diff --git a/README.md b/README.md index 1a84b5c..4691c1b 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,24 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in ## Overview -Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its particularity is that it is light and can run on an ARM card, which makes it suitable for self-hosting. Gogs has a web interface similar to that of GitHub. +Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its particularity is that it is light and can run on an ARM card, which makes it suitable for self-hosting. Gogs has a web interface similar to that of GitHub. + + +### Features + +- User dashboard, user profile and activity timeline. +- Access repositories via SSH, HTTP and HTTPS protocols. +- User, organization and repository management. +- Repository and organization webhooks, including Slack, Discord and Dingtalk. +- Repository Git hooks, deploy keys and Git LFS. +- Repository issues, pull requests, wiki, protected branches and collaboration. +- Migrate and mirror repositories with wiki from other code hosts. +- Web editor for quick editing repository files and wiki. +- Jupyter Notebook and PDF rendering. +- Authentication via SMTP, LDAP, reverse proxy, GitHub.com and GitHub Enterprise with 2FA. +- Customize HTML templates, static files and many others. +- Rich database backend, including PostgreSQL, MySQL, SQLite3 and TiDB. + **Shipped version:** 0.12.3~ynh1 @@ -28,7 +45,8 @@ Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its part ## Disclaimers / important information ## Notes on SSH usage -If you want to use Gogs with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: + +If you want to use Gogs with SSH and be able to pull/push with you ssh key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: ```bash PubkeyAuthentication yes @@ -48,7 +66,8 @@ Host domain.tld ``` ## Private Mode -Actually it's possible to access to the git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings. + +Actually it's possible to access to the Git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings. ## Documentation and resources diff --git a/README_fr.md b/README_fr.md index 794cf34..9af087f 100644 --- a/README_fr.md +++ b/README_fr.md @@ -11,7 +11,8 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour ## Vue d'ensemble -Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go. Sa particularité est d’être léger et pouvant fonctionner sur carte ARM, ce qui fait qu’il est adapté à l’auto-hébergement. Gogs a une interface web similaire à celle de GitHub. +Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go. Sa particularité est d’être léger et pouvant fonctionner sur carte ARM, ce qui fait qu’il est adapté à l’auto-hébergement. Gogs a une interface web similaire à celle de GitHub. + **Version incluse :** 0.12.3~ynh1 @@ -24,7 +25,8 @@ Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go ## Avertissements / informations importantes ## Notes on SSH usage -If you want to use Gogs with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: + +If you want to use Gogs with SSH and be able to pull/push with you ssh key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: ```bash PubkeyAuthentication yes @@ -44,7 +46,8 @@ Host domain.tld ``` ## Private Mode -Actually it's possible to access to the git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings. + +Actually it's possible to access to the Git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings. ## Documentations et ressources diff --git a/conf/app.ini b/conf/app.ini index a8c1f00..c4bec87 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -1,71 +1,524 @@ ;https://github.com/gogits/gogs/blob/master/conf/app.ini -APP_NAME = Gogs + +; The brand name of the application, can be your company or team name. +BRAND_NAME = Gogs +; The system user who should be running the applications. It has no effect on Windows, +; otherwise, it should match the value of $USER environment variable. RUN_USER = __APP__ +; The running mode of the application, can be either "dev", "prod" or "test". RUN_MODE = prod [server] -DOMAIN = __DOMAIN__ -HTTP_PORT = __PORT__ +; The public-facing URL for the application. EXTERNAL_URL = https://__URL__/ +; The public-facing domain name for the