bekkalokk/gitea: misc changes

- change domain from git2 to git1 - enable internal SSH serer - enable code search - add custom logos - update import-user-script to ignore GECOS fields
2023-09-07 18:34:58 +02:00 · 2023-09-07 18:34:58 +02:00 · b4b6b4971a
parent f567199604
commit b4b6b4971a
3 changed files with 50 additions and 22 deletions
--- a/hosts/bekkalokk/services/gitea/default.nix
+++ b/hosts/bekkalokk/services/gitea/default.nix
@ -1,7 +1,7 @@
 { config, values, pkgs, ... }:
 let
  cfg = config.services.gitea;
-  domain = "git2.pvv.ntnu.no";
+  domain = "git.pvv.ntnu.no";
  sshPort  = 2222;
 in {
  sops.secrets = {
@ -33,6 +33,10 @@ in {
        ROOT_URL = "https://${domain}/";
        PROTOCOL = "http+unix";
        SSH_PORT = sshPort;
+	START_SSH_SERVER = true;
+      };
+      indexer = {
+      	REPO_INDEXER_ENABLED = true;
      };
      service.DISABLE_REGISTRATION = true;
      session.COOKIE_SECURE = true;
@ -41,9 +45,12 @@ in {
        DISABLE_GRAVATAR = true;
        ENABLE_FEDERATED_AVATAR = false;
      };
+      "ui.meta".DESCRIPTION = "Bokstavelig talt programvareverkstedet";
    };
  };

+  environment.systemPackages = [ cfg.package ];
+
  services.nginx.virtualHosts."${domain}" = {
    forceSSL = true;
    enableACME = true;
@ -83,4 +90,13 @@ in {
      Unit = "gitea-import-users.service";
    };
  };
+
+  system.activationScripts.linkGiteaLogo.text = let
+    logo-svg = ../../../../assets/logo_blue_regular.svg;
+    logo-png = ../../../../assets/logo_blue_regular.png;
+  in ''
+    install -Dm444 ${logo-svg} ${cfg.stateDir}/custom/public/img/logo.svg
+    install -Dm444 ${logo-png} ${cfg.stateDir}/custom/public/img/logo.png
+    install -Dm444 ${./loading.apng} ${cfg.stateDir}/custom/public/img/loading.png
+  '';
 }
--- a/hosts/bekkalokk/services/gitea/gitea-import-users.py
+++ b/hosts/bekkalokk/services/gitea/gitea-import-users.py
@ -12,7 +12,7 @@ if API_TOKEN is None:

 GITEA_API_URL = os.getenv('GITEA_API_URL')
 if GITEA_API_URL is None:
-    GITEA_API_URL = 'https://git2.pvv.ntnu.no/api/v1'
+    GITEA_API_URL = 'https://git.pvv.ntnu.no/api/v1'

 BANNED_SHELLS = [
    "/usr/bin/nologin",
@ -22,44 +22,56 @@ BANNED_SHELLS = [
    "/bin/msgsh",
 ]

-existing_users = []
+existing_users = {}


+# This function should only ever be called when adding users
+# from the passwd file
 def add_user(username, name):
-    if username in existing_users:
-        return
-
    user = {
-            "email": username + '@' + EMAIL_DOMAIN,
            "full_name": name,
-            "login_name": username,
-            "password": secrets.token_urlsafe(32),
-            "source_id": 1,  # 1 = SMTP
            "username": username,
-            "must_change_password": False,
-            "visibility": "private",
+            "login_name": username,
+            "visibility": "public",
+            "source_id": 1,  # 1 = SMTP
    }

-    r = requests.post(GITEA_API_URL + '/admin/users', json=user,
-                      headers={'Authorization': 'token ' + API_TOKEN})
-    if r.status_code != 201:
-        print('ERR: Failed to create user ' + username + ': ' + r.text)
-        return
+    if username not in existing_users:
+        user["password"] = secrets.token_urlsafe(32)
+        user["must_change_password"] = False
+        user["visibility"] = "private"
+        user["email"] = username + '@' + EMAIL_DOMAIN

-    print('Created user ' + username)
-    existing_users.append(username)
+        r = requests.post(GITEA_API_URL + '/admin/users', json=user,
+                          headers={'Authorization': 'token ' + API_TOKEN})
+        if r.status_code != 201:
+            print('ERR: Failed to create user ' + username + ': ' + r.text)
+            return
+
+        print('Created user ' + username)
+        existing_users[username] = user
+
+    else:
+        r = requests.patch(GITEA_API_URL + f'/admin/users/{username}',
+                           json=user,
+                           headers={'Authorization': 'token ' + API_TOKEN})
+        if r.status_code != 200:
+            print('ERR: Failed to update user ' + username + ': ' + r.text)
+            return
+
+        print('Updated user ' + username)


 def main():
-
    # Fetch existing users
    r = requests.get(GITEA_API_URL + '/admin/users',
                     headers={'Authorization': 'token ' + API_TOKEN})
+
    if r.status_code != 200:
        raise Exception('Failed to get users: ' + r.text)

    for user in r.json():
-        existing_users.append(user['login'])
+        existing_users[user['login']] = user

    # Read the file, add each user
    with open("/tmp/passwd-import", 'r') as f:
@ -73,7 +85,7 @@ def main():
                continue

            username = line.split(':')[0]
-            name = line.split(':')[4]
+            name = line.split(':')[4].split(',')[0]

            add_user(username, name)

--- a/hosts/bekkalokk/services/gitea/loading.apng
+++ b/hosts/bekkalokk/services/gitea/loading.apng