143 lines
4.7 KiB
Plaintext
143 lines
4.7 KiB
Plaintext
|
#!/bin/zsh
|
||
|
|
||
|
# giteaudpater: a little script for building Gitea from src and deploying it.
|
||
|
# license: gpl3-or-later
|
||
|
# author: wanderer at git.dotya.ml
|
||
|
# have fun y'all
|
||
|
|
||
|
# -e exit on error -> script "handles" this
|
||
|
# -u treat unset vars as errors
|
||
|
# -o pipefail - exit on pipefail
|
||
|
set -u -o pipefail
|
||
|
|
||
|
readonly bdir=/opt/gitea
|
||
|
readonly gdir="$bdir/gitea-src"
|
||
|
readonly patchdir="$bdir/patches"
|
||
|
readonly dateargs="--iso-8601=seconds"
|
||
|
readonly GOPATH="$HOME/go"
|
||
|
readonly PATH="$GOPATH/bin:/usr/local/bin:$PATH"
|
||
|
|
||
|
readonly gitea_orig="/usr/local/bin/gitea"
|
||
|
readonly gitea_backup="/usr/local/bin/.gitea_backup"
|
||
|
readonly gitea_nu="/usr/local/bin/.gitea-nu"
|
||
|
|
||
|
# patchpls="e9747de95242807a6319e146216575676de66f47"
|
||
|
# patchpls="b2b3225bd"
|
||
|
# patchpls="e0688995"
|
||
|
# patchpls="8eb1cd9264"
|
||
|
# patchpls="0649c54275"
|
||
|
# patchpls="3df33799c"
|
||
|
# patchpls="690272d2e24846390d785a1f053af6c7ba5963a3"
|
||
|
# patchpls="90b2657ae7f022f0a9fe2ba7199c60d32a36d673"
|
||
|
# patchpls="87a7c37ecb" # builds but coredumps... adjusted systemd CAPABILITIES and it runs fine now, probably a change in JS caused this.
|
||
|
# patchpls=""
|
||
|
readonly patchpls="${1:-}"
|
||
|
|
||
|
|
||
|
echo "[*] gitea updater"
|
||
|
|
||
|
gitprepare(){
|
||
|
if [ -d "$gdir" ]; then
|
||
|
cd "$gdir"
|
||
|
else
|
||
|
git clone https://github.com/wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf/gitea.git "$gdir" \
|
||
|
&& cd "$gdir" \
|
||
|
&& git remote add upstream https://github.com/go-gitea/gitea.git
|
||
|
fi
|
||
|
|
||
|
git reset --hard && git clean -f -d
|
||
|
git fetch --tags --prune --prune-tags --force upstream
|
||
|
git checkout main
|
||
|
git pull --all --tags --prune --rebase=true
|
||
|
echo "[*] update submodules"
|
||
|
git submodule update
|
||
|
|
||
|
# only checkout the patched commit if set.
|
||
|
if [ ! -z $patchpls ]; then
|
||
|
git checkout $patchpls && git clean -f -d
|
||
|
fi
|
||
|
}
|
||
|
|
||
|
patch_time(){
|
||
|
echo -e " -- [+] \"patching\" fonts with \n \t\`sed -i 's/SFMono-Regular/Fira Code Retina\", \"SFMono-Regular/g' \"./web_src/less/_base.less\"\`"
|
||
|
sed -i 's/SFMono-Regular/Fira Code Retina", "SFMono-Regular/g' "$gdir/web_src/less/_base.less"
|
||
|
|
||
|
readonly patchfiles="${$(bash -c "shopt -s nullglob dotglob; echo $patchdir/*.patch"):-}"
|
||
|
if (( "${#patchfiles}" )); then
|
||
|
echo " -- [+] applying patches..."