application. +DOMAIN = __DOMAIN__ +; The protocol that is used to serve direct traffic to the application. +; Currently supports "http", "https", "fcgi" and "unix". +PROTOCOL = http +; The address to be listened by the application. HTTP_ADDR = 127.0.0.1 +; The port number to be listened by the application. +HTTP_PORT = __PORT__ +; Generate steps: +; $ ./gogs cert -ca=true -duration=8760h0m0s -host=myhost.example.com +; +; Or from a .pfx file exported from the Windows certificate store (do +; not forget to export the private key): +; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys +; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes +CERT_FILE = custom/https/cert.pem +KEY_FILE = custom/https/key.pem +; The minimum allowed TLS version, currently supports "TLS10", "TLS11", "TLS12", and "TLS13". +TLS_MIN_VERSION = TLS12 +; File permission when serve traffic via Unix domain socket. +UNIX_SOCKET_PERMISSION = 666 +; Local (DMZ) URL for workers (e.g. SSH update) accessing web service. +; In most cases you do not need to change the default value. +; Alter it only if your SSH server node is not the same as HTTP node. +LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/ + +; Whether to disable using CDN for static files regardless. OFFLINE_MODE = false -DISABLE_SSH = false -SSH_PORT = 22 +; Whether to disable logging in router. +DISABLE_ROUTER_LOG = true +; Whether to enable application level GZIP compression. +ENABLE_GZIP = false + +; The path for storing application specific data. APP_DATA_PATH = __DATADIR__/data -LANDING_PAGE = explore +; Whether to enable to load assets (i.e. "conf", "templates", "public") from disk instead of embedded bindata. +LOAD_ASSETS_FROM_DISK = false + +; The landing page URL for anonymous users, the value should not include +; subpath that is handled by the reverse proxy. +LANDING_URL = /explore + +; Whether to disable SSH access to the application entirely. +DISABLE_SSH = false +; The domain name to be exposed in SSH clone URL. +SSH_DOMAIN = %(DOMAIN)s +; The port number to be exposed in SSH clone URL. +SSH_PORT = 22 +; The path of SSH root directory, default is "$HOME/.ssh". +SSH_ROOT_PATH = +; The path to ssh-keygen, default is "ssh-keygen" and let shell find out which one to call. +SSH_KEYGEN_PATH = ssh-keygen +; The directory to create temporary files when test a public key using ssh-keygen, +; default is the system temporary directory. +SSH_KEY_TEST_PATH = +; Whether to check minimum public key size with corresponding type. +MINIMUM_KEY_SIZE_CHECK = false +; Whether to rewrite "~/.ssh/authorized_keys" file at start, ignored when use builtin SSH server. +REWRITE_AUTHORIZED_KEYS_AT_START = false +; Whether to start a builtin SSH server. +START_SSH_SERVER = false +; The network interface for builtin SSH server to listen on. +SSH_LISTEN_HOST = 0.0.0.0 +; The port number for builtin SSH server to listen on. +SSH_LISTEN_PORT = %(SSH_PORT)s +; The list of accepted ciphers for connections to builtin SSH server. +SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128 +; The list of accepted MACs for connections to builtin SSH server. +SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1 + +; Define allowed algorithms and their minimum key length (use -1 to disable a type). +[ssh.minimum_key_sizes] +ED25519 = 256 +ECDSA = 256 +RSA = 2048 +DSA = 1024 [repository] +; The root path for storing managed repositories, default is "~/gogs-repositories" ROOT = __DATADIR__/repositories +; The script type server supports, sometimes could be "sh". +SCRIPT_TYPE = bash +; Default ANSI charset for an unrecognized charset. +ANSI_CHARSET = +; Whether to force every new repository to be private. FORCE_PRIVATE = false +; The global limit of number of repositories a user can create, -1 means no limit. +MAX_CREATION_LIMIT = -1 +; Preferred Licenses to place at the top of the list. +; Name must match file name in "conf/license" or "custom/conf/license". +PREFERRED_LICENSES = Apache License 2.0, MIT License +; Whether to disable Git interaction with repositories via HTTP/HTTPS protocol. +DISABLE_HTTP_GIT = false +; Whether to enable ability to migrate repository by server local path. +ENABLE_LOCAL_PATH_MIGRATION = false +; Whether to enable render mode for raw