init with structure

.env

@@ -0,0 +1,29 @@
+# MariaDB vars
+MARIADB_ROOT_PASSWORD=gitea
+MARIADB_USER=gitea
+MARIADB_PASSWORD=gitea
+MARIADB_DATABASE=gitea
+MARIADB_INNODB_BUFFER_POOL_SIZE=512M
+
+# Docker-compose vars
+IMAGE_TAG=local
+EXTERNAL_DATA_BOOL=false
+
+# Gitea app.ini overrides
+GITEA__DEFAULT__RUN_MODE=dev
+GITEA__server__DOMAIN=localhost:3000
+GITEA__server__SSH_DOMAIN=localhost
+GITEA__server__SSH_PORT=222
+GITEA__database__HOST=db
+GITEA__database__NAME=gitea
+GITEA__database__USER=gitea
+GITEA__database__PASSWD=gitea
+GITEA__security__SECRET_KEY=giteasecretkey
+GITEA__security__INTERNAL_TOKEN=giteainternaltoken
+GITEA__service__REGISTER_EMAIL_CONFIRM=false
+GITEA__mailer__ENABLED=false
+GITEA__mailer__HOST=localhost
+GITEA__mailer__USER=user
+GITEA__mailer__PASSWD=password
+GITEA__mailer__FROM=[email protected]
+GITEA__oauth2__JWT_SECRET=giteajwtsecret

README.md

@@ -0,0 +1,3 @@
+# Gitea - WACS UI customizations
+
+This project is UI customizations for WA's Gitea instance. The files here were forked from [Gitea](https://github.com/go-gitea/gitea) and [Gogs](https://gogs.io).

