From 1a92ff07fbbd968ca488968c4b8385f743968430 Mon Sep 17 00:00:00 2001 From: Norwin Date: Sat, 15 Jan 2022 18:22:41 +0100 Subject: [PATCH 01/18] add contrib/upgrade.sh --- contrib/upgrade.sh | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100755 contrib/upgrade.sh diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh new file mode 100755 index 0000000000000..ce07640c5fc70 --- /dev/null +++ b/contrib/upgrade.sh @@ -0,0 +1,41 @@ +#!/bin/bash +set -e + +# this is an upgrade script, for gitea deployed on linux as systemd service +# depends on: curl, xz, sha256sum, gpg +# usage: upgrade.sh [version] + +# change the variables below for your local setup +giteaversion=${1:-1.15.10} +giteabin=/usr/local/bin/gitea +giteahome=/var/lib/gitea +giteaconf=/etc/gitea/app.ini +giteauser="git" +giteacmd="sudo -u $giteauser $giteabin -c $giteaconf -w $giteahome" + +# download new binary +binname=gitea-${giteaversion}-linux-amd64 +binurl="https://dl.gitea.io/gitea/${giteaversion}/${binname}.xz" +echo downloading $binurl +cd $giteahome # needed for gitea dump later +curl -sSfL "$binurl" > ${binname}.xz +curl -sSfL "${binurl}.sha256" > ${binname}.xz.sha256 +curl -sSfL "${binurl}.asc" > ${binname}.xz.asc + +# validate checksum & gpg signature (exit script if error) +sha256sum -c ${binname}.xz.sha256 +gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 +gpg --verify ${binname}.xz.asc ${binname}.xz +rm ${binname}.xz.{sha256,asc} + +# unpack binary + make executable +xz -d ${binname}.xz +chmod +x $binname + +# stop gitea, create backup, replace binary, restart gitea +$giteacmd manager flush-queues +systemctl stop gitea +$giteacmd --version +$giteacmd dump +mv -fb $binname $giteabin +systemctl start gitea From affb7ff884c1d045239505ca35047d4d78ca2767 Mon Sep 17 00:00:00 2001 From: Norwin Date: Sat, 15 Jan 2022 18:30:24 +0100 Subject: [PATCH 02/18] add script to docs --- docs/content/doc/upgrade/from-gitea.en-us.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/content/doc/upgrade/from-gitea.en-us.md b/docs/content/doc/upgrade/from-gitea.en-us.md index c3c46a148f4ff..2f64e0fac6bf6 100644 --- a/docs/content/doc/upgrade/from-gitea.en-us.md +++ b/docs/content/doc/upgrade/from-gitea.en-us.md @@ -76,6 +76,8 @@ a snapshot for the Gitea data volume and related object storage is more convenie * Replace the installed Gitea binary with the downloaded one. * Start the Gitea instance. +A script automating these steps for a deployment on Linux can be found at [`contrib/upgrade.sh` in Gitea's source tree](https://github.com/go-gitea/gitea/blob/main/contrib/upgrade.sh). + ## Take care about customized templates Gitea's template structure and variables may change between releases, if you are using customized templates, From e515b171d9f107cbaa1c03f412a1e0ec76a57039 Mon Sep 17 00:00:00 2001 From: Norwin Date: Sun, 16 Jan 2022 18:53:51 +0100 Subject: [PATCH 03/18] improvements --- contrib/upgrade.sh | 79 +++++++++++++++++++++++++++++++++------------- 1 file changed, 57 insertions(+), 22 deletions(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index ce07640c5fc70..4cd62f119dfcd 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -1,29 +1,63 @@ -#!/bin/bash +#!