file. There are potential security risks. +ENABLE_RAW_FILE_RENDER_MODE = false +; The maximum number of goroutines that can be run at the same time for a single +; fetch request. Usually, the value depend of how many CPU (cores) you have. If +; the value is non-positive, it matches the number of CPUs available to the application. +COMMITS_FETCH_CONCURRENCY = 0 + +[repository.editor] +; List of file extensions that should have line wraps in the CodeMirror editor. +; Separate extensions with a comma. +LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd +; Valid file modes that have a preview API associated with them, such as "/api/v1/markdown". +; Separate values by commas. Preview tab in edit mode won't show if the file extension doesn't match. +PREVIEWABLE_FILE_MODES = markdown + +[repository.upload] +; Whether to enable repository file uploads. +ENABLED = true +; The path to temporarily store uploads (content under this path gets wiped out on every start). +TEMP_PATH = __DATADIR__/data/tmp/uploads +; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type. +ALLOWED_TYPES = +; The maximum size of each file in MB. +FILE_MAX_SIZE = 3 +; The maximum number of files per upload. +MAX_FILES = 5 [database] -DB_TYPE = mysql +; The database backend, either "postgres", "mysql" "sqlite3" or "mssql". +; You can connect to TiDB with MySQL protocol. +TYPE = mysql HOST = 127.0.0.1:3306 NAME = __DB_NAME__ USER = __DB_USER__ PASSWORD = __DB_PWD__ +; For "postgres" only, either "disable", "require" or "verify-full". SSL_MODE = disable +; For "sqlite3" only, make sure to use absolute path. PATH = data/gogs.db +; The maximum open connections of the pool. +MAX_OPEN_CONNS = 30 +; The maximum idle connections of the pool. +MAX_IDLE_CONNS = 30 [security] +; Whether to show the install page, set this to "true" to bypass it. INSTALL_LOCK = true +; The secret to encrypt cookie values, 2FA code, etc. +; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!! SECRET_KEY = __KEY__ -REVERSE_PROXY_AUTHENTICATION_USER = REMOTE_USER +; The days remembered for auto-login. +LOGIN_REMEMBER_DAYS = 7 +; The cookie name to store auto-login information. +COOKIE_REMEMBER_NAME = gogs_incredible +; The cookie name to store logged in username. +COOKIE_USERNAME = gogs_awesome +; Whether to set secure cookie. +COOKIE_SECURE = false +; Whether to set cookie to indicate user login status. +ENABLE_LOGIN_STATUS_COOKIE = false +; The cookie name to store user login status. +LOGIN_STATUS_COOKIE_NAME = login_status -[service] -REGISTER_EMAIL_CONFIRM = false -ENABLE_NOTIFY_MAIL = true -DISABLE_REGISTRATION = true -ENABLE_CAPTCHA = false -REQUIRE_SIGNIN_VIEW = false -ENABLE_REVERSE_PROXY_AUTHENTICATION = false -ENABLE_REVERSE_PROXY_AUTO_REGISTERATION = false - -[mailer] +[email] +; Whether to enable the email service. ENABLED = true +; The prefix prepended to the subject line. +SUBJECT_PREFIX = `[%(BRAND_NAME)s] ` +; The SMTP server with its port, e.g. smtp.mailgun.org:587, smtp.gmail.com:587, smtp.qq.com:465 +; If the port ends is "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. +; If the server supports STARTTLS it will always be used. HOST = 127.0.0.1:25 -FROM = "Gitea" +; The email from address (RFC 5322). This can be just an email address, or the `"Name" ` format. +FROM = "Gogs" +; The login user. +USER = "Gogs" +; The login password. +PASSWORD = + +; Whether to disable HELO operation when the hostname is different. +DISABLE_HELO = +; The custom hostname for HELO operation, default is from system. +HELO_HOSTNAME = + +; Whether to skip verifying the certificate of the server. Only use this for self-signed certificates. SKIP_VERIFY = true +; Whether to use client certificates. +USE_CERTIFICATE = false +CERT_FILE = custom/email/cert.pem +KEY_FILE = custom/email/key.pem + +; Whether to use "text/plain" as content format. +USE_PLAIN_TEXT = false +; Whether to attach a plaintext alternative to the MIME message while sending HTML emails. +; It is used to support older mail clients and make spam filters happier. +ADD_PLAIN_TEXT_ALT = false + +[auth] +; The valid duration of activate code in minutes. +ACTIVATE_CODE_LIVES = 180 +; The valid duration of reset password code in minutes. +RESET_PASSWORD_CODE_LIVES = 180 +; Whether to require email confirmation for adding new email addresses. +; Enable this option will also require user to confirm the email for registration. +REQUIRE_EMAIL_CONFIRMATION = false +; Whether to disallow anonymous users visiting the site. +REQUIRE_SIGNIN_VIEW = false +; Whether to disable self-registration. When disabled, accounts would have to be created by admins. +DISABLE_REGISTRATION = true +; Whether to enable captcha validation for registration +ENABLE_REGISTRATION_CAPTCHA = true + +; Whether to enable reverse proxy authentication via HTTP header. +ENABLE_REVERSE_PROXY_AUTHENTICATION = false +; Whether to automatically create new users for reverse proxy authentication. +ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false +; The HTTP header used as username for reverse proxy authentication. +REVERSE_PROXY_AUTHENTICATION_HEADER = X-WEBAUTH-USER + +[user] +; Whether to enable email notifications for users. +ENABLE_EMAIL_NOTIFICATION = false [session] +; The session provider, either "memory", "file", or "redis". PROVIDER = memory +; The configuration for respective provider: +; - memory: does not need any config yet +; - file: session file path, e.g. `data/sessions` +; - redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180 +PROVIDER_CONFIG = data/sessions +; The cookie name to store the session identifier. +COOKIE_NAME = i_like_gogs +; Whether to set cookie in HTTPS only. +COOKIE_SECURE = false +; The GC interval in seconds for session data. +GC_INTERVAL = 3600 +; The maximum life time in seconds for a session. +MAX_LIFE_TIME = 86400 +; The cookie name for CSRF token. +CSRF_COOKIE_NAME = _csrf + +[cache] +; The cache adapter, either "memory", "redis", or "memcache". +ADAPTER = memory +; For "memory" only, GC interval in seconds. +INTERVAL = 60 +; For "redis" and "memcache", connection host address: +; - redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180 +; - memcache: `127.0.0.1:11211` +HOST = + +[http] +; The value for "Access-Control-Allow-Origin" header, default is not to present. +ACCESS_CONTROL_ALLOW_ORIGIN = + +[lfs] +; The storage backend for uploading new objects. +STORAGE = local +; The root path to store LFS objects on local file system. +OBJECTS_PATH = __DATADIR__/data/lfs-objects + +[attachment] +; Whether to enabled upload attachments in general. +ENABLED = true +; The path to store attachments on the file system. +PATH = __DATADIR__/data/attachments +; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type. +ALLOWED_TYPES = image/jpeg|image/png +; The maximum size of each file in MB. +MAX_SIZE = 4 +; The maximum number of files per upload. +MAX_FILES = 5 + +[release.attachment] +; Whether to enabled upload attachments for releases. +ENABLED = true +; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type. +ALLOWED_TYPES = */* +; The maximum size of each file in MB. +MAX_SIZE = 32 +; The maximum number of files per upload. +MAX_FILES = 10 + +[time] +; Specifies the format for fully outputed dates. +; Values should be one of the following: +; ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano. +; For more information about the format see http://golang.org/pkg/time/#pkg-constants. +FORMAT = RFC1123 [picture] +; The path to store user avatars on the file system. AVATAR_UPLOAD_PATH = __DATADIR__/data/avatars +; The path to store repository avatars on the file system. +REPOSITORY_AVATAR_UPLOAD_PATH = __DATADIR__/data/repo-avatars +; Chinese users can use a custom avatar source, such as http://cn.gravatar.com/avatar/. +GRAVATAR_SOURCE = gravatar +; Whether to disable Gravatar, this value will be forced to be true in offline mode. +DISABLE_GRAVATAR = false +; Whether to enable federated avatar lookup uses DNS to discover avatar associated +; with emails, see https://www.libravatar.org for details. +; This value will be forced to be false in offline mode or when Gravatar is disabled. +ENABLE_FEDERATED_AVATAR = false +[markdown] +; Whether to enable hard line break extension. +ENABLE_HARD_LINE_BREAK = false +; The list of custom URL schemes that are allowed as links when rendering Markdown. +; For example, "git" (for "git://") and "magnet" (for "magnet://"). +CUSTOM_URL_SCHEMES = +; The list of file extensions that should