Drift/pvv-nixos-config
Drift
/
pvv-nixos-config
16
4
Fork 1
Code Issues Pull Requests 6 Wiki Activity

gitea: misc changes 

- change domain from git2 to git1
- enable internal SSH serer
- enable code search
- add custom logos
- update import-user-script to ignore GECOS fields
This commit is contained in:
Oystein Kristoffer Tveit 2023-09-07 18:34:58 +02:00
parent cabb84ed72
commit 1482b2f3bb
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
3 changed files with 49 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
hosts/bekkalokk/services/gitea/default.nix
View File

@ -1,7 +1,7 @@
{ config, values, pkgs, ... }:
let
cfg = config.services.gitea;
domain = "git2.pvv.ntnu.no";
domain = "git.pvv.ntnu.no";
sshPort = 2222;
in {
sops.secrets = {
@ -33,6 +33,10 @@ in {
ROOT_URL = "https://${domain}/";
PROTOCOL = "http+unix";
SSH_PORT = sshPort;
START_SSH_SERVER = true;
};
indexer = {
REPO_INDEXER_ENABLED = true;
};
service.DISABLE_REGISTRATION = true;
session.COOKIE_SECURE = true;
@ -41,9 +45,12 @@ in {
DISABLE_GRAVATAR = true;
ENABLE_FEDERATED_AVATAR = false;
};
"ui.meta".DESCRIPTION = "Bokstavelig talt programvareverkstedet";
};
};
environment.systemPackages = [ cfg.package ];
services.nginx.virtualHosts."${domain}" = {
forceSSL = true;
enableACME = true;
@ -83,4 +90,13 @@ in {
Unit = "gitea-import-users.service";
};
};
system.activationScripts.linkGiteaLogo.text = let
logo-svg = ../../../../assets/logo_blue_regular.svg;
logo-png = ../../../../assets/logo_blue_regular.png;
in ''
install -Dm444 ${logo-svg} ${cfg.stateDir}/custom/public/img/logo.svg
install -Dm444 ${logo-png} ${cfg.stateDir}/custom/public/img/logo.png
install -Dm444 ${./loading.apng} ${cfg.stateDir}/custom/public/img/loading.png
'';
}

52
hosts/bekkalokk/services/gitea/gitea-import-users.py
View File

@ -22,44 +22,56 @@ BANNED_SHELLS = [
"/bin/msgsh",
]
existing_users = []
existing_users = {}
# This function should only ever be called when adding users
# from the passwd file
def add_user(username, name):
if username in existing_users:
return
user = {
"email": username + '@' + EMAIL_DOMAIN,
"full_name": name,
"login_name": username,
"password": secrets.token_urlsafe(32),
"source_id": 1, # 1 = SMTP
"username": username,
"must_change_password": False,
"visibility": "private",
"login_name": username,
"visibility": "public",
"source_id": 1, # 1 = SMTP
}
r = requests.post(GITEA_API_URL + '/admin/users', json=user,
headers={'Authorization': 'token ' + API_TOKEN})
if r.status_code != 201:
print('ERR: Failed to create user ' + username + ': ' + r.text)
return
if username not in existing_users:
user["password"] = secrets.token_urlsafe(32)
user["must_change_password"] = False
user["visibility"] = "private"
user["email"] = username + '@' + EMAIL_DOMAIN
print('Created user ' + username)
existing_users.append(username)
r = requests.post(GITEA_API_URL + '/admin/users', json=user,
headers={'Authorization': 'token ' + API_TOKEN})
if r.status_code != 201:
print('ERR: Failed to create user ' + username + ': ' + r.text)
return
print('Created user ' + username)
existing_users[username] = user
else:
r = requests.patch(GITEA_API_URL + f'/admin/users/{username}',
json=user,
headers={'Authorization': 'token ' + API_TOKEN})
if r.status_code != 200:
print('ERR: Failed to update user ' + username + ': ' + r.text)
return
print('Updated user ' + username)
def main():
# Fetch existing users
r = requests.get(GITEA_API_URL + '/admin/users',
headers={'Authorization': 'token ' + API_TOKEN})
if r.status_code != 200:
raise Exception('Failed to get users: ' + r.text)
for user in r.json():
existing_users.append(user['login'])
existing_users[user['login']] = user
# Read the file, add each user
with open("/tmp/passwd-import", 'r') as f:
@ -73,7 +85,7 @@ def main():
continue
username = line.split(':')[0]
name = line.split(':')[4]
name = line.split(':')[4].split(',')[0]
add_user(username, name)

BIN
hosts/bekkalokk/services/gitea/loading.apng Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 MiB