app.ini

@@ -0,0 +1,182 @@
+APP_NAME = Wycliffe Associates Content Service
+RUN_MODE = dev
+
+[repository]
+ROOT               = /data/gitea/repositories
+DEFAULT_PRIVATE    = public
+MAX_CREATION_LIMIT = 2000
+DISABLE_HTTP_GIT   = false
+
+[repository.upload]
+ENABLED       = true
+TEMP_PATH     = data/tmp/uploads
+ALLOWED_TYPES = image/jpeg|image/png|image/gif|application/pdf|.txt|text/plain|text/csv|.usfm|text/usfm|text/x-usfm|text/usfm3|.md|.markdown|text/markdown|text/x-markdown|.yaml|.yml|text/x-yaml|application/x-yaml|text/yaml|text/vnd.yaml
+FILE_MAX_SIZE = 10
+MAX_FILES     = 10
+
+[cors]
+ENABLED      = true
+ALLOW_DOMAIN = *
+
+[ui]
+SHOW_USER_EMAIL       = false
+DEFAULT_THEME         = gitea
+THEMES                = gitea
+
+[ui.meta]
+AUTHOR      = Wycliffe Associates and many volunteers
+DESCRIPTION = An online repository for open-licensed Biblical content in any language
+KEYWORDS    = bible,translation
+
+[server]
+APP_DATA_PATH           = /data/gitea
+PROTOCOL                = http
+DOMAIN                  = localhost:3000
+ROOT_URL                = https://%(DOMAIN)s/
+HTTP_ADDR               = 0.0.0.0
+HTTP_PORT               = 3000
+REDIRECT_OTHER_PORT     = false
+PORT_TO_REDIRECT        = 80
+UNIX_SOCKET_PERMISSION  = 666
+DISABLE_SSH             = false
+START_SSH_SERVER        = true
+BUILTIN_SSH_SERVER_USER = 
+SSH_DOMAIN              = localhost
+SSH_LISTEN_HOST         = 0.0.0.0
+SSH_PORT                = 222
+SSH_LISTEN_PORT         = 222
+SSH_SERVER_HOST_KEYS    = /data/gitea/data/ssh/gogs.rsa
+SSH_ROOT_PATH           = /home/git/.ssh
+SSH_EXPOSE_ANONYMOUS    = false
+OFFLINE_MODE            = false
+DISABLE_ROUTER_LOG      = false
+STATIC_ROOT_PATH        = /data/gitea
+LFS_START_SERVER        = false
+
+[database]
+DB_TYPE = mysql
+HOST    = db
+NAME    = gitea
+USER    = gitea
+PASSWD  = gitea
+LOG_SQL = true
+
+[indexer]
+ISSUE_INDEXER_PATH   = /data/gitea/data/indexers/issues.queue
+REPO_INDEXER_ENABLED = false
+
+[security]
+INSTALL_LOCK        = true
+SECRET_KEY          = giteasecretkey
+MIN_PASSWORD_LENGTH = 6
+IMPORT_LOCAL_PATHS  = false
+DISABLE_GIT_HOOKS   = false
+INTERNAL_TOKEN      = giteainternaltoken
+
+[openid]
+ENABLE_OPENID_SIGNIN = true
+WHITELISTED_URIS     = 
+BLACKLISTED_URIS     = 
+
+[service]
+REGISTER_EMAIL_CONFIRM                        = false
+DISABLE_REGISTRATION                          = false
+ENABLE_NOTIFY_MAIL                            = true
+ENABLE_CAPTCHA                                = true
+DEFAULT_KEEP_EMAIL_PRIVATE                    = false
+DEFAULT_ENABLE_TIMETRACKING                   = false
+NO_REPLY_ADDRESS                              = noreply.example.org
+ENABLE_USER_HEATMAP                           = false
+
+[queue]
+DATADIR = /data/gitea/data/queues
+
+[webhook]
+DELIVER_TIMEOUT = 60
+
+;This all changes in 1.18
+[mailer]
+ENABLED            = false
+SUBJECT            = %(APP_NAME)s
+HOST               = localhost
+DISABLE_HELO       = 
+HELO_HOSTNAME      = 
+SKIP_VERIFY        = 
+USE_CERTIFICATE    = false
+CERT_FILE          = custom/mailer/cert.pem
+KEY_FILE           = custom/mailer/key.pem
+FROM               = [email protected]
+USER               = user
+PASSWD             = password
+SEND_AS_PLAIN_TEXT = false
+
+[picture]
+AVATAR_UPLOAD_PATH      = /data/gitea/data/avatars
+GRAVATAR_SOURCE         = gravatar
+DISABLE_GRAVATAR        = false
+
+[attachment]
+ENABLED       = true
+PATH          = /data/gitea/data/attachments
+ALLOWED_TYPES = image/jpeg|image/png|image/gif
+MAX_SIZE      = 4
+MAX_FILES     = 5
+
+[log]
+ROOT_PATH            = /data/gitea/log
+MODE                 = console, file
+BUFFER_LEN           = 10000
+LEVEL                = Info
+REDIRECT_MACARON_LOG = true
+ROUTER_LOG_LEVEL     = Debug
+logger.router.MODE   = file
+logger.access.MODE   = file
+logger.xorm.MODE     = file
+
+[cron]
+ENABLED      = true
+RUN_AT_START = false
+
+[cron.update_mirrors]
+SCHEDULE = @every 4h
+
+[cron.repo_health_check]
+SCHEDULE = @every 24h
+TIMEOUT  = 60s
+
+[cron.check_repo_stats]
+RUN_AT_START = true
+SCHEDULE     = @every 24h
+
+[cron.archive_cleanup]
+ENABLED      = true
+RUN_AT_START = true
+SCHEDULE     = @every 24h
+OLDER_THAN   = 24h
+
+[cron.sync_external_users]
+RUN_AT_START    = false
+SCHEDULE        = @every 24h
+UPDATE_EXISTING = true
+
+[git]
+DISABLE_DIFF_HIGHLIGHT = false
+MAX_GIT_DIFF_LINES     = 3000
+
+[api]
+ENABLE_SWAGGER     = true
+MAX_RESPONSE_ITEMS = 50
+
+[other]
+SHOW_FOOTER_VERSION            = false
+SHOW_FOOTER_TEMPLATE_LOAD_TIME = true
+
+[markup.asciidoc]
+ENABLED         = false
+FILE_EXTENSIONS = .adoc,.asciidoc
+RENDER_COMMAND  = asciidoc --out-file=- -
+IS_INPUT_FILE   = false
+
+[oauth2]
+ENABLE     = true
+JWT_SECRET = qFQPg8hefnAb0hOxM1yrImdtcQyYFR5H1hWiTUJ5BFM

