Nils Freydank
01e107374f
The ebuild was based on the tree version earlier in 1.19.x series.
I dropped filecaps support, so it's necessary to configure direct
network access yourself (e.g. using systemd socket magic[1]) or use a
TLS termination proxy like nginx, caddy or traefik in front.
Besides, the gitea builds and runs fine now w/ PIE (or it is disabled
on a global scale somewhere). However, it's not necessary anymore to
strip out the flags in the ebuild[2].
[1] ListenStream in systemd socket configuration files
and for a explanation e.g.
https://liquidat.wordpress.com/2018/01/04/howto-run-programs-as-non-root-user-on-privileged-ports-via-systemd/
[2] https://bugs.gentoo.org/832756
Signed-off-by: Nils Freydank <nils.freydank@posteo.de>
23 lines
802 B
Plaintext
23 lines
802 B
Plaintext
#!/sbin/openrc-run
|
|
# Copyright 2016-2019 Gentoo Authors
|
|
# Distributed under the terms of the GNU General Public License v2
|
|
|
|
description="Gitea, a self-hosted Git service"
|
|
|
|
: ${GITEA_CONF:=/etc/gitea/app.ini}
|
|
: ${GITEA_USER:=git}
|
|
: ${GITEA_GROUP:=git}
|
|
: ${GITEA_WORK_DIR:=/var/lib/gitea}
|
|
: ${GITEA_CUSTOM:=${GITEA_WORK_DIR}/custom}
|
|
|
|
command="/usr/bin/gitea web"
|
|
command_args="--config ${GITEA_CONF}"
|
|
command_background="true"
|
|
command_user="${GITEA_USER}:${GITEA_GROUP}"
|
|
error_log="/var/log/${RC_SVCNAME}/${RC_SVCNAME}.err"
|
|
pidfile="/run/${RC_SVCNAME}.pid"
|
|
required_files="${GITEA_CONF}"
|
|
start_stop_daemon_args="-d ${GITEA_WORK_DIR}"
|
|
start_stop_daemon_args="${start_stop_daemon_args} -e GITEA_WORK_DIR=${GITEA_WORK_DIR}"
|
|
start_stop_daemon_args="${start_stop_daemon_args} -e GITEA_CUSTOM=${GITEA_CUSTOM}"
|