|
|
|
|
#!/bin/bash
|
|
|
|
|
die() { echo >&2 "gitea: ERROR $*" ; exit 1 ; }
|
|
|
|
|
info() { echo >&2 "gitea: $*" ; }
|
|
|
|
|
|
|
|
|
|
DIRNAME="$(dirname $0)"
|
|
|
|
|
cd "$DIRNAME"
|
|
|
|
|
|
|
|
|
|
source ../env.production || die "no top level environment"
|
|
|
|
|
source ./env.production || die "no local environment"
|
|
|
|
|
|
|
|
|
|
DATA="../data/gitea"
|
|
|
|
|
SECRETS="$DATA/env.secrets"
|
|
|
|
|
INI="$DATA/gitea/conf/app.ini"
|
|
|
|
|
|
|
|
|
|
if [ -r "$SECRETS" ]; then
|
|
|
|
|
docker-compose up -d || die "unable to start"
|
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
GITEA_CLIENT_SECRET="$(openssl rand -hex 32)"
|
|
|
|
|
|
|
|
|
|
info "creating new secrets $SECRETS"
|
|
|
|
|
|
|
|
|
|
mkdir -p "$DATA"
|
|
|
|
|
cat <<EOF > "$SECRETS"
|
|
|
|
|
# DO NOT CHECK IN
|
|
|
|
|
GITEA_CLIENT_SECRET=$GITEA_CLIENT_SECRET
|
|
|
|
|
GITEA__server__ROOT_URL=https://$GITEA_HOSTNAME/
|
|
|
|
|
EOF
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
docker-compose down 2>/dev/null
|
|
|
|
|
|
|
|
|
|
../keycloak/client-delete gitea 2>/dev/null
|
|
|
|
|
../keycloak/client-create <<EOF || die "unable to create gitea client"
|
|
|
|
|
{
|
|
|
|
|
"clientId": "gitea",
|
|
|
|
|
"rootUrl": "https://$GITEA_HOSTNAME",
|
|
|
|
|
"adminUrl": "https://$GITEA_HOSTNAME",
|
|
|
|
|
"redirectUris": [ "https://$GITEA_HOSTNAME/*" ],
|
|
|
|
|
"webOrigins": [ "https://$GITEA_HOSTNAME" ],
|
|
|
|
|
"clientAuthenticatorType": "client-secret",
|
|
|
|
|
"secret": "$GITEA_CLIENT_SECRET"
|
|
|
|
|
}
|
|
|
|
|
EOF
|
|
|
|
|
|
|
|
|
|
docker-compose up -d || die "unable to start container"
|
