From a882011e973e7783064c049d5dc0ffaa4b2294cf Mon Sep 17 00:00:00 2001
From: Antoine Martin <dev@ayakael.net>
Date: Sun, 25 Aug 2024 09:15:05 -0400
Subject: [PATCH 1/4] ilot/codeberg-pages-server: new aport

---
 ilot/codeberg-pages-server/APKBUILD           | 45 +++++++++++++++++++
 .../codeberg-pages-server.openrc              | 30 +++++++++++++
 .../codeberg-pages-server.post-install        | 39 ++++++++++++++++
 .../codeberg-pages-server.post-upgrade        |  1 +
 .../codeberg-pages-server.pre-install         | 26 +++++++++++
 .../upgrade-go-sqlite3-to-1.14.19.patch       | 26 +++++++++++
 6 files changed, 167 insertions(+)
 create mode 100644 ilot/codeberg-pages-server/APKBUILD
 create mode 100644 ilot/codeberg-pages-server/codeberg-pages-server.openrc
 create mode 100755 ilot/codeberg-pages-server/codeberg-pages-server.post-install
 create mode 120000 ilot/codeberg-pages-server/codeberg-pages-server.post-upgrade
 create mode 100644 ilot/codeberg-pages-server/codeberg-pages-server.pre-install
 create mode 100644 ilot/codeberg-pages-server/upgrade-go-sqlite3-to-1.14.19.patch

