120 lines
4.4 KiB
Plaintext
120 lines
4.4 KiB
Plaintext
# Info: KCL Gitea task schemas for provisioning (Provisioning)
|
|
# Author: JesusPerezLorenzo
|
|
# Release: 0.0.4
|
|
# Date: 11-12-2023
|
|
|
|
import regex
|
|
|
|
schema User:
|
|
"""
|
|
User settings
|
|
"""
|
|
name: str
|
|
password?: str
|
|
group: str = name
|
|
home?: str = "/home/${name}"
|
|
email?: str
|
|
|
|
schema DB:
|
|
"""
|
|
Gitea DB settings
|
|
"""
|
|
typ: "sqlite" | "postgres" | "mysql" = "sqlite"
|
|
host?: str = "127.0.0.1:5432" if typ == "postgres" else Undefined
|
|
name: str
|
|
user?: str
|
|
password?: str
|
|
charset?: str = "utf8" if typ != "sqlite" else Undefined
|
|
ssl_mode?: "enable" | "disable" = "disable" if typ == "postgres" else Undefined
|
|
path?: str = "/var/lib/gitea/gitea.db"
|
|
|
|
schema Gitea:
|
|
"""
|
|
Gitea app.ini main settings
|
|
"""
|
|
#_with_ssh = True if ssh_domain != Undefined and len(ssh_domain) > 0 else False
|
|
# _protocol = "https" if certs_path != Undefined and len(certs_path) > 0 else "http"
|
|
#_ssh_port = 22
|
|
# _cert_file = Undefined if _protocol == "http" else cert_file
|
|
# _key_file = key_file if certs_path != Undefined and _protocol == "https" else Udefined
|
|
name: str = "gitea"
|
|
version: str
|
|
app_name: str
|
|
run_user: User = {
|
|
name = "gitea"
|
|
}
|
|
adm_user: User
|
|
work_path: str = "/var/lib/gitea"
|
|
etc_path: str = "/etc/gitea"
|
|
config_path: str = "app.ini"
|
|
run_path: str = "/usr/local/bin/gitea"
|
|
"protocol": "http" | "https" = "http"
|
|
http_addr: str = "localhost"
|
|
http_port: int = 3000
|
|
root_url: str
|
|
domain: str
|
|
db: DB
|
|
disable_registration: bool = True
|
|
require_signin_view: bool = False
|
|
webhook_allowed_hosts_list?: str
|
|
cdci_user?: str
|
|
cdci_group?: str = "${cdci_user}"
|
|
cdci_user_home?: str = "/home/${cdci_user}"
|
|
cdci_key?: str
|
|
copy_paths?: [str]
|
|
|
|
# #if $with_https == True:
|
|
# # _protocol = "https"
|
|
# if _with_ssh == True:
|
|
# _ssh_port = 22
|
|
# # if _protocol == "http":
|
|
# # _cert_file = Undefined
|
|
# # _key_file = Undefined
|
|
# # cert_file = ""
|
|
# print (_with_ssh, ssh_domain, ssh_port)
|
|
# print (_protocol, certs_path, cert_file, _cert_file)
|
|
|
|
check:
|
|
1 <= http_port <= 65535, "http_port must be between 1 and 65535, inclusive"
|
|
len(adm_user.name) > 0, "Check Admin User name 'adm_user.name'"
|
|
len(adm_user.password) > 0, "Check Admin User password 'adm_user.password'"
|
|
len(adm_user.email) > 0, "Check Admin User email 'adm_user.email'"
|
|
len(db.name) > 0, "Check DB name"
|
|
db.typ == "sqlite" or db.user != Undefined and len(db.user) > 0, "Check DB user for ${db.typ}"
|
|
db.typ == "sqlite" or db.password != Undefined and len(db.password) > 0, "Check DB password for ${db.typ}"
|
|
# 1 <= ssh_port <= 65535 , "ssh_port must be between 1 and 65535, inclusive"
|
|
# _cert_file == Undefined or regex.match(_cert_file, "^\/([A-z0-9-_+]+\/)*([A-z0-9]+\.(pem))$"), "'cert_file= ${_cert_file}' should be absolute path with '.pem' extension"
|
|
# _key_file == Undefined or regex.match(_key_file, "^\/([A-z0-9-_+]+\/)*([A-z0-9]+\.(pem))$"), "'key_file= ${_key_file}' should be absolute path with '.pem' extension"
|
|
#_protocol == "https" and len(certs_path) == 0, "certs_path has to be set for protocol https"
|
|
#ssh_port == 1 IF ssh_domain? [""]
|
|
|
|
schema Gitea_SSH(Gitea):
|
|
"""
|
|
Gitea app.ini main settings with SSL and SSH
|
|
"""
|
|
"protocol": "http" | "https" = "https"
|
|
ssh_domain: str
|
|
ssh_port: int = 2022
|
|
start_ssh_server: bool = True
|
|
builtin_ssh_server_user: str = "git"
|
|
ssh_root_path: str = "/home/gitea/.ssh"
|
|
|
|
check:
|
|
1 <= ssh_port <= 65535 , "ssh_port must be between 1 and 65535, inclusive"
|
|
|
|
schema Gitea_SSH_SSL(Gitea_SSH):
|
|
"""
|
|
Gitea app.ini main settings with SSL
|
|
"""
|
|
"protocol": "http" | "https" = "https"
|
|
certs_path: str
|
|
cert_file: str = "${certs_path}/fullchain.pem"
|
|
key_file: str = "${certs_path}/privkey.pem"
|
|
|
|
check:
|
|
1 <= http_port <= 65535, "http_port must be between 1 and 65535, inclusive"
|
|
regex.match(certs_path, "^\/.*$"), "'certs_path= ${certs_path}' should be absolute path"
|
|
regex.match(cert_file, "^\/([A-z0-9-_+]+\/)*([A-z0-9]+\.(pem))$"), "'cert_file= ${cert_file}' should be absolute path with '.pem' extension"
|
|
regex.match(key_file, "^\/([A-z0-9-_+]+\/)*([A-z0-9]+\.(pem))$"), "'key_file= ${key_file}' should be absolute path with '.pem' extension"
|
|
|