forked from cohabit/server_config
feat: add forgejo install and deploy scripts
This commit is contained in:
parent
acc7f51fc6
commit
abcf6da714
14
forgejo/_deploy.sh
Normal file
14
forgejo/_deploy.sh
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
# Setup forgejo config
|
||||
cp ./forgejo/* /etc/forgejo
|
||||
chown -R root:forgejo /etc/forgejo && chmod -R 540 /etc/forgejo
|
||||
|
||||
# Setup forgejo service
|
||||
cp ./systemd/forgejo.service /etc/systemd/system
|
||||
|
||||
# Start forgejo
|
||||
systemctl deamon-reload
|
||||
systemctl enable forgejo
|
||||
systemctl start forgejo
|
||||
|
||||
# Setup forgejo runner
|
||||
# ???
|
||||
43
forgejo/_install.sh
Normal file
43
forgejo/_install.sh
Normal file
|
|
@ -0,0 +1,43 @@
|
|||
# Get latest forgejo tag
|
||||
LATEST=curl -fsS https://codeberg.org/forgejo/forgejo/releases/latest | grep -o "[0-9].[0-9].[0-9]"
|
||||
|
||||
# Download forgejo
|
||||
wget "https://codeberg.org/forgejo/forgejo/releases/download/$LATEST/forgejo-$LATEST-linux-amd64"
|
||||
chmod +x "forgejo-$LATEST-linux-amd64"
|
||||
|
||||
# Check GPG Keys
|
||||
gpg --keyserver keys.openpgp.org --recv EB114F5E6C0DC2BCDD183550A4B61A2DC5923710
|
||||
wget "https://codeberg.org/forgejo/forgejo/releases/download/v$LATEST/forgejo-$LATEST-linux-amd64.asc"
|
||||
gpg --verify "forgejo-$LATEST-linux-amd64.asc" "forgejo-$LATEST-linux-amd64"
|
||||
|
||||
# Create group and user
|
||||
groupadd --system forgejo
|
||||
|
||||
useradd --system \
|
||||
--gid forgejo
|
||||
--create-home \
|
||||
--home-dir /var/lib/forgejo \
|
||||
--shell /usr/sbin/nologin \
|
||||
--comment "Forgejo Git forge" \
|
||||
forgejo
|
||||
|
||||
# Setup forgejo directories
|
||||
mv "forgejo-$LATEST-linux-amd64" /usr/local/bin/forgejo
|
||||
|
||||
## Working directory
|
||||
mkdir /var/lib/forgejo
|
||||
chown forgejo:forgejo /var/lib/forgejo && chmod 750 /var/lib/forgejo
|
||||
|
||||
## Config directory
|
||||
mkdir /etc/forgejo
|
||||
chown root:forgejo /etc/forgejo && chmod 540 /etc/forgejo
|
||||
|
||||
# Check requirements
|
||||
nala install -y git git-lfs
|
||||
|
||||
# Install database
|
||||
# ??? source or inline config, make table ... ?
|
||||
# source ../postgresql/_install.sh
|
||||
|
||||
# Install runner
|
||||
# ???
|
||||
68
forgejo/systemd/forgejo.service
Normal file
68
forgejo/systemd/forgejo.service
Normal file
|
|
@ -0,0 +1,68 @@
|
|||
# Original from https://codeberg.org/forgejo/forgejo/src/branch/forgejo/contrib/systemd/forgejo.service
|
||||
[Unit]
|
||||
Description=Forgejo (Beyond coding. We forge.)
|
||||
After=syslog.target
|
||||
After=network.target
|
||||
Wants=postgresql.service
|
||||
After=postgresql.service
|
||||
# If using socket activation for main http/s
|
||||
###
|
||||
#
|
||||
#After=forgejo.main.socket
|
||||
#Requires=forgejo.main.socket
|
||||
#
|
||||
###
|
||||
# (You can also provide forgejo an http fallback and/or ssh socket too)
|
||||
#
|
||||
# An example of /etc/systemd/system/forgejo.main.socket
|
||||
###
|
||||
##
|
||||
## [Unit]
|
||||
## Description=Forgejo Web Socket
|
||||
## PartOf=forgejo.service
|
||||
##
|
||||
## [Socket]
|
||||
## Service=forgejo.service
|
||||
## ListenStream=<some_port>
|
||||
## NoDelay=true
|
||||
##
|
||||
## [Install]
|
||||
## WantedBy=sockets.target
|
||||
##
|
||||
###
|
||||
|
||||
[Service]
|
||||
# Uncomment the next line if you have repos with lots of files and get a HTTP 500 error because of that
|
||||
# LimitNOFILE=524288:524288
|
||||
RestartSec=2s
|
||||
Type=simple
|
||||
User=forgejo
|
||||
Group=forgejo
|
||||
WorkingDirectory=/var/lib/forgejo/
|
||||
# If using Unix socket: tells systemd to create the /run/forgejo folder, which will contain the forgejo.sock file
|
||||
# (manually creating /run/forgejo doesn't work, because it would not persist across reboots)
|
||||
#RuntimeDirectory=forgejo
|
||||
ExecStart=/usr/local/bin/forgejo web --config /etc/forgejo/app.ini
|
||||
Restart=always
|
||||
Environment=USER=forgejo HOME=/var/lib/forgejo GITEA_WORK_DIR=/var/lib/forgejo
|
||||
# If you install Git to directory prefix other than default PATH (which happens
|
||||
# for example if you install other versions of Git side-to-side with
|
||||
# distribution version), uncomment below line and add that prefix to PATH
|
||||
# Don't forget to place git-lfs binary on the PATH below if you want to enable
|
||||
# Git LFS support
|
||||
#Environment=PATH=/path/to/git/bin:/bin:/sbin:/usr/bin:/usr/sbin
|
||||
# If you want to bind Forgejo to a port below 1024, uncomment
|
||||
# the two values below, or use socket activation to pass Forgejo its ports as above
|
||||
###
|
||||
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||||
#AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||
###
|
||||
# In some cases, when using CapabilityBoundingSet and AmbientCapabilities option, you may want to
|
||||
# set the following value to false to allow capabilities to be applied on Forgejo process. The following
|
||||
# value if set to true sandboxes Forgejo service and prevent any processes from running with privileges
|
||||
# in the host user namespace.
|
||||
###
|
||||
#PrivateUsers=false
|
||||
###
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
Loading…
Reference in a new issue