Release 1.20.2-0

.gitignore

@@ -0,0 +1,3 @@
+*~
+.*.swp
+/dist

.woodpecker.yml

@@ -0,0 +1,55 @@
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    tags: true
+
+pipeline:
+  build:
+    image: brenard/debian-python-deb
+    when:
+      event: tag
+    commands:
+      - echo "$GPG_KEY"|base64 -d|gpg --import
+      - ./build.sh --quiet
+    secrets: [ maintainer_name, maintainer_email, gpg_key, debian_codename ]
+
+  publish-dryrun:
+    group: publish
+    image: alpine
+    when:
+      event: tag
+    commands:
+      - ls dist/*
+
+  publish-gitea:
+    group: publish
+    image: plugins/gitea-release
+    when:
+      event: tag
+    settings:
+      api_key:
+        from_secret: gitea_token
+      base_url: https://gitea.zionetrix.net
+      note: dist/release_notes.md
+      files:
+        - dist/*.deb
+      checksum:
+        - md5
+        - sha512
+
+  publish-apt:
+    group: publish
+    image: brenard/aptly-publish
+    when:
+      event: tag
+    settings:
+      api_url:
+        from_secret: apt_api_url
+      api_username:
+        from_secret: apt_api_username
+      api_password:
+        from_secret: apt_api_password
+      repo_name:
+        from_secret: apt_repo_name
+      path: dist
+      source_name: forgejo

build.sh

@@ -0,0 +1,83 @@
+#!/bin/bash
+
+QUIET_ARG=""
+[ "$1" == "--quiet" ] && QUIET_ARG="--quiet"
+
+# Enter source directory
+cd $( dirname $0 )
+
+echo "Clean previous build..."
+rm -fr dist
+
+echo "Detect version using git describe..."
+VERSION="$( git describe --tags|sed 's/^[^0-9]*//' )"
+
+echo "Create building environment..."
+BDIR=dist/forgejo-$VERSION
+mkdir -p $BDIR
+[ -z "$QUIET_ARG" ] && RSYNC_ARG="-v" || RSYNC_ARG=""
+rsync -a $RSYNC_ARG debian/ $BDIR/debian/
+
+echo "Download forgejo binary..."
+[ -n "$QUIET_ARG" ] && CURL_ARG="--silent" || CURL_ARG=""
+curl $CURL_ARG --location -o $BDIR/forgejo \
+	https://codeberg.org/forgejo/forgejo/releases/download/v$VERSION/forgejo-$VERSION-linux-amd64
+
+echo "Download forgejo configuration example file..."
+curl $CURL_ARG --location -o $BDIR/app.ini \
+	https://codeberg.org/forgejo/forgejo/raw/tag/v$VERSION/custom/conf/app.example.ini
+
+echo "Adjust forgejo configuration file..."
+sed -i 's#^[; ]*APP_NAME *=.*#APP_NAME = Forgejo: Beyond coding. We forge.#' $BDIR/app.ini
+sed -i 's#^[; ]*RUN_USER *=.*#RUN_USER = git#' $BDIR/app.ini
+sed -i 's#^[; ]*RUN_MODE *=.*#RUN_MODE = prod#' $BDIR/app.ini
+sed -i 's#^[; ]*WORK_PATH *=.*#WORK_PATH = /var/lib/forgejo/#' $BDIR/app.ini
+sed -i 's#^[; ]*MODE *= *\(console|file|conn\).*#MODE = console#' $BDIR/app.ini
+sed -i 's#^[; ]*SECRET_KEY *=.*#;; SECRET_KEY = #' $BDIR/app.ini
+sed -i 's#^[; ]*SECRET_KEY_URI *=.*#SECRET_KEY_URI = file:/var/lib/forgejo/secret#' $BDIR/app.ini
+sed -i 's#^[; ]*INTERNAL_TOKEN *=.*#;; INTERNAL_TOKEN = #' $BDIR/app.ini
+sed -i 's#^[; ]*INTERNAL_TOKEN_URI *=.*#INTERNAL_TOKEN_URI = file:/var/lib/forgejo/internal_token#' $BDIR/app.ini
+
+if [ -z "$DEBIAN_CODENAME" ]
+then
+	echo "Retreive debian codename using lsb_release..."
+	DEBIAN_CODENAME=$( lsb_release -c -s )
+else
+	echo "Use debian codename from environment ($DEBIAN_CODENAME)"
+fi
+
+echo "Generate debian changelog using gitdch..."
+GITDCH_ARGS=('--verbose')
+[ -n "$QUIET_ARG" ] && GITDCH_ARGS=('--warning')
+if [ -n "$MAINTAINER_NAME" ]
+then
+	echo "Use maintainer name from environment ($MAINTAINER_NAME)"
+	GITDCH_ARGS+=("--maintainer-name" "${MAINTAINER_NAME}")
+fi
+if [ -n "$MAINTAINER_EMAIL" ]
+then
+	echo "Use maintainer email from environment ($MAINTAINER_EMAIL)"
+	GITDCH_ARGS+=("--maintainer-email" "$MAINTAINER_EMAIL")
+fi
+gitdch \
+	--package-name forgejo \
+	--version "${VERSION}" \
+	--code-name $DEBIAN_CODENAME \
+	--output $BDIR/debian/changelog \
+	--release-notes dist/release_notes.md \
+	"${GITDCH_ARGS[@]}"
+
+BUILD_ARGS=""
+if [ -n "$MAINTAINER_NAME" -a -n "$MAINTAINER_EMAIL" ]
+then
+	echo "Set Maintainer field in debian control file ($MAINTAINER_NAME <$MAINTAINER_EMAIL>)..."
+	sed -i "s/^Maintainer: .*$/Maintainer: $MAINTAINER_NAME <$MAINTAINER_EMAIL>/" $BDIR/debian/control
+else
+	echo "Maintainer email not found in environment, disable signing."
+	BUILD_ARGS="--no-sign"
+fi
+
+echo "Build debian package..."
+cd $BDIR
+dpkg-buildpackage $BUILD_ARGS
+

