forked from Drift/pvv-nixos-config
bekkalokk/gitea: misc changes
- change domain from git2 to git1 - enable internal SSH serer - enable code search - add custom logos - update import-user-script to ignore GECOS fields
This commit is contained in:
parent
f567199604
commit
b4b6b4971a
|
@ -1,7 +1,7 @@
|
|||
{ config, values, pkgs, ... }:
|
||||
let
|
||||
cfg = config.services.gitea;
|
||||
domain = "git2.pvv.ntnu.no";
|
||||
domain = "git.pvv.ntnu.no";
|
||||
sshPort = 2222;
|
||||
in {
|
||||
sops.secrets = {
|
||||
|
@ -33,6 +33,10 @@ in {
|
|||
ROOT_URL = "https://${domain}/";
|
||||
PROTOCOL = "http+unix";
|
||||
SSH_PORT = sshPort;
|
||||
START_SSH_SERVER = true;
|
||||
};
|
||||
indexer = {
|
||||
REPO_INDEXER_ENABLED = true;
|
||||
};
|
||||
service.DISABLE_REGISTRATION = true;
|
||||
session.COOKIE_SECURE = true;
|
||||
|
@ -41,9 +45,12 @@ in {
|
|||
DISABLE_GRAVATAR = true;
|
||||
ENABLE_FEDERATED_AVATAR = false;
|
||||
};
|
||||
"ui.meta".DESCRIPTION = "Bokstavelig talt programvareverkstedet";
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
services.nginx.virtualHosts."${domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
|
@ -83,4 +90,13 @@ in {
|
|||
Unit = "gitea-import-users.service";
|
||||
};
|
||||
};
|
||||
|
||||
system.activationScripts.linkGiteaLogo.text = let
|
||||
logo-svg = ../../../../assets/logo_blue_regular.svg;
|
||||
logo-png = ../../../../assets/logo_blue_regular.png;
|
||||
in ''
|
||||
install -Dm444 ${logo-svg} ${cfg.stateDir}/custom/public/img/logo.svg
|
||||
install -Dm444 ${logo-png} ${cfg.stateDir}/custom/public/img/logo.png
|
||||
install -Dm444 ${./loading.apng} ${cfg.stateDir}/custom/public/img/loading.png
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -12,7 +12,7 @@ if API_TOKEN is None:
|
|||
|
||||
GITEA_API_URL = os.getenv('GITEA_API_URL')
|
||||
if GITEA_API_URL is None:
|
||||
GITEA_API_URL = 'https://git2.pvv.ntnu.no/api/v1'
|
||||
GITEA_API_URL = 'https://git.pvv.ntnu.no/api/v1'
|
||||
|
||||
BANNED_SHELLS = [
|
||||
"/usr/bin/nologin",
|
||||
|
@ -22,24 +22,26 @@ BANNED_SHELLS = [
|
|||
"/bin/msgsh",
|
||||
]
|
||||
|
||||
existing_users = []
|
||||
existing_users = {}
|
||||
|
||||
|
||||
# This function should only ever be called when adding users
|
||||
# from the passwd file
|
||||
def add_user(username, name):
|
||||
if username in existing_users:
|
||||
return
|
||||
|
||||
user = {
|
||||
"email": username + '@' + EMAIL_DOMAIN,
|
||||
"full_name": name,
|
||||
"login_name": username,
|
||||
"password": secrets.token_urlsafe(32),
|
||||
"source_id": 1, # 1 = SMTP
|
||||
"username": username,
|
||||
"must_change_password": False,
|
||||
"visibility": "private",
|
||||
"login_name": username,
|
||||
"visibility": "public",
|
||||
"source_id": 1, # 1 = SMTP
|
||||
}
|
||||
|
||||
if username not in existing_users:
|
||||
user["password"] = secrets.token_urlsafe(32)
|
||||
user["must_change_password"] = False
|
||||
user["visibility"] = "private"
|
||||
user["email"] = username + '@' + EMAIL_DOMAIN
|
||||
|
||||
r = requests.post(GITEA_API_URL + '/admin/users', json=user,
|
||||
headers={'Authorization': 'token ' + API_TOKEN})
|
||||
if r.status_code != 201:
|
||||
|
@ -47,19 +49,29 @@ def add_user(username, name):
|
|||
return
|
||||
|
||||
print('Created user ' + username)
|
||||
existing_users.append(username)
|
||||
existing_users[username] = user
|
||||
|
||||
else:
|
||||
r = requests.patch(GITEA_API_URL + f'/admin/users/{username}',
|
||||
json=user,
|
||||
headers={'Authorization': 'token ' + API_TOKEN})
|
||||
if r.status_code != 200:
|
||||
print('ERR: Failed to update user ' + username + ': ' + r.text)
|
||||
return
|
||||
|
||||
print('Updated user ' + username)
|
||||
|
||||
|
||||
def main():
|
||||
|
||||
# Fetch existing users
|
||||
r = requests.get(GITEA_API_URL + '/admin/users',
|
||||
headers={'Authorization': 'token ' + API_TOKEN})
|
||||
|
||||
if r.status_code != 200:
|
||||
raise Exception('Failed to get users: ' + r.text)
|
||||
|
||||
for user in r.json():
|
||||
existing_users.append(user['login'])
|
||||
existing_users[user['login']] = user
|
||||
|
||||
# Read the file, add each user
|
||||
with open("/tmp/passwd-import", 'r') as f:
|
||||
|
@ -73,7 +85,7 @@ def main():
|
|||
continue
|
||||
|
||||
username = line.split(':')[0]
|
||||
name = line.split(':')[4]
|
||||
name = line.split(':')[4].split(',')[0]
|
||||
|
||||
add_user(username, name)
|
||||
|
||||
|
|
Binary file not shown.
After Width: | Height: | Size: 1.1 MiB |
Loading…
Reference in New Issue