From 999aa7299306b5cc608cae1b05512c2b2a0a4789 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Fri, 21 Apr 2023 06:56:06 +0000 Subject: [PATCH] Forgejo instead of gitea --- .gitlab-ci.yml | 24 ++--- README.md | 28 +++--- copy-and-build-dda-io.sh | 2 +- doc/BackupAndRestore.md | 10 +-- doc/Upgrading.md | 14 +-- infrastructure/docker-backup/build.py | 2 +- infrastructure/docker-backup/test/Dockerfile | 2 +- package.json | 18 ++-- project.clj | 20 ++--- public/index.html | 2 +- shadow-cljs.edn | 4 +- src/main/clj/dda/c4k_forgejo/uberjar.clj | 14 +++ src/main/clj/dda/c4k_gitea/uberjar.clj | 8 -- .../{c4k_gitea => c4k_forgejo}/backup.cljc | 2 +- src/main/cljc/dda/c4k_forgejo/core.cljc | 58 ++++++++++++ .../gitea.cljc => c4k_forgejo/forgejo.cljc} | 58 +++++------- src/main/cljc/dda/c4k_gitea/core.cljc | 54 ----------- .../{c4k_gitea => c4k_forgejo}/browser.cljs | 34 +++---- .../backup/backup-restore-deployment.yaml | 10 +-- src/main/resources/backup/config.yaml | 2 +- src/main/resources/backup/cron.yaml | 12 +-- .../forgejo/appini-env-configmap.yaml | 90 +++++++++++++++++++ .../{gitea => forgejo}/datavolume.yaml | 4 +- .../{gitea => forgejo}/deployment.yaml | 26 +++--- src/main/resources/forgejo/secrets.yaml | 11 +++ .../{gitea => forgejo}/service-ssh.yaml | 4 +- .../resources/{gitea => forgejo}/service.yaml | 6 +- .../resources/gitea/appini-env-configmap.yaml | 90 ------------------- src/main/resources/gitea/certificate.yaml | 15 ---- src/main/resources/gitea/ingress.yaml | 24 ----- src/main/resources/gitea/secrets.yaml | 11 --- src/test/cljc/dda/c4k_forgejo/core_test.cljc | 19 ++++ .../forgejo_test.cljc} | 57 ++++++------ .../resources/forgejo-test/valid-auth.yaml | 10 +++ .../resources/forgejo-test/valid-config.yaml | 13 +++ valid-auth.edn | 7 -- valid-config.edn | 9 -- 37 files changed, 377 insertions(+), 397 deletions(-) create mode 100644 src/main/clj/dda/c4k_forgejo/uberjar.clj delete mode 100644 src/main/clj/dda/c4k_gitea/uberjar.clj rename src/main/cljc/dda/{c4k_gitea => c4k_forgejo}/backup.cljc (98%) create mode 100644 src/main/cljc/dda/c4k_forgejo/core.cljc rename src/main/cljc/dda/{c4k_gitea/gitea.cljc => c4k_forgejo/forgejo.cljc} (69%) delete mode 100644 src/main/cljc/dda/c4k_gitea/core.cljc rename src/main/cljs/dda/{c4k_gitea => c4k_forgejo}/browser.cljs (79%) create mode 100644 src/main/resources/forgejo/appini-env-configmap.yaml rename src/main/resources/{gitea => forgejo}/datavolume.yaml (84%) rename src/main/resources/{gitea => forgejo}/deployment.yaml (59%) create mode 100644 src/main/resources/forgejo/secrets.yaml rename src/main/resources/{gitea => forgejo}/service-ssh.yaml (86%) rename src/main/resources/{gitea => forgejo}/service.yaml (61%) delete mode 100644 src/main/resources/gitea/appini-env-configmap.yaml delete mode 100644 src/main/resources/gitea/certificate.yaml delete mode 100644 src/main/resources/gitea/ingress.yaml delete mode 100644 src/main/resources/gitea/secrets.yaml create mode 100644 src/test/cljc/dda/c4k_forgejo/core_test.cljc rename src/test/cljc/dda/{c4k_gitea/gitea_test.cljc => c4k_forgejo/forgejo_test.cljc} (62%) create mode 100644 src/test/resources/forgejo-test/valid-auth.yaml create mode 100644 src/test/resources/forgejo-test/valid-config.yaml delete mode 100644 valid-auth.edn delete mode 100644 valid-config.edn diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d17556d..6f746f2 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -48,7 +48,7 @@ test-schema: stage: build_and_test script: - lein uberjar - - java -jar target/uberjar/c4k-gitea-standalone.jar valid-config.edn valid-auth.edn | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate - + - java -jar target/uberjar/c4k-forgejo-standalone.jar src/test/resources/forgejo-test/valid-config.yaml src/test/resources/forgejo-test/valid-auth.yaml | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate - artifacts: paths: - target/uberjar @@ -69,9 +69,9 @@ package-frontend: script: - mkdir -p target/frontend-build - shadow-cljs release frontend - - cp public/js/main.js target/frontend-build/c4k-gitea.js - - sha256sum target/frontend-build/c4k-gitea.js > target/frontend-build/c4k-gitea.js.sha256 - - sha512sum target/frontend-build/c4k-gitea.js > target/frontend-build/c4k-gitea.js.sha512 + - cp public/js/main.js target/frontend-build/c4k-forgejo.js + - sha256sum target/frontend-build/c4k-forgejo.js > target/frontend-build/c4k-forgejo.js.sha256 + - sha512sum target/frontend-build/c4k-forgejo.js > target/frontend-build/c4k-forgejo.js.sha512 artifacts: paths: - target/frontend-build @@ -81,8 +81,8 @@ package-uberjar: stage: package script: - lein uberjar - - sha256sum target/uberjar/c4k-gitea-standalone.jar > target/uberjar/c4k-gitea-standalone.jar.sha256 - - sha512sum target/uberjar/c4k-gitea-standalone.jar > target/uberjar/c4k-gitea-standalone.jar.sha512 + - sha256sum target/uberjar/c4k-forgejo-standalone.jar > target/uberjar/c4k-forgejo-standalone.jar.sha256 + - sha512sum target/uberjar/c4k-forgejo-standalone.jar > target/uberjar/c4k-forgejo-standalone.jar.sha512 artifacts: paths: - target/uberjar @@ -108,9 +108,9 @@ release: - apk --no-cache add curl - | release-cli create --name "Release $CI_COMMIT_TAG" --tag-name $CI_COMMIT_TAG \ - --assets-link "{\"name\":\"c4k-gitea-standalone.jar\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-gitea-standalone.jar\"}" \ - --assets-link "{\"name\":\"c4k-gitea-standalone.jar.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-gitea-standalone.jar.sha256\"}" \ - --assets-link "{\"name\":\"c4k-gitea-standalone.jar.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-gitea-standalone.jar.sha512\"}" \ - --assets-link "{\"name\":\"c4k-gitea.js\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-gitea.js\"}" \ - --assets-link "{\"name\":\"c4k-gitea.js.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-gitea.js.sha256\"}" \ - --assets-link "{\"name\":\"c4k-gitea.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-gitea.js.sha512\"}" \ + --assets-link "{\"name\":\"c4k-forgejo-standalone.jar\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-forgejo-standalone.jar\"}" \ + --assets-link "{\"name\":\"c4k-forgejo-standalone.jar.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-forgejo-standalone.jar.sha256\"}" \ + --assets-link "{\"name\":\"c4k-forgejo-standalone.jar.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-forgejo-standalone.jar.sha512\"}" \ + --assets-link "{\"name\":\"c4k-forgejo.js\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-forgejo.js\"}" \ + --assets-link "{\"name\":\"c4k-forgejo.js.