From 6f8960f569034d4d61ef543bc93926da25b9acd5 Mon Sep 17 00:00:00 2001
From: Jef Roosens <roosensjef@gmail.com>
Date: Fri, 24 Dec 2021 17:00:14 +0100
Subject: [PATCH 1/3] Updated gitea to use config; added config file

---
 configs/gitea.ini | 115 ++++++++++++++++++++++++++++++++++++++++++++++
 stacks/gitea.yml  |  21 +++++++++
 2 files changed, 136 insertions(+)
 create mode 100644 configs/gitea.ini

diff --git a/configs/gitea.ini b/configs/gitea.ini
new file mode 100644
index 0000000..424ad7d
--- /dev/null
+++ b/configs/gitea.ini
@@ -0,0 +1,115 @@
+APP_NAME = The Rusty Bever
+RUN_MODE = prod
+RUN_USER = git
+
+[repository]
+ROOT = /data/git/repositories
+; Makes public the default option when creating a repo
+DEFAULT_PRIVATE = public
+; Disables releases, projects & wiki by default for new repos (but can be enabled when needed)
+DEFAULT_REPO_UNITS = repo.code,repo.issues,repo.pulls
+; Might as well be compatible with 
+DEFAULT_BRANCH = main
+
+[repository.pull-request]
+WORK_IN_PROGRESS_PREFIXES = WIP:,[WIP]:,Draft:,[Draft]:
+
+[repository.local]
+LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
+
+[repository.upload]
+TEMP_PATH = /data/gitea/uploads
+
+
+[ui]
+; Always show the full name of a user when possible
+DEFAULT_SHOW_FULL_NAME = true
+
+
+[server]
+APP_DATA_PATH    = /data/gitea
+DOMAIN           = git.rustybever.be
+SSH_DOMAIN       = git.rustybever.be
+HTTP_PORT        = 3000
+ROOT_URL         = https://git.rustybever.be/
+DISABLE_SSH      = false
+SSH_PORT         = 22
+SSH_LISTEN_PORT  = 22
+LFS_START_SERVER = true
+LFS_CONTENT_PATH = /data/git/lfs
+OFFLINE_MODE     = false
+
+
+[database]
+PATH     = /data/gitea/gitea.db
+DB_TYPE  = postgres
+HOST     = db:5432
+NAME     = gitea
+USER     = gitea
+PASSWD   = gitea
+LOG_SQL  = false
+SCHEMA   = 
+SSL_MODE = disable
+CHARSET  = utf8
+
+
+[indexer]
+ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
+
+
+[session]
+PROVIDER_CONFIG = /data/gitea/sessions
+PROVIDER        = file
+
+
+[picture]
+AVATAR_UPLOAD_PATH            = /data/gitea/avatars
+REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
+DISABLE_GRAVATAR              = false
+ENABLE_FEDERATED_AVATAR       = true
+
+
+[attachment]
+PATH = /data/gitea/attachments
+
+
+[log]
+MODE                 = console
+LEVEL                = info
+REDIRECT_MACARON_LOG = true
+MACARON              = console
+ROUTER               = console
+ROOT_PATH            = /data/gitea/log
+
+
+[security]
+INSTALL_LOCK   = true
+MIN_PASSWORD_LENGTH = 12
+PASSWORD_COMPLEXITY = lower,upper,digit
+
+
+[service]
+DISABLE_REGISTRATION              = true
+REQUIRE_SIGNIN_VIEW               = false
+REGISTER_EMAIL_CONFIRM            = false
+ENABLE_NOTIFY_MAIL                = false
+ALLOW_ONLY_EXTERNAL_REGISTRATION  = false
+ENABLE_CAPTCHA                    = false
+DEFAULT_KEEP_EMAIL_PRIVATE        = false
+DEFAULT_ALLOW_CREATE_ORGANIZATION = true
+DEFAULT_ENABLE_TIMETRACKING       = true
+NO_REPLY_ADDRESS                  = noreply.localhost
+
+
+[mailer]
+ENABLED = false
+
+
+[openid]
+ENABLE_OPENID_SIGNIN = true
+ENABLE_OPENID_SIGNUP = false
+
+
+[other]
+SHOW_FOOTER_VERSION = false
+SHOW_FOOTER_TEMPLATE_LOAD_TIME = false
diff --git a/stacks/gitea.yml b/stacks/gitea.yml
index af1720b..07963a3 100644
--- a/stacks/gitea.yml
+++ b/stacks/gitea.yml
@@ -18,6 +18,9 @@ services:
             - 'traefik.http.routers.gitea.tls.certresolver=letsEncrypt'
             - 'traefik.http.services.gitea.loadbalancer.server.port=3000'
                 
