WIP: user/codeberg-pages-server: new aport #580
11 changed files with 449 additions and 74 deletions
260
.forgejo/bin/build.sh
Executable file
260
.forgejo/bin/build.sh
Executable file
|
@ -0,0 +1,260 @@
|
||||||
|
#!/bin/sh
|
||||||
|
# shellcheck disable=SC3043
|
||||||
|
|
||||||
|
. /usr/local/lib/functions.sh
|
||||||
|
|
||||||
|
# shellcheck disable=SC3040
|
||||||
|
set -eu -o pipefail
|
||||||
|
|
||||||
|
readonly APORTSDIR=$CI_PROJECT_DIR
|
||||||
|
readonly REPOS="backports user"
|
||||||
|
readonly ALPINE_REPOS="main community testing"
|
||||||
|
readonly ARCH=$(apk --print-arch)
|
||||||
|
# gitlab variables
|
||||||
|
readonly BASEBRANCH=$CI_MERGE_REQUEST_TARGET_BRANCH_NAME
|
||||||
|
|
||||||
|
: "${REPODEST:=$HOME/packages}"
|
||||||
|
: "${MIRROR:=https://ayakael.net/api/packages/forge/alpine}"
|
||||||
|
: "${ALPINE_MIRROR:=http://dl-cdn.alpinelinux.org/alpine}"
|
||||||
|
: "${MAX_ARTIFACT_SIZE:=300000000}" #300M
|
||||||
|
: "${CI_DEBUG_BUILD:=}"
|
||||||
|
|
||||||
|
: "${CI_ALPINE_BUILD_OFFSET:=0}"
|
||||||
|
: "${CI_ALPINE_BUILD_LIMIT:=9999}"
|
||||||
|
|
||||||
|
msg() {
|
||||||
|
local color=${2:-green}
|
||||||
|
case "$color" in
|
||||||
|
red) color="31";;
|
||||||
|
green) color="32";;
|
||||||
|
yellow) color="33";;
|
||||||
|
blue) color="34";;
|
||||||
|
*) color="32";;
|
||||||
|
esac
|
||||||
|
printf "\033[1;%sm>>>\033[1;0m %s\n" "$color" "$1" | xargs >&2
|
||||||
|
}
|
||||||
|
|
||||||
|
verbose() {
|
||||||
|
echo "> " "$@"
|
||||||
|
# shellcheck disable=SC2068
|
||||||
|
$@
|
||||||
|
}
|
||||||
|
|
||||||
|
debugging() {
|
||||||
|
[ -n "$CI_DEBUG_BUILD" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
debug() {
|
||||||
|
if debugging; then
|
||||||
|
verbose "$@"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
die() {
|
||||||
|
msg "$1" red
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
capture_stderr() {
|
||||||
|
"$@" 2>&1
|
||||||
|
}
|
||||||
|
|
||||||
|
report() {
|
||||||
|
report=$1
|
||||||
|
|
||||||
|
reportsdir=$APORTSDIR/logs/
|
||||||
|
mkdir -p "$reportsdir"
|
||||||
|
|
||||||
|
tee -a "$reportsdir/$report.log"
|
||||||
|
}
|
||||||
|
|
||||||
|
get_release() {
|
||||||
|
case $BASEBRANCH in
|
||||||
|
v*) echo "$BASEBRANCH";;
|
||||||
|
edge) echo edge;;
|
||||||
|
*) die "Branch \"$BASEBRANCH\" not supported!"
