From 5002ac874d439d029d4f98bfaaa47282b826186c Mon Sep 17 00:00:00 2001
From: Mirco <mirco.zachmann@meissa.de>
Date: Tue, 28 Mar 2023 09:46:15 +0200
Subject: [PATCH 01/25] Change name from gitea to forgejo
---
.gitlab-ci.yml | 24 +--
README.md | 20 +--
copy-and-build-dda-io.sh | 2 +-
doc/BackupAndRestore.md | 8 +-
doc/Upgrading.md | 14 +-
infrastructure/docker-backup/build.py | 2 +-
package.json | 16 +-
project.clj | 12 +-
public/index.html | 2 +-
shadow-cljs.edn | 2 +-
src/main/clj/dda/c4k_gitea/uberjar.clj | 9 --
src/main/cljc/dda/c4k_gitea/backup.cljc | 44 ------
src/main/cljc/dda/c4k_gitea/core.cljc | 54 -------
src/main/cljc/dda/c4k_gitea/gitea.cljc | 138 ------------------
src/main/cljs/dda/c4k_gitea/browser.cljs | 118 ---------------
.../backup/backup-restore-deployment.yaml | 10 +-
src/main/resources/backup/config.yaml | 2 +-
src/main/resources/backup/cron.yaml | 12 +-
.../resources/gitea/appini-env-configmap.yaml | 90 ------------
src/main/resources/gitea/certificate.yaml | 15 --
src/main/resources/gitea/datavolume.yaml | 15 --
src/main/resources/gitea/deployment.yaml | 41 ------
src/main/resources/gitea/ingress.yaml | 24 ---
src/main/resources/gitea/secrets.yaml | 11 --
src/main/resources/gitea/service-ssh.yaml | 17 ---
src/main/resources/gitea/service.yaml | 12 --
src/test/cljc/dda/c4k_gitea/gitea_test.cljc | 73 ---------
valid-auth.edn | 4 +-
valid-config.edn | 2 +-
29 files changed, 66 insertions(+), 727 deletions(-)
delete mode 100644 src/main/clj/dda/c4k_gitea/uberjar.clj
delete mode 100644 src/main/cljc/dda/c4k_gitea/backup.cljc
delete mode 100644 src/main/cljc/dda/c4k_gitea/core.cljc
delete mode 100644 src/main/cljc/dda/c4k_gitea/gitea.cljc
delete mode 100644 src/main/cljs/dda/c4k_gitea/browser.cljs
delete mode 100644 src/main/resources/gitea/appini-env-configmap.yaml
delete mode 100644 src/main/resources/gitea/certificate.yaml
delete mode 100644 src/main/resources/gitea/datavolume.yaml
delete mode 100644 src/main/resources/gitea/deployment.yaml
delete mode 100644 src/main/resources/gitea/ingress.yaml
delete mode 100644 src/main/resources/gitea/secrets.yaml
delete mode 100644 src/main/resources/gitea/service-ssh.yaml
delete mode 100644 src/main/resources/gitea/service.yaml
delete mode 100644 src/test/cljc/dda/c4k_gitea/gitea_test.cljc
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d17556d..7af57b9 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -48,7 +48,7 @@ test-schema:
stage: build_and_test
script:
- lein uberjar
- - java -jar target/uberjar/c4k-gitea-standalone.jar valid-config.edn valid-auth.edn | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate -
+ - java -jar target/uberjar/c4k-forgejo-standalone.jar valid-config.edn valid-auth.edn | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate -
artifacts:
paths:
- target/uberjar
@@ -69,9 +69,9 @@ package-frontend:
script:
- mkdir -p target/frontend-build
- shadow-cljs release frontend
- - cp public/js/main.js target/frontend-build/c4k-gitea.js
- - sha256sum target/frontend-build/c4k-gitea.js > target/frontend-build/c4k-gitea.js.sha256
- - sha512sum target/frontend-build/c4k-gitea.js > target/frontend-build/c4k-gitea.js.sha512
+ - cp public/js/main.js target/frontend-build/c4k-forgejo.js
+ - sha256sum target/frontend-build/c4k-forgejo.js > target/frontend-build/c4k-forgejo.js.sha256
+ - sha512sum target/frontend-build/c4k-forgejo.js > target/frontend-build/c4k-forgejo.js.sha512
artifacts:
paths:
- target/frontend-build
@@ -81,8 +81,8 @@ package-uberjar:
stage: package
script:
- lein uberjar
- - sha256sum target/uberjar/c4k-gitea-standalone.jar > target/uberjar/c4k-gitea-standalone.jar.sha256
- - sha512sum target/uberjar/c4k-gitea-standalone.jar > target/uberjar/c4k-gitea-standalone.jar.sha512
+ - sha256sum target/uberjar/c4k-forgejo-standalone.jar > target/uberjar/c4k-forgejo-standalone.jar.sha256
+ - sha512sum target/uberjar/c4k-forgejo-standalone.jar > target/uberjar/c4k-forgejo-standalone.jar.sha512
artifacts:
paths:
- target/uberjar
@@ -108,9 +108,9 @@ release:
- apk --no-cache add curl
- |
release-cli create --name "Release $CI_COMMIT_TAG" --tag-name $CI_COMMIT_TAG \
- --assets-link "{\"name\":\"c4k-gitea-standalone.jar\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-gitea-standalone.jar\"}" \
- --assets-link "{\"name\":\"c4k-gitea-standalone.jar.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-gitea-standalone.jar.sha256\"}" \
- --assets-link "{\"name\":\"c4k-gitea-standalone.jar.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-gitea-standalone.jar.sha512\"}" \
- --assets-link "{\"name\":\"c4k-gitea.js\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-gitea.js\"}" \
- --assets-link "{\"name\":\"c4k-gitea.js.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-gitea.js.sha256\"}" \
- --assets-link "{\"name\":\"c4k-gitea.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-gitea.js.sha512\"}" \
+ --assets-link "{\"name\":\"c4k-forgejo-standalone.jar\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-forgejo-standalone.jar\"}" \
+ --assets-link "{\"name\":\"c4k-forgejo-standalone.jar.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-forgejo-standalone.jar.sha256\"}" \
+ --assets-link "{\"name\":\"c4k-forgejo-standalone.jar.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-forgejo-standalone.jar.sha512\"}" \
+ --assets-link "{\"name\":\"c4k-forgejo.js\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-forgejo.js\"}" \
+ --assets-link "{\"name\":\"c4k-forgejo.js.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-forgejo.js.sha256\"}" \
+ --assets-link "{\"name\":\"c4k-forgejo.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-forgejo.js.sha512\"}" \
diff --git a/README.md b/README.md
index 2f92982..9189b73 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,12 @@
-# convention 4 kubernetes: c4k-gitea
-[](https://clojars.org/org.domaindrivenarchitecture/c4k-gitea) [](https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/commits/main)
+# convention 4 kubernetes: c4k-forgejo
+[](https://clojars.org/org.domaindrivenarchitecture/c4k-forgejo) [](https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/commits/main)
[<img src="https://domaindrivenarchitecture.org/img/delta-chat.svg" width=20 alt="DeltaChat"> chat over e-mail](mailto:buero@meissa-gmbh.de?subject=community-chat) | [<img src="https://meissa-gmbh.de/img/community/Mastodon_Logotype.svg" width=20 alt="team@social.meissa-gmbh.de"> team@social.meissa-gmbh.de](https://social.meissa-gmbh.de/@team) | [Website & Blog](https://domaindrivenarchitecture.org)
## Purpose
-c4k-gitea provides a k8s deployment file for Gitea containing:
-* gitea
+c4k-forgejo provides a k8s deployment file for forgejo containing:
+* forgejo
* ingress having a letsencrypt managed certificate
* postgres database
@@ -15,21 +15,21 @@ c4k-gitea provides a k8s deployment file for Gitea containing:
Click on the image to try out live in your browser:
-[](https://domaindrivenarchitecture.org/pages/dda-provision/c4k-gitea/)
+[](https://domaindrivenarchitecture.org/pages/dda-provision/c4k-forgejo/)
Your input will stay in your browser. No server interaction is required.
-## Gitea setup
+## Forgejo setup
-After having deployed the yaml-file generated by the c4k-gitea module you need to complete the setup for gitea:
+After having deployed the yaml-file generated by the c4k-forgejo module you need to complete the setup for forgejo:
-* Open the URL of your gitea-server, and you will be shown a configuration page.
+* Open the URL of your forgejo-server, and you will be shown a configuration page.
* Adjust the settings according to your needs
* Add the administrator's data (name, password and email) and submit the page.
-* The required database will be created and the Gitea setup will be completed.
+* The required database will be created and the forgejo setup will be completed.
* The SSH-URL for a repo has the format: "ssh://git@domain:2222/[username]/[repo].git
- Example: "git clone ssh://git@repo.test.meissa.de:2222/myuser/c4k-gitea.git"
+ Example: "git clone ssh://git@repo.test.meissa.de:2222/myuser/c4k-forgejo.git"
## License
diff --git a/copy-and-build-dda-io.sh b/copy-and-build-dda-io.sh
index 4449369..fbdc37a 100644
--- a/copy-and-build-dda-io.sh
+++ b/copy-and-build-dda-io.sh
@@ -10,7 +10,7 @@ set -eo pipefail
srcDir="/home/$USER/"
srcName="main.js"
targetDir="/home/$USER/"
-targetName="c4k-gitea.js"
+targetName="c4k-forgejo.js"
echo "build"
shadow-cljs compile frontend
diff --git a/doc/BackupAndRestore.md b/doc/BackupAndRestore.md
index 31c7aa4..4a6fe73 100644
--- a/doc/BackupAndRestore.md
+++ b/doc/BackupAndRestore.md
@@ -31,11 +31,11 @@
1. apply backup-and-restore pod:
`kubectl scale deployment backup-restore --replicas=1`
-2. Scale down gitea deployment:
- `kubectl scale deployment gitea --replicas=0`
+2. Scale down forgejo deployment:
+ `kubectl scale deployment forgejo --replicas=0`
3. exec into pod and execute restore pod (press tab to get your exact pod name)
`kubectl exec -it backup-restore-... -- /usr/local/bin/restore.sh`
-4. Start gitea again:
- `kubectl scale deployment gitea --replicas=1`
+4. Start forgejo again:
+ `kubectl scale deployment forgejo --replicas=1`
5. remove backup-and-restore pod:
`kubectl scale deployment backup-restore --replicas=0`
diff --git a/doc/Upgrading.md b/doc/Upgrading.md
index 5b83777..888b71e 100644
--- a/doc/Upgrading.md
+++ b/doc/Upgrading.md
@@ -2,20 +2,20 @@
## adhoc (on kubernetes cluster)
-Ssh into your kubernetes cluster running the gitea instance.
+Ssh into your kubernetes cluster running the forgejo instance.
``` bash
-kubectl edit configmap gitea-env
+kubectl edit configmap forgejo-env
# make sure INSTALL_LOCK under security is set to true to disable the installation screen
# save and exit
-kubectl edit deployments gitea
-# search for your current gitea version, e.g. 1.17.0
+kubectl edit deployments forgejo
+# search for your current forgejo version, e.g. 1.17.0
# replace with new version
# save and exit
-kubectl scale deployment gitea --replicas=0
-kubectl scale deployment gitea --replicas=1
+kubectl scale deployment forgejo --replicas=0
+kubectl scale deployment forgejo --replicas=1
```
Logging into the admin account should now show the new version.
-You may want to update your c4k-gitea resources to reflect the changes made on the cluster.
\ No newline at end of file
+You may want to update your c4k-forgejo resources to reflect the changes made on the cluster.
\ No newline at end of file
diff --git a/infrastructure/docker-backup/build.py b/infrastructure/docker-backup/build.py
index fbe23c0..6685027 100644
--- a/infrastructure/docker-backup/build.py
+++ b/infrastructure/docker-backup/build.py
@@ -3,7 +3,7 @@ from pybuilder.core import task, init
from ddadevops import *
import logging
-name = 'c4k-gitea-backup'
+name = 'c4k-forgejo-backup'
MODULE = 'docker'
PROJECT_ROOT_PATH = '../..'
diff --git a/package.json b/package.json
index 1d1b58f..fa309cf 100644
--- a/package.json
+++ b/package.json
@@ -1,18 +1,18 @@
{
- "name": "c4k-gitea",
- "description": "Generate c4k yaml for a gitea deployment.",
+ "name": "c4k-forgejo",
+ "description": "Generate c4k yaml for a forgejo deployment.",
"author": "meissa GmbH",
"version": "1.0.1-SNAPSHOT",
- "homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-gitea#readme",
- "repository": "https://www.npmjs.com/package/c4k-gitea",
+ "homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-forgejo#readme",
+ "repository": "https://www.npmjs.com/package/c4k-forgejo",
"license": "APACHE2",
- "main": "c4k-gitea.js",
+ "main": "c4k-forgejo.js",
"bin": {
- "c4k-gitea": "./c4k-gitea.js"
+ "c4k-forgejo": "./c4k-forgejo.js"
},
"keywords": [
"cljs",
- "gitea",
+ "forgejo",
"k8s",
"c4k",
"deployment",
@@ -20,7 +20,7 @@
"convention4kubernetes"
],
"bugs": {
- "url": "https://gitlab.com/domaindrivenarchitecture/c4k-gitea/issues"
+ "url": "https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/issues"
},
"dependencies": {
"js-base64": "^3.6.1",
diff --git a/project.clj b/project.clj
index 90a04f2..a36bbc5 100644
--- a/project.clj
+++ b/project.clj
@@ -1,5 +1,5 @@
-(defproject org.domaindrivenarchitecture/c4k-gitea "1.0.1-SNAPSHOT"
- :description "gitea c4k-installation package"
+(defproject org.domaindrivenarchitecture/c4k-forgejo "1.0.1-SNAPSHOT"
+ :description "forgejo c4k-installation package"
:url "https://domaindrivenarchitecture.org"
:license {:name "Apache License, Version 2.0"
:url "https://www.apache.org/licenses/LICENSE-2.0.html"}
@@ -20,8 +20,8 @@
:dependencies [[dda/data-test "0.1.1"]]}
:dev {:plugins [[lein-shell "0.5.0"]]}
:uberjar {:aot :all
- :main dda.c4k-gitea.uberjar
- :uberjar-name "c4k-gitea-standalone.jar"
+ :main dda.c4k-forgejo.uberjar
+ :uberjar-name "c4k-forgejo-standalone.jar"
:dependencies [[org.clojure/tools.cli "1.0.206"]
[ch.qos.logback/logback-classic "1.3.0-alpha4"
:exclusions [com.sun.mail/javax.mail]]
@@ -36,11 +36,11 @@
"native-image"
"--report-unsupported-elements-at-runtime"
"--initialize-at-build-time"
- "-jar" "target/uberjar/c4k-gitea-standalone.jar"
+ "-jar" "target/uberjar/c4k-forgejo-standalone.jar"
"-H:ResourceConfigurationFiles=graalvm-resource-config.json"
"-H:Log=registerResource"
"-H:Name=target/graalvm/${:name}"]
"inst" ["shell"
"sh"
"-c"
- "lein uberjar && sudo install -m=755 target/uberjar/c4k-gitea-standalone.jar /usr/local/bin/c4k-gitea-standalone.jar"]})
+ "lein uberjar && sudo install -m=755 target/uberjar/c4k-forgejo-standalone.jar /usr/local/bin/c4k-forgejo-standalone.jar"]})
diff --git a/public/index.html b/public/index.html
index 3eb4623..48e752a 100644
--- a/public/index.html
+++ b/public/index.html
@@ -3,7 +3,7 @@
<head>
<meta charset="utf-8" />
- <title>c4k-gitea</title>
+ <title>c4k-forgejo</title>
<link href="https://domaindrivenarchitecture.org/css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<link href="https://domaindrivenarchitecture.org/css/fonts/fontawesome/fontawesome.css" rel="stylesheet"
type="text/css" />
diff --git a/shadow-cljs.edn b/shadow-cljs.edn
index bce1936..6dcdf9b 100644
--- a/shadow-cljs.edn
+++ b/shadow-cljs.edn
@@ -7,7 +7,7 @@
:dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "3.0.1"]
[hickory "0.7.1"]]
:builds {:frontend {:target :browser
- :modules {:main {:init-fn dda.c4k-gitea.browser/init}}
+ :modules {:main {:init-fn dda.c4k-forgejo.browser/init}}
:release {}
:compiler-options {:optimizations :advanced}}
:test {:target :node-test
diff --git a/src/main/clj/dda/c4k_gitea/uberjar.clj b/src/main/clj/dda/c4k_gitea/uberjar.clj
deleted file mode 100644
index 28e15a9..0000000
--- a/src/main/clj/dda/c4k_gitea/uberjar.clj
+++ /dev/null
@@ -1,9 +0,0 @@
-(ns dda.c4k-gitea.uberjar
- (:gen-class)
- (:require
- [dda.c4k-gitea.core :as core]
- [dda.c4k-gitea.gitea :as gitea]
- [dda.c4k-common.uberjar :as uberjar]))
-
-(defn -main [& cmd-args]
- (uberjar/main-common "c4k-gitea" core/config? core/auth? core/config-defaults core/k8s-objects cmd-args))
diff --git a/src/main/cljc/dda/c4k_gitea/backup.cljc b/src/main/cljc/dda/c4k_gitea/backup.cljc
deleted file mode 100644
index fb44fa0..0000000
--- a/src/main/cljc/dda/c4k_gitea/backup.cljc
+++ /dev/null
@@ -1,44 +0,0 @@
-(ns dda.c4k-gitea.backup
- (:require
- [clojure.spec.alpha :as s]
- #?(:cljs [shadow.resource :as rc])
- [dda.c4k-common.yaml :as yaml]
- [dda.c4k-common.base64 :as b64]
- [dda.c4k-common.common :as cm]))
-
-(s/def ::aws-access-key-id cm/bash-env-string?)
