Revamped for docker/sqlite3, lots of bugs fixed

2026-02-06 13:22:25 -05:00
parent c42b6a92b7
commit 8a72c9b086
11 changed files with 141 additions and 798 deletions
--- a/.env.example
+++ b/.env.example
@@ -0,0 +1,5 @@
+# SuperNETs Gitea Deployment - Developed by acidvegas (https://git.supernets.org/supernets/gitea)
+# gitea/.env.example
+
+GITEA_SECRET_KEY=
+GITEA_INTERNAL_TOKEN=
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,4 @@
+# SuperNETs Gitea Deployment - Developed by acidvegas (https://git.supernets.org/supernets/gitea)
+# gitea/.gitignore
+
+.env
--- a/app.ini
+++ b/app.ini
@@ -1,101 +1,86 @@
+# SuperNETs Gitea Deployment - Developed by acidvegas (https://git.supernets.org/supernets/gitea)
+# gitea/app.ini
+
 APP_NAME = SuperNETs Git
 RUN_USER = git
-WORK_PATH = /var/lib/gitea
-RUN_MODE = prod
-
-[database]
-DB_TYPE = postgres
-HOST = 127.0.0.1:1337
-NAME = gitea-database
-USER = gitea-admin
-PASSWD = simps0nsfan420!
-SSL_MODE = disable
-PATH = /var/lib/gitea/data/gitea.db
-LOG_SQL = false

 [repository]
-ROOT = /var/lib/gitea/data/gitea-repositories
-MAX_CREATION_LIMIT = 100
-DISABLE_STARS = true
-ENABLE_PUSH_CREATE_USER = true
-ENABLE_PUSH_CREATE_ORG = true
+MAX_CREATION_LIMIT               = 250
+ENABLE_PUSH_CREATE_USER          = true
+DEFAULT_REPO_UNITS               = repo.code,repo.releases,repo.issues,repo.pulls
+DEFAULT_MIRROR_REPO_UNITS        = repo.code,repo.releases,repo.issues,repo.pulls
+DISABLE_STARS                    = true
 DISABLE_DOWNLOAD_SOURCE_ARCHIVES = true

-[repository.signing]
-DEFAULT_TRUST_MODEL = committer
-
-[repository.mimetype_mapping]
-.conf=text/plain
-
-[repository.upload]
-MAX_FILES=24
-
-[server]
-SSH_DOMAIN = git.supernets.org
-DOMAIN = git.supernets.org
-HTTP_PORT = 30443
-ROOT_URL = https://git.supernets.org/
-APP_DATA_PATH = /var/lib/gitea/data
-DISABLE_SSH = false
-SSH_PORT = 30022
-SSH_LISTEN_PORT = 30022
-START_SSH_SERVER = true
-LFS_START_SERVER = true
-LFS_JWT_SECRET = HaO9I5J_Uv4RXGoEyaPVPftvKAqSKV8Y-YDBVAz0VSn
-OFFLINE_MODE = false
-
-[lfs]
-PATH = /var/lib/gitea/data/lfs
-
-[mailer]
-ENABLED = false
-
-[service]
-REGISTER_MANUAL_CONFIRM = true
-DISABLE_REGISTRATION = false
-REQUIRE_SIGNIN_VIEW = false
-DEFAULT_KEEP_EMAIL_PRIVATE = true
-NO_REPLY_ADDRESS = blackhole.supernets.org
-
-[openid]
-ENABLE_OPENID_SIGNIN = true
-ENABLE_OPENID_SIGNUP = true
-
-[cron.update_checker]
-ENABLED = false
-
-[session]
-PROVIDER = file
-
-[log]
-MODE = console
-LEVEL = info
-ROOT_PATH = /var/lib/gitea/log
-
-[security]
-INSTALL_LOCK = true
-INTERNAL_TOKEN = pBZMfv9c3WWW9vd8zREUuYQ2HYBaptDppw5hvLqEd6xWKtUCZLz3vE1U2OUldzZiSgCqxFdeyV01hvOq4GjbiFCuLy5jKcccpzfHoEgFx
-PASSWORD_HASH_ALGO = pbkdf2
-LOGIN_REMEMBER_DAYS = 7
-COOKIE_USERNAME = supergit_who
-COOKIE_REMEMBER_NAME = supergit_auth
-MIN_PASSWORD_LENGTH = 10
-PASSWORD_COMPLEXITY = lower,upper,digit,spec
-
-[oauth2]
-JWT_SECRET = TYDxRn82KAufgH88dcQWyNUtcMwlwiMswfgpCcpvE5o
-
-[U2F]
-APP_ID = https://git.supernets.org
-TRUSTED_FACETS = https://git.supernets.org
-
 [ui]
 SHOW_USER_EMAIL = false
-DEFAULT_THEME = github
-THEMES = github
