#!/bin/bash # # .---. . . # | | | # |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. # | | (.-' (.-' ( | ( )| | | | )( )| | (.-' # ' ' --' --' -' - -' ' ' -' -' -' ' - --' # # Freedom in the Cloud # # Gogs functions # # License # ======= # # Copyright (C) 2014-2016 Bob Mottram # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . VARIANTS='full developer' GOGS_USERNAME='gogs' GOGS_VERSION='0.9.97' GIT_DOMAIN_NAME= GIT_CODE= GIT_ONION_PORT=8090 GIT_ADMIN_PASSWORD= GOGS_BIN= function change_password_gogs { echo -n '' } function gogs_parameters { if [[ $ARCHITECTURE == *"386" || $ARCHITECTURE == *"686" ]]; then CURR_ARCH=386 fi if [[ $ARCHITECTURE == *"amd64" ]]; then CURR_ARCH=amd64 fi if [[ $ARCHITECTURE == *"arm"* ]]; then CURR_ARCH=arm fi if [ ! $CURR_ARCH ]; then echo $'No architecture specified' ARCHITECTURE=$(uname -m) if [[ $ARCHITECTURE == "arm"* ]]; then CURR_ARCH=arm fi if [[ $ARCHITECTURE == "amd"* ]]; then CURR_ARCH=amd64 fi if [[ $ARCHITECTURE == *"386" || $ARCHITECTURE == *"686" ]]; then CURR_ARCH=386 fi fi GOGS_BIN="https://github.com/gogits/gogs/releases/download/v${GOGS_VERSION}/linux_${CURR_ARCH}.tar.gz" } function get_mariadb_git_admin_password { if [ -f /home/$MY_USERNAME/README ]; then if grep -q "Gogs admin user password" /home/$MY_USERNAME/README; then GIT_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Gogs admin user password" | awk -F ':' '{print $2}' | sed 's/^ *//') fi fi } function gogs_create_database { function_check get_mariadb_git_admin_password get_mariadb_git_admin_password if [ ! $GIT_ADMIN_PASSWORD ]; then if [ -f $IMAGE_PASSWORD_FILE ]; then GIT_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)" else GIT_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})" fi fi if [ ! $GIT_ADMIN_PASSWORD ]; then return fi function_check create_database create_database gogs "$GOGS_ADMIN_PASSWORD" } function reconfigure_gogs { echo -n '' } function upgrade_gogs { if ! grep -Fxq "install_gogs" $COMPLETION_FILE; then return fi if ! grep -q "Gogs version:" $COMPLETION_FILE; then return fi CURR_GOGS_VERSION=$(cat $COMPLETION_FILE | grep "Gogs version" | head -n 1 | awk -F ':' '{print $2}') if [[ "$CURR_GOGS_VERSION" == "$GOGS_VERSION" ]]; then return fi gogs_parameters if [ ! -d ${INSTALL_DIR} ]; then mkdir -p ${INSTALL_DIR} fi cd ${INSTALL_DIR} if [ -f linux-${CURR_ARCH}.tar.gz ]; then rm linux-${CURR_ARCH}.tar.gz fi wget ${GOGS_BIN} if [ ! -f linux_${CURR_ARCH}.tar.gz ]; then GOGS_BIN="https://github.com/gogits/gogs/releases/download/v${GOGS_VERSION}/linux_${CURR_ARCH}.zip" wget ${GOGS_BIN} if [ ! -f linux_${CURR_ARCH}.zip ]; then exit 37836 else apt-get -y install unzip unzip linux_${CURR_ARCH}.zip fi else tar -xzf ${INSTALL_DIR}/linux_${CURR_ARCH}.tar.gz fi if [ ! -d $INSTALL_DIR/gogs ]; then exit 37823 fi cp -r $INSTALL_DIR/gogs /home/$GOGS_USERNAME rm linux_${CURR_ARCH}.tar.gz sed -i "s|Gogs version.