From 780481758ba4ae8c14e325a8b2bb42e73ad3f657 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 12:10:08 +0100 Subject: [PATCH 01/24] Fix --- conf/systemd.service | 4 ++-- scripts/change_url | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/conf/systemd.service b/conf/systemd.service index ea676ee..f277cdc 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,10 +6,10 @@ After=syslog.target network.target mysql.service slapd.service redis.service Type=simple User=__APP__ Group=__APP__ -WorkingDirectory=/home/yunohost.app/__APP__ +WorkingDirectory=__DATADIR__ ExecStart=__FINALPATH__/gogs web Restart=always -Environment=USER=__APP__ HOME=/home/yunohost.app/__APP__ +Environment=USER=__APP__ HOME=__DATADIR__ [Install] WantedBy=multi-user.target diff --git a/scripts/change_url b/scripts/change_url index 3c3015d..0f6fe08 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -125,7 +125,7 @@ ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/co chmod 400 "$final_path/custom/conf/app.ini" chown $app:$app "$final_path/custom/conf/app.ini" -ynh_add_config --template="../conf/ldap.conf" --destination="$final_path/custom/conf/auth.d/ldap.conf" +#ynh_add_config --template="../conf/ldap.conf" --destination="$final_path/custom/conf/auth.d/ldap.conf" #================================================= # GENERIC FINALISATION From 8aa1b259aa7923325e16a2de2c96f0f53b56f3ef Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 12:12:06 +0100 Subject: [PATCH 02/24] Fix --- scripts/change_url | 2 -- scripts/restore | 3 +-- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/scripts/change_url b/scripts/change_url index 0f6fe08..5d83785 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -125,8 +125,6 @@ ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/co chmod 400 "$final_path/custom/conf/app.ini" chown $app:$app "$final_path/custom/conf/app.ini" -#ynh_add_config --template="../conf/ldap.conf" --destination="$final_path/custom/conf/auth.d/ldap.conf" - #================================================= # GENERIC FINALISATION #================================================= diff --git a/scripts/restore b/scripts/restore index bf6b898..05ea48d 100644 --- a/scripts/restore +++ b/scripts/restore @@ -36,8 +36,7 @@ datadir=$(ynh_app_setting_get --app=$app --key=datadir) #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=2 -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " +test ! -d $final_path || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS From 14d4cf874d1f5d5bffeccddd935ec178ce3f3cb1 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 12:24:51 +0100 Subject: [PATCH 03/24] Fix --- conf/app.ini | 2 +- conf/nginx.conf | 13 ++++++------- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/conf/app.ini b/conf/app.ini index 061c412..1a37330 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -6,7 +6,7 @@ RUN_MODE = prod [server] DOMAIN = __DOMAIN__ HTTP_PORT = __PORT__ -ROOT_URL = https://__URL__/ +EXTERNAL_URL = https://__URL__/ HTTP_ADDR = 127.0.0.1 OFFLINE_MODE = false DISABLE_SSH = false diff --git a/conf/nginx.conf b/conf/nginx.conf index 066093b..6d21f56 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,12 +1,11 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - - proxy_pass http://127.0.0.1:__PORT__/; - proxy_set_header Host $host; - proxy_buffering off; - fastcgi_param REMOTE_USER $remote_user; - client_max_body_size 200M; - proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://localhost:__PORT__/; + proxy_set_header Host $host; + proxy_buffering off; + fastcgi_param REMOTE_USER $remote_user; + client_max_body_size 200M; + proxy_set_header X-Real-IP $remote_addr; # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; From 0980cdc30ccd4c5323b585fc2c39f9b330c23972 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 12:33:53 +0100 Subject: [PATCH 04/24] Fix --- doc/DESCRIPTION.md | 18 +++++++++++++++++- doc/DESCRIPTION_fr.md | 2 +- doc/DISCLAIMER.md | 6 ++++-- 3 files changed, 22 insertions(+), 4 deletions(-) diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md index 9299456..671b82e 100644 --- a/doc/DESCRIPTION.md +++ b/doc/DESCRIPTION.md @@ -1 +1,17 @@ -Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its particularity is that it is light and can run on an ARM card, which makes it suitable for self-hosting. Gogs has a web interface similar to that of GitHub. \ No newline at end of file +Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its particularity is that it is light and can run on an ARM card, which makes it suitable for self-hosting. Gogs has a web interface similar to that of GitHub. + + +### Features + +- User dashboard, user profile and activity timeline. +- Access repositories via SSH, HTTP and HTTPS protocols. +- User, organization and repository management. +- Repository and organization webhooks, including Slack, Discord and Dingtalk. +- Repository Git hooks, deploy keys and Git LFS. +- Repository issues, pull requests, wiki, protected branches and collaboration. +- Migrate and mirror repositories with wiki from other code hosts. +- Web editor for quick editing repository files and wiki. +- Jupyter Notebook and PDF rendering. +- Authentication via SMTP, LDAP, reverse proxy, GitHub.com and GitHub Enterprise with 2FA. +- Customize HTML templates, static files and many others. +- Rich database backend, including PostgreSQL, MySQL, SQLite3 and TiDB. diff --git a/doc/DESCRIPTION_fr.md b/doc/DESCRIPTION_fr.md index 9c5e9cb..2e694fe 100644 --- a/doc/DESCRIPTION_fr.md +++ b/doc/DESCRIPTION_fr.md @@ -1 +1 @@ -Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go. Sa particularité est d’être léger et pouvant fonctionner sur carte ARM, ce qui fait qu’il est adapté à l’auto-hébergement. Gogs a une interface web similaire à celle de GitHub. \ No newline at end of file +Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go. Sa particularité est d’être léger et pouvant fonctionner sur carte ARM, ce qui fait qu’il est adapté à l’auto-hébergement. Gogs a une interface web similaire à celle de GitHub. diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index 8912b8b..044c1b0 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -1,5 +1,6 @@ ## Notes