-(s/def ::aws-secret-access-key cm/bash-env-string?)
-(s/def ::restic-password cm/bash-env-string?)
-(s/def ::restic-repository cm/bash-env-string?)
-
-#?(:cljs
- (defmethod yaml/load-resource :backup [resource-name]
- (case resource-name
- "backup/config.yaml" (rc/inline "backup/config.yaml")
- "backup/cron.yaml" (rc/inline "backup/cron.yaml")
- "backup/secret.yaml" (rc/inline "backup/secret.yaml")
- "backup/backup-restore-deployment.yaml" (rc/inline "backup/backup-restore-deployment.yaml")
- (throw (js/Error. "Undefined Resource!")))))
-
-(defn generate-config [my-conf]
- (let [{:keys [restic-repository]} my-conf]
- (->
- (yaml/from-string (yaml/load-resource "backup/config.yaml"))
- (cm/replace-key-value :restic-repository restic-repository))))
-
-(defn generate-cron []
- (yaml/from-string (yaml/load-resource "backup/cron.yaml")))
-
-(defn generate-backup-restore-deployment [my-conf]
- (let [backup-restore-yaml (yaml/from-string (yaml/load-resource "backup/backup-restore-deployment.yaml"))]
- (if (and (contains? my-conf :local-integration-test) (= true (:local-integration-test my-conf)))
- (cm/replace-named-value backup-restore-yaml "CERTIFICATE_FILE" "/var/run/secrets/localstack-secrets/ca.crt")
- backup-restore-yaml)))
-
-(defn generate-secret [my-auth]
- (let [{:keys [aws-access-key-id aws-secret-access-key restic-password]} my-auth]
- (->
- (yaml/from-string (yaml/load-resource "backup/secret.yaml"))
- (cm/replace-key-value :aws-access-key-id (b64/encode aws-access-key-id))
- (cm/replace-key-value :aws-secret-access-key (b64/encode aws-secret-access-key))
- (cm/replace-key-value :restic-password (b64/encode restic-password)))))
diff --git a/src/main/cljc/dda/c4k_gitea/core.cljc b/src/main/cljc/dda/c4k_gitea/core.cljc
deleted file mode 100644
index c02761b..0000000
--- a/src/main/cljc/dda/c4k_gitea/core.cljc
+++ /dev/null
@@ -1,54 +0,0 @@
-(ns dda.c4k-gitea.core
- (:require
- [clojure.spec.alpha :as s]
- [dda.c4k-common.yaml :as yaml]
- [dda.c4k-common.common :as cm]
- [dda.c4k-gitea.gitea :as gitea]
- [dda.c4k-gitea.backup :as backup]
- [dda.c4k-common.postgres :as postgres]))
-
-(def config-defaults {:issuer "staging"})
-
-(def config? (s/keys :req-un [::gitea/fqdn
- ::gitea/mailer-from
- ::gitea/mailer-host-port
- ::gitea/service-noreply-address]
- :opt-un [::gitea/issuer
- ::gitea/default-app-name
- ::gitea/service-domain-whitelist
- ::backup/restic-repository]))
-
-(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password
- ::gitea/mailer-user ::gitea/mailer-pw
- ::backup/aws-access-key-id ::backup/aws-secret-access-key]
- :opt-un [::backup/restic-password])) ; TODO gec: Is restic password opt or req?
-
-(def vol? (s/keys :req-un [::gitea/volume-total-storage-size]))
-
-(defn k8s-objects [config]
- (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)]
- (map yaml/to-string
- (filter #(not (nil? %))
- (cm/concat-vec
- [(postgres/generate-config {:postgres-size :2gb :db-name "gitea"})
- (postgres/generate-secret config)
- (when (contains? config :postgres-data-volume-path)
- (postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb])))
- (postgres/generate-pvc {:pv-storage-size-gb 5
- :pvc-storage-class-name storage-class})
- (postgres/generate-deployment {:postgres-image "postgres:14"
- :postgres-size :2gb})
- (postgres/generate-service)
- (gitea/generate-deployment)
- (gitea/generate-service)
- (gitea/generate-service-ssh)
- (gitea/generate-data-volume config)
- (gitea/generate-appini-env config)
- (gitea/generate-secrets config)
- (gitea/generate-ingress config)
- (gitea/generate-certificate config)]
- (when (contains? config :restic-repository)
- [(backup/generate-config config)
- (backup/generate-secret config)
- (backup/generate-cron)
- (backup/generate-backup-restore-deployment config)]))))))
diff --git a/src/main/cljc/dda/c4k_gitea/gitea.cljc b/src/main/cljc/dda/c4k_gitea/gitea.cljc
deleted file mode 100644
index 1e9dbbf..0000000
--- a/src/main/cljc/dda/c4k_gitea/gitea.cljc
+++ /dev/null
@@ -1,138 +0,0 @@
-(ns dda.c4k-gitea.gitea
- (:require
- [clojure.spec.alpha :as s]
- [clojure.string :as st]
- #?(:cljs [shadow.resource :as rc])
- #?(:clj [orchestra.core :refer [defn-spec]]
- :cljs [orchestra.core :refer-macros [defn-spec]])
- #?(:clj [clojure.edn :as edn]
- :cljs [cljs.reader :as edn])
- [dda.c4k-common.yaml :as yaml]
- [dda.c4k-common.common :as cm]
- [dda.c4k-common.base64 :as b64]
- [dda.c4k-common.predicate :as pred]
- [dda.c4k-common.postgres :as postgres]))
-
-(defn domain-list?
- [input]
- (or
- (st/blank? input)
- (pred/string-of-separated-by? pred/fqdn-string? #"," input)))
-
-(s/def ::default-app-name string?)
-(s/def ::fqdn pred/fqdn-string?)
-(s/def ::mailer-from pred/bash-env-string?)
-(s/def ::mailer-host-port pred/host-and-port-string?)
-(s/def ::service-domain-whitelist domain-list?)
-(s/def ::service-noreply-address string?)
-(s/def ::mailer-user pred/bash-env-string?)
-(s/def ::mailer-pw pred/bash-env-string?)
-(s/def ::issuer pred/letsencrypt-issuer?)
-(s/def ::volume-total-storage-size (partial pred/int-gt-n? 5))
-
-(def config-defaults {:issuer "staging"})
-
-(def config? (s/keys :req-un [::fqdn
- ::mailer-from
- ::mailer-host-port
- ::service-noreply-address]
- :opt-un [::issuer
- ::default-app-name
- ::service-domain-whitelist]))
-
-(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password ::mailer-user ::mailer-pw]))
-
-(def vol? (s/keys :req-un [::volume-total-storage-size]))
-
-(defn data-storage-by-volume-size
- [total]
- total)
-
-
-#?(:cljs
- (defmethod yaml/load-resource :gitea [resource-name]
- (case resource-name
- "gitea/appini-env-configmap.yaml" (rc/inline "gitea/appini-env-configmap.yaml")
- "gitea/deployment.yaml" (rc/inline "gitea/deployment.yaml")
- "gitea/certificate.yaml" (rc/inline "gitea/certificate.yaml")
- "gitea/ingress.yaml" (rc/inline "gitea/ingress.yaml")
- "gitea/secrets.yaml" (rc/inline "gitea/secrets.yaml")
- "gitea/service.yaml" (rc/inline "gitea/service.yaml")
- "gitea/service-ssh.yaml" (rc/inline "gitea/service-ssh.yaml")
- "gitea/datavolume.yaml" (rc/inline "gitea/datavolume.yaml")
- (throw (js/Error. "Undefined Resource!")))))
-
-#?(:cljs
- (defmethod yaml/load-as-edn :gitea [resource-name]
- (yaml/from-string (yaml/load-resource resource-name))))
-
-(defn generate-appini-env
- [config]
- (let [{:keys [default-app-name
- fqdn
- mailer-from
- mailer-host-port
- service-domain-whitelist
- service-noreply-address]
- :or {default-app-name "Gitea instance"
- service-domain-whitelist fqdn}}
- config]
- (->
- (yaml/load-as-edn "gitea/appini-env-configmap.yaml")
- (cm/replace-all-matching-values-by-new-value "APPNAME" default-app-name)
- (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)
- (cm/replace-all-matching-values-by-new-value "URL" (str "https://" fqdn))
- (cm/replace-all-matching-values-by-new-value "FROM" mailer-from)
- (cm/replace-all-matching-values-by-new-value "HOSTANDPORT" mailer-host-port)
- (cm/replace-all-matching-values-by-new-value "WHITELISTDOMAINS" service-domain-whitelist)
- (cm/replace-all-matching-values-by-new-value "NOREPLY" service-noreply-address))))
-
-(defn generate-secrets
- [auth]
- (let [{:keys [postgres-db-user
- postgres-db-password
- mailer-user
- mailer-pw]} auth]
- (->
- (yaml/load-as-edn "gitea/secrets.yaml")
- (cm/replace-all-matching-values-by-new-value "DBUSER" (b64/encode postgres-db-user))
- (cm/replace-all-matching-values-by-new-value "DBPW" (b64/encode postgres-db-password))
- (cm/replace-all-matching-values-by-new-value "MAILERUSER" (b64/encode mailer-user))
- (cm/replace-all-matching-values-by-new-value "MAILERPW" (b64/encode mailer-pw)))))
-
-(defn generate-ingress
- [config]
- (let [{:keys [fqdn]} config]
- (->
- (yaml/load-as-edn "gitea/ingress.yaml")
- (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
-
-(defn generate-certificate
- [config]
- (let [{:keys [fqdn issuer]
- :or {issuer "staging"}} config
- letsencrypt-issuer (name issuer)]
- (->
- (yaml/load-as-edn "gitea/certificate.yaml")
- (assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
- (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
-
-(defn-spec generate-data-volume pred/map-or-seq?
- [config vol?]
- (let [{:keys [volume-total-storage-size]} config
- data-storage-size (data-storage-by-volume-size volume-total-storage-size)]
- (->
- (yaml/load-as-edn "gitea/datavolume.yaml")
- (cm/replace-all-matching-values-by-new-value "DATASTORAGESIZE" (str (str data-storage-size) "Gi")))))
-
-(defn generate-deployment
- []
- (yaml/load-as-edn "gitea/deployment.yaml"))
-
-(defn generate-service
- []
- (yaml/load-as-edn "gitea/service.yaml"))
-
-(defn generate-service-ssh
- []
- (yaml/load-as-edn "gitea/service-ssh.yaml"))
diff --git a/src/main/cljs/dda/c4k_gitea/browser.cljs b/src/main/cljs/dda/c4k_gitea/browser.cljs
deleted file mode 100644
index c5aeda4..0000000
--- a/src/main/cljs/dda/c4k_gitea/browser.cljs
+++ /dev/null
@@ -1,118 +0,0 @@
-(ns dda.c4k-gitea.browser
- (:require
- [clojure.string :as st]
- [clojure.tools.reader.edn :as edn]
- [dda.c4k-gitea.core :as core]
- [dda.c4k-gitea.gitea :as gitea]
- [dda.c4k-common.browser :as br]
- [dda.c4k-common.common :as cm]))
-
-(defn generate-group
- [name
- content]
- [{:type :element
- :tag :div
- :attrs {:class "rounded border border-3 m-3 p-2"}
- :content [{:type :element
- :tag :b
- :attrs {:style "z-index: 1; position: relative; top: -1.3rem;"}
- :content name}
- {:type :element
- :tag :fieldset
- :content content}]}])
-
-(defn generate-content []
- (cm/concat-vec
- [(assoc
- (br/generate-needs-validation) :content
- (cm/concat-vec
- (generate-group
- "domain"
- (cm/concat-vec
- (br/generate-input-field "fqdn" "Your fqdn:" "repo.test.de")
- (br/generate-input-field "mailer-from" "Your mailer email address:" "test@test.de")
- (br/generate-input-field "mailer-host-port" "Your mailer host with port:" "test.de:123")
- (br/generate-input-field "service-noreply-address" "Your noreply domain:" "test.de")
- (br/generate-input-field "issuer" "(Optional) Your issuer prod/staging:" "")
- (br/generate-input-field "app-name" "(Optional) Your app name:" "")
- (br/generate-input-field "domain-whitelist" "(Optional) Domain whitelist for registration email-addresses:" "")))
- (generate-group
- "provider"
- (cm/concat-vec
- (br/generate-input-field "volume-total-storage-size" "Your gitea volume-total-storage-size:" "20")))
- (generate-group
- "credentials"
- (br/generate-text-area
- "auth" "Your auth.edn:"
- "{:postgres-db-user \"gitea\"
- :postgres-db-password \"gitea-db-password\"
- :mailer-user \"test@test.de\"
- :mailer-pw \"mail-test-password\"}"
- "5"))
- [(br/generate-br)]
- (br/generate-button "generate-button" "Generate c4k yaml")))]
- (br/generate-output "c4k-gitea-output" "Your c4k deployment.yaml:" "25")))
-
-(defn generate-content-div
- []
- {:type :element
- :tag :div
- :content
- (generate-content)})
-
-(defn config-from-document []
- (let [issuer (br/get-content-from-element "issuer" :optional true)
- app-name (br/get-content-from-element "app-name" :optional true)
- domain-whitelist (br/get-content-from-element "domain-whitelist" :optional true)]
- (merge
- {:fqdn (br/get-content-from-element "fqdn")
- :mailer-from (br/get-content-from-element "mailer-from")
- :mailer-host-port (br/get-content-from-element "mailer-host-port")
- :service-noreply-address (br/get-content-from-element "service-noreply-address")
- :volume-total-storage-size (br/get-content-from-element "volume-total-storage-size" :deserializer js/parseInt)}
- (when (not (st/blank? issuer))
- {:issuer issuer})
- (when (not (st/blank? app-name))
- {:default-app-name app-name})
- (when (not (st/blank? domain-whitelist))
- {:service-domain-whitelist domain-whitelist})
- )))
-
-(defn validate-all! []
- (br/validate! "fqdn" ::gitea/fqdn)
- (br/validate! "mailer-from" ::gitea/mailer-from)
- (br/validate! "mailer-host-port" ::gitea/mailer-host-port)
- (br/validate! "service-noreply-address" ::gitea/service-noreply-address)
- (br/validate! "issuer" ::gitea/issuer :optional true)
- (br/validate! "app-name" ::gitea/default-app-name :optional true)
- (br/validate! "domain-whitelist" ::gitea/service-domain-whitelist :optional true)
- (br/validate! "volume-total-storage-size" ::gitea/volume-total-storage-size :deserializer js/parseInt)
- (br/validate! "auth" gitea/auth? :deserializer edn/read-string)
- (br/set-form-validated!))
-
-(defn add-validate-listener [name]
- (-> (br/get-element-by-id name)
- (.addEventListener "blur" #(do (validate-all!)))))
-
-
-(defn init []
- (br/append-hickory (generate-content-div))
- (-> js/document
- (.getElementById "generate-button")
- (.addEventListener "click"
- #(do (validate-all!)
- (-> (cm/generate-common
- (config-from-document)
- (br/get-content-from-element "auth" :deserializer edn/read-string)
- gitea/config-defaults
- core/k8s-objects)
- (br/set-output!)))))