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-forgejo.js.sha256\"}" \ + --assets-link "{\"name\":\"c4k-forgejo.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-forgejo.js.sha512\"}" \ diff --git a/README.md b/README.md index 2f92982..a5ae3f0 100644 --- a/README.md +++ b/README.md @@ -1,39 +1,39 @@ -# convention 4 kubernetes: c4k-gitea -[![Clojars Project](https://img.shields.io/clojars/v/org.domaindrivenarchitecture/c4k-gitea.svg)](https://clojars.org/org.domaindrivenarchitecture/c4k-gitea) [![pipeline status](https://gitlab.com/domaindrivenarchitecture/c4k-gitea/badges/master/pipeline.svg)](https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/commits/main) +# convention 4 kubernetes: c4k-forgejo +[![Clojars Project](https://img.shields.io/clojars/v/org.domaindrivenarchitecture/c4k-forgejo.svg)](https://clojars.org/org.domaindrivenarchitecture/c4k-forgejo) [![pipeline status](https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/badges/master/pipeline.svg)](https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/commits/main) [DeltaChat chat over e-mail](mailto:buero@meissa-gmbh.de?subject=community-chat) | [team@social.meissa-gmbh.de team@social.meissa-gmbh.de](https://social.meissa-gmbh.de/@team) | [Website & Blog](https://domaindrivenarchitecture.org) ## Purpose -c4k-gitea provides a k8s deployment file for Gitea containing: -* gitea +c4k-forgejo provides a k8s deployment file for forgejo containing: + +* forgejo * ingress having a letsencrypt managed certificate * postgres database - +* encrypted backup on S3 & restore +* monitoring on graphana-cloud ## Try out Click on the image to try out live in your browser: -[![Try it out](doc/tryItOut.png "Try out yourself")](https://domaindrivenarchitecture.org/pages/dda-provision/c4k-gitea/) +[![Try it out](doc/tryItOut.png "Try out yourself")](https://domaindrivenarchitecture.org/pages/dda-provision/c4k-forgejo/) Your input will stay in your browser. No server interaction is required. +## Forgejo setup -## Gitea setup +After having deployed the yaml-file generated by the c4k-forgejo module you need to complete the setup for forgejo: -After having deployed the yaml-file generated by the c4k-gitea module you need to complete the setup for gitea: - -* Open the URL of your gitea-server, and you will be shown a configuration page. +* Open the URL of your forgejo-server, and you will be shown a configuration page. * Adjust the settings according to your needs * Add the administrator's data (name, password and email) and submit the page. -* The required database will be created and the Gitea setup will be completed. +* The required database will be created and the forgejo setup will be completed. * The SSH-URL for a repo has the format: "ssh://git@domain:2222/[username]/[repo].git - Example: "git clone ssh://git@repo.test.meissa.de:2222/myuser/c4k-gitea.git" - + Example: "git clone ssh://git@repo.test.meissa.de:2222/myuser/c4k-forgejo.git" ## License -Copyright © 2022 meissa GmbH +Copyright © 2023 meissa GmbH Licensed under the [Apache License, Version 2.0](LICENSE) (the "License") Pls. find licenses of our subcomponents [here](doc/SUBCOMPONENT_LICENSE) \ No newline at end of file diff --git a/copy-and-build-dda-io.sh b/copy-and-build-dda-io.sh index 4449369..fbdc37a 100644 --- a/copy-and-build-dda-io.sh +++ b/copy-and-build-dda-io.sh @@ -10,7 +10,7 @@ set -eo pipefail srcDir="/home/$USER/" srcName="main.js" targetDir="/home/$USER/" -targetName="c4k-gitea.js" +targetName="c4k-forgejo.js" echo "build" shadow-cljs compile frontend diff --git a/doc/BackupAndRestore.md b/doc/BackupAndRestore.md index 31c7aa4..b878126 100644 --- a/doc/BackupAndRestore.md +++ b/doc/BackupAndRestore.md @@ -4,7 +4,7 @@ * we use restic to produce small & encrypted backups * backup is scheduled at `schedule: "10 23 * * *"` -* Gitea stores files in `/data/gitea` and `/data/git/repositories`, these files are backed up. +* Forgejo stores files in `/data/gitea` and `/data/git/repositories`, these files are backed up. * The postgres db is also backed up ## Manual init the restic repository for the first time @@ -31,11 +31,11 @@ 1. apply backup-and-restore pod: `kubectl scale deployment backup-restore --replicas=1` -2. Scale down gitea deployment: - `kubectl scale deployment gitea --replicas=0` +2. Scale down forgejo deployment: + `kubectl scale deployment forgejo --replicas=0` 3. exec into pod and execute restore pod (press tab to get your exact pod name) `kubectl exec -it backup-restore-... -- /usr/local/bin/restore.sh` -4. Start gitea again: - `kubectl scale deployment gitea --replicas=1` +4. Start forgejo again: + `kubectl scale deployment forgejo --replicas=1` 5. remove backup-and-restore pod: `kubectl scale deployment backup-restore --replicas=0` diff --git a/doc/Upgrading.md b/doc/Upgrading.md index 5b83777..8475aa9 100644 --- a/doc/Upgrading.md +++ b/doc/Upgrading.md @@ -2,20 +2,20 @@ ## adhoc (on kubernetes cluster) -Ssh into your kubernetes cluster running the gitea instance. +Ssh into your kubernetes cluster running the forgejo instance. ``` bash -kubectl edit configmap gitea-env +kubectl edit configmap forgejo-env # make sure INSTALL_LOCK under security is set to true to disable the installation screen # save and exit -kubectl edit deployments gitea -# search for your current gitea version, e.g. 1.17.0 +kubectl edit deployments forgejo +# search for your current forgejo version, e.g. 1.19 # replace with new version # save and exit -kubectl scale deployment gitea --replicas=0 -kubectl scale deployment gitea --replicas=1 +kubectl scale deployment forgejo --replicas=0 +kubectl scale deployment forgejo --replicas=1 ``` Logging into the admin account should now show the new version. -You may want to update your c4k-gitea resources to reflect the changes made on the cluster. \ No newline at end of file +You may want to update your c4k-forgejo resources to reflect the changes made on the cluster. \ No newline at end of file diff --git a/infrastructure/docker-backup/build.py b/infrastructure/docker-backup/build.py index fbe23c0..6685027 100644 --- a/infrastructure/docker-backup/build.py +++ b/infrastructure/docker-backup/build.py @@ -3,7 +3,7 @@ from pybuilder.core import task, init from ddadevops import * import logging -name = 'c4k-gitea-backup' +name = 'c4k-forgejo-backup' MODULE = 