on SSH usage -If you want to use Gogs with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: + +If you want to use Gogs with SSH and be able to pull/push with you ssh key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: ```bash PubkeyAuthentication yes @@ -19,4 +20,5 @@ Host domain.tld ``` ## Private Mode -Actually it's possible to access to the git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings. + +Actually it's possible to access to the Git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings. From c75994b5c43be7df9f78c8382e318554b231c427 Mon Sep 17 00:00:00 2001 From: Yunohost-Bot <> Date: Fri, 26 Nov 2021 11:34:01 +0000 Subject: [PATCH 05/24] Auto-update README --- README.md | 25 ++++++++++++++++++++++--- README_fr.md | 9 ++++++--- 2 files changed, 28 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 1a84b5c..4691c1b 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,24 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in ## Overview -Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its particularity is that it is light and can run on an ARM card, which makes it suitable for self-hosting. Gogs has a web interface similar to that of GitHub. +Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its particularity is that it is light and can run on an ARM card, which makes it suitable for self-hosting. Gogs has a web interface similar to that of GitHub. + + +### Features + +- User dashboard, user profile and activity timeline. +- Access repositories via SSH, HTTP and HTTPS protocols. +- User, organization and repository management. +- Repository and organization webhooks, including Slack, Discord and Dingtalk. +- Repository Git hooks, deploy keys and Git LFS. +- Repository issues, pull requests, wiki, protected branches and collaboration. +- Migrate and mirror repositories with wiki from other code hosts. +- Web editor for quick editing repository files and wiki. +- Jupyter Notebook and PDF rendering. +- Authentication via SMTP, LDAP, reverse proxy, GitHub.com and GitHub Enterprise with 2FA. +- Customize HTML templates, static files and many others. +- Rich database backend, including PostgreSQL, MySQL, SQLite3 and TiDB. + **Shipped version:** 0.12.3~ynh1 @@ -28,7 +45,8 @@ Gogs (Go Git Service) is a git-based multiplatform forge written in Go. Its part ## Disclaimers / important information ## Notes on SSH usage -If you want to use Gogs with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: + +If you want to use Gogs with SSH and be able to pull/push with you ssh key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: ```bash PubkeyAuthentication yes @@ -48,7 +66,8 @@ Host domain.tld ``` ## Private Mode -Actually it's possible to access to the git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings. + +Actually it's possible to access to the Git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings. ## Documentation and resources diff --git a/README_fr.md b/README_fr.md index 794cf34..9af087f 100644 --- a/README_fr.md +++ b/README_fr.md @@ -11,7 +11,8 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour ## Vue d'ensemble -Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go. Sa particularité est d’être léger et pouvant fonctionner sur carte ARM, ce qui fait qu’il est adapté à l’auto-hébergement. Gogs a une interface web similaire à celle de GitHub. +Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go. Sa particularité est d’être léger et pouvant fonctionner sur carte ARM, ce qui fait qu’il est adapté à l’auto-hébergement. Gogs a une interface web similaire à celle de GitHub. + **Version incluse :** 0.12.3~ynh1 @@ -24,7 +25,8 @@ Gogs (Go Git Service) est une forge multiplateforme basée sur git écrite en Go ## Avertissements / informations importantes ## Notes on SSH usage -If you want to use Gogs with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: + +If you want to use Gogs with SSH and be able to pull/push with you ssh key, your SSH daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: ```bash PubkeyAuthentication yes @@ -44,7 +46,8 @@ Host domain.tld ``` ## Private Mode -Actually it's possible to access to the git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings. + +Actually it's possible to access to the Git repositories by the `git` command over http also in private mode installation. It's important to know that in this mode the repository could be ALSO getted if you don't set the repository as private in the repos settings. ## Documentations et ressources From 6d7c9e623d296c30088ba68f970ad7d7b31ef615 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 12:58:39 +0100 Subject: [PATCH 06/24] Update change_url --- scripts/change_url | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/change_url b/scripts/change_url index 5d83785..da7c4f7 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -35,6 +35,7 @@ db_user=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) key=$(ynh_app_setting_get --app=$app --key=key) datadir=$(ynh_app_setting_get --app=$app --key=datadir) +path_url=$(ynh_app_setting_get --app=$app --key=path) #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP From 5a76379cbc727ce47fe8756d161418b0c73949bf Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 13:46:16 +0100 Subject: [PATCH 07/24] Update ldap.conf --- conf/ldap.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/ldap.conf b/conf/ldap.conf index 52ea4a3..d9449f6 100644 --- a/conf/ldap.conf +++ b/conf/ldap.conf @@ -2,7 +2,7 @@ # id = 1 type = ldap_bind_dn -name = Yunohost LDAP +name = YunoHost LDAP is_activated = true [config] From 6983ebd5241b9f4601dc4ba17167419a75f776a2 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 13:59:30 +0100 Subject: [PATCH 08/24] Update app.ini --- conf/app.