-MAX_DISPLAY_FILE_SIZE=52428800
+DEFAULT_THEME   = github
+THEMES          = github
+
+[ui.meta]
+AUTHOR      = SuperNETs Git
+DESCRIPTION = Hardest Git Repositories in the World
+KEYWORDS    = git, repository
+
+[server]
+DOMAIN             = git.supernets.org
+ROOT_URL           = https://git.supernets.org/
+SSH_PORT           = 2222
+SSH_LISTEN_PORT    = 2222
+START_SSH_SERVER   = true
+
+[database]
+DB_TYPE = sqlite3
+
+[admin]
+DEFAULT_EMAIL_NOTIFICATIONS = disabled
+
+[security]
+INSTALL_LOCK   = true
+SECRET_KEY     = __SECRET_KEY__
+INTERNAL_TOKEN = __INTERNAL_TOKEN__
+
+[openid]
+ENABLE_OPENID_SIGNIN = false
+ENABLE_OPENID_SIGNUP = false
+
+[service]
+REQUIRE_SIGNIN_VIEW               = false
+ENABLE_CAPTCHA                    = true
+REQUIRE_CAPTCHA_FOR_LOGIN         = true
+DEFAULT_KEEP_EMAIL_PRIVATE        = true
+NO_REPLY_ADDRESS                  = enterthevoid.blackhole
+ALLOW_ONLY_INTERNAL_REGISTRATION  = true
+
+[picture]
+REPOSITORY_AVATAR_FALLBACK = random
+
+[repository.mimetype_mapping]
+.txt = text/plain
+.log = text/plain
+.csv = text/plain
+.json = application/json
+.xml  = text/xml
+
+[markup.plaintext]
+ENABLED         = true
+FILE_EXTENSIONS = .txt,.log
+RENDER_COMMAND  = cat
+IS_INPUT_FILE   = false
+
+[api]
+ENABLE_SWAGGER = false
+
+[oauth2]
+ENABLED = false
+
+[mirror]
+MIN_INTERVAL = 1h
+
+[other]
+SHOW_FOOTER_VERSION            = false
+SHOW_FOOTER_TEMPLATE_LOAD_TIME = false
+SHOW_FOOTER_POWERED_BY         = false
+ENABLE_SITEMAP                 = false

-[attachment]
-MAX_SIZE = 4096

-# LOL @ skids... *continues watching the simpsons*
--- a/custom/public/assets/css/theme-github.css
+++ b/custom/public/assets/css/theme-github.css
--- a/custom/public/assets/img/logo.svg
+++ b/custom/public/assets/img/logo.svg
--- a/custom/templates/base/footer_content.tmpl
+++ b/custom/templates/base/footer_content.tmpl
@@ -1,17 +0,0 @@
-<footer class="page-footer" role="group" aria-label="{{.locale.Tr "aria.footer"}}">
-	<div class="left-links" role="contentinfo" aria-label="{{.locale.Tr "aria.footer.software"}}">
-	</div>
-	<div class="right-links" role="group" aria-label="{{.locale.Tr "aria.footer.links"}}">
-		<div class="ui dropdown upward language">
-			<span class="flex-text-inline">{{svg "octicon-globe" 14}} {{.locale.LangName}}</span>
-			<div class="menu language-menu">
-				{{range .AllLangs}}
-					<a lang="{{.Lang}}" data-url="{{AppSubUrl}}/?lang={{.Lang}}" class="item {{if eq $.locale.Lang .Lang}}active selected{{end}}">{{.Name}}</a>
-				{{end}}
-			</div>
-		</div>
-		<a href="{{AssetUrlPrefix}}/js/licenses.txt">{{.locale.Tr "licenses"}}</a>
-		{{if .EnableSwagger}}<a href="{{AppSubUrl}}/api/swagger">API</a>{{end}}
-		{{template "custom/extra_links_footer" .}}
-	</div>
-</footer>
--- a/custom/templates/custom/header.tmpl
+++ b/custom/templates/custom/header.tmpl
@@ -0,0 +1,4 @@
+<style>
+.tab-size-8 {tab-size:4 !important;-moz-tab-size:4 !important}
+#navbar a[href="https://docs.gitea.com"] {display:none !important}
+</style>
--- a/custom/templates/header.tmpl
+++ b/custom/templates/header.tmpl
@@ -1 +0,0 @@