+        configs:
+          - source: gitea_v1
+            target: /data/gitea/conf/app.ini
         environment:
             - 'DB_TYPE=postgres'
             - 'DB_HOST=db:5432'
@@ -26,6 +29,10 @@ services:
             - 'DB_PASSWD=gitea'
             - 'LFS_START_SERVER=true'
             - 'DISABLE_REGISTRATION=true'
+            - 'GITEA__server__LFS_JWT_SECRET_FILE=/run/secrets/gitea_lfs_jwt_secret'
+            - 'GITEA__security__SECRET_KEY_FILE=/run/secrets/gitea_secret_key'
+            - 'GITEA__security__INTERNAL_TOKEN_FILE=/run/secrets/gitea_internal_token'
+            - 'GITEA__oauth2__JWT_SECRET_FILE=/run/secrets/gitea_jwt_secret'
         networks:
             - 'default'
             - 'public'
@@ -55,10 +62,24 @@ services:
         volumes:
             - 'db-data:/var/lib/postgresql/data'
 
+configs:
+  gitea_v1:
+    external: true
+
 networks:
     public:
         external: true
 
+secrets:
+  gitea_internal_token:
+    external: true
+  gitea_jwt_secret:
+    external: true
+  gitea_lfs_jwt_secret:
+    external: true
+  gitea_secret_key:
+    external: true
+
 volumes:
   data:
   db-data:

From efce4bb90b146a0f5a7d09ef5a2f19da834f8ee9 Mon Sep 17 00:00:00 2001
From: Jef Roosens <roosensjef@gmail.com>
Date: Fri, 24 Dec 2021 17:28:30 +0100
Subject: [PATCH 2/3] added missing secrets to gitea

---
 stacks/gitea.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/stacks/gitea.yml b/stacks/gitea.yml
index 07963a3..3ed4960 100644
--- a/stacks/gitea.yml
+++ b/stacks/gitea.yml
@@ -44,6 +44,11 @@ services:
             - 'lfs:/data/git/lfs'
             - '/etc/timezone:/etc/timezone:ro'
             - '/etc/localtime:/etc/localtime:ro'
+        secrets:
+          - gitea_internal_token
+          - gitea_jwt_secret
+          - gitea_lfs_jwt_secret
+          - gitea_secret_key
 
     db:
         image: 'postgres:14.1-alpine'

From deae889750b128ebc1cac79340e04c6b7c8ec2a0 Mon Sep 17 00:00:00 2001
From: Jef Roosens <roosensjef@gmail.com>
Date: Fri, 24 Dec 2021 17:33:41 +0100
Subject: [PATCH 3/3] Fixed some dumb intendation

---
 stacks/gitea.yml | 128 +++++++++++++++++++++++------------------------
 1 file changed, 64 insertions(+), 64 deletions(-)

diff --git a/stacks/gitea.yml b/stacks/gitea.yml
index 3ed4960..6781723 100644
--- a/stacks/gitea.yml
+++ b/stacks/gitea.yml
@@ -1,79 +1,79 @@
 version: '3'
 
 services:
-    app:
-        # Latest contains a development version
-        image: 'gitea/gitea:1.15.8'
+  app:
+    # Latest contains a development version
+    image: 'gitea/gitea:1.15.8'
+    
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class==gitea'
+      labels:
+      - 'traefik.enable=true'
+      - 'traefik.http.routers.gitea.rule=Host(`git.rustybever.be`)'
+      - 'traefik.http.routers.gitea.tls=true'
+      - 'traefik.http.routers.gitea.tls.certresolver=letsEncrypt'
+      - 'traefik.http.services.gitea.loadbalancer.server.port=3000'
         
