Compare commits
2 Commits
1482b2f3bb
...
0887286832
| Author | SHA1 | Date |
|---|---|---|
 Oystein Kristoffer Tveit
|
0887286832
|
|
|
Oystein Kristoffer Tveit
|
f567199604
|
|
|
@ -1,7 +1,7 @@
|
|||
{ config, values, pkgs, ... }:
|
||||
let
|
||||
cfg = config.services.gitea;
|
||||
domain = "git2.pvv.ntnu.no";
|
||||
domain = "git.pvv.ntnu.no";
|
||||
sshPort = 2222;
|
||||
in {
|
||||
sops.secrets = {
|
||||
|
|
@ -33,6 +33,10 @@ in {
|
|||
ROOT_URL = "https://${domain}/";
|
||||
PROTOCOL = "http+unix";
|
||||
SSH_PORT = sshPort;
|
||||
START_SSH_SERVER = true;
|
||||
};
|
||||
indexer = {
|
||||
REPO_INDEXER_ENABLED = true;
|
||||
};
|
||||
service.DISABLE_REGISTRATION = true;
|
||||
session.COOKIE_SECURE = true;
|
||||
|
|
@ -41,9 +45,12 @@ in {
|
|||
DISABLE_GRAVATAR = true;
|
||||
ENABLE_FEDERATED_AVATAR = false;
|
||||
};
|
||||
"ui.meta".DESCRIPTION = "Bokstavelig talt programvareverkstedet";
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
services.nginx.virtualHosts."${domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
|
|
@ -83,4 +90,13 @@ in {
|
|||
Unit = "gitea-import-users.service";
|
||||
};
|
||||
};
|
||||
|
||||
system.activationScripts.linkGiteaLogo.text = let
|
||||
logo-svg = ../../../../assets/logo_blue_regular.svg;
|
||||
logo-png = ../../../../assets/logo_blue_regular.png;
|
||||
in ''
|
||||
install -Dm444 ${logo-svg} ${cfg.stateDir}/custom/public/img/logo.svg
|
||||
install -Dm444 ${logo-png} ${cfg.stateDir}/custom/public/img/logo.png
|
||||
install -Dm444 ${./loading.apng} ${cfg.stateDir}/custom/public/img/loading.png
|
||||
'';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -22,44 +22,56 @@ BANNED_SHELLS = [
|
|||
"/bin/msgsh",
|
||||
]
|
||||
|
||||
existing_users = []
|
||||
existing_users = {}
|
||||
|
||||
|
||||
# This function should only ever be called when adding users
|
||||
# from the passwd file
|
||||
def add_user(username, name):
|
||||
if username in existing_users:
|
||||
return
|
||||
|
||||
user = {
|
||||
"email": username + '@' + EMAIL_DOMAIN,
|
||||
"full_name": name,
|
||||
"login_name": username,
|
||||
"password": secrets.token_urlsafe(32),
|
||||
"source_id": 1, # 1 = SMTP
|
||||
"username": username,
|
||||
"must_change_password": False,
|
||||
"visibility": "private",
|
||||
"login_name": username,
|
||||
"visibility": "public",
|
||||
"source_id": 1, # 1 = SMTP
|
||||
}
|
||||
|
||||
r = requests.post(GITEA_API_URL + '/admin/users', json=user,
|
||||