-<style>.tab-size-8 {tab-size:4 !important;-moz-tab-size:4 !important}</style>
--- a/113
+++ b/113
@@ -1,113 +0,0 @@
-#!/bin/bash
-# Gitea Container Deployment - Developed by acidvegas (https://git.acid.vegas)
-
-set -xev
-
-# TODO: Automate this process on a timer to do daily backups & remote backups
-backup_gitea() {
-    GITEA_DB="giteadb"
-    GITEA_DB_USER="gitea"
-
-    NOW=$(date +%Y%m%d)
-
-    incus exec gitea-container -- systemctl stop gitea
-    incus exec gitea-container -- sudo -u git sh -c 'gitea dump -c /etc/gitea/app.ini --file - > /home/git/gitea-${NOW}.zip'
-    incus exec gitea-container -- sudo -u git sh -c 'pg_dump -U $GITEA_DB_USER $GITEA_DB > /home/git/gitea-${NOW}.sql'
-    incus file pull gitea-container/home/git/gitea-${NOW}.zip gitea-${NOW}.zip
-    incus file pull gitea-container/home/git/gitea-${NOW}.sql gitea-${NOW}.sql
-    incus exec gitea-container -- rm /home/git/gitea-${NOW}.zip /home/git/gitea-${NOW}.sql
-    incus exec gitea-container -- systemctl start gitea
-}
-
-
-setup_gitea() {
-    [ ! -f gitea.zip ] && echo "Missing gitea.zip" && exit 1
-    [ ! -f gitea.sql ] && echo "Missing gitea.sql" && exit 1
-
-    GITEA_DB="giteadb"
-    GITEA_DB_USER="gitea"
-    PORT_GITEA_SSH=30022
-
-    CONTAINER_IP=$(incus list | grep gitea-container | awk '{print $6}')
-    VERSION=$(curl -s https://api.github.com/repos/go-gitea/gitea/releases/latest | jq -r .tag_name | cut -c2-)
-
-    incus config set gitea-container boot.autostart true
-    incus config device add gitea-container gitea-ssh-port proxy listen=tcp:0.0.0.0:$PORT_GITEA_SSH connect=tcp:$CONTAINER_IP:${PORT_GITEA_SSH}
-
-    incus exec prosody-container -- userdel -r agent
-
-    incus exec gitea-container -- apt-get install git postgresql postgresql-client unzip wget -y
-    incus exec gitea-container -- adduser --system --shell /bin/bash --group --disabled-password --home /home/git git
-    incus exec gitea-container -- wget -O /usr/local/bin/gitea https://github.com/go-gitea/gitea/releases/download/v${VERSION}/gitea-${VERSION}-linux-amd64
-    incus exec gitea-container -- chmod +x /usr/local/bin/gitea
-    incus exec gitea-container -- mkdir -p /etc/gitea /var/lib/gitea/custom/assets /var/lib/gitea/data /var/lib/gitea/log
-    incus exec gitea-container -- chown root:git /etc/gitea
-    incus exec gitea-container -- chmod 750 /etc/gitea
-    incus exec gitea-container -- chmod 640 /etc/gitea/app.ini
-    incus exec gitea-container -- chown -R git:git /var/lib/gitea
-    incus exec gitea-container -- chmod -R 750 /var/lib/gitea
-    incus exec gitea-container -- wget -O /usr/share/bash-completion/completions/gitea https://raw.githubusercontent.com/go-gitea/gitea/main/contrib/autocompletion/bash_autocomplete
-    incus exec gitea-container -- wget -O /etc/systemd/system/gitea.service https://raw.githubusercontent.com/go-gitea/gitea/release/v1.22/contrib/systemd/gitea.service
-
-    incus file push gitea.sql gitea-container/root/gitea.sql
-    incus exec gitea-container -- systemctl enable postgresql
-    incus exec gitea-container -- systemctl start postgresql
