Lerking/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-08-21 01:40:40 +02:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Compare commits

base: Lerking:v1.9.0-rc1
Branches Tags
Lerking:main Lerking:release/v1.24 Lerking:release/v1.23 Lerking:release/v1.22 Lerking:release/v1.21 Lerking:release/v1.20 Lerking:release/v1.19 Lerking:release/v1.18 Lerking:release/v1.17 Lerking:release/v1.16 Lerking:release/v1.15 Lerking:release/v1.14 Lerking:release/v1.13 Lerking:release/v1.12 Lerking:release/v1.11 Lerking:release/v1.10 Lerking:release/v1.9 Lerking:release/v1.8
Lerking:v1.24.5 Lerking:v1.24.4 Lerking:v1.24.3 Lerking:v1.24.2 Lerking:v1.24.1 Lerking:v1.24.0 Lerking:v1.23.8 Lerking:v1.24.0-rc0 Lerking:v1.25.0-dev Lerking:v1.23.7 Lerking:v1.23.6 Lerking:v1.23.5 Lerking:v1.23.4 Lerking:v1.23.3 Lerking:v1.23.2 Lerking:v1.23.1 Lerking:v1.23.0 Lerking:v1.23.0-rc0 Lerking:v1.24.0-dev Lerking:v1.22.6 Lerking:v1.22.5 Lerking:v1.22.4 Lerking:v1.22.3 Lerking:v1.22.2 Lerking:v1.22.1 Lerking:v1.22.0 Lerking:v1.23.0-dev Lerking:v1.22.0-rc1 Lerking:v1.21.11 Lerking:v1.22.0-rc0 Lerking:v1.21.10 Lerking:v1.21.9 Lerking:v1.21.8 Lerking:v1.21.7 Lerking:v1.21.6 Lerking:v1.21.5 Lerking:v1.21.4 Lerking:v1.21.3 Lerking:v1.21.2 Lerking:v1.20.6 Lerking:v1.21.1 Lerking:v1.21.0 Lerking:v1.21.0-rc2 Lerking:v1.21.0-rc1 Lerking:v1.20.5 Lerking:v1.22.0-dev Lerking:v1.21.0-rc0 Lerking:v1.20.4 Lerking:v1.20.3 Lerking:v1.20.2 Lerking:v1.20.1 Lerking:v1.20.0 Lerking:v1.19.4 Lerking:v1.21.0-dev Lerking:v1.20.0-rc2 Lerking:v1.20.0-rc1 Lerking:v1.20.0-rc0 Lerking:v1.19.3 Lerking:v1.19.2 Lerking:v1.19.1 Lerking:v1.19.0 Lerking:v1.19.0-rc1 Lerking:v1.20.0-dev Lerking:v1.19.0-rc0 Lerking:v1.18.5 Lerking:v1.18.4 Lerking:v1.18.3 Lerking:v1.18.2 Lerking:v1.18.1 Lerking:v1.18.0 Lerking:v1.17.4 Lerking:v1.18.0-rc1 Lerking:v1.19.0-dev Lerking:v1.18.0-rc0 Lerking:v1.17.3 Lerking:v1.17.2 Lerking:v1.17.1 Lerking:v1.17.0 Lerking:v1.17.0-rc2 Lerking:v1.16.9 Lerking:v1.17.0-rc1 Lerking:v1.18.0-dev Lerking:v1.16.8 Lerking:v1.16.7 Lerking:v1.16.6 Lerking:v1.16.5 Lerking:v1.16.4 Lerking:v1.16.3 Lerking:v1.16.2 Lerking:v1.16.1 Lerking:v1.16.0 Lerking:v1.15.11 Lerking:v1.17.0-dev Lerking:v1.16.0-rc1 Lerking:v1.15.10 Lerking:v1.15.9 Lerking:v1.15.8 Lerking:v1.15.7 Lerking:v1.15.6 Lerking:v1.15.5 