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/app.ini b/conf/app.ini index 1a37330..eee21d7 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -44,7 +44,7 @@ ENABLE_REVERSE_PROXY_AUTO_REGISTERATION = false [mailer] ENABLED = true HOST = 127.0.0.1:25 -FROM = "Gitea" +FROM = "Gogs" SKIP_VERIFY = true [session] From d38f97b1670e7920b9b050926d8d14efee6a8027 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 14:16:27 +0100 Subject: [PATCH 09/24] Update app.ini --- conf/app.ini | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/conf/app.ini b/conf/app.ini index eee21d7..90cdfc3 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -1,31 +1,35 @@ ;https://github.com/gogits/gogs/blob/master/conf/app.ini -APP_NAME = Gogs +BRAND_NAME = Gogs RUN_USER = __APP__ RUN_MODE = prod [server] +EXTERNAL_URL = https://__URL__/ DOMAIN = __DOMAIN__ HTTP_PORT = __PORT__ -EXTERNAL_URL = https://__URL__/ HTTP_ADDR = 127.0.0.1 OFFLINE_MODE = false DISABLE_SSH = false SSH_PORT = 22 APP_DATA_PATH = __DATADIR__/data LANDING_PAGE = explore +CERT_FILE = /etc/yunohost/certs/__DOMAIN__/crt.pem +KEY_FILE = /etc/yunohost/certs/__DOMAIN__/key.pem [repository] ROOT = __DATADIR__/repositories FORCE_PRIVATE = false +[repository.editor] +LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd +PREVIEWABLE_FILE_MODES = markdown + [database] DB_TYPE = mysql HOST = 127.0.0.1:3306 NAME = __DB_NAME__ USER = __DB_USER__ PASSWD = __DB_PWD__ -SSL_MODE = disable -PATH = data/gogs.db [security] INSTALL_LOCK = true @@ -41,7 +45,7 @@ REQUIRE_SIGNIN_VIEW = false ENABLE_REVERSE_PROXY_AUTHENTICATION = false ENABLE_REVERSE_PROXY_AUTO_REGISTERATION = false -[mailer] +[email] ENABLED = true HOST = 127.0.0.1:25 FROM = "Gogs" From 39f7c2a7328f1a63ae7fa7dcf032d196d61c072f Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 15:13:19 +0100 Subject: [PATCH 10/24] Update app.ini --- conf/app.ini | 564 +++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 542 insertions(+), 22 deletions(-) diff --git a/conf/app.ini b/conf/app.ini index 90cdfc3..2d1d897 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -1,75 +1,595 @@ ;https://github.com/gogits/gogs/blob/master/conf/app.ini +<<<<<<< Updated upstream BRAND_NAME = Gogs +======= + +; The brand name of the application, can be your company or team name. +BRAND_NAME = Gogs +; The system user who should be running the applications. It has no effect on Windows, +; otherwise, it should match the value of $USER environment variable. +>>>>>>> Stashed changes RUN_USER = __APP__ +; The running mode of the application, can be either "dev", "prod" or "test". RUN_MODE = prod [server] +<<<<<<< Updated upstream EXTERNAL_URL = https://__URL__/ DOMAIN = __DOMAIN__ HTTP_PORT = __PORT__ +======= +; The public-facing URL for the application. +EXTERNAL_URL = https://__URL__/ +; The public-facing domain name for the application. +DOMAIN = __DOMAIN__ +; The protocol that is used to serve direct traffic to the application. +; Currently supports "http", "https", "fcgi" and "unix". +PROTOCOL = http +; The address to be listened by the application. +>>>>>>> Stashed changes HTTP_ADDR = 127.0.0.1 +; The port number to be listened by the application. +HTTP_PORT = __PORT__ +; Generate steps: +; $ ./gogs cert -ca=true -duration=8760h0m0s -host=myhost.example.com +; +; Or from a .pfx file exported from the Windows certificate store (do +; not forget to export the private key): +; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys +; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes +CERT_FILE = custom/https/cert.pem +KEY_FILE = custom/https/key.pem +; The minimum allowed TLS version, currently supports "TLS10", "TLS11", "TLS12", and "TLS13". +TLS_MIN_VERSION = TLS12 +; File permission when serve traffic via Unix domain socket. +UNIX_SOCKET_PERMISSION = 666 +; Local (DMZ) URL for workers (e.g. SSH update) accessing web service. +; In most cases you do not need to change the default value. +; Alter it only if your SSH server node is not the same as HTTP node. +LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/ + +; Whether to disable using CDN for static files regardless. OFFLINE_MODE = false +; Whether to disable logging in router. +DISABLE_ROUTER_LOG = true +; Whether to enable application level GZIP compression. +ENABLE_GZIP = false + +; The path for storing application specific data. +APP_DATA_PATH = __DATADIR__/data +; Whether to enable to load assets (i.e. "conf", "templates", "public") from disk instead of embedded bindata. +LOAD_ASSETS_FROM_DISK = false + +; The landing page URL for anonymous users, the value should not include +; subpath that is handled by the reverse proxy. +LANDING_URL = / + +; Whether to disable SSH access to the application entirely. DISABLE_SSH = false +; The domain name to be exposed in SSH clone URL. +SSH_DOMAIN = %(DOMAIN)s +; The port number to be exposed in SSH clone URL. SSH_PORT = 22 +<<<<<<< Updated upstream APP_DATA_PATH = __DATADIR__/data LANDING_PAGE = explore CERT_FILE = /etc/yunohost/certs/__DOMAIN__/crt.pem KEY_FILE = /etc/yunohost/certs/__DOMAIN__/key.pem +======= +; The path of SSH root directory, default is "$HOME/.ssh". +SSH_ROOT_PATH = +; The path to ssh-keygen, default is "ssh-keygen" and let shell find out which one to call. +SSH_KEYGEN_PATH = ssh-keygen +; The directory to create temporary files when test a public key using ssh-keygen, +; default is the system temporary directory. +SSH_KEY_TEST_PATH = +; Whether to check minimum public key size with corresponding type. +MINIMUM_KEY_SIZE_CHECK = false +; Whether to rewrite "~/.ssh/authorized_keys" file at start, ignored when use builtin SSH server. +REWRITE_AUTHORIZED_KEYS_AT_START = false +; Whether to start a builtin SSH server. +START_SSH_SERVER = false +; The network interface for builtin SSH server to listen on. +SSH_LISTEN_HOST = 0.0.0.0 +; The port number for builtin SSH server to listen on. +SSH_LISTEN_PORT = %(SSH_PORT)s +; The list of accepted ciphers for connections to builtin SSH server. +SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128 +; The list of accepted MACs for connections to builtin SSH server. +SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1 + +; Define allowed algorithms and their minimum key length (use -1 to disable a type). +[ssh.minimum_key_sizes] +ED25519 = 256 +ECDSA = 256 +RSA = 2048 +DSA = 1024 +>>>>>>> Stashed changes [repository] +; The root path for storing managed repositories, default is "~/gogs-repositories" ROOT = __DATADIR__/repositories +; The script type server supports, sometimes could be "sh". +SCRIPT_TYPE = bash +; Default ANSI charset for an unrecognized charset. +ANSI_CHARSET = +; Whether