|
||||||
|
esac
|
||||||
|
}
|
||||||
|
|
||||||
|
build_aport() {
|
||||||
|
local repo="$1" aport="$2"
|
||||||
|
cd "$APORTSDIR/$repo/$aport"
|
||||||
|
if abuild -r 2>&1 | report "build-$aport"; then
|
||||||
|
checkapk 2>&1 | report "checkapk-$aport" || true
|
||||||
|
aport_ok="$aport_ok $repo/$aport"
|
||||||
|
else
|
||||||
|
aport_ng="$aport_ng $repo/$aport"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
check_aport() {
|
||||||
|
local repo="$1" aport="$2"
|
||||||
|
cd "$APORTSDIR/$repo/$aport"
|
||||||
|
if ! abuild check_arch 2>/dev/null; then
|
||||||
|
aport_na="$aport_na $repo/$aport"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
set_repositories_for() {
|
||||||
|
local target_repo="$1" repos='' repo=''
|
||||||
|
local release
|
||||||
|
|
||||||
|
release=$(get_release)
|
||||||
|
for repo in $REPOS; do
|
||||||
|
[ "$repo" = "non-free" ] && continue
|
||||||
|
[ "$release" == "edge" ] && [ "$repo" == "backports" ] && continue
|
||||||
|
repos="$repos $MIRROR/$release/$repo $REPODEST/$repo"
|
||||||
|
[ "$repo" = "$target_repo" ] && break
|
||||||
|
done
|
||||||
|
doas sh -c "printf '%s\n' $repos >> /etc/apk/repositories"
|
||||||
|
doas apk update || true
|
||||||
|
}
|
||||||
|
|
||||||
|
apply_offset_limit() {
|
||||||
|
start=$1
|
||||||
|
limit=$2
|
||||||
|
end=$((start+limit))
|
||||||
|
|
||||||
|
sed -n "$((start+1)),${end}p"
|
||||||
|
}
|
||||||
|
|
||||||
|
setup_system() {
|
||||||
|
local repos='' repo=''
|
||||||
|
local release
|
||||||
|
|
||||||
|
release=$(get_release)
|
||||||
|
for repo in $ALPINE_REPOS; do
|
||||||
|
[ "$release" != "edge" ] && [ "$repo" == "testing" ] && continue
|
||||||
|
repos="$repos $ALPINE_MIRROR/$release/$repo"
|
||||||
|
done
|
||||||
|
doas sh -c "printf '%s\n' $repos > /etc/apk/repositories"
|
||||||
|
doas apk -U upgrade -a || apk fix || die "Failed to up/downgrade system"
|
||||||
|
abuild-keygen -ain
|
||||||
|
doas sed -i -E 's/export JOBS=[0-9]+$/export JOBS=$(nproc)/' /etc/abuild.conf
|
||||||
|
( . /etc/abuild.conf && echo "Building with $JOBS jobs" )
|
||||||
|
mkdir -p "$REPODEST"
|
||||||
|
git config --global init.defaultBranch master
|
||||||
|
}
|
||||||
|
|
||||||
|
sysinfo() {
|
||||||
|
printf ">>> Host system information (arch: %s, release: %s) <<<\n" "$ARCH" "$(get_release)"
|
||||||
|
printf "- Number of Cores: %s\n" "$(nproc)"
|
||||||
|
printf "- Memory: %s Gb\n" "$(awk '/^MemTotal/ {print ($2/1024/1024)}' /proc/meminfo)"
|
||||||
|
printf "- Free space: %s\n" "$(df -hP / | awk '/\/$/ {print $4}')"
|
||||||
|
}
|
||||||
|
|
||||||
|
copy_artifacts() {
|
||||||
|
cd "$APORTSDIR"
|
||||||
|
|
||||||
|
packages_size="$(du -sk "$REPODEST" | awk '{print $1 * 1024}')"
|
||||||
|
if [ -z "$packages_size" ]; then
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Artifact size: $packages_size bytes"
|
||||||
|
|
||||||
|
mkdir -p keys/ packages/
|
||||||
|
|
||||||
|
if [ "$packages_size" -lt $MAX_ARTIFACT_SIZE ]; then
|
||||||
|
msg "Copying packages for artifact upload"
|
||||||
|
cp -ar "$REPODEST"/* packages/ 2>/dev/null
|
||||||
|
cp ~/.abuild/*.rsa.pub keys/
|
||||||
|
else
|
||||||
|
msg "Artifact size $packages_size larger than max ($MAX_ARTIFACT_SIZE), skipping uploading them" yellow
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
section_start setup "Setting up the system" collapse
|
||||||
|
|
||||||
|
if debugging; then
|
||||||
|
set -x
|
||||||
|
fi
|
||||||
|
|
||||||
|
aport_ok=
|
||||||
|
aport_na=
|
||||||
|
aport_ng=
|
||||||
|
failed=
|
||||||
|
|
||||||
|
sysinfo || true
|
||||||
|
setup_system || die "Failed to setup system"
|
||||||
|
|
||||||
|
# git no longer allows to execute in repositories owned by different users
|
||||||
|
doas chown -R buildozer: .
