Fix gitea

docker/bash-lib/main.bash

@@ -92,3 +92,13 @@ echo_exit() {
     echo $msg
     exit 1
 }
+
+## Args
+# - ca-certificates.crt - nix path to ca-certificates.crt
+create_ssl_certs() {
+    local ca_certificates="$1/etc/ssl/certs/ca-bundle.crt"
+
+    $_prog_busybox/bin/mkdir -p /etc/ssl/certs
+    $_prog_busybox/bin/ln $ca_certificates /etc/ssl/certs/ca-bundle.crt
+    $_prog_busybox/bin/ln $ca_certificates /etc/ssl/certs/ca-certificates.crt
+}

docker/gitea/default.nix

@@ -1,13 +1,12 @@
-{ pkgs, system, nixpkgs, ... }:
+{ system, nixpkgs, ... }:
 let
-  # pkgs = (import nixpkgs { inherit system; }).pkgsMusl;
-  gitea =
-    let 
-      openssh = pkgs.openssh.override {
-        withKerberos = false; withFIDO = false;
+  overlay = self: super:
+    {
+      openssh = super.openssh.override {
+        withKerberos = false;
+        withFIDO = false;
       };
-      git = pkgs.git.override {
-        inherit openssh;
+      git = super.git.override {
         perlSupport = false;
         nlsSupport = false;
         withManual = false;
@@ -16,15 +15,19 @@ let
         withpcre2 = false;
         sendEmailSupport = false;
       };
-    in
-      pkgs.gitea.override {
-        inherit openssh git;
+      gitea = super.gitea.override {
         pamSupport = false;
       };
+      # glibc = super.glibc.override {
+      #   withLinuxHeaders = false;
+      # };
+    };
+  pkgs = (import nixpkgs { inherit system; overlays = [ overlay ]; });#.pkgsMusl;
   bashLib = ../bash-lib;
   init = pkgs.writeShellScriptBin "init" (builtins.readFile ./init);
   conf = pkgs.writeText "conf" ''
     _prog_busybox="${pkgs.busybox}"
+    _prog_sudo="${pkgs.sudo}"
     _prog_bashlib="${bashLib}"
     _prog_bash="${pkgs.bash}"
     _prog_gitea="${pkgs.gitea}"
@@ -32,8 +35,10 @@ let
     _conf_user_uid="5000"
     _conf_user_gid="5000"
     _conf_data="/data/gitea"
+    _conf_cacert="${pkgs.cacert}"
   '';
 in
+# conf
 pkgs.dockerTools.buildLayeredImage {
   name = "gitea";
   tag = "latest";

docker/gitea/init

@@ -10,9 +10,10 @@ else
     source $conf
 fi
 
+# shellcheck source=/../../bash-lib/main.bash 
 source $_prog_bashlib/main.bash
 
-if [[ $($_prog_busybox/bin/id -u) = 0 ]] ; then 
+# if [[ $($_prog_busybox/bin/id -u) = 0 ]] ; then 
     $_prog_busybox/bin/cat << EOF
 ### Gitea Nix Image Manual
 ##
@@ -48,24 +49,8 @@ EOF
     $_prog_busybox/bin/mkdir -p /usr/bin
     $_prog_busybox/bin/ln -s $_prog_busybox/bin/env /usr/bin/env
 
-    check_owner "$_conf_data" "$_user_uid" "$_user_gid" 
+    create_ssl_certs $_conf_cacert
 
-    save_env "_user_uid \
-	      _user_gid \
-	      conf
-	      " > /env # TODO: exited even though it must have succeded || \
-	# echo_exit "Failed to save environment!"
-    
-    check_root "$_user_uid"
-    exec $_prog_busybox/bin/su gitea -c "$0 $@" || \
-	echo_exit "Failed to switch user!"
-else
-    source /env || \
-	echo_exit "Failed to source env!"
-
-    export GITEA_WORK_DIR=$_conf_data
-
-    echo
     echo "Starting Gitea!"
-    $_prog_gitea/bin/gitea -c /app.ini $@ 
-fi
+    exec $_prog_busybox/bin/su gitea -c "$_prog_gitea/bin/gitea -c /app.ini $@" 
+# fi