Drift/pvv-nixos-config
Drift
/
pvv-nixos-config
14
3
Fork 1
Code Issues Pull Requests 3 Activity

bekkalokk/gitea: misc changes 

- change domain from git2 to git1
- enable internal SSH serer
- enable code search
- add custom logos
- update import-user-script to ignore GECOS fields
This commit is contained in:
Oystein Kristoffer Tveit 2023-09-07 18:34:58 +02:00
parent f567199604
commit b4b6b4971a
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
3 changed files with 50 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
hosts/bekkalokk/services/gitea/default.nix
View File

@ -1,7 +1,7 @@
{ config, values, pkgs, ... }: { config, values, pkgs, ... }:
let let
cfg = config.services.gitea; cfg = config.services.gitea;
domain = "git2.pvv.ntnu.no"; domain = "git.pvv.ntnu.no";
sshPort = 2222; sshPort = 2222;
in { in {
sops.secrets = { sops.secrets = {
@ -33,6 +33,10 @@ in {
ROOT_URL = "https://${domain}/"; ROOT_URL = "https://${domain}/";
PROTOCOL = "http+unix"; PROTOCOL = "http+unix";
SSH_PORT = sshPort; SSH_PORT = sshPort;
START_SSH_SERVER = true;
};
indexer = {
REPO_INDEXER_ENABLED = true;
}; };
service.DISABLE_REGISTRATION = true; service.DISABLE_REGISTRATION = true;
session.COOKIE_SECURE = true; session.COOKIE_SECURE = true;
@ -41,9 +45,12 @@ in {
DISABLE_GRAVATAR = true; DISABLE_GRAVATAR = true;
ENABLE_FEDERATED_AVATAR = false; ENABLE_FEDERATED_AVATAR = false;
}; };
"ui.meta".DESCRIPTION = "Bokstavelig talt programvareverkstedet";
}; };
}; };
environment.systemPackages = [ cfg.package ];
services.nginx.virtualHosts."${domain}" = { services.nginx.virtualHosts."${domain}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
@ -83,4 +90,13 @@ in {
Unit = "gitea-import-users.service"; Unit = "gitea-import-users.service";
}; };
}; };
system.activationScripts.linkGiteaLogo.text = let
logo-svg = ../../../../assets/logo_blue_regular.svg;
logo-png = ../../../../assets/logo_blue_regular.png;
in ''
install -Dm444 ${logo-svg} ${cfg.stateDir}/custom/public/img/logo.svg
install -Dm444 ${logo-png} ${cfg.stateDir}/custom/public/img/logo.png
install -Dm444 ${./loading.apng} ${cfg.stateDir}/custom/public/img/loading.png
'';
} }

54
hosts/bekkalokk/services/gitea/gitea-import-users.py
View File

@ -12,7 +12,7 @@ if API_TOKEN is None:
GITEA_API_URL = os.getenv('GITEA_API_URL') GITEA_API_URL = os.getenv('GITEA_API_URL')
if GITEA_API_URL is None: if GITEA_API_URL is None:
GITEA_API_URL = 'https://git2.pvv.ntnu.no/api/v1' GITEA_API_URL = 'https://git.pvv.ntnu.no/api/v1'
BANNED_SHELLS = [ BANNED_SHELLS = [
"/usr/bin/nologin", "/usr/bin/nologin",
@ -22,44 +22,56 @@ BANNED_SHELLS = [
"/bin/msgsh", "/bin/msgsh",
] ]
existing_users = [] existing_users = {}
# This function should only ever be called when adding users
# from the passwd file
def add_user(username, name): def add_user(username, name):
if username in existing_users:
return
user = { user = {
"email": username + '@' + EMAIL_DOMAIN,
"full_name": name, "full_name": name,
"login_name": username,
"password": secrets.token_urlsafe(32),
"source_id": 1, # 1 = SMTP
"username": username, "username": username,
"must_change_password": False, "login_name": username,
"visibility": "private", "visibility": "public",
"source_id": 1, # 1 = SMTP
} }
r = requests.post(GITEA_API_URL + '/admin/users', json=user, if username not in existing_users:
headers={'Authorization': 'token ' + API_TOKEN}) user["password"] = secrets.token_urlsafe(32)
if r.status_code != 201: user["must_change_password"] = False
print('ERR: Failed to create user ' + username + ': ' + r.text) user["visibility"] = "private"
return user["email"] = username + '@' + EMAIL_DOMAIN
print('Created user ' + username) r = requests.post(GITEA_API_URL + '/admin/users', json=user,
existing_users.append(username) headers={'Authorization': 'token ' + API_TOKEN})
if r.status_code != 201:
print('ERR: Failed to create user ' + username + ': ' + r.text)
return
print('Created user ' + username)
existing_users[username] = user
else:
r = requests.patch(GITEA_API_URL + f'/admin/users/{username}',
json=user,
headers={'Authorization': 'token ' + API_TOKEN})
if r.status_code != 200:
print('ERR: Failed to update user ' + username + ': ' + r.text)
return
print('Updated user ' + username)
def main(): def main():
# Fetch existing users # Fetch existing users
r = requests.get(GITEA_API_URL + '/admin/users', r = requests.get(GITEA_API_URL + '/admin/users',
headers={'Authorization': 'token ' + API_TOKEN}) headers={'Authorization': 'token ' + API_TOKEN})
if r.status_code != 200: if r.status_code != 200:
raise Exception('Failed to get users: ' + r.text) raise Exception('Failed to get users: ' + r.text)
for user in r.json(): for user in r.json():
existing_users.append(user['login']) existing_users[user['login']] = user
# Read the file, add each user # Read the file, add each user
with open("/tmp/passwd-import", 'r') as f: with open("/tmp/passwd-import", 'r') as f:
@ -73,7 +85,7 @@ def main():
continue continue
username = line.split(':')[0] username = line.split(':')[0]
name = line.split(':')[4] name = line.split(':')[4].split(',')[0]
add_user(username, name) add_user(username, name)

BIN
hosts/bekkalokk/services/gitea/loading.apng Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 MiB