|
||||||
|
|
||||||
|
fetch_flags="-qn"
|
||||||
|
debugging && fetch_flags="-v"
|
||||||
|
|
||||||
|
git fetch $fetch_flags "$CI_MERGE_REQUEST_PROJECT_URL" \
|
||||||
|
"+refs/heads/$BASEBRANCH:refs/heads/$BASEBRANCH"
|
||||||
|
|
||||||
|
if debugging; then
|
||||||
|
merge_base=$(git merge-base "$BASEBRANCH" HEAD) || echo "Could not determine merge-base"
|
||||||
|
echo "Merge base: $merge_base"
|
||||||
|
git --version
|
||||||
|
git config -l
|
||||||
|
[ -n "$merge_base" ] && git tag -f merge-base "$merge_base"
|
||||||
|
git --no-pager log -200 --oneline --graph --decorate --all
|
||||||
|
fi
|
||||||
|
|
||||||
|
section_end setup
|
||||||
|
|
||||||
|
build_start=$CI_ALPINE_BUILD_OFFSET
|
||||||
|
build_limit=$CI_ALPINE_BUILD_LIMIT
|
||||||
|
|
||||||
|
for repo in $(changed_repos); do
|
||||||
|
set_repositories_for "$repo"
|
||||||
|
built_aports=0
|
||||||
|
changed_aports_in_repo=$(changed_aports "$repo")
|
||||||
|
changed_aports_in_repo_count=$(echo "$changed_aports_in_repo" | wc -l)
|
||||||
|
changed_aports_to_build=$(echo "$changed_aports_in_repo" | apply_offset_limit "$build_start" "$build_limit")
|
||||||
|
|
||||||
|
msg "Changed aports in $repo:"
|
||||||
|
# shellcheck disable=SC2086 # Splitting is expected here
|
||||||
|
printf " - %s\n" $changed_aports_to_build
|
||||||
|
for pkgname in $changed_aports_to_build; do
|
||||||
|
section_start "build_$pkgname" "Building package $pkgname"
|
||||||
|
built_aports=$((built_aports+1))
|
||||||
|
if check_aport "$repo" "$pkgname"; then
|
||||||
|
build_aport "$repo" "$pkgname"
|
||||||
|
fi
|
||||||
|
section_end "build_$pkgname"
|
||||||
|
done
|
||||||
|
|
||||||
|
build_start=$((build_start-(changed_aports_in_repo_count-built_aports)))
|
||||||
|
build_limit=$((build_limit-built_aports))
|
||||||
|
|
||||||
|
if [ $build_limit -le 0 ]; then
|
||||||
|
msg "Limit reached, breaking"
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
section_start artifacts "Handeling artifacts" collapse
|
||||||
|
copy_artifacts || true
|
||||||
|
section_end artifacts
|
||||||
|
|
||||||
|
section_start summary "Build summary"
|
||||||
|
|
||||||
|
echo "### Build summary ###"
|
||||||
|
|
||||||
|
for ok in $aport_ok; do
|
||||||
|
msg "$ok: build succesfully"
|
||||||
|
done
|
||||||
|
|
||||||
|
for na in $aport_na; do
|
||||||
|
msg "$na: disabled for $ARCH" yellow
|
||||||
|
done
|
||||||
|
|
||||||
|
for ng in $aport_ng; do
|
||||||
|
msg "$ng: build failed" red
|
||||||
|
failed=true
|
||||||
|
done
|
||||||
|
section_end summary
|
||||||
|
|
||||||
|
if [ "$failed" = true ]; then
|
||||||
|
exit 1
|
||||||
|
elif [ -z "$aport_ok" ]; then
