From 1b256c5e6d1ce38447c997f9f2474c9733929ccc Mon Sep 17 00:00:00 2001 From: Paul Date: Sat, 1 Mar 2025 09:41:27 +0100 Subject: [PATCH] add forgejo state --- states/forgejo/config.sls | 15 +++ states/forgejo/defaults.yaml | 107 ++++++++++++++++++++ states/forgejo/init.sls | 6 ++ states/forgejo/install.sls | 35 +++++++ states/forgejo/map.jinja | 17 ++++ states/forgejo/service.sls | 21 ++++ states/forgejo/templates/app.ini.j2 | 14 +++ states/forgejo/templates/forgejo.service.j2 | 18 ++++ 8 files changed, 233 insertions(+) create mode 100644 states/forgejo/config.sls create mode 100644 states/forgejo/defaults.yaml create mode 100644 states/forgejo/init.sls create mode 100644 states/forgejo/install.sls create mode 100644 states/forgejo/map.jinja create mode 100644 states/forgejo/service.sls create mode 100644 states/forgejo/templates/app.ini.j2 create mode 100644 states/forgejo/templates/forgejo.service.j2 diff --git a/states/forgejo/config.sls b/states/forgejo/config.sls new file mode 100644 index 0000000..7dbd752 --- /dev/null +++ b/states/forgejo/config.sls @@ -0,0 +1,15 @@ +# vim: ft=sls +--- +{% from "forgejo/map.jinja" import forgejo with context %} + +forgejo-config: + file.managed: + - name: {{ forgejo.configfile }} + - source: salt://forgejo/templates/app.ini.j2 + - template: jinja + - user: {{ forgejo.user }} + - group: {{ forgejo.group }} + - mode: 600 + - makedirs: true + - require: + - git diff --git a/states/forgejo/defaults.yaml b/states/forgejo/defaults.yaml new file mode 100644 index 0000000..dd624d1 --- /dev/null +++ b/states/forgejo/defaults.yaml @@ -0,0 +1,107 @@ +--- +forgejo: + release_url: https://dl.forgejo.io/forgejo + workingdir: /var/lib/forgejo + binfile: /var/lib/forgejo/forgejo + configfile: /var/lib/forgejo/custom/conf/app.ini + user: git + group: git + version: "10.0.0" + os: linux + arch: amd64 + config: + global: + app_name: Forgejo - Beyond coding. We forge. + run_user: git + run_mode: prod + work_path: /var/lib/forgejo + database: + db_type: postgres + host: 127.0.0.1:5432 + name: forgejo + user: forgejo + passwd: databaseSecretPassword + ssl_mode: enable + path: data/forgejo.db + repository: + root: /var/lib/forgejo/data/forgejo-repositories + default_branch: master + repo-archive: + path: /var/lib/forgejo/data/repo-archive + server: + domain: git.example.com + http_addr: "::" + http_port: 3000 + root_url: https://git.example.com/ + disable_ssh: "true" + start_ssh_server: "false" + ssh_port: 2222 + ssh_listen_port: 2222 + offline_mode: "false" + lfs_start_server: "false" + lfs_jwt_secret: createYourOwnJWTSecret + enable_gzip: "false" + landing_page: home + lfs: + path: data/lfs + cache: + enabled: "true" + adapter: redis + host: redis://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s + mailer: + enable: "true" + hostname: mail.example.com + hostandport: mail.example.com:587 + from_address: git@example.com + smtp_user: git@example.com + smtp_password: secretPassword1234 + skip_verify: "false" + service: + register_email_confirm: "true" + disable_registration: "true" + require_signin_view: "true" + enable_captcha: "true" + enable_notify_mail: "true" + picture: + disable_gravatar: "false" + attachment: + enabled: "true" + path: data/attachments + allowed_types: image/jpeg|image/png + max_size: 8 + max_files: 5 + cron: + enabled: "true" + run_at_start: "false" + cron.update_mirrors: + schedule: "0 12 3 * * *" + cron.archive_cleanup: + enabled: "false" + cron.delete_repo_archives: + enabled: "false" + cron.delete_old_actions: + enabled: "true" + run_at_start: "true" + schedule: "0 0 3 * * *" + older_than: "90d" + session: + provider: file + cookie_secure: "true" + cookie_name: i_like_forgejo + log: + root_path: /var/log/forgejo + #disable_router_log: true + mode: file + level: info + security: + install_lock: "false" + secret_key: twogirlsonecup + login_remember_days: 30 + cookie_username: forgejouser + cookie_remember_name: forgejousersession + internal_token: motherfuckingtoken + other: + show_footer_branding: "true" + show_footer_version: "true" + oauth2: + jwt_secret: createYourOwnJWTSecret diff --git a/states/forgejo/init.sls b/states/forgejo/init.sls new file mode 100644 index 0000000..857b905 --- /dev/null +++ b/states/forgejo/init.sls @@ -0,0 +1,6 @@ +# vim: ft=sls +--- +include: + - .install + - .config + - .service \ No newline at end of file diff --git a/states/forgejo/install.sls b/states/forgejo/install.sls new file mode 100644 index 0000000..6cce38a --- /dev/null +++ b/states/forgejo/install.sls @@ -0,0 +1,35 @@ +# vim: ft=sls +--- +{% from "forgejo/map.jinja" import forgejo with context %} + +git: + group.present: + - system: true + user.present: + - system: true + - home: {{ forgejo.workingdir }} + - shell: /usr/sbin/nologin + - groups: + - {{ forgejo.group }} + - require: + - group: {{ forgejo.group }} + pkg.installed: [] + +forgejo-bin: + file.managed: + - name: {{ forgejo.workingdir }}/forgejo + - source: "{{ forgejo.release_url }}/{{ forgejo.version }}/forgejo-{{ forgejo.version }}-{{ forgejo.os }}-{{ forgejo.arch }}" + - source_hash: "{{ forgejo.release_url }}/{{ forgejo.version }}/forgejo-{{ forgejo.version }}-{{ forgejo.os }}-{{ forgejo.arch }}.sha256" + - user: {{ forgejo.user }} + - group: {{ forgejo.group }} + - mode: 750 + - require: + - git + +forgejo-log-dir: + file.directory: + - name: {{ forgejo.config.log.root_path }} + - user: {{ forgejo.user }} + - group: {{ forgejo.group }} + - require: + - file: forgejo-bin diff --git a/states/forgejo/map.jinja b/states/forgejo/map.jinja new file mode 100644 index 0000000..2fe6f63 --- /dev/null +++ b/states/forgejo/map.jinja @@ -0,0 +1,17 @@ +{%- import_yaml "forgejo/defaults.yaml" as defaults -%} + +{%- set os_family_map = salt['grains.filter_by']({ + 'Debian': {}, + 'Suse': {}, + 'Arch': {}, + 'RedHat': {}, + }, grain="os_family", merge=salt['pillar.get']('forgejo:lookup')) +-%} +{%- do defaults.forgejo.update(os_family_map) -%} + +{%- set forgejo = salt['pillar.get']( + 'forgejo', + default=defaults.forgejo, + merge=True + ) +-%} diff --git a/states/forgejo/service.sls b/states/forgejo/service.sls new file mode 100644 index 0000000..5de9610 --- /dev/null +++ b/states/forgejo/service.sls @@ -0,0 +1,21 @@ +# vim: ft=sls +--- +{%- from "forgejo/map.jinja" import forgejo with context %} + +forgejo-service: + file.managed: + - name: /etc/systemd/system/forgejo.service + - source: salt://forgejo/templates/forgejo.service.j2 + - user: root + - group: root + - mode: 644 + - template: jinja + - makedirs: true + +forgejo: + service.running: + - enable: true + - full_restart: true + - watch: + - file: forgejo-bin + - file: forgejo-config diff --git a/states/forgejo/templates/app.ini.j2 b/states/forgejo/templates/app.ini.j2 new file mode 100644 index 0000000..b410193 --- /dev/null +++ b/states/forgejo/templates/app.ini.j2 @@ -0,0 +1,14 @@ +{% from "forgejo/map.jinja" import forgejo with context %} + +{%- for k,v in forgejo.config.items() -%} +{%- if k == "global" %} +{%- for subkey,subval in v.items() -%} +{{ subkey|upper() }} = {{ subval }} +{% endfor -%} +{% else -%} +[{{ k }}] +{% for subkey,subval in v.items() -%} +{{ subkey|upper() }} = {{ subval }} +{% endfor -%} +{% endif %} +{%- endfor %} diff --git a/states/forgejo/templates/forgejo.service.j2 b/states/forgejo/templates/forgejo.service.j2 new file mode 100644 index 0000000..efcbdd1 --- /dev/null +++ b/states/forgejo/templates/forgejo.service.j2 @@ -0,0 +1,18 @@ +{%- from "forgejo/map.jinja" import forgejo with context %} +[Unit] +Description=Forgejo ({{ forgejo.config.global.app_name }}) +After=syslog.target +After=network.target +After=postgresql.service + +[Service] +Type=simple +User={{ forgejo.user }} +Group={{ forgejo.user }} +WorkingDirectory={{ forgejo.workingdir }} +ExecStart={{ forgejo.binfile }} -w {{ forgejo.workingdir }} web +Restart=always +Environment=USER={{ forgejo.user }} HOME={{ forgejo.workingdir }} + +[Install] +WantedBy=multi-user.target