*|Gogs version:$GOGS_VERSION|g" $COMPLETION_FILE systemctl restart gogs } function backup_local_gogs { if ! grep -q "Gogs domain" $COMPLETION_FILE; then return fi if [ ! -d /home/$GOGS_USERNAME/gogs-repositories ]; then return fi GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}') echo $"Backing up gogs" function_check backup_database_to_usb backup_database_to_usb gogs function_check backup_directory_to_usb backup_directory_to_usb /home/$GOGS_USERNAME/custom gogs backup_directory_to_usb /home/$GOGS_USERNAME/gogs-repositories gogsrepos backup_directory_to_usb /home/$GOGS_USERNAME/.ssh gogsssh echo $"Gogs backup complete" } function restore_local_gogs { if ! grep -q "Gogs domain" $COMPLETION_FILE; then return fi if [ ! -d /home/$GOGS_USERNAME/gogs-repositories ]; then return fi GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}') if [ ${#GIT_DOMAIN_NAME} -gt 2 ]; then function_check gogs_create_database gogs_create_database function_check restore_database restore_database gogs ${GIT_DOMAIN_NAME} temp_restore_dir=/root/tempgogs if [ -d $USB_MOUNT/backup/gogs ]; then echo $"Restoring Gogs settings" if [ ! -d /home/$GOGS_USERNAME/custom ]; then mkdir -p /home/$GOGS_USERNAME/custom fi cp -r ${temp_restore_dir}/home/$GOGS_USERNAME/custom/* /home/$GOGS_USERNAME/custom if [ ! "$?" = "0" ]; then function_check set_user_permissions set_user_permissions function_check backup_unmount_drive backup_unmount_drive exit 981 fi echo $"Restoring Gogs repos" function_check restore_directory_from_usb restore_directory_from_usb ${temp_restore_dir}repos gogsrepos cp -r ${temp_restore_dir}repos/home/$GOGS_USERNAME/gogs-repositories/* /home/$GOGS_USERNAME/gogs-repositories/ if [ ! "$?" = "0" ]; then function_check set_user_permissions set_user_permissions function_check backup_unmount_drive backup_unmount_drive exit 67574 fi echo $"Restoring Gogs authorized_keys" function_check restore_directory_from_usb restore_directory_from_usb ${temp_restore_dir}ssh gogsssh if [ ! -d /home/$GOGS_USERNAME/.ssh ]; then mkdir /home/$GOGS_USERNAME/.ssh fi cp -r ${temp_restore_dir}ssh/home/$GOGS_USERNAME/.ssh/* /home/$GOGS_USERNAME/.ssh/ if [ ! "$?" = "0" ]; then function_check set_user_permissions set_user_permissions function_check backup_unmount_drive backup_unmount_drive exit 8463 fi rm -rf ${temp_restore_dir} rm -rf ${temp_restore_dir}repos rm -rf ${temp_restore_dir}ssh chown -R $GOGS_USERNAME:$GOGS_USERNAME /home/$GOGS_USERNAME fi fi } function backup_remote_gogs { if [ -d /home/$GOGS_USERNAME ]; then GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}') function_check suspend_site suspend_site ${GIT_DOMAIN_NAME} function_check backup_database_to_friend backup_database_to_friend $GOGS_USERNAME echo $"Obtaining Gogs settings backup" function_check backup_directory_to_friend backup_directory_to_friend /home/$GOGS_USERNAME/custom gogs echo $"Obtaining Gogs repos backup" mv /home/$GOGS_USERNAME/gogs-repositories/*.git /home/$GOGS_USERNAME/gogs-repositories/bob backup_directory_to_friend /home/$GOGS_USERNAME/gogs-repositories gogsrepos echo $"Obtaining Gogs authorized_keys backup" backup_directory_to_friend /home/$GOGS_USERNAME/.ssh gogsssh function_check restart_site restart_site echo $"Gogs backup complete" fi } function restore_remote_gogs { if grep -q "Gogs domain" $COMPLETION_FILE; then GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}') function_check gogs_create_database gogs_create_database function_check restore_database_from_friend restore_database_from_friend gogs $GIT_DOMAIN_NAME if [ -d $SERVER_DIRECTORY/backup/gogs ]; then if [ ! -d /home/$GOGS_USERNAME/custom ]; then mkdir -p /home/$GOGS_USERNAME/custom fi cp -r /root/tempgogs/home/$GOGS_USERNAME/custom/* /home/$GOGS_USERNAME/custom/ if [ ! "$?" = "0" ]; then exit 58852 fi echo $"Restoring Gogs repos" restore_directory_from_friend /root/tempgogsrepos gogsrepos cp -r /root/tempgogsrepos/home/$GOGS_USERNAME/gogs-repositories/* /home/$GOGS_USERNAME/gogs-repositories/ if [ ! "$?" = "0" ]; then exit 7649 fi echo $"Restoring Gogs authorized_keys" restore_directory_from_friend /root/tempgogsssh gogsssh if [ ! -d /home/$GOGS_USERNAME/.ssh ]; then mkdir /home/$GOGS_USERNAME/.ssh fi cp -r /root/tempgogsssh/home/$GOGS_USERNAME/.ssh/* /home/$GOGS_USERNAME/.ssh/ if [ ! "$?" = "0" ]; then exit 74239 fi rm -rf /root/tempgogs rm -rf /root/tempgogsrepos rm -rf /root/tempgogsssh chown -R $GOGS_USERNAME:$GOGS_USERNAME /home/$GOGS_USERNAME echo $"Restore of Gogs complete" fi fi } function remove_gogs { if ! grep -Fxq "install_gogs" $COMPLETION_FILE; then return fi function_check select_go_version select_go_version systemctl stop gogs systemctl disable gogs nginx_dissite $GIT_DOMAIN_NAME if [ -d /var/www/$GIT_DOMAIN_NAME ]; then rm -rf /var/www/$GIT_DOMAIN_NAME fi if [ -f /etc/nginx/sites-available/$GIT_DOMAIN_NAME ]; then rm /etc/nginx/sites-available/$GIT_DOMAIN_NAME fi function_check drop_database drop_database gogs rm /etc/systemd/system/gogs.service rm -rf /home/$GOGS_USERNAME/* remove_onion_service gogs ${GIT_ONION_PORT} 9418 sed -i '/install_gogs/d' $COMPLETION_FILE sed -i '/Gogs /d' $COMPLETION_FILE } function install_gogs { if [ ! $GIT_DOMAIN_NAME ]; then return fi if grep -Fxq "install_gogs" $COMPLETION_FILE; then return fi adduser --disabled-login --gecos 'Gogs' $GOGS_USERNAME gogs_parameters if [ ! -d ${INSTALL_DIR} ]; then mkdir -p ${INSTALL_DIR} fi cd ${INSTALL_DIR} if [ -f linux-${CURR_ARCH}.tar.gz ]; then rm linux-${CURR_ARCH}.tar.gz fi wget ${GOGS_BIN} if [ ! -f linux_${CURR_ARCH}.tar.gz ]; then GOGS_BIN="https://github.com/gogits/gogs/releases/download/v${GOGS_VERSION}/linux_${CURR_ARCH}.zip" wget ${GOGS_BIN} if [ ! -f linux_${CURR_ARCH}.zip ]; then exit 37836 else apt-get -y install unzip unzip linux_${CURR_ARCH}.zip fi else tar -xzf ${INSTALL_DIR}/linux_${CURR_ARCH}.tar.gz fi if [ ! -d $INSTALL_DIR/gogs ]; then exit 37823 fi cp -r $INSTALL_DIR/gogs /home/$GOGS_USERNAME rm linux_${CURR_ARCH}.tar.gz if [ ! -f /home/$GOGS_USERNAME/gogs ]; then echo 'Gogs binary not installed' exit 345562 fi echo "export GOROOT=/home/go" >> /home/$GOGS_USERNAME/.bashrc echo "export GOPATH=\$GOROOT/go${GO_VERSION}/bin" >> /home/$GOGS_USERNAME/.bashrc echo 'export PATH=$PATH:$GOPATH' >> /home/$GOGS_USERNAME/.bashrc chown -R $GOGS_USERNAME:$GOGS_USERNAME /home/$GOGS_USERNAME function_check install_mariadb install_mariadb function_check get_mariadb_password get_mariadb_password function_check gogs_create_database if [ ! -f /home/$GOGS_USERNAME/scripts/mysql.sql ]; then echo $'MySql template for Gogs was not found' exit 72528 fi if ! grep -q $"Gogs admin user password" /home/$MY_USERNAME/README; then echo '' >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README echo 'Gogs' >> /home/$MY_USERNAME/README echo '====' >> /home/$MY_USERNAME/README echo $'Install Steps For First-time Run:' >> /home/$MY_USERNAME/README echo $'Leave email service settings empty' >> /home/$MY_USERNAME/README echo $'Check "Enable Register