ScriptsCollections/GitHub.webhook-scripts
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

base setup update with base jump host setting for gitea

Browse Source
This commit is contained in:
Clemens Schwaighofer
2025-07-04 11:24:39 +09:00
parent 2d5d728a7a
commit f408d9b0b8
2 changed files with 34 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/bin/base_setup.sh
View File

@@ -22,9 +22,9 @@ fi;
if [ -z "${WWW_GROUP}" ]; then if [ -z "${WWW_GROUP}" ]; then
echo "Missing WWW_GROUP entry"; echo "Missing WWW_GROUP entry";
error=1; error=1;
else elif ! getent group "${WWW_GROUP}" > /dev/null 2>&1; then
# check that this group exists, we do not create this, this is the apache group echo "Group ${WWW_GROUP} does not exist. Is it the Apache web group?";
echo ""; error=1;
fi; fi;
if [ -z "${SUDO_USER}" ]; then if [ -z "${SUDO_USER}" ]; then
echo "Missing SUDO_USER entry"; echo "Missing SUDO_USER entry";
@@ -46,12 +46,21 @@ CONFIG_FOLDER="config/"
WWW_WEBHOOK_INCOMING="/www/webhook-incoming"; WWW_WEBHOOK_INCOMING="/www/webhook-incoming";
WWW_ADMIN="/www/admin"; WWW_ADMIN="/www/admin";
# jump host PEM file
PEM_BASE="${BASE_FOLDER}../pem/";
JUMP_PEM_FILE="somen-jump.tequila.jp#scripts#webhook-git#ed25519.pem";
# add trailing slash if missing # add trailing slash if missing
GIT_REPOSITORY_FOLDER="${GIT_REPOSITORY_FOLDER%/}/" GIT_REPOSITORY_FOLDER="${GIT_REPOSITORY_FOLDER%/}/"
if [ -d "${GIT_REPOSITORY_FOLDER}" ]; then if [ -d "${GIT_REPOSITORY_FOLDER}" ]; then
echo "Base folder already exists, update check"; echo "Base folder already exists, update check";
echo "[TODO] -> Not implemented exit"; echo "[TODO] -> Not implemented exit";
# check folders
# check folder ACL
# copy scripts
# copy default config
# check config entries missing
exit; exit;
else else
echo "=> Create new folder structure"; echo "=> Create new folder structure";
@@ -70,11 +79,26 @@ else
setfacl -m -d u:"${SUDO_USER}":rwx -R "${GIT_REPOSITORY_FOLDER}" setfacl -m -d u:"${SUDO_USER}":rwx -R "${GIT_REPOSITORY_FOLDER}"
setfacl -m g:"${WWW_GROUP}":rx -R "${GIT_REPOSITORY_FOLDER}" setfacl -m g:"${WWW_GROUP}":rx -R "${GIT_REPOSITORY_FOLDER}"
# SSH # SSH
if [ "${USE_SUDO}" != "0" ]; then
echo "+ Add .ssh folder" echo "+ Add .ssh folder"
sudo -u "${SUDO_USER}" mkdir "${GIT_REPOSITORY_FOLDER}"/.ssh/ sudo -u "${SUDO_USER}" mkdir "${GIT_REPOSITORY_FOLDER}"/.ssh/
sudo -u "${SUDO_USER}" touch "${GIT_REPOSITORY_FOLDER}"/.ssh/config sudo -u "${SUDO_USER}" touch "${GIT_REPOSITORY_FOLDER}"/.ssh/config
sudo -u "${SUDO_USER}" chmod 700 "${GIT_REPOSITORY_FOLDER}"/.ssh/ sudo -u "${SUDO_USER}" chmod 700 "${GIT_REPOSITORY_FOLDER}"/.ssh/
sudo -u "${SUDO_USER}" chmod 600 "${GIT_REPOSITORY_FOLDER}"/.ssh/config sudo -u "${SUDO_USER}" chmod 600 "${GIT_REPOSITORY_FOLDER}"/.ssh/config
# add master jump host
cat >> "${GIT_REPOSITORY_FOLDER}"/.ssh/config << 'EOF'
Host UdonGitJump
Hostname somen-jump.tequila.jp
User webhook-git
IdentityFile ~/.ssh/somen-jump.tequila.jp#scripts#webhook-git#ed25519.pem
Port 37337
EOF
if [ -f "${PEM_BASE}${JUMP_PEM_FILE}" ]; then
cp "${PEM_BASE}${JUMP_PEM_FILE}" "${GIT_REPOSITORY_FOLDER}"/.ssh/;
else
echo "PEM FILE ${JUMP_PEM_FILE} must be added manually"
fi;
fi;
# All other FOLDER # All other FOLDER
echo "+ Other folders for clone base: ${CLONE_BASE}, logs, scripts, www/webhook-incoming" echo "+ Other folders for clone base: ${CLONE_BASE}, logs, scripts, www/webhook-incoming"
sudo -u "${SUDO_USER}" \ sudo -u "${SUDO_USER}" \

2
src/pem/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*.pem
!.gitignore