debian/compat

@@ -0,0 +1 @@
+11

debian/control

@@ -0,0 +1,13 @@
+Source: forgejo
+Section: admin
+Priority: optional
+Maintainer: Debian Zionetrix - forgejo <debian+forgejo@zionetrix.net>
+Build-Depends: debhelper (>> 11.0.0), curl, lsb-release, git, rsync, gitdch, sed
+Standards-Version: 3.9.6
+
+Package: forgejo
+Architecture: amd64
+Depends: ${misc:Depends}
+Description: Self-hosted lightweight software forge
+ Forgejo is a self-hosted lightweight software forge.
+ Easy to install and low maintenance, it just does the job.

debian/copyright

@@ -0,0 +1,31 @@
+This package was debianized by Benjamin Renard <brenard@zionetrix.net>
+on Mon, 31 Jul 2023 21:02:34 +0200.
+
+Copyright:
+
+    Copyright (c) 2022 The Forgejo Authors
+    Copyright (c) 2016 The Gitea Authors
+    Copyright (c) 2015 The Gogs Authors
+
+License:
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in
+    all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+    THE SOFTWARE.
+
+The Debian packaging is (C) 2023, Benjamin Renard and
+is licensed under the GPL version 3, see '/usr/share/common-licenses/GPL-3'.

debian/forgejo.install

@@ -0,0 +1,2 @@
+forgejo usr/bin/
+app.ini etc/forgejo/

debian/forgejo.postinst

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+SECRET_PATH=/var/lib/forgejo/secret
+INTERNAL_TOKEN_PATH=/var/lib/forgejo/internal_token
+
+case "$1" in
+	configure)
+
+	if [ ! -e "$SECRET_PATH" ]
+	then
+		echo -n "Generating secret file..."
+		cat /dev/urandom | tr -dc '[:alpha:]' | fold -w 100 | head -n 1 > $SECRET_PATH
+		chown git:git "$SECRET_PATH"
+		chmod 0400 "$SECRET_PATH"
+		echo " done."
+	fi
+
+	if [ ! -e "$INTERNAL_TOKEN_PATH" ]
+	then
+		echo -n "Generating internal token file..."
+		cat /dev/urandom | tr -dc '[:alpha:]' | fold -w 100 | head -n 1 > $INTERNAL_TOKEN_PATH
+		chown git:git "$INTERNAL_TOKEN_PATH"
+		chmod 0400 "$INTERNAL_TOKEN_PATH"
+		echo " done."
+	fi
+	;;
+esac
+
+#DEBHELPER#

