diff --git a/README.md b/README.md index bb4a2ef..329cee4 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,3 @@ # gitea +Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD. diff --git a/gitea.service b/gitea.service new file mode 100644 index 0000000..126ea94 --- /dev/null +++ b/gitea.service @@ -0,0 +1,51 @@ +[Unit] +Description=Gitea (Git with a cup of tea) +After=syslog.target +After=network.target +After=mysqld.service +After=postgresql.service +After=memcached.service +After=redis.service + +[Service] +User=gitea +Group=gitea +Type=simple +WorkingDirectory=~ +RuntimeDirectory=gitea +LogsDirectory=gitea +StateDirectory=gitea +Environment=USER=gitea HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea +ExecStart=/usr/bin/gitea web -c /etc/gitea/app.ini +Restart=always +RestartSec=2s +ReadWritePaths=/etc/gitea/app.ini +AmbientCapabilities= +CapabilityBoundingSet= +LockPersonality=true +#Required by commit search +#MemoryDenyWriteExecute=true +NoNewPrivileges=True +#SecureBits=noroot-locked +PrivateDevices=true +PrivateTmp=true +PrivateUsers=true +ProtectClock=true +ProtectControlGroups=true +ProtectHome=true +ProtectHostname=true +ProtectKernelLogs=true +ProtectKernelModules=true +ProtectKernelTunables=true +ProtectProc=invisible +ProtectSystem=strict +RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX +RestrictNamespaces=true +RestrictRealtime=true +RestrictSUIDSGID=true +SystemCallArchitectures=native +SystemCallFilter=@system-service +SystemCallErrorNumber=EPERM + +[Install] +WantedBy=multi-user.target diff --git a/gitea.spec b/gitea.spec new file mode 100644 index 0000000..88a4e3e --- /dev/null +++ b/gitea.spec @@ -0,0 +1,82 @@ +Name: gitea +Version: 1.21.3 +Release: 1mamba +Summary: Painless self-hosted Git service, community managed +Group: System/Servers +Vendor: openmamba +Distribution: openmamba +Packager: Silvan Calarco +URL: https://about.gitea.com/ +Source: https+git://github.com/go-gitea/gitea.git/v%{version}/gitea-%{version}.tar.bz2 +Source1: gitea.service +Source2: gitea.sysusers +Source3: gitea.tmpfiles +License: MIT +## AUTOBUILDREQ-BEGIN +BuildRequires: glibc-devel +BuildRequires: libpam-devel +## AUTOBUILDREQ-END +BuildRequires: go +BuildRequires: nodejs + +%description +Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD. + +#% debug_package + +%prep +%setup -q +#-D -T +#:<< _EOF +make deps + +%build +export EXTRA_GOFLAGS="-buildmode=pie -mod=readonly -modcacherw" +export LDFLAGS="-linkmode=external -compressdwarf=false -X \ + 'code.gitea.io/gitea/modules/setting.AppWorkPath=/var/lib/gitea/' \ + -X 'code.gitea.io/gitea/modules/setting.CustomConf=%{_sysconfdir}/gitea/app.ini'" +export TAGS="bindata sqlite sqlite_unlock_notify pam" + +%make -j1 + +%install +[ "%{buildroot}" != / ] && rm -rf "%{buildroot}" +#% makeinstall +install -D -m755 gitea %{buildroot}%{_bindir}/gitea +install -D -m644 %{SOURCE1} %{buildroot}%{_unitdir}/gitea.serivce +install -D -m644 %{SOURCE3} %{buildroot}%{_tmpfilesdir}/gitea.conf +install -D -m644 %{SOURCE2} %{buildroot}%{_sysusersdir}/gitea.conf +install -D -m644 custom/conf/app.example.ini %{buildroot}%{_sysconfdir}/gitea/app.ini + +%clean +[ "%{buildroot}" != / ] && rm -rf "%{buildroot}" + +%pre +%sysusers_create_package gitea %{SOURCE2} +%tmpfiles_create_package gitea %{SOURCE3} +: + +%post +%systemd_post gitea +: + +%preun +%systemd_preun gitea +: + +%postun +%systemd_postun gitea +: + +%files +%defattr(-,root,root) +%config(noreplace) %{_sysconfdir}/gitea/app.ini +%{_bindir}/gitea +%{_unitdir}/gitea.serivce +%{_sysusersdir}/gitea.conf +%{_tmpfilesdir}/gitea.conf +%doc LICENSE + +%changelog +* Wed Dec 27 2023 Silvan Calarco 1.21.3-1mamba +- package created using the webbuild interface diff --git a/gitea.sysusers b/gitea.sysusers new file mode 100644 index 0000000..9da9393 --- /dev/null +++ b/gitea.sysusers @@ -0,0 +1 @@ +u gitea - "Gitea daemon user" /var/lib/gitea /bin/bash diff --git a/gitea.tmpfiles b/gitea.tmpfiles new file mode 100644 index 0000000..7d92761 --- /dev/null +++ b/gitea.tmpfiles @@ -0,0 +1,10 @@ +d /var/lib/gitea 0750 +d /var/lib/gitea/attachments 0750 +d /var/lib/gitea/data 0750 +d /var/lib/gitea/indexers 0750 +d /var/lib/gitea/repos 0750 +d /var/lib/gitea/tmp 0750 +Z /var/lib/gitea - gitea gitea +d /var/log/gitea 0750 gitea gitea +z /etc/gitea 0755 root gitea +z /etc/gitea/app.ini 0660 root gitea