Add gitea-ssh hook.

Signed-off-by: Alec Warner <antarus@gentoo.org>

2 files changed, 34 insertions, 0 deletions

diff --git a/gitea-mirror/gitea-mirror b/gitea-mirror/gitea-mirror
new file mode 100755
index 0000000..527df11
--- /dev/null
+++ b/gitea-mirror/gitea-mirror
@@ -0,0 +1,25 @@
+#!/bin/sh
+# based on https://github.com/miracle2k/gitolite-simple-mirror/blob/master/post-receive
+
+# simple gitolite mirroring
+
+# flush STDIN coming from git, because gitolite's own post-receive.mirrorpush
+# script does the same thing
+[ -t 0 ] || cat >/dev/null
+
+if [ -z "${GL_REPO}" ]; then
+	echo "GL_REPO not set" >&2
+	exit 1
+fi
+
+targets=$(git config --get gentoo.mirror.url)
+[ -z "${targets}" ] && exit 0
+
+export GIT_SSH_KEY=$(git config --get gentoo.mirror.pubkey)
+: ${GIT_SSH_KEY:=/home/antarus/gitea-mirror/gentoo-gitea.ssh.priv}
+export GIT_SSH=./gitea-ssh-wrapper
+
+for target in ${targets}; do
+	# --force because someone may accidentally push into the mirror
+	git push --mirror --force ${target}
+done
diff --git a/gitea-mirror/gitea-ssh-wrapper b/gitea-mirror/gitea-ssh-wrapper
new file mode 100755
index 0000000..cb4f432
--- /dev/null
+++ b/gitea-mirror/gitea-ssh-wrapper
@@ -0,0 +1,9 @@
+#!/bin/sh
+# Use via GIT_SSH
+# Github is terrible and requires old ciphers/kex/macs
+CIPHERS='-o Ciphers=chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc'
+KEX='-o KexAlgorithms=curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1'
+MACS='-o MACs=hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-sha1'
+
+# Now run it
+exec ssh ${GIT_SSH_KEY:+-i} ${GIT_SSH_KEY} $CIPHERS $KEX $MACS "$@"