be rendered/edited as Markdown. +; Separate extensions with a comma. To render files with no extension as markdown, just put a comma. +FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd + +[smartypants] +; Whether to enable the Smartypants extension. +ENABLED = false +FRACTIONS = true +DASHES = true +LATEX_DASHES = true +ANGLED_QUOTES = true + +[admin] +; Whether to disable regular (non-admin) users to create organizations. +DISABLE_REGULAR_ORG_CREATION = false + +[webhook] +; The list of enabled types for users to use, can be "gogs", "slack", "discord", "dingtalk". +TYPES = gogs, slack, discord, dingtalk +; Deliver timeout in seconds. +DELIVER_TIMEOUT = 15 +; Whether to allow insecure certification. +SKIP_TLS_VERIFY = false +; The number of history information in each page. +PAGING_NUM = 10 + +; General settings of loggers. [log] -MODE = file -LEVEL = Info -ROOT_PATH = /var/log/__APP__ +; The root path for all log files, default is "log/" subdirectory. +ROOT_PATH =/var/log/__APP__ +; Can be "console", "file", "slack" and "discord". +; Use comma to separate multiple modes, e.g. "console, file" +MODE = file +; Buffer length of channel, keep it as it is if you don't know what it is. +BUFFER_LEN = 100 +; Either "Trace", "Info", "Warn", "Error", "Fatal", default is "Trace" +LEVEL = Warn -REDIRECT_MACARON_LOG= true -MACARON = file +; For "console" mode only +[log.console] +; Comment out to inherit +; LEVEL = -ROUTER_LOG_LEVEL = Warn -ROUTER = file +; For "file" mode only +[log.file] +; Comment out to inherit +; LEVEL = +; Whether to enable automated log rotate (switch of following options). +LOG_ROTATE = true +; Whether to segment log files daily. +DAILY_ROTATE = true +; The maximum size shift of single file, default is 28 means 1 << 28 = 256MB. +MAX_SIZE_SHIFT = 28 +; The maximum number of lines of single file. +MAX_LINES = 1000000 +; The expired days of log file (delete after max days). +MAX_DAYS = 7 -ENABLE_ACCESS_LOG = Warn -ACCESS = file +; For "slack" mode only +[log.slack] +; Comment out to inherit +; LEVEL = +; Webhook URL +URL = -ENABLE_XORM_LOG = Warn -XORM = file +[log.discord] +; Comment out to inherit +; LEVEL = +; Webhook URL +URL = +; The username to be displayed in notification. +USERNAME = %(BRAND_NAME)s + +[log.xorm] +; Enable file rotation +ROTATE = true +; Rotate every day +ROTATE_DAILY = true +; Rotate once file size excesses x MB +MAX_SIZE = 100 +; Maximum days to keep logger files +MAX_DAYS = 3 + +[log.gorm] +; Whether to enable file rotation. +ROTATE = true +; Whether to rotate file every day. +ROTATE_DAILY = true +; The maximum file size in MB before next rotate. +MAX_SIZE = 100 +; The maximum days to keep files. +MAX_DAYS = 3 + +[cron] +; Enable running cron tasks periodically. +ENABLED = true +; Run cron tasks when Gogs starts. +RUN_AT_START = false + +[cron.update_mirrors] +; Defines how often the mirror syncer checks if any mirror needs to be synchronized (based on the mirror update interval). +SCHEDULE = @every 10m + +; Repository health check +[cron.repo_health_check] +SCHEDULE = @every 24h +TIMEOUT = 60s +; Arguments for command 'git fsck', e.g. "--unreachable --tags" +; see more on http://git-scm.com/docs/git-fsck/1.7.5 +ARGS = + +; Check repository statistics +[cron.check_repo_stats] +RUN_AT_START = true +SCHEDULE = @every 24h + +; Cleanup repository archives +[cron.repo_archive_cleanup] +RUN_AT_START = false +SCHEDULE = @every 24h +; Time duration to check if archive should be cleaned +OLDER_THAN = 24h + +[git] +; Disables highlight of added and removed changes +DISABLE_DIFF_HIGHLIGHT = false +; Max number of files shown in diff view +MAX_GIT_DIFF_FILES = 100 +; Max number of lines allowed of a single file in diff view +MAX_GIT_DIFF_LINES = 1000 +; Max number of characters of a line allowed in diff view +MAX_GIT_DIFF_LINE_CHARACTERS = 2000 +; Arguments for command 'git gc', e.g. "--aggressive --auto" +; see more on http://git-scm.com/docs/git-gc/1.7.5 +GC_ARGS = + +; Operation timeout in seconds +[git.timeout] +MIGRATE = 600 +MIRROR = 300 +CLONE = 300 +PULL = 300 +DIFF = 60 +GC = 60 + +[mirror] +; Defines the default interval (in hours) until the next sync for a mirror (after a successful mirror sync). +; It can be overridden individually