-    PASSWORD=$(grep PASSWD /etc/gitea/app.ini | awk '{print $3}')
-    su -c "psql -c \"CREATE ROLE $GITEA_DB_USER WITH LOGIN PASSWORD '${PASSWORD}';\" -c \"CREATE DATABASE $GITEA_DB WITH OWNER $GITEA_DB_USER TEMPLATE template0 ENCODING UTF8 LC_COLLATE 'en_US.UTF-8' LC_CTYPE 'en_US.UTF-8';\"" - postgres
-    printf "\nlocal $GITEA_DB $GITEA_DB_USER scram-sha-256" >> /etc/postgresql/*/main/pg_hba.conf # Verify this will write to all lol...
-    psql -h localhost -U $GIT_DB_USER $GIT_DB < /root/gitea.sql
-    incus exec gitea-container -- rm /root/gitea.sql
-    incus exec gitea-container -- systemctl restart postgresql
-
-    incus file push gitea.zip gitea-container/root/gitea.zip
-    incus exec gitea-container -- mkdir -p /root/restore
-    incus exec gitea-container -- unzip /root/gitea.zip -d /root/restore
-    incus exec gitea-container -- rm /root/gitea.zip
-    mv /root/restore/app.ini /etc/gitea/app.ini
-    mv /root/restore/custom/* /var/lib/gitea/custom/
-    mv /root/restore/data/* /var/lib/gitea/data/
-    mv /root/restore/repos/* /var/lib/gitea/data/gitea-repositories/
-    chown -R git:git /etc/gitea/app.ini /var/lib/gitea
-    incus exec gitea-container -- systemctl enable gitea
-    incus exec gitea-container -- systemctl start gitea
-}
-
-# TODO: Unfinished
-setup_runner() {
-    GITEA_URL="https://git.supernets.org"
-    CONTAINER_IP=$(incus list | grep gitea-runner-container | awk '{print $6}')
-    VERSION=$(curl -s https://gitea.com/api/v1/repos/gitea/act_runner/releases/latest | grep -o '"tag_name":"[^"]*' | cut -d'"' -f4)
-
-    incus config set gitea-container boot.autostart true
-
-    incus exec gitea-container -- wget -O /usr/local/bin/gitea-runner https://gitea.com/gitea/act_runner/releases/download/v${VERSION}/act_runner-${VERSION}-linux-amd64
-    incus exec gitea-container -- chmod +x /usr/local/bin/gitea-runner
-    incus exec gitea-container -- mkdir /etc/gitea-runner
-    incus exec gitea-container -- /usr/local/bin/gitea-runner generate-config > /etc/gitea-runner/config.yaml
-    incus exec gitea-container -- /usr/local/bin/gitea-runner register --no-interactive --instance $GITEA_URL --token <registration_token> --name <runner_name> --labels <runner_labels>
-
-    {
-        echo "[Unit]"
-        echo "Description=Gitea Actions runner"
-        echo "Documentation=https://gitea.com/gitea/act_runner"
-        echo "After=docker.service"
-
-        echo "[Service]"
-        echo "ExecStart=/usr/local/bin/act_runner daemon --config /etc/act_runner/config.yaml"
-        echo "ExecReload=/bin/kill -s HUP \$MAINPID"
-        echo "WorkingDirectory=/var/lib/act_runner"
-        echo "TimeoutSec=0"
-        echo "RestartSec=10"
-        echo "Restart=always"
-        echo "User=act_runner"
-
-        echo "[Install]"
-        echo "WantedBy=multi-user.target"
-	} > gitea-runner.service.tmp
-
-	incus file push gitea-runner.service.tmp gitea-container/etc/systemd/system/gitea-runner.service
-	rm gitea-runner.service.tmp
-
-	incus exec gitea-container -- systemctl enable gitea-runner
