p option
# Function to create the Incus profile
create_profile() {
local cpu=$1
local ram=$2
echo "Creating Incus profile with root disk size of $ROOT_DISK_SIZE..."
incus profile create $PROFILE_NAME || true
if [ ! -z "$ram" ]; then
echo "Setting RAM limit to ${ram}GB"
incus profile set $PROFILE_NAME limits.memory=${ram}GB
else
echo "No RAM limit specified. Using default."
fi
if [ ! -z "$cpu" ]; then
echo "Setting CPU limit to $cpu"
incus profile set $PROFILE_NAME limits.cpu=$cpu
else
echo "No CPU limit specified. Using default."
fi
incus profile device add $PROFILE_NAME root disk path=/ pool=default size=$ROOT_DISK_SIZE
echo "Ensuring network exists..."
if ! incus network list | grep -q $NETWORK_NAME; then
echo "Creating network $NETWORK_NAME..."
incus network create $NETWORK_NAME
fi
}
# Function to check if profile exists
profile_exists() {
incus profile list | grep -q $PROFILE_NAME
}
# Function to install Gitea and PostgreSQL
install_gitea() {
if ! profile_exists; then
echo "Error: Profile does not exist. Please create a profile first using '$0 profile'."
exit 1
fi
echo "Creating Incus container..."
incus launch images:ubuntu/22.04 $CONTAINER_NAME -p $PROFILE_NAME
echo "Attaching network to container..."
incus network attach $NETWORK_NAME $CONTAINER_NAME
echo "Configuring container..."
incus config set $CONTAINER_NAME security.privileged=true
incus config set $CONTAINER_NAME linux.kernel_modules=overlay,nf_nat
incus config device add $CONTAINER_NAME gitea-ssh proxy listen=tcp:0.0.0.0:$SSH_PORT connect=tcp:127.0.0.1:2222
incus config device add $CONTAINER_NAME gitea-web proxy listen=tcp:0.0.0.0:$WEB_PORT connect=tcp:127.0.0.1:3000
echo "Waiting for network to be ready..."
sleep 10
echo "Installing Gitea dependencies..."
incus exec $CONTAINER_NAME -- bash -c "
apt update
apt install -y wget git postgresql postgresql-contrib
"
echo "Setting up PostgreSQL..."
incus exec $CONTAINER_NAME -- bash -c "
sudo -u postgres psql -c \"CREATE USER $DB_USER WITH PASSWORD '$DB_PASS'\"
sudo -u postgres psql -c \"CREATE DATABASE gitea OWNER $DB_USER\"
echo \"host all all 0.0.0.0/0 password\" >> /etc/postgresql/14/main/pg_hba.conf
echo \"listen_addresses = '*'\" >> /etc/postgresql/14/main/postgresql.conf
systemctl restart postgresql
"
echo "Installing Gitea..."
incus exec $CONTAINER_NAME -- bash -c "
wget -O gitea https://dl.gitea.io/gitea/1.18.0/gitea-1.18.0-linux-amd64
chmod +x gitea
mv gitea /usr/local/bin/gitea
"
echo "Creating Gitea user and setting up directories..."
incus exec $CONTAINER_NAME -- bash -c "
adduser --system --group --disabled-password --home /var/lib/gitea --shell /bin/bash git
mkdir -p /var/lib/gitea/{custom,data,log}
chown -R git:git /var/lib/gitea/
chmod -R 750 /var/lib/gitea/
mkdir -p /etc/gitea
chown root:git /etc/gitea
chmod 770 /etc/gitea
"
echo "Creating Gitea configuration..."