diff --git a/ilot/codeberg-pages-server/APKBUILD b/ilot/codeberg-pages-server/APKBUILD
new file mode 100644
index 0000000..5eab680
--- /dev/null
+++ b/ilot/codeberg-pages-server/APKBUILD
@@ -0,0 +1,45 @@
+# Contributor: Antoine Martin (ayakael) <dev@ayakael.net>
+# Maintainer: Antoine Martin (ayakael) <dev@ayakael.net>
+pkgname=codeberg-pages-server
+pkgver=5.1
+pkgrel=0
+pkgdesc="The Codeberg Pages Server – with custom domain support, per-repo pages using the "pages" branch, caching and more."
+url="https://codeberg.org/Codeberg/pages-server"
+arch="all"
+license="EUPL-1.2"
+depends="nginx"
+makedepends="go just"
+# tests disabled for now
+options="!check"
+install="$pkgname.post-install $pkgname.post-upgrade $pkgname.pre-install"
+source="
+	$pkgname-$pkgver.tar.gz::https://codeberg.org/Codeberg/pages-server/archive/v$pkgver.tar.gz
+	codeberg-pages-server.openrc
+	upgrade-go-sqlite3-to-1.14.19.patch
+	"
+builddir="$srcdir/"pages-server
+subpackages="$pkgname-openrc"
+pkgusers="git"
+pkggroups="www-data"
+
+export GOPATH=$srcdir/go
+export GOCACHE=$srcdir/go-build
+export GOTMPDIR=$srcdir
+
+build() {
+	just build
+}
+
+package() {
+	msg "Packaging $pkgname"
+	install -Dm755 "$builddir"/build/codeberg-pages-server "$pkgdir"/usr/bin/codeberg-pages-server
+
+	install -Dm755 "$srcdir"/$pkgname.openrc \
+		"$pkgdir"/etc/init.d/$pkgname
+}
+
+sha512sums="
+55a1dd5ed0f1cb2aaad1066eca8bfbd1d537169ed3712c748163ebff64edc45d05ac1f6f062433e232e2638a790232438282f96dd7410eb4cbaff7208f5f2427  codeberg-pages-server-5.1.tar.gz
+4defb4fe3a4230f4aa517fbecd5e5b8bcef2a64e1b40615660ae9eec33597310a09df5e126f4d39ce7764bd1716c0a7040637699135c103cbc1879593c6c06f1  codeberg-pages-server.openrc
+895f1c8d22fcf1d5491a6fe0ce5d93201f83b6dd5fc81b24016b609988fb6c66fdde75bb3830f385a5c83d96366ca3a5f4f9524f52058b6c5dfd8b80d14bac5b  upgrade-go-sqlite3-to-1.14.19.patch
+"
diff --git a/ilot/codeberg-pages-server/codeberg-pages-server.openrc b/ilot/codeberg-pages-server/codeberg-pages-server.openrc
new file mode 100644
index 0000000..a036393
--- /dev/null
+++ b/ilot/codeberg-pages-server/codeberg-pages-server.openrc
@@ -0,0 +1,30 @@
+#!/sbin/openrc-run
+  
+name="$RC_SVCNAME"
+cfgfile="/etc/conf.d/$RC_SVCNAME.conf"
+pidfile="/run/$RC_SVCNAME.pid"
+working_directory="/usr/share/webapps/authentik"
+command="/usr/share/webapps/authentik/server"
+command_user="authentik"
+command_group="authentik"
+start_stop_daemon_args=""
+command_background="yes"
+output_log="/var/log/authentik/$RC_SVCNAME.log"
+error_log="/var/log/authentik/$RC_SVCNAME.err"
+
+depend() {
+        need redis
+        need postgresql
+}
+
+start_pre() {
+	cd "$working_directory"
+        checkpath --directory --owner $command_user:$command_group --mode 0775 \
+                /var/log/authentik \
+                /var/lib/authentik/certs
+}
+
+stop_pre() {
+	ebegin "Killing child processes"
+	kill $(ps -o pid= --ppid $(cat $pidfile)) || true
+}
diff --git a/ilot/codeberg-pages-server/codeberg-pages-server.post-install b/ilot/codeberg-pages-server/codeberg-pages-server.post-install
new file mode 100755
index 0000000..a715d20
--- /dev/null
+++ b/ilot/codeberg-pages-server/codeberg-pages-server.post-install
@@ -0,0 +1,39 @@
+#!/bin/sh
+set -eu
+
+group=authentik
+config_file='/etc/authentik/config.yml'
+
+setcap 'cap_net_bind_service=+ep' /usr/share/webapps/authentik/server
+
+if [ $(grep '@@SECRET_KEY@@' "$config_file") ]; then
+	echo "* Generating random secret in $config_file" >&2
+
+	secret_key="$(pwgen -s 50 1)"
