privacy-in-design/gitea-migration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fcd966f97d224684bb4af2b2faeba26d4c4a5c80
gitea-migration/CLAUDE.md
S 0e0aeda658 feat: extract .env validators to common.sh and add validate_env() 
Move 10 validation functions from configure_env.sh to lib/common.sh as
shared utilities. Define variable-to-validator mapping using parallel
arrays (bash 3.2 compatible). validate_env() checks all ~50 .env
variables against their expected format and reports all failures at once.

Wired into preflight.sh (Check 6b) and bitwarden_to_env.sh (post-restore).
configure_env.sh now sources validators from common.sh instead of
defining its own copies.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-28 22:08:01 -05:00

62 lines
3.0 KiB
Markdown
Raw Blame History

# Gitea Migration Toolkit
## Project Overview
Bash-based automation toolkit for migrating 3 GitHub repos to self-hosted Gitea. All scripts run from MacBook, SSHing into Unraid (primary) and Fedora (backup mirror). GitHub serves as offsite push mirror.
## Architecture
- **Control plane**: MacBook runs all scripts locally, SSHs into remotes
- **Primary Gitea**: Docker Compose on Unraid
- **Backup Gitea**: Docker Compose on Fedora (pull mirrors)
- **Runners**: Docker on Unraid/Fedora, native binary + launchd on MacBook
- **HTTPS**: Nginx reverse proxy + Certbot on Unraid
## Script Conventions
- All `.sh` files MUST start with `set -euo pipefail`
- All scripts source `lib/common.sh` for shared functions
- All scripts MUST pass `shellcheck` with zero warnings
- All scripts MUST pass `bash -n` syntax check
- Configuration via `.env` file (never hardcode values)
- Templates use `.tpl` extension and `envsubst` for rendering
- Every phase has: main script + post_check + teardown
## Idempotency
Every create/deploy operation checks state first and skips if already done. Running any script twice produces the same result with no errors.
## File Structure
```
.env.example # Template — copy to .env and fill in
runners.conf.example # Template — copy to runners.conf
lib/common.sh # Shared functions (source this in every script)
setup/ # Machine setup + .env wizard
templates/ # Config templates (.tpl files)
contracts/ # API endpoint documentation
backup/ # Backup and restore scripts
```
## Key Commands
- `setup/configure_env.sh` — Interactive .env setup wizard
- `setup/cleanup.sh` — Reverse everything setup scripts installed (reads .manifests/)
- `preflight.sh` — Validate everything before running phases (includes .env format validation)
- `run_all.sh` — Execute all phases sequentially
- `teardown_all.sh` — Reverse teardown (add `--cleanup` to also uninstall prerequisites)
- `manage_runner.sh add|remove|list` — Dynamic runner management
## .env Validation
`validate_env()` in `lib/common.sh` checks all ~50 .env variables against their expected format (IP, port, email, path, URL, bool, integer, password, ssl_mode). Uses parallel arrays for the variable-to-validator mapping (bash 3.2 compatible). Called by `preflight.sh` and `bitwarden_to_env.sh`. `configure_env.sh` uses the same individual validators interactively.
## Version Checking
Setup scripts and preflight validate minimum versions for all tools:
- Local: jq>=1.6, curl>=7.70, git>=2.30, shellcheck>=0.8, gh>=2.0
- Remote: docker>=20.0, docker-compose>=2.0, jq>=1.6
## Install Manifests
Setup scripts record every install action to `.manifests/<host>.manifest`.
`setup/cleanup.sh` reads these manifests to fully reverse setup actions.
Useful for cleaning machines after testing or migrating to new servers.
## Sensitive Files (never commit)
- `.env` — contains passwords, tokens, IPs
- `runners.conf` — contains server IPs and paths
- `.manifests/` — machine-specific install state
- `*.pem`, `*.key`, `*.crt` — SSL certificates
Reference in New Issue View Git Blame Copy Permalink