|
||||||
|
msg "No packages found to be built." yellow
|
||||||
|
fi
|
||||||
|
|
|
@ -14,6 +14,14 @@ for apk in $apkgs; do
|
||||||
arch=$(echo $apk | awk -F '/' '{print $3}')
|
arch=$(echo $apk | awk -F '/' '{print $3}')
|
||||||
name=$(echo $apk | awk -F '/' '{print $4}')
|
name=$(echo $apk | awk -F '/' '{print $4}')
|
||||||
|
|
||||||
|
if [ "$(curl -s $GITHUB_SERVER_URL/api/v1/repos/$GITHUB_REPOSITORY/pulls/$GITHUB_EVENT_NUMBER | jq .draft)" == "true" ]; then
|
||||||
|
# if draft, send to -testing branch
|
||||||
|
branch="$branch-testing"
|
||||||
|
else
|
||||||
|
# if not draft, assume that this was sent to $branch-testing and nuke it
|
||||||
|
curl -s --user $FORGE_REPO_USER:$FORGE_REPO_TOKEN -X DELETE $TARGET_REPO/$BASEBRANCH/$branch-testing/$arch/$name
|
||||||
|
fi
|
||||||
|
|
||||||
echo "Sending $name of arch $arch to $TARGET_REPO/$BASEBRANCH/$branch"
|
echo "Sending $name of arch $arch to $TARGET_REPO/$BASEBRANCH/$branch"
|
||||||
return=$(curl -s --user $FORGE_REPO_USER:$FORGE_REPO_TOKEN --upload-file $apk $TARGET_REPO/$BASEBRANCH/$branch 2>&1)
|
return=$(curl -s --user $FORGE_REPO_USER:$FORGE_REPO_TOKEN --upload-file $apk $TARGET_REPO/$BASEBRANCH/$branch 2>&1)
|
||||||
echo $return
|
echo $return
|
||||||
|
|
|
@ -1,66 +0,0 @@
|
||||||
diff --git a/usr/local/bin/build.sh.orig b/usr/local/bin/build.sh
|
|
||||||
old mode 100644
|
|
||||||
new mode 100755
|
|
||||||
index c3b8f7a..f609018
|
|
||||||
--- a/usr/local/bin/build.sh.orig
|
|
||||||
+++ b/usr/local/bin/build.sh
|
|
||||||
@@ -7,13 +7,15 @@
|
|
||||||
set -eu -o pipefail
|
|
||||||
|
|
||||||
readonly APORTSDIR=$CI_PROJECT_DIR
|
|
||||||
-readonly REPOS="main community testing non-free"
|
|
||||||
+readonly REPOS="backports user"
|
|
||||||
+readonly ALPINE_REPOS="main community testing"
|
|
||||||
readonly ARCH=$(apk --print-arch)
|
|
||||||
# gitlab variables
|
|
||||||
readonly BASEBRANCH=$CI_MERGE_REQUEST_TARGET_BRANCH_NAME
|
|
||||||
|
|
||||||
: "${REPODEST:=$HOME/packages}"
|
|
||||||
-: "${MIRROR:=https://dl-cdn.alpinelinux.org/alpine}"
|
|
||||||
+: "${MIRROR:=https://ayakael.net/api/packages/forge/alpine}"
|
|
||||||
+: "${ALPINE_MIRROR:=http://dl-cdn.alpinelinux.org/alpine}"
|
|
||||||
: "${MAX_ARTIFACT_SIZE:=300000000}" #300M
|
|
||||||
: "${CI_DEBUG_BUILD:=}"
|
|
||||||
|
|
||||||
@@ -68,8 +70,8 @@ report() {
|
|
||||||
|
|
||||||
get_release() {
|
|
||||||
case $BASEBRANCH in
|
|
||||||
- *-stable) echo v"${BASEBRANCH%-*}";;
|
|
||||||
- master) echo edge;;
|
|
||||||
+ v*) echo "$BASEBRANCH";;
|
|
||||||
+ edge) echo edge;;
|
|
||||||
*) die "Branch \"$BASEBRANCH\" not supported!"
