From a68c6e7b651d24425478a96f3c626ac1835435c4 Mon Sep 17 00:00:00 2001
From: Luke Murphy <lukewm@riseup.net>
Date: Tue, 27 Oct 2020 11:25:48 +0100
Subject: [PATCH] Migrating from git.autonomic.zone repo

---
 .drone.yml   | 37 +++++++++++++++++++++++++++++++++++++
 README.md    |  2 +-
 app.ini.tmpl | 28 ++++++++++++++++++++++++++++
 compose.yml  | 51 ++++++++++++++++++++++++++++++++-------------------
 helpers.sh   | 15 ---------------
 5 files changed, 98 insertions(+), 35 deletions(-)
 create mode 100644 .drone.yml
 delete mode 100755 helpers.sh

diff --git a/.drone.yml b/.drone.yml
new file mode 100644
index 0000000..c6119b5
--- /dev/null
+++ b/.drone.yml
@@ -0,0 +1,37 @@
+---
+kind: pipeline
+name: deploy to swarm-test.autonomic.zone
+steps:
+  - name: deployment
+    image: decentral1se/stack-ssh-deploy:latest
+    settings:
+      host: swarm-test.autonomic.zone
+      stack: gitea
+      deploy_key:
+        from_secret: drone_ssh_swarm_test
+    environment:
+      DOMAIN: gitea.swarm-test.autonomic.zone
+      STACK_NAME: gitea
+      LETS_ENCRYPT_ENV: production
+      GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION: true
+      GITEA_APP_NAME: Git with solidaritea
+      GITEA_AUTO_WATCH_NEW_REPOS: false
+      GITEA_DISABLE_REGISTRATION: false
+      GITEA_DOMAIN:gitea.swarm-test.autonomic.zone
+      GITEA_ENABLE_NOTIFY_MAIL: false
+      GITEA_ENABLE_OPENID_SIGNIN: true
+      GITEA_ENABLE_OPENID_SIGNUP: true
+      GITEA_MAILER_FROM: foo@example.com
+      GITEA_MAILER_HOST: smtp.example.com
+      GITEA_MAILER_USER: foo@example.com
+      GITEA_SSH_PORT: 2222
+      APP_INI_VERSION: v1
+      DB_PASSWD_VERSION: v1
+      DB_ROOT_PASSWD_VERSION: v1
+      INTERNAL_TOKEN_VERSION: v1
+      JWT_SECRET_VERSION: v1
+      SECRET_KEY_VERSION: v1
+      SMTP_PASSWD_VERSION: v1
+trigger:
+  branch:
+    - master
diff --git a/README.md b/README.md
index 00326e0..2e516f1 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,3 @@
 # gitea
 
-> https://gitea.io
+[![Build Status](https://drone.autonomic.zone/api/badges/coop-cloud/gitea/status.svg)](https://drone.autonomic.zone/coop-cloud/gitea)
diff --git a/app.ini.tmpl b/app.ini.tmpl
index c6d494c..4a779b1 100644
--- a/app.ini.tmpl
+++ b/app.ini.tmpl
@@ -1,13 +1,25 @@
 APP_NAME = {{ env "GITEA_APP_NAME" }}
 RUN_MODE = prod
+RUN_USER = git
 
 [database]
+CHARSET = utf8mb4
 DB_TYPE = {{ env "GITEA_DB_TYPE" }}
 HOST = {{ env "GITEA_DB_HOST" }}
 NAME = {{ env "GITEA_DB_NAME" }}
 PASSWD = {{ secret "db_passwd" }}
 USER = {{ env "GITEA_DB_USER" }}
 
+[service]
+ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ env "GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION" }}
+AUTO_WATCH_NEW_REPOS = {{ env "GITEA_AUTO_WATCH_NEW_REPOS" }}
+DISABLE_REGISTRATION = {{ env "GITEA_DISABLE_REGISTRATION" }}
+ENABLE_NOTIFY_MAIL = {{ env "GITEA_ENABLE_NOTIFY_MAIL" }}
+
+[openid]
+ENABLE_OPENID_SIGNIN = {{ env "GITEA_ENABLE_OPENID_SIGNIN" }}
+ENABLE_OPENID_SIGNUP = {{ env "GITEA_ENABLE_OPENID_SIGNUP" }}
+
 [repository]
 DEFAULT_BRANCH = main
 
@@ -17,6 +29,7 @@ STARTUP_TIMEOUT = 0
 [server]
 APP_DATA_PATH = /data
 DOMAIN = {{ env "GITEA_DOMAIN" }}
+LANDING_PAGE = organizations
 ROOT_URL = https://%(DOMAIN)s/
 SSH_DOMAIN = {{ env "GITEA_DOMAIN" }}
 SSH_LISTEN_PORT = {{ env "GITEA_SSH_PORT" }}
@@ -31,6 +44,21 @@ SECRET_KEY = {{ secret "secret_key" }}
 [oauth2]
 JWT_SECRET = {{ secret "jwt_secret" }}
 