headers={'Authorization': 'token ' + API_TOKEN})
|
||||
if r.status_code != 201:
|
||||
print('ERR: Failed to create user ' + username + ': ' + r.text)
|
||||
return
|
||||
if username not in existing_users:
|
||||
user["password"] = secrets.token_urlsafe(32)
|
||||
user["must_change_password"] = False
|
||||
user["visibility"] = "private"
|
||||
user["email"] = username + '@' + EMAIL_DOMAIN
|
||||
|
||||
print('Created user ' + username)
|
||||
existing_users.append(username)
|
||||
r = requests.post(GITEA_API_URL + '/admin/users', json=user,
|
||||
headers={'Authorization': 'token ' + API_TOKEN})
|
||||
if r.status_code != 201:
|
||||
print('ERR: Failed to create user ' + username + ': ' + r.text)
|
||||
return
|
||||
|
||||
print('Created user ' + username)
|
||||
existing_users[username] = user
|
||||
|
||||
else:
|
||||
r = requests.patch(GITEA_API_URL + f'/admin/users/{username}',
|
||||
json=user,
|
||||
headers={'Authorization': 'token ' + API_TOKEN})
|
||||
if r.status_code != 200:
|
||||
print('ERR: Failed to update user ' + username + ': ' + r.text)
|
||||
return
|
||||
|
||||
print('Updated user ' + username)
|
||||
|
||||
|
||||
def main():
|
||||
|
||||
# Fetch existing users
|
||||
r = requests.get(GITEA_API_URL + '/admin/users',
|
||||
headers={'Authorization': 'token ' + API_TOKEN})
|
||||
|
||||
if r.status_code != 200:
|
||||
raise Exception('Failed to get users: ' + r.text)
|
||||
|
||||
for user in r.json():
|
||||
existing_users.append(user['login'])
|
||||
existing_users[user['login']] = user
|
||||
|
||||
# Read the file, add each user
|
||||
with open("/tmp/passwd-import", 'r') as f:
|
||||
|
|
@ -73,7 +85,7 @@ def main():
|
|||
continue
|
||||
|
||||
username = line.split(':')[0]
|
||||
name = line.split(':')[4]
|
||||
name = line.split(':')[4].split(',')[0]
|
||||
|
||||
add_user(username, name)
|
||||
|
||||
|
|
|
|||
Binary file not shown.
|
After Width: | Height: | Size: 1.1 MiB |
|
|
@ -3,7 +3,7 @@ gitea:
|
|||
database: ENC[AES256_GCM,data:UlS33IdCEyeSvT6ngpmnkBWHuSEqsB//DT+3b7C+UwbD8UXWJlsLf1X8/w==,iv:mPRW5ldyZaHP+y/0vC2JGSLZmlkhgmkvXPk4LazkSDs=,tag:gGk6Z/nbPvzE1zG+tJC8Sw==,type:str]
|
||||