'docker' PROJECT_ROOT_PATH = '../..' diff --git a/infrastructure/docker-backup/test/Dockerfile b/infrastructure/docker-backup/test/Dockerfile index 76dacdf..0db1c6c 100644 --- a/infrastructure/docker-backup/test/Dockerfile +++ b/infrastructure/docker-backup/test/Dockerfile @@ -1,4 +1,4 @@ -FROM c4k-gitea-backup +FROM c4k-forgejo-backup RUN apt update RUN apt -yqq --no-install-recommends --yes install curl default-jre-headless diff --git a/package.json b/package.json index 1d1b58f..b9055ff 100644 --- a/package.json +++ b/package.json @@ -1,18 +1,18 @@ { - "name": "c4k-gitea", - "description": "Generate c4k yaml for a gitea deployment.", + "name": "c4k-forgejo", + "description": "Generate c4k yaml for a forgejo deployment.", "author": "meissa GmbH", - "version": "1.0.1-SNAPSHOT", - "homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-gitea#readme", - "repository": "https://www.npmjs.com/package/c4k-gitea", + "version": "2.0.1-SNAPSHOT", + "homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-forgejo#readme", + "repository": "https://www.npmjs.com/package/c4k-forgejo", "license": "APACHE2", - "main": "c4k-gitea.js", + "main": "c4k-forgejo.js", "bin": { - "c4k-gitea": "./c4k-gitea.js" + "c4k-forgejo": "./c4k-forgejo.js" }, "keywords": [ "cljs", - "gitea", + "forgejo", "k8s", "c4k", "deployment", @@ -20,7 +20,7 @@ "convention4kubernetes" ], "bugs": { - "url": "https://gitlab.com/domaindrivenarchitecture/c4k-gitea/issues" + "url": "https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/issues" }, "dependencies": { "js-base64": "^3.6.1", diff --git a/project.clj b/project.clj index 16f34d4..3b7a621 100644 --- a/project.clj +++ b/project.clj @@ -1,12 +1,12 @@ -(defproject org.domaindrivenarchitecture/c4k-gitea "1.0.1-SNAPSHOT" - :description "gitea c4k-installation package" +(defproject org.domaindrivenarchitecture/c4k-forgejo "2.0.1-SNAPSHOT" + :description "forgejo c4k-installation package" :url "https://domaindrivenarchitecture.org" :license {:name "Apache License, Version 2.0" :url "https://www.apache.org/licenses/LICENSE-2.0.html"} :dependencies [[org.clojure/clojure "1.11.1" :scope "provided"] [org.clojure/tools.reader "1.3.6"] - [org.domaindrivenarchitecture/c4k-common-clj "3.0.1"] - [hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]] + [org.domaindrivenarchitecture/c4k-common-clj "6.0.1"] + [hickory "0.7.1"]] :target-path "target/%s/" :source-paths ["src/main/cljc" "src/main/clj"] @@ -20,12 +20,12 @@ :dependencies [[dda/data-test "0.1.1"]]} :dev {:plugins [[lein-shell "0.5.0"]]} :uberjar {:aot :all - :main dda.c4k-gitea.uberjar - :uberjar-name "c4k-gitea-standalone.jar" + :main dda.c4k-forgejo.uberjar + :uberjar-name "c4k-forgejo-standalone.jar" :dependencies [[org.clojure/tools.cli "1.0.214"] - [ch.qos.logback/logback-classic "1.4.5" + [ch.qos.logback/logback-classic "1.4.6" :exclusions [com.sun.mail/javax.mail]] - [org.slf4j/jcl-over-slf4j "2.0.6"]]}} + [org.slf4j/jcl-over-slf4j "2.0.7"]]}} :release-tasks [["test"] ["vcs" "assert-committed"] ["change" "version" "leiningen.release/bump-version" "release"] @@ -36,11 +36,11 @@ "native-image" "--report-unsupported-elements-at-runtime" "--initialize-at-build-time" - "-jar" "target/uberjar/c4k-gitea-standalone.jar" + "-jar" "target/uberjar/c4k-forgejo-standalone.jar" "-H:ResourceConfigurationFiles=graalvm-resource-config.json" "-H:Log=registerResource" "-H:Name=target/graalvm/${:name}"] "inst" ["shell" "sh" "-c" - "lein uberjar && sudo install -m=755 target/uberjar/c4k-gitea-standalone.jar /usr/local/bin/c4k-gitea-standalone.jar"]}) + "lein uberjar && sudo install -m=755 target/uberjar/c4k-forgejo-standalone.jar /usr/local/bin/c4k-forgejo-standalone.jar"]}) diff --git a/public/index.html b/public/index.html index 3eb4623..48e752a 100644 --- a/public/index.html +++ b/public/index.html @@ -3,7 +3,7 @@ - c4k-gitea + c4k-forgejo diff --git a/shadow-cljs.edn b/shadow-cljs.edn index bce1936..2a94637 100644 --- a/shadow-cljs.edn +++ b/shadow-cljs.edn @@ -4,10 +4,10 @@ "src/test/cljc" "src/test/cljs" "src/test/resources"] - :dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "3.0.1"] + :dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "6.0.1"] [hickory "0.7.1"]] :builds {:frontend {:target :browser - :modules {:main {:init-fn dda.c4k-gitea.browser/init}} + :modules {:main {:init-fn dda.c4k-forgejo.browser/init}} :release {} :compiler-options {:optimizations :advanced}} :test {:target :node-test diff --git a/src/main/clj/dda/c4k_forgejo/uberjar.clj b/src/main/clj/dda/c4k_forgejo/uberjar.clj new file mode 100644 index 0000000..8339570 --- /dev/null +++ b/src/main/clj/dda/c4k_forgejo/uberjar.clj @@ -0,0 +1,14 @@ +(ns dda.c4k-forgejo.uberjar + (:gen-class) + (:require + [dda.c4k-forgejo.core :as core] + [dda.c4k-common.uberjar :as uberjar])) + +(defn -main [& cmd-args] + (uberjar/main-common + "c4k-forgejo" + core/config? + core/auth? + core/config-defaults + core/k8s-objects + cmd-args)) diff --git a/src/main/clj/dda/c4k_gitea/uberjar.clj b/src/main/clj/dda/c4k_gitea/uberjar.clj deleted file mode 100644 index 84aa75e..0000000 --- a/src/main/clj/dda/c4k_gitea/uberjar.clj +++ /dev/null @@ -1,8 +0,0 @@ -(ns dda.c4k-gitea.uberjar - (:gen-class) - (:require - [dda.c4k-gitea.core :as core] - [dda.c4k-common.uberjar :as uberjar])) - -(defn -main [& cmd-args] - (uberjar/main-common "c4k-gitea" core/config? core/auth? core/config-defaults core/k8s-objects cmd-args)) diff --git a/src/main/cljc/dda/c4k_gitea/backup.cljc b/src/main/cljc/dda/c4k_forgejo/backup.cljc similarity index 98% rename from src/main/cljc/dda/c4k_gitea/backup.cljc rename to src/main/cljc/dda/c4k_forgejo/backup.cljc index fb44fa0..eb55172 100644 --- a/src/main/cljc/dda/c4k_gitea/backup.cljc +++ b/src/main/cljc/dda/c4k_forgejo/backup.cljc @@ -1,4 +1,4 @@ -(ns dda.c4k-gitea.backup +(ns dda.c4k-forgejo.backup (:require [clojure.spec.alpha :as s] #?