deploy.sh

@@ -0,0 +1,64 @@
+#!/bin/bash
+
+if [ -z "$DEPLOY_ENV" ]; then
+  echo "Error: Please set the 'DEPLOY_ENV' environment variable."
+  exit 1
+fi
+
+if [ -z "$OP_SERVICE_ACCOUNT_TOKEN" ]; then
+  echo "Error: Please set the 'OP_SERVICE_ACCOUNT_TOKEN' environment variable."
+  exit 1
+fi
+
+shopt -s expand_aliases
+set -x
+
+alias op="docker run -e OP_SERVICE_ACCOUNT_TOKEN 1password/op:2 op"
+
+# Log in to 1password CLI
+
+export OP_SERVICE_ACCOUNT_TOKEN=$OP_SERVICE_ACCOUNT_TOKEN
+
+# Config vars via 1password secret refs
+
+# MariaDB vars
+export MARIADB_ROOT_PASSWORD=$(op read "op://wacs/wacs-mariadb/$DEPLOY_ENV/root_password")
+export MARIADB_USER=$(op read "op://wacs/wacs-mariadb/$DEPLOY_ENV/username")
+export MARIADB_PASSWORD=$(op read "op://wacs/wacs-mariadb/$DEPLOY_ENV/password")
+export MARIADB_DATABASE=$(op read "op://wacs/wacs-mariadb/$DEPLOY_ENV/database")
+export MARIADB_INNODB_BUFFER_POOL_SIZE=2G
+
+# Gitea app.ini database overrides
+export GITEA__database__NAME=$(op read "op://wacs/wacs-mariadb/$DEPLOY_ENV/database")
+export GITEA__database__USER=$(op read "op://wacs/wacs-mariadb/$DEPLOY_ENV/username")
+export GITEA__database__PASSWD=$(op read "op://wacs/wacs-mariadb/$DEPLOY_ENV/password")
+
+# Gitea app.ini server and secret overrides
+export GITEA__DEFAULT__RUN_MODE=$DEPLOY_ENV
+export GITEA__server__DOMAIN=$(op read "op://wacs/wacs-gitea-secrets/$DEPLOY_ENV/domain")
+export GITEA__server__SSH_DOMAIN=$(op read "op://wacs/wacs-gitea-secrets/$DEPLOY_ENV/ssh-domain")
+export GITEA__server__SSH_PORT=22
+export GITEA__security__SECRET_KEY=$(op read "op://wacs/wacs-gitea-secrets/$DEPLOY_ENV/secret-key")
+export GITEA__security__INTERNAL_TOKEN=$(op read "op://wacs/wacs-gitea-secrets/$DEPLOY_ENV/internal-token")
+export GITEA__service__REGISTER_EMAIL_CONFIRM=$(op read "op://wacs/wacs-gitea-secrets/$DEPLOY_ENV/register-email-confirm")
+export GITEA__oauth2__JWT_SECRET=$(op read "op://wacs/wacs-gitea-secrets/$DEPLOY_ENV/jwt-secret")
+
+# Gitea app.ini mailer overrides
+if [[ "$DEPLOY_ENV" = "prod" ]]; then
+  export GITEA__mailer__ENABLED=true
+  export GITEA__mailer__HOST=$(op read "op://Shared-IT-Development/d52sfisg5cry5yfpj2lynfq3ru/server"):$(op read "op://Shared-IT-Development/d52sfisg5cry5yfpj2lynfq3ru/port number")
+  export GITEA__mailer__USER=$(op read "op://Shared-IT-Development/d52sfisg5cry5yfpj2lynfq3ru/username")
+  export GITEA__mailer__PASSWD=$(op read "op://Shared-IT-Development/d52sfisg5cry5yfpj2lynfq3ru/password")
+fi
+
+# Docker-compose vars
+export IMAGE_TAG=$DEPLOY_ENV
+export EXTERNAL_DATA_BOOL=true
+
+docker compose down
+docker compose pull gitea
+docker compose up -d
+
+#Log out of 1password CLI
+
+unset OP_SERVICE_ACCOUNT_TOKEN

