opengnsys-forgejo package

2025-04-09 09:44:09 +02:00 · 2025-04-09 09:44:09 +02:00 · 3ef8fe9dcd
parent 4d0b383839
commit 3ef8fe9dcd
14 changed files with 349 additions and 4 deletions
--- a/installer/opengnsys_git_installer.py
+++ b/installer/opengnsys_git_installer.py
@ -230,6 +230,7 @@ class OpengnsysGitInstaller:

        self.forgejo_var_dir_path   = os.path.join(self.ogrepository_base_path, "var", "lib", "forgejo")
        self.forgejo_work_dir_path  = os.path.join(self.forgejo_var_dir_path, "work")
+        self.forgejo_work_custom_dir_path  = os.path.join(self.forgejo_work_dir_path, "custom")
        self.forgejo_db_dir_path    = os.path.join(self.forgejo_var_dir_path, "db")
        self.forgejo_data_dir_path  = os.path.join(self.forgejo_var_dir_path, "data")

@ -245,6 +246,9 @@ class OpengnsysGitInstaller:
        self.temp_dir = None
        self.script_path = os.path.realpath(os.path.dirname(__file__))

+        # Where we look for forgejo-app.ini and similar templates.
+        self.template_path = self.script_path
+
        # Possible names for SSH public keys
        self.ssh_key_users = ["root", "opengnsys"]
        self.key_names = ["id_rsa.pub", "id_ed25519.pub", "id_ecdsa.pub", "id_ed25519_sk.pub", "id_ecdsa_sk.pub"]
@ -770,7 +774,7 @@ class OpengnsysGitInstaller:
        shutil.copy("../api/gitapi.py", opengnsys_bin_path + "/gitapi.py")
        shutil.copy("opengnsys_git_installer.py", opengnsys_bin_path + "/opengnsys_git_installer.py")

-        self._install_template(os.path.join(self.script_path, "gitapi.service"), "/etc/systemd/system/gitapi.service", data)
+        self._install_template(os.path.join(self.template_path, "gitapi.service"), "/etc/systemd/system/gitapi.service", data)



@ -854,8 +858,8 @@ class OpengnsysGitInstaller:

        data = self._get_forgejo_data()

-        self._install_template(os.path.join(self.script_path, "forgejo-app.ini"), conf_path, data)
-        self._install_template(os.path.join(self.script_path, "forgejo.service"), "/etc/systemd/system/opengnsys-forgejo.service", data)
+        self._install_template(os.path.join(self.template_path, "forgejo-app.ini"), conf_path, data)
+        self._install_template(os.path.join(self.template_path, "opengnsys-forgejo.service"), "/etc/systemd/system/opengnsys-forgejo.service", data)


        self.__logger.debug("Reloading systemd and starting service")
@ -893,8 +897,67 @@ class OpengnsysGitInstaller:

    def configure_forgejo(self):
        data = self._get_forgejo_data()
+        self.__logger.debug("Creating directories")
+
+        pathlib.Path(self.opengnsys_etc_path).mkdir(parents=True, exist_ok=True)
+        pathlib.Path(self.forgejo_conf_dir_path).mkdir(parents=True, exist_ok=True)
+        pathlib.Path(self.git_dir_path).mkdir(parents=True, exist_ok=True)
+        pathlib.Path(self.lfs_dir_path).mkdir(parents=True, exist_ok=True)
+        pathlib.Path(self.forgejo_work_dir_path).mkdir(parents=True, exist_ok=True)
+        pathlib.Path(self.forgejo_work_custom_dir_path).mkdir(parents=True, exist_ok=True)
+        pathlib.Path(self.forgejo_data_dir_path).mkdir(parents=True, exist_ok=True)
+        pathlib.Path(self.forgejo_db_dir_path).mkdir(parents=True, exist_ok=True)
+        pathlib.Path(self.forgejo_log_dir_path).mkdir(parents=True, exist_ok=True)
+
+
+        os.chown(self.lfs_dir_path, self.ssh_uid, self.ssh_gid)
+        os.chown(self.git_dir_path, self.ssh_uid, self.ssh_gid)
+        os.chown(self.forgejo_data_dir_path, self.ssh_uid, self.ssh_gid)
+        os.chown(self.forgejo_work_dir_path, self.ssh_uid, self.ssh_gid)
+        os.chown(self.forgejo_db_dir_path, self.ssh_uid, self.ssh_gid)
+        os.chown(self.forgejo_log_dir_path, self.ssh_uid, self.ssh_gid)
+
+
+
        conf_path = os.path.join(self.forgejo_conf_dir_path, "app.ini")
-        self._install_template(os.path.join(self.script_path, "forgejo-app.ini"), conf_path, data)
+        self._install_template(os.path.join(self.template_path, "forgejo-app.ini"), conf_path, data)
+        self._install_template(os.path.join(self.template_path, "opengnsys-forgejo.service"), "/etc/systemd/system/opengnsys-forgejo.service", data)
+
+
+
+        self.__logger.debug("Reloading systemd and starting service")
+        subprocess.run(["systemctl", "daemon-reload"], check=True)
+        subprocess.run(["systemctl", "enable", "opengnsys-forgejo"], check=True)
+        subprocess.run(["systemctl", "restart", "opengnsys-forgejo"], check=True)
+
+        self.__logger.info("Waiting for forgejo to start")
+        self._wait_for_port("localhost", self.forgejo_port)
+
+
+        self.__logger.info("Configuring forgejo")
+
+        def run_forge_cmd(args):
+            cmd = [self.forgejo_exe, "--config", conf_path] + args
+            self.__logger.debug("Running command: %s", cmd)
+
+            ret = subprocess.run(cmd, check=False, capture_output=True, encoding='utf-8', user=self.ssh_user)
+            if ret.returncode == 0:
+                return ret.stdout.strip()
+            else:
+                self.__logger.error("Failed to run command: %s, return code %i", cmd, ret.returncode)
+                self.__logger.error("stdout: %s", ret.stdout)
+                self.__logger.error("stderr: %s", ret.stderr)
+                raise RuntimeError("Failed to run necessary command")
+
+        run_forge_cmd(["admin", "doctor", "check"])
+
+        run_forge_cmd(["admin", "user", "create", "--username", self.forgejo_user, "--password", self.forgejo_password, "--email", self.email])
+
+        token = run_forge_cmd(["admin", "user", "generate-access-token", "--username", self.forgejo_user, "-t", "gitapi", "--scopes", "all", "--raw"])
+
+        with open(os.path.join(self.base_path, "etc", "ogGitApiToken.cfg"), "w+", encoding='utf-8') as token_file:
+            token_file.write(token)
+