(:cljs [shadow.resource :as rc]) diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc new file mode 100644 index 0000000..5485dce --- /dev/null +++ b/src/main/cljc/dda/c4k_forgejo/core.cljc @@ -0,0 +1,58 @@ +(ns dda.c4k-forgejo.core + (:require + [clojure.spec.alpha :as s] + [dda.c4k-common.yaml :as yaml] + [dda.c4k-common.common :as cm] + [dda.c4k-common.monitoring :as mon] + [dda.c4k-forgejo.forgejo :as forgejo] + [dda.c4k-forgejo.backup :as backup] + [dda.c4k-common.postgres :as postgres])) + +(def config-defaults {:issuer "staging"}) + +(def config? (s/keys :req-un [::forgejo/fqdn + ::forgejo/mailer-from + ::forgejo/mailer-host-port + ::forgejo/service-noreply-address] + :opt-un [::forgejo/issuer + ::forgejo/default-app-name + ::forgejo/service-domain-whitelist + ::backup/restic-repository + ::mon/mon-cfg])) + +(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password + ::forgejo/mailer-user ::forgejo/mailer-pw + ::backup/aws-access-key-id ::backup/aws-secret-access-key] + :opt-un [::backup/restic-password ; TODO gec: Is restic password opt or req? + ::mon/mon-cfg])) + +(def vol? (s/keys :req-un [::forgejo/volume-total-storage-size])) + +(defn k8s-objects [config auth] + (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)] + (map yaml/to-string + (filter #(not (nil? %)) + (cm/concat-vec + [(postgres/generate-config {:postgres-size :2gb :db-name "forgejo"}) + (postgres/generate-secret auth) + (when (contains? config :postgres-data-volume-path) + (postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb]))) + (postgres/generate-pvc {:pv-storage-size-gb 5 + :pvc-storage-class-name storage-class}) + (postgres/generate-deployment {:postgres-image "postgres:14" + :postgres-size :2gb}) + (postgres/generate-service) + (forgejo/generate-deployment) + (forgejo/generate-service) + (forgejo/generate-service-ssh) + (forgejo/generate-data-volume config) + (forgejo/generate-appini-env config) + (forgejo/generate-secrets auth)] + (forgejo/generate-ingress-and-cert config) + (when (contains? config :restic-repository) + [(backup/generate-config config) + (backup/generate-secret auth) + (backup/generate-cron) + (backup/generate-backup-restore-deployment config)]) + (when (:contains? config :mon-cfg) + (mon/generate (:mon-cfg config) (:mon-auth auth)))))))) diff --git a/src/main/cljc/dda/c4k_gitea/gitea.cljc b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc similarity index 69% rename from src/main/cljc/dda/c4k_gitea/gitea.cljc rename to src/main/cljc/dda/c4k_forgejo/forgejo.cljc index 1e9dbbf..9891825 100644 --- a/src/main/cljc/dda/c4k_gitea/gitea.cljc +++ b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc @@ -1,4 +1,4 @@ -(ns dda.c4k-gitea.gitea +(ns dda.c4k-forgejo.forgejo (:require [clojure.spec.alpha :as s] [clojure.string :as st] @@ -9,6 +9,7 @@ :cljs [cljs.reader :as edn]) [dda.c4k-common.yaml :as yaml] [dda.c4k-common.common :as cm] + [dda.c4k-common.ingress :as ing] [dda.c4k-common.base64 :as b64] [dda.c4k-common.predicate :as pred] [dda.c4k-common.postgres :as postgres])) @@ -50,22 +51,16 @@ #?(:cljs - (defmethod yaml/load-resource :gitea [resource-name] + (defmethod yaml/load-resource :forgejo [resource-name] (case resource-name - "gitea/appini-env-configmap.yaml" (rc/inline "gitea/appini-env-configmap.yaml") - "gitea/deployment.yaml" (rc/inline "gitea/deployment.yaml") - "gitea/certificate.yaml" (rc/inline "gitea/certificate.yaml") - "gitea/ingress.yaml" (rc/inline "gitea/ingress.yaml") - "gitea/secrets.yaml" (rc/inline "gitea/secrets.yaml") - "gitea/service.yaml" (rc/inline "gitea/service.yaml") - "gitea/service-ssh.yaml" (rc/inline "gitea/service-ssh.yaml") - "gitea/datavolume.yaml" (rc/inline "gitea/datavolume.yaml") + "forgejo/appini-env-configmap.yaml" (rc/inline "forgejo/appini-env-configmap.yaml") + "forgejo/deployment.yaml" (rc/inline "forgejo/deployment.yaml") + "forgejo/secrets.yaml" (rc/inline "forgejo/secrets.yaml") + "forgejo/service.yaml" (rc/inline "forgejo/service.yaml") + "forgejo/service-ssh.yaml" (rc/inline "forgejo/service-ssh.yaml") + "forgejo/datavolume.yaml" (rc/inline "forgejo/datavolume.yaml") (throw (js/Error. "Undefined Resource!"))))) -#?(:cljs - (defmethod yaml/load-as-edn :gitea [resource-name] - (yaml/from-string (yaml/load-resource resource-name)))) - (defn generate-appini-env [config] (let [{:keys [default-app-name @@ -74,11 +69,11 @@ mailer-host-port service-domain-whitelist service-noreply-address] - :or {default-app-name "Gitea instance" + :or {default-app-name "forgejo instance" service-domain-whitelist fqdn}} config] (-> - (yaml/load-as-edn "gitea/appini-env-configmap.yaml") + (yaml/load-as-edn "forgejo/appini-env-configmap.yaml") (cm/replace-all-matching-values-by-new-value "APPNAME" default-app-name) (cm/replace-all-matching-values-by-new-value "FQDN" fqdn) (cm/replace-all-matching-values-by-new-value "URL" (str "https://" fqdn)) @@ -94,45 +89,38 @@ mailer-user mailer-pw]} auth] (-> - (yaml/load-as-edn "gitea/secrets.yaml") + (yaml/load-as-edn "forgejo/secrets.yaml") (cm/replace-all-matching-values-by-new-value "DBUSER" (b64/encode postgres-db-user)) (cm/replace-all-matching-values-by-new-value "DBPW" (b64/encode postgres-db-password)) (cm/replace-all-matching-values-by-new-value "MAILERUSER" (b64/encode mailer-user)) (cm/replace-all-matching-values-by-new-value "MAILERPW" (b64/encode mailer-pw))))) -(defn generate-ingress +(defn generate-ingress-and-cert [config] (let [{:keys [fqdn]} config] - (-> - (yaml/load-as-edn "gitea/ingress.yaml") - (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) - -(defn generate-certificate - [config] - (let [{:keys [fqdn issuer] - :or {issuer "staging"}} config - letsencrypt-issuer (name issuer)] - (-> - (yaml/load-as-edn "gitea/certificate.yaml") - (assoc-in [:spec :issuerRef :name] letsencrypt-issuer) - (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) + (ing/generate-ingress-and-cert + (merge + {:service-name "forgejo-service" + :service-port 3000 + :fqdns [fqdn]} + config)))) (defn-spec generate-data-volume pred/map-or-seq? [config vol?] (let [{:keys [volume-total-storage-size]} config data-storage-size (data-storage-by-volume-size volume-total-storage-size)] (-> - (yaml/load-as-edn "gitea/datavolume.yaml") + (yaml/load-as-edn "forgejo/datavolume.yaml") (cm/replace-all-matching-values-by-new-value "DATASTORAGESIZE" (str (str data-storage-size) "Gi"))))) (defn generate-deployment [] - (yaml/load-as-edn "gitea/deployment.yaml")) + (yaml/load-as-edn "forgejo/deployment.yaml")) (defn generate-service [] - (yaml/load-as-edn "gitea/service.yaml")) + (yaml/load-as-edn "forgejo/service.yaml")) (defn generate-service-ssh [] - (yaml/load-as-edn "gitea/service-ssh.yaml")) + (yaml/load-as-edn "forgejo/service-ssh.yaml")) diff --git a/src/main/cljc/dda/c4k_gitea/core.cljc b/src/main/cljc/dda/c4k_gitea/core.cljc deleted file mode 100644 index c02761b..0000000 --- a/src/main/cljc/dda/c4k_gitea/core.cljc +++ /dev/null @@ -1,54 +0,0 @@ -(ns dda.c4k-gitea.core - (:require - [clojure.spec.alpha :as s] - [dda.c4k-common.yaml :as