docker-compose.override.yml

@@ -0,0 +1,15 @@
+version: "3"
+
+services:
+  gitea:
+    volumes:
+      - ./gitea-data:/data
+
+  db:
+    environment:
+      - MYSQL_ROOT_PASSWORD=gitea
+      - MYSQL_USER=gitea
+      - MYSQL_PASSWORD=gitea
+      - MYSQL_DATABASE=gitea
+    volumes:
+      - ./mysql-data:/var/lib/mysql

docker-compose.yml

@@ -0,0 +1,71 @@
+version: "3"
+
+services:
+  gitea:
+    image: registry.walink.org/wa/wacs:${IMAGE_TAG}
+    restart: unless-stopped
+    volumes:
+      - gitea_data:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+      - ./app.ini:/data/gitea/conf/app.ini
+    ports:
+      - "3000:3000"
+      - "222:222"
+    networks:
+      - backend
+    environment:
+      - GITEA__DEFAULT__RUN_MODE=${GITEA__DEFAULT__RUN_MODE}
+      - GITEA__server__DOMAIN=${GITEA__server__DOMAIN}
+      - GITEA__server__SSH_DOMAIN=${GITEA__server__SSH_DOMAIN}
+      - GITEA__server__SSH_PORT=${GITEA__server__SSH_PORT}
+      - GITEA__database__HOST=${GITEA__database__HOST}
+      - GITEA__database__NAME=${GITEA__database__NAME}
+      - GITEA__database__USER=${GITEA__database__USER}
+      - GITEA__database__PASSWD=${GITEA__database__PASSWD}
+      - GITEA__security__SECRET_KEY=${GITEA__security__SECRET_KEY}
+      - GITEA__security__INTERNAL_TOKEN=${GITEA__security__INTERNAL_TOKEN}
+      - GITEA__service__REGISTER_EMAIL_CONFIRM=${GITEA__service__REGISTER_EMAIL_CONFIRM}
+      - GITEA__mailer__ENABLED=${GITEA__mailer__ENABLED}
+      - GITEA__mailer__HOST=${GITEA__mailer__HOST}
+      - GITEA__mailer__USER=${GITEA__mailer__USER}
+      - GITEA__mailer__PASSWD=${GITEA__mailer__PASSWD}
+      - GITEA__mailer__FROM=${GITEA__mailer__FROM}
+      - GITEA__oauth2__JWT_SECRET=${GITEA__oauth2__JWT_SECRET}
+    depends_on:
+      db:
+        condition: service_healthy
+    # healthcheck:
+    #   test: ["CMD", "curl", "-f", "http://localhost:3000/api/healthz"]
+    #   interval: 5s
+    #   timeout: 5s
+    #   retries: 10
+    #   start_period: 10s
+
+  db:
+    image: mariadb:10.11
+    restart: unless-stopped
+    command: mariadbd --innodb-buffer-pool-size=${MARIADB_INNODB_BUFFER_POOL_SIZE}
+    environment:
+      - MARIADB_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
+      - MARIADB_USER=${MARIADB_USER}
+      - MARIADB_PASSWORD=${MARIADB_PASSWORD}
+      - MARIADB_DATABASE=${MARIADB_DATABASE}
+    ports:
+      - 3306:3306
+    networks:
+      - backend
+    volumes:
+      - db_data:/var/lib/mysql
+    healthcheck:
+      test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
+      timeout: 20s
+      retries: 10
+
+volumes:
+  gitea_data:
+    external: true
+  db_data:
+
+networks:
+  backend:

makefile

@@ -0,0 +1,24 @@
+.PHONY: build
+build:
+	export IMAGE_TAG="local" \
+	&& cd wacs-gitea \
+	&& docker build -t registry.walink.org/wa/wacs:$${IMAGE_TAG} .
+
+.PHONY: run
+run: build
+	export IMAGE_TAG="local" \
+	&& cd wacs-gitea \
+	&& docker compose up -d
+
+# Use this when started locally to create a user that you can log in as. username: admin2 password: 1234
+.PHONY: admin-user
+admin-user:
+	docker compose exec gitea /usr/local/bin/gitea -c '/custom/conf/app.ini' admin user create --username admin2 --password 1234 --email [email protected] --admin
+
+.PHONY: down
+down: 
+	docker compose down
+
+.PHONY: clean
+clean:
+	docker compose down && sudo rm -rf ./gitea-data && sudo rm -rf ./mysql-data