passwd-ssh-key: ENC[AES256_GCM,data:L0lF0wvpayss1NU9m3A45cH0bCMQzODTFVrq6EPd1JHx54wIcoaRBYLmxXKXASzBlCg9zlwXMUIk3OQcS3kdzMKL0iqcSL2iicAcKjFIHyrWLqXgwV5pRSP/tRPcVw8KW8gz0bh33EgESs5ReddZ3VZ0Cy1s2YupMRQvBXr89k1+Hv70OWB6P06hvxhv/zKcMGI1N/dWLroMgrQuT9imw4+/Q1RqwzTYeEU+eUn24AM9GjcBg4qf3OI+6g0nXUat/upIYE28iF5J3lbUSmDSmirBLc8xgHLdOyyJPTObWYWYxlSL78T7IqiMm9lI3rtBlpJDDcn/YxZpVqN5bg2154GISNK+uR0TVSLdJ+drdGHIfIX3G78XSxf2L9rbJyRn8MQlgStfdBIQicLavQKVMrmj+XQfvEMez23WbPLjH4oViBQFI+GrOHOGy/f16cz8Sn4n+69OcsOeTxs3tKYdfq6r1XLYSJ/fe/zvxBpaZiyGXljsuyEdIyBL2A8D6uSXe3Nd3/DAdBtceFfIdN1olCdutixzVWgxaJnrel161z5A/4w=,iv:Uy46yY3jFYSvpxrgCHxRMUksnWfhf5DViLMvCXVMMl4=,tag:wFEJ5+icFrOKkc56gY0A5g==,type:str]
|
||||
ssh-known-hosts: ENC[AES256_GCM,data:zlRLoelQeumMxGqPmgMTB69X1RVWXIs2jWwc67lk0wrdNOHUs5UzV5TUA1JnQ43RslBU92+js7DkyvE5enGzw7zZE5F1ZYdGv/eCgvkTMC9BoLfzHzP6OzayPLYEt3xJ5PRocN8JUAD55cuu4LgsuebuydHPi2oWOfpbSUBKSeCh6dvk5Pp1XRDprPS5SzGLW8Xjq98QlzmfGv50meI9CDJZVF9Wq/72gkyfgtb3YVdr,iv:AF06TBitHegfWk6w07CdkHklh4ripQCmA45vswDQgss=,tag:zKh7WVXMJN2o9ZIwIkby3Q==,type:str]
|
||||
import-user-env: ENC[AES256_GCM,data:LNzlIOwN7pWMmq+2+OqDqt17/QFW6UB7gguB8FIKPa/AqE6P8M5LaUFRRd06u8KVWSU=,iv:epWfPmvpqHYnqUr0nlHqg6Hshtno+i2wiY4Z1LdDAQM=,tag:H0xwTcgIa48aycpllV1XEQ==,type:str]
|
||||
import-user-env: ENC[AES256_GCM,data:vfaqjGEnUM9VtOPvBurz7nFwzGZt3L2EqijrQej4wiOcGCrRA4tN6kBV6NmhHqlFPsw=,iv:viPGkyOOacCWcgTu25da4qH7DC4wz2qdeC1W2WcMUdI=,tag:BllNqGQoaxqUo3lTz9LGnw==,type:str]
|
||||
mediawiki:
|
||||
password: ENC[AES256_GCM,data:HsBuA1E7187roGnKuFPfPDYxA16GFjAUucgUtrdUFmcOzmTNiFH+NWY2ZQ==,iv:vDYUmmZftcrkDtJxNYKAJSx9j+AQcmQarC62QRHR4IM=,tag:3TKjNrGRivFWoK3djC748g==,type:str]
|
||||
database: ENC[AES256_GCM,data:EvVK3Mo6cZiIZS+gTxixU4r9SXN41VqwaWOtortZRNH+WPJ4xcYvzYMJNg==,iv:JtFTRLn3fzKIfgAPRqRgQjct7EdkEHtiyQKPy8/sZ2Q=,tag:nqzseG6BC0X5UNI/3kZZ3A==,type:str]
|
||||
|
|
@ -42,8 +42,8 @@ sops:
|
|||
akVjeTNTeGorZjJQOVlMeCtPRUVYL3MK+VMvGxrbzGz4Q3sdaDDWjal+OiK+JYKX
|
||||
GHiMXVHQJZu/RrlxMjHKN6V3iaqxZpuvLAEJ2Lzy5EOHPtuiiRyeHQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-06-04T03:40:15Z"
|
||||
mac: ENC[AES256_GCM,data:b0/75mHIRm+rBpzaOEWVoN2v2WTNfLMUpiHqQY7xPehuMFHycGZZaqPXr+bxDXYDm940ufQHGy0KDN8IuG/ENbFby8AnG8PGPe0rM5Nf8zux/5jlyUQB+tjIvRNy/cg9eiqlYJPp2yOclBCFUmTmAjOU+Je1bV2VCgFCINMoSec=,iv:5Ejw1WLpiDbuiS6KQudbka7HYV9fDSM1vnghtjNjXzY=,tag:7eKPDmU+eG7c/3qj6tgb0Q==,type:str]
|
||||
lastmodified: "2023-09-03T19:12:38Z"
|
||||
mac: ENC[AES256_GCM,data:Zo6WD3n33nX7bUun9YqaidvqZjFmbIx7QTzOTGOanSbeDmrejRRdBgGMohWG07byxrdlYO6mQwBkz2xic7+Rh3k1UJ65FDNyM7EOrwuc/X7HJy2Tk9WQO0DDbwDh+OfCeLOhrpBWTlsVt9HpN6xU8xBDABVxBQzd47pm1GRs3Ig=,iv:ECl4h15AnDJPcR3eXZ/wXSTUP8QnAuYiWRWx+Ouazd4=,tag:ZkZ/kSrx/5HCDPQhCGuxLw==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-05-21T00:28:40Z"
|
||||
enc: |
|
||||
|
|
|
|||
Loading…
Reference in New Issue