Lerking:v1.15.4 Lerking:v1.15.3 Lerking:v1.15.2 Lerking:v1.15.1 Lerking:v1.14.7 Lerking:v1.15.0 Lerking:v1.15.0-rc3 Lerking:v1.14.6 Lerking:v1.15.0-rc2 Lerking:v1.14.5 Lerking:v1.16.0-dev Lerking:v1.15.0-rc1 Lerking:v1.14.4 Lerking:v1.14.3 Lerking:v1.14.2 Lerking:v1.14.1 Lerking:v1.14.0 Lerking:v1.13.7 Lerking:v1.14.0-rc2 Lerking:v1.13.6 Lerking:v1.13.5 Lerking:v1.14.0-rc1 Lerking:v1.15.0-dev Lerking:v1.13.4 Lerking:v1.13.3 Lerking:v1.13.2 Lerking:v1.13.1 Lerking:v1.13.0 Lerking:v1.12.6 Lerking:v1.13.0-rc2 Lerking:v1.14.0-dev Lerking:v1.13.0-rc1 Lerking:v1.12.5 Lerking:v1.12.4 Lerking:v1.12.3 Lerking:v1.12.2 Lerking:v1.12.1 Lerking:v1.11.8 Lerking:v1.12.0 Lerking:v1.11.7 Lerking:v1.12.0-rc2 Lerking:v1.11.6 Lerking:v1.12.0-rc1 Lerking:v1.13.0-dev Lerking:v1.11.5 Lerking:v1.11.4 Lerking:v1.11.3 Lerking:v1.10.6 Lerking:v1.12.0-dev Lerking:v1.11.2 Lerking:v1.10.5 Lerking:v1.11.1 Lerking:v1.10.4 Lerking:v1.11.0 Lerking:v1.11.0-rc2 Lerking:v1.10.3 Lerking:v1.11.0-rc1 Lerking:v1.10.2 Lerking:v1.10.1 Lerking:v1.10.0 Lerking:v1.9.6 Lerking:v1.9.5 Lerking:v1.10.0-rc2 Lerking:v1.11.0-dev Lerking:v1.10.0-rc1 Lerking:v1.9.4 Lerking:v1.9.3 Lerking:v1.9.2 Lerking:v1.9.1 Lerking:v1.9.0 Lerking:v1.9.0-rc2 Lerking:v1.10.0-dev Lerking:v1.9.0-rc1 Lerking:v1.8.3 Lerking:v1.8.2 Lerking:v1.8.1 Lerking:v1.8.0 Lerking:v1.8.0-rc3 Lerking:v1.7.6 Lerking:v1.8.0-rc2 Lerking:v1.7.5 Lerking:v1.8.0-rc1 Lerking:v1.9.0-dev Lerking:v1.7.4 Lerking:v1.7.3 Lerking:v1.7.2 Lerking:v1.7.1 Lerking:v1.7.0 Lerking:v1.7.0-rc3 Lerking:v1.6.4 Lerking:v1.7.0-rc2 Lerking:v1.6.3 Lerking:v1.7.0-rc1 Lerking:v1.7.0-dev Lerking:v1.6.2 Lerking:v1.6.1 Lerking:v1.6.0 Lerking:v1.6.0-rc2 Lerking:v1.5.3 Lerking:v1.6.0-rc1 Lerking:v1.6.0-dev Lerking:v1.5.2 Lerking:v1.5.1 Lerking:v1.5.0 Lerking:v1.5.0-rc2 Lerking:v1.5.0-rc1 Lerking:v1.5.0-dev Lerking:v1.4.3 Lerking:v1.4.2 Lerking:v1.4.1 Lerking:v1.4.0 Lerking:v1.4.0-rc3 Lerking:v1.4.0-rc2 Lerking:v1.3.3 Lerking:v1.4.0-rc1 Lerking:v1.3.2 Lerking:v1.3.1 Lerking:v1.3.0 Lerking:v1.3.0-rc2 Lerking:v1.3.0-rc1 Lerking:v1.2.3 Lerking:v1.2.2 Lerking:v1.2.1 Lerking:v1.2.0 Lerking:v1.2.0-rc3 Lerking:v1.2.0-rc2 Lerking:v1.1.4 Lerking:v1.2.0-rc1 Lerking:v1.1.3 Lerking:v1.1.2 Lerking:v1.1.1 Lerking:v1.1.0 Lerking:v1.0.2 Lerking:v1.0.1 Lerking:v1.0.0 Lerking:v0.9.99
..