-    incus exec gitea-container -- systemctl start gitea-runner
-}
--- a/nginx.conf
+++ b/nginx.conf
@@ -1,24 +0,0 @@
-server {
-    server_name git.supernets.org;
-    location / {
-        client_max_body_size 4096M;
-        proxy_pass http://10.4.20.420:30443;
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-    }
-
-    listen 443 ssl;
-    ssl_certificate /etc/letsencrypt/live/git.supernets.org/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/git.supernets.org/privkey.pem;
-}
-server {
-    if ($host = git.supernets.org) {
-        return 301 https://$host$request_uri;
-    }
-
-    listen 80;
-    server_name git.supernets.org;
-    return 404;
-}
--- a/setup.sh
+++ b/setup.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+# SuperNETs Gitea Deployment - Developed by acidvegas (https://git.supernets.org/supernets/gitea)
+# gitea/setup.sh
+
+# Load environment variables
+[ -f .env ] && source .env || { echo "Error: .env file not found"; exit 1; }
+
+# Set xtrace, exit on error, & verbose mode (after loading environment variables)
+set -xev
+
+# Remove existing docker container if it exists
+docker rm -f gitea 2>/dev/null || true
+
+# Generate secret key using the Gitea binary itself
+if [ -z "${GITEA_SECRET_KEY}" ]; then
+  GITEA_SECRET_KEY=$(docker run --rm gitea/gitea:latest gitea generate secret SECRET_KEY)
+  if grep -q "GITEA_SECRET_KEY" .env; then
+    sed -i "s|GITEA_SECRET_KEY=.*|GITEA_SECRET_KEY=${GITEA_SECRET_KEY}|g" .env
+  else
+    echo "GITEA_SECRET_KEY=${GITEA_SECRET_KEY}" >> .env
+  fi
+fi
+
+# Generate internal token using the Gitea binary itself
+if [ -z "${GITEA_INTERNAL_TOKEN}" ]; then
+  GITEA_INTERNAL_TOKEN=$(docker run --rm gitea/gitea:latest gitea generate secret INTERNAL_TOKEN)
+  if grep -q "GITEA_INTERNAL_TOKEN" .env; then
+    sed -i "s|GITEA_INTERNAL_TOKEN=.*|GITEA_INTERNAL_TOKEN=${GITEA_INTERNAL_TOKEN}|g" .env
+  else
+    echo "GITEA_INTERNAL_TOKEN=${GITEA_INTERNAL_TOKEN}" >> .env
+  fi
+fi
+
+# Create directories for Gitea data
+mkdir -p /opt/container-storage/gitea/data/gitea/conf
+
+# Copy custom templates and assets into GITEA_CUSTOM (/data/gitea/)
+cp -r custom/* /opt/container-storage/gitea/data/gitea/
+
+# Copy app.ini to where Gitea actually reads it and fill in secrets
+cp app.ini /opt/container-storage/gitea/data/gitea/conf/app.ini
+sed -i "s|__SECRET_KEY__|${GITEA_SECRET_KEY}|g"         /opt/container-storage/gitea/data/gitea/conf/app.ini
+sed -i "s|__INTERNAL_TOKEN__|${GITEA_INTERNAL_TOKEN}|g" /opt/container-storage/gitea/data/gitea/conf/app.ini
+
+# Run the Gitea container with restart policy
+docker run -d --restart unless-stopped --name gitea -e USER_UID=$(id -u) -e USER_GID=$(id -g) -p 127.0.0.1:3000:3000 -p 2222:2222 -v /opt/container-storage/gitea/data:/data gitea/gitea:latest
+
+# Wait for Gitea to be ready, then create admin user
+sleep 5
+docker exec --user git gitea gitea admin user create --admin --username acidvegas --password loldongs --email acid.vegas@acid.vegas
				`@@ -1 +0,0 @@`
				`<style>.tab-size-8 {tab-size:4 !important;-moz-tab-size:4 !important}</style>`