From c9ae769f97f68b18f9d8393821eac9bbd2da83c4 Mon Sep 17 00:00:00 2001 From: Kevin Mihelich <kevin@archlinuxarm.org> Date: Sat, 3 Aug 2019 00:34:22 +0000 Subject: [PATCH] added community/gitea --- community/gitea/PKGBUILD | 78 +++++++++++++++++++++++ community/gitea/gitea-arch-defaults.patch | 49 ++++++++++++++ community/gitea/gitea-ldflags.patch | 19 ++++++ community/gitea/gitea.install | 30 +++++++++ community/gitea/gitea.service | 40 ++++++++++++ community/gitea/gitea.sysusers | 1 + community/gitea/gitea.tmpfiles | 10 +++ 7 files changed, 227 insertions(+) create mode 100644 community/gitea/PKGBUILD create mode 100644 community/gitea/gitea-arch-defaults.patch create mode 100644 community/gitea/gitea-ldflags.patch create mode 100644 community/gitea/gitea.install create mode 100644 community/gitea/gitea.service create mode 100644 community/gitea/gitea.sysusers create mode 100644 community/gitea/gitea.tmpfiles diff --git a/community/gitea/PKGBUILD b/community/gitea/PKGBUILD new file mode 100644 index 000000000..0f0db1d16 --- /dev/null +++ b/community/gitea/PKGBUILD @@ -0,0 +1,78 @@ +# Maintainer: Bruno Pagani <archange@archlinux.org> +# Maintainer: Maxime Gauduin <alucryd@archlinux.org> +# Contributor: Frederik Schwan <frederik dot schwan at linux dot com> + +# ALARM: Kevin Mihelich <kevin@archlinuxarm.org> +# - reduce go garbage collection memory usage with GOGC=50 +# - don't check repo signature until author puts his keys on keyservers + +pkgname=gitea +pkgver=1.8.3 +pkgrel=1 +pkgdesc="Painless self-hosted Git service. Community managed fork of Gogs." +arch=(x86_64) +url="https://gitea.io" +license=(MIT) +depends=(git) +makedepends=(go-pie go-bindata dep) +optdepends=( + 'mariadb: MariaDB support' + 'memcached: MemCached support' + 'openssh: GIT over SSH support' + 'pam: Authentication via PAM support' + 'postgresql: PostgreSQL support' + 'redis: Redis support' + 'sqlite: SQLite support' +) +backup=('etc/gitea/app.ini') +_tag=2b76566c63f0d3d820016259a21aca4cb94bc78b # git rev-parse v${pkgver} +source=("git+https://github.com/go-gitea/gitea.git#tag=${_tag}" + gitea.tmpfiles + gitea.service + gitea.sysusers + gitea-arch-defaults.patch + gitea-ldflags.patch) +sha256sums=('SKIP' + '1521fd7edc3830c695698ffe9835709f1408040b5ec989f07410972c894fa8ba' + '7789b3f6699b9e111fa080226047cdc765e55ff49a3f72aac989c11c06c3e7e0' + '2abc51ccd0086bb996194bb7fb241a3f26d84f518417c872b66a3db8970da7e4' + 'ab0183aeee92d127819b033cbe0b9eab2e1072fb67a0a20e838d911138799b70' + '2dd05c2ec8d5b17332525fe176e40df9893aa632f48525f9d5df98e05027aebf') +validpgpkeys=(8C4033A23895237CB27D52D9D9B5613BEB813F99 # Matti Ranta <matti@mdranta.net> old RSA2048, retrieved from https://github.com/techknowlogick.gpg + B56E3C7437A49E136862F5DE9D8A57ADAA232E95 # Matti Ranta <matti@mdranta.net> new RSA4096, retrieved from https://github.com/techknowlogick.gpg + ED810FD31FBE67F406ED71BDD4F1E9B6493ED946 # Jonas Franz <info@jonasfranz.software> + 9C5BCD799B3CDB124147A748E0DDFEC24C48784C) # Lauris Bukšis-Haberkorns <lauris@nix.lv> +install=gitea.install + +prepare() { + mkdir -p gopath/src/code.gitea.io + ln -rTsf ${pkgname} gopath/src/code.gitea.io/gitea + export GOPATH="${srcdir}"/gopath + + cd ${pkgname} + # Change some defaults for ArchLinux + patch -Np1 -i ../gitea-arch-defaults.patch + # Fix LDFLAGS not being respected by Go + patch -Np1 -i ../gitea-ldflags.patch + + cd $GOPATH/src/code.gitea.io/gitea + dep ensure +} + +build() { + export GOPATH="${srcdir}"/gopath + export GOGC=50 + cd gopath/src/code.gitea.io/gitea + make generate + EXTRA_GOFLAGS="-gcflags all=-trimpath=${GOPATH} -asmflags all=-trimpath=${GOPATH}" \ + make GOFLAGS="-v" TAGS="bindata sqlite pam" build +} + +package() { + install -Dm755 ${pkgname}/${pkgname} -t "${pkgdir}"/usr/bin/ + install -Dm644 ${pkgname}/LICENSE -t "${pkgdir}"/usr/share/licenses/${pkgname}/ + install -Dm644 ${pkgname}.service -t "${pkgdir}"/usr/lib/systemd/system/ + install -Dm644 ${pkgname}.tmpfiles "${pkgdir}"/usr/lib/tmpfiles.d/${pkgname}.conf + install -Dm644 ${pkgname}.sysusers "${pkgdir}"/usr/lib/sysusers.d/${pkgname}.conf + install -D ${pkgname}/custom/conf/app.ini.sample "${pkgdir}"/etc/gitea/app.ini +} diff --git a/community/gitea/gitea-arch-defaults.patch b/community/gitea/gitea-arch-defaults.patch new file mode 100644 index 000000000..4c182c808 --- /dev/null +++ b/community/gitea/gitea-arch-defaults.patch @@ -0,0 +1,49 @@ +--- a/custom/conf/app.ini.sample ++++ b/custom/conf/app.ini.sample +@@ -7,12 +7,12 @@ + ; App name that shows in every page title + APP_NAME = Gitea: Git with a cup of tea + ; Change it if you run locally +-RUN_USER = git ++RUN_USER = gitea + ; Either "dev", "prod" or "test", default is "dev" +-RUN_MODE = dev ++RUN_MODE = prod + + [repository] +-ROOT = ++ROOT = /var/lib/gitea/repos + SCRIPT_TYPE = bash + ; Default ANSI charset + ANSI_CHARSET = +@@ -247,7 +247,7 @@ SQLITE_TIMEOUT = 500 + ; For iterate buffer, default is 50 + ITERATE_BUFFER_SIZE = 50 + ; Show the database generated SQL +-LOG_SQL = true ++LOG_SQL = false + ; Maximum number of DB Connect retries + DB_RETRIES = 10 + ; Backoff time per DB retry (time.Duration) +@@ -510,10 +510,10 @@ MAX_FILES = 5 + FORMAT = + + [log] +-ROOT_PATH = ++ROOT_PATH = /var/log/gitea/ + ; Either "console", "file", "conn", "smtp" or "database", default is "console" + ; Use comma to separate multiple modes, e.g. "console, file" +-MODE = console ++MODE = console, file + ; Buffer length of the channel, keep it as it is if you don't know what it is. + BUFFER_LEN = 10000 + ; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace" +@@ -522,7 +522,7 @@ LEVEL = Trace + + ; For "console" mode only + [log.console] +-LEVEL = ++LEVEL = Info + + ; For "file" mode only + [log.file] diff --git a/community/gitea/gitea-ldflags.patch b/community/gitea/gitea-ldflags.patch new file mode 100644 index 000000000..a316ee1ad --- /dev/null +++ b/community/gitea/gitea-ldflags.patch @@ -0,0 +1,19 @@ +--- a/Makefile ++++ b/Makefile +@@ -36,6 +36,7 @@ else + GITEA_VERSION := $(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//') + endif + ++EXTLDFLAGS := ${LDFLAGS} + LDFLAGS := -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)" + + PACKAGES ?