incus exec $CONTAINER_NAME -- bash -c "cat > /etc/gitea/app.ini << EOL
APP_NAME = Gitea: Git with a cup of tea
RUN_USER = git
RUN_MODE = prod
[database]
DB_TYPE = postgres
HOST = 127.0.0.1:5432
NAME = gitea
USER = $DB_USER
PASSWD = $DB_PASS
[repository]
ROOT = /var/lib/gitea/data/gitea-repositories
[server]
HTTP_PORT = 3000
ROOT_URL = http://$(incus exec $CONTAINER_NAME -- ip addr show eth0 | grep 'inet ' | awk '{print $2}' | cut -d/ -f1):$WEB_PORT/
DISABLE_SSH = false
SSH_PORT = 2222
START_SSH_SERVER = true
LFS_START_SERVER = true
[security]
INSTALL_LOCK = false
[service]
DISABLE_REGISTRATION = false
REQUIRE_SIGNIN_VIEW = false
[indexer]
ISSUE_INDEXER_PATH = /var/lib/gitea/indexers/issues.bleve
[session]
PROVIDER_CONFIG = /var/lib/gitea/data/sessions
[picture]
AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /var/lib/gitea/data/repo-avatars
[attachment]
PATH = /var/lib/gitea/data/attachments
[log]
ROOT_PATH = /var/lib/gitea/log
[mailer]
ENABLED = false
[service]
DISABLE_REGISTRATION = false
REQUIRE_SIGNIN_VIEW = false
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.example.org
[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true
EOL"
echo "Setting initial permissions for Gitea config file..."
incus exec $CONTAINER_NAME -- bash -c "
chown root:git /etc/gitea/app.ini
chmod 770 /etc/gitea
chmod 660 /etc/gitea/app.ini
"
echo "Creating Gitea service..."
incus exec $CONTAINER_NAME -- bash -c "cat > /etc/systemd/system/gitea.service << EOL
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
After=postgresql.service
[Service]
RestartSec=2s
Type=simple
User=git
Group=git
WorkingDirectory=/var/lib/gitea/
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
Restart=always
Environment=USER=git HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea
[Install]
WantedBy=multi-user.target
EOL"
echo "Ensuring PostgreSQL is running and accessible..."
incus exec $CONTAINER_NAME -- bash -c "
systemctl restart postgresql
sleep 5
sudo -u git psql -h 127.0.0.1 -U gitea -d gitea -c 'SELECT 1'
"
echo "Starting Gitea..."
incus exec $CONTAINER_NAME -- bash -c "
systemctl daemon-reload
systemctl enable gitea
systemctl restart gitea
sleep 5
systemctl status gitea
"
echo "Gitea setup complete!"
echo "Access Gitea at http://$(incus exec $CONTAINER_NAME -- ip addr show eth0 | grep 'inet ' | awk '{print $2}' | cut -d/ -f1):$WEB_PORT"
echo "SSH access available on port $SSH_PORT"
echo ""
echo "After completing the web installation, run '$0 secure' to secure the configuration."
}
# Function to secure Gitea configuration
secure_gitea() {
if ! incus list | grep -q $CONTAINER_NAME; then
echo "Error: Gitea is not installed. Please install Gitea first using '$0 install'."
exit 1
fi
echo "Securing Gitea configuration..."
incus exec $CONTAINER_NAME -- bash -c 'chmod 750 /etc/gitea && chmod 640 /etc/gitea/app.ini'
echo "Gitea configuration secured."
}
# Function to display usage
usage() {
echo "Usage"
echo "Create profile:"
echo "$0 profile [-c cpu] [-r ram]"
echo ""
echo "Install Gitea and PostgreSQL:"
echo "$0 install [-p dbpassword]"
echo ""
echo "Secure the configurations:"
echo "$0 secure"
}
# Main script logic
case "$1" in
profile)
shift
cpu=""
ram=""
while getopts ":c:r:" opt; do
case ${opt} in
c )
cpu=$OPTARG
;;
r )
ram=$OPTARG
;;
\? )
echo "Invalid option: $OPTARG" 1>&2
usage
exit 1
;;
: )
echo "Invalid option: $OPTARG requires an argument" 1>&2
usage
exit 1
;;
esac
done
create_profile $cpu $ram
;;
install)
shift
while getopts ":p:" opt; do
case ${opt} in
p )
DB_PASS=$OPTARG
;;
\? )
echo "Invalid option: $OPTARG" 1>&2
usage
exit 1
;;
: )
echo "Invalid option: $OPTARG requires an argument" 1>&2
usage
exit 1
;;
esac
done
install_gitea
;;
secure)
secure_gitea
;;
*)
usage
exit 1
;;
esac
exit 0
Reference in New Issue View Git Blame Copy Permalink