From b54be3ef64b8b5b17049537bca1496014fcc8534 Mon Sep 17 00:00:00 2001
From: Stanislaw Adaszewski <s.adaszewski@gmail.com>
Date: Sat, 2 May 2020 11:20:06 +0200
Subject: [PATCH] More modular setup for Gitea.

---
 example/gitea-custom/Fockerfile               | 23 +++++++++++++++++
 .../gitea-custom/files/body_inner_pre.tmpl    | 10 ++++++++
 example/gitea-custom/files/secrets.ini        |  7 ++++++
 example/gitea-logo/Fockerfile                 | 16 ++++++++++++
 example/gitea-logo/files/resize.py            | 15 +++++++++++
 example/gitea/focker-compose.yml              | 25 +++----------------
 6 files changed, 75 insertions(+), 21 deletions(-)
 create mode 100644 example/gitea-custom/Fockerfile
 create mode 100644 example/gitea-custom/files/body_inner_pre.tmpl
 create mode 100644 example/gitea-custom/files/secrets.ini
 create mode 100644 example/gitea-logo/Fockerfile
 create mode 100644 example/gitea-logo/files/resize.py

diff --git a/example/gitea-custom/Fockerfile b/example/gitea-custom/Fockerfile
new file mode 100644
index 0000000..2485760
--- /dev/null
+++ b/example/gitea-custom/Fockerfile
@@ -0,0 +1,23 @@
+base: gitea-logo
+
+steps:
+  - copy:
+      - [ files/body_inner_pre.tmpl,
+          /usr/local/share/gitea/templates/custom/body_inner_pre.tmpl ]
+      - [ files/secrets.ini,
+          /tmp/secrets.ini ]
+  - run: |
+      export GITEA_CONF=/usr/local/etc/gitea/conf/app.ini && \
+      export SECRET_CONF=/tmp/secrets.ini && \
+      crudini --set --inplace $GITEA_CONF server DISABLE_SSH true && \
+      crudini --set --inplace $GITEA_CONF service DEFAULT_ALLOW_CREATE_ORGANIZATION false && \
+      crudini --set --inplace $GITEA_CONF service DEFAULT_KEEP_EMAIL_PRIVATE true && \
+      crudini --set --inplace $GITEA_CONF repository MAX_CREATION_LIMIT 0 && \
+      crudini --set --inplace $GITEA_CONF server LANDING_PAGE explore && \
+      crudini --set --inplace $GITEA_CONF service DISABLE_REGISTRATION true && \
+      crudini --set --inplace $GITEA_CONF repository DEFAULT_REPO_UNITS repo.code && \
+      crudini --set --inplace $GITEA_CONF oauth2 JWT_SECRET `crudini --get $SECRET_CONF oauth2 JWT_SECRET` && \
+      crudini --set --inplace $GITEA_CONF security INTERNAL_TOKEN `crudini --get $SECRET_CONF security INTERNAL_TOKEN` && \
+      crudini --set --inplace $GITEA_CONF security SECRET_KEY `crudini --get $SECRET_CONF security SECRET_KEY` && \
+      rm -v $SECRET_CONF && \
+      sed -i -e '/<link rel="mask-icon"/ d' /usr/local/share/gitea/templates/base/head.tmpl
diff --git a/example/gitea-custom/files/body_inner_pre.tmpl b/example/gitea-custom/files/body_inner_pre.tmpl
new file mode 100644
index 0000000..75469ad
--- /dev/null
+++ b/example/gitea-custom/files/body_inner_pre.tmpl
@@ -0,0 +1,10 @@
+{{if not .IsSigned}}
+  <div class="ui positive message" style="margin: 1em;">
+    Please write an email to s dot adaszewski at gmail dot com
+    if you would like to get an account. User accounts are only
+    allowed to report issues and/or make forks in order to
+    generate pull requests. This is a purpose-specific Git hosting
+    for <a href="https://adared.ch" target="_blank">ADARED</a>
+    projects.
+  </div>
+{{end}}
diff --git a/example/gitea-custom/files/secrets.ini b/example/gitea-custom/files/secrets.ini
new file mode 100644
index 0000000..0001d9b
--- /dev/null
+++ b/example/gitea-custom/files/secrets.ini
@@ -0,0 +1,7 @@
+[oauth2]
+JWT_SECRET = jyPeKbTyjilNDxQasRmMj0aoy1dt8GjNXQ5YvF31bBg
+
+
+[security]
+INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1ODgzNTYwNzR9.BxjHW8MGqP6TJWNpYwhj-H0vjhD183CWBbUkQJsIOsI
+SECRET_KEY = HOuK9pbQE8p7KE8aRMXygJ2LUp4OBfI1eg1rhyfgmVcAjaIP9xjpjiN4z73zttB3
diff --git a/example/gitea-logo/Fockerfile b/example/gitea-logo/Fockerfile
new file mode 100644
index 0000000..c2bbc83
--- /dev/null
+++ b/example/gitea-logo/Fockerfile
@@ -0,0 +1,16 @@
+base: gitea-latest
+
+steps:
+  - copy:
+      - [ files/resize.py,
+          /tmp/resize.py ]
+  - run: |
+      ASSUME_ALWAYS_YES=yes pkg install py37-pillow && \
+      export LOGO_URL=https://adared.ch/wp-content/uploads/2017/04/adared_logo_20170403-2.png && \
+      fetch $LOGO_URL -o logo.png && \
+      python3.7 /tmp/resize.py logo.png && \
+      mv -v gitea-*.png /usr/local/share/gitea/public/img/ && \
+      rm -v logo.png && \
+      rm -v /tmp/resize.py && \
+      ASSUME_ALWAYS_YES=yes pkg remove py37-pillow && \
+      ASSUME_ALWAYS_YES=yes pkg autoremove
diff --git a/example/gitea-logo/files/resize.py b/example/gitea-logo/files/resize.py
new file mode 100644
index 0000000..885a410
--- /dev/null
+++ b/example/gitea-logo/files/resize.py
@@ -0,0 +1,15 @@
+from argparse import ArgumentParser
+from PIL import Image
+
+parser = ArgumentParser()
+parser.add_argument('filename', type=str)
+args = parser.parse_args()
+
+im = Image.open(args.filename)
+
+for name, height in { 'sm': 120,
+    'lg': 880, '192': 192, '512': 512}.items():
+    print(name, height)
+    width = im.width * height // im.height
+    im_1 = im.resize((width, height), Image.BILINEAR)
+    im_1.save('gitea-' + name + '.png')
diff --git a/example/gitea/focker-compose.yml b/example/gitea/focker-compose.yml
index cd258fb..0722952 100644
--- a/example/gitea/focker-compose.yml
+++ b/example/gitea/focker-compose.yml
@@ -1,5 +1,7 @@
 images:
-  gitea-latest: .
+  gitea: .
+  gitea-logo: ../gitea-logo
+  gitea-custom: ../gitea-custom
   certbot-latest: ../certbot
 