- (add-validate-listener "fqdn")
- (add-validate-listener "mailer-from")
- (add-validate-listener "mailer-host-port")
- (add-validate-listener "service-noreply-address")
- (add-validate-listener "app-name")
- (add-validate-listener "domain-whitelist")
- (add-validate-listener "volume-total-storage-size")
- (add-validate-listener "issuer")
- (add-validate-listener "auth"))
\ No newline at end of file
diff --git a/src/main/resources/backup/backup-restore-deployment.yaml b/src/main/resources/backup/backup-restore-deployment.yaml
index 79f4ec7..163bc14 100644
--- a/src/main/resources/backup/backup-restore-deployment.yaml
+++ b/src/main/resources/backup/backup-restore-deployment.yaml
@@ -14,10 +14,10 @@ spec:
labels:
app: backup-restore
app.kubernetes.io/name: backup-restore
- app.kubernetes.io/part-of: gitea
+ app.kubernetes.io/part-of: forgejo
spec:
containers:
- - image: domaindrivenarchitecture/c4k-gitea-backup
+ - image: domaindrivenarchitecture/c4k-forgejo-backup
name: backup-app
imagePullPolicy: IfNotPresent
command: ["/entrypoint-start-and-wait.sh"]
@@ -59,15 +59,15 @@ spec:
- name: CERTIFICATE_FILE
value: ""
volumeMounts:
- - name: gitea-data-volume
+ - name: forgejo-data-volume
mountPath: /var/backups
- name: backup-secret-volume
mountPath: /var/run/secrets/backup-secrets
readOnly: true
volumes:
- - name: gitea-data-volume
+ - name: forgejo-data-volume
persistentVolumeClaim:
- claimName: gitea-data-pvc
+ claimName: forgejo-data-pvc
- name: backup-secret-volume
secret:
secretName: backup-secret
\ No newline at end of file
diff --git a/src/main/resources/backup/config.yaml b/src/main/resources/backup/config.yaml
index 2d60d3c..f7252a2 100644
--- a/src/main/resources/backup/config.yaml
+++ b/src/main/resources/backup/config.yaml
@@ -4,6 +4,6 @@ metadata:
name: backup-config
labels:
app.kubernetes.io/name: backup
- app.kubernetes.io/part-of: gitea
+ app.kubernetes.io/part-of: forgejo
data:
restic-repository: restic-repository
\ No newline at end of file
diff --git a/src/main/resources/backup/cron.yaml b/src/main/resources/backup/cron.yaml
index 5282c54..349b04a 100644
--- a/src/main/resources/backup/cron.yaml
+++ b/src/main/resources/backup/cron.yaml
@@ -1,9 +1,9 @@
apiVersion: batch/v1beta1
kind: CronJob
metadata:
- name: gitea-backup
+ name: forgejo-backup
labels:
- app.kubernetes.part-of: gitea
+ app.kubernetes.part-of: forgejo
spec:
schedule: "10 23 * * *"
successfulJobsHistoryLimit: 1
@@ -14,7 +14,7 @@ spec:
spec:
containers:
- name: backup-app
- image: domaindrivenarchitecture/c4k-gitea-backup
+ image: domaindrivenarchitecture/c4k-forgejo-backup
imagePullPolicy: IfNotPresent
command: ["/entrypoint.sh"]
env:
@@ -55,15 +55,15 @@ spec:
- name: CERTIFICATE_FILE
value: ""
volumeMounts:
- - name: gitea-data-volume
+ - name: forgejo-data-volume
mountPath: /var/backups
- name: backup-secret-volume
mountPath: /var/run/secrets/backup-secrets
readOnly: true
volumes:
- - name: gitea-data-volume
+ - name: forgejo-data-volume
persistentVolumeClaim:
- claimName: gitea-data-pvc
+ claimName: forgejo-data-pvc
- name: backup-secret-volume
secret:
secretName: backup-secret
diff --git a/src/main/resources/gitea/appini-env-configmap.yaml b/src/main/resources/gitea/appini-env-configmap.yaml
deleted file mode 100644
index e55e932..0000000
--- a/src/main/resources/gitea/appini-env-configmap.yaml
+++ /dev/null
@@ -1,90 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: gitea-env
- namespace: default
-data:
- #[admin]
- GITEA__admin__DEFAULT_EMAIL_NOTIFICATIONS: "enabled" # Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled
-
- #[attachments]
- GITEA__attachments__PATH: /data/gitea/attachments
-
- #[database]
- GITEA__database__DB_TYPE: "postgres"
- GITEA__database__HOST: "postgresql-service:5432"
- GITEA__database__NAME: gitea
- GITEA__database__LOG_SQL: "false"
- GITEA__database__SSL_MODE: disable
- GITEA__database__CHARSET: utf8
-
- #[DEFAULT]
- APP_NAME: APPNAME
- RUN_MODE: prod
- RUN_USER: git
-
- #[federation]
- GITEA__federation__ENABLED: "true"
-
- #[indexer]
- GITEA__indexer__ISSUE_INDEXER_PATH: /data/gitea/indexers/issues.bleve
-
- #[log]
- GITEA__log__MODE: "console, file"
- GITEA__log__LEVEL: Info
- GITEA__log__ROOT_PATH: /data/gitea/log
-
- #[mailer]
- GITEA__mailer__ENABLED: "true"
- GITEA__mailer__FROM: FROM
- GITEA__mailer__MAILER_TYPE: smtp+startls
- # TODO: jem 2022-08-02: outdated with v1.18, use SMTP_ADDR & SMTP_PORT instead
- GITEA__mailer__HOST: HOSTANDPORT
-
- #[oauth2]
- GITEA__oauth2__ENABLE: "true"
-
- #[openid]
- GITEA__openid__ENABLE_OPENID: "true"
- GITEA__openid__ENABLE_OPENID_SIGNIN: "true"
- GITEA__openid__ENABLE_OPENID_SIGNUP: "true"
-
- #[picture]
- GITEA__picture__AVATAR_UPLOAD_PATH: /data/gitea/avatars
- GITEA__picture__REPOSITORY_AVATAR_UPLOAD_PATH: /data/gitea/repo-avatars
- GITEA__picture__DISABLE_GRAVATAR: "false"
- GITEA__picture__ENABLE_FEDERATED_AVATAR: "true" # Enable support for federated avatars (see http://www.libravatar.org).
-
- #[repository]
- GITEA__repository__ROOT: /data/git/repositories
- GITEA__repository__DEFAULT_PRIVATE: last
- GITEA__repository__LOCAL_COPY_PATH: /data/gitea/tmp/local-repo
- GITEA__repository__TEMP_PATH: /data/gitea/uploads
-
- #[security]
- GITEA__security__INSTALL_LOCK: "true"
-
- #[server]
- GITEA__server__DOMAIN: FQDN
- GITEA__server__SSH_DOMAIN: FQDN
- GITEA__server__ROOT_URL: URL
- GITEA__server__HTTP_PORT: "3000" # HTTP listen port of the server (in the pod)
- GITEA__server__SSH_PORT: "2222" # SSH port displayed in clone URL
-
- #[service]
- GITEA__service__DISABLE_REGISTRATION: "false"
- GITEA__service__REQUIRE_SIGNIN_VIEW: "false"
- GITEA__service__REGISTER_EMAIL_CONFIRM: "true"
- GITEA__service__ENABLE_NOTIFY_MAIL: "true"
- GITEA__service__EMAIL_DOMAIN_WHITELIST: WHITELISTDOMAINS
- GITEA__service__ALLOW_ONLY_EXTERNAL_REGISTRATION: "false"
- GITEA__service__ENABLE_BASIC_AUTHENTICATION: "true"
- GITEA__service__ENABLE_CAPTCHA: "false"
- GITEA__service__DEFAULT_KEEP_EMAIL_PRIVATE: "true"
- GITEA__service__DEFAULT_ALLOW_CREATE_ORGANIZATION: "true"
- GITEA__service__DEFAULT_ENABLE_TIMETRACKING: "true"
- GITEA__service__NO_REPLY_ADDRESS: NOREPLY
-
- #[session]
- GITEA__session__PROVIDER_CONFIG: /data/gitea/sessions
- GITEA__session__PROVIDER: file
diff --git a/src/main/resources/gitea/certificate.yaml b/src/main/resources/gitea/certificate.yaml
deleted file mode 100644
index ce1d810..0000000
--- a/src/main/resources/gitea/certificate.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: gitea-cert
- namespace: default
-spec:
- secretName: gitea-cert
- commonName: FQDN
- duration: 2160h # 90d
- renewBefore: 360h # 15d
- dnsNames:
- - FQDN
- issuerRef:
- name: staging
- kind: ClusterIssuer
\ No newline at end of file
diff --git a/src/main/resources/gitea/datavolume.yaml b/src/main/resources/gitea/datavolume.yaml
deleted file mode 100644
index 75f825b..0000000
--- a/src/main/resources/gitea/datavolume.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: gitea-data-pvc
- namespace: default
- labels:
- app: gitea
-spec:
- storageClassName: local-path
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: DATASTORAGESIZE
-
\ No newline at end of file
diff --git a/src/main/resources/gitea/deployment.yaml b/src/main/resources/gitea/deployment.yaml
deleted file mode 100644
index 1fe6c58..0000000
--- a/src/main/resources/gitea/deployment.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: gitea
- namespace: default
- labels:
- app: gitea
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: gitea
- template:
- metadata:
- name: gitea
- labels:
- app: gitea
- spec:
- containers:
- - name: gitea
- image: gitea/gitea:1.17.3
- imagePullPolicy: IfNotPresent
- # config settings
- envFrom:
- - configMapRef:
- name: gitea-env
- - secretRef:
- name: gitea-secrets
- volumeMounts:
- - name: gitea-data-volume
- mountPath: "/data"
- ports:
- - containerPort: 22
- name: git-ssh
- - containerPort: 3000
- name: gitea
- volumes:
- - name: gitea-data-volume
- persistentVolumeClaim:
- claimName: gitea-data-pvc
-
diff --git a/src/main/resources/gitea/ingress.yaml b/src/main/resources/gitea/ingress.yaml
deleted file mode 100644
index 2844aeb..0000000
--- a/src/main/resources/gitea/ingress.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: ingress-gitea
- namespace: default
- annotations:
- ingress.kubernetes.io/ssl-redirect: "true"
- traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
-spec:
- tls:
- - hosts:
- - FQDN
- secretName: gitea-cert
- rules:
- - host: FQDN
- http:
- paths:
- - pathType: Prefix
- path: "/"
- backend:
- service:
- name: gitea-service
- port:
- number: 3000
diff --git a/src/main/resources/gitea/secrets.yaml b/src/main/resources/gitea/secrets.yaml
deleted file mode 100644
index 80feb13..0000000
--- a/src/main/resources/gitea/secrets.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
- name: gitea-secrets
-data:
- GITEA__database__USER: DBUSER
- GITEA__database__PASSWD: DBPW
-
- GITEA__mailer__USER: MAILERUSER
- GITEA__mailer__PASSWD: MAILERPW
-
\ No newline at end of file
diff --git a/src/main/resources/gitea/service-ssh.yaml b/src/main/resources/gitea/service-ssh.yaml
deleted file mode 100644
index 38627d8..0000000
--- a/src/main/resources/gitea/service-ssh.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-kind: Service
-apiVersion: v1
-metadata:
- name: gitea-ssh-service
- namespace: default
- annotations:
- metallb.universe.tf/allow-shared-ip: "shared-ip-service-group"
- metallb.universe.tf/address-pool: public
-spec:
- type: LoadBalancer
- selector:
- app: gitea
- ports:
- - port: 2222
- targetPort: 22
- protocol: TCP
-
diff --git a/src/main/resources/gitea/service.yaml b/src/main/resources/gitea/service.yaml
deleted file mode 100644
index fdac6c3..0000000
--- a/src/main/resources/gitea/service.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-kind: Service
-apiVersion: v1
-metadata:
- name: gitea-service
- namespace: default
-spec:
- selector:
- app: gitea
- ports:
- - name: gitea-http
- port: 3000
-
diff --git a/src/test/cljc/dda/c4k_gitea/gitea_test.cljc b/src/test/cljc/dda/c4k_gitea/gitea_test.cljc
deleted file mode 100644
index 1cfb295..0000000
--- a/src/test/cljc/dda/c4k_gitea/gitea_test.cljc
+++ /dev/null
@@ -1,73 +0,0 @@
-(ns dda.c4k-gitea.gitea-test
- (:require
- #?(:clj [clojure.test :refer [deftest is are testing run-tests]]
- :cljs [cljs.test :refer-macros [deftest is are testing run-tests]])
- [clojure.spec.test.alpha :as st]
- [dda.c4k-common.test-helper :as th]
- [dda.c4k-common.base64 :as b64]
- [dda.c4k-gitea.gitea :as cut]))
-
-(st/instrument `cut/generate-appini-env)
-(st/instrument `cut/generate-ingress)
-(st/instrument `cut/generate-secrets)
-
-(deftest should-generate-appini-env
- (is (= {:APP_NAME-c1 "",
- :APP_NAME-c2 "test gitea",
- :GITEA__mailer__FROM-c1 "",
- :GITEA__mailer__FROM-c2 "test@test.com",
- :GITEA__mailer__HOST-c1 "m.t.de:123",
- :GITEA__mailer__HOST-c2 "mail.test.com:123",
- :GITEA__server__DOMAIN-c1 "test.de",
- :GITEA__server__DOMAIN-c2 "test.com",
- :GITEA__server__ROOT_URL-c1 "https://test.de",
- :GITEA__server__ROOT_URL-c2 "https://test.com",
- :GITEA__server__SSH_DOMAIN-c1 "test.de",
- :GITEA__server__SSH_DOMAIN-c2 "test.com",
- :GITEA__service__EMAIL_DOMAIN_WHITELIST-c1 "adb.de",
- :GITEA__service__EMAIL_DOMAIN_WHITELIST-c2 "test.com,test.net",
- :GITEA__service__NO_REPLY_ADDRESS-c1 "",
- :GITEA__service__NO_REPLY_ADDRESS-c2 "noreply@test.com"}
- (th/map-diff (cut/generate-appini-env {:default-app-name ""
- :fqdn "test.de"
- :mailer-from ""
- :mailer-host-port "m.t.de:123"
- :service-domain-whitelist "adb.de"
- :service-noreply-address ""
- })
- (cut/generate-appini-env {:default-app-name "test gitea"
- :fqdn "test.com"
- :mailer-from "test@test.com"
- :mailer-host-port "mail.test.com:123"
- :service-domain-whitelist "test.com,test.net"
- :service-noreply-address "noreply@test.com"
- })))))
-
-(deftest should-generate-certificate
- (is (= {:name-c2 "prod", :name-c1 "staging"}
- (th/map-diff (cut/generate-certificate {})
- (cut/generate-certificate {:issuer "prod"})))))
-
-(deftest should-generate-secret
- (is (= {:GITEA__database__USER-c1 "",
- :GITEA__database__USER-c2 (b64/encode "pg-user"),
- :GITEA__database__PASSWD-c1 "",
- :GITEA__database__PASSWD-c2 (b64/encode "pg-pw"),
- :GITEA__mailer__USER-c1 "",
- :GITEA__mailer__USER-c2 (b64/encode "maileruser"),
- :GITEA__mailer__PASSWD-c1 "",
- :GITEA__mailer__PASSWD-c2 (b64/encode "mailerpw")}
- (th/map-diff (cut/generate-secrets {:postgres-db-user ""
- :postgres-db-password ""
- :mailer-user ""
- :mailer-pw ""})
- (cut/generate-secrets {:postgres-db-user "pg-user"
- :postgres-db-password "pg-pw"
- :mailer-user "maileruser"
- :mailer-pw "mailerpw"})))))
-
-(deftest should-generate-data-volume
- (is (= {:storage-c1 "1Gi",
- :storage-c2 "15Gi"}
- (th/map-diff (cut/generate-data-volume {:volume-total-storage-size 1})
- (cut/generate-data-volume {:volume-total-storage-size 15})))))
\ No newline at end of file
diff --git a/valid-auth.edn b/valid-auth.edn
index f484e2a..33e9ade 100644
--- a/valid-auth.edn
+++ b/valid-auth.edn
@@ -1,5 +1,5 @@
-{:postgres-db-user "gitea"
- :postgres-db-password "gitea-db-password"
+{:postgres-db-user "forgejo"
+ :postgres-db-password "forgejo-db-password"
:mailer-user ""
:mailer-pw ""
:aws-access-key-id "AWS_KEY_ID"
diff --git a/valid-config.edn b/valid-config.edn
index 056f3de..9a04f74 100644
--- a/valid-config.edn
+++ b/valid-config.edn
@@ -1,4 +1,4 @@
-{:default-app-name "Meissas awesome gitea"
+{:default-app-name "Meissas awesome forgejo"
:fqdn "test.de"
:issuer "staging"
:mailer-from "test@test.de"
From d3679ce1ea1986ddc8ff668d9a88b25a5b0e0f97 Mon Sep 17 00:00:00 2001
From: Mirco <mirco.zachmann@meissa.de>
Date: Tue, 28 Mar 2023 10:02:50 +0200
Subject: [PATCH 02/25] Add files again
---
src/main/clj/dda/c4k_forgejo/uberjar.clj | 9 ++
src/main/cljc/dda/c4k_forgejo/backup.cljc | 44 ++++++
src/main/cljc/dda/c4k_forgejo/core.cljc | 54 +++++++
src/main/cljc/dda/c4k_forgejo/forgejo.cljc | 138 ++++++++++++++++++
src/main/cljs/dda/c4k_forgejo/browser.cljs | 118 +++++++++++++++
.../forgejo/appini-env-configmap.yaml | 90 ++++++++++++
src/main/resources/forgejo/certificate.yaml | 15 ++
src/main/resources/forgejo/datavolume.yaml | 15 ++
src/main/resources/forgejo/deployment.yaml | 41 ++++++
src/main/resources/forgejo/ingress.yaml | 24 +++
src/main/resources/forgejo/secrets.yaml | 11 ++
src/main/resources/forgejo/service-ssh.yaml | 17 +++
src/main/resources/forgejo/service.yaml | 12 ++
.../cljc/dda/c4k_forgejo/forgejo_test.cljc | 73 +++++++++
14 files changed, 661 insertions(+)
create mode 100644 src/main/clj/dda/c4k_forgejo/uberjar.clj
create mode 100644 src/main/cljc/dda/c4k_forgejo/backup.cljc
create mode 100644 src/main/cljc/dda/c4k_forgejo/core.cljc
create mode 100644 src/main/cljc/dda/c4k_forgejo/forgejo.cljc
create mode 100644 src/main/cljs/dda/c4k_forgejo/browser.cljs
create mode 100644 src/main/resources/forgejo/appini-env-configmap.yaml
create mode 100644 src/main/resources/forgejo/certificate.yaml
create mode 100644 src/main/resources/forgejo/datavolume.yaml
create mode 100644 src/main/resources/forgejo/deployment.yaml
create mode 100644 src/main/resources/forgejo/ingress.yaml
create mode 100644 src/main/resources/forgejo/secrets.yaml
create mode 100644 src/main/resources/forgejo/service-ssh.yaml
create mode 100644 src/main/resources/forgejo/service.yaml
create mode 100644 src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc
diff --git a/src/main/clj/dda/c4k_forgejo/uberjar.clj b/src/main/clj/dda/c4k_forgejo/uberjar.clj
new file mode 100644
index 0000000..98fe8bd
--- /dev/null
+++ b/src/main/clj/dda/c4k_forgejo/uberjar.clj
@@ -0,0 +1,9 @@
+(ns dda.c4k-forgejo.uberjar
+ (:gen-class)
+ (:require
+ [dda.c4k-forgejo.core :as core]
+ [dda.c4k-forgejo.forgejo :as forgejo]
+ [dda.c4k-common.uberjar :as uberjar]))
+
+(defn -main [& cmd-args]
+ (uberjar/main-common "c4k-forgejo" core/config? core/auth? core/config-defaults core/k8s-objects cmd-args))
diff --git a/src/main/cljc/dda/c4k_forgejo/backup.cljc b/src/main/cljc/dda/c4k_forgejo/backup.cljc
new file mode 100644
index 0000000..eb55172
--- /dev/null
+++ b/src/main/cljc/dda/c4k_forgejo/backup.cljc
@@ -0,0 +1,44 @@
+(ns dda.c4k-forgejo.backup
+ (:require
+ [clojure.spec.alpha :as s]
+ #?(:cljs [shadow.resource :as rc])
+ [dda.c4k-common.yaml :as yaml]
+ [dda.c4k-common.base64 :as b64]
+ [dda.c4k-common.common :as cm]))
+
+(s/def ::aws-access-key-id cm/bash-env-string?)
