privacy-in-design/gitea-migration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add cross-host SSH trust, state-aware teardown, and configurable migration polling

Browse Source 
- Add setup/cross_host_ssh.sh to establish ed25519 SSH trust between
  Unraid and Fedora (required by backup/restore scripts for direct SCP)
- Add ssh_key and authorized_key cleanup handlers to setup/cleanup.sh
- Rewrite phase8 cutover to mark GitHub repos as mirrors instead of
  archiving them (archived repos reject push mirror writes), with a
  JSON state snapshot of pre-cutover settings (description, homepage,
  wiki, projects, Pages) for exact restoration on teardown
- Rewrite phase8 teardown to restore from state snapshot with fallback
  to legacy "— was:" description parsing
- Make migration polling configurable via MIGRATION_POLL_INTERVAL_SEC
  and MIGRATION_POLL_TIMEOUT_SEC in .env (was hardcoded 120s/3s)
- Fix preflight SSL validation: check SSL_MODE instead of always
  requiring SSL_EMAIL, add conditional checks per SSL_MODE
- Add preflight checks 23-24: cross-host SSH connectivity
- Add --start-from range validation and cross_host_ssh.sh to run_all.sh

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
S
2026-02-28 20:50:41 -05:00
parent dc08375ad0
commit 316d318b5e
8 changed files with 509 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.env.example
View File

@@ -86,6 +86,8 @@ MIGRATE_ISSUES=false # Migrate GitHub issues to Gitea
MIGRATE_LABELS=true # Migrate GitHub labels
MIGRATE_MILESTONES=false # Migrate GitHub milestones
MIGRATE_WIKI=false # Migrate GitHub wiki
MIGRATION_POLL_INTERVAL_SEC=3 # Poll interval while waiting for async migration completion
MIGRATION_POLL_TIMEOUT_SEC=600 # Max wait per repo migration before timeout (increase for large repos)
# -----------------------------------------------------------------------------
@@ -121,4 +123,4 @@ REQUIRED_APPROVALS=1 # Number of approvals required if above is tru
SEMGREP_VERSION=latest # Semgrep OSS version to pin
TRIVY_VERSION=latest # Trivy version to pin
GITLEAKS_VERSION=latest # Gitleaks version to pin
SECURITY_FAIL_ON_ERROR=true # Block PR merge if security scan fails (true/false)
SECURITY_FAIL_ON_ERROR=true # Block PR merge if security scan fails (true/false)