www-apps/gitea: Add new package, version 1.20.2

The ebuild was based on the tree version earlier in 1.19.x series. I dropped filecaps support, so it's necessary to configure direct network access yourself (e.g. using systemd socket magic[1]) or use a TLS termination proxy like nginx, caddy or traefik in front. Besides, the gitea builds and runs fine now w/ PIE (or it is disabled on a global scale somewhere). However, it's not necessary anymore to strip out the flags in the ebuild[2]. [1] ListenStream in systemd socket configuration files and for a explanation e.g. https://liquidat.wordpress.com/2018/01/04/howto-run-programs-as-non-root-user-on-privileged-ports-via-systemd/ [2] https://bugs.gentoo.org/832756 Signed-off-by: Nils Freydank <nils.freydank@posteo.de>
2023-08-06 22:11:42 +02:00 · 2023-08-06 22:11:42 +02:00 · 01e107374f
commit 01e107374f
parent ac38ffb4bc
6 changed files with 201 additions and 0 deletions
--- a/www-apps/gitea/Manifest
+++ b/www-apps/gitea/Manifest
@ -0,0 +1 @@
+DIST gitea-1.20.2.tar.gz 49235256 BLAKE2B 718712bdc7581b3134d58eb01190f978d3a9c8bca6f0d73525e7af0afe0ae8f6c872927f1e122c9c751c67ad4628dc4150931f926075e51a954845dcf2eb7088 SHA512 bf45b1ce598bdcfd5dd71816fe35d44414a5ac5461be2e6b1d974a8542e4e0ed41b7ec66f815cfa910338d26739193599cb1dc46d16506ad328164d07795f1aa
--- a/www-apps/gitea/files/gitea.confd-r1
+++ b/www-apps/gitea/files/gitea.confd-r1
@ -0,0 +1,14 @@
+# Gitea configuration
+GITEA_CONF="/etc/gitea/app.ini"
+
+# Gitea user
+GITEA_USER="git"
+
+# Gitea group
+GITEA_GROUP="git"
+
+# Gitea working directory
+GITEA_WORK_DIR="/var/lib/gitea"
+
+# Gitea custom directory
+GITEA_CUSTOM="${GITEA_WORK_DIR}/custom"
--- a/www-apps/gitea/files/gitea.initd-r3
+++ b/www-apps/gitea/files/gitea.initd-r3
@ -0,0 +1,22 @@
+#!/sbin/openrc-run
+# Copyright 2016-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+description="Gitea, a self-hosted Git service"
+
+: ${GITEA_CONF:=/etc/gitea/app.ini}
+: ${GITEA_USER:=git}
+: ${GITEA_GROUP:=git}
+: ${GITEA_WORK_DIR:=/var/lib/gitea}
+: ${GITEA_CUSTOM:=${GITEA_WORK_DIR}/custom}
+
+command="/usr/bin/gitea web"
+command_args="--config ${GITEA_CONF}"
+command_background="true"
+command_user="${GITEA_USER}:${GITEA_GROUP}"
+error_log="/var/log/${RC_SVCNAME}/${RC_SVCNAME}.err"
+pidfile="/run/${RC_SVCNAME}.pid"
+required_files="${GITEA_CONF}"
+start_stop_daemon_args="-d ${GITEA_WORK_DIR}"
+start_stop_daemon_args="${start_stop_daemon_args} -e GITEA_WORK_DIR=${GITEA_WORK_DIR}"
+start_stop_daemon_args="${start_stop_daemon_args} -e GITEA_CUSTOM=${GITEA_CUSTOM}"
--- a/www-apps/gitea/files/gitea.service-r3
+++ b/www-apps/gitea/files/gitea.service-r3
@ -0,0 +1,34 @@
+[Unit]
+Description=Gitea service
+Documentation=https://docs.gitea.io/
+
+AssertPathIsDirectory=/var/lib/gitea
+AssertPathIsReadWrite=/var/lib/gitea
+
+After=network.target
+Requires=network.target
+After=mysqld.service
+After=postgresql-9.5.service
+After=postgresql-9.6.service
+After=postgresql-10.service
+After=postgresql-11.service
+After=postgresql-12.service
+After=postgresql-13.service
+After=postgresql-14.service
+After=memcached.service
+After=redis.service
+
+[Service]
+User=git
+Group=git
+
+Environment="GITEA_WORK_DIR=/var/lib/gitea" "GITEA_CUSTOM=/var/lib/gitea/custom"
+WorkingDirectory=/var/lib/gitea
+ExecStart=/usr/bin/gitea web --config /etc/gitea/app.ini
+
+Restart=always
+PrivateTmp=true
+Nice=5
+
+[Install]
+WantedBy=multi-user.target
--- a/www-apps/gitea/gitea-1.20.2.ebuild
+++ b/www-apps/gitea/gitea-1.20.2.ebuild
@ -0,0 +1,119 @@
+# Copyright 2016-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="8"
+
+inherit go-module tmpfiles systemd
+
+MY_PV="${PV/_rc/-rc}"
+DESCRIPTION="A painless self-hosted Git service"