to force every new repository to be private. FORCE_PRIVATE = false +; The global limit of number of repositories a user can create, -1 means no limit. +MAX_CREATION_LIMIT = -1 +; Preferred Licenses to place at the top of the list. +; Name must match file name in "conf/license" or "custom/conf/license". +PREFERRED_LICENSES = Apache License 2.0, MIT License +; Whether to disable Git interaction with repositories via HTTP/HTTPS protocol. +DISABLE_HTTP_GIT = false +; Whether to enable ability to migrate repository by server local path. +ENABLE_LOCAL_PATH_MIGRATION = false +; Whether to enable render mode for raw file. There are potential security risks. +ENABLE_RAW_FILE_RENDER_MODE = false +; The maximum number of goroutines that can be run at the same time for a single +; fetch request. Usually, the value depend of how many CPU (cores) you have. If +; the value is non-positive, it matches the number of CPUs available to the application. +COMMITS_FETCH_CONCURRENCY = 0 + +[repository.editor] +; List of file extensions that should have line wraps in the CodeMirror editor. +; Separate extensions with a comma. +LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd +; Valid file modes that have a preview API associated with them, such as "/api/v1/markdown". +; Separate values by commas. Preview tab in edit mode won't show if the file extension doesn't match. +PREVIEWABLE_FILE_MODES = markdown + +[repository.upload] +; Whether to enable repository file uploads. +ENABLED = true +; The path to temporarily store uploads (content under this path gets wiped out on every start). +TEMP_PATH = __DATADIR__/data/tmp/uploads +; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type. +ALLOWED_TYPES = +; The maximum size of each file in MB. +FILE_MAX_SIZE = 3 +; The maximum number of files per upload. +MAX_FILES = 5 [repository.editor] LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd PREVIEWABLE_FILE_MODES = markdown [database] -DB_TYPE = mysql +; The database backend, either "postgres", "mysql" "sqlite3" or "mssql". +; You can connect to TiDB with MySQL protocol. +TYPE = mysql HOST = 127.0.0.1:3306 NAME = __DB_NAME__ USER = __DB_USER__ +<<<<<<< Updated upstream PASSWD = __DB_PWD__ +======= +PASSWORD = __DB_PWD__ +; For "postgres" only, either "disable", "require" or "verify-full". +SSL_MODE = disable +; For "sqlite3" only, make sure to use absolute path. +PATH = data/gogs.db +; The maximum open connections of the pool. +MAX_OPEN_CONNS = 30 +; The maximum idle connections of the pool. +MAX_IDLE_CONNS = 30 +>>>>>>> Stashed changes [security] +; Whether to show the install page, set this to "true" to bypass it. INSTALL_LOCK = true +; The secret to encrypt cookie values, 2FA code, etc. +; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!! SECRET_KEY = __KEY__ -REVERSE_PROXY_AUTHENTICATION_USER = REMOTE_USER - -[service] -REGISTER_EMAIL_CONFIRM = false -ENABLE_NOTIFY_MAIL = true -DISABLE_REGISTRATION = true -ENABLE_CAPTCHA = false -REQUIRE_SIGNIN_VIEW = false -ENABLE_REVERSE_PROXY_AUTHENTICATION = false -ENABLE_REVERSE_PROXY_AUTO_REGISTERATION = false +; The days remembered for auto-login. +LOGIN_REMEMBER_DAYS = 7 +; The cookie name to store auto-login information. +COOKIE_REMEMBER_NAME = gogs_incredible +; The cookie name to store logged in username. +COOKIE_USERNAME = gogs_awesome +; Whether to set secure cookie. +COOKIE_SECURE = false +; Whether to set cookie to indicate user login status. +ENABLE_LOGIN_STATUS_COOKIE = false +; The cookie name to store user login status. +LOGIN_STATUS_COOKIE_NAME = login_status [email] +<<<<<<< Updated upstream +======= +; Whether to enable the email service. +>>>>>>> Stashed changes ENABLED = true +; The prefix prepended to the subject line. +SUBJECT_PREFIX = `[%(BRAND_NAME)s] ` +; The SMTP server with its port, e.g. smtp.mailgun.org:587, smtp.gmail.com:587, smtp.qq.com:465 +; If the port ends is "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. +; If the server supports STARTTLS it will always be used. HOST = 127.0.0.1:25 +<<<<<<< Updated upstream FROM = "Gogs" +======= +; The email from address (RFC 5322). This can be just an email address, or the `"Name" ` format. +FROM = "Gogs" +; The login user. +USER = +; The login password. +PASSWORD = + +; Whether to disable HELO operation when the hostname is different. +DISABLE_HELO = +; The custom hostname for HELO operation, default is from system. +HELO_HOSTNAME = + +; Whether to skip verifying the certificate of the server. Only use this for self-signed certificates. +>>>>>>> Stashed changes SKIP_VERIFY = true +; Whether to use client certificates. +USE_CERTIFICATE = false +CERT_FILE = custom/email/cert.pem +KEY_FILE = custom/email/key.pem + +; Whether to use "text/plain" as content format. +USE_PLAIN_TEXT = false +; Whether to attach a plaintext alternative to the MIME message while sending HTML emails. +; It is used to support older mail clients and make spam filters happier. +ADD_PLAIN_TEXT_ALT = false + +[auth] +; The valid duration of activate code in minutes. +ACTIVATE_CODE_LIVES = 180 +; The valid duration of reset password code in minutes. +RESET_PASSWORD_CODE_LIVES = 180 +; Whether to require email confirmation for adding new email addresses. +; Enable this option will also require user to confirm the email for registration. +REQUIRE_EMAIL_CONFIRMATION = false +; Whether to disallow anonymous users visiting the site. +REQUIRE_SIGNIN_VIEW = false +; Whether to disable self-registration. When disabled, accounts would have to be created by admins. +DISABLE_REGISTRATION = true +; Whether to enable captcha validation for registration +ENABLE_REGISTRATION_CAPTCHA = true + +; Whether to enable reverse proxy authentication via HTTP header. +ENABLE_REVERSE_PROXY_AUTHENTICATION = false +; Whether to automatically create new users for reverse proxy authentication. +ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false +; The HTTP header used as username for reverse proxy authentication. +REVERSE_PROXY_AUTHENTICATION_HEADER = X-WEBAUTH-USER + + +[user] +; Whether to enable email notifications for users. +ENABLE_EMAIL_NOTIFICATION = false [session] +; The session provider, either "memory", "file", or "redis". PROVIDER = memory +; The configuration for respective provider: +; - memory: does not need any config yet +; - file: session file path, e.g. `data/sessions` +; - redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180 +PROVIDER_CONFIG = data/sessions +; The cookie name to store the session identifier. +COOKIE_NAME = i_like_gogs +; Whether to set cookie in HTTPS only. +COOKIE_SECURE = false +; The GC interval in seconds for session data. +GC_INTERVAL = 3600 +; The maximum life time in seconds for a session. +MAX_LIFE_TIME = 86400 +; The cookie name for CSRF token. +CSRF_COOKIE_NAME = _csrf + +[cache] +; The cache adapter, either "memory", "redis", or "memcache". +ADAPTER = memory +; For "memory" only, GC interval in seconds. +INTERVAL = 60 +; For "redis" and "memcache", connection host address: +; - redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180 +; - memcache: `127.0.0.1:11211` +HOST = + +[http] +; The value for "Access-Control-Allow-Origin" header, default is not to present. +ACCESS_CONTROL_ALLOW_ORIGIN = + +[lfs] +; The storage backend for uploading new objects. +STORAGE = local +; The root path to store LFS objects on local file system. +OBJECTS_PATH = data/lfs-objects + +[attachment] +; Whether to enabled upload attachments in general. +ENABLED = true +; The path to store attachments on the file system. +PATH = data/attachments +; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type. +ALLOWED_TYPES = image/jpeg|image/png +; The maximum size of each file in MB. +MAX_SIZE = 4 +; The maximum number of files per upload. +MAX_FILES = 5 + +[release.attachment] +; Whether to enabled upload attachments for releases. +ENABLED = true +; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type. +ALLOWED_TYPES = */* +; The maximum size of each file in MB. +MAX_SIZE = 32 +; The maximum number of files per upload. +MAX_FILES = 10 + +[time] +; Specifies the format for fully outputed dates. +; Values should be one of the following: +; ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano. +; For more information about the format see http://golang.org/pkg/time/#pkg-constants. +FORMAT = RFC1123 [picture] +; The path to store user avatars on the file system. AVATAR_UPLOAD_PATH = __DATADIR__/data/avatars +; The path to store repository avatars on the file system. +REPOSITORY_AVATAR_UPLOAD_PATH = __DATADIR__/data/repo-avatars +; Chinese users can use a custom avatar source, such as http://cn.gravatar.com/avatar/. +GRAVATAR_SOURCE = gravatar +; Whether to disable Gravatar, this value will be forced to be true in offline mode. +DISABLE_GRAVATAR = false +; Whether to enable federated avatar lookup uses DNS to discover avatar associated +; with emails, see https://www.libravatar.org for details. +; This value will be forced to be false in offline mode or when Gravatar is disabled. +ENABLE_FEDERATED_AVATAR = false +[markdown] +; Whether to enable hard line break extension. +ENABLE_HARD_LINE_BREAK = false +; The list of custom URL schemes that are allowed as links when rendering Markdown. +; For example, "git" (for "git://") and "magnet" (for "magnet://"). +CUSTOM_URL_SCHEMES = +; The list of file extensions that should be rendered/edited as Markdown. +; Separate extensions with a comma. To render files with no extension as markdown, just put a comma. +FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd + +[smartypants] +; Whether to enable the Smartypants extension. +ENABLED = false +FRACTIONS = true +DASHES = true +LATEX_DASHES = true +ANGLED_QUOTES = true + +[admin] +; Whether to disable regular (non-admin) users to create organizations. +DISABLE_REGULAR_ORG_CREATION = false + +[webhook] +; The list of enabled types for users to use, can be "gogs", "slack", "discord", "dingtalk". +TYPES = gogs, slack, discord, dingtalk +; Deliver timeout in seconds. +DELIVER_TIMEOUT = 15 +; Whether to allow insecure certification. +SKIP_TLS_VERIFY = false +; The number of history information in each page. +PAGING_NUM = 10 + +; General settings of loggers. [log] -MODE = file -LEVEL = Info -ROOT_PATH = /var/log/__APP__ +; The root path for all log files, default is "log/" subdirectory. +ROOT_PATH =/var/log/__APP__ +; Can be "console", "file", "slack" and "discord". +; Use comma to separate multiple modes, e.g. "console, file" +MODE = file +; Buffer length of channel, keep it as it is if you don't know what it is. +BUFFER_LEN = 100 +; Either "Trace", "Info", "Warn", "Error", "Fatal", default is "Trace" +LEVEL = Warn -REDIRECT_MACARON_LOG= true -MACARON = file +; For "console" mode only +[log.console] +; Comment out to inherit +; LEVEL = -ROUTER_LOG_LEVEL = Warn -ROUTER = file +; For "file" mode only +[log.file] +; Comment out to inherit +; LEVEL = +; Whether to enable automated log rotate (switch of following options). +LOG_ROTATE = true +; Whether to segment log files daily. +DAILY_ROTATE = true +; The maximum size shift of single file, default is 28 means 1 << 28 = 256MB. +MAX_SIZE_SHIFT = 28 +; The maximum number of lines of single file. +MAX_LINES = 1000000 +; The expired days of log file (delete after max days). +MAX_DAYS = 7 -ENABLE_ACCESS_LOG = Warn -ACCESS = file +; For "slack" mode only +[log.slack] +; Comment out to inherit +; LEVEL = +; Webhook URL +URL = -ENABLE_XORM_LOG = Warn -XORM = file +[log.discord] +; Comment out to inherit +; LEVEL = +; Webhook URL +URL = +; The username to be displayed in notification. +USERNAME = %(BRAND_NAME)s + +[log.xorm] +; Enable file rotation +ROTATE = true +; Rotate every day +ROTATE_DAILY = true +; Rotate once file size excesses x MB +MAX_SIZE = 100 +; Maximum days to keep logger files +MAX_DAYS = 3 + +[log.gorm] +; Whether to enable file rotation. +ROTATE = true +; Whether to rotate file every day. +ROTATE_DAILY = true +; The maximum file size in MB before next rotate. +MAX_SIZE = 100 +; The maximum days to keep files. +MAX_DAYS = 3 + +[cron] +; Enable running cron tasks periodically. +ENABLED = true +; Run cron tasks when Gogs starts. +RUN_AT_START = false + +[cron.update_mirrors] +; Defines how often the mirror syncer checks if any mirror needs to be synchronized (based on the mirror update interval). +SCHEDULE = @every 10m + +; Repository health check +[cron.repo_health_check] +SCHEDULE = @every 24h +TIMEOUT = 60s +; Arguments for command 'git fsck', e.g. "--unreachable --tags" +; see more on http://git-scm.com/docs/git-fsck/1.7.5 +ARGS = + +; Check repository statistics +[cron.check_repo_stats] +RUN_AT_START = true +SCHEDULE = @every 24h + +; Cleanup repository archives +[cron.repo_archive_cleanup] +RUN_AT_START = false +SCHEDULE = @every 24h +; Time duration to check if archive should be cleaned +OLDER_THAN = 24h + +[git] +; Disables highlight of added and removed changes +DISABLE_DIFF_HIGHLIGHT = false +; Max number of files shown in diff view +MAX_GIT_DIFF_FILES = 100 +; Max number of lines allowed of a single file in diff view +MAX_GIT_DIFF_LINES = 1000 +; Max number of characters of a line allowed in diff view +MAX_GIT_DIFF_LINE_CHARACTERS = 2000 +; Arguments for command 'git gc', e.g. "--aggressive --auto" +; see more on http://git-scm.com/docs/git-gc/1.7.5 +GC_ARGS = + +; Operation timeout in seconds +[git.timeout] +MIGRATE = 600 +MIRROR = 300 +CLONE = 300 +PULL = 300 +DIFF = 60 +GC = 60 + +[mirror] +; Defines the default interval (in hours) until the next sync for a mirror (after a successful mirror sync). +; It can be overridden individually for each mirror repository in the settings. +DEFAULT_INTERVAL = 8 + +[api] +; Max number of items will response in a page +MAX_RESPONSE_ITEMS = 50 + +[ui] +; Number of repositories that are showed in one explore page +EXPLORE_PAGING_NUM = 20 +; Number of issues that are showed in one page +ISSUE_PAGING_NUM = 10 +; Number of maximum commits showed in one activity feed +FEED_MAX_COMMIT_NUM = 5 +; Value of "theme-color" meta tag, used by Android >= 5.0 +; An invalid color like "none" or "disable" will have the default style +; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android +THEME_COLOR_META_TAG = `#ff5343` +; Max size in bytes of files to be displayed (default is 8MB) +MAX_DISPLAY_FILE_SIZE = 8388608 + +[ui.admin] +; Number of users that are showed in one page +USER_PAGING_NUM = 50 +; Number of repos that are showed in one page +REPO_PAGING_NUM = 50 +; Number of notices that are showed in one page +NOTICE_PAGING_NUM = 25 +; Number of organization that are showed in one page +ORG_PAGING_NUM = 50 + +[ui.user] +; Number of repos that are showed in one page +REPO_PAGING_NUM = 15 +; Number of news feeds that are showed in one page +NEWS_FEED_PAGING_NUM = 20 +; Number of commits that are showed in one page +COMMITS_PAGING_NUM = 30 + +[prometheus] +; Whether to enable Prometheus metrics. +ENABLED = false +; Whether to enable HTTP Basic Authentication to protect metrics data. +ENABLE_BASIC_AUTH = false +; The username for HTTP Basic Authentication. +BASIC_AUTH_USERNAME = +; The password for HTTP Basic Authentication. +BASIC_AUTH_PASSWORD = + +; Extension mapping to highlight class +; e.g. .toml=ini +[highlight.mapping] + +[i18n] +LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR,gl-ES,uk-UA,en-GB,hu-HU,sk-SK,id-ID,fa-IR,vi-VN,pt-PT, mn-MN +NAMES = English,简体中文,繁體中文(香港),繁體中文(臺灣),Deutsch,français,Nederlands,latviešu,русский,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어,galego,українська,English (United Kingdom),Magyar,Slovenčina,Indonesian,Persian,Vietnamese,Português,Монгол + +; Used for datetimepicker +[i18n.datelang] +en-US = en +zh-CN = zh +zh-HK = zh-TW +zh-TW = zh-TW +de-DE = de +fr-FR = fr +nl-NL = nl +lv-LV = lv +ru-RU = ru +ja-JP = ja +es-ES = es +pt-BR = pt-BR +pl-PL = pl +bg-BG = bg +it-IT = it +fi-FI = fi +tr-TR = tr +cs-CZ = cs-CZ +sr-SP = sr +sv-SE = sv +ko-KR = ko +gl-ES = gl +uk-UA = uk +en-GB = en-GB +hu-HU = hu +sk-SK = sk +id-ID = id +fa-IR = fa +vi-VN = vi +pt-PT = pt +mn-MN = mn + +[other] +SHOW_FOOTER_BRANDING = false +; Show time of template execution in the footer +SHOW_FOOTER_TEMPLATE_LOAD_TIME = true From e0a8e7af55ff54b6d6b9ad22b82e245e4ddb8b18 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 15:18:35 +0100 Subject: [PATCH 11/24] Update app.ini --- conf/app.ini | 29 ----------------------------- 1 file changed, 29 deletions(-) diff --git a/conf/app.ini b/conf/app.ini index 2d1d897..7e4069c 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -1,23 +1,14 @@ ;https://github.com/gogits/gogs/blob/master/conf/app.ini -<<<<<<< Updated upstream -BRAND_NAME = Gogs -======= ; The brand name of the application, can be your company or team name. BRAND_NAME = Gogs ; The system user who should be running the applications. It has no effect on Windows, ; otherwise, it should match the value of $USER environment variable. ->>>>>>> Stashed changes RUN_USER = __APP__ ; The running mode of the application, can be either "dev", "prod" or "test". RUN_MODE = prod [server] -<<<<<<< Updated upstream -EXTERNAL_URL = https://__URL__/ -DOMAIN = __DOMAIN__ -HTTP_PORT = __PORT__ -======= ; The public-facing URL for the application. EXTERNAL_URL = https://__URL__/ ; The public-facing domain name for the application. @@ -26,7 +17,6 @@ DOMAIN = __DOMAIN__ ; Currently supports "http", "https", "fcgi" and "unix". PROTOCOL = http ; The address to be listened by the application. ->>>>>>> Stashed changes HTTP_ADDR = 127.0.0.1 ; The port number to be listened by the application. HTTP_PORT = __PORT__ @@ -70,12 +60,6 @@ DISABLE_SSH = false SSH_DOMAIN = %(DOMAIN)s ; The port number to be exposed in SSH clone URL. SSH_PORT = 22 -<<<<<<< Updated upstream -APP_DATA_PATH = __DATADIR__/data -LANDING_PAGE = explore -CERT_FILE = /etc/yunohost/certs/__DOMAIN__/crt.pem -KEY_FILE = /etc/yunohost/certs/__DOMAIN__/key.pem -======= ; The path of SSH root directory, default is "$HOME/.ssh". SSH_ROOT_PATH = ; The path to ssh-keygen, default is "ssh-keygen" and let shell find out which one to call. @@ -104,7 +88,6 @@ ED25519 = 256 ECDSA = 256 RSA = 2048 DSA = 1024 ->>>>>>> Stashed changes [repository] ; The root path for storing managed repositories, default is "~/gogs-repositories" @@ -162,9 +145,6 @@ TYPE = mysql HOST = 127.0.0.1:3306 NAME = __DB_NAME__ USER = __DB_USER__ -<<<<<<< Updated upstream -PASSWD = __DB_PWD__ -======= PASSWORD = __DB_PWD__ ; For "postgres" only, either "disable", "require" or "verify-full". SSL_MODE = disable @@ -174,7 +154,6 @@ PATH = data/gogs.db MAX_OPEN_CONNS = 30 ; The maximum idle