/usr/bin/env bash set -e -# this is an upgrade script, for gitea deployed on linux as systemd service -# depends on: curl, xz, sha256sum, gpg -# usage: upgrade.sh [version] +# This is an update script for gitea deployed from the binary distribution +# from dl.gitea.io on linux as systemd service. It performs backup and updates +# Gitea in place. +# Depends on: bash, curl, xz, sha256sum, gpg, which. optionally jq. +# Usage: [environment vars] upgrade.sh [version] +# See below section for available environment vars. +# When no version is specied, updates to the latest release. +# Examples: +# upgrade.sh 1.15.10 +# giteahome=/opt/gitea giteaconf=$giteahome/app.ini upgrade.sh -# change the variables below for your local setup -giteaversion=${1:-1.15.10} -giteabin=/usr/local/bin/gitea -giteahome=/var/lib/gitea -giteaconf=/etc/gitea/app.ini -giteauser="git" -giteacmd="sudo -u $giteauser $giteabin -c $giteaconf -w $giteahome" +# apply variables from environment +: ${giteabin:=/usr/local/bin/gitea} +: ${giteahome:=/var/lib/gitea} +: ${giteaconf:=/etc/gitea/app.ini} +: ${giteauser:=git} +: ${sudocmd:=sudo} +: ${arch:=linux-amd64} + +function giteacmd { + "$sudocmd" -u "$giteauser" "$giteabin" -c "$giteaconf" -w "$giteahome" $@ +} + +function require { + for exe in $@; do + which $exe &>/dev/null || (echo "missing dependency '$exe'"; exit 1) + done +} +require curl xz sha256sum gpg + +# select version to install +if [[ -z "$1" ]]; then + require jq + giteaversion=`curl -sL https://dl.gitea.io/gitea/version.json | jq -r .latest.version` +else + giteaversion="${1}" +fi + +# confirm update +current=`giteacmd --version | cut -d' ' -f3` +echo "make sure to read the changelog first: https://github.com/go-gitea/gitea/blob/main/CHANGELOG.md" +echo "are you ready to update Gitea from ${current} to ${giteaversion}? (y/N)" +read confirm +[[ "$confirm" == "y" ]] || exit 1 + +pushd `pwd` +cd $giteahome # needed for gitea dump later # download new binary -binname=gitea-${giteaversion}-linux-amd64 +binname=gitea-${giteaversion}-${arch} binurl="https://dl.gitea.io/gitea/${giteaversion}/${binname}.xz" -echo downloading $binurl -cd $giteahome # needed for gitea dump later -curl -sSfL "$binurl" > ${binname}.xz -curl -sSfL "${binurl}.sha256" > ${binname}.xz.sha256 -curl -sSfL "${binurl}.asc" > ${binname}.xz.asc +echo "Downloading $binurl..." +curl -sSfLO "$binurl{,.sha256,.asc}" # validate checksum & gpg signature (exit script if error) sha256sum -c ${binname}.xz.sha256 +# TODO 2022-06-24: this gpg key will expire! gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 gpg --verify ${binname}.xz.asc ${binname}.xz rm ${binname}.xz.{sha256,asc} @@ -33,9 +67,10 @@ xz -d ${binname}.xz chmod +x $binname # stop gitea, create backup, replace binary, restart gitea -$giteacmd manager flush-queues -systemctl stop gitea -$giteacmd --version -$giteacmd dump +giteacmd manager flush-queues +$sudocmd systemctl stop gitea +giteacmd dump mv -fb $binname $giteabin -systemctl start gitea +$sudocmd systemctl start gitea + +popd From dc4b496281c224770754eaf4100e91bf8489f750 Mon Sep 17 00:00:00 2001 From: Norwin Date: Sun, 16 Jan 2022 19:03:19 +0100 Subject: [PATCH 04/18] reword --- contrib/upgrade.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index 4cd62f119dfcd..c5e6d920f1201 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -6,8 +6,8 @@ set -e # Gitea in place. # Depends on: bash, curl, xz, sha256sum, gpg, which. optionally jq. # Usage: [environment vars] upgrade.sh [version] -# See below section for available environment vars. -# When no version is specied, updates to the latest release. +# See section below for available environment vars. +# When no version is specified, updates to the latest release. # Examples: # upgrade.sh 1.15.10 # giteahome=/opt/gitea giteaconf=$giteahome/app.ini upgrade.sh From 45eae898de3bf204c971851a9f0b82cfecc0c1c4 Mon Sep 17 00:00:00 2001 From: Norwin Date: Sun, 16 Jan 2022 23:51:05 +0100 Subject: [PATCH 05/18] apply feedback --- contrib/upgrade.sh | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index c5e6d920f1201..bb252c322308d 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -1,8 +1,8 @@ #!