+	sed -i "s|@@SECRET_KEY@@|$secret_key|" "$config_file"
+	chown root:$group "$config_file"
+fi
+
+if [ "${0##*.}" = 'post-upgrade' ]; then
+	cat >&2 <<-EOF
+	*
+	* To finish Authentik upgrade run:
+	*
+	*     authentik-manage migrate
+	*
+	EOF
+else
+	cat >&2 <<-EOF
+	*
+	* 1. Adjust settings in /etc/authentik/config.yml.
+	*
+	* 2. Create database for Authentik:
+	*
+	*     psql -c "CREATE ROLE authentik PASSWORD 'top-secret' INHERIT LOGIN;"
+	*     psql -c "CREATE DATABASE authentik OWNER authentik ENCODING 'UTF-8';"
+	*
+	* 3. Run "authentik-manage migrate"
+	* 4. Setup admin user at https://<your server>/if/flow/initial-setup/
+	*
+	EOF
+fi
diff --git a/ilot/codeberg-pages-server/codeberg-pages-server.post-upgrade b/ilot/codeberg-pages-server/codeberg-pages-server.post-upgrade
new file mode 120000
index 0000000..d7ffea2
--- /dev/null
+++ b/ilot/codeberg-pages-server/codeberg-pages-server.post-upgrade
@@ -0,0 +1 @@
+codeberg-pages-server.post-install
\ No newline at end of file
diff --git a/ilot/codeberg-pages-server/codeberg-pages-server.pre-install b/ilot/codeberg-pages-server/codeberg-pages-server.pre-install
new file mode 100644
index 0000000..792f304
--- /dev/null
+++ b/ilot/codeberg-pages-server/codeberg-pages-server.pre-install
@@ -0,0 +1,26 @@
+#!/bin/sh
+# It's very important to set user/group correctly.
+
+authentik_dir='/var/lib/authentik'
+
+if ! getent group authentik 1>/dev/null; then
+	echo '* Creating group authentik' 1>&2
+
+	addgroup -S authentik
+fi
+
+if ! id authentik 2>/dev/null 1>&2; then
+	echo '* Creating user authentik' 1>&2
+
+	adduser -DHS -G authentik -h "$authentik_dir" -s /bin/sh  \
+		-g "added by apk for authentik" authentik
+	passwd -u authentik 1>/dev/null  # unlock
+fi
+
+if ! id -Gn authentik | grep -Fq redis; then
+	echo '* Adding user authentik to group redis' 1>&2
+
+	addgroup authentik redis
+fi
+
+exit 0
diff --git a/ilot/codeberg-pages-server/upgrade-go-sqlite3-to-1.14.19.patch b/ilot/codeberg-pages-server/upgrade-go-sqlite3-to-1.14.19.patch
new file mode 100644
index 0000000..fabb214
--- /dev/null
+++ b/ilot/codeberg-pages-server/upgrade-go-sqlite3-to-1.14.19.patch
@@ -0,0 +1,26 @@
+diff --git a/go.mod.orig b/go.mod
+index eba292e..00310e5 100644
+--- a/go.mod.orig
++++ b/go.mod
+@@ -11,7 +11,7 @@ require (
+ 	github.com/go-sql-driver/mysql v1.6.0
+ 	github.com/joho/godotenv v1.4.0
+ 	github.com/lib/pq v1.10.7
+-	github.com/mattn/go-sqlite3 v1.14.16
++	github.com/mattn/go-sqlite3 v1.14.19
+ 	github.com/microcosm-cc/bluemonday v1.0.26
+ 	github.com/reugn/equalizer v0.0.0-20210216135016-a959c509d7ad
+ 	github.com/rs/zerolog v1.27.0
+diff --git a/go.sum.orig b/go.sum
+index 7ea8b78..19145ea 100644
+--- a/go.sum.orig
++++ b/go.sum
+@@ -479,6 +479,8 @@ github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m
+ github.com/mattn/go-sqlite3 v1.14.9/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
+ github.com/mattn/go-sqlite3 v1.14.16 h1:yOQRA0RpS5PFz/oikGwBEqvAWhWg5ufRz4ETLjwpU1Y=
+ github.com/mattn/go-sqlite3 v1.14.16/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
++github.com/mattn/go-sqlite3 v1.14.19 h1:fhGleo2h1p8tVChob4I9HpmVFIAkKGpiukdrgQbWfGI=
++github.com/mattn/go-sqlite3 v1.14.19/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
+ github.com/mattn/go-tty v0.0.0-20180219170247-931426f7535a/go.mod h1:XPvLUNfbS4fJH25nqRHfWLMa1ONC8Amw+mIA639KxkE=
+ github.com/mattn/go-tty v0.0.3/go.mod h1:ihxohKRERHTVzN+aSVRwACLCeqIoZAWpoICkkvrWyR0=
+ github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
-- 
2.47.2