connections of the pool. MAX_IDLE_CONNS = 30 ->>>>>>> Stashed changes [security] ; Whether to show the install page, set this to "true" to bypass it. @@ -196,10 +175,7 @@ ENABLE_LOGIN_STATUS_COOKIE = false LOGIN_STATUS_COOKIE_NAME = login_status [email] -<<<<<<< Updated upstream -======= ; Whether to enable the email service. ->>>>>>> Stashed changes ENABLED = true ; The prefix prepended to the subject line. SUBJECT_PREFIX = `[%(BRAND_NAME)s] ` @@ -207,9 +183,6 @@ SUBJECT_PREFIX = `[%(BRAND_NAME)s] ` ; If the port ends is "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. ; If the server supports STARTTLS it will always be used. HOST = 127.0.0.1:25 -<<<<<<< Updated upstream -FROM = "Gogs" -======= ; The email from address (RFC 5322). This can be just an email address, or the `"Name" ` format. FROM = "Gogs" ; The login user. @@ -223,7 +196,6 @@ DISABLE_HELO = HELO_HOSTNAME = ; Whether to skip verifying the certificate of the server. Only use this for self-signed certificates. ->>>>>>> Stashed changes SKIP_VERIFY = true ; Whether to use client certificates. USE_CERTIFICATE = false @@ -258,7 +230,6 @@ ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false ; The HTTP header used as username for reverse proxy authentication. REVERSE_PROXY_AUTHENTICATION_HEADER = X-WEBAUTH-USER - [user] ; Whether to enable email notifications for users. ENABLE_EMAIL_NOTIFICATION = false From 5aecc06dfc1ceaf714ac9b8715d6c14ec8fcf685 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 15:24:10 +0100 Subject: [PATCH 12/24] Update app.ini --- conf/app.ini | 38 -------------------------------------- 1 file changed, 38 deletions(-) diff --git a/conf/app.ini b/conf/app.ini index 7e4069c..6b0912f 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -522,44 +522,6 @@ BASIC_AUTH_PASSWORD = ; e.g. .toml=ini [highlight.mapping] -[i18n] -LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR,gl-ES,uk-UA,en-GB,hu-HU,sk-SK,id-ID,fa-IR,vi-VN,pt-PT, mn-MN -NAMES = English,简体中文,繁體中文(香港),繁體中文(臺灣),Deutsch,français,Nederlands,latviešu,русский,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어,galego,українська,English (United Kingdom),Magyar,Slovenčina,Indonesian,Persian,Vietnamese,Português,Монгол - -; Used for datetimepicker -[i18n.datelang] -en-US = en -zh-CN = zh -zh-HK = zh-TW -zh-TW = zh-TW -de-DE = de -fr-FR = fr -nl-NL = nl -lv-LV = lv -ru-RU = ru -ja-JP = ja -es-ES = es -pt-BR = pt-BR -pl-PL = pl -bg-BG = bg -it-IT = it -fi-FI = fi -tr-TR = tr -cs-CZ = cs-CZ -sr-SP = sr -sv-SE = sv -ko-KR = ko -gl-ES = gl -uk-UA = uk -en-GB = en-GB -hu-HU = hu -sk-SK = sk -id-ID = id -fa-IR = fa -vi-VN = vi -pt-PT = pt -mn-MN = mn - [other] SHOW_FOOTER_BRANDING = false ; Show time of template execution in the footer From ac54a9aecd57044b174b014beeba28b14db5b555 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 15:31:28 +0100 Subject: [PATCH 13/24] Update app.ini --- conf/app.ini | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/conf/app.ini b/conf/app.ini index 6b0912f..40ec0e3 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -15,7 +15,7 @@ EXTERNAL_URL = https://__URL__/ DOMAIN = __DOMAIN__ ; The protocol that is used to serve direct traffic to the application. ; Currently supports "http", "https", "fcgi" and "unix". -PROTOCOL = http +PROTOCOL = https ; The address to be listened by the application. HTTP_ADDR = 127.0.0.1 ; The port number to be listened by the application. @@ -52,7 +52,7 @@ LOAD_ASSETS_FROM_DISK = false ; The landing page URL for anonymous users, the value should not include ; subpath that is handled by the reverse proxy. -LANDING_URL = / +LANDING_URL = explore ; Whether to disable SSH access to the application entirely. DISABLE_SSH = false From d68e905a95bf5d34fa376f24a4a4f03256260096 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 15:32:23 +0100 Subject: [PATCH 14/24] Update app.ini --- conf/app.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/app.ini b/conf/app.ini index 40ec0e3..99303cf 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -277,7 +277,7 @@ OBJECTS_PATH = data/lfs-objects ; Whether to enabled upload attachments in general. ENABLED = true ; The path to store attachments on the file system. -PATH = data/attachments +PATH = __DATADIR__/data/attachments ; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type. ALLOWED_TYPES = image/jpeg|image/png ; The maximum size of each file in MB. From 36847dd8b111e1ea4b75f609b62e2481784dd804 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 15:34:06 +0100 Subject: [PATCH 15/24] Update app.ini --- conf/app.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/app.ini b/conf/app.ini index 99303cf..39006db 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -271,7 +271,7 @@ ACCESS_CONTROL_ALLOW_ORIGIN = ; The storage backend for uploading new objects. STORAGE = local ; The root path to store LFS objects on local file system. -OBJECTS_PATH = data/lfs-objects +OBJECTS_PATH = __DATADIR__/data/lfs-objects [attachment] ; Whether to enabled upload attachments in general. From aee0ebee0cadc726e48941bf9d84179dce588e4f Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 15:36:57 +0100 Subject: [PATCH 16/24] Update app.ini --- conf/app.ini | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/conf/app.ini b/conf/app.ini index 39006db..4019c83 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -27,8 +27,8 @@ HTTP_PORT = __PORT__ ; not forget to export the private key): ; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys ; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes -CERT_FILE = custom/https/cert.pem -KEY_FILE = custom/https/key.pem +CERT_FILE = /etc/yunohost/certs/__DOMAIN__/crt.pem +KEY_FILE = /etc/yunohost/certs/__DOMAIN__/key.pem ; The minimum allowed TLS version, currently supports "TLS10", "TLS11", "TLS12", and "TLS13". TLS_MIN_VERSION = TLS12 ; File permission when serve traffic via Unix domain socket. From ebce2ad04acfeef5a5194d556edc355d0664187d Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 15:38:07 +0100 Subject: [PATCH 17/24] Update app.ini --- conf/app.ini | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/conf/app.ini b/conf/app.ini index 4019c83..9ad9df8 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -15,7 +15,7 @@ EXTERNAL_URL = https://__URL__/ DOMAIN = __DOMAIN__ ; The protocol that is used to serve direct traffic to the application. ; Currently supports "http", "https", "fcgi" and "unix". -PROTOCOL = https +PROTOCOL = http ; The address to be listened by the application. HTTP_ADDR = 127.0.0.1 ; The port number to be listened by the application. @@ -27,8 +27,8 @@ HTTP_PORT = __PORT__ ; not forget to export the private key): ; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys ; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes -CERT_FILE = /etc/yunohost/certs/__DOMAIN__/crt.pem -KEY_FILE = /etc/yunohost/certs/__DOMAIN__/key.pem +CERT_FILE = custom/https/cert.pem +KEY_FILE = custom/https/key.pem ; The minimum allowed TLS version, currently supports "TLS10", "TLS11", "TLS12", and "TLS13". TLS_MIN_VERSION = TLS12 ; File permission when serve traffic via Unix domain socket. From ae28d4d0c2d0c79cb57e51bec63ea7169a65ddb9 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 15:41:58 +0100 Subject: [PATCH 18/24] Update app.ini --- conf/app.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/app.ini b/conf/app.ini index 9ad9df8..9cf2d55 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -52,7 +52,7 @@ LOAD_ASSETS_FROM_DISK = false ; The landing page URL for anonymous users, the value should not include ; subpath that is handled by the reverse proxy. -LANDING_URL = explore +LANDING_URL = / ; Whether to disable SSH access to the application entirely. DISABLE_SSH = false From cc10af5c86d9669766c965ad963643ed1079da4e Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 15:49:51 +0100 Subject: [PATCH 19/24] Update app.ini --- conf/app.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/app.ini b/conf/app.ini index 9cf2d55..9ad9df8 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -52,7 +52,7 @@ LOAD_ASSETS_FROM_DISK = false ; The landing page URL for anonymous users, the value should not include ; subpath that is handled by the reverse proxy. -LANDING_URL = / +LANDING_URL = explore ; Whether to disable SSH access to the application entirely. DISABLE_SSH = false From 2a06126df0adacb6da77aba639ae4f4fc7a85d8a Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 15:52:43 +0100 Subject: [PATCH 20/24] Update app.ini --- conf/app.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/app.ini b/conf/app.ini index 9ad9df8..128719d 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -52,7 +52,7 @@ LOAD_ASSETS_FROM_DISK = false ; The landing page URL for anonymous users, the value should not include ; subpath that is handled by the reverse proxy. -LANDING_URL = explore +LANDING_URL = /explore ; Whether to disable SSH access to the application entirely. DISABLE_SSH = false From 8fc715fbf438412d33d53cc53a405e86c40e696b Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 16:20:10 +0100 Subject: [PATCH 21/24] Update app.ini --- conf/app.ini | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/conf/app.ini b/conf/app.ini index 128719d..c4bec87 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -134,10 +134,6 @@ FILE_MAX_SIZE = 3 ; The maximum number of files per upload. MAX_FILES = 5 -[repository.editor] -LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd -PREVIEWABLE_FILE_MODES = markdown - [database] ; The database backend, either "postgres", "mysql" "sqlite3" or "mssql". ; You can connect to TiDB with MySQL protocol. @@ -186,7 +182,7 @@ HOST = 127.0.0.1:25 ; The email from address (RFC 5322). This can be just an email address, or the `"Name" ` format. FROM = "Gogs" ; The login user. -USER = +USER = "Gogs" ; The login password. PASSWORD = From ae229db026afb1c32344ff51203450f5724fb5e4 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 16:46:39 +0100 Subject: [PATCH 22/24] Update install --- scripts/install | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/install b/scripts/install index de268c9..a44f234 100644 --- a/scripts/install +++ b/scripts/install @@ -103,10 +103,6 @@ ynh_app_setting_set --app=$app --key=datadir --value=$datadir mkdir -p $datadir -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:www-data "$datadir" - repo_path="$datadir/repositories" data_path="$datadir/data" @@ -116,6 +112,10 @@ mkdir -p "$final_path/custom/conf/auth.d" mkdir -p "$datadir/data/avatars" mkdir -p "$datadir/data/attachments" +chmod 750 "$datadir" +chmod -R o-rwx "$datadir" +chown -R $app:www-data "$datadir" + #================================================= # MODIFY A CONFIG FILE #================================================= From 16b1a537d96a26b12c16c77b02738b7666a4d2bb Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 16:50:13 +0100 Subject: [PATCH 23/24] Update install --- scripts/install | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/scripts/install b/scripts/install index a44f234..14a969f 100644 --- a/scripts/install +++ b/scripts/install @@ -103,12 +103,9 @@ ynh_app_setting_set --app=$app --key=datadir --value=$datadir mkdir -p $datadir -repo_path="$datadir/repositories" -data_path="$datadir/data" - # create needed directories -mkdir -p "$final_path/data" mkdir -p "$final_path/custom/conf/auth.d" +mkdir -p "$datadir/data/repositories" mkdir -p "$datadir/data/avatars" mkdir -p "$datadir/data/attachments" From 5aa6695aa4ca6e3d537d6e06e12a516fa0a59177 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 26 Nov 2021 17:31:20 +0100 Subject: [PATCH 24/24] Update manifest.json --- manifest.json | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/manifest.json b/manifest.json index 03cde0a..fd78503 100644 --- a/manifest.json +++ b/manifest.json @@ -3,8 +3,8 @@ "id": "gogs", "packaging_format": 1, "description": { - "en": "Lightweight Git forge", - "fr": "Forge Git légère" + "en": "Lightweight self-hosted Git forge", + "fr": "Forge Git légère auto-hébergé" }, "version": "0.12.3~ynh1", "url": "http://gogs.io", @@ -51,6 +51,10 @@ { "name": "is_public", "type": "boolean", + "help": { + "en": "If enabled, Gogs will be accessible by people who do not have an account. This can be changed later via the webadmin.", + "fr": "Si cette case est cochée, Gogs sera accessible aux personnes n’ayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin." + }, "default": true } ]