    def add_forgejo_repo(self, repository_name, description = ""):
        token = ""
@ -989,6 +1052,16 @@ if __name__ == '__main__':
    logger.addHandler(fileLog)


+    if "postinst" in os.path.basename(__file__):
+        logger.info("Running as post-install script")
+        installer=OpengnsysGitInstaller()
+
+        # Templates get installed here
+        installer.template_path = "/usr/share/opengnsys-forgejo/"
+        installer.configure_forgejo()
+        sys.exit(0)
+
+
    parser = argparse.ArgumentParser(
        prog="OpenGnsys Installer",
        description="Script para la instalación del repositorio git",
--- a/packages/opengnsys-forgejo/README.md
+++ b/packages/opengnsys-forgejo/README.md
--- a/packages/opengnsys-forgejo/debian/changelog
+++ b/packages/opengnsys-forgejo/debian/changelog
@ -0,0 +1,5 @@
+opengnsys-forgejo (0.5) UNRELEASED; urgency=medium
+
+  * Initial release.
+
+ -- OpenGnsys <opengnsys@opengnsys.es>  Fri, 14 Mar 2025 08:40:35 +0100
--- a/packages/opengnsys-forgejo/debian/control
+++ b/packages/opengnsys-forgejo/debian/control
@ -0,0 +1,37 @@
+Source: opengnsys-forgejo
+Section: unknown
+Priority: optional
+Maintainer: OpenGnsys <opengnsys@opengnsys.es>
+Rules-Requires-Root: no
+Build-Depends:
+ debhelper-compat (= 13),
+Standards-Version: 4.6.2
+Homepage: https://opengnsys.es
+#Vcs-Browser: https://salsa.debian.org/debian/ogboot
+#Vcs-Git: https://salsa.debian.org/debian/ogboot.git
+
+Package: opengnsys-forgejo
+Architecture: any
+Multi-Arch: foreign
+Depends:
+ ${shlibs:Depends},
+ ${misc:Depends},
+ bsdextrautils,
+ debconf (>= 1.5.0),
+ gunicorn,
+ opengnsys-flask-executor,
+ opengnsys-flask-restx,
+ opengnsys-libarchive-c,
+ python3,
+ python3-aniso8601,
+ python3-flasgger,
+ python3-flask,
+ python3-flask,
+ python3-git,
+ python3-paramiko,
+ python3-requests,
+ python3-termcolor,
+ python3-tqdm
+Conflicts:
+Description: Opengnsys Forgejo package for OgGit
+ Files for OpenGnsys Git support
--- a/packages/opengnsys-forgejo/debian/copyright
+++ b/packages/opengnsys-forgejo/debian/copyright
@ -0,0 +1,43 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Source: <url://example.com>
+Upstream-Name: ogboot
+Upstream-Contact: <preferred name and address to reach the upstream project>
+
+Files:
+ *
+Copyright:
+ <years> <put author's name and email here>
+ <years> <likewise for another author>
+License: GPL-3.0+
+
+Files:
+ debian/*
+Copyright:
+ 2025 vagrant <vagrant@build>
+License: GPL-3.0+
+
+License: GPL-3.0+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <https://www.gnu.org/licenses/>.
+Comment:
+ On Debian systems, the complete text of the GNU General
+ Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
+
+# Please also look if there are files or directories which have a
+# different copyright/license attached and list them here.
+# Please avoid picking licenses with terms that are more restrictive than the
+# packaged work, as it may make Debian's contributions unacceptable upstream.
+#
+# If you need, there are some extra license texts available in two places:
+#   /usr/share/debhelper/dh_make/licenses/
+#   /usr/share/common-licenses/
--- a/packages/opengnsys-forgejo/debian/files