Confirmation"' >> /home/$MY_USERNAME/README echo $'Check "Enable Mail Notification"' >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README echo $'If you want to disable new account registrations then append the following:' >> /home/$MY_USERNAME/README echo ' [service]' >> /home/$MY_USERNAME/README echo ' DISABLE_REGISTRATION = true' >> /home/$MY_USERNAME/README echo $'Then restart with:' >> /home/$MY_USERNAME/README echo ' systemctl restart gogs' >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README echo $"Note that there's a usability/security trade-off made here." >> /home/$MY_USERNAME/README echo $"In order to allow git clone via http we don't redirect everything" >> /home/$MY_USERNAME/README echo $'over https. Instead only critical things such as user login,' >> /home/$MY_USERNAME/README echo $'settings and admin are encrypted.' >> /home/$MY_USERNAME/README echo $'There are also potential security issues with cloning/pulling/pushing' >> /home/$MY_USERNAME/README echo $'code over http, since a determined adversary could inject malware' >> /home/$MY_USERNAME/README echo $'into the stream as it passes, so beware.' >> /home/$MY_USERNAME/README echo $'If you have a bought domain and a non-self signed cert then you' >> /home/$MY_USERNAME/README echo $"should change /etc/nginx/sites-available/$GIT_DOMAIN_NAME to redirect everything over https." >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README chmod 600 /home/$MY_USERNAME/README fi function_check initialise_database initialise_database gogs /home/$GOGS_USERNAME/scripts/mysql.sql chown -R $GOGS_USERNAME:$GOGS_USERNAME /home/$GOGS_USERNAME echo '[Unit]' > /etc/systemd/system/gogs.service echo 'Description=Gogs (Go Git Service)' >> /etc/systemd/system/gogs.service echo 'After=syslog.target' >> /etc/systemd/system/gogs.service echo 'After=network.target' >> /etc/systemd/system/gogs.service echo 'After=mysqld.service' >> /etc/systemd/system/gogs.service echo '' >> /etc/systemd/system/gogs.service echo '[Service]' >> /etc/systemd/system/gogs.service echo '#LimitMEMLOCK=infinity' >> /etc/systemd/system/gogs.service echo '#LimitNOFILE=65535' >> /etc/systemd/system/gogs.service echo 'Type=simple' >> /etc/systemd/system/gogs.service echo 'User=gogs' >> /etc/systemd/system/gogs.service echo 'Group=some_group' >> /etc/systemd/system/gogs.service echo 'WorkingDirectory=/home/$GOGS_USERNAME' >> /etc/systemd/system/gogs.service echo 'ExecStart=/home/$GOGS_USERNAME/gogs web' >> /etc/systemd/system/gogs.service echo 'Restart=always' >> /etc/systemd/system/gogs.service echo 'RestartSec=10' >> /etc/systemd/system/gogs.service echo "Environment=\"USER=$GOGS_USERNAME\" \"HOME=/home/$GOGS_USERNAME\" \"GOPATH=$GOPATH\" \"GVM_ROOT=$GVM_HOME\"" >> /etc/systemd/system/gogs.service echo '' >> /etc/systemd/system/gogs.service echo '[Install]' >> /etc/systemd/system/gogs.service echo 'WantedBy=multi-user.target' >> /etc/systemd/system/gogs.service systemctl enable gogs systemctl daemon-reload systemctl restart gogs if [ ! -d /var/www/$GIT_DOMAIN_NAME ]; then mkdir /var/www/$GIT_DOMAIN_NAME fi if [ -d /var/www/$GIT_DOMAIN_NAME/htdocs ]; then rm -rf /var/www/$GIT_DOMAIN_NAME/htdocs fi if [[ $ONION_ONLY == "no" ]]; then function_check nginx_http_redirect nginx_http_redirect $GIT_DOMAIN_NAME echo 'server {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo " root /var/www/$GIT_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo " server_name $GIT_DOMAIN_NAME;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo " error_log /var/log/nginx/${GIT_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME function_check nginx_limits nginx_limits $GIT_DOMAIN_NAME '10G' function_check nginx_ssl nginx_ssl $GIT_DOMAIN_NAME function_check nginx_disable_sniffing nginx_disable_sniffing $GIT_DOMAIN_NAME echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' location / {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' proxy_pass http://localhost:3000;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' location = /robots.txt {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' allow all;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' log_not_found off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '}' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME else echo -n '' > /etc/nginx/sites-available/$GIT_DOMAIN_NAME fi echo 'server {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo " listen 127.0.0.1:${GIT_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo " root /var/www/$GIT_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo " server_name $GIT_DOMAIN_NAME;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo " error_log /var/log/nginx/${GIT_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME function_check nginx_limits nginx_limits $GIT_DOMAIN_NAME '10G' function_check nginx_disable_sniffing nginx_disable_sniffing $GIT_DOMAIN_NAME echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' location / {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' proxy_pass http://localhost:3000;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' location = /robots.txt {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' allow all;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' log_not_found off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME echo '}' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME function_check configure_php configure_php function_check create_site_certificate create_site_certificate $GIT_DOMAIN_NAME 'yes' nginx_ensite $GIT_DOMAIN_NAME if [ ! -d /var/lib/tor ]; then echo $'No Tor installation found. Gogs onion site cannot be configured.' exit 877367 fi if ! grep -q "hidden_service_gogs" /etc/tor/torrc; then echo 'HiddenServiceDir /var/lib/tor/hidden_service_gogs/' >> /etc/tor/torrc echo "HiddenServicePort 80 127.0.0.1:${GIT_ONION_PORT}" >> /etc/tor/torrc echo "HiddenServicePort 9418 127.0.0.1:9418" >> /etc/tor/torrc echo $'Added onion site for Gogs' fi systemctl restart tor function_check wait_for_onion_service wait_for_onion_service 'gogs' GIT_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_gogs/hostname) systemctl restart php5-fpm systemctl restart nginx if ! grep -q "Gogs onion domain" /home/$MY_USERNAME/README; then echo "Gogs onion domain: ${GIT_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README chmod 600 /home/$MY_USERNAME/README fi if ! grep -q "Gogs onion domain" $COMPLETION_FILE; then echo "Gogs onion domain:${GIT_ONION_HOSTNAME}" >> $COMPLETION_FILE fi function_check add_ddns_domain add_ddns_domain $GIT_DOMAIN_NAME # obtain the