backports/forgejo-runner/APKBUILD

@@ -0,0 +1,47 @@
+# Contributor: Patrycja Rosa <alpine@ptrcnull.me>
+# Maintainer: Patrycja Rosa <alpine@ptrcnull.me>
+pkgname=forgejo-runner
+pkgver=3.5.0
+pkgrel=2
+pkgdesc="CI/CD job runner for Forgejo"
+url="https://code.forgejo.org/forgejo/runner"
+arch="all"
+license="MIT"
+makedepends="go"
+install="$pkgname.pre-install $pkgname.pre-upgrade"
+subpackages="$pkgname-openrc"
+source="$pkgname-$pkgver.tar.gz::https://code.forgejo.org/forgejo/runner/archive/v$pkgver.tar.gz
+
+	forgejo-runner.logrotate
+	forgejo-runner.initd
+	forgejo-runner.confd
+	"
+builddir="$srcdir/runner"
+options="!check" # tests require running forgejo
+
+build() {
+	go build \
+		-o forgejo-runner \
+		-ldflags "-X gitea.com/gitea/act_runner/internal/pkg/ver.version=$pkgver"
+	./forgejo-runner generate-config > config.example.yaml
+}
+
+check() {
+	go test ./...
+}
+
+package() {
+	install -Dm755 forgejo-runner -t "$pkgdir"/usr/bin/
+	install -Dm644 config.example.yaml -t "$pkgdir"/etc/forgejo-runner/
+
+	install -Dm755 "$srcdir"/forgejo-runner.initd "$pkgdir"/etc/init.d/forgejo-runner
+	install -Dm644 "$srcdir"/forgejo-runner.confd "$pkgdir"/etc/conf.d/forgejo-runner
+	install -Dm644 "$srcdir"/forgejo-runner.logrotate "$pkgdir"/etc/logrotate.d/forgejo-runner
+}
+
+sha512sums="
+e78968a5f9b6e797fb759a5c8cbf46a5c2fef2083dabc88599c9017729faface963576c63a948b0add424cb267902e864fb1a1b619202660296976d93e670713  forgejo-runner-3.5.0.tar.gz
+a3c7238b0c63053325d31e09277edd88690ef5260854517f82d9042d6173fb5d24ebfe36e1d7363673dd8801972638a6e69b6af8ad43debb6057515c73655236  forgejo-runner.logrotate
+bb0c6fbe90109c77f9ef9cb0d35d20b8033be0e4b7a60839b596aa5528dfa24309ec894d8c04066bf8fb30143e63a5fd8cc6fc89aac364422b583e0f840e2da6  forgejo-runner.initd
+e11eab27f88f1181112389befa7de3aa0bac7c26841861918707ede53335535425c805e6682e25704e9c8a6aecba3dc13e20900a99df1183762b012b62f26d5f  forgejo-runner.confd
+"

backports/forgejo-runner/forgejo-runner.confd

@@ -0,0 +1,17 @@
+# Configuration for /etc/init.d/forgejo-runner
+
+# Path to the config file (--config).
+#cfgfile="/etc/forgejo-runner/config.yaml"
+
+# Path to the working directory (--working-directory).
+#datadir="/var/lib/forgejo-runner"
+
+# Path to the log file where stdout/stderr will be redirected.
+# Leave empty/commented out to use syslog instead.
+#output_log="/var/log/forgejo-runner.log"
+
+# You may change this to root, e.g. to run jobs in LXC
+#command_user="forgejo-runner"
+
+# Comment out to run without process supervisor.
+supervisor=supervise-daemon

backports/forgejo-runner/forgejo-runner.initd

@@ -0,0 +1,38 @@
+#!/sbin/openrc-run
+
+description="Forgejo CI Runner"
+name="Forgejo Runner"
+
+: ${cfgfile:="/etc/forgejo-runner/config.yaml"}
+: ${datadir:="/var/lib/forgejo-runner"}
+: ${command_user:="forgejo-runner"}
+
+command="/usr/bin/forgejo-runner"
+command_args="daemon --config $cfgfile"
+command_background="yes"
+directory="$datadir"
+pidfile="/run/$RC_SVCNAME.pid"
+
+depend() {
+	need net
+	use dns logger
+}
+
+start_pre() {
+	checkpath -d -o "$command_user" /etc/forgejo-runner
+	checkpath -d -o "$command_user" "$datadir"
+
+	if ! [ -e "$cfgfile" ]; then
+		eerror "Config file $cfgfile doesn't exist."
+		eerror "You can generate it with: forgejo-runner generate-config,"
+		eerror "or use the auto-generated one in /etc/forgejo-runner/config.example.yaml"
+		return 1
+	fi
+
+	if [ "$error_log" ]; then
+		output_log="$error_log"
+	else
+		output_logger="logger -t '${RC_SVCNAME}' -p daemon.info"
+		error_logger="logger -t '${RC_SVCNAME}' -p daemon.error"
+	fi
+}

