add gitea

gitea/PKGBUILD

@@ -0,0 +1,75 @@
+# Maintainer: Bruno Pagani <archange@archlinux.org>
+# Maintainer: Maxime Gauduin <alucryd@archlinux.org>
+# Contributor: Frederik Schwan <frederik dot schwan at linux dot com>
+
+pkgname=gitea
+pkgver=1.15.9
+pkgrel=1
+pkgdesc="Painless self-hosted Git service, community managed."
+arch=(x86_64)
+url="https://gitea.io"
+license=(MIT)
+depends=(git)
+makedepends=(go nodejs npm)
+optdepends=(
+  'mariadb: MariaDB support'
+  'memcached: MemCached support'
+  'openssh: GIT over SSH support'
+  'pam: Authentication via PAM support'
+  'postgresql: PostgreSQL support'
+  'redis: Redis support'
+  'sqlite: SQLite support'
+)
+options=(!lto)
+_tag=cb1f4426e7932caf0c7a0c704d35b2090d711b2f # git rev-parse v${pkgver}
+source=("git+https://github.com/go-gitea/gitea.git#tag=${_tag}?signed"
+        gitea.tmpfiles
+        gitea.service
+        gitea.sysusers)
+sha256sums=('SKIP'
+            '9f63a517e8da6865fa6d9e87f6b08fe25ea56285304115e052809663c48dc3d7'
+            'b16d02a9f32a17cc14dfa46a980bad795a4ed744627e6342248f60236dc2be43'
+            '7e7b798b8ce035c1fb55993ece41c5efb6cad5922708866804fa50ada0cf9fa5')
+validpgpkeys=(
+  8C4033A23895237CB27D52D9D9B5613BEB813F99  # Matti Ranta <matti@mdranta.net> old RSA2048, retrieved from https://github.com/techknowlogick.gpg
+  B56E3C7437A49E136862F5DE9D8A57ADAA232E95  # Matti Ranta <matti@mdranta.net> new RSA4096, retrieved from https://github.com/techknowlogick.gpg
+  ED810FD31FBE67F406ED71BDD4F1E9B6493ED946  # Jonas Franz <info@jonasfranz.software>
+  9C5BCD799B3CDB124147A748E0DDFEC24C48784C  # Lauris Bukšis-Haberkorns <lauris@nix.lv>
+  D8F9672D77C0BB60A024C23EDFDE60A0093EB926  # Lauris Bukšis-Haberkorns <lauris@nix.lv> new RSA4096
+  BA66F67FD73F7058D712D308C3B7C91B632F738A  # Lunny Xiao <xiaolunwen@gmail.com>, retrieved from https://github.com/lunny.gpg
+  B5F0915813554C32C1D599C2C99B82E40B027BAE  # '6543' <6543@obermui.de>
+  D2CF76DA95F201E9901532AB3CDE74631F13A748  # Andrew Thornton <art27@cantab.net>, retrieved from https://github.com/zeripath.gpg
+)
+install=gitea.install
+
+prepare() {
+  cd ${pkgname}
+  # Fetch dependency using go mod
+  make vendor
+}
+
+pkgver() {
+  cd ${pkgname}
+  git describe --tags | sed 's/^v//'
+}
+
+build() {
+  cd ${pkgname}
+  export CGO_CPPFLAGS="${CPPFLAGS}"
+  export CGO_CFLAGS="${CFLAGS}"
+  export CGO_CXXFLAGS="${CXXFLAGS}"
+  export CGO_LDFLAGS="${LDFLAGS}"
+  export EXTRA_GOFLAGS="-buildmode=pie -trimpath -mod=readonly -modcacherw"
+  export LDFLAGS="-X 'code.gitea.io/gitea/modules/setting.AppWorkPath=/var/lib/gitea/' -X 'code.gitea.io/gitea/modules/setting.CustomConf=/etc/gitea/app.ini'"
+  export TAGS="bindata sqlite sqlite_unlock_notify pam"
+  make -j1
+}
+
+package() {
+  install -Dm755 ${pkgname}/${pkgname} -t "${pkgdir}"/usr/bin/
+  install -Dm644 ${pkgname}/LICENSE -t "${pkgdir}"/usr/share/licenses/${pkgname}/
+  install -Dm644 ${pkgname}.service -t "${pkgdir}"/usr/lib/systemd/system/
+  install -Dm644 ${pkgname}.tmpfiles "${pkgdir}"/usr/lib/tmpfiles.d/${pkgname}.conf
+  install -Dm644 ${pkgname}.sysusers "${pkgdir}"/usr/lib/sysusers.d/${pkgname}.conf
+  install -D ${pkgname}/custom/conf/app.example.ini -t "${pkgdir}"/etc/gitea/
+}

gitea/gitea.install

@@ -0,0 +1,8 @@
+post_upgrade() {
+  if [ "$(vercmp "$2" "1.15.0")" -le 0 ]; then
+    echo "The app.ini configuration file is not prefilled anymore. The current"
+    echo "one has been saved to .pacsave, you need to at least rename it before"
+    echo "restarting gitea. The app.example.ini file is provided for a reference"
+    echo "of settings."
+  fi
+}

gitea/gitea.service

@@ -0,0 +1,51 @@
+[Unit]
+Description=Gitea (Git with a cup of tea)
+After=syslog.target
+After=network.target
+After=mysqld.service
+After=postgresql.service
+After=memcached.service
+After=redis.service
+
+[Service]
+User=gitea
+Group=gitea
+Type=simple
+WorkingDirectory=~
+RuntimeDirectory=gitea
+LogsDirectory=gitea
+StateDirectory=gitea
+Environment=USER=gitea HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea
+ExecStart=/usr/bin/gitea web -c /etc/gitea/app.ini
+Restart=always
+RestartSec=2s
+ReadWritePaths=/etc/gitea/app.ini
+AmbientCapabilities=
+CapabilityBoundingSet=
+LockPersonality=true
+#Required by commit search
+#MemoryDenyWriteExecute=true
+NoNewPrivileges=True
+#SecureBits=noroot-locked
+PrivateDevices=true
+PrivateTmp=true
+PrivateUsers=true
+ProtectClock=true
+ProtectControlGroups=true
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelLogs=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectProc=invisible
+ProtectSystem=strict
+RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX
+RestrictNamespaces=true
+RestrictRealtime=true
+RestrictSUIDSGID=true
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+SystemCallErrorNumber=EPERM
+
+[Install]
+WantedBy=multi-user.target

gitea/gitea.sysusers

@@ -0,0 +1 @@
+u gitea - "Gitea daemon user" /var/lib/gitea /bin/bash

gitea/gitea.tmpfiles

@@ -0,0 +1,10 @@
+d /var/lib/gitea 0750
+d /var/lib/gitea/attachments 0750
+d /var/lib/gitea/data 0750
+d /var/lib/gitea/indexers 0750
+d /var/lib/gitea/repos 0750
+d /var/lib/gitea/tmp 0750
+Z /var/lib/gitea - gitea gitea
+d /var/log/gitea 0750 gitea gitea
+z /etc/gitea 0755 gitea gitea
+z /etc/gitea/app.ini 0600 gitea gitea