From 655cadf71de1a380f075a65a78aa402837ed2e44 Mon Sep 17 00:00:00 2001
From: Antoine Martin <dev@ayakael.net>
Date: Sun, 25 Aug 2024 12:55:18 -0400
Subject: [PATCH 2/4] forgejo-ci: remove packages from all arches when
 deploying

---
 .forgejo/bin/deploy.sh | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

diff --git a/.forgejo/bin/deploy.sh b/.forgejo/bin/deploy.sh
index e8e811c..4d02695 100755
--- a/.forgejo/bin/deploy.sh
+++ b/.forgejo/bin/deploy.sh
@@ -14,21 +14,18 @@ for apk in $apkgs; do
 	arch=$(echo $apk | awk -F '/' '{print $3}')
 	name=$(echo $apk | awk -F '/' '{print $4}')
 
+	# always clear out package before deploying
+	for delarch in x86_64 aarch64 armv7 armhf s390x ppc64le riscv64 loongarch64 x86; do
+		curl -s --user $FORGE_REPO_USER:$FORGE_REPO_TOKEN -X DELETE $TARGET_REPO/$BASEBRANCH/$branch/$delarch/$name 2>&1 > /dev/null
+	done
+
 	if [ "$(curl -s $GITHUB_SERVER_URL/api/v1/repos/$GITHUB_REPOSITORY/pulls/$GITHUB_EVENT_NUMBER | jq .draft)" == "true" ]; then
 		# if draft, send to -testing branch
 		branch="$branch-testing"
-	else
-		# if not draft, assume that this was sent to $branch-testing and nuke it
-		curl -s --user $FORGE_REPO_USER:$FORGE_REPO_TOKEN -X DELETE $TARGET_REPO/$BASEBRANCH/$branch-testing/$arch/$name
 	fi
 
 	echo "Sending $name of arch $arch to $TARGET_REPO/$BASEBRANCH/$branch"
-	return=$(curl -s --user $FORGE_REPO_USER:$FORGE_REPO_TOKEN --upload-file $apk $TARGET_REPO/$BASEBRANCH/$branch 2>&1)
-	echo $return
-	if [ "$return" == "package file already exists" ]; then
-		echo "Package already exists, refreshing..."
-		curl -s --user $FORGE_REPO_USER:$FORGE_REPO_TOKEN -X DELETE $TARGET_REPO/$BASEBRANCH/$branch/$arch/$name
-		curl -s --user $FORGE_REPO_USER:$FORGE_REPO_TOKEN --upload-file $apk $TARGET_REPO/$BASEBRANCH/$branch
-	fi
+	curl -s --user $FORGE_REPO_USER:$FORGE_REPO_TOKEN --upload-file $apk $TARGET_REPO/$BASEBRANCH/$branch
+
 done
 
-- 
2.47.2


From f6c84e562f0fb05132ca9d3af67f4d1f471e2fb1 Mon Sep 17 00:00:00 2001
From: Antoine Martin <dev@ayakael.net>
Date: Sun, 25 Aug 2024 15:09:21 -0400
Subject: [PATCH 3/4] forge-ci: remove packages after WIP check

---
 .forgejo/bin/deploy.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.forgejo/bin/deploy.sh b/.forgejo/bin/deploy.sh
index 4d02695..a2fd7d4 100755
--- a/.forgejo/bin/deploy.sh
+++ b/.forgejo/bin/deploy.sh
@@ -14,16 +14,16 @@ for apk in $apkgs; do
 	arch=$(echo $apk | awk -F '/' '{print $3}')
 	name=$(echo $apk | awk -F '/' '{print $4}')
 
-	# always clear out package before deploying
-	for delarch in x86_64 aarch64 armv7 armhf s390x ppc64le riscv64 loongarch64 x86; do
-		curl -s --user $FORGE_REPO_USER:$FORGE_REPO_TOKEN -X DELETE $TARGET_REPO/$BASEBRANCH/$branch/$delarch/$name 2>&1 > /dev/null
-	done
-
 	if [ "$(curl -s $GITHUB_SERVER_URL/api/v1/repos/$GITHUB_REPOSITORY/pulls/$GITHUB_EVENT_NUMBER | jq .draft)" == "true" ]; then
 		# if draft, send to -testing branch
 		branch="$branch-testing"
 	fi
 
+	# always clear out package before deploying
+	for delarch in x86_64 aarch64 armv7 armhf s390x ppc64le riscv64 loongarch64 x86; do
+		curl -s --user $FORGE_REPO_USER:$FORGE_REPO_TOKEN -X DELETE $TARGET_REPO/$BASEBRANCH/$branch/$delarch/$name 2>&1 > /dev/null
+	done
+
 	echo "Sending $name of arch $arch to $TARGET_REPO/$BASEBRANCH/$branch"
 	curl -s --user $FORGE_REPO_USER:$FORGE_REPO_TOKEN --upload-file $apk $TARGET_REPO/$BASEBRANCH/$branch
 
-- 
2.47.2


From fe5359e933f4079d5272814b23df69e0429fa18e Mon Sep 17 00:00:00 2001
From: Antoine Martin <dev@ayakael.net>
Date: Sun, 25 Aug 2024 15:16:10 -0400
Subject: [PATCH 4/4] remove install files