/usr/bin/env bash set -e -# This is an update script for gitea deployed from the binary distribution -# from dl.gitea.io on linux as systemd service. It performs backup and updates +# This is an update script for gitea installed via the binary distribution +# from dl.gitea.io on linux as systemd service. It performs a backup and updates # Gitea in place. # Depends on: bash, curl, xz, sha256sum, gpg, which. optionally jq. # Usage: [environment vars] upgrade.sh [version] @@ -34,26 +34,27 @@ require curl xz sha256sum gpg # select version to install if [[ -z "$1" ]]; then require jq - giteaversion=`curl -sL https://dl.gitea.io/gitea/version.json | jq -r .latest.version` + giteaversion=$(curl --connect-timeout 10 -sL https://dl.gitea.io/gitea/version.json | jq -r .latest.version) else - giteaversion="${1}" + giteaversion="$1" fi # confirm update -current=`giteacmd --version | cut -d' ' -f3` -echo "make sure to read the changelog first: https://github.com/go-gitea/gitea/blob/main/CHANGELOG.md" -echo "are you ready to update Gitea from ${current} to ${giteaversion}? (y/N)" +current=$(giteacmd --version | cut -d' ' -f3) +[[ "$current" == "$giteaversion" ]] && echo "$current is already installed, stopping." && exit 1 +echo "Make sure to read the changelog first: https://github.com/go-gitea/gitea/blob/main/CHANGELOG.md" +echo "Are you ready to update Gitea from ${current} to ${giteaversion}? (y/N)" read confirm [[ "$confirm" == "y" ]] || exit 1 -pushd `pwd` -cd $giteahome # needed for gitea dump later +pushd $(pwd) +cd "$giteahome" # needed for gitea dump later # download new binary binname=gitea-${giteaversion}-${arch} binurl="https://dl.gitea.io/gitea/${giteaversion}/${binname}.xz" echo "Downloading $binurl..." -curl -sSfLO "$binurl{,.sha256,.asc}" +curl --connect-timeout 10 -sSfLO "$binurl{,.sha256,.asc}" # validate checksum & gpg signature (exit script if error) sha256sum -c ${binname}.xz.sha256 @@ -64,7 +65,8 @@ rm ${binname}.xz.{sha256,asc} # unpack binary + make executable xz -d ${binname}.xz -chmod +x $binname +chown "$giteauser" "$binname" +chmod +x "$binname" # stop gitea, create backup, replace binary, restart gitea giteacmd manager flush-queues From 715d55f701d2806e2e9a4d14064fed30a18d3f4b Mon Sep 17 00:00:00 2001 From: Norwin Date: Sun, 16 Jan 2022 23:32:54 +0100 Subject: [PATCH 06/18] use slim backup by default --- contrib/upgrade.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index bb252c322308d..af43b6931aa2f 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -19,6 +19,7 @@ set -e : ${giteauser:=git} : ${sudocmd:=sudo} : ${arch:=linux-amd64} +: ${backupopts:=--skip-lfs-data --skip-repository --skip-attachment-data --skip-log} function giteacmd { "$sudocmd" -u "$giteauser" "$giteabin" -c "$giteaconf" -w "$giteahome" $@ @@ -71,7 +72,7 @@ chmod +x "$binname" # stop gitea, create backup, replace binary, restart gitea giteacmd manager flush-queues $sudocmd systemctl stop gitea -giteacmd dump +giteacmd dump $backupopts mv -fb $binname $giteabin $sudocmd systemctl start gitea From 82e5fbcc2d70ac1fd8324e3824d4274eb61c58ab Mon Sep 17 00:00:00 2001 From: Norwin Date: Sun, 16 Jan 2022 23:40:09 +0100 Subject: [PATCH 07/18] use longform command flags --- contrib/upgrade.