compare: Lerking:v1.6.2
Branches Tags
Lerking:release/v1.24 Lerking:main Lerking:release/v1.23 Lerking:release/v1.22 Lerking:release/v1.21 Lerking:release/v1.20 Lerking:release/v1.19 Lerking:release/v1.18 Lerking:release/v1.17 Lerking:release/v1.16 Lerking:release/v1.15 Lerking:release/v1.14 Lerking:release/v1.13 Lerking:release/v1.12 Lerking:release/v1.11 Lerking:release/v1.10 Lerking:release/v1.9 Lerking:release/v1.8
Lerking:v1.24.5 Lerking:v1.24.4 Lerking:v1.24.3 Lerking:v1.24.2 Lerking:v1.24.1 Lerking:v1.24.0 Lerking:v1.23.8 Lerking:v1.24.0-rc0 Lerking:v1.25.0-dev Lerking:v1.23.7 Lerking:v1.23.6 Lerking:v1.23.5 Lerking:v1.23.4 Lerking:v1.23.3 Lerking:v1.23.2 Lerking:v1.23.1 Lerking:v1.23.0 Lerking:v1.23.0-rc0 Lerking:v1.24.0-dev Lerking:v1.22.6 Lerking:v1.22.5 Lerking:v1.22.4 Lerking:v1.22.3 Lerking:v1.22.2 Lerking:v1.22.1 Lerking:v1.22.0 Lerking:v1.23.0-dev Lerking:v1.22.0-rc1 Lerking:v1.21.11 Lerking:v1.22.0-rc0 Lerking:v1.21.10 Lerking:v1.21.9 Lerking:v1.21.8 Lerking:v1.21.7 Lerking:v1.21.6 Lerking:v1.21.5 Lerking:v1.21.4 Lerking:v1.21.3 Lerking:v1.21.2 Lerking:v1.20.6 Lerking:v1.21.1 Lerking:v1.21.0 Lerking:v1.21.0-rc2 Lerking:v1.21.0-rc1 Lerking:v1.20.5 Lerking:v1.22.0-dev Lerking:v1.21.0-rc0 Lerking:v1.20.4 Lerking:v1.20.3 Lerking:v1.20.2 Lerking:v1.20.1 Lerking:v1.20.0 Lerking:v1.19.4 Lerking:v1.21.0-dev Lerking:v1.20.0-rc2 Lerking:v1.20.0-rc1 Lerking:v1.20.0-rc0 Lerking:v1.19.3 Lerking:v1.19.2 Lerking:v1.19.1 Lerking:v1.19.0 Lerking:v1.19.0-rc1 Lerking:v1.20.0-dev Lerking:v1.19.0-rc0 Lerking:v1.18.5 Lerking:v1.18.4 Lerking:v1.18.3 Lerking:v1.18.2 Lerking:v1.18.1 Lerking:v1.18.0 Lerking:v1.17.4 Lerking:v1.18.0-rc1 Lerking:v1.19.0-dev Lerking:v1.18.0-rc0 Lerking:v1.17.3 Lerking:v1.17.2 Lerking:v1.17.1 Lerking:v1.17.0 Lerking:v1.17.0-rc2 Lerking:v1.16.9 Lerking:v1.17.0-rc1 Lerking:v1.18.0-dev Lerking:v1.16.8 Lerking:v1.16.7 Lerking:v1.16.6 Lerking:v1.16.5 Lerking:v1.16.4 Lerking:v1.16.3 Lerking:v1.16.2 Lerking:v1.16.1 Lerking:v1.16.0 Lerking:v1.15.11 Lerking:v1.17.0-dev Lerking:v1.16.0-rc1 Lerking:v1.15.10 Lerking:v1.15.9 Lerking:v1.15.8 Lerking:v1.15.7 Lerking:v1.15.6 Lerking:v1.15.5 Lerking:v1.15.4 Lerking:v1.15.3 Lerking:v1.15.2 Lerking:v1.15.1 Lerking:v1.14.7 Lerking:v1.15.0 Lerking:v1.15.0-rc3 Lerking:v1.14.6 Lerking:v1.15.0-rc2 Lerking:v1.14.5 Lerking:v1.16.0-dev Lerking:v1.15.0-rc1 Lerking:v1.14.4 Lerking:v1.14.3 Lerking:v1.14.2 Lerking:v1.14.1 Lerking:v1.14.0 Lerking:v1.13.7 Lerking:v1.14.0-rc2 Lerking:v1.13.6 Lerking:v1.13.5 Lerking:v1.14.0-rc1 Lerking:v1.15.0-dev Lerking:v1.13.4 Lerking:v1.13.3 Lerking:v1.13.2 Lerking:v1.13.1 Lerking:v1.13.0 