+(s/def ::aws-secret-access-key cm/bash-env-string?)
+(s/def ::restic-password cm/bash-env-string?)
+(s/def ::restic-repository cm/bash-env-string?)
+
+#?(:cljs
+ (defmethod yaml/load-resource :backup [resource-name]
+ (case resource-name
+ "backup/config.yaml" (rc/inline "backup/config.yaml")
+ "backup/cron.yaml" (rc/inline "backup/cron.yaml")
+ "backup/secret.yaml" (rc/inline "backup/secret.yaml")
+ "backup/backup-restore-deployment.yaml" (rc/inline "backup/backup-restore-deployment.yaml")
+ (throw (js/Error. "Undefined Resource!")))))
+
+(defn generate-config [my-conf]
+ (let [{:keys [restic-repository]} my-conf]
+ (->
+ (yaml/from-string (yaml/load-resource "backup/config.yaml"))
+ (cm/replace-key-value :restic-repository restic-repository))))
+
+(defn generate-cron []
+ (yaml/from-string (yaml/load-resource "backup/cron.yaml")))
+
+(defn generate-backup-restore-deployment [my-conf]
+ (let [backup-restore-yaml (yaml/from-string (yaml/load-resource "backup/backup-restore-deployment.yaml"))]
+ (if (and (contains? my-conf :local-integration-test) (= true (:local-integration-test my-conf)))
+ (cm/replace-named-value backup-restore-yaml "CERTIFICATE_FILE" "/var/run/secrets/localstack-secrets/ca.crt")
+ backup-restore-yaml)))
+
+(defn generate-secret [my-auth]
+ (let [{:keys [aws-access-key-id aws-secret-access-key restic-password]} my-auth]
+ (->
+ (yaml/from-string (yaml/load-resource "backup/secret.yaml"))
+ (cm/replace-key-value :aws-access-key-id (b64/encode aws-access-key-id))
+ (cm/replace-key-value :aws-secret-access-key (b64/encode aws-secret-access-key))
+ (cm/replace-key-value :restic-password (b64/encode restic-password)))))
diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc
new file mode 100644
index 0000000..7d243a9
--- /dev/null
+++ b/src/main/cljc/dda/c4k_forgejo/core.cljc
@@ -0,0 +1,54 @@
+(ns dda.c4k-forgejo.core
+ (:require
+ [clojure.spec.alpha :as s]
+ [dda.c4k-common.yaml :as yaml]
+ [dda.c4k-common.common :as cm]
+ [dda.c4k-forgejo.forgejo :as forgejo]
+ [dda.c4k-forgejo.backup :as backup]
+ [dda.c4k-common.postgres :as postgres]))
+
+(def config-defaults {:issuer "staging"})
+
+(def config? (s/keys :req-un [::forgejo/fqdn
+ ::forgejo/mailer-from
+ ::forgejo/mailer-host-port
+ ::forgejo/service-noreply-address]
+ :opt-un [::forgejo/issuer
+ ::forgejo/default-app-name
+ ::forgejo/service-domain-whitelist
+ ::backup/restic-repository]))
+
+(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password
+ ::forgejo/mailer-user ::forgejo/mailer-pw
+ ::backup/aws-access-key-id ::backup/aws-secret-access-key]
+ :opt-un [::backup/restic-password])) ; TODO gec: Is restic password opt or req?
+
+(def vol? (s/keys :req-un [::forgejo/volume-total-storage-size]))
+
+(defn k8s-objects [config]
+ (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)]
+ (map yaml/to-string
+ (filter #(not (nil? %))
+ (cm/concat-vec
+ [(postgres/generate-config {:postgres-size :2gb :db-name "forgejo"})
+ (postgres/generate-secret config)
+ (when (contains? config :postgres-data-volume-path)
+ (postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb])))
+ (postgres/generate-pvc {:pv-storage-size-gb 5
+ :pvc-storage-class-name storage-class})
+ (postgres/generate-deployment {:postgres-image "postgres:14"
+ :postgres-size :2gb})
+ (postgres/generate-service)
+ (forgejo/generate-deployment)
+ (forgejo/generate-service)
+ (forgejo/generate-service-ssh)
+ (forgejo/generate-data-volume config)
+ (forgejo/generate-appini-env config)
+ (forgejo/generate-secrets config)
+ (forgejo/generate-ingress config)
+ (forgejo/generate-certificate config)]
+ (when (contains? config :restic-repository)
+ [(backup/generate-config config)
+ (backup/generate-secret config)
+ (backup/generate-cron)
+ (backup/generate-backup-restore-deployment config)]))))))
diff --git a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc
new file mode 100644
index 0000000..c58b48a
--- /dev/null
+++ b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc
@@ -0,0 +1,138 @@
+(ns dda.c4k-forgejo.forgejo
+ (:require
+ [clojure.spec.alpha :as s]
+ [clojure.string :as st]
+ #?(:cljs [shadow.resource :as rc])
+ #?(:clj [orchestra.core :refer [defn-spec]]
+ :cljs [orchestra.core :refer-macros [defn-spec]])
+ #?(:clj [clojure.edn :as edn]
+ :cljs [cljs.reader :as edn])
+ [dda.c4k-common.yaml :as yaml]
+ [dda.c4k-common.common :as cm]
+ [dda.c4k-common.base64 :as b64]
+ [dda.c4k-common.predicate :as pred]
+ [dda.c4k-common.postgres :as postgres]))
+
+(defn domain-list?
+ [input]
+ (or
+ (st/blank? input)
+ (pred/string-of-separated-by? pred/fqdn-string? #"," input)))
+
+(s/def ::default-app-name string?)
+(s/def ::fqdn pred/fqdn-string?)
+(s/def ::mailer-from pred/bash-env-string?)
+(s/def ::mailer-host-port pred/host-and-port-string?)
+(s/def ::service-domain-whitelist domain-list?)
+(s/def ::service-noreply-address string?)
+(s/def ::mailer-user pred/bash-env-string?)
+(s/def ::mailer-pw pred/bash-env-string?)
+(s/def ::issuer pred/letsencrypt-issuer?)
+(s/def ::volume-total-storage-size (partial pred/int-gt-n? 5))
+
+(def config-defaults {:issuer "staging"})
+
+(def config? (s/keys :req-un [::fqdn
+ ::mailer-from
+ ::mailer-host-port
+ ::service-noreply-address]
+ :opt-un [::issuer
+ ::default-app-name
+ ::service-domain-whitelist]))
+
+(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password ::mailer-user ::mailer-pw]))
+
+(def vol? (s/keys :req-un [::volume-total-storage-size]))
+
+(defn data-storage-by-volume-size
+ [total]
+ total)
+
+
+#?(:cljs
+ (defmethod yaml/load-resource :forgejo [resource-name]
+ (case resource-name
+ "forgejo/appini-env-configmap.yaml" (rc/inline "forgejo/appini-env-configmap.yaml")
+ "forgejo/deployment.yaml" (rc/inline "forgejo/deployment.yaml")
+ "forgejo/certificate.yaml" (rc/inline "forgejo/certificate.yaml")
+ "forgejo/ingress.yaml" (rc/inline "forgejo/ingress.yaml")
+ "forgejo/secrets.yaml" (rc/inline "forgejo/secrets.yaml")
+ "forgejo/service.yaml" (rc/inline "forgejo/service.yaml")
+ "forgejo/service-ssh.yaml" (rc/inline "forgejo/service-ssh.yaml")
+ "forgejo/datavolume.yaml" (rc/inline "forgejo/datavolume.yaml")
+ (throw (js/Error. "Undefined Resource!")))))
+
+#?(:cljs
+ (defmethod yaml/load-as-edn :forgejo [resource-name]
+ (yaml/from-string (yaml/load-resource resource-name))))
+
+(defn generate-appini-env
+ [config]
+ (let [{:keys [default-app-name
+ fqdn
+ mailer-from
+ mailer-host-port
+ service-domain-whitelist
+ service-noreply-address]
+ :or {default-app-name "forgejo instance"
+ service-domain-whitelist fqdn}}
+ config]
+ (->
+ (yaml/load-as-edn "forgejo/appini-env-configmap.yaml")
+ (cm/replace-all-matching-values-by-new-value "APPNAME" default-app-name)
+ (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)
+ (cm/replace-all-matching-values-by-new-value "URL" (str "https://" fqdn))
+ (cm/replace-all-matching-values-by-new-value "FROM" mailer-from)
+ (cm/replace-all-matching-values-by-new-value "HOSTANDPORT" mailer-host-port)
+ (cm/replace-all-matching-values-by-new-value "WHITELISTDOMAINS" service-domain-whitelist)
+ (cm/replace-all-matching-values-by-new-value "NOREPLY" service-noreply-address))))
+
+(defn generate-secrets
+ [auth]
+ (let [{:keys [postgres-db-user
+ postgres-db-password
+ mailer-user
+ mailer-pw]} auth]
+ (->
+ (yaml/load-as-edn "forgejo/secrets.yaml")
+ (cm/replace-all-matching-values-by-new-value "DBUSER" (b64/encode postgres-db-user))
+ (cm/replace-all-matching-values-by-new-value "DBPW" (b64/encode postgres-db-password))
+ (cm/replace-all-matching-values-by-new-value "MAILERUSER" (b64/encode mailer-user))
+ (cm/replace-all-matching-values-by-new-value "MAILERPW" (b64/encode mailer-pw)))))
+
+(defn generate-ingress
+ [config]
+ (let [{:keys [fqdn]} config]
+ (->
+ (yaml/load-as-edn "forgejo/ingress.yaml")
+ (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
+
+(defn generate-certificate
+ [config]
+ (let [{:keys [fqdn issuer]
+ :or {issuer "staging"}} config
+ letsencrypt-issuer (name issuer)]
+ (->
+ (yaml/load-as-edn "forgejo/certificate.yaml")
+ (assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
+ (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
+
+(defn-spec generate-data-volume pred/map-or-seq?
+ [config vol?]
+ (let [{:keys [volume-total-storage-size]} config
+ data-storage-size (data-storage-by-volume-size volume-total-storage-size)]
+ (->
+ (yaml/load-as-edn "forgejo/datavolume.yaml")
+ (cm/replace-all-matching-values-by-new-value "DATASTORAGESIZE" (str (str data-storage-size) "Gi")))))
+
+(defn generate-deployment
+ []
+ (yaml/load-as-edn "forgejo/deployment.yaml"))
+
+(defn generate-service
+ []
+ (yaml/load-as-edn "forgejo/service.yaml"))
+
+(defn generate-service-ssh
+ []
+ (yaml/load-as-edn "forgejo/service-ssh.yaml"))
diff --git a/src/main/cljs/dda/c4k_forgejo/browser.cljs b/src/main/cljs/dda/c4k_forgejo/browser.cljs
new file mode 100644
index 0000000..910e99c
--- /dev/null
+++ b/src/main/cljs/dda/c4k_forgejo/browser.cljs
@@ -0,0 +1,118 @@
+(ns dda.c4k-forgejo.browser
+ (:require
+ [clojure.string :as st]
+ [clojure.tools.reader.edn :as edn]
+ [dda.c4k-forgejo.core :as core]
+ [dda.c4k-forgejo.forgejo :as forgejo]
+ [dda.c4k-common.browser :as br]
+ [dda.c4k-common.common :as cm]))
+
+(defn generate-group
+ [name
+ content]
+ [{:type :element
+ :tag :div
+ :attrs {:class "rounded border border-3 m-3 p-2"}
+ :content [{:type :element
+ :tag :b
+ :attrs {:style "z-index: 1; position: relative; top: -1.3rem;"}
+ :content name}
+ {:type :element
+ :tag :fieldset
+ :content content}]}])
+
+(defn generate-content []
+ (cm/concat-vec
+ [(assoc
+ (br/generate-needs-validation) :content
+ (cm/concat-vec
+ (generate-group
+ "domain"
+ (cm/concat-vec
+ (br/generate-input-field "fqdn" "Your fqdn:" "repo.test.de")
+ (br/generate-input-field "mailer-from" "Your mailer email address:" "test@test.de")
+ (br/generate-input-field "mailer-host-port" "Your mailer host with port:" "test.de:123")
+ (br/generate-input-field "service-noreply-address" "Your noreply domain:" "test.de")
+ (br/generate-input-field "issuer" "(Optional) Your issuer prod/staging:" "")
+ (br/generate-input-field "app-name" "(Optional) Your app name:" "")
+ (br/generate-input-field "domain-whitelist" "(Optional) Domain whitelist for registration email-addresses:" "")))
+ (generate-group
+ "provider"
+ (cm/concat-vec
+ (br/generate-input-field "volume-total-storage-size" "Your forgejo volume-total-storage-size:" "20")))
+ (generate-group
+ "credentials"
+ (br/generate-text-area
+ "auth" "Your auth.edn:"
+ "{:postgres-db-user \"forgejo\"
+ :postgres-db-password \"forgejo-db-password\"
+ :mailer-user \"test@test.de\"
+ :mailer-pw \"mail-test-password\"}"
+ "5"))
+ [(br/generate-br)]
+ (br/generate-button "generate-button" "Generate c4k yaml")))]
+ (br/generate-output "c4k-forgejo-output" "Your c4k deployment.yaml:" "25")))
+
+(defn generate-content-div
+ []
+ {:type :element
+ :tag :div
+ :content
+ (generate-content)})
+
+(defn config-from-document []
+ (let [issuer (br/get-content-from-element "issuer" :optional true)
+ app-name (br/get-content-from-element "app-name" :optional true)
+ domain-whitelist (br/get-content-from-element "domain-whitelist" :optional true)]
+ (merge
+ {:fqdn (br/get-content-from-element "fqdn")
+ :mailer-from (br/get-content-from-element "mailer-from")
+ :mailer-host-port (br/get-content-from-element "mailer-host-port")
+ :service-noreply-address (br/get-content-from-element "service-noreply-address")
+ :volume-total-storage-size (br/get-content-from-element "volume-total-storage-size" :deserializer js/parseInt)}
+ (when (not (st/blank? issuer))
+ {:issuer issuer})
+ (when (not (st/blank? app-name))
+ {:default-app-name app-name})
+ (when (not (st/blank? domain-whitelist))
+ {:service-domain-whitelist domain-whitelist})
+ )))
+
+(defn validate-all! []
+ (br/validate! "fqdn" ::forgejo/fqdn)
+ (br/validate! "mailer-from" ::forgejo/mailer-from)
+ (br/validate! "mailer-host-port" ::forgejo/mailer-host-port)
+ (br/validate! "service-noreply-address" ::forgejo/service-noreply-address)
+ (br/validate! "issuer" ::forgejo/issuer :optional true)
+ (br/validate! "app-name" ::forgejo/default-app-name :optional true)
+ (br/validate! "domain-whitelist" ::forgejo/service-domain-whitelist :optional true)
+ (br/validate! "volume-total-storage-size" ::forgejo/volume-total-storage-size :deserializer js/parseInt)
+ (br/validate! "auth" forgejo/auth? :deserializer edn/read-string)
+ (br/set-form-validated!))
