Add Gogs module

.gitmodules

@@ -25,3 +25,6 @@
 [submodule "images/rpi-sftp"]
 	path = images/rpi-sftp
 	url = git@github.com:bingen/rpi-sftp.git
+[submodule "images/rpi-gogs"]
+	path = images/rpi-gogs
+	url = git@github.com:bingen/rpi-gogs.git

docker-compose.yml

@@ -17,6 +17,10 @@ services:
         target: nextcloud_pwd
         uid: '999'
         mode: 0440
+      - source: ldap_gogs_pwd
+        target: gogs_pwd
+        uid: '999'
+        mode: 0440
     # container_name: openldap
     tty: true
     stdin_open: true
@@ -60,6 +64,7 @@ services:
     depends_on:
       # For DNS resolution
       - nextcloud
+      - gogs
     env_file:
       - haproxy.env
     networks:
@@ -179,7 +184,32 @@ services:
     env_file:
       - paperless.env
 
-  #gogs:
+  gogs:
+    build:
+      context: ./images/rpi-gogs/
+    image: bingen/rpi-gogs
+    depends_on:
+      - db
+    env_file:
+      - gogs.env
+    ports:
+      - "2080:2080"
+      - "2443:2443"
+      - "2022:22"
+    volumes:
+      - ${GOGS_DATA_VOLUME_PATH}:/data
+    secrets:
+      - source: db_pwd
+        target: mysql_pwd
+        mode: 0440
+      - source: ldap_gogs_pwd
+        target: ldap_pwd
+        uid: '999'
+        mode: 0440
+      - source: gogs_admin_pwd
+        target: admin_pwd
+        uid: '999'
+        mode: 0440
 
   #wordpress:
 
@@ -195,12 +225,16 @@ secrets:
     external: true
   ldap_nextcloud_pwd:
     external: true
+  ldap_gogs_pwd:
+    external: true
   nextcloud_admin_pwd:
     external: true
   nextcloud_salt:
     external: true
   nextcloud_secret:
     external: true
+  gogs_admin_pwd:
+    external: true
   paperless_webserver_pwd:
     external: true
   paperless_passphrase:

gogs.env.template

@@ -0,0 +1,15 @@
+GOGS_DOMAIN=gogs.${DOMAIN}
+GOGS_ADMIN_PWD_FILE=/run/secrets/admin_pwd
+ADMIN_EMAIL=${ADMIN_EMAIL}
+
+# DB
+MYSQL_ROOT_PWD_FILE=/run/secrets/mysql_pwd
+DB_HOST=db
+GOGS_DB_NAME=git
+GOGS_DB_USER=gogs
+
+# LDAP
+LDAP_SERVER_HOST=openldap
+LDAP_BIND_DN=uid=${LDAP_GOGS_UID},ou=services,dc=${ORGANIZATION},dc=${EXTENSION}
+LDAP_BIND_PWD_FILE=/run/secrets/ldap_pwd
+LDAP_SEARCH_BASE=ou=people,dc=${ORGANIZATION},dc=${EXTENSION}

haproxy.env.template

@@ -1,2 +1,3 @@
 NEXTCLOUD_URL=nextcloud.${DOMAIN}
+GOGS_URL=gogs.${DOMAIN}
 ZONEMINDER_URL=zoneminder.${DOMAIN}

images/rpi-gogs

@@ -0,0 +1 @@
+Subproject commit bb54527dfa419758efcdb0fcb270f1f87b6d7c58

mail.env.template

@@ -1,6 +1,6 @@
 DOMAIN=${DOMAIN}
 LDAP_SERVER_HOST=openldap
-LDAP_BIND_DN=uid=${MAIL_LDAP_UID},ou=services,dc=${ORGANIZATION},dc=${EXTENSION}
+LDAP_BIND_DN=uid=${LDAP_MAIL_UID},ou=services,dc=${ORGANIZATION},dc=${EXTENSION}
 LDAP_BIND_PWD_FILE=/run/secrets/ldap_pwd
 LDAP_SEARCH_BASE=ou=people,dc=${ORGANIZATION},dc=${EXTENSION}
 VIRTUAL_DOMAINS=()