+HOMEPAGE="https://gitea.io https://github.com/go-gitea/gitea"
+
+if [[ ${MY_PV} == *9999 ]]
+then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/go-gitea/gitea.git"
+else
+	SRC_URI="https://github.com/go-gitea/gitea/releases/download/v${MY_PV}/gitea-src-${MY_PV}.tar.gz -> ${P}.tar.gz"
+	KEYWORDS="~amd64 ~arm ~arm64 ~riscv ~x86"
+fi
+
+LICENSE="Apache-2.0 BSD BSD-2 ISC MIT MPL-2.0"
+SLOT="0"
+IUSE="+acct pam sqlite +pie"
+RESTRICT="test"
+
+DEPEND="
+	acct? (
+		acct-group/git
+		acct-user/git[gitea] )
+	pam? ( sys-libs/pam )
+"
+RDEPEND="
+	${DEPEND}
+	dev-vcs/git
+"
+
+DOCS=(
+	custom/conf/app.example.ini CONTRIBUTING.md README.md
+)
+
+S="${WORKDIR}/${PN}-src-${MY_PV}"
+
+src_prepare() {
+	default
+
+	local sedcmds=(
+		-e "s#^ROOT =#ROOT = ${EPREFIX}/var/lib/gitea/gitea-repositories#"
+		-e "s#^ROOT_PATH =#ROOT_PATH = ${EPREFIX}/var/log/gitea#"
+		-e "s#^APP_DATA_PATH = data#APP_DATA_PATH = ${EPREFIX}/var/lib/gitea/data#"
+		-e "s#^HTTP_ADDR = 0.0.0.0#HTTP_ADDR = 127.0.0.1#"
+		-e "s#^MODE = console#MODE = file#"
+		-e "s#^LEVEL = Trace#LEVEL = Info#"
+		-e "s#^LOG_SQL = true#LOG_SQL = false#"
+		-e "s#^DISABLE_ROUTER_LOG = false#DISABLE_ROUTER_LOG = true#"
+	)
+
+	sed -i "${sedcmds[@]}" custom/conf/app.example.ini || die
+	if use sqlite ; then
+		sed -i -e "s#^DB_TYPE = .*#DB_TYPE = sqlite3#" custom/conf/app.example.ini || die
+	fi
+}
+
+src_compile() {
+	local gitea_tags=(
+		bindata
+		$(usev pam)
+		$(usex sqlite 'sqlite sqlite_unlock_notify' '')
+	)
+	local gitea_settings=(
+		"-X code.gitea.io/gitea/modules/setting.CustomConf=${EPREFIX}/etc/gitea/app.ini"
+		"-X code.gitea.io/gitea/modules/setting.CustomPath=${EPREFIX}/var/lib/gitea/custom"
+		"-X code.gitea.io/gitea/modules/setting.AppWorkPath=${EPREFIX}/var/lib/gitea"
+	)
+	local makeenv=(
+		DRONE_TAG="${PV}"
+		LDFLAGS="-extldflags \"${LDFLAGS}\" ${gitea_settings[*]} -s -w"
+		TAGS="${gitea_tags[*]}"
+	)
+
+	GOFLAGS=""
+	if use pie ; then
+		GOFLAGS+="-buildmode=pie"
+	fi
+
+	env "${makeenv[@]}" emake EXTRA_GOFLAGS="${GOFLAGS}" backend
+}
+
+src_install() {
+	dobin gitea
+
+	einstalldocs
+
+	newconfd "${FILESDIR}/gitea.confd-r1" gitea
+	newinitd "${FILESDIR}/gitea.initd-r3" gitea
+	newtmpfiles - gitea.conf <<-EOF
+		d /run/gitea 0755 git git
+	EOF
+	systemd_newunit "${FILESDIR}"/gitea.service-r3 gitea.service
+
+	insinto /etc/gitea
+	newins custom/conf/app.example.ini app.ini
+	if use acct; then
+		fowners root:git /etc/gitea/{,app.ini}
+		fperms g+w,o-rwx /etc/gitea/{,app.ini}
+
+		diropts -m0750 -o git -g git
+		keepdir /var/lib/gitea /var/lib/gitea/custom /var/lib/gitea/data
+		keepdir /var/log/gitea
+	fi
+}
+
+pkg_postinst() {
+	tmpfiles_process gitea.conf
+
+	ewarn "The default JWT signing algorithm changed in 1.15.0 from HS256 (symmetric) to"
+	ewarn "RS256 (asymmetric). Gitea OAuth2 tokens (and potentially client secrets) will"
+	ewarn "need to be regenerated unless you change your JWT_SIGNING_ALGORITHM back to HS256."
+	ewarn "For other breaking changes, see <https://github.com/go-gitea/gitea/releases/tag/v1.15.0>."
+}
--- a/www-apps/gitea/metadata.xml
+++ b/www-apps/gitea/metadata.xml
@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<!-- maintainer-needed -->
+	<upstream>
+		<remote-id type="github">go-gitea/gitea</remote-id>
+	</upstream>
+	<use>
+		<flag name="acct">User and group management via acct-*/git packages</flag>
+	</use>
+</pkgmetadata>
				`@ -0,0 +1 @@`
				`DIST gitea-1.20.2.tar.gz 49235256 BLAKE2B 718712bdc7581b3134d58eb01190f978d3a9c8bca6f0d73525e7af0afe0ae8f6c872927f1e122c9c751c67ad4628dc4150931f926075e51a954845dcf2eb7088 SHA512 bf45b1ce598bdcfd5dd71816fe35d44414a5ac5461be2e6b1d974a8542e4e0ed41b7ec66f815cfa910338d26739193599cb1dc46d16506ad328164d07795f1aa`