for each mirror repository in the settings. +DEFAULT_INTERVAL = 8 + +[api] +; Max number of items will response in a page +MAX_RESPONSE_ITEMS = 50 + +[ui] +; Number of repositories that are showed in one explore page +EXPLORE_PAGING_NUM = 20 +; Number of issues that are showed in one page +ISSUE_PAGING_NUM = 10 +; Number of maximum commits showed in one activity feed +FEED_MAX_COMMIT_NUM = 5 +; Value of "theme-color" meta tag, used by Android >= 5.0 +; An invalid color like "none" or "disable" will have the default style +; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android +THEME_COLOR_META_TAG = `#ff5343` +; Max size in bytes of files to be displayed (default is 8MB) +MAX_DISPLAY_FILE_SIZE = 8388608 + +[ui.admin] +; Number of users that are showed in one page +USER_PAGING_NUM = 50 +; Number of repos that are showed in one page +REPO_PAGING_NUM = 50 +; Number of notices that are showed in one page +NOTICE_PAGING_NUM = 25 +; Number of organization that are showed in one page +ORG_PAGING_NUM = 50 + +[ui.user] +; Number of repos that are showed in one page +REPO_PAGING_NUM = 15 +; Number of news feeds that are showed in one page +NEWS_FEED_PAGING_NUM = 20 +; Number of commits that are showed in one page +COMMITS_PAGING_NUM = 30 + +[prometheus] +; Whether to enable Prometheus metrics. +ENABLED = false +; Whether to enable HTTP Basic Authentication to protect metrics data. +ENABLE_BASIC_AUTH = false +; The username for HTTP Basic Authentication. +BASIC_AUTH_USERNAME = +; The password for HTTP Basic Authentication. +BASIC_AUTH_PASSWORD = + +; Extension mapping to highlight class +; e.g. .toml=ini +[highlight.mapping] + +[other] +SHOW_FOOTER_BRANDING = false +; Show time of template execution in the footer +SHOW_FOOTER_TEMPLATE_LOAD_TIME = true diff --git a/conf/nginx.conf b/conf/nginx.conf index 066093b..6d21f56 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,12 +1,11 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - - proxy_pass http://127.0.0.1:__PORT__/; - proxy_set_header Host $host; - proxy_buffering off; - fastcgi_param REMOTE_USER $remote_user; - client_max_body_size 200M; - proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://localhost:__PORT__/; + proxy_set_header Host $host; + proxy_buffering off; + fastcgi_param REMOTE_USER $remote_user; + client_max_body_size 200M; + proxy_set_header X-Real-IP $remote_addr; # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; diff --git a/conf/systemd.service b/conf/systemd.service index ea676ee..f277cdc 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,10 +6,10 @@ After=syslog.target network.target mysql.service slapd.service redis.service Type=simple User=__APP__ Group=__APP__ -WorkingDirectory=/home/yunohost.app/__APP__ +WorkingDirectory=__DATADIR__ ExecStart=__FINALPATH__/gogs web Restart=always -Environment=USER=__APP__ HOME=/home/yunohost.app/__APP__ +Environment=USER=__APP__ HOME=__DATADIR__ [Install] WantedBy=multi-user.target diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md index 9299456..671b82e 100644 --- a/doc/DESCRIPTION.md +++ b/doc/DESCRIPTION.md @@ -1 +1,17 @@ -Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its particularity is that it is light and can run on an ARM card, which makes it suitable for self-hosting. Gogs has a web interface similar to that of GitHub. \ No newline at end of file +Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its particularity is that it is light and can run on an ARM card, which makes it suitable for self-hosting. Gogs has a web interface similar to that of GitHub. + + +### Features + +- User dashboard, user profile and activity timeline. +- Access repositories via SSH, HTTP and HTTPS protocols. +- User, organization and repository management. +- Repository and organization webhooks, including Slack, Discord and Dingtalk. +- Repository Git hooks, deploy keys and Git LFS. +- Repository issues, pull requests, wiki, protected branches and collaboration. +- Migrate and mirror repositories with wiki from other code hosts. +- Web editor for quick editing repository files and wiki. +- Jupyter Notebook and PDF rendering. +- Authentication via SMTP, LDAP, reverse proxy, GitHub.com and GitHub Enterprise with 2FA. +- Customize HTML