|
|
||||||
esac
|
|
||||||
}
|
|
||||||
@@ -101,11 +103,11 @@ set_repositories_for() {
|
|
||||||
release=$(get_release)
|
|
||||||
for repo in $REPOS; do
|
|
||||||
[ "$repo" = "non-free" ] && continue
|
|
||||||
- [ "$release" != "edge" ] && [ "$repo" == "testing" ] && continue
|
|
||||||
+ [ "$release" == "edge" ] && [ "$repo" == "backports" ] && continue
|
|
||||||
repos="$repos $MIRROR/$release/$repo $REPODEST/$repo"
|
|
||||||
[ "$repo" = "$target_repo" ] && break
|
|
||||||
done
|
|
||||||
- doas sh -c "printf '%s\n' $repos > /etc/apk/repositories"
|
|
||||||
+ doas sh -c "printf '%s\n' $repos >> /etc/apk/repositories"
|
|
||||||
doas apk update
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -118,7 +120,15 @@ apply_offset_limit() {
|
|
||||||
}
|
|
||||||
|
|
||||||
setup_system() {
|
|
||||||
- doas sh -c "echo $MIRROR/$(get_release)/main > /etc/apk/repositories"
|
|
||||||
+ local repos='' repo=''
|
|
||||||
+ local release
|
|
||||||
+
|
|
||||||
+ release=$(get_release)
|
|
||||||
+ for repo in $ALPINE_REPOS; do
|
|
||||||
+ [ "$release" != "edge" ] && [ "$repo" == "testing" ] && continue
|
|
||||||
+ repos="$repos $ALPINE_MIRROR/$release/$repo"
|
|
||||||
+ done
|
|
||||||
+ doas sh -c "printf '%s\n' $repos > /etc/apk/repositories"
|
|
||||||
doas apk -U upgrade -a || apk fix || die "Failed to up/downgrade system"
|
|
||||||
abuild-keygen -ain
|
|
||||||
doas sed -i -E 's/export JOBS=[0-9]+$/export JOBS=$(nproc)/' /etc/abuild.conf
|
|
|
@ -2,6 +2,10 @@ on:
|
||||||
pull_request:
|
pull_request:
|
||||||
types: [ assigned, opened, synchronize, reopened ]
|
types: [ assigned, opened, synchronize, reopened ]
|
||||||
|
|
||||||
|
concurrency:
|
||||||
|
group: ${{ github.head_ref || github.ref_name }}
|
||||||
|
cancel-in-progress: true
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build-aarch64:
|
build-aarch64:
|
||||||
runs-on: aarch64
|
runs-on: aarch64
|
||||||
|
@ -23,9 +27,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
fetch-depth: 500
|
fetch-depth: 500
|
||||||
- name: Package build
|
- name: Package build
|
||||||
run: |
|
run: ${{ github.workspace }}/.forgejo/bin/build.sh
|
||||||
doas patch -d / -p1 -i ${{ github.workspace }}/.forgejo/patches/build.patch
|
|
||||||
build.sh
|
|
||||||
- name: Package upload
|
- name: Package upload
|
||||||
uses: forgejo/upload-artifact@v3
|
uses: forgejo/upload-artifact@v3
|
||||||
with:
|
with:
|
||||||
|
@ -41,9 +43,10 @@ jobs:
|
||||||
CI_ALPINE_REPO: 'https://ayakael.net/api/packages/forge/alpine'
|
CI_ALPINE_REPO: 'https://ayakael.net/api/packages/forge/alpine'
|
||||||
FORGE_REPO_TOKEN: ${{ secrets.FORGE_REPO_TOKEN }}
|
FORGE_REPO_TOKEN: ${{ secrets.FORGE_REPO_TOKEN }}
|
||||||
FORGE_REPO_USER: ${{ vars.FORGE_REPO_USER }}
|
FORGE_REPO_USER: ${{ vars.FORGE_REPO_USER }}
|
||||||
|
GITHUB_EVENT_NUMBER: ${{ github.event.number }}
|
||||||
steps:
|
steps:
|
||||||
- name: Setting up environment
|
- name: Setting up environment
|
||||||
run: apk add nodejs curl findutils git gawk
|
run: apk add nodejs curl findutils git gawk jq
|
||||||
- name: Repo pull
|
- name: Repo pull
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
- name: Package download
|
- name: Package download
|
||||||
|
|
|
@ -2,6 +2,10 @@ on:
|
||||||
pull_request:
|
pull_request:
|
||||||
types: [ assigned, opened, synchronize, reopened ]
|
types: [ assigned, opened, synchronize, reopened ]
|
||||||
|
|
||||||
|
concurrency:
|
||||||
|
group: ${{ github.head_ref || github.ref_name }}
|
||||||
|
cancel-in-progress: true
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build-x86_64:
|
build-x86_64:
|
||||||
runs-on: x86_64
|
runs-on: x86_64
|
||||||
|
@ -23,9 +27,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
fetch-depth: 500
|
fetch-depth: 500
|
||||||
- name: Package build
|
- name: Package build
|
||||||
run: |
|
run: ${{ github.workspace }}/.forgejo/bin/build.sh
|
||||||
doas patch -d / -p1 -i ${{ github.workspace }}/.forgejo/patches/build.patch
|
|
||||||
build.sh
|
|
||||||
- name: Package upload
|
- name: Package upload
|
||||||
uses: forgejo/upload-artifact@v3
|
uses: forgejo/upload-artifact@v3
|
||||||
with:
|
with:
|
||||||
|
@ -41,9 +43,10 @@ jobs:
|
||||||
CI_ALPINE_REPO: 'https://ayakael.net/api/packages/forge/alpine'
|
CI_ALPINE_REPO: 'https://ayakael.net/api/packages/forge/alpine'
|
||||||
FORGE_REPO_TOKEN: ${{ secrets.FORGE_REPO_TOKEN }}
|
FORGE_REPO_TOKEN: ${{ secrets.FORGE_REPO_TOKEN }}
|
||||||
FORGE_REPO_USER: ${{ vars.FORGE_REPO_USER }}
|
FORGE_REPO_USER: ${{ vars.FORGE_REPO_USER }}
|
||||||
|
GITHUB_EVENT_NUMBER: ${{ github.event.number }}
|
||||||
steps:
|
steps:
|
||||||
- name: Setting up environment
|
- name: Setting up environment
|
||||||
run: apk add nodejs curl findutils git gawk
|
run: apk add nodejs curl findutils git gawk jq
|
||||||
- name: Repo pull
|
- name: Repo pull
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
- name: Package download
|
- name: Package download
|
||||||
|
|
45
user/codeberg-pages-server/APKBUILD
Normal file
45
user/codeberg-pages-server/APKBUILD
Normal file
|
@ -0,0 +1,45 @@
|
||||||
|
# Contributor: Antoine Martin (ayakael) <dev@ayakael.net>
|
||||||
|
# Maintainer: Antoine Martin (ayakael) <dev@ayakael.net>
|
||||||
|
pkgname=codeberg-pages-server
|
||||||
|
pkgver=5.1
|
||||||
|
pkgrel=0
|
||||||
|
pkgdesc="The Codeberg Pages Server – with custom domain support, per-repo pages using the "pages" branch, caching and more."
|
||||||
|
url="https://codeberg.org/Codeberg/pages-server"
|
||||||
|
arch="all"
|
||||||
|
license="EUPL-1.2"
|
||||||
|
depends="nginx"
|
||||||
|
makedepends="go just"
|
||||||
|
# tests disabled for now
|
||||||
|
options="!check"
|
||||||
|
install="$pkgname.post-install $pkgname.post-upgrade $pkgname.pre-install"
|
||||||
|
source="
|
||||||
|
$pkgname-$pkgver.tar.gz::https://codeberg.org/Codeberg/pages-server/archive/v$pkgver.tar.gz
|
||||||
|
codeberg-pages-server.openrc
|
||||||
|
upgrade-go-sqlite3-to-1.14.19.patch
|
||||||
|
"
|
||||||
|
builddir="$srcdir/"pages-server
|
||||||
|
subpackages="$pkgname-openrc"
|
||||||
|
pkgusers="git"
|
||||||
|
pkggroups="www-data"
|
||||||
|
|
||||||
|
export GOPATH=$srcdir/go
|
||||||
|
export GOCACHE=$srcdir/go-build
|
||||||
|
export GOTMPDIR=$srcdir
|
||||||
|
|
||||||
|
build() {
|
||||||
|
