privacy-in-design/gitea-migration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d74e40d596215f7e09b28ca98194168b4f578143
gitea-migration/.env.example
S f4a6b04d14 feat: rework runner config to INI format with full field support 
Replace pipe-delimited runners.conf with INI-style sections supporting
host resolution, container images, repo-scoped tokens, resource limits,
capacity, and SSH key passthrough. All defaults pulled from .env.

- Add INI parsing helpers (ini_list_sections, ini_get, ini_set) to common.sh
- Add SSH key support (UNRAID_SSH_KEY, FEDORA_SSH_KEY) to ssh_exec/scp_to
- Add .env vars: RUNNER_DEFAULT_IMAGE, RUNNER_DEFAULT_CAPACITY,
  RUNNER_DEFAULT_DATA_PATH, LOCAL_RUNNER_DATA_PATH, LOCAL_REGISTRY
- Rewrite manage_runner.sh with host/image/token resolution and resource limits
- Rewrite configure_runners.sh wizard for INI format with all 9 fields
- Update phase3 scripts to use ini_list_sections instead of pipe parsing
- Add runners.conf INI validation to preflight.sh (check 5b)
- Update templates to use resolved labels, capacity, and deploy resources

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-28 23:14:46 -05:00

134 lines
7.9 KiB
Plaintext
Raw Blame History

# =============================================================================
# .env.example — Gitea Migration Configuration
# Copy to .env and populate all PRE-POPULATED values before running preflight
# AUTO-POPULATED values will be filled in by scripts during execution
# =============================================================================
# -----------------------------------------------------------------------------
# UNRAID SERVER
# -----------------------------------------------------------------------------
UNRAID_IP= # Static IP of Unraid server
UNRAID_SSH_USER= # SSH username for Unraid
UNRAID_SSH_PORT=22 # SSH port (default 22)
UNRAID_GITEA_PORT=3000 # Port Gitea web UI will listen on
UNRAID_GITEA_SSH_PORT=2222 # Port for git-over-SSH (host 22 is taken by SSH server)
UNRAID_GITEA_DATA_PATH= # Absolute path on NVMe for Gitea data (e.g. /mnt/nvme/gitea)
UNRAID_SSH_KEY= # Path to SSH private key (optional, uses ssh-agent default if empty)
# -----------------------------------------------------------------------------
# FEDORA SERVER
# -----------------------------------------------------------------------------
FEDORA_IP= # Static IP of Fedora server
FEDORA_SSH_USER= # SSH username for Fedora
FEDORA_SSH_PORT=22 # SSH port (default 22)
FEDORA_GITEA_PORT=3000 # Port Gitea web UI will listen on
FEDORA_GITEA_SSH_PORT=2222 # Port for git-over-SSH (host 22 is taken by SSH server)
FEDORA_GITEA_DATA_PATH= # Absolute path on NVMe for Gitea data (e.g. /mnt/nvme/gitea)
FEDORA_SSH_KEY= # Path to SSH private key (optional, uses ssh-agent default if empty)
# -----------------------------------------------------------------------------
# GITEA — SHARED CREDENTIALS (used on both Unraid + Fedora instances)
# -----------------------------------------------------------------------------
GITEA_ADMIN_USER= # Admin username (same on both instances)
GITEA_ADMIN_PASSWORD= # Admin password (min 8 chars, same on both instances)
GITEA_ADMIN_EMAIL= # Admin email (same on both instances)
GITEA_ORG_NAME= # Organization name to create (e.g. mifi-llc)
GITEA_INSTANCE_NAME= # Display name for the Gitea instance (e.g. MIFI Git)
GITEA_DB_TYPE=sqlite3 # Database type — sqlite3 is sufficient for your scale
GITEA_VERSION=1.23 # Gitea Docker image tag (e.g. 1.23, 1.23.1, latest)
ACT_RUNNER_VERSION=0.2.11 # act_runner version for all runners (e.g. 0.2.11, latest)
# -----------------------------------------------------------------------------
# GITEA — PRIMARY INSTANCE (Unraid)
# -----------------------------------------------------------------------------
GITEA_DOMAIN= # Public domain/subdomain pointing to Unraid (e.g. git.yourdomain.com)
GITEA_INTERNAL_URL= # Internal URL (e.g. http://UNRAID_IP:3000) used by scripts
# AUTO-POPULATED by phase1 scripts:
GITEA_ADMIN_TOKEN= # API token for primary instance — do not fill manually
# -----------------------------------------------------------------------------
# GITEA — BACKUP INSTANCE (Fedora)
# -----------------------------------------------------------------------------
GITEA_BACKUP_INTERNAL_URL= # Internal URL of Fedora Gitea (e.g. http://FEDORA_IP:3000)
