persistir forgejo

fixes #6
This commit is contained in:
Cat /dev/Nulo 2023-02-22 20:08:03 -03:00
parent 2e9045f4c3
commit 497e915167
5 changed files with 58 additions and 10 deletions

View file

@ -14,6 +14,7 @@ import { execFile, exists } from "./helpers/better-api.js";
import { PasswdEntry, readPasswd } from "./helpers/passwd.js";
import { logDebug } from "./helpers/logger.js";
import assert from "node:assert";
import { Persist } from "./persist.js";
export class Alpine {
dir: string;
@ -21,6 +22,7 @@ export class Alpine {
this.dir = dir;
}
fstab: Fstab = new Fstab(this);
persist: Persist = new Persist(this);
packages: string[] = [];
async mkdirP(dir: string): Promise<void> {
@ -169,6 +171,7 @@ export class Alpine {
const alpine = new Alpine({ dir });
await alpine.fstab.write();
await alpine.persist.write();
return alpine;
}
}

View file

@ -49,6 +49,7 @@ socat tcp-listen:80,reuseaddr,fork tcp:localhost:3050 &
`,
{ uid: 0, gid: 0 }
);
await alpine.fstab.addMount("/dev/sdb /persist ext4 defaults 0 0");
await timed(() => installFluentBit(alpine));
const runit = await timed(() => Runit.setup(alpine));
await timed(() => setupDhcpcd(alpine, runit));

40
persist.ts Normal file
View file

@ -0,0 +1,40 @@
import { join } from "path";
import { Alpine } from "./alpine.js";
export type Mount = {
path: string;
username: string;
};
function getPersistPath(mount: Mount): string {
return join("/persist", mount.path);
}
export class Persist {
private alpine: Alpine;
private mounts: Mount[] = [];
constructor(alpine: Alpine) {
this.alpine = alpine;
}
async addMount(mount: Mount) {
await this.alpine.symlink(getPersistPath(mount), mount.path);
this.mounts.push(mount);
await this.write();
}
async write() {
await this.alpine.mkdirP("/persist");
let script = "#!/bin/sh -e\n";
script += this.mounts
.flatMap((m) => [
`mkdir -p '${getPersistPath(m)}'`,
`chown '${m.username}:${m.username}' '${getPersistPath(m)}'`,
`chmod 700 '${m.path}'`,
])
.join("\n");
await this.alpine.writeExecutable(
// runit/scripts/03-filesystems.sh
"/usr/local/sbin/set-persist-permissions",
script
);
}
}

View file

@ -73,7 +73,7 @@ fi
msg "Mounting all non-network filesystems..."
mount -a -t "nosysfs,nonfs,nonfs4,nosmbfs,nocifs" -O no_netdev || emergency_shell
# data module
msg "Creating and mounting data directories..."
# TODO: todavía no tenemos modulo de data que genere esto
# /usr/local/bin/mount-data || emergency_shell
msg "Setting permissions in persist directories..."
# de persist.ts
"/usr/local/sbin/set-persist-permissions" || emergency_shell

View file

@ -5,6 +5,13 @@ import { loadForgejoSecretsFile } from "./secrets.js";
import { FluentBitParser, runitLokiLogger } from "../../software/fluentbit.js";
import { copyFile } from "node:fs/promises";
// ## Para crear unx usuarix
//
// ```sh
// # su _forgejo
// $ cd /var/lib/forgejo
// $ forgejo admin user create --config /etc/forgejo.conf --username Test --email test@nulo.in --password 123
// ```
export async function setupForgejo(alpine: Alpine, runit: Runit) {
const bin = await buildForgejo();
await copyFile(bin, alpine.path("/usr/local/bin/forgejo"));
@ -12,11 +19,8 @@ export async function setupForgejo(alpine: Alpine, runit: Runit) {
await alpine.addPackages(["tzdata", "git"]);
const entry = await alpine.userAdd("_forgejo");
// TODO: persistir
await alpine.fstab.addTmpfs("/var/lib/forgejo", {
uid: entry.uid,
mode: "700",
});
const dataDir = "/var/lib/forgejo";
await alpine.persist.addMount({ path: dataDir, username: "_forgejo" });
const secrets = await loadForgejoSecretsFile();
await alpine.writeFile(
@ -87,7 +91,7 @@ ENABLE_NOTIFY_MAIL = true
DEFAULT_KEEP_EMAIL_PRIVATE = true
[repository]
ROOT=/var/lib/gitea/data/gitea-repositories
ROOT=/var/lib/forgejo/data/gitea-repositories
;PREFERRED_LICENSES = Apache License 2.0,MIT License
DEFAULT_BRANCH = antifascista
ENABLE_PUSH_CREATE_USER = true