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index af43b6931aa2f..7de3ad503046a 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -22,7 +22,7 @@ set -e : ${backupopts:=--skip-lfs-data --skip-repository --skip-attachment-data --skip-log} function giteacmd { - "$sudocmd" -u "$giteauser" "$giteabin" -c "$giteaconf" -w "$giteahome" $@ + "$sudocmd" --user "$giteauser" "$giteabin" --config "$giteaconf" --work-path "$giteahome" $@ } function require { @@ -41,7 +41,7 @@ else fi # confirm update -current=$(giteacmd --version | cut -d' ' -f3) +current=$(giteacmd --version | cut --delimiter=' ' --fields=3) [[ "$current" == "$giteaversion" ]] && echo "$current is already installed, stopping." && exit 1 echo "Make sure to read the changelog first: https://github.com/go-gitea/gitea/blob/main/CHANGELOG.md" echo "Are you ready to update Gitea from ${current} to ${giteaversion}? (y/N)" @@ -55,17 +55,17 @@ cd "$giteahome" # needed for gitea dump later binname=gitea-${giteaversion}-${arch} binurl="https://dl.gitea.io/gitea/${giteaversion}/${binname}.xz" echo "Downloading $binurl..." -curl --connect-timeout 10 -sSfLO "$binurl{,.sha256,.asc}" +curl --connect-timeout 10 --silent --show-error --fail --location -O "$binurl{,.sha256,.asc}" # validate checksum & gpg signature (exit script if error) -sha256sum -c ${binname}.xz.sha256 +sha256sum --check ${binname}.xz.sha256 # TODO 2022-06-24: this gpg key will expire! gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 gpg --verify ${binname}.xz.asc ${binname}.xz rm ${binname}.xz.{sha256,asc} # unpack binary + make executable -xz -d ${binname}.xz +xz --decompress ${binname}.xz chown "$giteauser" "$binname" chmod +x "$binname" @@ -73,7 +73,7 @@ chmod +x "$binname" giteacmd manager flush-queues $sudocmd systemctl stop gitea giteacmd dump $backupopts -mv -fb $binname $giteabin +mv --force --backup "$binname" "$giteabin" $sudocmd systemctl start gitea popd From 7079d69b5547f151cce7d024eec36a2aaa05eb69 Mon Sep 17 00:00:00 2001 From: Norwin Date: Mon, 17 Jan 2022 00:00:16 +0100 Subject: [PATCH 08/18] add more logging --- contrib/upgrade.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index 7de3ad503046a..df99d65f81800 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -70,10 +70,14 @@ chown "$giteauser" "$binname" chmod +x "$binname" # stop gitea, create backup, replace binary, restart gitea +echo "Stopping gitea at $(date)" giteacmd manager flush-queues $sudocmd systemctl stop gitea +echo "Creating backup in $giteahome" giteacmd dump $backupopts +echo "Updating binary at $giteabin" mv --force --backup "$binname" "$giteabin" $sudocmd systemctl start gitea +$sudocmd systemctl status gitea popd From 71a1ca9144aab07e1bbfffd6a9ff1710ada5424c Mon Sep 17 00:00:00 2001 From: Norwin Date: Mon, 17 Jan 2022 11:42:51 +0100 Subject: [PATCH 09/18] sane backup defaults --- contrib/upgrade.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index df99d65f81800..086249ee1aee2 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -13,13 +13,13 @@ set -e # giteahome=/opt/gitea giteaconf=$giteahome/app.ini upgrade.sh # apply variables from environment -: ${giteabin:=/usr/local/bin/gitea} -: ${giteahome:=/var/lib/gitea} -: ${giteaconf:=/etc/gitea/app.ini} -: ${giteauser:=git} -: ${sudocmd:=sudo} -: ${arch:=linux-amd64} -: ${backupopts:=--skip-lfs-data --skip-repository --skip-attachment-data --skip-log} +: ${giteabin:="/usr/local/bin/gitea"} +: ${giteahome:="/var/lib/gitea"} +: ${giteaconf:="/etc/gitea/app.ini"} +: ${giteauser:="git"} +: ${sudocmd:="sudo"} +: ${arch:="linux-amd64"} +: ${backupopts:=""} function giteacmd { "$sudocmd" --user "$giteauser" "$giteabin" --config "$giteaconf" --work-path "$giteahome" $@ From 2a3f62c972ab648c5e4eb2e5fea139507c7852f1 Mon Sep 17 00:00:00 2001 From: Norwin Date: Mon, 17 Jan 2022 11:46:24 +0100 Subject: [PATCH 10/18] add note about gpg key import --- contrib/upgrade.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index 086249ee1aee2..7089159ba56ad 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -4,6 +4,7 @@ set -e # This is an update script for gitea installed via the binary distribution # from dl.gitea.io on linux as systemd service. It performs a backup and updates # Gitea in place. +# NOTE: This adds the GPG Signing Key of the Gitea maintainers to the keyring. # Depends on: bash, curl, xz, sha256sum, gpg, which. optionally jq. # Usage: [environment vars] upgrade.sh [version] # See section below for available environment vars. From ec2f6c37a51473f05900288b80229c0becc23f25 Mon Sep 17 00:00:00 2001 From: Norwin Date: Mon, 17 Jan 2022 15:49:21 +0100 Subject: [PATCH 11/18] fix indentation --- contrib/upgrade.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index 7089159ba56ad..c3acf344808d9 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -20,7 +20,7 @@ set -e : ${giteauser:="git"} : ${sudocmd:="sudo"} : ${arch:="linux-amd64"} -: ${backupopts:=""} +: ${backupopts:=""} # see `gitea dump --help` for available options function giteacmd { "$sudocmd" --user "$giteauser" "$giteabin" --config "$giteaconf" --work-path "$giteahome" $@ @@ -38,7 +38,7 @@ if [[ -z "$1" ]]; then require jq giteaversion=$(curl --connect-timeout 10 -sL https://dl.gitea.io/gitea/version.json | jq -r .latest.version) else - giteaversion="$1" + giteaversion="$1" fi # confirm update From 775b7dbea176067fae75bcf96cab28d8435eb2df Mon Sep 17 00:00:00 2001 From: Norwin Date: Mon, 17 Jan 2022 16:40:27 +0100 Subject: [PATCH 12/18] Update contrib/upgrade.sh Co-authored-by: delvh --- contrib/upgrade.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index c3acf344808d9..6c4840c860594 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -47,7 +47,7 @@ current=$(giteacmd --version | cut --delimiter=' ' --fields=3) echo "Make sure to read the changelog first: https://github.com/go-gitea/gitea/blob/main/CHANGELOG.md" echo "Are you ready to update Gitea from ${current} to ${giteaversion}? (y/N)" read confirm -[[ "$confirm" == "y" ]] || exit 1 +[[ "$confirm" == "y" ]] || [[ "$confirm" == "Y" ]] || exit 1 pushd $(pwd) cd "$giteahome" # needed for gitea dump later From 1b6f8f634ae4f6ff43f23338db72580e18cfb476 Mon Sep 17 00:00:00 2001 From: Norwin Date: Fri, 21 Jan 2022 00:57:56 +0100 Subject: [PATCH 13/18] apply shellcheck --- contrib/upgrade.sh | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index 6c4840c860594..b0a71bf9f164b 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -set -e +set -euo pipefail # This is an update script for gitea installed via the binary distribution # from dl.gitea.io on linux as systemd service. It performs a backup and updates @@ -14,27 +14,27 @@ set -e # giteahome=/opt/gitea giteaconf=$giteahome/app.ini upgrade.sh # apply variables from environment -: ${giteabin:="/usr/local/bin/gitea"} -: ${giteahome:="/var/lib/gitea"} -: ${giteaconf:="/etc/gitea/app.ini"} -: ${giteauser:="git"} -: ${sudocmd:="sudo"} -: ${arch:="linux-amd64"} -: ${backupopts:=""} # see `gitea dump --help` for available options +: "${giteabin:="/usr/local/bin/gitea"}" +: "${giteahome:="/var/lib/gitea"}" +: "${giteaconf:="/etc/gitea/app.ini"}" +: "${giteauser:="git"}" +: "${sudocmd:="sudo"}" +: "${arch:="linux-amd64"}" +: "${backupopts:=""}" # see `gitea dump --help` for available options function giteacmd { - "$sudocmd" --user "$giteauser" "$giteabin" --config "$giteaconf" --work-path "$giteahome" $@ + "$sudocmd" --user "$giteauser" "$giteabin" --config "$giteaconf" --work-path "$giteahome" "$@" } function require { - for exe in $@; do - which $exe &>/dev/null || (echo "missing dependency '$exe'"; exit 1) + for exe in "$@"; do + which "$exe" &>/dev/null || (echo "missing dependency '$exe'"; exit 1) done } -require curl xz sha256sum gpg +require curl xz sha256sum gpg "$sudocmd" # select version to install -if [[ -z "$1" ]]; then +if [[ -z "${1:-}" ]]; then require jq giteaversion=$(curl --connect-timeout 10 -sL https://dl.gitea.io/gitea/version.json | jq -r .latest.version) else @@ -46,10 +46,10 @@ current=$(giteacmd --version | cut --delimiter=' ' --fields=3) [[ "$current" == "$giteaversion" ]] && echo "$current is already installed, stopping." && exit 1 echo "Make sure to read the changelog first: https://github.com/go-gitea/gitea/blob/main/CHANGELOG.md" echo "Are you ready to update Gitea from ${current} to ${giteaversion}? (y/N)" -read confirm +read -r confirm [[ "$confirm" == "y" ]] || [[ "$confirm" == "Y" ]] || exit 1 -pushd $(pwd) +pushd "$(pwd)" cd "$giteahome" # needed for gitea dump later # download new binary @@ -59,14 +59,14 @@ echo "Downloading $binurl..." curl --connect-timeout 10 --silent --show-error --fail --location -O "$binurl{,.sha256,.asc}" # validate checksum & gpg signature (exit script if error) -sha256sum --check ${binname}.xz.sha256 +sha256sum --check "${binname}.xz.sha256" # TODO 2022-06-24: this gpg key will expire! gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 -gpg --verify ${binname}.xz.asc ${binname}.xz -rm ${binname}.xz.{sha256,asc} +gpg --verify "${binname}.xz.asc" "${binname}.xz" +rm "${binname}.xz.{sha256,asc}" # unpack binary + make executable -xz --decompress ${binname}.xz +xz --decompress "${binname}.xz" chown "$giteauser" "$binname" chmod +x "$binname" From dbfcd0ffdb66eae2caddae1f80f4596dff6562b7 Mon Sep 17 00:00:00 2001 From: Norwin Date: Fri, 21 Jan 2022 10:43:54 +0100 Subject: [PATCH 14/18] fix quoting issue --- contrib/upgrade.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index b0a71bf9f164b..680d4d4b73e05 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -63,7 +63,7 @@ sha256sum --check "${binname}.xz.sha256" # TODO 2022-06-24: this gpg key will expire! gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 gpg --verify "${binname}.xz.asc" "${binname}.xz" -rm "${binname}.xz.{sha256,asc}" +rm "${binname}".xz.{sha256,asc} # unpack binary + make executable xz --decompress "${binname}.xz" From 97b8524652963a8e8a2552479055e3853dca5ed2 Mon Sep 17 00:00:00 2001 From: Norwin Date: Fri, 21 Jan 2022 10:44:19 +0100 Subject: [PATCH 15/18] refinements --- contrib/upgrade.