From 6cf2f29231132b7ace65d8c1e16eba91074098c8 Mon Sep 17 00:00:00 2001 From: Sebastian Date: Tue, 2 Sep 2025 18:22:29 +0200 Subject: [PATCH] commit --- .DS_Store | Bin 14340 -> 14340 bytes gitea/gitea.yaml | 120 ++++++++++++++++++++++------------------------- 2 files changed, 57 insertions(+), 63 deletions(-) diff --git a/.DS_Store b/.DS_Store index bf3214100c058754043d099557bb7dea27e52a1b..6ca534ca02f29dbafce25223c15cc0965e8a6169 100644 GIT binary patch delta 20 bcmZoEXernbug=K0IYIqDKO^Jh1ob5VPtpe| delta 20 bcmZoEXernbug=J@IYIqDKO@8B1ob5VPr(N# diff --git a/gitea/gitea.yaml b/gitea/gitea.yaml index db3221e..e4c0d8e 100644 --- a/gitea/gitea.yaml +++ b/gitea/gitea.yaml @@ -115,64 +115,65 @@ metadata: data: startup.sh: | #!/bin/sh - set -eu - echo "startup..." - if [ ! -f /data/startup.ran ]; then - echo "waiting for gitea API..." - for i in $(seq 1 60); do - if curl -sSf http://localhost:3000/api/v1/version >/dev/null 2>&1; then - break - fi - sleep 2 - done - + if test ! -f "/data/startup.ran"; then + echo "waiting 60s for startup..." + sleep 60s echo "writing pw to files" - printf '%s' "${SHODAN_PW:-}" > /data/shodan.pw - printf '%s' "${ARGOCD_PW:-}" > /data/argocd.pw - printf '%s' "${GITEA_PW:-}" > /data/gitea.pw - + echo $SHODAN_PW > /data/shodan.pw + echo $ARGOCD_PW > /data/argocd.pw + echo $GITEA_PW > /data/gitea.pw echo "creating users..." - su git -c 'SHODAN_PW=$(cat /data/shodan.pw); gitea admin user create --username shodan --admin --password "$SHODAN_PW" --email thrawn235@gmail.com || true' - su git -c 'ARGOCD_PW=$(cat /data/argocd.pw); gitea admin user create --username argocd --password "$ARGOCD_PW" --email argocd@undercloud.local --must-change-password=false || true' - su git -c 'GITEA_PW=$(cat /data/gitea.pw); gitea admin auth add-ldap --name ldap --security-protocol StartTLS --host ldap.undercloud.local. --port 389 --user-search-base "ou=users,dc=undercloud,dc=cf" --user-filter "(&(objectClass=person)(uid=%s))" --admin-filter "(&(memberOf=cn=gitea-admins,ou=groups,dc=undercloud,dc=cf))" --email-attribute mail --avatar-attribute jpegPhoto --synchronize-users --skip-tls-verify --username-attribute uid --bind-dn "cn=gitea,ou=serviceaccounts,ou=users,dc=undercloud,dc=cf" --bind-password "$GITEA_PW" --attributes-in-bind --firstname-attribute cn --surname-attribute sn || true' + echo $ARGOCD_PW + su git -c 'echo $ARGOCD_PW' + su git -c 'SHODAN_PW=`cat /data/shodan.pw` && gitea admin user create --username shodan --admin --password $SHODAN_PW --email thrawn235@gmail.com' + su git -c 'ARGOCD_PW=`cat /data/argocd.pw` && gitea admin user create --username argocd --password $ARGOCD_PW --email argocd@undercloud.local --must-change-password=false' + su git -c 'GITEA_PW=`cat /data/gitea.pw` && gitea admin auth add-ldap --name ldap --security-protocol StartTLS --host ldap.undercloud.local. --port 389 --user-search-base "ou=users,dc=undercloud,dc=cf" --user-filter "(&(objectClass=person)(uid=%s))" --admin-filter "(&(memberOf=cn=gitea-admins,ou=groups,dc=undercloud,dc=cf))" --email-attribute mail --avatar-attribute jpegPhoto --synchronize-users --skip-tls-verify --username-attribute uid --bind-dn "cn=gitea,ou=serviceaccounts,ou=users,dc=undercloud,dc=cf" --bind-password $GITEA_PW --attributes-in-bind --firstname-attribute cn --surname-attribute sn' + sleep 30s + echo "wget tea..." + wget https://git.undercloud.local:3000/Undercloud/undercloud-infrastructure/raw/branch/main/k8s-binaries/tea + #echo "wget ctea..." + #wget https://git.undercloud.local:3000/Undercloud/undercloud-infrastructure/raw/branch/main/k8s-binaries/ctea + chmod +x tea + #chmod +x ctea + + echo "using tea to create login..." + ./tea login add --url http://localhost:3000 -i --user shodan --password $SHODAN_PW + ./tea login default localhost:3000 + + echo "creating Undercloud organisation" + sleep 30s + #./tea organization create Undercloud + #./ctea --username shodan --password $SHODAN_PW --url http://localhost:3000 CreateOrg Undercloud + curl -s -u "shodan:$SHODAN_PW" \ + -H 'Content-Type: application/json' \ + -X POST http://localhost:3000/api/v1/orgs \ + -d '{"username":"Undercloud","full_name":"Undercloud"}' sleep 5s + + echo "creating undercloud team" + #./ctea --username shodan --password $SHODAN_PW --url http://localhost:3000 CreateTeam undercloud undercloud + #sleep 5s + #echo "add argocd to undercloud team" + #./ctea --username shodan --password $SHODAN_PW --url http://localhost:3000 AddUserToTeam undercloud undercloud argocd + + sleep 5s + # create team "Undercloud" in org "Undercloud" + curl -s -u "shodan:$SHODAN_PW" -H 'Content-Type: application/json' \ + -X POST http://localhost:3000/api/v1/orgs/Undercloud/teams \ + -d '{"name":"Undercloud","permission":"write","includes_all_repositories":false}' - API="http://localhost:3000/api/v1" - AUTH_USER="shodan" - AUTH_PASS="$(cat /data/shodan.pw)" - AUTH="-u ${AUTH_USER}:${AUTH_PASS}" + # get team id + TEAM_ID=$(curl -s -u "shodan:$SHODAN_PW" \ + http://localhost:3000/api/v1/orgs/Undercloud/teams \ + | jq -r '.[] | select(.name=="Undercloud") | .id') - echo "create organization undercloud" - curl -sS $AUTH -H 'Content-Type: application/json' \ - -X POST "$API/orgs" \ - -d '{"username":"undercloud","full_name":"undercloud"}' || true + # add user argocd to that team + curl -s -u "shodan:$SHODAN_PW" -X PUT \ + http://localhost:3000/api/v1/teams/$TEAM_ID/members/argocd - echo "create team undercloud" - curl -sS $AUTH -H 'Content-Type: application/json' \ - -X POST "$API/orgs/undercloud/teams" \ - -d '{"name":"undercloud","permission":"write","includes_all_repositories":false}' || true - echo "fetch team id" - TEAM_ID="$(curl -sS $AUTH "$API/orgs/undercloud/teams" \ - | sed 's/},{/}\n{/g' | grep '"name":"undercloud"' \ - | sed -n 's/.*"id":\([0-9][0-9]*\).*/\1/p' | head -n1)" - if [ -z "${TEAM_ID:-}" ]; then - echo "failed to determine TEAM_ID"; exit 1 - fi - echo "TEAM_ID=$TEAM_ID" - - echo "add argocd to undercloud team" - curl -sS $AUTH -X PUT "$API/teams/$TEAM_ID/members/argocd" >/dev/null || true - - echo "ensure repo undercloud/k8aux-apps exists" - curl -sS $AUTH -H 'Content-Type: application/json' \ - -X POST "$API/orgs/undercloud/repos" \ - -d '{"name":"k8aux-apps","private":false,"auto_init":false}' || true - - echo "grant team access to repo" - curl -sS $AUTH -X PUT "$API/teams/$TEAM_ID/repos/undercloud/k8aux-apps" >/dev/null || true echo "cloning k8aux-apps" execline-cd /data git clone http://git.undercloud.local:3000/undercloud/k8aux-apps.git @@ -182,27 +183,20 @@ data: execline-cd /data/k8aux-apps git config --global user.name "shodan" execline-cd /data/k8aux-apps git add . execline-cd /data/k8aux-apps git commit -m "upload" - echo "push k8aux-apps to localhost" - execline-cd /data/k8aux-apps git push "http://shodan:${AUTH_PASS}@localhost:3000/undercloud/k8aux-apps.git" --all - - echo "create push mirrors" - for DST in \ - "http://git.undercloud.local:3000/undercloud/k8aux-apps.git" - do - curl -sS $AUTH -H 'Content-Type: application/json' \ - -X POST "$API/repos/undercloud/k8aux-apps/push_mirrors" \ - -d "{\"remote_address\":\"${DST}\",\"remote_username\":\"shodan\",\"remote_password\":\"${AUTH_PASS}\",\"interval\":\"1h0m0s\",\"sync_on_commit\":false}" \ - || true - done - + execline-cd /data/k8aux-apps git push http://shodan:$SHODAN_PW@localhost:3000/undercloud/k8aux-apps.git --all + echo "delete local copy..." + #execline-cd /data rm -Rf k8aux-apps + echo "create PushMirror.." + ./ctea --username shodan --password $SHODAN_PW --url http://localhost:3000 AddPushMirror undercloud k8aux-apps "http://aux1.undercloud.cf.:3000/undercloud/k8aux-apps.git" shodan $SHODAN_PW 1h0m0s + ./ctea --username shodan --password $SHODAN_PW --url http://localhost:3000 AddPushMirror undercloud k8aux-apps "http://aux2.undercloud.cf.:3000/undercloud/k8aux-apps.git" shodan $SHODAN_PW 1h0m0s echo "create startup.ran file..." touch /data/startup.ran else echo "startup ran already!" fi echo "startup done." - + #exit 123 --- apiVersion: v1 kind: PersistentVolumeClaim