secret key GOGS_SECRET_KEY= if grep -q "Gogs secret key:" /home/$MY_USERNAME/README; then GOGS_SECRET_KEY=$(cat /home/$MY_USERNAME/README | grep "Gogs secret key:" | awk -F ':' '{print $2}' | sed 's/^ *//') else GOGS_SECRET_KEY="$(create_password ${MINIMUM_PASSWORD_LENGTH})" echo "Gogs secret key:$GOGS_SECRET_KEY" >> /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README fi # create the configuration GOGS_CONFIG_PATH=/home/$GOGS_USERNAME/custom/conf if [ ! -d $GOGS_CONFIG_PATH ]; then mkdir -p $GOGS_CONFIG_PATH fi GOGS_CONFIG_FILE=$GOGS_CONFIG_PATH/app.ini echo "RUN_USER = $GOGS_USERNAME" > $GOGS_CONFIG_FILE echo 'RUN_MODE = prod' >> $GOGS_CONFIG_FILE echo '' >> $GOGS_CONFIG_FILE echo '[database]' >> $GOGS_CONFIG_FILE echo 'DB_TYPE = mysql' >> $GOGS_CONFIG_FILE echo 'HOST = 127.0.0.1:3306' >> $GOGS_CONFIG_FILE echo 'NAME = gogs' >> $GOGS_CONFIG_FILE echo 'USER = root' >> $GOGS_CONFIG_FILE echo "PASSWD = $MARIADB_PASSWORD" >> $GOGS_CONFIG_FILE echo 'SSL_MODE = disable' >> $GOGS_CONFIG_FILE echo 'PATH = data/gogs.db' >> $GOGS_CONFIG_FILE echo '' >> $GOGS_CONFIG_FILE echo '[repository]' >> $GOGS_CONFIG_FILE echo "ROOT = /home/$GOGS_USERNAME/gogs-repositories" >> $GOGS_CONFIG_FILE echo '' >> $GOGS_CONFIG_FILE echo '[server]' >> $GOGS_CONFIG_FILE if [[ $ONION_ONLY == 'no' ]]; then echo "DOMAIN = ${GIT_DOMAIN_NAME}" >> $GOGS_CONFIG_FILE else echo "DOMAIN = ${GIT_ONION_HOSTNAME}" >> $GOGS_CONFIG_FILE fi echo 'HTTP_PORT = 3000' >> $GOGS_CONFIG_FILE echo "ROOT_URL = http://$GIT_DOMAIN_NAME/" >> $GOGS_CONFIG_FILE echo "SSH_PORT = $SSH_PORT" >> $GOGS_CONFIG_FILE echo 'SSH_DOMAIN = %(DOMAIN)s' >> $GOGS_CONFIG_FILE echo "CERT_FILE = /etc/ssl/certs/${GIT_DOMAIN_NAME}.pem" >> $GOGS_CONFIG_FILE echo "KEY_FILE = /etc/ssl/private/${GIT_DOMAIN_NAME}.key" >> $GOGS_CONFIG_FILE echo 'DISABLE_ROUTER_LOG = true' >> $GOGS_CONFIG_FILE echo '' >> $GOGS_CONFIG_FILE echo '[session]' >> $GOGS_CONFIG_FILE echo 'PROVIDER = file' >> $GOGS_CONFIG_FILE echo '' >> $GOGS_CONFIG_FILE echo '[log]' >> $GOGS_CONFIG_FILE echo 'MODE = file' >> $GOGS_CONFIG_FILE echo 'LEVEL = Info' >> $GOGS_CONFIG_FILE echo '' >> $GOGS_CONFIG_FILE echo '[security]' >> $GOGS_CONFIG_FILE echo 'INSTALL_LOCK = true' >> $GOGS_CONFIG_FILE echo "SECRET_KEY = $GOGS_SECRET_KEY" >> $GOGS_CONFIG_FILE echo '' >> $GOGS_CONFIG_FILE echo '[service]' >> $GOGS_CONFIG_FILE echo 'DISABLE_REGISTRATION = false' >> $GOGS_CONFIG_FILE echo 'SHOW_REGISTRATION_BUTTON = true' >> $GOGS_CONFIG_FILE echo 'REQUIRE_SIGNIN_VIEW = false' >> $GOGS_CONFIG_FILE echo 'ENABLE_CAPTCHA = false' >> $GOGS_CONFIG_FILE echo '' >> $GOGS_CONFIG_FILE echo '[other]' >> $GOGS_CONFIG_FILE echo 'SHOW_FOOTER_BRANDING = false' >> $GOGS_CONFIG_FILE echo 'SHOW_FOOTER_VERSION = false' >> $GOGS_CONFIG_FILE chmod 750 $GOGS_CONFIG_FILE chown -R $GOGS_USERNAME:$GOGS_USERNAME /home/$GOGS_USERNAME systemctl restart gogs if ! grep -q "Gogs domain:" $COMPLETION_FILE; then echo "Gogs domain:$GIT_DOMAIN_NAME" >> $COMPLETION_FILE fi function_check configure_firewall_for_git configure_firewall_for_git if ! grep -q "Gogs version:" $COMPLETION_FILE; then echo "Gogs version:$GOGS_VERSION" >> $COMPLETION_FILE else sed -i "s|Gogs version.*|Gogs version:$GOGS_VERSION|g" $COMPLETION_FILE fi echo 'install_gogs' >> $COMPLETION_FILE } # NOTE: deliberately no exit 0