= $(filter-out code.gitea.io/gitea/integrations/migration-test,$(filter-out code.gitea.io/gitea/integrations,$(shell $(GO) list ./... | grep -v /vendor/))) +@@ -312,7 +313,7 @@ install: $(wildcard *.go) + build: $(EXECUTABLE) + + $(EXECUTABLE): $(SOURCES) +- $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@ ++ $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-linkmode external -extldflags "$(EXTLDFLAGS)" -s -w $(LDFLAGS)' -o $@ + + .PHONY: release + release: release-dirs release-windows release-linux release-darwin release-copy release-compress release-check diff --git a/community/gitea/gitea.install b/community/gitea/gitea.install new file mode 100644 index 000000000..08c702f5b --- /dev/null +++ b/community/gitea/gitea.install @@ -0,0 +1,30 @@ +post_upgrade() { + if [ $(vercmp $2 1.6.1-1) -lt 0 ] ; then + cat << EOF + +gitea now uses its own user/group instead of the git ones. +Ownership of /var/lib/gitea tree has been changed accordingly. +You need to update your /etc/gitea/app.ini file to change the +RUN_USER variable at the top. + +Next step is fixing the SSH configuration. If you have: + AllowUsers git +in /etc/ssh/sshd_config, you need to change that to gitea. +Then restart sshd.service. +You will need to tell all your users that they have to change +git@ to gitea@ in their repos clones using git remote set-url. + +If you use a PostgreSQL DB upon Unix socket, you need to fix +your [database] configuration and switch USER to gitea. +Then, you need to change it also in /var/lib/data/pg_hba.conf. +Finally, as postgres user, run psql and inside it type: + ALTER USER git RENAME TO gitea; + \q +Then restart postgresql.service. + +In all cases, you then need to reload systemd units and +restart gitea.service. + +EOF + fi +} diff --git a/community/gitea/gitea.service b/community/gitea/gitea.service new file mode 100644 index 000000000..d9b2f8d64 --- /dev/null +++ b/community/gitea/gitea.service @@ -0,0 +1,40 @@ +[Unit] +Description=Gitea (Git with a cup of tea) +After=syslog.target +After=network.target +After=mysqld.service +After=postgresql.service +After=memcached.service +After=redis.service + +[Service] +User=gitea +Group=gitea +Type=simple +WorkingDirectory=~ +RuntimeDirectory=gitea +LogsDirectory=gitea +StateDirectory=gitea +Environment=USER=gitea HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea +ExecStart=/usr/bin/gitea web -c /etc/gitea/app.ini +Restart=always +RestartSec=2s +CapabilityBoundingSet= +NoNewPrivileges=True +PrivateUsers=true +PrivateDevices=true +PrivateTmp=true +ProtectHome=true +ProtectSystem=strict +ProtectControlGroups=yes +ProtectKernelTunables=true +ProtectKernelModules=yes +ReadWritePaths=/etc/gitea/app.ini +LockPersonality=true +MemoryDenyWriteExecute=true +RestrictRealtime=true +SystemCallArchitectures=native +SystemCallFilter=@system-service + +[Install] +WantedBy=multi-user.target diff --git a/community/gitea/gitea.sysusers b/community/gitea/gitea.sysusers new file mode 100644 index 000000000..dad24d65e --- /dev/null +++ b/community/gitea/gitea.sysusers @@ -0,0 +1 @@ +u gitea - "Gitea daemon user" /var/lib/gitea /usr/bin/bash diff --git a/community/gitea/gitea.tmpfiles b/community/gitea/gitea.tmpfiles new file mode 100644 index 000000000..7d92761cd --- /dev/null +++ b/community/gitea/gitea.tmpfiles @@ -0,0 +1,10 @@ +d /var/lib/gitea 0750 +d /var/lib/gitea/attachments 0750 +d /var/lib/gitea/data 0750 +d /var/lib/gitea/indexers 0750 +d /var/lib/gitea/repos 0750 +d /var/lib/gitea/tmp 0750 +Z /var/lib/gitea - gitea gitea +d /var/log/gitea 0750 gitea gitea +z /etc/gitea 0755 root gitea +z /etc/gitea/app.ini 0660 root gitea