Migrated appini-configmap to appini-env-configmap

We now have a basic config for our gitea installation. We might want to have a closer look on the security config. Also updated tests and gitea.cljc code with params and formating.
2022-07-20 15:56:37 +02:00 · 2022-07-20 15:56:37 +02:00 · 7510589e47
commit 7510589e47
parent e6866cd591
4 changed files with 144 additions and 18 deletions
--- a/src/main/cljc/dda/c4k_gitea/gitea.cljc
+++ b/src/main/cljc/dda/c4k_gitea/gitea.cljc
@ -43,14 +43,23 @@
 (defn-spec generate-appini-env pred/map-or-seq?
  ; TODO: fix this to require the merged spec of auth and config instead of any
  [config any?]
-  (let [{:keys [fqdn mailer-from mailer-host-port service-whitelist-domains]} config]
+  (let [{:keys [
+                default-app-name 
+                fqdn 
+                mailer-from 
+                mailer-host-port 
+                service-whitelist-domains 
+                service-noreply-address]} 
+        config]
    (->
     (yaml/load-as-edn "gitea/appini-env-configmap.yaml")     
+     (cm/replace-all-matching-values-by-new-value "APPNAME" default-app-name)
     (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)
     (cm/replace-all-matching-values-by-new-value "URL" (str "https://" fqdn))
     (cm/replace-all-matching-values-by-new-value "FROM" mailer-from)
     (cm/replace-all-matching-values-by-new-value "HOSTANDPORT" mailer-host-port)     
     (cm/replace-all-matching-values-by-new-value "WHITELISTDOMAINS" service-whitelist-domains)
+     (cm/replace-all-matching-values-by-new-value "NOREPLY" service-noreply-address)
     )))

 (defn-spec generate-secrets pred/map-or-seq? 
--- a/src/main/resources/gitea/appini-env-configmap.yaml
+++ b/src/main/resources/gitea/appini-env-configmap.yaml
@ -4,19 +4,66 @@ metadata:
  name: gitea-env
  namespace: default
 data:
+  #[attachments]
+  GITEA__attachments__PATH: /data/gitea/attachments
+
+  #[databaser]
  GITEA__database__DB_TYPE: "postgres"
  GITEA__database__HOST: "postgresql-service:5432"  # Service.Namespace.svc.cluster.local
  GITEA__database__NAME: gitea
+  GITEA__database__LOG_SQL: "false"
+  GITEA__database__SSL_MODE: disable
+  GITEA__database__CHARSET: utf8

-  GITEA__server__DOMAIN: FQDN
-  GITEA__server__ROOT_URL: URL
+  #[DEFAULT]
+  GITEA__DEFAULT__APP_NAME: APPNAME      # TODO: konfigurierbar machen
+  GITEA__DEFAULT__RUN_MODE: prod
+  GITEA__DEFAULT__RUN_USER: git

+  #federation]
+  GITEA__federation__ENABLED: "true"
+  
+  #[indexer]
+  GITEA__indexer__ISSUE_INDEXER_PATH: /data/gitea/indexers/issues.bleve
+
+  #[log]
+  GITEA__log__MODE: console,file
+  GITEA__log__LEVEL: Info
+  GITEA__log__ROOT_PATH: /data/gitea/log
+
+  #[mailer]
  GITEA__mailer__ENABLED: "true"
  GITEA__mailer__FROM: FROM
  GITEA__mailer__MAILER_TYPE: smtp
  GITEA__mailer__HOST: HOSTANDPORT
  GITEA__mailer__IS_TLS_ENABLED: "true"    

+  #[oauth2]
+  GITEA__oauth2__ENABLE: "false"
+
+  #[picture]
+  GITEA__picture__AVATAR_UPLOAD_PATH: /data/gitea/avatars
+  GITEA__picture__REPOSITORY_AVATAR_UPLOAD_PATH: /data/gitea/repo-avatars
+  GITEA__picture__DISABLE_GRAVATAR: "true"
+  GITEA__picture__ENABLE_FEDERATED_AVATAR: "true"
+
+  #[repository]
+  GITEA__repository__ROOT: /data/git/repositories
+  GITEA__repository__DEFAULT_PRIVATE: last
+  GITEA__repository__LOCAL_COPY_PATH: /data/gitea/tmp/local-repo
+  GITEA__repository__TEMP_PATH: /data/gitea/uploads    
+
+  #[security]
+  GITEA__security__INSTALL_LOCK: "false"
+
+  #[server]
+  GITEA__server__DOMAIN: FQDN
+  GITEA__server__SSH_DOMAIN: FQDN
+  GITEA__server__ROOT_URL: URL 
+  GITEA__server__HTTP_PORT: 3000
+  GITEA__server__SSH_PORT: 22
+
+  #[service]
  GITEA__service__DISABLE_REGISTRATION: "true"  
  GITEA__service__REQUIRE_SIGNIN_VIEW: "false"
  GITEA__service__REGISTER_EMAIL_CONFIRM: "false"
@ -27,4 +74,24 @@ data:
  GITEA__service__DEFAULT_KEEP_EMAIL_PRIVATE: "true"
  GITEA__service__DEFAULT_ALLOW_CREATE_ORGANIZATION: "true"
  GITEA__service__DEFAULT_ENABLE_TIMETRACKING: "true"
-  GITEA__service__NO_REPLY_ADDRESS: noreply
+  GITEA__service__NO_REPLY_ADDRESS: NOREPLY  
+
+  #[session]
+  GITEA__session__PROVIDER_CONFIG: /data/gitea/sessions
+  GITEA__session__PROVIDER: file
+  
+
+
+  
+  
+
+    
+
+    
+   
+   
+
+
+
+
+
--- a/src/test/cljc/dda/c4k_gitea/gitea_test.cljc
+++ b/src/test/cljc/dda/c4k_gitea/gitea_test.cljc
@ -12,24 +12,35 @@
 (st/instrument `cut/generate-secrets)

