Added deployment script, nginx conf, and more...

This commit is contained in:
Dionysus 2024-01-24 01:44:52 -05:00
parent 1a76159133
commit 6b8fd549c2
Signed by: acidvegas
GPG Key ID: EF4B922DB85DC9DE
7 changed files with 99 additions and 0 deletions

View File

Before

Width:  |  Height:  |  Size: 1.4 KiB

After

Width:  |  Height:  |  Size: 1.4 KiB

View File

Before

Width:  |  Height:  |  Size: 2.6 KiB

After

Width:  |  Height:  |  Size: 2.6 KiB

View File

Before

Width:  |  Height:  |  Size: 17 KiB

After

Width:  |  Height:  |  Size: 17 KiB

View File

Before

Width:  |  Height:  |  Size: 17 KiB

After

Width:  |  Height:  |  Size: 17 KiB

71
deploy Executable file
View File

@ -0,0 +1,71 @@
#!/bin/sh
# SuperNETs Gitea Helper Script - developed by acidvegas (https://git.acid.vegas)
# Tranfser your Gitea backup file prior to using this script.
# Backup your previous instance with: gitea dump -c /etc/gitea/app.ini
setup_system() {
adduser --system --shell /bin/bash --gecos 'Git Version Control' --group --disabled-password --home /home/git git
}
setup_postgres() {
apt-get install -y postgresql postgresql-client
# Create a new role
su -c "psql -c \"CREATE ROLE git WITH LOGIN PASSWORD 'CHANGEME';\"" postgres
# Create a new database
su -c "psql -c \"CREATE DATABASE gitdb WITH OWNER git TEMPLATE template0 ENCODING UTF8 LC_COLLATE 'en_US.UTF-8' LC_CTYPE 'en_US.UTF-8';\"" postgres
printf "\n\nlocal gitdb git scram-sha-256\n" >> /etc/postgresql/*/main/pg_hba.conf
systemctl restart postgresql && systemctl enable postgresql
}
setup_gitea() {
apt-get install -y git unzip
# Grab the latest Gitea binary
wget -O /usr/local/bin/gitea https://dl.gitea.com/gitea/1.21.4/gitea-1.21.4-linux-amd64 && chmod +x /usr/local/bin/gitea
# Setup the Gitea directories
mkdir -p /etc/gitea /var/lib/gitea/custom/assets /var/lib/gitea/data /var/lib/gitea/log
# Extract the backup file
unzip gitea-dump-*.zip
cd gitea-dump-*
mv app.ini /etc/gitea/
mv data /var/lib/gitea/data
mv log /var/lib/gitea/log
mv repos /var/lib/gitea/data/gitea-repositories
mv custom /var/lib/gitea/custom
psql -U git -d gitdb < gitea-db.sql # Might have to double check this
# Set permissions
chown root:git /etc/gitea
chmod 750 /etc/gitea
chmod 640 /etc/gitea/app.ini
chown -R git:git /var/lib/gitea/
chmod -R 750 /var/lib/gitea/
# Grab completions and service file
wget -O /usr/share/bash-completion/completions/gitea https://raw.githubusercontent.com/go-gitea/gitea/main/contrib/autocompletion/bash_autocomplete
wget -O /etc/systemd/system/gitea.service https://raw.githubusercontent.com/go-gitea/gitea/release/v1.21/contrib/systemd/gitea.service
# LET ER RIP !!
systemctl enable gitea && systemctl start gitea
}
setup_nginx_proxy() {
apt-get install -y certbot
certbot certonly --standalone -d git.supernets.org -m admin@supernets.org
echo -e "[Unit]\nDescription=cerbot renewal\n\n[Service]\nType=oneshot\nExecStart=/usr/bin/certbot renew -n --quiet --agree-tos --deploy-hook systemctl restart nginx" > /etc/systemd/system/certbot.service
echo -e "[Unit]\nDescription=cerbot renewal timer\n\n[Timer]\nOnCalendar=0/12:00:00\nRandomizedDelaySec=1h\nPersistent=true\n\n[Install]\nWantedBy=timers.target" > /etc/systemd/system/certbot.timer
systemctl enable certbot.timer && systemctl start certbot.timer
apt-get install -y nginx
wget -O /etc/nginx/sites-enabled/git.supernets.org https://raw.githubusercontent.com/supernets/gitea/main/nginx.conf
systemctl restart nginx && systemctl enable nginx
}

28
nginx.conf Normal file
View File

@ -0,0 +1,28 @@
server {
server_name git.supernets.org;
location / {
client_max_body_size 512M;
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/git.supernets.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/git.supernets.org/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
if ($host = git.supernets.org) {
return 301 https://$host$request_uri;
}
listen 80;
server_name git.supernets.org;
return 404;
}