 volumes:
@@ -13,7 +15,7 @@ jails:
       domains:
         - xyz.com
         - www.xyz.com
-    image: gitea-latest
+    image: gitea-custom
     mounts:
       gitea-data: /var/db/gitea
     ip4.addr: 127.0.8.1
@@ -25,29 +27,10 @@ jails:
       sed -i -e "s/127.0.0.1/${IP4_ADDR}/g" $GITEA_CONF && \
       sed -i -e "s/localhost/${DOMAIN_NAME}/g" $GITEA_CONF && \
       crudini --set --inplace $GITEA_CONF server ROOT_URL https://${DOMAIN_NAME} && \
-      crudini --set --inplace $GITEA_CONF server DISABLE_SSH true && \
-      crudini --set --inplace $GITEA_CONF service DEFAULT_ALLOW_CREATE_ORGANIZATION false && \
-      crudini --set --inplace $GITEA_CONF service DEFAULT_KEEP_EMAIL_PRIVATE true && \
-      crudini --set --inplace $GITEA_CONF repository MAX_CREATION_LIMIT 0 && \
-      crudini --set --inplace $GITEA_CONF server LANDING_PAGE explore && \
-      crudini --set --inplace $GITEA_CONF service DISABLE_REGISTRATION false && \
-      crudini --set --inplace $GITEA_CONF repository DEFAULT_REPO_UNITS repo.code && \
-      export SECRET_CONF=/var/db/gitea/focker-secrets.ini && \
-      if [ ! -f $SECRET_CONF ]; then
-        touch $SECRET_CONF && \
-        chown root:git $SECRET_CONF && \
-        chmod 640 $SECRET_CONF && \
-        crudini --set --inplace $SECRET_CONF oauth2 JWT_SECRET `gitea generate secret JWT_SECRET` && \
-        crudini --set --inplace $SECRET_CONF security INTERNAL_TOKEN `gitea generate secret INTERNAL_TOKEN` && \
-        crudini --set --inplace $SECRET_CONF security SECRET_KEY `gitea generate secret SECRET_KEY`; \
-      fi && \
       if [ ! -f /var/db/gitea/gitea.db ]; then \
         su git -c 'gitea migrate -c $GITEA_CONF' && \
         su git -c 'gitea admin -c $GITEA_CONF create-user --username admin1 --password "AdminAdmin1+" --email "invaliduser@nonexistentdomain.com" --admin'; \
       fi && \
-      crudini --set --inplace $GITEA_CONF oauth2 JWT_SECRET `crudini --get $SECRET_CONF oauth2 JWT_SECRET` && \
-      crudini --set --inplace $GITEA_CONF security INTERNAL_TOKEN `crudini --get $SECRET_CONF security INTERNAL_TOKEN` && \
-      crudini --set --inplace $GITEA_CONF security SECRET_KEY `crudini --get $SECRET_CONF security SECRET_KEY` && \
       /bin/sh /etc/rc
 
   certbot-gitea: