Bring in various gogs features
better custom app.ini optional sso support always create root user
This commit is contained in:
parent
0d2e1cfff0
commit
e566c94b43
|
@ -24,6 +24,7 @@
|
|||
"website": "https://gitea.io",
|
||||
"contactEmail": "apps@cloudron.io",
|
||||
"icon": "file://logo.png",
|
||||
"optionalSso": true,
|
||||
"mediaLinks": [
|
||||
"https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/1.png",
|
||||
"https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/2.png",
|
||||
|
|
|
@ -13,6 +13,7 @@ RUN adduser --disabled-login --gecos 'Gitea' git
|
|||
RUN passwd -d git
|
||||
|
||||
RUN mkdir -p /home/git/gitea
|
||||
WORKDIR /home/git
|
||||
RUN curl -L https://dl.gitea.io/gitea/1.8.2/gitea-1.8.2-linux-amd64 -o /home/git/gitea/gitea \
|
||||
&& chmod +x /home/git/gitea/gitea
|
||||
|
||||
|
|
|
@ -1,12 +1,14 @@
|
|||
This app integrates with the Cloudron SSO. Admins on Cloudron automatically
|
||||
become admins on Gitea.
|
||||
A default admin user has been setup with the following credentials (use the `Local` authentication source when logging in):
|
||||
|
||||
If you want to disable Cloudron SSO, do the following:
|
||||
```
|
||||
username: root
|
||||
password: changeme
|
||||
```
|
||||
|
||||
* Admin Panel -> Authentication -> 'cloudron' -> Uncheck 'This authentication is activated'
|
||||
* Admin Panel -> Users -> Change Authentication Source to 'Local' and also give a password
|
||||
**Note:** Please change the password and email immediately after installation.
|
||||
|
||||
You can edit `/app/data/app.ini` and add any custom configuration. See the
|
||||
[configuration cheat sheet](https://docs.gitea.io/en-us/config-cheat-sheet)
|
||||
for more information.
|
||||
<sso>
|
||||
This app integrates with the Cloudron SSO. Cloudron users can login and use Gitea
|
||||
using the `Cloudron` authentication source.
|
||||
</sso>
|
||||
|
||||
|
|
66
start.sh
66
start.sh
|
@ -7,27 +7,56 @@ mkdir -p /run/gitea/tmp/uploads /run/sshd
|
|||
setup_ldap_source() {
|
||||
set -eu
|
||||
|
||||
# Wait for gitea to finish db setup, before we insert ldap source in db
|
||||
while ! curl --fail http://localhost:3000/healthcheck; do
|
||||
echo "Waiting for gitea to come up"
|
||||
sleep 1
|
||||
done
|
||||
|
||||
now=$(date +%s)
|
||||
|
||||
# Get the existing LDAP source status. This allows the user to disable LDAP
|
||||
# Note that this method is deprecated since this app now supports optionalSso
|
||||
ldap_status=$(mysql -u"${MYSQL_USERNAME}" -p"${MYSQL_PASSWORD}" -h mysql --database="${MYSQL_DATABASE}" -N -B -e "select is_actived from login_source WHERE name='cloudron';")
|
||||
[[ -z "${ldap_status}" ]] && ldap_status="1"
|
||||
|
||||
now=$(date +%s)
|
||||
|
||||
if mysql -u"${MYSQL_USERNAME}" -p"${MYSQL_PASSWORD}" -h mysql --database="${MYSQL_DATABASE}" \
|
||||
-e "REPLACE INTO login_source (id, type, name, is_actived, cfg, created_unix, updated_unix) VALUES (1,2,'cloudron',${ldap_status},'{\"Name\":\"cloudron\",\"Host\":\"${LDAP_SERVER}\",\"Port\":${LDAP_PORT},\"UseSSL\":false,\"SkipVerify\":true,\"BindDN\":\"${LDAP_BIND_DN}\",\"BindPassword\":\"${LDAP_BIND_PASSWORD}\",\"UserBase\":\"${LDAP_USERS_BASE_DN}\",\"AttributeUsername\":\"username\",\"AttributeName\":\"displayname\",\"AttributeSurname\":\"\",\"AttributeMail\":\"mail\",\"Filter\":\"(\\\\u007C(mail=%[1]s)(username=%[1]s))\"}','${now}','${now}');"; then