templates, static files and many others. +- Rich database backend, including PostgreSQL, MySQL, SQLite3 and TiDB. diff --git a/doc/DESCRIPTION_fr.md b/doc/DESCRIPTION_fr.md index 9c5e9cb..2e694fe 100644 --- a/doc/DESCRIPTION_fr.md +++ b/doc/DESCRIPTION_fr.md @@ -1 +1 @@ -Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go. Sa particularité est d’être léger et pouvant fonctionner sur carte ARM, ce qui fait qu’il est adapté à l’auto-hébergement. Gogs a une interface web similaire à celle de GitHub. \ No newline at end of file +Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go. Sa particularité est d’être léger et pouvant fonctionner sur carte ARM, ce qui fait qu’il est adapté à l’auto-hébergement. Gogs a une interface web similaire à celle de GitHub. diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index 8912b8b..044c1b0 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -1,5 +1,6 @@ ## Notes on SSH usage -If you want to use Gogs with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: + +If you want to use Gogs with SSH and be able to pull/push with you ssh key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: ```bash PubkeyAuthentication yes @@ -19,4 +20,5 @@ Host domain.tld ``` ## Private Mode -Actually it's possible to access to the git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings. + +Actually it's possible to access to the Git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings. diff --git a/manifest.json b/manifest.json index 03cde0a..fd78503 100644 --- a/manifest.json +++ b/manifest.json @@ -3,8 +3,8 @@ "id": "gogs", "packaging_format": 1, "description": { - "en": "Lightweight Git forge", - "fr": "Forge Git légère" + "en": "Lightweight self-hosted Git forge", + "fr": "Forge Git légère auto-hébergé" }, "version": "0.12.3~ynh1", "url": "http://gogs.io", @@ -51,6 +51,10 @@ { "name": "is_public", "type": "boolean", + "help": { + "en": "If enabled, Gogs will be accessible by people who do not have an account. This can be changed later via the webadmin.", + "fr": "Si cette case est cochée, Gogs sera accessible aux personnes n’ayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin." + }, "default": true } ] diff --git a/scripts/change_url b/scripts/change_url index 3c3015d..da7c4f7 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -35,6 +35,7 @@ db_user=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) key=$(ynh_app_setting_get --app=$app --key=key) datadir=$(ynh_app_setting_get --app=$app --key=datadir) +path_url=$(ynh_app_setting_get --app=$app --key=path) #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP @@ -125,8 +126,6 @@ ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/co chmod 400 "$final_path/custom/conf/app.ini" chown $app:$app "$final_path/custom/conf/app.ini" -ynh_add_config --template="../conf/ldap.conf" --destination="$final_path/custom/conf/auth.d/ldap.conf" - #================================================= # GENERIC FINALISATION #================================================= diff --git a/scripts/install b/scripts/install index de268c9..14a969f 100644 --- a/scripts/install +++ b/scripts/install @@ -103,19 +103,16 @@ ynh_app_setting_set --app=$app --key=datadir --value=$datadir mkdir -p $datadir +# create needed directories +mkdir -p "$final_path/custom/conf/auth.d" +mkdir -p "$datadir/data/repositories" +mkdir -p "$datadir/data/avatars" +mkdir -p "$datadir/data/attachments" + chmod 750 "$datadir" chmod -R o-rwx "$datadir" chown -R $app:www-data "$datadir" -repo_path="$datadir/repositories" -data_path="$datadir/data" - -# create needed directories -mkdir -p "$final_path/data" -mkdir -p "$final_path/custom/conf/auth.d" -mkdir -p "$datadir/data/avatars" -mkdir -p "$datadir/data/attachments" - #================================================= # MODIFY A CONFIG FILE #================================================= diff --git a/scripts/restore b/scripts/restore index bf6b898..05ea48d 100644 --- a/scripts/restore +++ b/scripts/restore @@ -36,8 +36,7 @@ datadir=$(ynh_app_setting_get --app=$app --key=datadir) #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=2 -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " +test ! -d $final_path || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS