added handling for host config and secrets config files in data

gitea/Containerfile

@@ -1,7 +1,7 @@
 ###
 ### Build Variables
 ###
-FROM localhost/debian:latest
+FROM localhost/debian
 
 # deploy options
 # -p (port) and -v (volume) both go host:container
@@ -75,12 +75,6 @@ RUN mv pg_hba.conf /etc/postgresql/${PSQLV:?}/main/pg_hba.conf
 ### Gitea
 ###
 
-# Install templating engine
-RUN wget https://raw.githubusercontent.com/jirutka/esh/master/esh && \
-    chmod +x esh && \
-    mkdir -p /usr/local/lib/esh && \
-    mv esh /usr/local/lib/esh
-
 # dowload gitea
 RUN wget https://dl.gitea.io/gitea/${GITEAV:?}/gitea-${GITEAV:?}-linux-amd64 && \
     mv gitea-${GITEAV:?}-linux-amd64 /usr/local/bin/gitea && \
@@ -93,21 +87,30 @@ RUN mkdir -p /var/lib/gitea/data/ /var/log/gitea /etc/gitea && \
     ln -s /var/log/gitea /var/lib/gitea/log && \
     ln -s /vol/data/custom /var/lib/gitea/custom
 
-# template config file
-COPY assets/app.ini.esh.esh /etc/gitea/
-RUN cd /etc/gitea && \
-    esh app.ini.esh.esh && \
-    rm app.ini.esh.esh && \
-    chmod -R +r /etc/gitea
+# copy config file
+COPY assets/app.config.ini /etc/gitea/
 
+# copy gitea service
 COPY assets/gitea.service /etc/systemd/system/
 
 # make alias for running admin commands from command line easily
 RUN echo "alias gitea='sudo -u gitea gitea --config /etc/gitea/app.ini'" >> /root/.bashrc
 
+###
+### Data
+###
+
+WORKDIR /vol/data
+
+# copy config files
+COPY data/ /vol/data/
+# template secrets file to generate secrets
+RUN eval "echo \"$(cat app.secret.ini)\"" > app.secret.ini
+
 ###
 ### Crontab
 ###
+
 COPY assets/crontab /root/
 RUN crontab -u gitea /root/crontab
 
@@ -116,5 +119,5 @@ RUN crontab -u gitea /root/crontab
 ###
 
 # bugfix for cron
-COPY bugfix/cronfix /root/
+COPY assets/bugfix/cronfix /root/
 RUN chmod +x /root/cronfix && /root/cronfix

gitea/assets/app.ini.esh.esh → gitea/assets/app.config.ini

@@ -1,15 +1,8 @@
-<%% . /vol/data/hostvars -%>
-APP_NAME = <%%= $pagename %>
+[DEFAULT]
 RUN_USER = gitea
 RUN_MODE = prod
 
-[oauth2]
-JWT_SECRET = <%= $(gitea generate secret JWT_SECRET) %>
-
 [security]
-INTERNAL_TOKEN = <%= $(gitea generate secret INTERNAL_TOKEN) %>
-INSTALL_LOCK   = true
-SECRET_KEY     = <%= $(gitea generate secret SECRET_KEY) %>
 ; disable password complexity checks
 PASSWORD_COMPLEXITY = off
 
@@ -27,16 +20,11 @@ PATH     = /var/lib/gitea/data/gitea.db
 ROOT = /vol/git/repos
 
 [server]
-DOMAIN           = <%% $domain %>
-ROOT_URL         = https://<%% $domain %>/
-HTTP_PORT        = 80
 START_SSH_SERVER = false
-SSH_PORT         = <%% $sshport %%>
 SSH_CREATE_AUTHORIZED_KEYS_FILE = true
 SSH_AUTHORIZED_KEYS_BACKUP = false
 LFS_START_SERVER = true
 LFS_CONTENT_PATH = /vol/git/lfs
-LFS_JWT_SECRET   = <%= $(gitea generate secret JWT_SECRET) %>
 OFFLINE_MODE     = true
 
 [mailer]

gitea/assets/gitea.service

@@ -19,7 +19,7 @@ WorkingDirectory=/var/lib/gitea/
 # If using Unix socket: tells systemd to create the /run/gitea folder, which will contain the gitea.sock file
 # (manually creating /run/gitea doesn't work, because it would not persist across reboots)
 #RuntimeDirectory=gitea
-ExecStartPre=/usr/local/bin/esh /etc/gitea/app.ini.esh
+ExecStartPre=/bin/bash -c "cat /vol/data/app.host.ini /vol/data/app.secret.ini /etc/gitea/app.config.ini > /etc/gitea/app.ini"
 ExecStartPre=/usr/local/bin/gitea --config /etc/gitea/app.ini admin regenerate keys
 ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
 Restart=always

gitea/data/app.host.ini

@@ -0,0 +1,8 @@
+[DEFAULT]
+APP_NAME = My Title Page Name
+
+[server]
+DOMAIN           = git.example.com
+ROOT_URL         = https://git.example.com/
+HTTP_PORT        = 80
+SSH_PORT         = 22

gitea/data/app.secret.ini

@@ -0,0 +1,10 @@
+[oauth2]
+JWT_SECRET = $(gitea generate secret JWT_SECRET)
+
+[security]
+INTERNAL_TOKEN = $(gitea generate secret INTERNAL_TOKEN)
+SECRET_KEY     = $(gitea generate secret SECRET_KEY)
+INSTALL_LOCK   = true
+
+[server]
+LFS_JWT_SECRET   = $(gitea generate secret JWT_SECRET)