+
+(defn add-validate-listener [name]
+ (-> (br/get-element-by-id name)
+ (.addEventListener "blur" #(do (validate-all!)))))
+
+
+(defn init []
+ (br/append-hickory (generate-content-div))
+ (-> js/document
+ (.getElementById "generate-button")
+ (.addEventListener "click"
+ #(do (validate-all!)
+ (-> (cm/generate-common
+ (config-from-document)
+ (br/get-content-from-element "auth" :deserializer edn/read-string)
+ forgejo/config-defaults
+ core/k8s-objects)
+ (br/set-output!)))))
+ (add-validate-listener "fqdn")
+ (add-validate-listener "mailer-from")
+ (add-validate-listener "mailer-host-port")
+ (add-validate-listener "service-noreply-address")
+ (add-validate-listener "app-name")
+ (add-validate-listener "domain-whitelist")
+ (add-validate-listener "volume-total-storage-size")
+ (add-validate-listener "issuer")
+ (add-validate-listener "auth"))
\ No newline at end of file
diff --git a/src/main/resources/forgejo/appini-env-configmap.yaml b/src/main/resources/forgejo/appini-env-configmap.yaml
new file mode 100644
index 0000000..c2e1090
--- /dev/null
+++ b/src/main/resources/forgejo/appini-env-configmap.yaml
@@ -0,0 +1,90 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: forgejo-env
+ namespace: default
+data:
+ #[admin]
+ FORGEJO__admin__DEFAULT_EMAIL_NOTIFICATIONS: "enabled" # Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled
+
+ #[attachments]
+ FORGEJO__attachments__PATH: /data/gitea/attachments
+
+ #[database]
+ FORGEJO__database__DB_TYPE: "postgres"
+ FORGEJO__database__HOST: "postgresql-service:5432"
+ FORGEJO__database__NAME: forgejo
+ FORGEJO__database__LOG_SQL: "false"
+ FORGEJO__database__SSL_MODE: disable
+ FORGEJO__database__CHARSET: utf8
+
+ #[DEFAULT]
+ APP_NAME: APPNAME
+ RUN_MODE: prod
+ RUN_USER: git
+
+ #[federation]
+ FORGEJO__federation__ENABLED: "true"
+
+ #[indexer]
+ FORGEJO__indexer__ISSUE_INDEXER_PATH: /data/gitea/indexers/issues.bleve
+
+ #[log]
+ FORGEJO__log__MODE: "console, file"
+ FORGEJO__log__LEVEL: Info
+ FORGEJO__log__ROOT_PATH: /data/gitea/log
+
+ #[mailer]
+ FORGEJO__mailer__ENABLED: "true"
+ FORGEJO__mailer__FROM: FROM
+ FORGEJO__mailer__MAILER_TYPE: smtp+startls
+ # TODO: jem 2022-08-02: outdated with v1.18, use SMTP_ADDR & SMTP_PORT instead
+ FORGEJO__mailer__HOST: HOSTANDPORT
+
+ #[oauth2]
+ FORGEJO__oauth2__ENABLE: "true"
+
+ #[openid]
+ FORGEJO__openid__ENABLE_OPENID: "true"
+ FORGEJO__openid__ENABLE_OPENID_SIGNIN: "true"
+ FORGEJO__openid__ENABLE_OPENID_SIGNUP: "true"
+
+ #[picture]
+ FORGEJO__picture__AVATAR_UPLOAD_PATH: /data/gitea/avatars
+ FORGEJO__picture__REPOSITORY_AVATAR_UPLOAD_PATH: /data/gitea/repo-avatars
+ FORGEJO__picture__DISABLE_GRAVATAR: "false"
+ FORGEJO__picture__ENABLE_FEDERATED_AVATAR: "true" # Enable support for federated avatars (see http://www.libravatar.org).
+
+ #[repository]
+ FORGEJO__repository__ROOT: /data/git/repositories
+ FORGEJO__repository__DEFAULT_PRIVATE: last
+ FORGEJO__repository__LOCAL_COPY_PATH: /data/gitea/tmp/local-repo
+ FORGEJO__repository__TEMP_PATH: /data/gitea/uploads
+
+ #[security]
+ FORGEJO__security__INSTALL_LOCK: "true"
+
+ #[server]
+ FORGEJO__server__DOMAIN: FQDN
+ FORGEJO__server__SSH_DOMAIN: FQDN
+ FORGEJO__server__ROOT_URL: URL
+ FORGEJO__server__HTTP_PORT: "3000" # HTTP listen port of the server (in the pod)
+ FORGEJO__server__SSH_PORT: "2222" # SSH port displayed in clone URL
+
+ #[service]
+ FORGEJO__service__DISABLE_REGISTRATION: "false"
+ FORGEJO__service__REQUIRE_SIGNIN_VIEW: "false"
+ FORGEJO__service__REGISTER_EMAIL_CONFIRM: "true"
+ FORGEJO__service__ENABLE_NOTIFY_MAIL: "true"
+ FORGEJO__service__EMAIL_DOMAIN_WHITELIST: WHITELISTDOMAINS
+ FORGEJO__service__ALLOW_ONLY_EXTERNAL_REGISTRATION: "false"
+ FORGEJO__service__ENABLE_BASIC_AUTHENTICATION: "true"
+ FORGEJO__service__ENABLE_CAPTCHA: "false"
+ FORGEJO__service__DEFAULT_KEEP_EMAIL_PRIVATE: "true"
+ FORGEJO__service__DEFAULT_ALLOW_CREATE_ORGANIZATION: "true"
+ FORGEJO__service__DEFAULT_ENABLE_TIMETRACKING: "true"
+ FORGEJO__service__NO_REPLY_ADDRESS: NOREPLY
+
+ #[session]
+ FORGEJO__session__PROVIDER_CONFIG: /data/gitea/sessions
+ FORGEJO__session__PROVIDER: file
diff --git a/src/main/resources/forgejo/certificate.yaml b/src/main/resources/forgejo/certificate.yaml
new file mode 100644
index 0000000..e99bb95
--- /dev/null
+++ b/src/main/resources/forgejo/certificate.yaml
@@ -0,0 +1,15 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+ name: forgejo-cert
+ namespace: default
+spec:
+ secretName: forgejo-cert
+ commonName: FQDN
+ duration: 2160h # 90d
+ renewBefore: 360h # 15d
+ dnsNames:
+ - FQDN
+ issuerRef:
+ name: staging
+ kind: ClusterIssuer
\ No newline at end of file
diff --git a/src/main/resources/forgejo/datavolume.yaml b/src/main/resources/forgejo/datavolume.yaml
new file mode 100644
index 0000000..44c8fd0
--- /dev/null
+++ b/src/main/resources/forgejo/datavolume.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: forgejo-data-pvc
+ namespace: default
+ labels:
+ app: forgejo
+spec:
+ storageClassName: local-path
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: DATASTORAGESIZE
+
\ No newline at end of file
diff --git a/src/main/resources/forgejo/deployment.yaml b/src/main/resources/forgejo/deployment.yaml
new file mode 100644
index 0000000..7efc943
--- /dev/null
+++ b/src/main/resources/forgejo/deployment.yaml
@@ -0,0 +1,41 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: forgejo
+ namespace: default
+ labels:
+ app: forgejo
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: forgejo
+ template:
+ metadata:
+ name: forgejo
+ labels:
+ app: forgejo
+ spec:
+ containers:
+ - name: forgejo
+ image: codeberg.org/forgejo/forgejo:1.18
+ imagePullPolicy: IfNotPresent
+ # config settings
+ envFrom:
+ - configMapRef:
+ name: forgejo-env
+ - secretRef:
+ name: forgejo-secrets
+ volumeMounts:
+ - name: forgejo-data-volume
+ mountPath: "/data"
+ ports:
+ - containerPort: 22
+ name: git-ssh
+ - containerPort: 3000
+ name: forgejo
+ volumes:
+ - name: forgejo-data-volume
+ persistentVolumeClaim:
+ claimName: forgejo-data-pvc
+
diff --git a/src/main/resources/forgejo/ingress.yaml b/src/main/resources/forgejo/ingress.yaml
new file mode 100644
index 0000000..751c45b
--- /dev/null
+++ b/src/main/resources/forgejo/ingress.yaml
@@ -0,0 +1,24 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: ingress-forgejo
+ namespace: default
+ annotations:
+ ingress.kubernetes.io/ssl-redirect: "true"
+ traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
+spec:
+ tls:
+ - hosts:
+ - FQDN
+ secretName: forgejo-cert
+ rules:
+ - host: FQDN
+ http:
+ paths:
+ - pathType: Prefix
+ path: "/"
+ backend:
+ service:
+ name: forgejo-service
+ port:
+ number: 3000
diff --git a/src/main/resources/forgejo/secrets.yaml b/src/main/resources/forgejo/secrets.yaml
new file mode 100644
index 0000000..0c2a224
--- /dev/null
+++ b/src/main/resources/forgejo/secrets.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: forgejo-secrets
+data:
+ FORGEJO__database__USER: DBUSER
+ FORGEJO__database__PASSWD: DBPW
+
+ FORGEJO__mailer__USER: MAILERUSER
+ FORGEJO__mailer__PASSWD: MAILERPW
+
\ No newline at end of file
diff --git a/src/main/resources/forgejo/service-ssh.yaml b/src/main/resources/forgejo/service-ssh.yaml
new file mode 100644
index 0000000..1694958
--- /dev/null
+++ b/src/main/resources/forgejo/service-ssh.yaml
@@ -0,0 +1,17 @@
+kind: Service
+apiVersion: v1
+metadata:
+ name: forgejo-ssh-service
+ namespace: default
+ annotations:
+ metallb.universe.tf/allow-shared-ip: "shared-ip-service-group"
+ metallb.universe.tf/address-pool: public
+spec:
+ type: LoadBalancer
+ selector:
+ app: forgejo
+ ports:
+ - port: 2222
+ targetPort: 22
+ protocol: TCP
+
diff --git a/src/main/resources/forgejo/service.yaml b/src/main/resources/forgejo/service.yaml
new file mode 100644
index 0000000..e8fed3f
--- /dev/null
+++ b/src/main/resources/forgejo/service.yaml
@@ -0,0 +1,12 @@
+kind: Service
+apiVersion: v1
+metadata:
+ name: forgejo-service
+ namespace: default
+spec:
+ selector:
+ app: forgejo
+ ports:
+ - name: forgejo-http
+ port: 3000
+
diff --git a/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc b/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc
new file mode 100644
index 0000000..c1b7075
--- /dev/null
+++ b/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc
@@ -0,0 +1,73 @@
+(ns dda.c4k-forgejo.forgejo-test
+ (:require
+ #?(:clj [clojure.test :refer [deftest is are testing run-tests]]
+ :cljs [cljs.test :refer-macros [deftest is are testing run-tests]])
+ [clojure.spec.test.alpha :as st]
+ [dda.c4k-common.test-helper :as th]
+ [dda.c4k-common.base64 :as b64]
+ [dda.c4k-forgejo.forgejo :as cut]))
+
+(st/instrument `cut/generate-appini-env)
+(st/instrument `cut/generate-ingress)
+(st/instrument `cut/generate-secrets)
+
+(deftest should-generate-appini-env
+ (is (= {:APP_NAME-c1 "",
+ :APP_NAME-c2 "test forgejo",
+ :FORGEJO__mailer__FROM-c1 "",
+ :FORGEJO__mailer__FROM-c2 "test@test.com",
+ :FORGEJO__mailer__HOST-c1 "m.t.de:123",
+ :FORGEJO__mailer__HOST-c2 "mail.test.com:123",
+ :FORGEJO__server__DOMAIN-c1 "test.de",
+ :FORGEJO__server__DOMAIN-c2 "test.com",
+ :FORGEJO__server__ROOT_URL-c1 "https://test.de",
+ :FORGEJO__server__ROOT_URL-c2 "https://test.com",
+ :FORGEJO__server__SSH_DOMAIN-c1 "test.de",
+ :FORGEJO__server__SSH_DOMAIN-c2 "test.com",
+ :FORGEJO__service__EMAIL_DOMAIN_WHITELIST-c1 "adb.de",
+ :FORGEJO__service__EMAIL_DOMAIN_WHITELIST-c2 "test.com,test.net",
+ :FORGEJO__service__NO_REPLY_ADDRESS-c1 "",
+ :FORGEJO__service__NO_REPLY_ADDRESS-c2 "noreply@test.com"}
+ (th/map-diff (cut/generate-appini-env {:default-app-name ""
+ :fqdn "test.de"
+ :mailer-from ""
+ :mailer-host-port "m.t.de:123"
+ :service-domain-whitelist "adb.de"
+ :service-noreply-address ""
+ })
+ (cut/generate-appini-env {:default-app-name "test forgejo"
+ :fqdn "test.com"
+ :mailer-from "test@test.com"
+ :mailer-host-port "mail.test.com:123"
+ :service-domain-whitelist "test.com,test.net"
+ :service-noreply-address "noreply@test.com"
+ })))))
+
+(deftest should-generate-certificate
+ (is (= {:name-c2 "prod", :name-c1 "staging"}
+ (th/map-diff (cut/generate-certificate {})
+ (cut/generate-certificate {:issuer "prod"})))))
+
+(deftest should-generate-secret
+ (is (= {:FORGEJO__database__USER-c1 "",
+ :FORGEJO__database__USER-c2 (b64/encode "pg-user"),
+ :FORGEJO__database__PASSWD-c1 "",
+ :FORGEJO__database__PASSWD-c2 (b64/encode "pg-pw"),
+ :FORGEJO__mailer__USER-c1 "",
+ :FORGEJO__mailer__USER-c2 (b64/encode "maileruser"),
+ :FORGEJO__mailer__PASSWD-c1 "",
+ :FORGEJO__mailer__PASSWD-c2 (b64/encode "mailerpw")}
+ (th/map-diff (cut/generate-secrets {:postgres-db-user ""
+ :postgres-db-password ""
+ :mailer-user ""
+ :mailer-pw ""})
+ (cut/generate-secrets {:postgres-db-user "pg-user"
+ :postgres-db-password "pg-pw"
+ :mailer-user "maileruser"
+ :mailer-pw "mailerpw"})))))
+
+(deftest should-generate-data-volume
+ (is (= {:storage-c1 "1Gi",
+ :storage-c2 "15Gi"}
+ (th/map-diff (cut/generate-data-volume {:volume-total-storage-size 1})
+ (cut/generate-data-volume {:volume-total-storage-size 15})))))
\ No newline at end of file
From e57e9dd0c4be622e2924647ca22e1d9653616cbe Mon Sep 17 00:00:00 2001
From: Mirco <mirco.zachmann@meissa.de>
Date: Tue, 28 Mar 2023 11:27:17 +0200
Subject: [PATCH 03/25] Bump c4k-common version
---
project.clj | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/project.clj b/project.clj
index a36bbc5..83cc6da 100644
--- a/project.clj
+++ b/project.clj
@@ -5,7 +5,7 @@
:url "https://www.apache.org/licenses/LICENSE-2.0.html"}
:dependencies [[org.clojure/clojure "1.11.1" :scope "provided"]
[org.clojure/tools.reader "1.3.6"]
- [org.domaindrivenarchitecture/c4k-common-clj "3.0.1"]
+ [org.domaindrivenarchitecture/c4k-common-clj "6.0.1"]
[hickory "0.7.1"]]
:target-path "target/%s/"
:source-paths ["src/main/cljc"
From a97295fecf64f93840d88a1d694a2e63be5b1f86 Mon Sep 17 00:00:00 2001
From: Mirco <mirco.zachmann@meissa.de>
Date: Tue, 28 Mar 2023 11:28:24 +0200
Subject: [PATCH 04/25] Remove load-as-edn multimethod
---
src/main/cljc/dda/c4k_forgejo/forgejo.cljc | 4 ----
1 file changed, 4 deletions(-)
diff --git a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc
index c58b48a..755ebc2 100644
--- a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc
+++ b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc
@@ -62,10 +62,6 @@
"forgejo/datavolume.yaml" (rc/inline "forgejo/datavolume.yaml")
(throw (js/Error. "Undefined Resource!")))))