|
||||
echo "LDAP Authentication was setup with status ${ldap_status}"
|
||||
echo "==> LDAP Authentication was setup with activation status ${ldap_status}"
|
||||
else
|
||||
echo "Failed to setup LDAP authentication"
|
||||
echo "==> Failed to setup LDAP authentication"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
setup_root_user() {
|
||||
set -eu
|
||||
|
||||
if sudo -H -u git /home/git/gitea/gitea admin create-user --name root --password changeme --email test@cloudron.io --admin -c /run/gitea/app.ini; then
|
||||
echo "==> root user added"
|
||||
else
|
||||
echo "==> Failed to add root user"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
setup_auth() {
|
||||
set -eu
|
||||
|
||||
# Wait for gitea to finish db setup, before we do any db operations
|
||||
while ! curl --fail http://localhost:3000/healthcheck; do
|
||||
echo "==> Waiting for gitea to come up"
|
||||
sleep 1
|
||||
done
|
||||
|
||||
echo "==> Gitea is up, setting up auth"
|
||||
|
||||
if [[ -n "${LDAP_SERVER:-}" ]]; then
|
||||
setup_ldap_source
|
||||
fi
|
||||
|
||||
user_count=$(mysql -u"${MYSQL_USERNAME}" -p"${MYSQL_PASSWORD}" -h mysql --database="${MYSQL_DATABASE}" -N -B -e "SELECT count(*) FROM user;")
|
||||
# be careful, not to create root user for existing LDAP based installs
|
||||
if [[ "${user_count}" == "0" ]]; then
|
||||
echo "==> Setting up root user for first run"
|
||||
setup_root_user
|
||||
fi
|
||||
}
|
||||
|
||||
# SSH_PORT can be unset to disable SSH
|
||||
disable_ssh="false"
|
||||
if [[ -z "${SSH_PORT:-}" ]]; then
|
||||
|
@ -52,19 +81,15 @@ chmod 0644 /app/data/sshd/*.pub
|
|||
|
||||
sed -e "s/^Port .*/Port ${SSH_PORT}/" /etc/ssh/sshd_config > /run/gitea/sshd_config
|
||||
|
||||
cp /home/git/app.ini.template "/run/gitea/app.ini"
|
||||
if [[ ! -f /app/data/app.ini ]]; then
|
||||
echo -e "; Add customizations here - https://docs.gitea.io/en-us/config-cheat-sheet/" > /app/data/app.ini
|
||||
|
||||
# create default user config file
|
||||
if ! [ -f /app/data/app.ini ]; then
|
||||
cp /home/git/app.ini.template /app/data/app.ini
|
||||
fi
|
||||
|
||||
if [ "$(crudini --get /app/data/app.ini security SECRET_KEY)" == "##SECRET_KEY" ]; then
|
||||
echo "Generating new SECRET_KEY"
|
||||
echo "==> Generating new SECRET_KEY"
|
||||
crudini --set "/app/data/app.ini" security SECRET_KEY $(pwgen -1 -s)
|
||||
fi
|
||||
|
||||
# merge user config file
|
||||
cp /home/git/app.ini.template "/run/gitea/app.ini"
|
||||
crudini --merge "/run/gitea/app.ini" < "/app/data/app.ini"
|
||||
|
||||
# override important values
|
||||
|
@ -94,11 +119,12 @@ crudini --set "/run/gitea/app.ini" log MODE "console"
|
|||
crudini --set "/run/gitea/app.ini" log ROOT_PATH "/run/gitea"
|
||||
crudini --set "/run/gitea/app.ini" indexer ISSUE_INDEXER_PATH "/app/data/appdata/indexers/issues.bleve"
|
||||
|
||||
echo "==> Creating dirs and changing permissions"
|
||||
mkdir -p /app/data/repository /app/data/ssh /app/data/custom
|
||||
|
||||
chown -R git:git /app/data /run/gitea
|
||||
|
||||
( setup_ldap_source ) &
|
||||
# this expects app.ini to be available
|
||||
( setup_auth ) &
|
||||
|
||||
exec /usr/bin/supervisord --configuration /etc/supervisor/supervisord.conf --nodaemon -i Gitea
|
||||
|
||||
|
|
Loading…
Reference in New Issue