yaml] - [dda.c4k-common.common :as cm] - [dda.c4k-gitea.gitea :as gitea] - [dda.c4k-gitea.backup :as backup] - [dda.c4k-common.postgres :as postgres])) - -(def config-defaults {:issuer "staging"}) - -(def config? (s/keys :req-un [::gitea/fqdn - ::gitea/mailer-from - ::gitea/mailer-host-port - ::gitea/service-noreply-address] - :opt-un [::gitea/issuer - ::gitea/default-app-name - ::gitea/service-domain-whitelist - ::backup/restic-repository])) - -(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password - ::gitea/mailer-user ::gitea/mailer-pw - ::backup/aws-access-key-id ::backup/aws-secret-access-key] - :opt-un [::backup/restic-password])) ; TODO gec: Is restic password opt or req? - -(def vol? (s/keys :req-un [::gitea/volume-total-storage-size])) - -(defn k8s-objects [config] - (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)] - (map yaml/to-string - (filter #(not (nil? %)) - (cm/concat-vec - [(postgres/generate-config {:postgres-size :2gb :db-name "gitea"}) - (postgres/generate-secret config) - (when (contains? config :postgres-data-volume-path) - (postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb]))) - (postgres/generate-pvc {:pv-storage-size-gb 5 - :pvc-storage-class-name storage-class}) - (postgres/generate-deployment {:postgres-image "postgres:14" - :postgres-size :2gb}) - (postgres/generate-service) - (gitea/generate-deployment) - (gitea/generate-service) - (gitea/generate-service-ssh) - (gitea/generate-data-volume config) - (gitea/generate-appini-env config) - (gitea/generate-secrets config) - (gitea/generate-ingress config) - (gitea/generate-certificate config)] - (when (contains? config :restic-repository) - [(backup/generate-config config) - (backup/generate-secret config) - (backup/generate-cron) - (backup/generate-backup-restore-deployment config)])))))) diff --git a/src/main/cljs/dda/c4k_gitea/browser.cljs b/src/main/cljs/dda/c4k_forgejo/browser.cljs similarity index 79% rename from src/main/cljs/dda/c4k_gitea/browser.cljs rename to src/main/cljs/dda/c4k_forgejo/browser.cljs index c5aeda4..910e99c 100644 --- a/src/main/cljs/dda/c4k_gitea/browser.cljs +++ b/src/main/cljs/dda/c4k_forgejo/browser.cljs @@ -1,9 +1,9 @@ -(ns dda.c4k-gitea.browser +(ns dda.c4k-forgejo.browser (:require [clojure.string :as st] [clojure.tools.reader.edn :as edn] - [dda.c4k-gitea.core :as core] - [dda.c4k-gitea.gitea :as gitea] + [dda.c4k-forgejo.core :as core] + [dda.c4k-forgejo.forgejo :as forgejo] [dda.c4k-common.browser :as br] [dda.c4k-common.common :as cm])) @@ -39,19 +39,19 @@ (generate-group "provider" (cm/concat-vec - (br/generate-input-field "volume-total-storage-size" "Your gitea volume-total-storage-size:" "20"))) + (br/generate-input-field "volume-total-storage-size" "Your forgejo volume-total-storage-size:" "20"))) (generate-group "credentials" (br/generate-text-area "auth" "Your auth.edn:" - "{:postgres-db-user \"gitea\" - :postgres-db-password \"gitea-db-password\" + "{:postgres-db-user \"forgejo\" + :postgres-db-password \"forgejo-db-password\" :mailer-user \"test@test.de\" :mailer-pw \"mail-test-password\"}" "5")) [(br/generate-br)] (br/generate-button "generate-button" "Generate c4k yaml")))] - (br/generate-output "c4k-gitea-output" "Your c4k deployment.yaml:" "25"))) + (br/generate-output "c4k-forgejo-output" "Your c4k deployment.yaml:" "25"))) (defn generate-content-div [] @@ -79,15 +79,15 @@ ))) (defn validate-all! [] - (br/validate! "fqdn" ::gitea/fqdn) - (br/validate! "mailer-from" ::gitea/mailer-from) - (br/validate! "mailer-host-port" ::gitea/mailer-host-port) - (br/validate! "service-noreply-address" ::gitea/service-noreply-address) - (br/validate! "issuer" ::gitea/issuer :optional true) - (br/validate! "app-name" ::gitea/default-app-name :optional true) - (br/validate! "domain-whitelist" ::gitea/service-domain-whitelist :optional true) - (br/validate! "volume-total-storage-size" ::gitea/volume-total-storage-size :deserializer js/parseInt) - (br/validate! "auth" gitea/auth? :deserializer edn/read-string) + (br/validate! "fqdn" ::forgejo/fqdn) + (br/validate! "mailer-from" ::forgejo/mailer-from) + (br/validate! "mailer-host-port" ::forgejo/mailer-host-port) + (br/validate! "service-noreply-address" ::forgejo/service-noreply-address) + (br/validate! "issuer" ::forgejo/issuer :optional true) + (br/validate! "app-name" ::forgejo/default-app-name :optional true) + (br/validate! "domain-whitelist" ::forgejo/service-domain-whitelist :optional true) + (br/validate! "volume-total-storage-size" ::forgejo/volume-total-storage-size :deserializer js/parseInt) + (br/validate! "auth" forgejo/auth? :deserializer edn/read-string) (br/set-form-validated!)) (defn add-validate-listener [name] @@ -104,7 +104,7 @@ (-> (cm/generate-common (config-from-document) (br/get-content-from-element "auth" :deserializer edn/read-string) - gitea/config-defaults + forgejo/config-defaults core/k8s-objects) (br/set-output!))))) (add-validate-listener "fqdn") diff --git a/src/main/resources/backup/backup-restore-deployment.yaml b/src/main/resources/backup/backup-restore-deployment.yaml index 79f4ec7..163bc14 100644 --- a/src/main/resources/backup/backup-restore-deployment.yaml +++ b/src/main/resources/backup/backup-restore-deployment.yaml @@ -14,10 +14,10 @@ spec: labels: app: backup-restore app.kubernetes.io/name: backup-restore - app.kubernetes.io/part-of: gitea + app.kubernetes.io/part-of: forgejo spec: containers: - - image: domaindrivenarchitecture/c4k-gitea-backup + - image: domaindrivenarchitecture/c4k-forgejo-backup name: backup-app imagePullPolicy: IfNotPresent command: ["/entrypoint-start-and-wait.sh"] @@ -59,15 +59,15 @@ spec: - name: CERTIFICATE_FILE value: "" volumeMounts: - - name: gitea-data-volume + - name: forgejo-data-volume mountPath: /var/backups - name: backup-secret-volume mountPath: /var/run/secrets/backup-secrets readOnly: true volumes: - - name: gitea-data-volume + - name: forgejo-data-volume persistentVolumeClaim: - claimName: gitea-data-pvc + claimName: forgejo-data-pvc - name: backup-secret-volume secret: secretName: backup-secret \ No newline at end of file diff --git a/src/main/resources/backup/config.yaml b/src/main/resources/backup/config.yaml index 2d60d3c..f7252a2 100644 --- a/src/main/resources/backup/config.yaml +++ b/src/main/resources/backup/config.yaml @@ -4,6 +4,6 @@ metadata: name: backup-config labels: app.kubernetes.io/name: backup - app.kubernetes.io/part-of: gitea + app.kubernetes.io/part-of: forgejo data: restic-repository: restic-repository \ No newline at end of file diff --git a/src/main/resources/backup/cron.yaml b/src/main/resources/backup/cron.yaml index 5282c54..349b04a 100644 --- a/src/main/resources/backup/cron.yaml +++ b/src/main/resources/backup/cron.yaml @@ -1,9 +1,9 @@ apiVersion: batch/v1beta1 kind: CronJob metadata: - name: gitea-backup + name: forgejo-backup labels: - app.kubernetes.part-of: gitea + app.kubernetes.part-of: forgejo spec: schedule: "10 23 * * *" successfulJobsHistoryLimit: 1 @@ -14,7 +14,7 @@ spec: spec: containers: - name: backup-app - image: domaindrivenarchitecture/c4k-gitea-backup + image: domaindrivenarchitecture/c4k-forgejo-backup imagePullPolicy: IfNotPresent command: ["/entrypoint.sh"] env: @@ -55,15 +55,15 @@ spec: - name: CERTIFICATE_FILE value: "" volumeMounts: - - name: gitea-data-volume + - name: forgejo-data-volume mountPath: /var/backups - name: backup-secret-volume mountPath: /var/run/secrets/backup-secrets readOnly: true volumes: - - name: gitea-data-volume + - name: forgejo-data-volume persistentVolumeClaim: - claimName: gitea-data-pvc + claimName: forgejo-data-pvc - name: backup-secret-volume secret: secretName: backup-secret diff --git a/src/main/resources/forgejo/appini-env-configmap.yaml b/src/main/resources/forgejo/appini-env-configmap.yaml new file mode 100644 index 0000000..c2e1090 --- /dev/null +++ b/src/main/resources/forgejo/appini-env-configmap.yaml @@ -0,0 +1,90 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: forgejo-env + namespace: default +data: + #[admin] + FORGEJO__admin__DEFAULT_EMAIL_NOTIFICATIONS: "enabled" # Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled + + #[attachments] + FORGEJO__attachments__PATH: /data/gitea/attachments + + #[database] + FORGEJO__database__DB_TYPE: "postgres" + FORGEJO__database__HOST: "postgresql-service:5432" + FORGEJO__database__NAME: forgejo + FORGEJO__database__LOG_SQL: "false" + FORGEJO__database__SSL_MODE: disable + FORGEJO__database__CHARSET: utf8 + + #[DEFAULT] + APP_NAME: APPNAME + RUN_MODE: prod + RUN_USER: git + + #[federation] + FORGEJO__federation__ENABLED: "true" + + #[indexer] + FORGEJO__indexer__ISSUE_INDEXER_PATH: /data/gitea/indexers/issues.bleve + + #[log] + FORGEJO__log__MODE: "console, file" + FORGEJO__log__LEVEL: Info + FORGEJO__log__ROOT_PATH: /data/gitea/log + + #[mailer] + FORGEJO__mailer__ENABLED: "true" + FORGEJO__mailer__FROM: FROM + FORGEJO__mailer__MAILER_TYPE: smtp+startls + # TODO: jem 2022-08-02: outdated with v1.18, use SMTP_ADDR & SMTP_PORT instead + FORGEJO__mailer__HOST: HOSTANDPORT + + #[oauth2] + FORGEJO__oauth2__ENABLE: "true" + + #[openid] + FORGEJO__openid__ENABLE_OPENID: "true" + FORGEJO__openid__ENABLE_OPENID_SIGNIN: "true" + FORGEJO__openid__ENABLE_OPENID_SIGNUP: "true" + + #[picture] + FORGEJO__picture__AVATAR_UPLOAD_PATH: /data/gitea/avatars + FORGEJO__picture__REPOSITORY_AVATAR_UPLOAD_PATH: /data/gitea/repo-avatars + FORGEJO__picture__DISABLE_GRAVATAR: "false" + FORGEJO__picture__ENABLE_FEDERATED_AVATAR: "true" # Enable support for federated avatars (see http://www.libravatar.org). + + #[repository] + FORGEJO__repository__ROOT: /data/git/repositories + FORGEJO__repository__DEFAULT_PRIVATE: last + FORGEJO__repository__LOCAL_COPY_PATH: /data/gitea/tmp/local-repo + FORGEJO__repository__TEMP_PATH: /data/gitea/uploads + + #[security] + FORGEJO__security__INSTALL_LOCK: "true" + + #[server] + FORGEJO__server__DOMAIN: FQDN + FORGEJO__server__SSH_DOMAIN: FQDN + FORGEJO__server__ROOT_URL: URL + FORGEJO__server__HTTP_PORT: "3000" # HTTP listen port of the server (in the pod) + FORGEJO__server__SSH_PORT: "2222" # SSH port displayed in clone URL + + #[service] + FORGEJO__service__DISABLE_REGISTRATION: "false" + FORGEJO__service__REQUIRE_SIGNIN_VIEW: "false" + FORGEJO__service__REGISTER_EMAIL_CONFIRM: "true" + FORGEJO__service__ENABLE_NOTIFY_MAIL: "true" + FORGEJO__service__EMAIL_DOMAIN_WHITELIST: WHITELISTDOMAINS + FORGEJO__service__ALLOW_ONLY_EXTERNAL_REGISTRATION: "false" + FORGEJO__service__ENABLE_BASIC_AUTHENTICATION: "true" + FORGEJO__service__ENABLE_CAPTCHA: "false" + FORGEJO__service__DEFAULT_KEEP_EMAIL_PRIVATE: "true" + FORGEJO__service__DEFAULT_ALLOW_CREATE_ORGANIZATION: "true" + FORGEJO__service__DEFAULT_ENABLE_TIMETRACKING: "true" + FORGEJO__service__NO_REPLY_ADDRESS: NOREPLY + + #[session] + FORGEJO__session__PROVIDER_CONFIG: /data/gitea/sessions + FORGEJO__session__PROVIDER: file diff --git a/src/main/resources/gitea/datavolume.yaml b/src/main/resources/forgejo/datavolume.yaml similarity index 84% rename from src/main/resources/gitea/datavolume.yaml rename to src/main/resources/forgejo/datavolume.yaml index 75f825b..44c8fd0 100644 --- a/src/main/resources/gitea/datavolume.yaml +++ b/src/main/resources/forgejo/datavolume.yaml @@ -1,10 +1,10 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: gitea-data-pvc + name: forgejo-data-pvc namespace: default labels: - app: gitea + app: forgejo spec: storageClassName: local-path accessModes: diff --git a/src/main/resources/gitea/deployment.yaml b/src/main/resources/forgejo/deployment.yaml similarity index 59% rename from src/main/resources/gitea/deployment.yaml rename to src/main/resources/forgejo/deployment.yaml index 1fe6c58..110ec43 100644 --- a/src/main/resources/gitea/deployment.yaml +++ b/src/main/resources/forgejo/deployment.yaml @@ -1,41 +1,41 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: gitea + name: forgejo namespace: default labels: - app: gitea + app: forgejo spec: replicas: 1 selector: matchLabels: - app: gitea + app: forgejo template: metadata: - name: gitea + name: forgejo labels: - app: gitea + app: forgejo spec: containers: - - name: gitea - image: gitea/gitea:1.17.3 + - name: forgejo + image: codeberg.org/forgejo/forgejo:1.19 imagePullPolicy: IfNotPresent # config settings envFrom: - configMapRef: - name: gitea-env + name: forgejo-env - secretRef: - name: gitea-secrets + name: forgejo-secrets volumeMounts: - - name: gitea-data-volume + - name: forgejo-data-volume mountPath: "/data" ports: - containerPort: 22 name: git-ssh - containerPort: 3000 - name: gitea + name: forgejo volumes: - - name: gitea-data-volume + - name: forgejo-data-volume persistentVolumeClaim: - claimName: gitea-data-pvc + claimName: forgejo-data-pvc diff --git a/src/main/resources/forgejo/secrets.yaml b/src/main/resources/forgejo/secrets.yaml new file mode 100644 index 0000000..0c2a224 --- /dev/null +++ b/src/main/resources/forgejo/secrets.