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index 680d4d4b73e05..c60765ce03c13 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -31,7 +31,7 @@ function require { which "$exe" &>/dev/null || (echo "missing dependency '$exe'"; exit 1) done } -require curl xz sha256sum gpg "$sudocmd" +require systemctl curl xz sha256sum gpg "$sudocmd" # select version to install if [[ -z "${1:-}" ]]; then @@ -49,11 +49,11 @@ echo "Are you ready to update Gitea from ${current} to ${giteaversion}? (y/N)" read -r confirm [[ "$confirm" == "y" ]] || [[ "$confirm" == "Y" ]] || exit 1 -pushd "$(pwd)" +pushd "$(pwd)" &>/dev/null cd "$giteahome" # needed for gitea dump later # download new binary -binname=gitea-${giteaversion}-${arch} +binname="gitea-${giteaversion}-${arch}" binurl="https://dl.gitea.io/gitea/${giteaversion}/${binname}.xz" echo "Downloading $binurl..." curl --connect-timeout 10 --silent --show-error --fail --location -O "$binurl{,.sha256,.asc}" From 7cc90fb6f7ef8ef4de054165248bfdabcb7146b9 Mon Sep 17 00:00:00 2001 From: Norwin Date: Fri, 21 Jan 2022 14:33:43 +0100 Subject: [PATCH 16/18] Replace `which` with `command -v` Co-authored-by: Gusted --- contrib/upgrade.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index c60765ce03c13..7b5b5ff22c2c8 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -5,7 +5,7 @@ set -euo pipefail # from dl.gitea.io on linux as systemd service. It performs a backup and updates # Gitea in place. # NOTE: This adds the GPG Signing Key of the Gitea maintainers to the keyring. -# Depends on: bash, curl, xz, sha256sum, gpg, which. optionally jq. +# Depends on: bash, curl, xz, sha256sum, gpg. optionally jq. # Usage: [environment vars] upgrade.sh [version] # See section below for available environment vars. # When no version is specified, updates to the latest release. @@ -28,7 +28,7 @@ function giteacmd { function require { for exe in "$@"; do - which "$exe" &>/dev/null || (echo "missing dependency '$exe'"; exit 1) + command -v "$exe" &>/dev/null || (echo "missing dependency '$exe'"; exit 1) done } require systemctl curl xz sha256sum gpg "$sudocmd" From 858a5f9e00d5c570df44621c467c18673db212ae Mon Sep 17 00:00:00 2001 From: Norwin Date: Tue, 1 Feb 2022 17:55:36 +0100 Subject: [PATCH 17/18] Update contrib/upgrade.sh Co-authored-by: Gusted --- contrib/upgrade.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index 7b5b5ff22c2c8..95b6742f6d311 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -60,7 +60,6 @@ curl --connect-timeout 10 --silent --show-error --fail --location -O "$binurl{,. # validate checksum & gpg signature (exit script if error) sha256sum --check "${binname}.xz.sha256" -# TODO 2022-06-24: this gpg key will expire! gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 gpg --verify "${binname}.xz.asc" "${binname}.xz" rm "${binname}".xz.{sha256,asc} From 16e99b1de3842129593e2594d263e21a65b46438 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Wed, 2 Feb 2022 11:23:37 +0100 Subject: [PATCH 18/18] Update contrib/upgrade.sh --- contrib/upgrade.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index 95b6742f6d311..2f4f32bfaba8b 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -61,7 +61,7 @@ curl --connect-timeout 10 --silent --show-error --fail --location -O "$binurl{,. # validate checksum & gpg signature (exit script if error) sha256sum --check "${binname}.xz.sha256" gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 -gpg --verify "${binname}.xz.asc" "${binname}.xz" +gpg --verify "${binname}.xz.asc" "${binname}.xz" || { echo 'Signature does not match'; exit 1; } rm "${binname}".xz.{sha256,asc} # unpack binary + make executable