Feaure requests: unattended installation, user creation, app creation, sso, ldap integration

[lukasmrtvy]

Hello,
Here is my proposal to solve:

• unattended installation Support automatic installation via configuration management (ansible, puppet, chef, etc) #2324
• default admin user creation https://discourse.gitea.io/t/i-cannot-programmatically-setup-users-in-a-docker-container/289/8
• default oauth app creation [Feature Request] Add creation OAuth APP from cli and with ENVIRONMENT VARS #8764
• default sso integration ( not solved here )

https://github.com/go-gitea/gitea/blob/master/docker/root/etc/s6/gitea/setup

if ! gitea migration --test; 
then
  printf 'do migration' 
  gitea migrate
fi

if [ -z $GITEA_USERNAME && -z $GITEA_PASSWORD && -z $GITEA_EMAIL ]; 
   printf 'user creation initiated' 
   if ! gitea admin get-user $GITEA_USERNAME; then
     printf 'user not found, creating new one'
     gitea admin create-user -u 
   else
     printf 'user found, modificating email and password'
     gitea admin edit-user $GITEA_USERNAME -p $GITEA_PASSWORD -m $GITEA_EMAIL
   fi
fi

if [ -z $GITEA_OAUTH2_PROVIDER_ID && $GITEA_OAUTH2_PROVIDER_SECRET ];
then
   printf 'oauth app creation initiated'
   if ! gitea admin get-app $GITEA_OAUTH2_PROVIDER_ID; then
     printf 'app not found, creating new one'
     gitea admin add-app $GITEA_OAUTH2_PROVIDER_ID -p $GITEA_OAUTH2_PROVIDER_SECRET
   else
     printf 'app found , modificating secret'
     gitea admin edit-app $GITEA_OAUTH2_PROVIDER_ID -p $GITEA_OAUTH2_PROVIDER_SECRET
   fi
fi

To do this, its needed to integrate new gitea commands:

• gitea migration --test -> test if migration is done ( no need to use postgresql-client, mariadb-client, etc to check db tables are populated/migrated )
• gitea admin get-user -> get gitea user ( name, password, email )
• gitea admin edit-user -> edit gitea user ( password, email )
• gitea admin add-app -> add oauth application ( id secret )
• gitea admin edit-app -> edit oauth application ( secret )

P.S. modification commands are not necesary, its just for fully idempotent initialization of new instance. ( new gitea instance with old gitea db ). Even gitea admin auth update-oauth and gitea admin auth update-ldap exists...

Environment variables:

• GITEA_USERNAME
• GITEA_PASSWORD
• GITEA_EMAIL
• GITEA_OAUTH2_PROVIDER_ID
• GITEA_OAUTH2_PROVIDER_SECRET

Something similar should be used also for oauth and ldap authentication.
There are already commands for it:

• gitea admin auth add-oauth
• gitea admin auth add-ldap

Would be nice to have fully integrated gitea at deploy time.

Any other ideas @lunny ?
Thanks

[lunny]

It's interesting. We need some new commands.

[kapsh]

+1 for this feature, dockerised setup really could use default admin account.

[techknowlogick]

In 1.14.x this is a lot more straightforward, see https://discourse.gitea.io/t/unattended-gitea-installation-from-the-cli/3373/14 for details.

[kapsh]

@techknowlogick this works, thanks for the hint.