 (deftest should-generate-appini-env
-  (is (= {:GITEA__server__DOMAIN-c1 "",
-          :GITEA__server__DOMAIN-c2 "test.com",
-          :GITEA__server__ROOT_URL-c1 "https://",
-          :GITEA__server__ROOT_URL-c2 "https://test.com",
+  (is (= {:GITEA__DEFAULT__APP_NAME-c1 "",
+          :GITEA__DEFAULT__APP_NAME-c2 "test gitea",
          :GITEA__mailer__FROM-c1 "",
          :GITEA__mailer__FROM-c2 "test@test.com",
          :GITEA__mailer__HOST-c1 "",
          :GITEA__mailer__HOST-c2 "mail.test.com:123",
+          :GITEA__server__DOMAIN-c1 "",
+          :GITEA__server__DOMAIN-c2 "test.com",
+          :GITEA__server__ROOT_URL-c1 "https://",
+          :GITEA__server__ROOT_URL-c2 "https://test.com",
+          :GITEA__server__SSH_DOMAIN-c1 "",
+          :GITEA__server__SSH_DOMAIN-c2 "test.com",
          :GITEA__service__EMAIL_DOMAIN_WHITELIST-c1 "",
-          :GITEA__service__EMAIL_DOMAIN_WHITELIST-c2 "abc.com,def.com"}
-         (ct/map-diff (cut/generate-appini-env {:fqdn ""                                                
+          :GITEA__service__EMAIL_DOMAIN_WHITELIST-c2 "test.com,test.net",
+          :GITEA__service__NO_REPLY_ADDRESS-c1 "",
+          :GITEA__service__NO_REPLY_ADDRESS-c2 "noreply@test.com"}
+         (ct/map-diff (cut/generate-appini-env {:default-app-name ""
+                                                :fqdn ""                                                
                                                :mailer-from ""
                                                :mailer-host-port ""                                                
-                                                :service-whitelist-domains ""})
-                      (cut/generate-appini-env {:fqdn "test.com"                                                 
+                                                :service-whitelist-domains ""
+                                                :service-noreply-address ""
+                                                })
+                      (cut/generate-appini-env {:default-app-name "test gitea"
+                                                :fqdn "test.com"                                                 
                                                :mailer-from "test@test.com"
                                                :mailer-host-port "mail.test.com:123"                                                
-                                                :service-whitelist-domains "abc.com,def.com"
+                                                :service-whitelist-domains "test.com,test.net"
+                                                :service-noreply-address "noreply@test.com"
                                                })))))

 (deftest should-generate-certificate
@ -56,3 +67,36 @@
                                             :mailer-pw "mailerpw"})))))


+(not 
+ (=
+  {:GITEA__server__DOMAIN-c2 "test.com",
+   :GITEA__mailer__FROM-c1 "",
+   :GITEA__service__EMAIL_DOMAIN_WHITELIST-c2 "test.com,test.net",
+   :GITEA__service__EMAIL_DOMAIN_WHITELIST-c1 "",
+   :GITEA__mailer__HOST-c1 "",
+   :GITEA__service__NO_REPLY_ADDRESS-c1 "",
+   :GITEA__mailer__FROM-c2 "test@test.com",
+   :GITEA__mailer__HOST-c2 "mail.test.com:123",
+   :GITEA__server__ROOT_URL-c2 "https://test.com",
+   :GITEA__server__ROOT_URL-c1 "https://",
+   :GITEA__DEFAULT__APP_NAME-c2 "test gitea",
+   :GITEA__server__DOMAIN-c1 "",
+   :GITEA__DEFAULT__APP_NAME-c1 "",
+   :GITEA__service__NO_REPLY_ADDRESS-c2 "noreply@test.com"}
+  
+  {:GITEA__server__DOMAIN-c2 "test.com",
+   :GITEA__mailer__FROM-c1 "",
+   :GITEA__service__EMAIL_DOMAIN_WHITELIST-c2 "test.com,test.net",
+   :GITEA__service__EMAIL_DOMAIN_WHITELIST-c1 "",
+   :GITEA__mailer__HOST-c1 "",
+   :GITEA__service__NO_REPLY_ADDRESS-c1 "",
+   :GITEA__mailer__FROM-c2 "test@test.com",
+   :GITEA__mailer__HOST-c2 "mail.test.com:123",
+   :GITEA__server__ROOT_URL-c2 "https://test.com",
+   :GITEA__server__SSH_DOMAIN-c1 "",
+   :GITEA__server__ROOT_URL-c1 "https://",
+   :GITEA__DEFAULT__APP_NAME-c2 "test gitea",
+   :GITEA__server__SSH_DOMAIN-c2 "test.com",
+   :GITEA__server__DOMAIN-c1 "",
+   :GITEA__DEFAULT__APP_NAME-c1 "",
+   :GITEA__service__NO_REPLY_ADDRESS-c2 "noreply@test.com"}))
--- a/valid-config.edn
+++ b/valid-config.edn
@ -1,3 +1,9 @@
-{:fqdn "repo.test.meissa-gmbh.de"
- :issuer "staging" 
- :postgres-data-volume-path "/var/postgres"}
+{
+:default-app-name "Meissas awesome gitea"
+:fqdn "$fqdn"
+:issuer "$letsencrypt_endpoint"
+:mailer-from "$mailer_from"
+:mailer-host-port "$mailer_host_port"
+:service-whitelist-domains "$service_whitelist_domains"
+:service-noreply-address "$service_noreply_address"
+ }