backports/forgejo-runner/forgejo-runner.logrotate

@@ -0,0 +1,5 @@
+/var/log/forgejo-runner.log {
+	copytruncate
+	missingok
+	notifempty
+}

backports/forgejo-runner/forgejo-runner.pre-install

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+addgroup -S forgejo-runner 2>/dev/null
+adduser -S -D -H -h /var/lib/forgejo-runner -s /sbin/nologin -G forgejo-runner -g forgejo-runner forgejo-runner 2>/dev/null
+
+cat >&2 <<EOF
+* In order to setup the runner, create a config file
+* in /etc/forgejo-runner/config.yaml (either from .example.yaml,
+* or generating your own with 'forgejo-runner generate-config'),
+* then register it with 'doas -u forgejo-runner forgejo-runner register'
+* ran in the /var/lib/forgejo-runner directory.
+EOF
+
+exit 0

backports/forgejo-runner/forgejo-runner.pre-upgrade

@@ -0,0 +1 @@
+forgejo-runner.pre-install

ilot/forgejo-aneksajo/APKBUILD

@@ -0,0 +1,112 @@
+# Contributor: Carlo Landmeter <clandmeter@alpinelinux.org>
+# Contributor: 6543 <6543@obermui.de>
+# Contributor: techknowlogick <techknowlogick@gitea.io>
+# Contributor: Patrycja Rosa <alpine@ptrcnull.me>
+# Maintainer: Antoine Martin (ayakael) <dev@ayakael.net>
+pkgname=forgejo-aneksajo
+pkgver=8.0.1
+_gittag=v$pkgver-git-annex0
+pkgrel=0
+pkgdesc="Self-hosted Git service written in Go with git-annex support"
+url="https://forgejo.org"
+# riscv64: builds fail https://codeberg.org/forgejo/forgejo/issues/3025
+arch="all !riscv64"
+license="MIT"
+depends="git git-lfs gnupg"
+makedepends="go nodejs npm"
+checkdepends="bash openssh openssh-keygen sqlite tzdata"
+install="$pkgname.pre-install"
+pkgusers="forgejo"
+pkggroups="www-data"
+subpackages="$pkgname-openrc"
+source="$pkgname-$_gittag.tar.gz::https://codeberg.org/matrss/forgejo-aneksajo/archive/$_gittag.tar.gz
+	$pkgname.initd
+	$pkgname.ini
+	"
+builddir="$srcdir/forgejo-aneksajo"
+options="!check net chmod-clean" # broken with GIT_CEILING
+
+# secfixes:
+#   7.0.4-r0:
+#     - CVE-2024-24789
+#   7.0.3-r0:
+#     - CVE-2024-24788
+#   1.21.10.0-r0:
+#     - CVE-2023-45288
+#   1.21.3.0-r0:
+#     - CVE-2023-48795
+
+export GOCACHE="${GOCACHE:-"$srcdir/go-cache"}"
+export GOTMPDIR="${GOTMPDIR:-"$srcdir"}"
+export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}"
+
+# Skip tests for archs that fail unrelated in CI
+case "$CARCH" in
+s390x|x86|armhf|armv7) options="$options !check" ;;
+esac
+
+prepare() {
+	default_prepare
+
+	npm ci
+}
+
+build() {
+	# XXX: LARGEFILE64
+	export CGO_CFLAGS="$CFLAGS -O2 -D_LARGEFILE64_SOURCE"
+	export TAGS="bindata sqlite sqlite_unlock_notify"
+	export GITEA_VERSION="$pkgver"
+	export EXTRA_GOFLAGS="$GOFLAGS"
+	export CGO_LDFLAGS="$LDFLAGS"
+	unset LDFLAGS
+	## make FHS compliant
+	local setting="code.gitea.io/gitea/modules/setting"
+	export LDFLAGS="$LDFLAGS -X $setting.CustomConf=/etc/forgejo/app.ini"
+	export LDFLAGS="$LDFLAGS -X $setting.AppWorkPath=/var/lib/forgejo/"
+
+	make -j1 build
+}
+
+check() {
+	local home="$srcdir"/home
+	mkdir -p "$home"
+	install -d -m700 "$home"/.ssh
+	touch "$home"/.gitconfig
+
+	env GITEA_ROOT="$home" HOME="$home" GITEA_WORK_DIR="$(pwd)" timeout -s ABRT 20m make -j1 test-sqlite
+	## "make test" - modified (exclude broken tests)
+	## 'code.gitea.io/gitea/modules/migrations': github hase rate limits! 403 API
+	local tests=$(go list ./... | grep -v /vendor/ |
+		grep -v 'code.gitea.io/gitea/modules/migrations' |
+		grep -v 'code.gitea.io/gitea/modules/charset' |
+		grep -v 'code.gitea.io/gitea/models/migrations' |
+		grep -v 'code.gitea.io/gitea/services/migrations' |
+		grep -v 'code.gitea.io/gitea/integrations')
+	env GITEA_CONF="$PWD/tests/sqlite.ini" GITEA_ROOT="$home" HOME="$home" GO111MODULE=on go test -mod=vendor -tags='sqlite sqlite_unlock_notify' $tests
+
+}
+
+package() {
+	for dir in $pkgname $pkgname/git $pkgname/data $pkgname/db $pkgname/custom; do
+		install -dm750 -o forgejo -g www-data \
+			"$pkgdir"/var/lib/$dir
+	done
+
+	install -dm755 -o forgejo -g www-data "$pkgdir"/var/log/forgejo
+
+	# TODO: rename when upstream does
+	install -Dm755 -g www-data gitea "$pkgdir"/usr/bin/forgejo
+
+	install -Dm644 -o forgejo -g www-data "$srcdir"/forgejo-aneksajo.ini \
+		"$pkgdir"/etc/forgejo/app.ini
+	chown forgejo:www-data "$pkgdir"/etc/forgejo
+
+	install -Dm755 "$srcdir"/forgejo-aneksajo.initd \
+		"$pkgdir"/etc/init.d/forgejo
+}
+
+sha512sums="
+d8e273d369c934eec7ff84795cd0d896cda53bc1a2d17f610dd8476ff92dc50c4a24c4598366ef8aac3be52ddef6630489043183085334376c30bc5d4d5f15c2  forgejo-aneksajo-v8.0.1-git-annex0.tar.gz
+eb93a9f6c8f204de5c813f58727015f53f9feaab546589e016c60743131559f04fc1518f487b6d2a0e7fa8fab6d4a67cd0cd9713a7ccd9dec767a8c1ddebe129  forgejo-aneksajo.initd
+b537b41b6b3a945274a6028800f39787b48c318425a37cf5d40ace0d1b305444fd07f17b4acafcd31a629bedd7d008b0bb3e30f82ffeb3d7e7e947bdbe0ff4f3  forgejo-aneksajo.ini
+"

