scripts: forge-login.sh + forge-create-token.sh
forge-create-token.sh mints an access token for an existing user (prints to stdout — forgejo only shows it once). forge-login.sh configures the operator's shell: git config --global user.name / user.email, ~/.netrc entry for HTTP clones, and `tea login add` when tea is on PATH. takes the token interactively (hidden input) so it doesn't land in shell history.
This commit is contained in:
müde
parent
d8b05a9eb9
commit
a1c4d37bc9
2 changed files with 107 additions and 0 deletions
72
scripts/forge-login.sh
Executable file
72
scripts/forge-login.sh
Executable file
|
|
@ -0,0 +1,72 @@
|
|||
#!/usr/bin/env bash
|
||||
# Configure the current shell user's git + tea for the hive-forge.
|
||||
#
|
||||
# Sets:
|
||||
# - git config --global user.name / user.email
|
||||
# - tea login (if `tea` is on PATH)
|
||||
# - ~/.netrc entry so `git clone http://...` works without prompting
|
||||
#
|
||||
# Usage: forge-login.sh <username> [--email <addr>] [--url <forge-url>]
|
||||
#
|
||||
# Prompts for an access token on stdin (paste-and-enter). Generate
|
||||
# one first with `forge-create-token.sh <username>` or in the web UI
|
||||
# under Settings → Applications → Generate New Token.
|
||||
set -euo pipefail
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "usage: $0 <username> [--email <addr>] [--url <forge-url>]" >&2
|
||||
exit 2
|
||||
fi
|
||||
|
||||
username="$1"; shift
|
||||
email="${username}@hive.local"
|
||||
forge_url="http://localhost:3000"
|
||||
|
||||
while [ $# -gt 0 ]; do
|
||||
case "$1" in
|
||||
--email) email="$2"; shift 2 ;;
|
||||
--url) forge_url="$2"; shift 2 ;;
|
||||
*) echo "unknown arg: $1" >&2; exit 2 ;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Extract host:port for netrc.
|
||||
host=$(printf '%s' "$forge_url" | sed -E 's|^https?://||; s|/.*$||; s|:.*$||')
|
||||
|
||||
read -r -s -p "forgejo access token for $username (input hidden): " token
|
||||
echo
|
||||
if [ -z "$token" ]; then
|
||||
echo "no token entered; aborting" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
git config --global user.name "$username"
|
||||
git config --global user.email "$email"
|
||||
echo "git config: $username <$email>"
|
||||
|
||||
# netrc entry — git uses this for HTTP basic auth. 0600 because it
|
||||
# contains the plaintext token.
|
||||
netrc="$HOME/.netrc"
|
||||
touch "$netrc"
|
||||
chmod 600 "$netrc"
|
||||
if grep -q "^machine $host" "$netrc" 2>/dev/null; then
|
||||
# Remove the old block (machine line + the two following lines).
|
||||
sed -i.bak "/^machine $host\$/,+2d" "$netrc"
|
||||
fi
|
||||
cat >>"$netrc" <<EOF
|
||||
machine $host
|
||||
login $username
|
||||
password $token
|
||||
EOF
|
||||
echo "netrc: wrote $host entry"
|
||||
|
||||
if command -v tea >/dev/null 2>&1; then
|
||||
mkdir -p "$HOME/.config/tea"
|
||||
# tea refuses to add a login with a name that already exists; drop
|
||||
# it first so re-running this script is idempotent.
|
||||
tea login delete forge 2>/dev/null || true
|
||||
tea login add --name forge --url "$forge_url" --token "$token"
|
||||
echo "tea: configured 'forge' login"
|
||||
else
|
||||
echo "tea: not on PATH — install pkgs.tea if you want the CLI"
|
||||
fi
|
||||
Loading…
Add table
Add a link
Reference in a new issue