add bookshelf module, fix gitea minor typo, add fixe ip for vms

modules/apps/bookshelf/lib/scripts/create-backup.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+source /opt/bookshelf/env.sh
+
+TIMESTAMP=$(date +'%Y-%m-%d_%H%M%S')
+docker exec bookshelf-database-1 mariadb-dump --all-database -u root -p"$MARIADB_ROOT_PASSWORD" > $BOOKSHELF_BACKUPS_DIR/bookshelf-dump-$TIMESTAMP.sql
+
+ls -1dt $BOOKSHELF_BACKUPS_DIR/$BOOKSHELF_BACKUP_PREFIX-*.zip | tail -n +5 | xargs -r rm -f

modules/apps/bookshelf/lib/scripts/env.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -a
+[ -f /opt/bookshelf/secrets/bookshelf.env ] && source /opt/bookshelf/secrets/bookshelf.env
+set +a

modules/apps/bookshelf/lib/scripts/install-bookshelf.sh

@@ -0,0 +1,38 @@
+#!/bin/bash
+
+source /opt/bookshelf/env.sh
+
+# trigger manually a CI/CD pipeline
+curl -X POST -H "Authorization: token $GITEA_BOOKSHELF_APPLICATION_TOKEN" \
+    -H "Content-Type: application/json" \
+    $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_BOOKSHELF_REPOSITORY/actions/workflows/deploy.yaml/dispatches \
+    -d '{"ref": "main", "inputs": {"ref": "main"}}'
+
+RUN_ID=$(curl -s -H "Authorization: token $GITEA_BOOKSHELF_APPLICATION_TOKEN" \
+    $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_BOOKSHELF_REPOSITORY/actions/runs \
+    | jq -r '.workflow_runs | sort_by(.created_at) | .[0].id')
+
+while true; do
+    STATUS=$(curl -s -H "Authorization: token $GITEA_BOOKSHELF_APPLICATION_TOKEN" \
+        $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_BOOKSHELF_REPOSITORY/actions/runs/$RUN_ID \
+        | jq -r '.status')
+        
+    if [ "$STATUS" = "completed" ]; then
+        CONCLUSION=$(curl -s -H "Authorization: token $GITEA_BOOKSHELF_APPLICATION_TOKEN" \
+        $GITEA_INSTANCE_URL/api/v1/repos/$GITEA_BOOKSHELF_REPOSITORY/actions/runs/$RUN_ID \
+        | jq -r '.conclusion')
+        echo "Workflow finished with status: $CONCLUSION"
+        break
+    fi
+
+    echo "Waiting 10 seconds..."
+    sleep 10
+done
+
+if [ "$CONCLUSION" = "success" ]; then
+    echo "Launching command..."
+    systemctl start restore-backup.service
+else
+    echo "Workflow failed or was cancelled, aborting."
+    exit 1
+fi

modules/apps/bookshelf/lib/scripts/install-runner.sh

@@ -0,0 +1,59 @@
+#!/bin/bash
+
+source /opt/bookshelf/env.sh
+
+if ! id -u $ACT_RUNNER_USER >/dev/null 2>&1; then
+    adduser \
+        --system \
+        --shell /bin/bash \
+        --gecos 'Action runner user' \
+        --ingroup docker\
+        --disabled-password \
+        --home /home/$ACT_RUNNER_USER \
+        $ACT_RUNNER_USER
+fi
+
+wget -O $ACT_RUNNER_LOCATION/act_runner https://dl.gitea.com/act_runner/$ACT_RUNNER_VERSION/act_runner-$ACT_RUNNER_VERSION-linux-amd64
+chmod +x $ACT_RUNNER_LOCATION/act_runner
+
+cat <<EOF > /home/$ACT_RUNNER_USER/config.yaml
+log:
+  level: info
+runner:
+  file: .runner
+  capacity: 1
+  timeout: 3h
+  shutdown_timeout: 0s
+  insecure: false
+  fetch_timeout: 5s
+  env_file: $ENV_FILE_LOCATION
+  fetch_interval: 2s
+  github_mirror: ''
+  labels:
+    - "ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest"
+    - "ubuntu-22.04:docker://docker.gitea.com/runner-images:ubuntu-22.04"
+    - "ubuntu-20.04:docker://docker.gitea.com/runner-images:ubuntu-20.04"
+cache:
+  enabled: true
+  dir: ""
+  host: ""
+  port: 0
+  external_server: ""
+container:
+  network: ""
+  privileged: false
+  options:
+  workdir_parent:
+  valid_volumes: []
+  docker_host: ""
+  force_pull: true
+  force_rebuild: false
+  require_docker: false
+  docker_timeout: 0s
+host:
+  workdir_parent:  
+EOF
+
+cd /home/act_runner
+sudo -u $ACT_RUNNER_USER act_runner register --no-interactive --instance $GITEA_INSTANCE_URL --token $GITEA_RUNNER_REGISTRATION_TOKEN --name $USERNAME --labels $USERNAME $REPOSITORY
+chown -R $ACT_RUNNER_USER:docker /home/$ACT_RUNNER_USER

modules/apps/bookshelf/lib/scripts/restore-backup.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+source /opt/bookshelf/env.sh
+
+LATEST_BACKUP=$(ls -1 $BOOKSHELF_BACKUPS_DIR/$BOOKSHELF_BACKUP_PREFIX-*.sql 2>/dev/null | sort | tail -n1)
+
+if [ -n "$LATEST_BACKUP" ] && [ -f "$LATEST_BACKUP" ]; then
+    cat $LATEST_BACKUP | docker exec -i bookshelf-database-1 mariadb -u root -p"$MARIADB_ROOT_PASSWORD" -D $MARIADB_DATABASE
+fi

modules/apps/bookshelf/lib/services/act_runner.service

@@ -0,0 +1,16 @@
+[Unit]
+Description=Gitea Actions runner
+Documentation=https://gitea.com/gitea/act_runner
+After=docker.service
+
+[Service]
+ExecStart=/usr/local/bin/act_runner daemon --config /home/act_runner/config.yaml
+ExecReload=/bin/kill -s HUP $MAINPID
+WorkingDirectory=/home/act_runner
+TimeoutSec=0
+RestartSec=10
+Restart=always
+User=act_runner
+
+[Install]
+WantedBy=multi-user.target

modules/apps/bookshelf/lib/services/restore-backup.service

@@ -0,0 +1,11 @@
+[Unit]
+Description=Restore latest Bookshelf backup
+After=network.target
+Requires=docker.service
+
+[Service]
+Type=oneshot
+User=root
+ExecStart=/usr/local/bin/restore-backup.sh
+WorkingDirectory=/home/bookshelf
+TimeoutStartSec=600

modules/apps/bookshelf/lib/services/weekly-backup.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=Weekly Bookshelf Backup
+Wants=network.target
+After=network.target docker.service
+Before=shutdown.target reboot.target halt.target
+
+[Service]
+Type=oneshot
+User=root
+ExecStart=/usr/local/bin/backup.sh

modules/apps/bookshelf/lib/services/weekly-backup.timer

@@ -0,0 +1,9 @@
+[Unit]
+Description=Run Bookshelf backup weekly
+
+[Timer]
+OnCalendar=Sun *-*-* 01:00:00
+Persistent=true
+
+[Install]
+WantedBy=timers.target