-#?(:cljs
- (defmethod yaml/load-as-edn :forgejo [resource-name]
- (yaml/from-string (yaml/load-resource resource-name))))
-
(defn generate-appini-env
[config]
(let [{:keys [default-app-name
From 4f91d397e2e6899fcd645eb62dd523967d9c5173 Mon Sep 17 00:00:00 2001
From: Mirco <mirco.zachmann@meissa.de>
Date: Tue, 28 Mar 2023 11:42:46 +0200
Subject: [PATCH 05/25] Use common ingress and cert
---
src/main/cljc/dda/c4k_forgejo/core.cljc | 5 ++---
src/main/cljc/dda/c4k_forgejo/forgejo.cljc | 24 ++++++++--------------
2 files changed, 10 insertions(+), 19 deletions(-)
diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc
index 7d243a9..005f510 100644
--- a/src/main/cljc/dda/c4k_forgejo/core.cljc
+++ b/src/main/cljc/dda/c4k_forgejo/core.cljc
@@ -44,9 +44,8 @@
(forgejo/generate-service-ssh)
(forgejo/generate-data-volume config)
(forgejo/generate-appini-env config)
- (forgejo/generate-secrets config)
- (forgejo/generate-ingress config)
- (forgejo/generate-certificate config)]
+ (forgejo/generate-secrets config)]
+ (forgejo/generate-ingress-and-cert config)
(when (contains? config :restic-repository)
[(backup/generate-config config)
(backup/generate-secret config)
diff --git a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc
index 755ebc2..7d6d9e1 100644
--- a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc
+++ b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc
@@ -9,6 +9,7 @@
:cljs [cljs.reader :as edn])
[dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm]
+ [dda.c4k-common.ingress :as ing]
[dda.c4k-common.base64 :as b64]
[dda.c4k-common.predicate :as pred]
[dda.c4k-common.postgres :as postgres]))
@@ -54,8 +55,6 @@
(case resource-name
"forgejo/appini-env-configmap.yaml" (rc/inline "forgejo/appini-env-configmap.yaml")
"forgejo/deployment.yaml" (rc/inline "forgejo/deployment.yaml")
- "forgejo/certificate.yaml" (rc/inline "forgejo/certificate.yaml")
- "forgejo/ingress.yaml" (rc/inline "forgejo/ingress.yaml")
"forgejo/secrets.yaml" (rc/inline "forgejo/secrets.yaml")
"forgejo/service.yaml" (rc/inline "forgejo/service.yaml")
"forgejo/service-ssh.yaml" (rc/inline "forgejo/service-ssh.yaml")
@@ -96,22 +95,15 @@
(cm/replace-all-matching-values-by-new-value "MAILERUSER" (b64/encode mailer-user))
(cm/replace-all-matching-values-by-new-value "MAILERPW" (b64/encode mailer-pw)))))
-(defn generate-ingress
+(defn generate-ingress-and-cert
[config]
(let [{:keys [fqdn]} config]
- (->
- (yaml/load-as-edn "forgejo/ingress.yaml")
- (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
-
-(defn generate-certificate
- [config]
- (let [{:keys [fqdn issuer]
- :or {issuer "staging"}} config
- letsencrypt-issuer (name issuer)]
- (->
- (yaml/load-as-edn "forgejo/certificate.yaml")
- (assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
- (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
+ (ing/generate-ingress-and-cert
+ (merge
+ {:service-name "forgejo"
+ :service-port 80
+ :fqdns [fqdn]}
+ config))))
(defn-spec generate-data-volume pred/map-or-seq?
[config vol?]
From 4f65c61c1c67d702b1d9d8e7651c9fbb53abcbc7 Mon Sep 17 00:00:00 2001
From: bom <mattis.boeckle@meissa-gmbh.de>
Date: Tue, 28 Mar 2023 11:51:05 +0200
Subject: [PATCH 06/25] Add common monitoring support
---
src/main/cljc/dda/c4k_forgejo/core.cljc | 16 ++++++++++++----
valid-auth.edn | 4 +++-
valid-auth.yaml | 10 ++++++++++
valid-config.edn | 5 ++++-
valid-config.yaml | 13 +++++++++++++
5 files changed, 42 insertions(+), 6 deletions(-)
create mode 100644 valid-auth.yaml
create mode 100644 valid-config.yaml
diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc
index 005f510..7378c0a 100644
--- a/src/main/cljc/dda/c4k_forgejo/core.cljc
+++ b/src/main/cljc/dda/c4k_forgejo/core.cljc
@@ -3,12 +3,16 @@
[clojure.spec.alpha :as s]
[dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm]
+ [dda.c4k-common.monitoring :as mon]
[dda.c4k-forgejo.forgejo :as forgejo]
[dda.c4k-forgejo.backup :as backup]
[dda.c4k-common.postgres :as postgres]))
(def config-defaults {:issuer "staging"})
+(s/def ::mon-cfg mon/config?)
+(s/def ::mon-auth mon/auth?)
+
(def config? (s/keys :req-un [::forgejo/fqdn
::forgejo/mailer-from
::forgejo/mailer-host-port
@@ -16,16 +20,18 @@
:opt-un [::forgejo/issuer
::forgejo/default-app-name
::forgejo/service-domain-whitelist
- ::backup/restic-repository]))
+ ::backup/restic-repository
+ ::mon-cfg]))
(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password
::forgejo/mailer-user ::forgejo/mailer-pw
::backup/aws-access-key-id ::backup/aws-secret-access-key]
- :opt-un [::backup/restic-password])) ; TODO gec: Is restic password opt or req?
+ :opt-un [::backup/restic-password ; TODO gec: Is restic password opt or req?
+ ::mon-cfg]))
(def vol? (s/keys :req-un [::forgejo/volume-total-storage-size]))
-(defn k8s-objects [config]
+(defn k8s-objects [config auth]
(let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)]
(map yaml/to-string
(filter #(not (nil? %))
@@ -50,4 +56,6 @@
[(backup/generate-config config)
(backup/generate-secret config)
(backup/generate-cron)
- (backup/generate-backup-restore-deployment config)]))))))
+ (backup/generate-backup-restore-deployment config)])
+ (when (:contains? config :mon-cfg)
+ (mon/generate (:mon-cfg config) (:mon-auth auth))))))))
diff --git a/valid-auth.edn b/valid-auth.edn
index 33e9ade..d444915 100644
--- a/valid-auth.edn
+++ b/valid-auth.edn
@@ -4,4 +4,6 @@
:mailer-pw ""
:aws-access-key-id "AWS_KEY_ID"
:aws-secret-access-key "AWS_KEY_SECRET"
- :restic-password ""}
+ :restic-password ""
+ :mon-auth {:grafana-cloud-user "user"
+ :grafana-cloud-password "password"}}
diff --git a/valid-auth.yaml b/valid-auth.yaml
new file mode 100644
index 0000000..cf1efb9
--- /dev/null
+++ b/valid-auth.yaml
@@ -0,0 +1,10 @@
+postgres-db-user: "forgejo"
+postgres-db-password: "forgejo-db-password"
+mailer-user: ""
+mailer-pw: ""
+aws-access-key-id: "AWS_KEY_ID"
+aws-secret-access-key: "AWS_KEY_SECRET"
+restic-password: ""
+mon-auth:
+ grafana-cloud-user: "user"
+ grafana-cloud-password: "password"
diff --git a/valid-config.edn b/valid-config.edn
index 9a04f74..c8d4253 100644
--- a/valid-config.edn
+++ b/valid-config.edn
@@ -6,4 +6,7 @@
:service-whitelist-domains "test.de"
:service-noreply-address "noreply@test.de"
:volume-total-storage-size 6
- :restic-repository "repo-path"}
+ :restic-repository "repo-path"
+ :mon-cfg {:grafana-cloud-url "url-for-your-prom-remote-write-endpoint"
+ :k3s-cluster-name "jitsi"
+ :k3s-cluster-stage "test"}}
diff --git a/valid-config.yaml b/valid-config.yaml
new file mode 100644
index 0000000..10b63e6
--- /dev/null
+++ b/valid-config.yaml
@@ -0,0 +1,13 @@
+default-app-name: "Meissas awesome forgejo"
+fqdn: "test.de"
+issuer: "staging"
+mailer-from: "test@test.de"
+mailer-host-port: "test.de:123"
+service-whitelist-domains: "test.de"
+service-noreply-address: "noreply@test.de"
+volume-total-storage-size: 6
+restic-repository: "repo-path"
+mon-cfg:
+ grafana-cloud-url: "url-for-your-prom-remote-write-endpoint"
+ k3s-cluster-name: "jitsi"
+ k3s-cluster-stage: "test"
\ No newline at end of file
From 93a36e992ecf52d18ea3e8843ef8597bd2bc4813 Mon Sep 17 00:00:00 2001
From: bom <mattis.boeckle@meissa-gmbh.de>
Date: Tue, 28 Mar 2023 12:06:31 +0200
Subject: [PATCH 07/25] Test for valid resources
---
.gitlab-ci.yml | 2 +-
src/test/cljc/dda/c4k_forgejo/core_test.cljc | 19 +++++++++++++++++++
.../resources/forgejo-test/valid-auth.yaml | 0
.../resources/forgejo-test/valid-config.yaml | 4 ++--
valid-auth.edn | 9 ---------
valid-config.edn | 12 ------------
6 files changed, 22 insertions(+), 24 deletions(-)
create mode 100644 src/test/cljc/dda/c4k_forgejo/core_test.cljc
rename valid-auth.yaml => src/test/resources/forgejo-test/valid-auth.yaml (100%)
rename valid-config.yaml => src/test/resources/forgejo-test/valid-config.yaml (86%)
delete mode 100644 valid-auth.edn
delete mode 100644 valid-config.edn
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 7af57b9..6815ca1 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -48,7 +48,7 @@ test-schema:
stage: build_and_test
script:
- lein uberjar
- - java -jar target/uberjar/c4k-forgejo-standalone.jar valid-config.edn valid-auth.edn | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate -
+ - java -jar target/uberjar/c4k-forgejo-standalone.jar src/test/resources/forgejo_test/valid-config.yaml src/test/resources/forgejo_test/valid-auth.yaml | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate -
artifacts:
paths:
- target/uberjar
diff --git a/src/test/cljc/dda/c4k_forgejo/core_test.cljc b/src/test/cljc/dda/c4k_forgejo/core_test.cljc
new file mode 100644
index 0000000..5386019
--- /dev/null
+++ b/src/test/cljc/dda/c4k_forgejo/core_test.cljc
@@ -0,0 +1,19 @@
+(ns dda.c4k-forgejo.core-test
+ (:require
+ #?(:cljs [shadow.resource :as rc])
+ #?(:clj [clojure.test :refer [deftest is are testing run-tests]]
+ :cljs [cljs.test :refer-macros [deftest is are testing run-tests]])
+ [clojure.spec.alpha :as s]
+ [dda.c4k-common.yaml :as yaml]
+ [dda.c4k-forgejo.core :as cut]))
+
+#?(:cljs
+ (defmethod yaml/load-resource :forgejo-test [resource-name]
+ (case resource-name
+ "forgejo-test/valid-auth.yaml" (rc/inline "forgejo-test/valid-auth.yaml")
+ "forgejo-test/valid-config.yaml" (rc/inline "forgejo-test/valid-config.yaml")
+ (throw (js/Error. "Undefined Resource!")))))
+
+(deftest validate-valid-resources
+ (is (s/valid? cut/config? (yaml/load-as-edn "forgejo-test/valid-config.yaml")))
+ (is (s/valid? cut/auth? (yaml/load-as-edn "forgejo-test/valid-auth.yaml"))))
\ No newline at end of file
diff --git a/valid-auth.yaml b/src/test/resources/forgejo-test/valid-auth.yaml
similarity index 100%
rename from valid-auth.yaml
rename to src/test/resources/forgejo-test/valid-auth.yaml
diff --git a/valid-config.yaml b/src/test/resources/forgejo-test/valid-config.yaml
similarity index 86%
rename from valid-config.yaml
rename to src/test/resources/forgejo-test/valid-config.yaml
index 10b63e6..2bcf05b 100644
--- a/valid-config.yaml
+++ b/src/test/resources/forgejo-test/valid-config.yaml
@@ -9,5 +9,5 @@ volume-total-storage-size: 6
restic-repository: "repo-path"
mon-cfg:
grafana-cloud-url: "url-for-your-prom-remote-write-endpoint"
- k3s-cluster-name: "jitsi"
- k3s-cluster-stage: "test"
\ No newline at end of file
+ cluster-name: "jitsi"
+ cluster-stage: "test"
\ No newline at end of file
diff --git a/valid-auth.edn b/valid-auth.edn
deleted file mode 100644
index d444915..0000000
--- a/valid-auth.edn
+++ /dev/null
@@ -1,9 +0,0 @@
-{:postgres-db-user "forgejo"
- :postgres-db-password "forgejo-db-password"
- :mailer-user ""
- :mailer-pw ""
- :aws-access-key-id "AWS_KEY_ID"
- :aws-secret-access-key "AWS_KEY_SECRET"
- :restic-password ""
- :mon-auth {:grafana-cloud-user "user"
- :grafana-cloud-password "password"}}
diff --git a/valid-config.edn b/valid-config.edn
deleted file mode 100644
index c8d4253..0000000
--- a/valid-config.edn
+++ /dev/null
@@ -1,12 +0,0 @@
-{:default-app-name "Meissas awesome forgejo"
- :fqdn "test.de"
- :issuer "staging"
- :mailer-from "test@test.de"
- :mailer-host-port "test.de:123"
- :service-whitelist-domains "test.de"
- :service-noreply-address "noreply@test.de"
- :volume-total-storage-size 6
- :restic-repository "repo-path"
- :mon-cfg {:grafana-cloud-url "url-for-your-prom-remote-write-endpoint"
- :k3s-cluster-name "jitsi"
- :k3s-cluster-stage "test"}}
From 0579d3331c8ca44d01c0880b1bacb8bf66b74c9e Mon Sep 17 00:00:00 2001
From: bom <mattis.boeckle@meissa-gmbh.de>
Date: Tue, 28 Mar 2023 12:07:48 +0200
Subject: [PATCH 08/25] Correct monitoring spec keywords
---
src/main/cljc/dda/c4k_forgejo/core.cljc | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc
index 7378c0a..1d1d0c4 100644
--- a/src/main/cljc/dda/c4k_forgejo/core.cljc
+++ b/src/main/cljc/dda/c4k_forgejo/core.cljc
@@ -10,9 +10,6 @@
(def config-defaults {:issuer "staging"})
-(s/def ::mon-cfg mon/config?)
-(s/def ::mon-auth mon/auth?)
-
(def config? (s/keys :req-un [::forgejo/fqdn
::forgejo/mailer-from
::forgejo/mailer-host-port
@@ -21,13 +18,13 @@
::forgejo/default-app-name
::forgejo/service-domain-whitelist
::backup/restic-repository
- ::mon-cfg]))
+ ::mon/mon-cfg]))
(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password
::forgejo/mailer-user ::forgejo/mailer-pw
::backup/aws-access-key-id ::backup/aws-secret-access-key]
:opt-un [::backup/restic-password ; TODO gec: Is restic password opt or req?