GITEA_BACKUP_MIRROR_INTERVAL=8h # How often Fedora pulls from Unraid (e.g. 8h, 24h)
BACKUP_STORAGE_PATH= # Absolute path on Fedora to store gitea dump archives (e.g. /mnt/nvme/gitea-backups)
BACKUP_RETENTION_COUNT=5 # Number of backup archives to keep (older ones are pruned)
# AUTO-POPULATED by phase2 scripts:
GITEA_BACKUP_ADMIN_TOKEN= # API token for backup instance — do not fill manually
# -----------------------------------------------------------------------------
# RUNNERS
# Runner definitions live in runners.conf (INI format, see runners.conf.example)
# Use manage_runner.sh to add/remove runners at any time
# -----------------------------------------------------------------------------
RUNNER_DEFAULT_IMAGE=catthehacker/ubuntu:act-latest # Default container image for docker runners
RUNNER_DEFAULT_CAPACITY=1 # Default max concurrent jobs per runner (positive integer)
RUNNER_DEFAULT_DATA_PATH=/mnt/nvme/gitea-runner # Default data path for remote (docker) runners
LOCAL_RUNNER_DATA_PATH=~/gitea-runner # Data path for native macOS runner
LOCAL_REGISTRY= # Local registry prefix (e.g. registry.local:5000), empty = Docker Hub
# AUTO-POPULATED by phase1 scripts — do not fill manually:
GITEA_RUNNER_REGISTRATION_TOKEN= # Retrieved from Gitea admin panel via API
# -----------------------------------------------------------------------------
# REPOSITORIES
# -----------------------------------------------------------------------------
# GitHub source repos (for migration import)
GITHUB_USERNAME= # GitHub username or org name
GITHUB_TOKEN= # GitHub personal access token (needs repo read scope)
# Repo names — must match exactly as they appear on GitHub
REPO_1_NAME= # e.g. android-kotlin-app
REPO_2_NAME= # e.g. ios-swiftui-app
REPO_3_NAME= # e.g. go-cli-tool
# Migration options (true/false)
MIGRATE_ISSUES=false # Migrate GitHub issues to Gitea
MIGRATE_LABELS=true # Migrate GitHub labels
MIGRATE_MILESTONES=false # Migrate GitHub milestones
MIGRATE_WIKI=false # Migrate GitHub wiki
MIGRATION_POLL_INTERVAL_SEC=3 # Poll interval while waiting for async migration completion
MIGRATION_POLL_TIMEOUT_SEC=600 # Max wait per repo migration before timeout (increase for large repos)
# -----------------------------------------------------------------------------
# GITHUB MIRROR (offsite backup)
# -----------------------------------------------------------------------------
GITHUB_MIRROR_TOKEN= # GitHub PAT with repo write scope (for push mirroring)
# Can be same as GITHUB_TOKEN if it has write scope
GITHUB_MIRROR_INTERVAL=8h # How often Gitea pushes to GitHub
# -----------------------------------------------------------------------------
# NGINX REVERSE PROXY (existing Docker container on Unraid)
# -----------------------------------------------------------------------------
NGINX_CONTAINER_NAME= # Name of existing Nginx Docker container (e.g. nginx, swag)
NGINX_CONF_PATH= # Host path to Nginx conf.d directory (e.g. /mnt/user/appdata/nginx/conf.d)
SSL_MODE=letsencrypt # SSL mode: "letsencrypt" (auto-provision via Certbot) or "existing" (provide cert paths)
SSL_EMAIL= # Email for Let's Encrypt (only if SSL_MODE=letsencrypt)
SSL_CERT_PATH= # Absolute path to SSL cert on Unraid (only if SSL_MODE=existing)
SSL_KEY_PATH= # Absolute path to SSL key on Unraid (only if SSL_MODE=existing)
# -----------------------------------------------------------------------------
# BRANCH PROTECTION
# -----------------------------------------------------------------------------
PROTECTED_BRANCH=main # Branch to protect across all repos
REQUIRE_PR_REVIEW=false # Require PR review before merge (true/false)
REQUIRED_APPROVALS=1 # Number of approvals required if above is true
# -----------------------------------------------------------------------------
# SECURITY (Phase 9 — post-migration)
# -----------------------------------------------------------------------------
SEMGREP_VERSION=latest # Semgrep OSS version to pin
TRIVY_VERSION=latest # Trivy version to pin
GITLEAKS_VERSION=latest # Gitleaks version to pin
SECURITY_FAIL_ON_ERROR=true # Block PR merge if security scan fails (true/false)
Reference in New Issue View Git Blame Copy Permalink