ilot/forgejo-aneksajo/forgejo-aneksajo.ini

@@ -0,0 +1,26 @@
+# Configuration cheat sheet: https://forgejo.org/docs/latest/admin/config-cheat-sheet/
+
+RUN_USER = forgejo
+RUN_MODE = prod
+
+[repository]
+ROOT = /var/lib/forgejo/git
+SCRIPT_TYPE = sh
+
+[server]
+STATIC_ROOT_PATH = /usr/share/webapps/forgejo
+APP_DATA_PATH    = /var/lib/forgejo/data
+LFS_START_SERVER = true
+
+[database]
+DB_TYPE = sqlite3
+PATH = /var/lib/forgejo/db/forgejo.db
+SSL_MODE = disable
+
+[session]
+PROVIDER = file
+
+[log]
+ROOT_PATH = /var/log/forgejo
+MODE = file
+LEVEL = Info

ilot/forgejo-aneksajo/forgejo-aneksajo.initd

@@ -0,0 +1,15 @@
+#!/sbin/openrc-run
+
+supervisor=supervise-daemon
+name=forgejo
+command="/usr/bin/forgejo"
+command_user="${FORGEJO_USER:-forgejo}:www-data"
+command_args="web --config '${FORGEJO_CONF:-/etc/forgejo/app.ini}'"
+supervise_daemon_args="--env FORGEJO_WORK_DIR='${FORGEJO_WORK_DIR:-/var/lib/forgejo}' --chdir '${FORGEJO_WORK_DIR:-/var/lib/forgejo}' --stdout '${FORGEJO_LOG_FILE:-/var/log/forgejo/http.log}' --stderr '${FORGEJO_LOG_FILE:-/var/log/forgejo/http.log}'"
+pidfile="/run/forgejo.pid"
+
+depend() {
+  use logger dns
+  need net
+  after firewall mysql postgresql
+}

ilot/forgejo-aneksajo/forgejo-aneksajo.pre-install

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+addgroup -S -g 82 www-data 2>/dev/null
+adduser -S -D -h /var/lib/forgejo -s /bin/sh -G www-data -g forgejo forgejo 2>/dev/null \
+	&& passwd -u forgejo 2>/dev/null
+
+exit 0