just build
|
||||||
|
}
|
||||||
|
|
||||||
|
package() {
|
||||||
|
msg "Packaging $pkgname"
|
||||||
|
install -Dm755 "$builddir"/build/codeberg-pages-server "$pkgdir"/usr/bin/codeberg-pages-server
|
||||||
|
|
||||||
|
install -Dm755 "$srcdir"/$pkgname.openrc \
|
||||||
|
"$pkgdir"/etc/init.d/$pkgname
|
||||||
|
}
|
||||||
|
|
||||||
|
sha512sums="
|
||||||
|
55a1dd5ed0f1cb2aaad1066eca8bfbd1d537169ed3712c748163ebff64edc45d05ac1f6f062433e232e2638a790232438282f96dd7410eb4cbaff7208f5f2427 codeberg-pages-server-5.1.tar.gz
|
||||||
|
4defb4fe3a4230f4aa517fbecd5e5b8bcef2a64e1b40615660ae9eec33597310a09df5e126f4d39ce7764bd1716c0a7040637699135c103cbc1879593c6c06f1 codeberg-pages-server.openrc
|
||||||
|
895f1c8d22fcf1d5491a6fe0ce5d93201f83b6dd5fc81b24016b609988fb6c66fdde75bb3830f385a5c83d96366ca3a5f4f9524f52058b6c5dfd8b80d14bac5b upgrade-go-sqlite3-to-1.14.19.patch
|
||||||
|
"
|
30
user/codeberg-pages-server/codeberg-pages-server.openrc
Normal file
30
user/codeberg-pages-server/codeberg-pages-server.openrc
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
#!/sbin/openrc-run
|
||||||
|
|
||||||
|
name="$RC_SVCNAME"
|
||||||
|
cfgfile="/etc/conf.d/$RC_SVCNAME.conf"
|
||||||
|
pidfile="/run/$RC_SVCNAME.pid"
|
||||||
|
working_directory="/usr/share/webapps/authentik"
|
||||||
|
command="/usr/share/webapps/authentik/server"
|
||||||
|
command_user="authentik"
|
||||||
|
command_group="authentik"
|
||||||
|
start_stop_daemon_args=""
|
||||||
|
command_background="yes"
|
||||||
|
output_log="/var/log/authentik/$RC_SVCNAME.log"
|
||||||
|
error_log="/var/log/authentik/$RC_SVCNAME.err"
|
||||||
|
|
||||||
|
depend() {
|
||||||
|
need redis
|
||||||
|
need postgresql
|
||||||
|
}
|
||||||
|
|
||||||
|
start_pre() {
|
||||||
|
cd "$working_directory"
|
||||||
|
checkpath --directory --owner $command_user:$command_group --mode 0775 \
|
||||||
|
/var/log/authentik \
|
||||||
|
/var/lib/authentik/certs
|
||||||
|
}
|
||||||
|
|
||||||
|
stop_pre() {
|
||||||
|
ebegin "Killing child processes"
|
||||||
|
kill $(ps -o pid= --ppid $(cat $pidfile)) || true
|
||||||
|
}
|
39
user/codeberg-pages-server/codeberg-pages-server.post-install
Executable file
39
user/codeberg-pages-server/codeberg-pages-server.post-install
Executable file
|
@ -0,0 +1,39 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
group=authentik
|
||||||
|
config_file='/etc/authentik/config.yml'
|
||||||
|
|
||||||
|
setcap 'cap_net_bind_service=+ep' /usr/share/webapps/authentik/server
|
||||||
|
|
||||||
|
if [ $(grep '@@SECRET_KEY@@' "$config_file") ]; then
|
||||||
|
echo "* Generating random secret in $config_file" >&2
|
||||||
|
|
||||||
|
secret_key="$(pwgen -s 50 1)"
|
||||||
|
sed -i "s|@@SECRET_KEY@@|$secret_key|" "$config_file"
|
||||||
|
chown root:$group "$config_file"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "${0##*.}" = 'post-upgrade' ]; then
|
||||||
|
cat >&2 <<-EOF
|
||||||
|
*
|
||||||
|
* To finish Authentik upgrade run:
|
||||||
|
*
|
||||||
|
* authentik-manage migrate
|
||||||
|
*
|
||||||
|
EOF
|
||||||
|
else
|
||||||
|
cat >&2 <<-EOF
|
||||||
|
*
|
||||||
|
* 1. Adjust settings in /etc/authentik/config.yml.
