#!/bin/zsh # giteaudpater: a little script for building Gitea from src and deploying it. # license: gpl3-or-later # author: wanderer at git.dotya.ml # have fun y'all # -e exit on error -> script "handles" this # -u treat unset vars as errors # -o pipefail - exit on pipefail set -u -o pipefail readonly bdir=/opt/gitea readonly gdir="$bdir/gitea-src" readonly patchdir="$bdir/patches" readonly dateargs="--iso-8601=seconds" readonly GOPATH="$HOME/go" readonly PATH="$GOPATH/bin:/usr/local/bin:$PATH" readonly gitea_orig="/usr/local/bin/gitea" readonly gitea_backup="/usr/local/bin/.gitea_backup" readonly gitea_nu="/usr/local/bin/.gitea-nu" # patchpls="e9747de95242807a6319e146216575676de66f47" # patchpls="b2b3225bd" # patchpls="e0688995" # patchpls="8eb1cd9264" # patchpls="0649c54275" # patchpls="3df33799c" # patchpls="690272d2e24846390d785a1f053af6c7ba5963a3" # patchpls="90b2657ae7f022f0a9fe2ba7199c60d32a36d673" # patchpls="87a7c37ecb" # builds but coredumps... adjusted systemd CAPABILITIES and it runs fine now, probably a change in JS caused this. # patchpls="" readonly patchpls="${1:-}" echo "[*] gitea updater" gitprepare(){ if [ -d "$gdir" ]; then cd "$gdir" else git clone https://github.com/wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf/gitea.git "$gdir" \ && cd "$gdir" \ && git remote add upstream https://github.com/go-gitea/gitea.git fi git reset --hard && git clean -f -d git fetch --tags --prune --prune-tags --force upstream git checkout main git pull --all --tags --prune --rebase=true echo "[*] update submodules" git submodule update # only checkout the patched commit if set. if [ ! -z $patchpls ]; then git checkout $patchpls && git clean -f -d fi } patch_time(){ echo -e " -- [+] \"patching\" fonts with \n \t\`sed -i 's/SFMono-Regular/Fira Code Retina\", \"SFMono-Regular/g' \"./web_src/less/_base.less\"\`" sed -i 's/SFMono-Regular/Fira Code Retina", "SFMono-Regular/g' "$gdir/web_src/less/_base.less" readonly patchfiles="${$(bash -c "shopt -s nullglob dotglob; echo $patchdir/*.patch"):-}" if (( "${#patchfiles}" )); then echo " -- [+] applying patches..." git apply $patchdir/*.patch || echo "[*] failed to apply patches" fi } deploy(){ sudo rsync --chown=root:root -avP ./gitea $gitea_nu \ && echo " -- backing up old binary -- @$(date $dateargs)" \ && sudo rsync --chown=root:root -avP $gitea_orig $gitea_backup \ && echo " -- stopping gitea -- @$(date $dateargs)" \ && sudo systemctl stop gitea \ && echo " -- moving new binary -- @$(date $dateargs)" \ && sudo mv -v $gitea_nu $gitea_orig \ && \ echo " -- starting gitea.service -- @$(date $dateargs)" \ && sudo systemctl start gitea \ && \ echo " -- waiting 5s -- @$(date $dateargs)" \ && sleep 5 \ && \ echo " -- deploy done -- @$(date $dateargs)" \ } rollback(){ echo " -- gitea failed to start -- @$(date $dateargs)" echo " -- restart counter at '$(systemctl show gitea.service -pNRestarts | cut -d'=' -f2)'" echo " -- stopping gitea -- @$(date $dateargs)" sudo systemctl stop gitea echo " -- performing a naive rollback -- @$(date $dateargs)" sudo mv -v $gitea_backup $gitea_nu sudo mv -v $gitea_orig $gitea_backup sudo mv -v $gitea_nu $gitea_orig echo " -- restarting -- @$(date $dateargs)" sudo systemctl restart gitea echo " -- sleeping 5s -- @$(date $dateargs)" sleep 5 echo " -- naive rollback done -- @$(date $dateargs)" } build_deploy(){ # export CGO_ENABLED=0 # cgo is needed for go-sqlite3 and possibly more export CGO_ENABLED=1 # readonly pic="-fPIC" # scientific testing showed decreased performance. readonly pic="" export GOAMD64="v2" export LDFLAGS="-linkmode external -extldflags '-static'" GOLDFLAGS="-s -w -linkmode external -extldflags -static" export HARDENING_FLAGS="-pipe -D_FORTIFY_SOURCE=2 -fstack-protector-all -funwind-tables -fasynchronous-unwind-tables $pic -fmessage-length=0 -g0" export GOFLAGS="-buildmode=pie -trimpath -mod=readonly -modcacherw" export CGO_CFLAGS="-march=native -mtune=native -O3 -fuse-ld=lld ${HARDENING_FLAGS}" export CGO_CPPFLAGS="-march=native -mtune=native -O3 -fuse-ld=lld ${HARDENING_FLAGS}" export CGO_CXXFLAGS="$CGO_CPPFLAGS" export CGO_LDFLAGS="-Wl,-O2,-sort-common,-as-needed,-z,relro,-z,now,-flto,--no-gc-sections -pthread" echo -e " -- starting build -- @$(date $dateargs)" #### NO MAKE CLEAN atm ( TAGS="netgo osusergo nogogit bindata sqlite sqlite_unlock_notify sqlite_omit_load_extension" \ make frontend backend \ && \ deploy ) \ || exit 1 } gitprepare 2>&1 patch_time 2>&1 build_deploy 2>&1 failure="$(systemctl is-failed -q gitea.service; echo $?)" restarts="$(systemctl show gitea.service -pNRestarts | cut -d'=' -f2)" if [[ ($failure -eq 0) || ($restarts -gt 0) ]]; then rollback 2>&1 fi echo " -- gitea.service status: $(systemctl is-active gitea)"