- ::mon-cfg]))
+ ::mon/mon-cfg]))
(def vol? (s/keys :req-un [::forgejo/volume-total-storage-size]))
From 65fbd7d74bebc41cf1631a735c997a73fac3ae1d Mon Sep 17 00:00:00 2001
From: bom <mattis.boeckle@meissa-gmbh.de>
Date: Tue, 28 Mar 2023 12:08:26 +0200
Subject: [PATCH 09/25] Remove obsolete certificate test
---
src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc | 5 -----
1 file changed, 5 deletions(-)
diff --git a/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc b/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc
index c1b7075..f3b4516 100644
--- a/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc
+++ b/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc
@@ -43,11 +43,6 @@
:service-noreply-address "noreply@test.com"
})))))
-(deftest should-generate-certificate
- (is (= {:name-c2 "prod", :name-c1 "staging"}
- (th/map-diff (cut/generate-certificate {})
- (cut/generate-certificate {:issuer "prod"})))))
-
(deftest should-generate-secret
(is (= {:FORGEJO__database__USER-c1 "",
:FORGEJO__database__USER-c2 (b64/encode "pg-user"),
From e7a19a83ec706b3391874ea34a9eb0e8c122b065 Mon Sep 17 00:00:00 2001
From: bom <mattis.boeckle@meissa-gmbh.de>
Date: Fri, 7 Apr 2023 12:02:42 +0200
Subject: [PATCH 10/25] Correct file paths in ci
---
.gitlab-ci.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 6815ca1..6f746f2 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -48,7 +48,7 @@ test-schema:
stage: build_and_test
script:
- lein uberjar
- - java -jar target/uberjar/c4k-forgejo-standalone.jar src/test/resources/forgejo_test/valid-config.yaml src/test/resources/forgejo_test/valid-auth.yaml | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate -
+ - java -jar target/uberjar/c4k-forgejo-standalone.jar src/test/resources/forgejo-test/valid-config.yaml src/test/resources/forgejo-test/valid-auth.yaml | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate -
artifacts:
paths:
- target/uberjar
From 53e9897debe46b3ca2818c5db3ffcf9ff00b07d9 Mon Sep 17 00:00:00 2001
From: bom <mattis.boeckle@meissa-gmbh.de>
Date: Fri, 7 Apr 2023 12:03:14 +0200
Subject: [PATCH 11/25] Upgrade versions of dependencies
---
project.clj | 6 +++---
shadow-cljs.edn | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/project.clj b/project.clj
index 83cc6da..413b41d 100644
--- a/project.clj
+++ b/project.clj
@@ -22,10 +22,10 @@
:uberjar {:aot :all
:main dda.c4k-forgejo.uberjar
:uberjar-name "c4k-forgejo-standalone.jar"
- :dependencies [[org.clojure/tools.cli "1.0.206"]
- [ch.qos.logback/logback-classic "1.3.0-alpha4"
+ :dependencies [[org.clojure/tools.cli "1.0.214"]
+ [ch.qos.logback/logback-classic "1.4.5"
:exclusions [com.sun.mail/javax.mail]]
- [org.slf4j/jcl-over-slf4j "2.0.0-alpha1"]]}}
+ [org.slf4j/jcl-over-slf4j "2.0.6"]]}}
:release-tasks [["test"]
["vcs" "assert-committed"]
["change" "version" "leiningen.release/bump-version" "release"]
diff --git a/shadow-cljs.edn b/shadow-cljs.edn
index 6dcdf9b..2a94637 100644
--- a/shadow-cljs.edn
+++ b/shadow-cljs.edn
@@ -4,7 +4,7 @@
"src/test/cljc"
"src/test/cljs"
"src/test/resources"]
- :dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "3.0.1"]
+ :dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "6.0.1"]
[hickory "0.7.1"]]
:builds {:frontend {:target :browser
:modules {:main {:init-fn dda.c4k-forgejo.browser/init}}
From 5a1d84b441831ed606adfddced4fa7e49c91b77b Mon Sep 17 00:00:00 2001
From: bom <mattis.boeckle@meissa-gmbh.de>
Date: Fri, 7 Apr 2023 12:03:52 +0200
Subject: [PATCH 12/25] Indent main function for readability
---
src/main/clj/dda/c4k_forgejo/uberjar.clj | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/main/clj/dda/c4k_forgejo/uberjar.clj b/src/main/clj/dda/c4k_forgejo/uberjar.clj
index 98fe8bd..8339570 100644
--- a/src/main/clj/dda/c4k_forgejo/uberjar.clj
+++ b/src/main/clj/dda/c4k_forgejo/uberjar.clj
@@ -2,8 +2,13 @@
(:gen-class)
(:require
[dda.c4k-forgejo.core :as core]
- [dda.c4k-forgejo.forgejo :as forgejo]
[dda.c4k-common.uberjar :as uberjar]))
(defn -main [& cmd-args]
- (uberjar/main-common "c4k-forgejo" core/config? core/auth? core/config-defaults core/k8s-objects cmd-args))
+ (uberjar/main-common
+ "c4k-forgejo"
+ core/config?
+ core/auth?
+ core/config-defaults
+ core/k8s-objects
+ cmd-args))
From 02febd014fb0d4c8ffbc18905d163e60d3d40bb4 Mon Sep 17 00:00:00 2001
From: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri, 7 Apr 2023 15:16:10 +0200
Subject: [PATCH 13/25] remove cp artefacts
---
src/test/resources/forgejo-test/valid-config.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/test/resources/forgejo-test/valid-config.yaml b/src/test/resources/forgejo-test/valid-config.yaml
index 2bcf05b..4fe83b2 100644
--- a/src/test/resources/forgejo-test/valid-config.yaml
+++ b/src/test/resources/forgejo-test/valid-config.yaml
@@ -9,5 +9,5 @@ volume-total-storage-size: 6
restic-repository: "repo-path"
mon-cfg:
grafana-cloud-url: "url-for-your-prom-remote-write-endpoint"
- cluster-name: "jitsi"
+ cluster-name: "forgejo"
cluster-stage: "test"
\ No newline at end of file
From 287aaa66bf322fe9755298ea10cb5e34744b0ed9 Mon Sep 17 00:00:00 2001
From: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri, 7 Apr 2023 15:16:25 +0200
Subject: [PATCH 14/25] update deps
---
package.json | 2 +-
project.clj | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package.json b/package.json
index fa309cf..97633ec 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
"name": "c4k-forgejo",
"description": "Generate c4k yaml for a forgejo deployment.",
"author": "meissa GmbH",
- "version": "1.0.1-SNAPSHOT",
+ "version": "1.1.0-SNAPSHOT",
"homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-forgejo#readme",
"repository": "https://www.npmjs.com/package/c4k-forgejo",
"license": "APACHE2",
diff --git a/project.clj b/project.clj
index 413b41d..e9b0310 100644
--- a/project.clj
+++ b/project.clj
@@ -1,4 +1,4 @@
-(defproject org.domaindrivenarchitecture/c4k-forgejo "1.0.1-SNAPSHOT"
+(defproject org.domaindrivenarchitecture/c4k-forgejo "1.1.0-SNAPSHOT"
:description "forgejo c4k-installation package"
:url "https://domaindrivenarchitecture.org"
:license {:name "Apache License, Version 2.0"
@@ -23,9 +23,9 @@
:main dda.c4k-forgejo.uberjar
:uberjar-name "c4k-forgejo-standalone.jar"
:dependencies [[org.clojure/tools.cli "1.0.214"]
- [ch.qos.logback/logback-classic "1.4.5"
+ [ch.qos.logback/logback-classic "1.4.6"
:exclusions [com.sun.mail/javax.mail]]
- [org.slf4j/jcl-over-slf4j "2.0.6"]]}}
+ [org.slf4j/jcl-over-slf4j "2.0.7"]]}}
:release-tasks [["test"]
["vcs" "assert-committed"]
["change" "version" "leiningen.release/bump-version" "release"]
From 2d930d15dd635073c817f942e096d0e15a7546c1 Mon Sep 17 00:00:00 2001
From: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri, 7 Apr 2023 15:28:59 +0200
Subject: [PATCH 15/25] fixed auth issues
---
src/main/cljc/dda/c4k_forgejo/core.cljc | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc
index 1d1d0c4..5485dce 100644
--- a/src/main/cljc/dda/c4k_forgejo/core.cljc
+++ b/src/main/cljc/dda/c4k_forgejo/core.cljc
@@ -34,7 +34,7 @@
(filter #(not (nil? %))
(cm/concat-vec
[(postgres/generate-config {:postgres-size :2gb :db-name "forgejo"})
- (postgres/generate-secret config)
+ (postgres/generate-secret auth)
(when (contains? config :postgres-data-volume-path)
(postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb])))
(postgres/generate-pvc {:pv-storage-size-gb 5
@@ -47,11 +47,11 @@
(forgejo/generate-service-ssh)
(forgejo/generate-data-volume config)
(forgejo/generate-appini-env config)
- (forgejo/generate-secrets config)]
+ (forgejo/generate-secrets auth)]
(forgejo/generate-ingress-and-cert config)
(when (contains? config :restic-repository)
[(backup/generate-config config)
- (backup/generate-secret config)
+ (backup/generate-secret auth)
(backup/generate-cron)
(backup/generate-backup-restore-deployment config)])
(when (:contains? config :mon-cfg)
From 80c4b315c942cebc28c8e194d9eb213f35504b0e Mon Sep 17 00:00:00 2001
From: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri, 7 Apr 2023 15:36:48 +0200
Subject: [PATCH 16/25] update doc
---
README.md | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/README.md b/README.md
index 9189b73..a5ae3f0 100644
--- a/README.md
+++ b/README.md
@@ -6,10 +6,12 @@
## Purpose
c4k-forgejo provides a k8s deployment file for forgejo containing:
+
* forgejo
* ingress having a letsencrypt managed certificate
* postgres database
-
+* encrypted backup on S3 & restore
+* monitoring on graphana-cloud
## Try out
@@ -19,7 +21,6 @@ Click on the image to try out live in your browser:
Your input will stay in your browser. No server interaction is required.
-
## Forgejo setup
After having deployed the yaml-file generated by the c4k-forgejo module you need to complete the setup for forgejo:
@@ -31,9 +32,8 @@ After having deployed the yaml-file generated by the c4k-forgejo module you need
* The SSH-URL for a repo has the format: "ssh://git@domain:2222/[username]/[repo].git
Example: "git clone ssh://git@repo.test.meissa.de:2222/myuser/c4k-forgejo.git"
-
## License
-Copyright © 2022 meissa GmbH
+Copyright © 2023 meissa GmbH
Licensed under the [Apache License, Version 2.0](LICENSE) (the "License")
Pls. find licenses of our subcomponents [here](doc/SUBCOMPONENT_LICENSE)
\ No newline at end of file
From c52be9d489678940ed044e41ed2410cb119b1cc1 Mon Sep 17 00:00:00 2001
From: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Fri, 7 Apr 2023 15:39:09 +0200
Subject: [PATCH 17/25] removed no longer used resources
---
src/main/resources/forgejo/certificate.yaml | 15 -------------
src/main/resources/forgejo/ingress.yaml | 24 ---------------------
2 files changed, 39 deletions(-)
delete mode 100644 src/main/resources/forgejo/certificate.yaml
delete mode 100644 src/main/resources/forgejo/ingress.yaml
diff --git a/src/main/resources/forgejo/certificate.yaml b/src/main/resources/forgejo/certificate.yaml
deleted file mode 100644
index e99bb95..0000000
--- a/src/main/resources/forgejo/certificate.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: forgejo-cert
- namespace: default
-spec:
- secretName: forgejo-cert
- commonName: FQDN
- duration: 2160h # 90d
- renewBefore: 360h # 15d
- dnsNames:
- - FQDN
- issuerRef:
- name: staging
- kind: ClusterIssuer
\ No newline at end of file
diff --git a/src/main/resources/forgejo/ingress.yaml b/src/main/resources/forgejo/ingress.yaml
deleted file mode 100644
index 751c45b..0000000
--- a/src/main/resources/forgejo/ingress.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: ingress-forgejo
- namespace: default
- annotations:
- ingress.kubernetes.io/ssl-redirect: "true"
- traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
-spec:
- tls:
- - hosts:
- - FQDN
- secretName: forgejo-cert
- rules:
- - host: FQDN
- http:
- paths:
- - pathType: Prefix
- path: "/"
- backend:
- service:
- name: forgejo-service
- port:
- number: 3000
From ba381568d58d7ecb84683a56a9b915a3a294b017 Mon Sep 17 00:00:00 2001
From: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu, 20 Apr 2023 08:29:11 +0200
Subject: [PATCH 18/25] fix ingress service- and port-name
---
src/main/cljc/dda/c4k_forgejo/forgejo.cljc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc
index 7d6d9e1..9891825 100644
--- a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc
+++ b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc
@@ -100,8 +100,8 @@
(let [{:keys [fqdn]} config]
(ing/generate-ingress-and-cert
(merge
- {:service-name "forgejo"
- :service-port 80
+ {:service-name "forgejo-service"
+ :service-port 3000
:fqdns [fqdn]}
config))))
From 531d6857c8273d4139515223f3863a235f187aae Mon Sep 17 00:00:00 2001
From: Mirco <mirco.zachmann@meissa.de>
Date: Thu, 20 Apr 2023 09:43:54 +0200
Subject: [PATCH 19/25] Change to forgejo image version 1.19
---
doc/Upgrading.md | 2 +-
src/main/resources/forgejo/deployment.yaml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/doc/Upgrading.md b/doc/Upgrading.md
index 888b71e..8475aa9 100644
--- a/doc/Upgrading.md
+++ b/doc/Upgrading.md
@@ -9,7 +9,7 @@ kubectl edit configmap forgejo-env
# make sure INSTALL_LOCK under security is set to true to disable the installation screen
# save and exit
kubectl edit deployments forgejo
-# search for your current forgejo version, e.g. 1.17.0
+# search for your current forgejo version, e.g. 1.19
# replace with new version
# save and exit
kubectl scale deployment forgejo --replicas=0
diff --git a/src/main/resources/forgejo/deployment.yaml b/src/main/resources/forgejo/deployment.yaml
index 7efc943..110ec43 100644
--- a/src/main/resources/forgejo/deployment.yaml
+++ b/src/main/resources/forgejo/deployment.yaml
@@ -18,7 +18,7 @@ spec:
spec:
containers:
- name: forgejo
- image: codeberg.org/forgejo/forgejo:1.18
+ image: codeberg.org/forgejo/forgejo:1.19
imagePullPolicy: IfNotPresent
# config settings
envFrom:
From 09b0c5c717607422e1973e6856f47502712c006a Mon Sep 17 00:00:00 2001
From: Mirco <mirco.zachmann@meissa.de>
Date: Thu, 20 Apr 2023 10:21:22 +0200
Subject: [PATCH 20/25] Change name
---
doc/BackupAndRestore.md | 2 +-
infrastructure/docker-backup/test/Dockerfile | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/doc/BackupAndRestore.md b/doc/BackupAndRestore.md
index 4a6fe73..b878126 100644
--- a/doc/BackupAndRestore.md
+++ b/doc/BackupAndRestore.md
@@ -4,7 +4,7 @@
* we use restic to produce small & encrypted backups
* backup is scheduled at `schedule: "10 23 * * *"`
-* Gitea stores files in `/data/gitea` and `/data/git/repositories`, these files are backed up.
+* Forgejo stores files in `/data/gitea` and `/data/git/repositories`, these files are backed up.
* The postgres db is also backed up
## Manual init the restic repository for the first time
diff --git a/infrastructure/docker-backup/test/Dockerfile b/infrastructure/docker-backup/test/Dockerfile
index f2e19b6..0db1c6c 100644
--- a/infrastructure/docker-backup/test/Dockerfile
+++ b/infrastructure/docker-backup/test/Dockerfile
@@ -1,4 +1,4 @@
-FROM c4k-jira-backup
+FROM c4k-forgejo-backup
RUN apt update
RUN apt -yqq --no-install-recommends --yes install curl default-jre-headless
From 16cc358115841cdf978be72aaa89d247e2783386 Mon Sep 17 00:00:00 2001
From: bom <mattis.boeckle@meissa-gmbh.de>
Date: Thu, 20 Apr 2023 10:26:22 +0200
Subject: [PATCH 21/25] Release v2.0.0
---
package.json | 2 +-
project.clj | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package.json b/package.json
index 97633ec..22469c8 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
"name": "c4k-forgejo",
"description": "Generate c4k yaml for a forgejo deployment.",
"author": "meissa GmbH",
- "version": "1.1.0-SNAPSHOT",
+ "version": "2.0.0",
"homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-forgejo#readme",
"repository": "https://www.npmjs.com/package/c4k-forgejo",
"license": "APACHE2",
diff --git a/project.clj b/project.clj
index e9b0310..351993d 100644
--- a/project.clj
+++ b/project.clj
@@ -1,4 +1,4 @@
-(defproject org.domaindrivenarchitecture/c4k-forgejo "1.1.0-SNAPSHOT"
+(defproject org.domaindrivenarchitecture/c4k-forgejo "2.0.0-SNAPSHOT"
:description "forgejo c4k-installation package"
:url "https://domaindrivenarchitecture.org"
:license {:name "Apache License, Version 2.0"
From ad00f7c1a7c7f2cd2d52847ea5aa0a8c1a37ed60 Mon Sep 17 00:00:00 2001
From: bom <mattis.boeckle@meissa-gmbh.de>
Date: Thu, 20 Apr 2023 10:26:29 +0200
Subject: [PATCH 22/25] Version 2.0.0
---
project.clj | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/project.clj b/project.clj
index 351993d..b906702 100644
--- a/project.clj
+++ b/project.clj
@@ -1,4 +1,4 @@
-(defproject org.domaindrivenarchitecture/c4k-forgejo "2.0.0-SNAPSHOT"
+(defproject org.domaindrivenarchitecture/c4k-forgejo "2.0.0"
:description "forgejo c4k-installation package"
:url "https://domaindrivenarchitecture.org"
:license {:name "Apache License, Version 2.0"
From 8eaac7c7634a61bba7b7444ab329b9640b59ad8a Mon Sep 17 00:00:00 2001
From: bom <mattis.boeckle@meissa-gmbh.de>
Date: Thu, 20 Apr 2023 10:27:25 +0200
Subject: [PATCH 23/25] Version bump
---
package.json | 2 +-
project.clj | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package.json b/package.json
index 22469c8..b9055ff 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
"name": "c4k-forgejo",
"description": "Generate c4k yaml for a forgejo deployment.",
"author": "meissa GmbH",
- "version": "2.0.0",
+ "version": "2.0.1-SNAPSHOT",
"homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-forgejo#readme",
"repository": "https://www.npmjs.com/package/c4k-forgejo",
"license": "APACHE2",
diff --git a/project.clj b/project.clj
index b906702..3b7a621 100644
--- a/project.clj
+++ b/project.clj
@@ -1,4 +1,4 @@
-(defproject org.domaindrivenarchitecture/c4k-forgejo "2.0.0"
+(defproject org.domaindrivenarchitecture/c4k-forgejo "2.0.1-SNAPSHOT"
:description "forgejo c4k-installation package"
:url "https://domaindrivenarchitecture.org"
:license {:name "Apache License, Version 2.0"
From 6c64ea253c82df96226c8f852ea96489e83da146 Mon Sep 17 00:00:00 2001
From: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Thu, 16 Feb 2023 12:17:20 +0100
Subject: [PATCH 24/25] Added MPL2 to subcomponent licenses
---
doc/SUBCOMPONENT_LICENSE | 362 +++++++++++++++++++++++++++++++++++++++
1 file changed, 362 insertions(+)
diff --git a/doc/SUBCOMPONENT_LICENSE b/doc/SUBCOMPONENT_LICENSE
index 581c523..caa08af 100644
--- a/doc/SUBCOMPONENT_LICENSE
+++ b/doc/SUBCOMPONENT_LICENSE
@@ -204,3 +204,365 @@ Permission is hereby granted, free of charge, to any person obtaining a copy of
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+------------------------------------------------------------------------------
+Mozilla Public License Version 2.0
+==================================
+
+1. Definitions
+
+1.1. "Contributor"
+ means each individual or legal entity that creates, contributes to
+ the creation of, or owns Covered Software.
