%define debug_package %{nil}

Name:           %(make name)
Version:        %(make version)
Release:        %(make release)
Summary:        %(make summary)
License:        %(make license)
URL:            %(make url)

Source0:        %(make source0)
Buildarch:      %(make arch)
BuildRequires:  make
Requires:       netoik-rp netoik-db netoik-cache

%description
Install the Git server called Gitea.

%prep
%autosetup -v

%install
%make_install

%post
# Create gitea user
if ! id gitea >/dev/null 2>&1; then
  useradd --base-dir %{_sharedstatedir} --create-home --shell $SHELL --system gitea
fi
runuser --user=gitea -- mkdir --parents %{_sharedstatedir}/gitea/{custom,data,log} %{_sharedstatedir}/gitea/custom/conf
runuser --user=gitea -- ln --symbolic --force %{_sysconfdir}/gitea/app.ini %{_sharedstatedir}/gitea/custom/conf/app.ini
usermod --groups postgres,valkey --append gitea

# Download and install gitea binary
export ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/')
export GITEA_BINARY=gitea-1.25.5-linux-$ARCH
wget --output-document $GITEA_BINARY https://dl.gitea.com/gitea/1.25.5/$GITEA_BINARY
wget --output-document $GITEA_BINARY.asc https://dl.gitea.com/gitea/1.25.5/$GITEA_BINARY.asc
gpg --keyserver hkps://keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2
gpg --verify $GITEA_BINARY.asc $GITEA_BINARY
rm $GITEA_BINARY.asc
chmod 755 $GITEA_BINARY
mv $GITEA_BINARY %{_sbindir}/gitea

# Replace secrets in app.ini
export INTERNAL_TOKEN=$(runuser --user=gitea -- gitea generate secret INTERNAL_TOKEN)
export JWT_SECRET=$(runuser --user=gitea -- gitea generate secret JWT_SECRET)
export SECRET_KEY=$(runuser --user=gitea -- gitea generate secret SECRET_KEY)
envsubst < %{_sysconfdir}/gitea/app.ini > %{_sysconfdir}/gitea/.app.ini.new
mv %{_sysconfdir}/gitea/.app.ini.new %{_sysconfdir}/gitea/app.ini
chmod 640 %{_sysconfdir}/gitea/app.ini
chown root:gitea %{_sysconfdir}/gitea/app.ini

# Add lugit theme
export GITEA_LUGIT_THEME=gitea-lugit-theme
wget --output-document %{_tmppath}/$GITEA_LUGIT_THEME.tar.gz https://github.com/lucas-labs/gitea-lugit-theme/releases/download/v1.0.1/$GITEA_LUGIT_THEME.tar.gz
runuser --user=gitea -- tar --extract --gzip --overwrite --directory=%{_sharedstatedir}/gitea/custom --file %{_tmppath}/$GITEA_LUGIT_THEME.tar.gz
rm %{_tmppath}/$GITEA_LUGIT_THEME.tar.gz
runuser --user=gitea -- cp %{_tmppath}/gitea_images/* %{_sharedstatedir}/gitea/custom/public/assets/img

# Create postgres user and db
if ! runuser --user=postgres -- psql --quiet --tuples-only --command='\du' | grep --quiet gitea; then
  runuser --user=postgres -- createuser gitea
fi
if ! runuser --user=postgres -- psql --quiet --tuples-only --command='\l' | grep --quiet gitea; then
  runuser --user=postgres -- createdb --owner=gitea gitea
fi

# Create admin user
if ! runuser --user=gitea -- gitea admin user list | grep --quiet samuel; then
  runuser --user=gitea -- gitea admin user create --username samuel --email "samuel.campos@netoik.io" --admin --random-password --random-password-length 30 --fullname "Samuel Campos"
  runuser --user=gitea -- gitea admin user must-change-password samuel
fi

# Download and install act_runner binary
export ACTRUNNER_BINARY=act_runner-0.3.0-linux-$ARCH
wget --output-document $ACTRUNNER_BINARY.xz https://gitea.com/gitea/act_runner/releases/download/v0.3.0/$ACTRUNNER_BINARY.xz
wget --output-document $ACTRUNNER_BINARY.xz.sha256 https://gitea.com/gitea/act_runner/releases/download/v0.3.0/$ACTRUNNER_BINARY.xz.sha256
cat $ACTRUNNER_BINARY.xz.sha256 | sha256sum --check --status
rm $ACTRUNNER_BINARY.xz.sha256
unxz $ACTRUNNER_BINARY.xz
rm $ACTRUNNER_BINARY.xz
chmod 755 $ACTRUNNER_BINARY
mv $ACTRUNNER_BINARY %{_sbindir}/act_runner

# Create 4 actrunner users
export ACTRUNNER_TOKEN=$(runuser --user=gitea -- gitea actions generate-runner-token)
for i in $(seq 1 4); do
  if ! id actrunner$i >/dev/null 2>&1; then
    useradd --base-dir %{_sharedstatedir} --create-home --shell $SHELL --system actrunner$i
  fi
  runuser --user=actrunner$i -- rpmdev-setuptree
  runuser --user=actrunner$i -- act_runner register --instance https://git.netoik.io --labels self-hosted --name actrunner$i --no-interactive --token $ACTRUNNER_TOKEN
  systemctl reenable actrunner@$i.service
  systemctl restart actrunner@$i.service
done

# Restart gitea and nginx services
systemctl daemon-reload
systemctl reenable gitea.service
systemctl restart gitea.service nginx.service

%postun
# If uninstalling, then delete users and db
if [ $1 == 0 ]; then
	# Remove gitea user if existing
	if id gitea >/dev/null 2>&1; then
  	userdel --force --remove gitea
	fi

	# Remove gitea database if existing
	if runuser --user=postgres -- psql --quiet --tuples-only --command='\l' | grep --quiet gitea; then
  	runuser --user=postgres -- dropdb gitea
	fi
	if runuser --user=postgres -- psql --quiet --tuples-only --command='\du' | grep --quiet gitea; then
		runuser --user=postgres -- dropuser gitea
	fi

	# Remove actrunner users if existing
  for i in $(seq 1 4); do
		if id actrunner$i >/dev/null 2>&1; then
   		userdel --force --remove actrunner$i
		fi
  done
fi

%files
%dir %attr(755, root, root) %{_sysconfdir}/gitea
%attr(640, root, -) %{_sysconfdir}/gitea/app.ini

%attr(644, root, root) %{_sysconfdir}/nginx/conf.d/git.netoik.io.conf

%attr(644, root, root) %{_unitdir}/gitea.service
%attr(644, root, root) %{_unitdir}/actrunner@.service

%ghost %attr(755, root, root) %{_sbindir}/gitea
%ghost %attr(755, root, root) %{_sbindir}/act_runner

%dir %attr(755, root, root) %{_tmppath}/gitea_images
%attr(644, root, root) %{_tmppath}/gitea_images/{favicon,logo}.{png,svg}

%changelog
%autochangelog