forked from public/stack
34 lines
1.1 KiB
Bash
Executable File
34 lines
1.1 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
if test -t 1; then
|
|
# This is not foolproof. Can easily be beat by doing |cat. This is just to
|
|
# make it less likely that secrets are output to terminal.
|
|
echo "Error: Not outputting secret to stdout; redirect output to a file or" \
|
|
"pipe output to \`sops\`." >/dev/stderr
|
|
exit 1
|
|
fi
|
|
|
|
FORGEJO_VERSION="1.20.5-0"
|
|
FORGEJO_TAG="sha256:d665129e66cc04fa72aa6a284eb98b17c0eee642aeaad7c88edec21f9edbf519"
|
|
FORGEJO_SLUG="${FORGEJO_VERSION}@${FORGEJO_TAG}"
|
|
|
|
forgejo() {
|
|
# TODO: make this extract image tag from kustomization?
|
|
docker run "codeberg.org/forgejo/forgejo:$FORGEJO_SLUG" forgejo "$@"
|
|
}
|
|
|
|
GITEA__SERVER__LFS_JWT_SECRET="$(forgejo generate secret LFS_JWT_SECRET)"
|
|
GITEA__SECURITY__SECRET_KEY="$(forgejo generate secret SECRET_KEY)"
|
|
GITEA__SECURITY__INTERNAL_TOKEN="$(forgejo generate secret INTERNAL_TOKEN)"
|
|
|
|
cat <<EOF
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: forgejo-config
|
|
stringData:
|
|
GITEA__SERVER__LFS_JWT_SECRET: ${GITEA__SERVER__LFS_JWT_SECRET}
|
|
GITEA__SECURITY__SECRET_KEY: ${GITEA__SECURITY__SECRET_KEY}
|
|
GITEA__SECURITY__INTERNAL_TOKEN: ${GITEA__SECURITY__INTERNAL_TOKEN}
|
|
EOF
|