+[mailer]
+ENABLED        = true
+FROM           = {{ env "GITEA_MAILER_FROM" }}
+HOST           = {{ env "GITEA_MAILER_HOST" }}
+USER           = {{ env "GITEA_MAILER_USER" }}
+PASSWD         = {{ secret "smtp_passwd" }}
+MAILER_TYPE    = smtp
+IS_TLS_ENABLED = true
+
+[markup.restructuredtext]
+ENABLED         = true
+FILE_EXTENSIONS = .rst
+RENDER_COMMAND  = rst2html
+IS_INPUT_FILE   = false
+
 [picture]
 AVATAR_UPLOAD_PATH = /data/gitea/avatars
 REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
diff --git a/compose.yml b/compose.yml
index 4049d3b..8866ff5 100644
--- a/compose.yml
+++ b/compose.yml
@@ -2,7 +2,7 @@
 version: "3.8"
 
 services:
-  gitea:
+  app:
     image: "gitea/gitea:1.12.5"
     configs:
       - source: app_ini
@@ -12,16 +12,28 @@ services:
       - internal_token
       - jwt_secret
       - secret_key
+      - smtp_passwd
     environment:
-      - GITEA_APP_NAME=${APP_NAME}
-      - GITEA_DB_HOST=${DB_HOST}
-      - GITEA_DB_NAME=${DB_NAME}
-      - GITEA_DB_TYPE=${DB_TYPE}
-      - GITEA_DB_USER=${DB_USER}
+      - GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION
+      - GITEA_APP_NAME
+      - GITEA_AUTO_WATCH_NEW_REPOS
+      - GITEA_DB_HOST=mariadb:3306
+      - GITEA_DB_NAME=gitea
+      - GITEA_DB_TYPE=mysql
+      - GITEA_DB_USER=gitea
+      - GITEA_DISABLE_REGISTRATION
       - GITEA_DOMAIN=${DOMAIN}
-      - GITEA_SSH_PORT=${SSH_HOST_PORT}
+      - GITEA_ENABLE_NOTIFY_MAIL
+      - GITEA_ENABLE_OPENID_SIGNIN
+      - GITEA_ENABLE_OPENID_SIGNUP
+      - GITEA_MAILER_FROM
+      - GITEA_MAILER_HOST
+      - GITEA_MAILER_USER
+      - GITEA_SSH_PORT
     volumes:
       - "git:/data"
+      - "/etc/timezone:/etc/timezone:ro"
+      - "/etc/localtime:/etc/localtime:ro"
     networks:
       - proxy
       - internal
@@ -30,24 +42,22 @@ services:
       interval: 15s
       timeout: 10s
       retries: 10
-      start_period: 15s
+      start_period: 30s
     deploy:
       update_config:
         failure_action: rollback
         order: start-first
       labels:
         - "traefik.enable=true"
-
         - "traefik.http.routers.gitea.rule=Host(`${DOMAIN}`)"
         - "traefik.http.routers.gitea.entrypoints=web-secure"
         - "traefik.http.services.gitea.loadbalancer.server.port=3000"
-        - "traefik.http.routers.gitea.tls.certresolver=${LETS_ENCRYPT_ENV:production}"
-
+        - "traefik.http.routers.gitea.tls.certresolver=${LETS_ENCRYPT_ENV}"
         - "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
         - "traefik.tcp.routers.gitea-ssh.entrypoints=gitea-ssh"
-        - "traefik.tcp.services.gitea-ssh.loadbalancer.server.port=${SSH_HOST_PORT}"
+        - "traefik.tcp.services.gitea-ssh.loadbalancer.server.port=${GITEA_SSH_PORT}"
 
-  mariadb:
+  database:
     image: "mariadb:10.5"
     command: |
       mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
@@ -71,25 +81,28 @@ networks:
 
 configs:
   app_ini:
-    name: ${APP_INI_VERSION}
+    name: ${STACK_NAME}_app_ini_${APP_INI_VERSION}
     file: app.ini.tmpl
     template_driver: golang
 
 secrets:
   db_passwd:
-    name: ${DB_PASSWD_VERSION}
+    name: ${STACK_NAME}_db_passwd_${DB_PASSWD_VERSION}
     external: true
   db_root_passwd:
-    name: ${DB_ROOT_PASSWD_VERSION}
+    name: ${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}
     external: true
   internal_token:
-    name: ${INTERNAL_TOKEN_VERSION}
+    name: ${STACK_NAME}_internal_token_${INTERNAL_TOKEN_VERSION}
     external: true
   jwt_secret:
-    name: ${JWT_SECRET_VERSION}
+    name: ${STACK_NAME}_jwt_secret_${JWT_SECRET_VERSION}
     external: true
   secret_key:
-    name: ${SECRET_KEY_VERSION}
+    name: ${STACK_NAME}_secret_key_${SECRET_KEY_VERSION}
+    external: true
+  smtp_passwd:
+    name: ${STACK_NAME}_smtp_passwd_${SMTP_PASSWD_VERSION}
     external: true
 
 volumes:
diff --git a/helpers.sh b/helpers.sh
deleted file mode 100755
index 72f75d4..0000000
--- a/helpers.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/bash
-
-create-admin () {
-  container=$(docker container ls -f "name=${STACK_NAME}_gitea" -q)
-  docker exec "$container" \
-    gitea \
-    --custom-path /data/gitea/ \
-    --config /data/gitea/conf/app.ini \
-    admin \
-    create-user \
-    --admin \
-    --username autonomic \
-    --password autonomic \
-    --email autonomic@autonomic.zone
-}