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: forgejo-secrets +data: + FORGEJO__database__USER: DBUSER + FORGEJO__database__PASSWD: DBPW + + FORGEJO__mailer__USER: MAILERUSER + FORGEJO__mailer__PASSWD: MAILERPW + \ No newline at end of file diff --git a/src/main/resources/gitea/service-ssh.yaml b/src/main/resources/forgejo/service-ssh.yaml similarity index 86% rename from src/main/resources/gitea/service-ssh.yaml rename to src/main/resources/forgejo/service-ssh.yaml index 38627d8..1694958 100644 --- a/src/main/resources/gitea/service-ssh.yaml +++ b/src/main/resources/forgejo/service-ssh.yaml @@ -1,7 +1,7 @@ kind: Service apiVersion: v1 metadata: - name: gitea-ssh-service + name: forgejo-ssh-service namespace: default annotations: metallb.universe.tf/allow-shared-ip: "shared-ip-service-group" @@ -9,7 +9,7 @@ metadata: spec: type: LoadBalancer selector: - app: gitea + app: forgejo ports: - port: 2222 targetPort: 22 diff --git a/src/main/resources/gitea/service.yaml b/src/main/resources/forgejo/service.yaml similarity index 61% rename from src/main/resources/gitea/service.yaml rename to src/main/resources/forgejo/service.yaml index fdac6c3..e8fed3f 100644 --- a/src/main/resources/gitea/service.yaml +++ b/src/main/resources/forgejo/service.yaml @@ -1,12 +1,12 @@ kind: Service apiVersion: v1 metadata: - name: gitea-service + name: forgejo-service namespace: default spec: selector: - app: gitea + app: forgejo ports: - - name: gitea-http + - name: forgejo-http port: 3000 diff --git a/src/main/resources/gitea/appini-env-configmap.yaml b/src/main/resources/gitea/appini-env-configmap.yaml deleted file mode 100644 index e55e932..0000000 --- a/src/main/resources/gitea/appini-env-configmap.yaml +++ /dev/null @@ -1,90 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: gitea-env - namespace: default -data: - #[admin] - GITEA__admin__DEFAULT_EMAIL_NOTIFICATIONS: "enabled" # Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled - - #[attachments] - GITEA__attachments__PATH: /data/gitea/attachments - - #[database] - GITEA__database__DB_TYPE: "postgres" - GITEA__database__HOST: "postgresql-service:5432" - GITEA__database__NAME: gitea - GITEA__database__LOG_SQL: "false" - GITEA__database__SSL_MODE: disable - GITEA__database__CHARSET: utf8 - - #[DEFAULT] - APP_NAME: APPNAME - RUN_MODE: prod - RUN_USER: git - - #[federation] - GITEA__federation__ENABLED: "true" - - #[indexer] - GITEA__indexer__ISSUE_INDEXER_PATH: /data/gitea/indexers/issues.bleve - - #[log] - GITEA__log__MODE: "console, file" - GITEA__log__LEVEL: Info - GITEA__log__ROOT_PATH: /data/gitea/log - - #[mailer] - GITEA__mailer__ENABLED: "true" - GITEA__mailer__FROM: FROM - GITEA__mailer__MAILER_TYPE: smtp+startls - # TODO: jem 2022-08-02: outdated with v1.18, use SMTP_ADDR & SMTP_PORT instead - GITEA__mailer__HOST: HOSTANDPORT - - #[oauth2] - GITEA__oauth2__ENABLE: "true" - - #[openid] - GITEA__openid__ENABLE_OPENID: "true" - GITEA__openid__ENABLE_OPENID_SIGNIN: "true" - GITEA__openid__ENABLE_OPENID_SIGNUP: "true" - - #[picture] - GITEA__picture__AVATAR_UPLOAD_PATH: /data/gitea/avatars - GITEA__picture__REPOSITORY_AVATAR_UPLOAD_PATH: /data/gitea/repo-avatars - GITEA__picture__DISABLE_GRAVATAR: "false" - GITEA__picture__ENABLE_FEDERATED_AVATAR: "true" # Enable support for federated avatars (see http://www.libravatar.org). - - #[repository] - GITEA__repository__ROOT: /data/git/repositories - GITEA__repository__DEFAULT_PRIVATE: last - GITEA__repository__LOCAL_COPY_PATH: /data/gitea/tmp/local-repo - GITEA__repository__TEMP_PATH: /data/gitea/uploads - - #[security] - GITEA__security__INSTALL_LOCK: "true" - - #[server] - GITEA__server__DOMAIN: FQDN - GITEA__server__SSH_DOMAIN: FQDN - GITEA__server__ROOT_URL: URL - GITEA__server__HTTP_PORT: "3000" # HTTP listen port of the server (in the pod) - GITEA__server__SSH_PORT: "2222" # SSH port displayed in clone URL - - #[service] - GITEA__service__DISABLE_REGISTRATION: "false" - GITEA__service__REQUIRE_SIGNIN_VIEW: "false" - GITEA__service__REGISTER_EMAIL_CONFIRM: "true" - GITEA__service__ENABLE_NOTIFY_MAIL: "true" - GITEA__service__EMAIL_DOMAIN_WHITELIST: WHITELISTDOMAINS - GITEA__service__ALLOW_ONLY_EXTERNAL_REGISTRATION: "false" - GITEA__service__ENABLE_BASIC_AUTHENTICATION: "true" - GITEA__service__ENABLE_CAPTCHA: "false" - GITEA__service__DEFAULT_KEEP_EMAIL_PRIVATE: "true" - GITEA__service__DEFAULT_ALLOW_CREATE_ORGANIZATION: "true" - GITEA__service__DEFAULT_ENABLE_TIMETRACKING: "true" - GITEA__service__NO_REPLY_ADDRESS: NOREPLY - - #[session] - GITEA__session__PROVIDER_CONFIG: /data/gitea/sessions - GITEA__session__PROVIDER: file diff --git a/src/main/resources/gitea/certificate.yaml b/src/main/resources/gitea/certificate.yaml deleted file mode 100644 index ce1d810..0000000 --- a/src/main/resources/gitea/certificate.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: gitea-cert - namespace: default -spec: - secretName: gitea-cert - commonName: FQDN - duration: 2160h # 90d - renewBefore: 360h # 15d - dnsNames: - - FQDN - issuerRef: - name: staging - kind: ClusterIssuer \ No newline at end of file diff --git a/src/main/resources/gitea/ingress.yaml b/src/main/resources/gitea/ingress.yaml deleted file mode 100644 index 2844aeb..0000000 --- a/src/main/resources/gitea/ingress.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: ingress-gitea - namespace: default - annotations: - ingress.kubernetes.io/ssl-redirect: "true" - traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd -spec: - tls: - - hosts: - - FQDN - secretName: gitea-cert - rules: - - host: FQDN - http: - paths: - - pathType: Prefix - path: "/" - backend: - service: - name: gitea-service - port: - number: 3000 diff --git a/src/main/resources/gitea/secrets.yaml b/src/main/resources/gitea/secrets.yaml deleted file mode 100644 index 80feb13..0000000 --- a/src/main/resources/gitea/secrets.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: gitea-secrets -data: - GITEA__database__USER: DBUSER - GITEA__database__PASSWD: DBPW - - GITEA__mailer__USER: MAILERUSER - GITEA__mailer__PASSWD: MAILERPW - \ No newline at end of file diff --git a/src/test/cljc/dda/c4k_forgejo/core_test.cljc b/src/test/cljc/dda/c4k_forgejo/core_test.cljc new file mode 100644 index 0000000..5386019 --- /dev/null +++ b/src/test/cljc/dda/c4k_forgejo/core_test.cljc @@ -0,0 +1,19 @@ +(ns dda.c4k-forgejo.core-test + (:require + #?(:cljs [shadow.resource :as rc]) + #?