|
||
|
git apply $patchdir/*.patch || echo "[*] failed to apply patches"
|
||
|
fi
|
||
|
}
|
||
|
|
||
|
deploy(){
|
||
|
sudo rsync --chown=root:root -avP ./gitea $gitea_nu \
|
||
|
&& echo " -- backing up old binary -- @$(date $dateargs)" \
|
||
|
&& sudo rsync --chown=root:root -avP $gitea_orig $gitea_backup \
|
||
|
&& echo " -- stopping gitea -- @$(date $dateargs)" \
|
||
|
&& sudo systemctl stop gitea \
|
||
|
&& echo " -- moving new binary -- @$(date $dateargs)" \
|
||
|
&& sudo mv -v $gitea_nu $gitea_orig \
|
||
|
&& \
|
||
|
echo " -- starting gitea.service -- @$(date $dateargs)" \
|
||
|
&& sudo systemctl start gitea \
|
||
|
&& \
|
||
|
echo " -- waiting 5s -- @$(date $dateargs)" \
|
||
|
&& sleep 5 \
|
||
|
&& \
|
||
|
echo " -- deploy done -- @$(date $dateargs)" \
|
||
|
}
|
||
|
|
||
|
rollback(){
|
||
|
echo " -- gitea failed to start -- @$(date $dateargs)"
|
||
|
echo " -- restart counter at '$(systemctl show gitea.service -pNRestarts | cut -d'=' -f2)'"
|
||
|
echo " -- stopping gitea -- @$(date $dateargs)"
|
||
|
sudo systemctl stop gitea
|
||
|
echo " -- performing a naive rollback -- @$(date $dateargs)"
|
||
|
sudo mv -v $gitea_backup $gitea_nu
|
||
|
sudo mv -v $gitea_orig $gitea_backup
|
||
|
sudo mv -v $gitea_nu $gitea_orig
|
||
|
echo " -- restarting -- @$(date $dateargs)"
|
||
|
sudo systemctl restart gitea
|
||
|
echo " -- sleeping 5s -- @$(date $dateargs)"
|
||
|
sleep 5
|
||
|
echo " -- naive rollback done -- @$(date $dateargs)"
|
||
|
}
|
||
|
|
||
|
build_deploy(){
|
||
|
# export CGO_ENABLED=0 # cgo is needed for go-sqlite3 and possibly more
|
||
|
export CGO_ENABLED=1
|
||
|
# readonly pic="-fPIC" # scientific testing showed decreased performance.
|
||
|
readonly pic=""
|
||
|
export GOAMD64="v2"
|
||
|
export LDFLAGS="-linkmode external -extldflags '-static'"
|
||
|
GOLDFLAGS="-s -w -linkmode external -extldflags -static"
|
||
|
export HARDENING_FLAGS="-pipe -D_FORTIFY_SOURCE=2 -fstack-protector-all -funwind-tables -fasynchronous-unwind-tables $pic -fmessage-length=0 -g0"
|
||
|
export GOFLAGS="-buildmode=pie -trimpath -mod=readonly -modcacherw"
|
||
|
export CGO_CFLAGS="-march=native -mtune=native -O3 -fuse-ld=lld ${HARDENING_FLAGS}"
|
||
|
export CGO_CPPFLAGS="-march=native -mtune=native -O3 -fuse-ld=lld ${HARDENING_FLAGS}"
|
||
|
export CGO_CXXFLAGS="$CGO_CPPFLAGS"
|
||
|
export CGO_LDFLAGS="-Wl,-O2,-sort-common,-as-needed,-z,relro,-z,now,-flto,--no-gc-sections -pthread"
|
||
|
|
||
|
echo -e " -- starting build -- @$(date $dateargs)"
|
||
|
#### NO MAKE CLEAN atm
|
||
|
( TAGS="netgo osusergo nogogit bindata sqlite sqlite_unlock_notify sqlite_omit_load_extension" \
|
||
|
make frontend backend \
|
||
|
&& \
|
||
|
deploy ) \
|
||
|
|| exit 1
|
||
|
}
|
||
|
|
||
|
|
||
|
gitprepare 2>&1
|
||
|
patch_time 2>&1
|
||
|
build_deploy 2>&1
|
||
|
|
||
|
|
||
|
failure="$(systemctl is-failed -q gitea.service; echo $?)"
|
||
|
restarts="$(systemctl show gitea.service -pNRestarts | cut -d'=' -f2)"
|
||
|
if [[ ($failure -eq 0) || ($restarts -gt 0) ]]; then
|
||
|
rollback 2>&1
|
||
|
fi
|
||
|
|
||
|
echo " -- gitea.service status: $(systemctl is-active gitea)"
|