|
||||||
|
*
|
||||||
|
* 2. Create database for Authentik:
|
||||||
|
*
|
||||||
|
* psql -c "CREATE ROLE authentik PASSWORD 'top-secret' INHERIT LOGIN;"
|
||||||
|
* psql -c "CREATE DATABASE authentik OWNER authentik ENCODING 'UTF-8';"
|
||||||
|
*
|
||||||
|
* 3. Run "authentik-manage migrate"
|
||||||
|
* 4. Setup admin user at https://<your server>/if/flow/initial-setup/
|
||||||
|
*
|
||||||
|
EOF
|
||||||
|
fi
|
1
user/codeberg-pages-server/codeberg-pages-server.post-upgrade
Symbolic link
1
user/codeberg-pages-server/codeberg-pages-server.post-upgrade
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
codeberg-pages-server.post-install
|
26
user/codeberg-pages-server/codeberg-pages-server.pre-install
Normal file
26
user/codeberg-pages-server/codeberg-pages-server.pre-install
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
#!/bin/sh
|
||||||
|
# It's very important to set user/group correctly.
|
||||||
|
|
||||||
|
authentik_dir='/var/lib/authentik'
|
||||||
|
|
||||||
|
if ! getent group authentik 1>/dev/null; then
|
||||||
|
echo '* Creating group authentik' 1>&2
|
||||||
|
|
||||||
|
addgroup -S authentik
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! id authentik 2>/dev/null 1>&2; then
|
||||||
|
echo '* Creating user authentik' 1>&2
|
||||||
|
|
||||||
|
adduser -DHS -G authentik -h "$authentik_dir" -s /bin/sh \
|
||||||
|
-g "added by apk for authentik" authentik
|
||||||
|
passwd -u authentik 1>/dev/null # unlock
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! id -Gn authentik | grep -Fq redis; then
|
||||||
|
echo '* Adding user authentik to group redis' 1>&2
|
||||||
|
|
||||||
|
addgroup authentik redis
|
||||||
|
fi
|
||||||
|
|
||||||
|
exit 0
|
|
@ -0,0 +1,26 @@
|
||||||
|
diff --git a/go.mod.orig b/go.mod
|
||||||
|
index eba292e..00310e5 100644
|
||||||
|
--- a/go.mod.orig
|
||||||
|
+++ b/go.mod
|
||||||
|
@@ -11,7 +11,7 @@ require (
|
||||||
|
github.com/go-sql-driver/mysql v1.6.0
|
||||||
|
github.com/joho/godotenv v1.4.0
|
||||||
|
github.com/lib/pq v1.10.7
|
||||||
|
- github.com/mattn/go-sqlite3 v1.14.16
|
||||||
|
+ github.com/mattn/go-sqlite3 v1.14.19
|
||||||
|
github.com/microcosm-cc/bluemonday v1.0.26
|
||||||
|
github.com/reugn/equalizer v0.0.0-20210216135016-a959c509d7ad
|
||||||
|
github.com/rs/zerolog v1.27.0
|
||||||
|
diff --git a/go.sum.orig b/go.sum
|
||||||
|
index 7ea8b78..19145ea 100644
|
||||||
|
--- a/go.sum.orig
|
||||||
|
+++ b/go.sum
|
||||||
|
@@ -479,6 +479,8 @@ github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m
|
||||||
|
github.com/mattn/go-sqlite3 v1.14.9/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
|
||||||
|
github.com/mattn/go-sqlite3 v1.14.16 h1:yOQRA0RpS5PFz/oikGwBEqvAWhWg5ufRz4ETLjwpU1Y=
|
||||||
|
github.com/mattn/go-sqlite3 v1.14.16/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
|
||||||
|
+github.com/mattn/go-sqlite3 v1.14.19 h1:fhGleo2h1p8tVChob4I9HpmVFIAkKGpiukdrgQbWfGI=
|
||||||
|
+github.com/mattn/go-sqlite3 v1.14.19/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
|
||||||
|
github.com/mattn/go-tty v0.0.0-20180219170247-931426f7535a/go.mod h1:XPvLUNfbS4fJH25nqRHfWLMa1ONC8Amw+mIA639KxkE=
|
||||||
|
github.com/mattn/go-tty v0.0.3/go.mod h1:ihxohKRERHTVzN+aSVRwACLCeqIoZAWpoICkkvrWyR0=
|
||||||
|
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
|
Loading…
Reference in a new issue