debian/forgejo.preinst

@@ -0,0 +1,44 @@
+#!/bin/bash
+
+SERVER_HOME=/var/lib/forgejo
+SERVER_USER=git
+SERVER_NAME="Git"
+SERVER_GROUP=git
+
+case "$1" in
+  install|upgrade)
+
+  # Create group if not existing
+  if ! getent group | grep -q "^$SERVER_GROUP:" ; then
+     echo -n "Adding group $SERVER_GROUP..."
+     addgroup --quiet --system $SERVER_GROUP 2>/dev/null ||true
+     echo " done."
+  fi
+
+  # Create homedir if not existing
+  test -d $SERVER_HOME || mkdir $SERVER_HOME
+
+  # Create user if not existing
+  if ! getent passwd | grep -q "^$SERVER_USER:"; then
+    echo -n "Adding system user $SERVER_USER..."
+    adduser --quiet \
+            --system \
+            --ingroup $SERVER_GROUP \
+	    --home $SERVER_HOME \
+            --no-create-home \
+            --disabled-password \
+            $SERVER_USER 2>/dev/null || true
+    echo " done."
+  fi
+
+  # Adjust file and directory permissions
+  if ! dpkg-statoverride --list $SERVER_HOME >/dev/null
+  then
+      chown -R $SERVER_USER:adm $SERVER_HOME
+      chmod u=rwx,g=rxs,o= $SERVER_HOME
+  fi
+
+  ;;
+esac
+
+#DEBHELPER#

debian/forgejo.service

@@ -0,0 +1,43 @@
+[Unit]
+Description=Forgejo (Beyond coding. We forge.)
+After=syslog.target
+After=network.target
+Wants=mysql.service mariadb.service postgresql.service memcached.service redis.service
+After=mysql.service mariadb.service postgresql.service memcached.service redis.service
+
+[Service]
+# Uncomment the next line if you have repos with lots of files and get a HTTP 500 error because of that
+# LimitNOFILE=524288:524288
+RestartSec=2s
+Type=simple
+User=git
+Group=git
+WorkingDirectory=/var/lib/forgejo/
+# If using Unix socket: tells systemd to create the /run/forgejo folder, which will contain the forgejo.sock file
+# (manually creating /run/forgejo doesn't work, because it would not persist across reboots)
+#RuntimeDirectory=forgejo
+ExecStart=/usr/bin/forgejo web --config /etc/forgejo/app.ini
+Restart=always
+Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/forgejo
+# If you install Git to directory prefix other than default PATH (which happens
+# for example if you install other versions of Git side-to-side with
+# distribution version), uncomment below line and add that prefix to PATH
+# Don't forget to place git-lfs binary on the PATH below if you want to enable
+# Git LFS support
+#Environment=PATH=/path/to/git/bin:/bin:/sbin:/usr/bin:/usr/sbin
+# If you want to bind Forgejo to a port below 1024, uncomment
+# the two values below, or use socket activation to pass Forgejo its ports as above
+###
+#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+#AmbientCapabilities=CAP_NET_BIND_SERVICE
+###
+# In some cases, when using CapabilityBoundingSet and AmbientCapabilities option, you may want to
+# set the following value to false to allow capabilities to be applied on Forgejo process. The following
+# value if set to true sandboxes Forgejo service and prevent any processes from running with privileges
+# in the host user namespace.
+###
+#PrivateUsers=false
+###
+
+[Install]
+WantedBy=multi-user.target

debian/rules

@@ -0,0 +1,5 @@
+#!/usr/bin/make -f
+#export DH_VERBOSE=1
+%:
+	dh  $@
+

debian/source/format

@@ -0,0 +1 @@
+1.0