chore: add current provisioning state before migration

cluster/git/default/gitea/full_app.ini

@@ -0,0 +1,154 @@
+APP_NAME = Local Repo CloudNative zone
+RUN_MODE = prod
+RUN_USER = git
+WORK_PATH = /data/gitea
+
+[repository]
+ROOT = /data/git/repositories
+
+[repository.local]
+LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
+
+[repository.upload]
+TEMP_PATH = /data/gitea/uploads
+
+[server]
+PROTOCOL = http
+APP_DATA_PATH = /data/gitea
+SSH_DOMAIN = localrepo.cloudnative.zone
+DOMAIN = localrepo.cloudnative.zone
+HTTP_ADDR = 0.0.0.0
+HTTP_PORT = 3000
+ROOT_URL = https://localrepo.cloudnative.zone/
+DISABLE_SSH = false
+LFS_START_SERVER = true
+shFS_MAX_FILE_SIZE = 0
+LFS_LOCK_PAGING_NUM = 50
+; Permission for unix socket
+UNIX_SOCKET_PERMISSION = 666
+START_SSH_SERVER = true
+BUILTIN_SSH_SERVER_USER = git
+; The network interface the builtin SSH server should listen on
+; SSH_LISTEN_HOST =
+; Port number to be exposed in clone URL
+SSH_PORT = 2022
+; The port number the builtin SSH server should listen on
+SSH_LISTEN_PORT = %(SSH_PORT)s
+; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
+; SSH_ROOT_PATH =
+SSH_ROOT_PATH = /data/git/repositories
+; Gitea will create a authorized_keys file by default when it is not using the internal ssh server
+; If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
+SSH_CREATE_AUTHORIZED_KEYS_FILE = false
+; For the built-in SSH server, choose the ciphers to support for SSH connections,
+; for system SSH this setting has no effect
+SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
+; For the built-in SSH server, choose the key exchange algorithms to support for SSH connections
+; for system SSH this setting has no effect
+SSH_SERVER_KEY_EXCHANGES = diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256@libssh.org
+; for system SSH this setting has no effect
+SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1, hmac-sha1-96
+; Directory to create temporary files in when testing public keys using ssh-keygen,
+; default is the system temporary directory.
+; SSH_KEY_TEST_PATH =
+; Path to ssh-keygen, default is 'ssh-keygen' which means the shell is responsible for finding out which one to call.
+SSH_KEYGEN_PATH = ssh-keygen
+; Enable SSH Authorized Key Backup when rewriting all keys, default is true
+SSH_BACKUP_AUTHORIZED_KEYS = true
+; Enable exposure of SSH clone URL to anonymous visitors, default is false
+SSH_EXPOSE_ANONYMOUS = false
+; Indicate whether to check minimum key size with corresponding type
+MINIMUM_KEY_SIZE_CHECK = false
+; Disable CDN even in "prod" mode
+DISABLE_ROUTER_LOG = false
+OFFLINE_MODE = true
+
+; Generate steps:
+; $ ./gitea cert -ca=true -duration=8760h0m0s -host=myhost.example.com
+; 
+; Or from a .pfx file exported from the Windows certificate store (do
+; not forget to export the private key):
+; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
+; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
+# CERT_FILE                       = /data/gitea/conf/ssl/fullchain.pem
+# KEY_FILE                        = /data/gitea/conf/ssl/privkey.pem
+[database]
+PATH = /data/gitea/gitea.db
+DB_TYPE = postgres
+HOST = db:5432
+NAME = gitea
+USER = gitea
+PASSWD = gitea
+LOG_SQL = false
+SCHEMA = 
+SSL_MODE = disable
+
+[indexer]
+ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
+
+[session]
+PROVIDER_CONFIG = /data/gitea/sessions
+PROVIDER = file
+
+[picture]
+AVATAR_UPLOAD_PATH = /data/gitea/avatars
+REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
+
+[attachment]
+PATH = /data/gitea/attachments
+
+[log]
+MODE = console
+LEVEL = info
+ROOT_PATH = /data/gitea/log
+
+[security]
+INSTALL_LOCK = false
+SECRET_KEY = 
+REVERSE_PROXY_LIMIT = 1
+REVERSE_PROXY_TRUSTED_PROXIES = *
+PASSWORD_HASH_ALGO = pbkdf2
+
+[service]
+DISABLE_REGISTRATION = false
+REQUIRE_SIGNIN_VIEW = false
+REGISTER_EMAIL_CONFIRM = false
+ENABLE_NOTIFY_MAIL = false
+ALLOW_ONLY_EXTERNAL_REGISTRATION = false
+ENABLE_CAPTCHA = false
+DEFAULT_KEEP_EMAIL_PRIVATE = false
+DEFAULT_ALLOW_CREATE_ORGANIZATION = true
+DEFAULT_ENABLE_TIMETRACKING = true
+NO_REPLY_ADDRESS = noreply.localrepo.cloudnative.zone
+
+[lfs]
+PATH = /data/git/lfs
+
+[mailer]
+ENABLED = false
+
+[openid]
+ENABLE_OPENID_SIGNIN = true
+ENABLE_OPENID_SIGNUP = true
+
+[cron.update_checker]
+ENABLED = false
+
+[repository.pull-request]
+DEFAULT_MERGE_STYLE = merge
+
+[repository.signing]
+DEFAULT_TRUST_MODEL = committer
+
+[oauth2]
+
+[webhook] 
+; Hook task queue length, increase if webhook shooting starts hanging
+QUEUE_LENGTH    = 1000
+; Deliver timeout in seconds
+DELIVER_TIMEOUT =
+; Allow insecure certification
+SKIP_TLS_VERIFY = false
+; Number of history information in each page
+PAGING_NUM      = 10
+ALLOWED_HOST_LIST = 10.11.1.0/24

cluster/git/default/gitea/patch-app-ini.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+# Info: Script to patch Gita app.ini after init 
+# Author: JesusPerezLorenzo 
+# Release: 1.0
+# Date: 19-11-2023
+
+ROOT_DATA=${ROOT_DATA:-/data}
+DATA_REPO=${DATA_REPO:-$ROOT_DATA/repo}
+
+[ ! -r "$DATA_REPO/gitea/conf/app.ini" ] && echo "Error: app.ini not found " && exit 1
+
+[ ! -r "gitea/webhook_app.ini" ]  && echo "Error: no gitea/webhook_api.ini" && exit 1 
+
+if ! grep -q "\[webhook\]" "$DATA_REPO/gitea/conf/app.ini" ; then
+     	cat gitea/webhook_app.ini >> "$DATA_REPO/gitea/conf/app.ini" 
+	sudo systemctl restart pod-repo.service
+fi
+

cluster/git/default/gitea/webhook_app.ini

@@ -0,0 +1,11 @@
+
+[webhook] 
+; Hook task queue length, increase if webhook shooting starts hanging
+QUEUE_LENGTH    = 1000
+; Deliver timeout in seconds
+DELIVER_TIMEOUT =
+; Allow insecure certification
+SKIP_TLS_VERIFY = false
+; Number of history information in each page
+PAGING_NUM      = 10
+ALLOWED_HOST_LIST = 10.11.1.0/24