diff --git a/user/forgejo-aneksajo/APKBUILD b/user/forgejo-aneksajo/APKBUILD new file mode 100644 index 0000000..32a5f57 --- /dev/null +++ b/user/forgejo-aneksajo/APKBUILD @@ -0,0 +1,112 @@ +# Contributor: Carlo Landmeter +# Contributor: 6543 <6543@obermui.de> +# Contributor: techknowlogick +# Contributor: Patrycja Rosa +# Maintainer: Antoine Martin (ayakael) +pkgname=forgejo-aneksajo +pkgver=8.0.0 +_gittag=v$pkgver-git-annex0 +pkgrel=0 +pkgdesc="Self-hosted Git service written in Go with git-annex support" +url="https://forgejo.org" +# riscv64: builds fail https://codeberg.org/forgejo/forgejo/issues/3025 +arch="all !riscv64" +license="MIT" +depends="git git-lfs gnupg" +makedepends="go nodejs npm" +checkdepends="bash openssh openssh-keygen sqlite tzdata" +install="$pkgname.pre-install" +pkgusers="forgejo" +pkggroups="www-data" +subpackages="$pkgname-openrc" +source="$pkgname-$_gittag.tar.gz::https://codeberg.org/matrss/forgejo-aneksajo/archive/$_gittag.tar.gz + $pkgname.initd + $pkgname.ini + " +builddir="$srcdir/forgejo-aneksajo" +options="!check net chmod-clean" # broken with GIT_CEILING + +# secfixes: +# 7.0.4-r0: +# - CVE-2024-24789 +# 7.0.3-r0: +# - CVE-2024-24788 +# 1.21.10.0-r0: +# - CVE-2023-45288 +# 1.21.3.0-r0: +# - CVE-2023-48795 + +export GOCACHE="${GOCACHE:-"$srcdir/go-cache"}" +export GOTMPDIR="${GOTMPDIR:-"$srcdir"}" +export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}" + +# Skip tests for archs that fail unrelated in CI +case "$CARCH" in +s390x|x86|armhf|armv7) options="$options !check" ;; +esac + +prepare() { + default_prepare + + npm ci +} + +build() { + # XXX: LARGEFILE64 + export CGO_CFLAGS="$CFLAGS -O2 -D_LARGEFILE64_SOURCE" + export TAGS="bindata sqlite sqlite_unlock_notify" + export GITEA_VERSION="$pkgver" + export EXTRA_GOFLAGS="$GOFLAGS" + export CGO_LDFLAGS="$LDFLAGS" + unset LDFLAGS + ## make FHS compliant + local setting="code.gitea.io/gitea/modules/setting" + export LDFLAGS="$LDFLAGS -X $setting.CustomConf=/etc/forgejo/app.ini" + export LDFLAGS="$LDFLAGS -X $setting.AppWorkPath=/var/lib/forgejo/" + + make -j1 build +} + +check() { + local home="$srcdir"/home + mkdir -p "$home" + install -d -m700 "$home"/.ssh + touch "$home"/.gitconfig + + env GITEA_ROOT="$home" HOME="$home" GITEA_WORK_DIR="$(pwd)" timeout -s ABRT 20m make -j1 test-sqlite + ## "make test" - modified (exclude broken tests) + ## 'code.gitea.io/gitea/modules/migrations': github hase rate limits! 403 API + local tests=$(go list ./... | grep -v /vendor/ | + grep -v 'code.gitea.io/gitea/modules/migrations' | + grep -v 'code.gitea.io/gitea/modules/charset' | + grep -v 'code.gitea.io/gitea/models/migrations' | + grep -v 'code.gitea.io/gitea/services/migrations' | + grep -v 'code.gitea.io/gitea/integrations') + env GITEA_CONF="$PWD/tests/sqlite.ini" GITEA_ROOT="$home" HOME="$home" GO111MODULE=on go test -mod=vendor -tags='sqlite sqlite_unlock_notify' $tests + +} + +package() { + for dir in $pkgname $pkgname/git $pkgname/data $pkgname/db $pkgname/custom; do + install -dm750 -o forgejo -g www-data \ + "$pkgdir"/var/lib/$dir + done + + install -dm755 -o forgejo -g www-data "$pkgdir"/var/log/forgejo + + # TODO: rename when upstream does + install -Dm755 -g www-data gitea "$pkgdir"/usr/bin/forgejo + + install -Dm644 -o forgejo -g www-data "$srcdir"/forgejo-aneksajo.ini \ + "$pkgdir"/etc/forgejo/app.ini + chown forgejo:www-data "$pkgdir"/etc/forgejo + + install -Dm755 "$srcdir"/forgejo-aneksajo.initd \ + "$pkgdir"/etc/init.d/forgejo +} + +sha512sums=" +6836da3996a4bc51c88d82afcffbcd30965111a41d2cdf91d9539b0f0a4832496ed071b52e6eedf2eeaec7623a32aec3a3fdd1dedefedf5c2323690bd1f60937 forgejo-aneksajo-v8.0.0-git-annex0.tar.gz +eb93a9f6c8f204de5c813f58727015f53f9feaab546589e016c60743131559f04fc1518f487b6d2a0e7fa8fab6d4a67cd0cd9713a7ccd9dec767a8c1ddebe129 forgejo-aneksajo.initd +b537b41b6b3a945274a6028800f39787b48c318425a37cf5d40ace0d1b305444fd07f17b4acafcd31a629bedd7d008b0bb3e30f82ffeb3d7e7e947bdbe0ff4f3 forgejo-aneksajo.ini +" diff --git a/user/forgejo-aneksajo/forgejo-aneksajo.ini b/user/forgejo-aneksajo/forgejo-aneksajo.ini new file mode 100644 index 0000000..3b46259 --- /dev/null +++ b/user/forgejo-aneksajo/forgejo-aneksajo.ini @@ -0,0 +1,26 @@ +# Configuration cheat sheet: https://forgejo.org/docs/latest/admin/config-cheat-sheet/ + +RUN_USER = forgejo +RUN_MODE = prod + +[repository] +ROOT = /var/lib/forgejo/git +SCRIPT_TYPE = sh + +[server] +STATIC_ROOT_PATH = /usr/share/webapps/forgejo +APP_DATA_PATH = /var/lib/forgejo/data +LFS_START_SERVER = true + +[database] +DB_TYPE = sqlite3 +PATH = /var/lib/forgejo/db/forgejo.db +SSL_MODE = disable + +[session] +PROVIDER = file + +[log] +ROOT_PATH = /var/log/forgejo +MODE = file +LEVEL = Info diff --git a/user/forgejo-aneksajo/forgejo-aneksajo.initd b/user/forgejo-aneksajo/forgejo-aneksajo.initd new file mode 100644 index 0000000..24dd085 --- /dev/null +++ b/user/forgejo-aneksajo/forgejo-aneksajo.initd @@ -0,0 +1,15 @@ +#!/sbin/openrc-run + +supervisor=supervise-daemon +name=forgejo +command="/usr/bin/forgejo" +command_user="${FORGEJO_USER:-forgejo}:www-data" +command_args="web --config '${FORGEJO_CONF:-/etc/forgejo/app.ini}'" +supervise_daemon_args="--env FORGEJO_WORK_DIR='${FORGEJO_WORK_DIR:-/var/lib/forgejo}' --chdir '${FORGEJO_WORK_DIR:-/var/lib/forgejo}' --stdout '${FORGEJO_LOG_FILE:-/var/log/forgejo/http.log}' --stderr '${FORGEJO_LOG_FILE:-/var/log/forgejo/http.log}'" +pidfile="/run/forgejo.pid" + +depend() { + use logger dns + need net + after firewall mysql postgresql +} diff --git a/user/forgejo-aneksajo/forgejo-aneksajo.pre-install b/user/forgejo-aneksajo/forgejo-aneksajo.pre-install new file mode 100644 index 0000000..c7e8b7b --- /dev/null +++ b/user/forgejo-aneksajo/forgejo-aneksajo.pre-install @@ -0,0 +1,7 @@ +#!/bin/sh + +addgroup -S -g 82 www-data 2>/dev/null +adduser -S -D -h /var/lib/forgejo -s /bin/sh -G www-data -g forgejo forgejo 2>/dev/null \ + && passwd -u forgejo 2>/dev/null + +exit 0