---
 ilot/codeberg-pages-server/APKBUILD           |  1 -
 .../codeberg-pages-server.post-install        | 39 -------------------
 .../codeberg-pages-server.post-upgrade        |  1 -
 .../codeberg-pages-server.pre-install         | 26 -------------
 4 files changed, 67 deletions(-)
 delete mode 100755 ilot/codeberg-pages-server/codeberg-pages-server.post-install
 delete mode 120000 ilot/codeberg-pages-server/codeberg-pages-server.post-upgrade
 delete mode 100644 ilot/codeberg-pages-server/codeberg-pages-server.pre-install

diff --git a/ilot/codeberg-pages-server/APKBUILD b/ilot/codeberg-pages-server/APKBUILD
index 5eab680..4478fdd 100644
--- a/ilot/codeberg-pages-server/APKBUILD
+++ b/ilot/codeberg-pages-server/APKBUILD
@@ -11,7 +11,6 @@ depends="nginx"
 makedepends="go just"
 # tests disabled for now
 options="!check"
-install="$pkgname.post-install $pkgname.post-upgrade $pkgname.pre-install"
 source="
 	$pkgname-$pkgver.tar.gz::https://codeberg.org/Codeberg/pages-server/archive/v$pkgver.tar.gz
 	codeberg-pages-server.openrc
diff --git a/ilot/codeberg-pages-server/codeberg-pages-server.post-install b/ilot/codeberg-pages-server/codeberg-pages-server.post-install
deleted file mode 100755
index a715d20..0000000
--- a/ilot/codeberg-pages-server/codeberg-pages-server.post-install
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/sh
-set -eu
-
-group=authentik
-config_file='/etc/authentik/config.yml'
-
-setcap 'cap_net_bind_service=+ep' /usr/share/webapps/authentik/server
-
-if [ $(grep '@@SECRET_KEY@@' "$config_file") ]; then
-	echo "* Generating random secret in $config_file" >&2
-
-	secret_key="$(pwgen -s 50 1)"
-	sed -i "s|@@SECRET_KEY@@|$secret_key|" "$config_file"
-	chown root:$group "$config_file"
-fi
-
-if [ "${0##*.}" = 'post-upgrade' ]; then
-	cat >&2 <<-EOF
-	*
-	* To finish Authentik upgrade run:
-	*
-	*     authentik-manage migrate
-	*
-	EOF
-else
-	cat >&2 <<-EOF
-	*
-	* 1. Adjust settings in /etc/authentik/config.yml.
-	*
-	* 2. Create database for Authentik:
-	*
-	*     psql -c "CREATE ROLE authentik PASSWORD 'top-secret' INHERIT LOGIN;"
-	*     psql -c "CREATE DATABASE authentik OWNER authentik ENCODING 'UTF-8';"
-	*
-	* 3. Run "authentik-manage migrate"
-	* 4. Setup admin user at https://<your server>/if/flow/initial-setup/
-	*
-	EOF
-fi
diff --git a/ilot/codeberg-pages-server/codeberg-pages-server.post-upgrade b/ilot/codeberg-pages-server/codeberg-pages-server.post-upgrade
deleted file mode 120000
index d7ffea2..0000000
--- a/ilot/codeberg-pages-server/codeberg-pages-server.post-upgrade
+++ /dev/null
@@ -1 +0,0 @@
-codeberg-pages-server.post-install
\ No newline at end of file
diff --git a/ilot/codeberg-pages-server/codeberg-pages-server.pre-install b/ilot/codeberg-pages-server/codeberg-pages-server.pre-install
deleted file mode 100644
index 792f304..0000000
--- a/ilot/codeberg-pages-server/codeberg-pages-server.pre-install
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/sh
-# It's very important to set user/group correctly.
-
-authentik_dir='/var/lib/authentik'
-
-if ! getent group authentik 1>/dev/null; then
-	echo '* Creating group authentik' 1>&2
-
-	addgroup -S authentik
-fi
-
-if ! id authentik 2>/dev/null 1>&2; then
-	echo '* Creating user authentik' 1>&2
-
-	adduser -DHS -G authentik -h "$authentik_dir" -s /bin/sh  \
-		-g "added by apk for authentik" authentik
-	passwd -u authentik 1>/dev/null  # unlock
-fi
-
-if ! id -Gn authentik | grep -Fq redis; then
-	echo '* Adding user authentik to group redis' 1>&2
-
-	addgroup authentik redis
-fi
-
-exit 0
-- 
2.47.2