+++ b/packages/opengnsys-forgejo/debian/files
@ -0,0 +1,2 @@
+opengnsys-forgejo_0.5_amd64.buildinfo unknown optional
+opengnsys-forgejo_0.5_amd64.deb unknown optional
--- a/packages/opengnsys-forgejo/debian/opengnsys-forgejo.dirs
+++ b/packages/opengnsys-forgejo/debian/opengnsys-forgejo.dirs
@ -0,0 +1,2 @@
+/opt/opengnsys/oggit/bin
+/opt/opengnsys/ogrepository/etc/forgejo/
--- a/packages/opengnsys-forgejo/debian/opengnsys-forgejo.install
+++ b/packages/opengnsys-forgejo/debian/opengnsys-forgejo.install
@ -0,0 +1,3 @@
+forgejo   /opt/opengnsys/ogrepository/bin
+forgejo-app.ini /usr/share/opengnsys-forgejo/
+opengnsys-forgejo.service /usr/share/opengnsys-forgejo/
--- a/packages/opengnsys-forgejo/debian/opengnsys-forgejo.substvars
+++ b/packages/opengnsys-forgejo/debian/opengnsys-forgejo.substvars
@ -0,0 +1,2 @@
+misc:Depends=
+misc:Pre-Depends=
--- a/packages/opengnsys-forgejo/debian/postinst
+++ b/packages/opengnsys-forgejo/debian/postinst
@ -0,0 +1,43 @@
+#!/usr/bin/env python3
+
+data = {
+    "forgejo_user"            : self.ssh_user,
+    "forgejo_group"           : self.ssh_group,
+    "forgejo_port"            : str(self.forgejo_port),
+    "forgejo_bin"             : bin_path,
+    "forgejo_app_ini"         : conf_path,
+    "forgejo_work_path"       : forgejo_work_dir_path,
+    "forgejo_data_path"       : forgejo_data_dir_path,
+    "forgejo_db_path"         : forgejo_db_path,
+    "forgejo_repository_root" : git_dir_path,
+    "forgejo_lfs_path"        : lfs_dir_path,
+    "forgejo_log_path"        : forgejo_log_dir_path,
+    "forgejo_hostname"        : _runcmd("hostname"),
+    "forgejo_lfs_jwt_secret"  : _runcmd([bin_path,"generate", "secret", "LFS_JWT_SECRET"]),
+    "forgejo_jwt_secret"      : _runcmd([bin_path,"generate", "secret", "JWT_SECRET"]),
+    "forgejo_internal_token"  : _runcmd([bin_path,"generate", "secret", "INTERNAL_TOKEN"]),
+    "forgejo_secret_key"      : _runcmd([bin_path,"generate", "secret", "SECRET_KEY"])
+}
+
+ini_template = "/usr/share/opengnsys-forgejo/forgejo-app.ini"
+
+
+def _install_template(self, template, destination, keysvalues):
+    data = ""
+    with open(template, "r", encoding="utf-8") as template_file:
+        data = template_file.read()
+
+    for key in keysvalues.keys():
+        if isinstance(keysvalues[key], int):
+            data = data.replace("{" + key + "}", str(keysvalues[key]))
+        else:
+            data = data.replace("{" + key + "}", keysvalues[key])
+
+    with open(destination, "w+", encoding="utf-8") as out_file:
+        out_file.write(data)
+
+
+
+
+_install_template(os.path.join(self.script_path, "forgejo-app.ini"), conf_path, data)
+
--- a/packages/opengnsys-forgejo/debian/rules
+++ b/packages/opengnsys-forgejo/debian/rules
@ -0,0 +1,40 @@
+#!/usr/bin/make -f
+
+# See debhelper(7) (uncomment to enable).
+# Output every command that modifies files on the build system.
+#export DH_VERBOSE = 1
+
+
+# See FEATURE AREAS in dpkg-buildflags(1).
+#export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+
+# See ENVIRONMENT in dpkg-buildflags(1).
+# Package maintainers to append CFLAGS.
+#export DEB_CFLAGS_MAINT_APPEND  = -Wall -pedantic
+# Package maintainers to append LDFLAGS.
+#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
+
+
+%:
+	dh $@
+
+
+%:
+	dh $@
+
+# Ejecutar composer install durante la fase de construcción
+override_dh_auto_build:
+	cp -v ../../installer/opengnsys_git_installer.py debian/opengnsys-forgejo.postinst
+
+override_dh_auto_install:
+	dh_auto_install
+	mkdir -p debian/opengnsys-forgejo/opt/opengnsys/ogrepository/var/lib/forgejo
+	mkdir -p debian/opengnsys-forgejo/opt/opengnsys/ogrepository/var/lib/forgejo/work
+	chown -R oggit:oggit debian/opengnsys-forgejo/opt/opengnsys/ogrepository/var/lib/forgejo
+
+
+# dh_make generated override targets.
+# This is an example for Cmake (see <https://bugs.debian.org/641051>).
+#override_dh_auto_configure:
+#	dh_auto_configure -- \
+#	-DCMAKE_LIBRARY_PATH=$(DEB_HOST_MULTIARCH)
--- a/packages/opengnsys-forgejo/download
+++ b/packages/opengnsys-forgejo/download
@ -0,0 +1,6 @@
+#!/bin/bash
+VERSION=10.0.1
+
+wget https://codeberg.org/forgejo/forgejo/releases/download/v${VERSION}/forgejo-${VERSION}-linux-amd64 -O forgejo
+chmod 755 forgejo
+
--- a/packages/opengnsys-forgejo/forgejo-app.ini
+++ b/packages/opengnsys-forgejo/forgejo-app.ini
@ -0,0 +1,78 @@
+APP_NAME = OpenGnsys Git
+APP_SLOGAN =
+RUN_USER = {forgejo_user}
+WORK_PATH = {forgejo_work_path}
+RUN_MODE = prod
+
+[database]
+DB_TYPE = sqlite3
+HOST = 127.0.0.1:3306
+NAME = forgejo
+USER = forgejo
+PASSWD =
+SCHEMA =
+SSL_MODE = disable
+PATH = {forgejo_db_path}
+LOG_SQL = false
+
+[repository]
+ROOT = {forgejo_repository_root}
+
+[server]
+SSH_DOMAIN = og-admin
+DOMAIN = og-admin
+HTTP_PORT = {forgejo_port}
+ROOT_URL = http://{forgejo_hostname}:{forgejo_port}/
+APP_DATA_PATH = {forgejo_data_path}
+DISABLE_SSH = false
+SSH_PORT = 22
+LFS_START_SERVER = true
+LFS_JWT_SECRET = {forgejo_lfs_jwt_secret}
+OFFLINE_MODE = true
+
+[lfs]
+PATH = {forgejo_lfs_path}
+
+[mailer]
+ENABLED = false
+
+[service]
+REGISTER_EMAIL_CONFIRM = false
+ENABLE_NOTIFY_MAIL = false
+DISABLE_REGISTRATION = true
+ALLOW_ONLY_EXTERNAL_REGISTRATION = false
+ENABLE_CAPTCHA = false
+REQUIRE_SIGNIN_VIEW = false
+DEFAULT_KEEP_EMAIL_PRIVATE = false
+DEFAULT_ALLOW_CREATE_ORGANIZATION = true
+DEFAULT_ENABLE_TIMETRACKING = true
+NO_REPLY_ADDRESS = noreply.localhost
+
+[openid]
+ENABLE_OPENID_SIGNIN = true
+ENABLE_OPENID_SIGNUP = true
+
+[cron.update_checker]
+ENABLED = true
+
+[session]
+PROVIDER = file
+
+[log]
+MODE = console
+LEVEL = info
+ROOT_PATH = {forgejo_log_path} #/tmp/log
+
+[repository.pull-request]
+DEFAULT_MERGE_STYLE = merge
+
+[repository.signing]
+DEFAULT_TRUST_MODEL = committer
+
+[security]
+INSTALL_LOCK = true
+INTERNAL_TOKEN = {forgejo_internal_token}
+PASSWORD_HASH_ALGO = pbkdf2_hi
+
+[oauth2]
+JWT_SECRET = {forgejo_jwt_secret}
--- a/packages/opengnsys-forgejo/opengnsys-forgejo.service
+++ b/packages/opengnsys-forgejo/opengnsys-forgejo.service
@ -0,0 +1,11 @@
+[Service]
+RestartSec=10s
+Type=simple
+User=oggit
+Group=oggit
+WorkingDirectory=/opt/opengnsys/ogrepository/var/lib/forgejo/work
+ExecStart=/opt/opengnsys/ogrepository/bin/forgejo web --config /opt/opengnsys/etc/forgejo/app.ini
+Restart=always
+
+[Install]
+WantedBy=multi-user.target