-        deploy:
-          mode: 'replicated'
-          replicas: 1
-          placement:
-            constraints:
-              - 'node.labels.class==gitea'
-          labels:
-            - 'traefik.enable=true'
-            - 'traefik.http.routers.gitea.rule=Host(`git.rustybever.be`)'
-            - 'traefik.http.routers.gitea.tls=true'
-            - 'traefik.http.routers.gitea.tls.certresolver=letsEncrypt'
-            - 'traefik.http.services.gitea.loadbalancer.server.port=3000'
-                
-        configs:
-          - source: gitea_v1
-            target: /data/gitea/conf/app.ini
-        environment:
-            - 'DB_TYPE=postgres'
-            - 'DB_HOST=db:5432'
-            - 'DB_NAME=gitea'
-            - 'DB_USER=gitea'
-            - 'DB_PASSWD=gitea'
-            - 'LFS_START_SERVER=true'
-            - 'DISABLE_REGISTRATION=true'
-            - 'GITEA__server__LFS_JWT_SECRET_FILE=/run/secrets/gitea_lfs_jwt_secret'
-            - 'GITEA__security__SECRET_KEY_FILE=/run/secrets/gitea_secret_key'
-            - 'GITEA__security__INTERNAL_TOKEN_FILE=/run/secrets/gitea_internal_token'
-            - 'GITEA__oauth2__JWT_SECRET_FILE=/run/secrets/gitea_jwt_secret'
-        networks:
-            - 'default'
-            - 'public'
-        ports:
-            - '22:22'
-        volumes:
-            - 'data:/data'
-            - 'repos:/data/git/repositories'
-            - 'lfs:/data/git/lfs'
-            - '/etc/timezone:/etc/timezone:ro'
-            - '/etc/localtime:/etc/localtime:ro'
-        secrets:
-          - gitea_internal_token
-          - gitea_jwt_secret
-          - gitea_lfs_jwt_secret
-          - gitea_secret_key
+    configs:
+      - source: gitea_v1
+        target: /data/gitea/conf/app.ini
+    environment:
+      - 'DB_TYPE=postgres'
+      - 'DB_HOST=db:5432'
+      - 'DB_NAME=gitea'
+      - 'DB_USER=gitea'
+      - 'DB_PASSWD=gitea'
+      - 'LFS_START_SERVER=true'
+      - 'DISABLE_REGISTRATION=true'
+      - 'GITEA__server__LFS_JWT_SECRET_FILE=/run/secrets/gitea_lfs_jwt_secret'
+      - 'GITEA__security__SECRET_KEY_FILE=/run/secrets/gitea_secret_key'
+      - 'GITEA__security__INTERNAL_TOKEN_FILE=/run/secrets/gitea_internal_token'
+      - 'GITEA__oauth2__JWT_SECRET_FILE=/run/secrets/gitea_jwt_secret'
+    networks:
+      - 'default'
+      - 'public'
+    ports:
+      - '22:22'
+    volumes:
+      - 'data:/data'
+      - 'repos:/data/git/repositories'
+      - 'lfs:/data/git/lfs'
+      - '/etc/timezone:/etc/timezone:ro'
+      - '/etc/localtime:/etc/localtime:ro'
+    secrets:
+      - gitea_internal_token
+      - gitea_jwt_secret
+      - gitea_lfs_jwt_secret
+      - gitea_secret_key
 
-    db:
-        image: 'postgres:14.1-alpine'
-        
-        deploy:
-          mode: 'replicated'
-          replicas: 1
-          placement:
-            constraints:
-              - 'node.labels.class==gitea'
+  db:
+    image: 'postgres:14.1-alpine'
+    
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class==gitea'
 
-        environment:
-            - 'POSTGRES_USER=gitea'
-            - 'POSTGRES_PASSWORD=gitea'
-            - 'POSTGRES_DB=gitea'
-        volumes:
-            - 'db-data:/var/lib/postgresql/data'
+    environment:
+      - 'POSTGRES_USER=gitea'
+      - 'POSTGRES_PASSWORD=gitea'
+      - 'POSTGRES_DB=gitea'
+    volumes:
+      - 'db-data:/var/lib/postgresql/data'
 
 configs:
   gitea_v1:
     external: true
 
 networks:
-    public:
-        external: true
+  public:
+    external: true
 
 secrets:
   gitea_internal_token: