snap-packaging for gitea #2568
snap-packaging for gitea #2568
Conversation
-> add _source.tar.bz2 to .gitignore (used by snapcraft cleanbuild)
Codecov Report
@@ Coverage Diff @@
## master #2568 +/- ##
=======================================
Coverage 20.17% 20.17%
=======================================
Files 145 145
Lines 29171 29171
=======================================
Hits 5884 5884
Misses 22393 22393
Partials 894 894Continue to review full report at Codecov.
|
tboerger
added
the
lgtm/need 2
|
Is it possible to put the snap folder under contrib/ ? |
|
I've never tried (it's certainly not the norm, and used to be that the
contents were in the root). But as it otherwise allows arbitrary source
paths, it should be an option.
It definitively won't work with the automated build service, though.
If having the snap package information in the root is undesired, the more
common option would be to hold them in a separate repository - this would
take away from the automation again, as only commits to the repository
containing the snap info would be monitored.
…On Thu, 21 Sep 2017, 19:08 Antoine GIRARD ***@***.***> wrote:
Is it possible to put the snap folder under contrib/ ?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#2568 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AGZSKeyc2bb17sBQn0JGmzAAHfiEa0VJks5skqYQgaJpZM4Pfj0z>
.
|
| @@ -0,0 +1,69 @@ | |||
| APP_NAME = Gitea: Go Git Service | |||
| RUN_USER = root | |||
There was a problem hiding this comment.
Should gitea really run as root? Or do I misinterpret this variable?
There was a problem hiding this comment.
It's not a misinterpretation.
Snap packages right now all 'run as root' for daemons.
The security part here is defined via apparmor confinement. With the plugs in snapcraft.yaml the root user is only allowed to access the snap directories and network access and port binding.
snap/helpers/directorySetup.sh
Outdated
| export isRoot=`true` | ||
| else | ||
| echo "You are not running gitea as root. This is required for the snap package." | ||
| echo "Please re-run as root." |
There was a problem hiding this comment.
Why is it requried to run Gitea as root? (I am not familiar with snap-things)
There was a problem hiding this comment.
There could be a way to run it as a user of started manually. While working on the gigs snap though, that got messy very fast. This I stepped that out to be revisited at a later point.
There was a problem hiding this comment.
Sorry, typing on mobile:
if started*
s/gigs/gogs/
Thus I backed that*
There was a problem hiding this comment.
Hi @tbraeutigam, sorry for bringing this up 2 years after the PR, but do you recall exactly which issue prevented gitea web from running correctly without daemon mode?
lunny
added
the
topic/build
- Take advantage of install-hooks (snapd 2.27) - Use snapctl configuration storage for unchanging values
|
Hi, This moves the Hope my prior comments and this commit help clean and clear it up a bit. |
|
Is there anything I can do for getting approval? |
|
@tbraeutigam since not all of the maintainers are familiar with snap-packaging, I think it needs some time. |
|
@lunny That's perfectly valid. If there is anything that I can help clarify/assist with, I'm more than happy to. |
|
truested LGTM @tbraeutigam |
tboerger
added
lgtm/need 1
sapk
left a comment
sapk
left a comment
There was a problem hiding this comment.
Just a little comment.
For the rest, I will trust @tbraeutigam
snap/helpers/app.ini
Outdated
| SSH_ROOT = SNAP_DIR_COMMON/ssh | ||
| SSH_KEY_TEST_PATH = SNAP_DIR_DATA/sshkeytest | ||
| CERT_FILE = SNAP_DIR_DATA/certs/cert.pem | ||
| KEY_FILE = SNAP_DIR_DATA/certs/key.pem |
There was a problem hiding this comment.
CERT_FILE and KEY_FILE aren't need if protocol is http. Maybe we could generate some at install and default to https ?
There was a problem hiding this comment.
A fair bit of time has gone by since the writing and a lot of new features have come to snapcraft, so I'll re-check this. These entries were added back then because I judged including a full config-writer or something hack-ish would've been more costly than having these two lines in there.
There was a problem hiding this comment.
I've kept them in, and in a way 'made it worse' by moving to the snap hooks for configuration.
Doing that I'm using the defaults from app.ini.sample, overwriting the parts necessary for a snap to function and adding them all to the app.ini as used by gitea.
I personally prefer this, as it's now possible to configure everything via sudo snap set category-subcategory.option, but it has some drawbacks at the moment, as I didn't want to touch the config system:
- Cateogories in the style of
category.subcategoryare nowcategory-subcategory - Options containing an underscore have a '99' in its place (
ssh.minimum_key_sizeisssh-minimum99key99sizefor snapctl) - New defaults do not apply automatically
- Service-restart takes longer (it re-parses the whole app.ini every time)
All options can still be changed manually in the app.ini file and will be added to snapctl upon service-restart.
Not sure which way is preferred, but unless we'll touch the config system for this, there's not much that can be done (aside from completely leaving it alone and up to the user to set everything).
I would love to have it fully integrated into the snap config system as an option, but that would require a lot of work:
- Category names are only allowed to be lower case and can only contain dashes
- There is no programmatic interface from what I can see, all has to be done with
exec()calls.
ini files are regrettably hard to convert to the json-based snapctl config format.
(You can see some of the mess by looking at the configuration.sh files ToSnap and ToIni functions...)
tboerger
added
lgtm/done
|
Why isn't this a separate repo like |
|
Is there any way to trigger the snapcraft buildservers from Drone? 🤔 EDIT: Was already answered in the issue #2539 (comment)
|
|
@bkcsoft It seems snap don't support that usage? @tbraeutigam |
|
@bkcsoft , in response to your query:
An earlier comment by @tbraeutigam :
|
|
Hi @pokemaster7,
I believe the issue was with Daemon-Integration in snapd not dealing well
with user-level systemd or similar...
But I *could* be wrong at this time.
…On Sun, 8 Dec 2019 at 20:14, pokemaster7 ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In snap/helpers/directorySetup.sh
<#2568 (comment)>:
> @@ -0,0 +1,59 @@
+#!/bin/bash
+
+SDATA=''; SCOMMON='';
+if env | grep -q root; then
+ export SDATA=$(echo $SNAP_DATA | sed s!$SNAP_REVISION!current!)
+ export SCOMMON="$SNAP_COMMON"
+ export isRoot=`true`
+else
+ echo "You are not running gitea as root. This is required for the snap package."
+ echo "Please re-run as root."
Hi @tbraeutigam <https://github.com/tbraeutigam>, sorry for bringing this
up 2 years after the PR, but do you recall exactly which issue prevented gitea
web from running correctly without daemon mode?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#2568?email_source=notifications&email_token=ABTFEKLRCOBHQLPDVUKA7TTQXVBPTA5CNFSM4D36HUZ2YY3PNVWWK3TUL52HS4DFWFIHK3DMKJSXC5LFON2FEZLWNFSXPKTDN5WW2ZLOORPWSZGOCOLHCWA#discussion_r355207886>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABTFEKMLG5X4L6LLFM5ERO3QXVBPTANCNFSM4D36HUZQ>
.
|
10 participants
As per @kwill 's request in tbraeutigam/gogs-snap#1 and #2539, I modified my gogs-snap to fit with gitea.
Changes to Gitea Code:
.gitignore:Adding a couple of exceptions for snapcraft files that might come up during compilation.
New Files:
snap/snapcraft.yamlThe snap package instructions
A simplistic wrapper for gitea, to fit with the snap environment
Sets up the directories/copied data from r/o
$SNAPto$SNAP_DATAand$SNAP_COMMONA few default settings (really 99% of changes are to adjust the paths properly for the Snap environment).
Rationale:
A snap version allows for quick testing and/or easy local hosting on your own machine/own network.
The snap does not restrict you from using any of the database options. It defaults to Sqlite3 on the setup page as that is what can be immediately used without further issues from within the snap.
Tested Scenarios:
If you do accept the pull-request it would be great if you could set up gitea to be automatically build via https://build.snapcraft.io -- it will allow it to be built on any commit to the master branch (or any other branch you specify).