privacy-in-design/gitea-migration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
40fe8477554030e27497759c8e4b07897d946971
gitea-migration/phase8_teardown.sh
S 9379b95a41 feat: add Phase 8 — Cutover (HTTPS + Archive GitHub) 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-26 15:29:14 -06:00

108 lines
4.3 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
set -euo pipefail
# =============================================================================
# phase8_teardown.sh — Reverse the cutover: remove HTTPS, un-archive GitHub
# Steps:
# 1. Remove Nginx gitea.conf + reload
# 2. Remove cert renewal cron
# 3. Optionally remove SSL certificates
# 4. Un-archive GitHub repos + restore original descriptions
# =============================================================================
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
source "${SCRIPT_DIR}/lib/common.sh"
load_env
require_vars UNRAID_IP UNRAID_SSH_USER \
GITEA_DOMAIN NGINX_CONTAINER_NAME NGINX_CONF_PATH \
SSL_MODE GITHUB_USERNAME GITHUB_TOKEN \
REPO_1_NAME REPO_2_NAME REPO_3_NAME
log_warn "=== Phase 8 Teardown: Cutover ==="
REPOS=("$REPO_1_NAME" "$REPO_2_NAME" "$REPO_3_NAME")
# ---------------------------------------------------------------------------
# Step 1: Remove Nginx config and reload
# ---------------------------------------------------------------------------
if ssh_exec UNRAID "test -f '${NGINX_CONF_PATH}/gitea.conf'" 2>/dev/null; then
printf 'Remove Nginx config for %s? [y/N] ' "$GITEA_DOMAIN"
read -r confirm
if [[ "$confirm" =~ ^[Yy]$ ]]; then
ssh_exec UNRAID "rm -f '${NGINX_CONF_PATH}/gitea.conf'"
ssh_exec UNRAID "docker exec ${NGINX_CONTAINER_NAME} nginx -s reload" || true
log_success "Nginx config removed and reloaded"
else
log_info "Nginx config preserved"
fi
else
log_info "Nginx config already removed"
fi
# ---------------------------------------------------------------------------
# Step 2: Remove cert renewal cron
# ---------------------------------------------------------------------------
if ssh_exec UNRAID "crontab -l 2>/dev/null | grep -q certbot" 2>/dev/null; then
ssh_exec UNRAID "crontab -l 2>/dev/null | grep -v certbot | crontab -"
log_success "Certbot renewal cron removed"
else
log_info "No certbot cron found"
fi
# ---------------------------------------------------------------------------
# Step 3: Optionally remove SSL certificates (letsencrypt only)
# ---------------------------------------------------------------------------
if [[ "$SSL_MODE" == "letsencrypt" ]]; then
if ssh_exec UNRAID "test -d '/etc/letsencrypt/live/${GITEA_DOMAIN}'" 2>/dev/null; then
printf 'Remove SSL certificates for %s? [y/N] ' "$GITEA_DOMAIN"
read -r confirm
if [[ "$confirm" =~ ^[Yy]$ ]]; then
ssh_exec UNRAID "rm -rf '/etc/letsencrypt/live/${GITEA_DOMAIN}' '/etc/letsencrypt/archive/${GITEA_DOMAIN}' '/etc/letsencrypt/renewal/${GITEA_DOMAIN}.conf'"
log_success "SSL certificates removed"
else
log_info "SSL certificates preserved"
fi
fi
fi
# ---------------------------------------------------------------------------
# Step 4: Un-archive GitHub repos + restore original descriptions
# The archive description format is: "[MOVED] ... — was: ORIGINAL_DESC"
# We parse the original description from after "— was: " to restore it.
# ---------------------------------------------------------------------------
printf 'Un-archive GitHub repos and restore descriptions? [y/N] '
read -r confirm
if [[ "$confirm" =~ ^[Yy]$ ]]; then
for repo in "${REPOS[@]}"; do
IS_ARCHIVED=$(github_api GET "/repos/${GITHUB_USERNAME}/${repo}" 2>/dev/null | jq -r '.archived' || echo "false")
if [[ "$IS_ARCHIVED" != "true" ]]; then
log_info "GitHub repo ${repo} not archived — skipping"
continue
fi
# Extract original description from the archived description
CURRENT_DESC=$(github_api GET "/repos/${GITHUB_USERNAME}/${repo}" 2>/dev/null | jq -r '.description // ""')
ORIGINAL_DESC=""
if [[ "$CURRENT_DESC" == *" — was: "* ]]; then
# Extract everything after "— was: "
ORIGINAL_DESC="${CURRENT_DESC##* — was: }"
fi
# Un-archive and restore description
RESTORE_PAYLOAD=$(jq -n \
--arg description "$ORIGINAL_DESC" \
'{archived: false, description: $description}')
if github_api PATCH "/repos/${GITHUB_USERNAME}/${repo}" "$RESTORE_PAYLOAD" >/dev/null 2>&1; then
log_success "Un-archived GitHub repo: ${repo}"
else
log_error "Failed to un-archive GitHub repo: ${repo}"
fi
done
else
log_info "GitHub repos left as-is"
fi
log_success "Phase 8 teardown complete"
Reference in New Issue View Git Blame Copy Permalink