nextcloud.env.template

@@ -6,7 +6,7 @@ NEXTCLOUD_SECRET_FILE=/run/secrets/secret
 DATA_CHOWN=1
 # LDAP
 LDAP_SERVER_HOST=openldap
-LDAP_BIND_DN=uid=${NEXTCLOUD_LDAP_UID},ou=services,dc=${ORGANIZATION},dc=${EXTENSION}
+LDAP_BIND_DN=uid=${LDAP_NEXTCLOUD_UID},ou=services,dc=${ORGANIZATION},dc=${EXTENSION}
 LDAP_BIND_PWD_FILE=/run/secrets/ldap_pwd
 #LDAP_SEARCH_BASE=ou=people,dc=${ORGANIZATION},dc=${EXTENSION}
 LDAP_SEARCH_BASE=dc=${ORGANIZATION},dc=${EXTENSION}
@@ -16,4 +16,4 @@ DB_HOST=db
 NEXTCLOUD_DB_NAME=nextcloud
 NEXTCLOUD_DB_USER=nextcloud
 # Let's Encrypt
-LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL}
+ADMIN_EMAIL=${ADMIN_EMAIL}

openldap.env.template

@@ -3,8 +3,12 @@ LDAP_DOMAIN=${DOMAIN}
 LDAP_ORGANIZATION=${ORGANIZATION}
 LDAP_EXTENSION=${EXTENSION}
 LDAP_ADMIN_PWD_FILE=/run/secrets/admin_pwd
+LDAP_MAIL_UID=${LDAP_MAIL_UID}
 LDAP_MAIL_PWD_FILE=/run/secrets/mail_pwd
+LDAP_NEXTCLOUD_UID=${LDAP_NEXTCLOUD_UID}
 LDAP_NEXTCLOUD_PWD_FILE=/run/secrets/nextcloud_pwd
+LDAP_GOGS_UID=${LDAP_GOGS_UID}
+LDAP_GOGS_PWD_FILE=/run/secrets/gogs_pwd
 DEBUG_LEVEL=0
 #BKP_FILE=/tmp/ldap_bkp.ldif
 LDAP_BACKEND="hdb"

setup.sh

@@ -5,6 +5,7 @@ PWD_GEN='< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-32};echo;'
 #PWD_GEN='openssl rand -base64 20'
 DEFAULT_LDAP_MAIL_UID='mail'
 DEFAULT_LDAP_NEXTCLOUD_UID='nextcloud'
+DEFAULT_LDAP_GOGS_UID='gogs'
 
 read -p "Main domain: " domain
 while [[ ! $domain =~ ^.*\.[a-z]{2,}$ ]]; do
@@ -49,14 +50,29 @@ if [[ ${#ldap_nextcloud_pwd} -eq 0 ]]; then
     ldap_nextcloud_pwd=`eval "$PWD_GEN"`
 fi
 
+read -p "LDAP Gogs Bind DN uid ($DEFAULT_LDAP_GOGS_UID): " ldap_gogs_uid
+if [[ ${#ldap_gogs_uid} -eq 0 ]]; then
+    ldap_gogs_uid=$DEFAULT_LDAP_GOGS_UID
+fi
+
+read -p "LDAP Gogs Bind DN Pwd (a random one will be generated if empty): " ldap_gogs_pwd
+if [[ ${#ldap_gogs_pwd} -eq 0 ]]; then
+    ldap_gogs_pwd=`eval "$PWD_GEN"`
+fi
+
 read -p "Nextcloud Admin User Pwd (a random one will be generated if empty): " nextcloud_admin_pwd
 if [[ ${#nextcloud_admin_pwd} -eq 0 ]]; then
     nextcloud_admin_pwd=`eval "$PWD_GEN"`
 fi
 
-read -p "E-mail for Let's Encrypt account (admin@${domain}): " letsencrypt_email
-if [[ ${#letsencrypt_email} -eq 0 ]]; then
-    letsencrypt_email=admin@${domain}
+read -p "Gogs Admin User Pwd (a random one will be generated if empty): " gogs_admin_pwd
+if [[ ${#gogs_admin_pwd} -eq 0 ]]; then
+    gogs_admin_pwd=`eval "$PWD_GEN"`
+fi
+
+read -p "Admin E-mail, used for Let's Encrypt account and more (admin@${domain}): " admin_email
+if [[ ${#admin_email} -eq 0 ]]; then
+    admin_email=admin@${domain}
 fi
 
 echo "If you have a password salt and a secret from a previous installation, provide them here."
@@ -99,7 +115,8 @@ echo Your domain is:                       $domain
 echo Your Volumes path is:                 $volumes
 echo Your LDAP Mail Bind DN Uid is:        $ldap_mail_uid
 echo Your LDAP Nextcloud Bind DN Uid is:   $ldap_nextcloud_uid
-echo Your Let\'s Encrypt account e-mail:   $letsencrypt_email
+echo Your LDAP Gogs Bind DN Uid is:        $ldap_gogs_uid
+echo Your Admin email. Let\'s Encrypt...:  $admin_email
 echo Your Paperless Web Server User:       $paperless_webserver_user
 echo Your SFTP User:                       $paperless_ftp_user
 
@@ -118,9 +135,11 @@ echo $db_pwd | docker secret create db_pwd -
 echo $ldap_pwd | docker secret create ldap_pwd -
 echo $ldap_mail_pwd | docker secret create ldap_mail_pwd -
 echo $ldap_nextcloud_pwd | docker secret create ldap_nextcloud_pwd -
+echo $ldap_gogs_pwd | docker secret create ldap_gogs_pwd -
 echo $nextcloud_admin_pwd | docker secret create nextcloud_admin_pwd -
 echo $nextcloud_salt | docker secret create nextcloud_salt -
 echo $nextcloud_secret | docker secret create nextcloud_secret -
+echo $gogs_admin_pwd | docker secret create gogs_admin_pwd -
 echo $paperless_webserver_pwd | docker secret create paperless_webserver_pwd -
 echo $paperless_passphrase | docker secret create paperless_passphrase -
 echo $paperless_ftp_pwd | docker secret create paperless_ftp_pwd -
@@ -138,15 +157,17 @@ cp nextcloud.env.template nextcloud.env
 cp haproxy.env.template haproxy.env
 cp paperless.env.template paperless.env
 cp sftp.env.template sftp.env
+cp gogs.env.template gogs.env
 
 for i in `ls *.env .env`; do
     sed -i "s/\${DOMAIN}/${domain}/g" $i
     sed -i "s/\${ORGANIZATION}/${org}/g" $i
     sed -i "s/\${EXTENSION}/${ext}/g" $i
     sed -i "s/\${VOLUMES_PATH}/${volumes//\//\\/}/g" $i
-    sed -i "s/\${MAIL_LDAP_UID}/${ldap_mail_uid}/g" $i
-    sed -i "s/\${NEXTCLOUD_LDAP_UID}/${ldap_nextcloud_uid}/g" $i
-    sed -i "s/\${LETSENCRYPT_EMAIL}/${letsencrypt_email}/g" $i
+    sed -i "s/\${LDAP_MAIL_UID}/${ldap_mail_uid}/g" $i
+    sed -i "s/\${LDAP_NEXTCLOUD_UID}/${ldap_nextcloud_uid}/g" $i
+    sed -i "s/\${LDAP_GOGS_UID}/${ldap_gogs_uid}/g" $i
+    sed -i "s/\${ADMIN_EMAIL}/${admin_email}/g" $i
     sed -i "s/\${PAPERLESS_WEBSERVER_USER}/${paperless_webserver_user}/g" $i
     sed -i "s/\${PAPERLESS_FTP_USER}/${paperless_ftp_user}/g" $i
     #sed -i "s/\${}/${}/g" $i
@@ -189,5 +210,5 @@ sudo mkdir -p ${PAPERLESS_MEDIA_VOLUME_PATH}
 sudo mkdir -p ${PAPERLESS_CONSUMPTION_VOLUME_PATH}
 sudo mkdir -p ${PAPERLESS_EXPORT_VOLUME_PATH}
 
-echo "Copying gemail confs"
+echo "Copying getmail confs"
 cp images/rpi-email/getmail/getmailrc-* ${MAIL_DATA_VOLUME_PATH}/getmail/