(:clj [clojure.test :refer [deftest is are testing run-tests]] + :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) + [clojure.spec.alpha :as s] + [dda.c4k-common.yaml :as yaml] + [dda.c4k-forgejo.core :as cut])) + +#?(:cljs + (defmethod yaml/load-resource :forgejo-test [resource-name] + (case resource-name + "forgejo-test/valid-auth.yaml" (rc/inline "forgejo-test/valid-auth.yaml") + "forgejo-test/valid-config.yaml" (rc/inline "forgejo-test/valid-config.yaml") + (throw (js/Error. "Undefined Resource!"))))) + +(deftest validate-valid-resources + (is (s/valid? cut/config? (yaml/load-as-edn "forgejo-test/valid-config.yaml"))) + (is (s/valid? cut/auth? (yaml/load-as-edn "forgejo-test/valid-auth.yaml")))) \ No newline at end of file diff --git a/src/test/cljc/dda/c4k_gitea/gitea_test.cljc b/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc similarity index 62% rename from src/test/cljc/dda/c4k_gitea/gitea_test.cljc rename to src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc index 1cfb295..f3b4516 100644 --- a/src/test/cljc/dda/c4k_gitea/gitea_test.cljc +++ b/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc @@ -1,11 +1,11 @@ -(ns dda.c4k-gitea.gitea-test +(ns dda.c4k-forgejo.forgejo-test (:require #?(:clj [clojure.test :refer [deftest is are testing run-tests]] :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) [clojure.spec.test.alpha :as st] [dda.c4k-common.test-helper :as th] [dda.c4k-common.base64 :as b64] - [dda.c4k-gitea.gitea :as cut])) + [dda.c4k-forgejo.forgejo :as cut])) (st/instrument `cut/generate-appini-env) (st/instrument `cut/generate-ingress) @@ -13,21 +13,21 @@ (deftest should-generate-appini-env (is (= {:APP_NAME-c1 "", - :APP_NAME-c2 "test gitea", - :GITEA__mailer__FROM-c1 "", - :GITEA__mailer__FROM-c2 "test@test.com", - :GITEA__mailer__HOST-c1 "m.t.de:123", - :GITEA__mailer__HOST-c2 "mail.test.com:123", - :GITEA__server__DOMAIN-c1 "test.de", - :GITEA__server__DOMAIN-c2 "test.com", - :GITEA__server__ROOT_URL-c1 "https://test.de", - :GITEA__server__ROOT_URL-c2 "https://test.com", - :GITEA__server__SSH_DOMAIN-c1 "test.de", - :GITEA__server__SSH_DOMAIN-c2 "test.com", - :GITEA__service__EMAIL_DOMAIN_WHITELIST-c1 "adb.de", - :GITEA__service__EMAIL_DOMAIN_WHITELIST-c2 "test.com,test.net", - :GITEA__service__NO_REPLY_ADDRESS-c1 "", - :GITEA__service__NO_REPLY_ADDRESS-c2 "noreply@test.com"} + :APP_NAME-c2 "test forgejo", + :FORGEJO__mailer__FROM-c1 "", + :FORGEJO__mailer__FROM-c2 "test@test.com", + :FORGEJO__mailer__HOST-c1 "m.t.de:123", + :FORGEJO__mailer__HOST-c2 "mail.test.com:123", + :FORGEJO__server__DOMAIN-c1 "test.de", + :FORGEJO__server__DOMAIN-c2 "test.com", + :FORGEJO__server__ROOT_URL-c1 "https://test.de", + :FORGEJO__server__ROOT_URL-c2 "https://test.com", + :FORGEJO__server__SSH_DOMAIN-c1 "test.de", + :FORGEJO__server__SSH_DOMAIN-c2 "test.com", + :FORGEJO__service__EMAIL_DOMAIN_WHITELIST-c1 "adb.de", + :FORGEJO__service__EMAIL_DOMAIN_WHITELIST-c2 "test.com,test.net", + :FORGEJO__service__NO_REPLY_ADDRESS-c1 "", + :FORGEJO__service__NO_REPLY_ADDRESS-c2 "noreply@test.com"} (th/map-diff (cut/generate-appini-env {:default-app-name "" :fqdn "test.de" :mailer-from "" @@ -35,7 +35,7 @@ :service-domain-whitelist "adb.de" :service-noreply-address "" }) - (cut/generate-appini-env {:default-app-name "test gitea" + (cut/generate-appini-env {:default-app-name "test forgejo" :fqdn "test.com" :mailer-from "test@test.com" :mailer-host-port "mail.test.com:123" @@ -43,20 +43,15 @@ :service-noreply-address "noreply@test.com" }))))) -(deftest should-generate-certificate - (is (= {:name-c2 "prod", :name-c1 "staging"} - (th/map-diff (cut/generate-certificate {}) - (cut/generate-certificate {:issuer "prod"}))))) - (deftest should-generate-secret - (is (= {:GITEA__database__USER-c1 "", - :GITEA__database__USER-c2 (b64/encode "pg-user"), - :GITEA__database__PASSWD-c1 "", - :GITEA__database__PASSWD-c2 (b64/encode "pg-pw"), - :GITEA__mailer__USER-c1 "", - :GITEA__mailer__USER-c2 (b64/encode "maileruser"), - :GITEA__mailer__PASSWD-c1 "", - :GITEA__mailer__PASSWD-c2 (b64/encode "mailerpw")} + (is (= {:FORGEJO__database__USER-c1 "", + :FORGEJO__database__USER-c2 (b64/encode "pg-user"), + :FORGEJO__database__PASSWD-c1 "", + :FORGEJO__database__PASSWD-c2 (b64/encode "pg-pw"), + :FORGEJO__mailer__USER-c1 "", + :FORGEJO__mailer__USER-c2 (b64/encode "maileruser"), + :FORGEJO__mailer__PASSWD-c1 "", + :FORGEJO__mailer__PASSWD-c2 (b64/encode "mailerpw")} (th/map-diff (cut/generate-secrets {:postgres-db-user "" :postgres-db-password "" :mailer-user "" diff --git a/src/test/resources/forgejo-test/valid-auth.yaml b/src/test/resources/forgejo-test/valid-auth.yaml new file mode 100644 index 0000000..cf1efb9 --- /dev/null +++ b/src/test/resources/forgejo-test/valid-auth.yaml @@ -0,0 +1,10 @@ +postgres-db-user: "forgejo" +postgres-db-password: "forgejo-db-password" +mailer-user: "" +mailer-pw: "" +aws-access-key-id: "AWS_KEY_ID" +aws-secret-access-key: "AWS_KEY_SECRET" +restic-password: "" +mon-auth: + grafana-cloud-user: "user" + grafana-cloud-password: "password" diff --git a/src/test/resources/forgejo-test/valid-config.yaml b/src/test/resources/forgejo-test/valid-config.yaml new file mode 100644 index 0000000..4fe83b2 --- /dev/null +++ b/src/test/resources/forgejo-test/valid-config.yaml @@ -0,0 +1,13 @@ +default-app-name: "Meissas awesome forgejo" +fqdn: "test.de" +issuer: "staging" +mailer-from: "test@test.de" +mailer-host-port: "test.de:123" +service-whitelist-domains: "test.de" +service-noreply-address: "noreply@test.de" +volume-total-storage-size: 6 +restic-repository: "repo-path" +mon-cfg: + grafana-cloud-url: "url-for-your-prom-remote-write-endpoint" + cluster-name: "forgejo" + cluster-stage: "test" \ No newline at end of file diff --git a/valid-auth.edn b/valid-auth.edn deleted file mode 100644 index f484e2a..0000000 --- a/valid-auth.edn +++ /dev/null @@ -1,7 +0,0 @@ -{:postgres-db-user "gitea" - :postgres-db-password "gitea-db-password" - :mailer-user "" - :mailer-pw "" - :aws-access-key-id "AWS_KEY_ID" - :aws-secret-access-key "AWS_KEY_SECRET" - :restic-password ""} diff --git a/valid-config.edn b/valid-config.edn deleted file mode 100644 index 056f3de..0000000 --- a/valid-config.edn +++ /dev/null @@ -1,9 +0,0 @@ -{:default-app-name "Meissas awesome gitea" - :fqdn "test.de" - :issuer "staging" - :mailer-from "test@test.de" - :mailer-host-port "test.de:123" - :service-whitelist-domains "test.de" - :service-noreply-address "noreply@test.de" - :volume-total-storage-size 6 - :restic-repository "repo-path"}