+
+1.2. "Contributor Version"
+ means the combination of the Contributions of others (if any) used
+ by a Contributor and that particular Contributor's Contribution.
+
+1.3. "Contribution"
+ means Covered Software of a particular Contributor.
+
+1.4. "Covered Software"
+ means Source Code Form to which the initial Contributor has attached
+ the notice in Exhibit A, the Executable Form of such Source Code
+ Form, and Modifications of such Source Code Form, in each case
+ including portions thereof.
+
+1.5. "Incompatible With Secondary Licenses"
+ means
+
+ (a) that the initial Contributor has attached the notice described
+ in Exhibit B to the Covered Software; or
+
+ (b) that the Covered Software was made available under the terms of
+ version 1.1 or earlier of the License, but not also under the
+ terms of a Secondary License.
+
+1.6. "Executable Form"
+ means any form of the work other than Source Code Form.
+
+1.7. "Larger Work"
+ means a work that combines Covered Software with other material, in
+ a separate file or files, that is not Covered Software.
+
+1.8. "License"
+ means this document.
+
+1.9. "Licensable"
+ means having the right to grant, to the maximum extent possible,
+ whether at the time of the initial grant or subsequently, any and
+ all of the rights conveyed by this License.
+
+1.10. "Modifications"
+ means any of the following:
+
+ (a) any file in Source Code Form that results from an addition to,
+ deletion from, or modification of the contents of Covered
+ Software; or
+
+ (b) any new file in Source Code Form that contains any Covered
+ Software.
+
+1.11. "Patent Claims" of a Contributor
+ means any patent claim(s), including without limitation, method,
+ process, and apparatus claims, in any patent Licensable by such
+ Contributor that would be infringed, but for the grant of the
+ License, by the making, using, selling, offering for sale, having
+ made, import, or transfer of either its Contributions or its
+ Contributor Version.
+
+1.12. "Secondary License"
+ means either the GNU General Public License, Version 2.0, the GNU
+ Lesser General Public License, Version 2.1, the GNU Affero General
+ Public License, Version 3.0, or any later versions of those
+ licenses.
+
+1.13. "Source Code Form"
+ means the form of the work preferred for making modifications.
+
+1.14. "You" (or "Your")
+ means an individual or a legal entity exercising rights under this
+ License. For legal entities, "You" includes any entity that
+ controls, is controlled by, or is under common control with You. For
+ purposes of this definition, "control" means (a) the power, direct
+ or indirect, to cause the direction or management of such entity,
+ whether by contract or otherwise, or (b) ownership of more than
+ fifty percent (50%) of the outstanding shares or beneficial
+ ownership of such entity.
+
+2. License Grants and Conditions
+
+2.1. Grants
+
+Each Contributor hereby grants You a world-wide, royalty-free,
+non-exclusive license:
+
+(a) under intellectual property rights (other than patent or trademark)
+ Licensable by such Contributor to use, reproduce, make available,
+ modify, display, perform, distribute, and otherwise exploit its
+ Contributions, either on an unmodified basis, with Modifications, or
+ as part of a Larger Work; and
+
+(b) under Patent Claims of such Contributor to make, use, sell, offer
+ for sale, have made, import, and otherwise transfer either its
+ Contributions or its Contributor Version.
+
+2.2. Effective Date
+
+The licenses granted in Section 2.1 with respect to any Contribution
+become effective for each Contribution on the date the Contributor first
+distributes such Contribution.
+
+2.3. Limitations on Grant Scope
+
+The licenses granted in this Section 2 are the only rights granted under
+this License. No additional rights or licenses will be implied from the
+distribution or licensing of Covered Software under this License.
+Notwithstanding Section 2.1(b) above, no patent license is granted by a
+Contributor:
+
+(a) for any code that a Contributor has removed from Covered Software;
+ or
+
+(b) for infringements caused by: (i) Your and any other third party's
+ modifications of Covered Software, or (ii) the combination of its
+ Contributions with other software (except as part of its Contributor
+ Version); or
+
+(c) under Patent Claims infringed by Covered Software in the absence of
+ its Contributions.
+
+This License does not grant any rights in the trademarks, service marks,
+or logos of any Contributor (except as may be necessary to comply with
+the notice requirements in Section 3.4).
+
+2.4. Subsequent Licenses
+
+No Contributor makes additional grants as a result of Your choice to
+distribute the Covered Software under a subsequent version of this
+License (see Section 10.2) or under the terms of a Secondary License (if
+permitted under the terms of Section 3.3).
+
+2.5. Representation
+
+Each Contributor represents that the Contributor believes its
+Contributions are its original creation(s) or it has sufficient rights
+to grant the rights to its Contributions conveyed by this License.
+
+2.6. Fair Use
+
+This License is not intended to limit any rights You have under
+applicable copyright doctrines of fair use, fair dealing, or other
+equivalents.
+
+2.7. Conditions
+
+Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted
+in Section 2.1.
+
+3. Responsibilities
+
+3.1. Distribution of Source Form
+
+All distribution of Covered Software in Source Code Form, including any
+Modifications that You create or to which You contribute, must be under
+the terms of this License. You must inform recipients that the Source
+Code Form of the Covered Software is governed by the terms of this
+License, and how they can obtain a copy of this License. You may not
+attempt to alter or restrict the recipients' rights in the Source Code
+Form.
+
+3.2. Distribution of Executable Form
+
+If You distribute Covered Software in Executable Form then:
+
+(a) such Covered Software must also be made available in Source Code
+ Form, as described in Section 3.1, and You must inform recipients of
+ the Executable Form how they can obtain a copy of such Source Code
+ Form by reasonable means in a timely manner, at a charge no more
+ than the cost of distribution to the recipient; and
+
+(b) You may distribute such Executable Form under the terms of this
+ License, or sublicense it under different terms, provided that the
+ license for the Executable Form does not attempt to limit or alter
+ the recipients' rights in the Source Code Form under this License.
+
+3.3. Distribution of a Larger Work
+
+You may create and distribute a Larger Work under terms of Your choice,
+provided that You also comply with the requirements of this License for
+the Covered Software. If the Larger Work is a combination of Covered
+Software with a work governed by one or more Secondary Licenses, and the
+Covered Software is not Incompatible With Secondary Licenses, this
+License permits You to additionally distribute such Covered Software
+under the terms of such Secondary License(s), so that the recipient of
+the Larger Work may, at their option, further distribute the Covered
+Software under the terms of either this License or such Secondary
+License(s).
+
+3.4. Notices
+
+You may not remove or alter the substance of any license notices
+(including copyright notices, patent notices, disclaimers of warranty,
+or limitations of liability) contained within the Source Code Form of
+the Covered Software, except that You may alter any license notices to
+the extent required to remedy known factual inaccuracies.
+
+3.5. Application of Additional Terms
+
+You may choose to offer, and to charge a fee for, warranty, support,
+indemnity or liability obligations to one or more recipients of Covered
+Software. However, You may do so only on Your own behalf, and not on
+behalf of any Contributor. You must make it absolutely clear that any
+such warranty, support, indemnity, or liability obligation is offered by
+You alone, and You hereby agree to indemnify every Contributor for any
+liability incurred by such Contributor as a result of warranty, support,
+indemnity or liability terms You offer. You may include additional
+disclaimers of warranty and limitations of liability specific to any
+jurisdiction.
+
+4. Inability to Comply Due to Statute or Regulation
+
+If it is impossible for You to comply with any of the terms of this
+License with respect to some or all of the Covered Software due to
+statute, judicial order, or regulation then You must: (a) comply with
+the terms of this License to the maximum extent possible; and (b)
+describe the limitations and the code they affect. Such description must
+be placed in a text file included with all distributions of the Covered
+Software under this License. Except to the extent prohibited by statute
+or regulation, such description must be sufficiently detailed for a
+recipient of ordinary skill to be able to understand it.
+
+5. Termination
+
+5.1. The rights granted under this License will terminate automatically
+if You fail to comply with any of its terms. However, if You become
+compliant, then the rights granted under this License from a particular
+Contributor are reinstated (a) provisionally, unless and until such
+Contributor explicitly and finally terminates Your grants, and (b) on an
+ongoing basis, if such Contributor fails to notify You of the
+non-compliance by some reasonable means prior to 60 days after You have
+come back into compliance. Moreover, Your grants from a particular
+Contributor are reinstated on an ongoing basis if such Contributor
+notifies You of the non-compliance by some reasonable means, this is the
+first time You have received notice of non-compliance with this License
+from such Contributor, and You become compliant prior to 30 days after
+Your receipt of the notice.
+
+5.2. If You initiate litigation against any entity by asserting a patent
+infringement claim (excluding declaratory judgment actions,
+counter-claims, and cross-claims) alleging that a Contributor Version
+directly or indirectly infringes any patent, then the rights granted to
+You by any and all Contributors for the Covered Software under Section
+2.1 of this License shall terminate.
+
+5.3. In the event of termination under Sections 5.1 or 5.2 above, all
+end user license agreements (excluding distributors and resellers) which
+have been validly granted by You or Your distributors under this License
+prior to termination shall survive termination.
+
+************************************************************************
+* *
+* 6. Disclaimer of Warranty *
+* *
+* Covered Software is provided under this License on an "as is" *
+* basis, without warranty of any kind, either expressed, implied, or *
+* statutory, including, without limitation, warranties that the *
+* Covered Software is free of defects, merchantable, fit for a *
+* particular purpose or non-infringing. The entire risk as to the *
+* quality and performance of the Covered Software is with You. *
+* Should any Covered Software prove defective in any respect, You *
+* (not any Contributor) assume the cost of any necessary servicing, *
+* repair, or correction. This disclaimer of warranty constitutes an *
+* essential part of this License. No use of any Covered Software is *
+* authorized under this License except under this disclaimer. *
+* *
+************************************************************************
+
+************************************************************************
+* *
+* 7. Limitation of Liability *
+* *
+* Under no circumstances and under no legal theory, whether tort *
+* (including negligence), contract, or otherwise, shall any *
+* Contributor, or anyone who distributes Covered Software as *
+* permitted above, be liable to You for any direct, indirect, *
+* special, incidental, or consequential damages of any character *
+* including, without limitation, damages for lost profits, loss of *
+* goodwill, work stoppage, computer failure or malfunction, or any *
+* and all other commercial damages or losses, even if such party *
+* shall have been informed of the possibility of such damages. This *
+* limitation of liability shall not apply to liability for death or *
+* personal injury resulting from such party's negligence to the *
+* extent applicable law prohibits such limitation. Some *
+* jurisdictions do not allow the exclusion or limitation of *
+* incidental or consequential damages, so this exclusion and *
+* limitation may not apply to You. *
+* *
+************************************************************************
+
+8. Litigation
+
+Any litigation relating to this License may be brought only in the
+courts of a jurisdiction where the defendant maintains its principal
+place of business and such litigation shall be governed by laws of that
+jurisdiction, without reference to its conflict-of-law provisions.
+Nothing in this Section shall prevent a party's ability to bring
+cross-claims or counter-claims.
+
+9. Miscellaneous
+
+This License represents the complete agreement concerning the subject
+matter hereof. If any provision of this License is held to be
+unenforceable, such provision shall be reformed only to the extent
+necessary to make it enforceable. Any law or regulation which provides
+that the language of a contract shall be construed against the drafter
+shall not be used to construe this License against a Contributor.
+
+10. Versions of the License
+
+10.1. New Versions
+
+Mozilla Foundation is the license steward. Except as provided in Section
+10.3, no one other than the license steward has the right to modify or
+publish new versions of this License. Each version will be given a
+distinguishing version number.
+
+10.2. Effect of New Versions
+
+You may distribute the Covered Software under the terms of the version
+of the License under which You originally received the Covered Software,
+or under the terms of any subsequent version published by the license
+steward.
+
+10.3. Modified Versions
+
+If you create software not governed by this License, and you want to
+create a new license for such software, you may create and use a
+modified version of this License if you rename the license and remove
+any references to the name of the license steward (except to note that
+such modified license differs from this License).
+
+10.4. Distributing Source Code Form that is Incompatible With Secondary
+Licenses
+
+If You choose to distribute Source Code Form that is Incompatible With
+Secondary Licenses under the terms of this version of the License, the
+notice described in Exhibit B of this License must be attached.
+
+Exhibit A - Source Code Form License Notice
+
+ This Source Code Form is subject to the terms of the Mozilla Public
+ License, v. 2.0. If a copy of the MPL was not distributed with this
+ file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+If it is not possible or desirable to put the notice in a particular
+file, then You may include the notice in a location (such as a LICENSE
+file in a relevant directory) where a recipient would be likely to look
+for such a notice.
+
+You may add additional accurate notices of copyright ownership.
+
+Exhibit B - "Incompatible With Secondary Licenses" Notice
+
+ This Source Code Form is "Incompatible With Secondary Licenses", as
+ defined by the Mozilla Public License, v. 2.0.
From 0afd938ec7c157158e3d6c36b2cd1189456222b6 Mon Sep 17 00:00:00 2001
From: Clemens <clemens.geibel@meissa-gmbh.de.de>
Date: Fri, 24 Mar 2023 15:19:45 +0100
Subject: [PATCH 25/25] Remove LGPL from subcomponent license file
---
doc/SUBCOMPONENT_LICENSE | 69 ----------------------------------------
1 file changed, 69 deletions(-)
diff --git a/doc/SUBCOMPONENT_LICENSE b/doc/SUBCOMPONENT_LICENSE
index caa08af..c04fa56 100644
--- a/doc/SUBCOMPONENT_LICENSE
+++ b/doc/SUBCOMPONENT_LICENSE
@@ -125,75 +125,6 @@ Redistribution and use in source and binary forms, with or without modification,
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-------------------------------------------------------------------------------
-
-
-GNU LESSER GENERAL PUBLIC LICENSE
-
-Version 3, 29 June 2007
-
-Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
-
-Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
-
-This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License, supplemented by the additional permissions listed below.
-0. Additional Definitions.
-
-As used herein, “this License” refers to version 3 of the GNU Lesser General Public License, and the “GNU GPL” refers to version 3 of the GNU General Public License.
-
-“The Library” refers to a covered work governed by this License, other than an Application or a Combined Work as defined below.
-
-An “Application” is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library. Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library.
-
-A “Combined Work” is a work produced by combining or linking an Application with the Library. The particular version of the Library with which the Combined Work was made is also called the “Linked Version”.
-
-The “Minimal Corresponding Source” for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version.
-
-The “Corresponding Application Code” for a Combined Work means the object code and/or source code for the Application, including any data and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work.
-1. Exception to Section 3 of the GNU GPL.
-
-You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL.
-2. Conveying Modified Versions.
-
-If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version:
-
- a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still operates, and performs whatever part of its purpose remains meaningful, or
- b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy.
-
-3. Object Code Incorporating Material from Library Header Files.
-
-The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following:
-
- a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License.
- b) Accompany the object code with a copy of the GNU GPL and this license document.
-
-4. Combined Works.
-
-You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following:
-
- a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License.
- b) Accompany the Combined Work with a copy of the GNU GPL and this license document.
- c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this license document.
- d) Do one of the following:
- 0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.
- 1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library that is interface-compatible with the Linked Version.
- e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.)
-
-5. Combined Libraries.
-
-You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of the following:
-
- a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities, conveyed under the terms of this License.
- b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work.
-
-6. Revised Versions of the GNU Lesser General Public License.
-
-The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
-
-Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered version of the GNU Lesser General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever published by the Free Software Foundation.
-
-If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library.
-
------------------------------------------------------------------------------
License