Lerking:v1.12.6 Lerking:v1.13.0-rc2 Lerking:v1.14.0-dev Lerking:v1.13.0-rc1 Lerking:v1.12.5 Lerking:v1.12.4 Lerking:v1.12.3 Lerking:v1.12.2 Lerking:v1.12.1 Lerking:v1.11.8 Lerking:v1.12.0 Lerking:v1.11.7 Lerking:v1.12.0-rc2 Lerking:v1.11.6 Lerking:v1.12.0-rc1 Lerking:v1.13.0-dev Lerking:v1.11.5 Lerking:v1.11.4 Lerking:v1.11.3 Lerking:v1.10.6 Lerking:v1.12.0-dev Lerking:v1.11.2 Lerking:v1.10.5 Lerking:v1.11.1 Lerking:v1.10.4 Lerking:v1.11.0 Lerking:v1.11.0-rc2 Lerking:v1.10.3 Lerking:v1.11.0-rc1 Lerking:v1.10.2 Lerking:v1.10.1 Lerking:v1.10.0 Lerking:v1.9.6 Lerking:v1.9.5 Lerking:v1.10.0-rc2 Lerking:v1.11.0-dev Lerking:v1.10.0-rc1 Lerking:v1.9.4 Lerking:v1.9.3 Lerking:v1.9.2 Lerking:v1.9.1 Lerking:v1.9.0 Lerking:v1.9.0-rc2 Lerking:v1.10.0-dev Lerking:v1.9.0-rc1 Lerking:v1.8.3 Lerking:v1.8.2 Lerking:v1.8.1 Lerking:v1.8.0 Lerking:v1.8.0-rc3 Lerking:v1.7.6 Lerking:v1.8.0-rc2 Lerking:v1.7.5 Lerking:v1.8.0-rc1 Lerking:v1.9.0-dev Lerking:v1.7.4 Lerking:v1.7.3 Lerking:v1.7.2 Lerking:v1.7.1 Lerking:v1.7.0 Lerking:v1.7.0-rc3 Lerking:v1.6.4 Lerking:v1.7.0-rc2 Lerking:v1.6.3 Lerking:v1.7.0-rc1 Lerking:v1.7.0-dev Lerking:v1.6.2 Lerking:v1.6.1 Lerking:v1.6.0 Lerking:v1.6.0-rc2 Lerking:v1.5.3 Lerking:v1.6.0-rc1 Lerking:v1.6.0-dev Lerking:v1.5.2 Lerking:v1.5.1 Lerking:v1.5.0 Lerking:v1.5.0-rc2 Lerking:v1.5.0-rc1 Lerking:v1.5.0-dev Lerking:v1.4.3 Lerking:v1.4.2 Lerking:v1.4.1 Lerking:v1.4.0 Lerking:v1.4.0-rc3 Lerking:v1.4.0-rc2 Lerking:v1.3.3 Lerking:v1.4.0-rc1 Lerking:v1.3.2 Lerking:v1.3.1 Lerking:v1.3.0 Lerking:v1.3.0-rc2 Lerking:v1.3.0-rc1 Lerking:v1.2.3 Lerking:v1.2.2 Lerking:v1.2.1 Lerking:v1.2.0 Lerking:v1.2.0-rc3 Lerking:v1.2.0-rc2 Lerking:v1.1.4 Lerking:v1.2.0-rc1 Lerking:v1.1.3 Lerking:v1.1.2 Lerking:v1.1.1 Lerking:v1.1.0 Lerking:v1.0.2 Lerking:v1.0.1 Lerking:v1.0.0 Lerking:v0.9.99

46 Commits
v1.9.0-rc1 ... v1.6.2

Author SHA1 Message Date
techknowlogick
2631f7f64d Changelog for 1.6.2 (#5567) 2018-12-21 10:08:46 -05:00
techknowlogick
af4626a270 Immediate fix to htmlEncode user added text (#5575) 
There are likely problems remaining with the way that initCommentForm
is creating its elements. I suspect that a malformed avatar url could
be used maliciously.
 2018-12-21 09:05:47 -05:00
techknowlogick
21c70e1ed2 backport 5571 (#5573) 2018-12-21 16:22:56 +08:00
Lunny Xiao
b45d58805a fix indexer reindex bug when gitea restart (#5563) (#5564) 
* fix issue indexer bug reindex when restart gitea

* also fix code indexer reindex when gitea restart
 2018-12-19 09:51:53 -05:00
Greg Karékinian
200b974e19 Backport #5537 Remove a double slash in the HTTPS redirect with Let's Encrypt (#5539) 
Before:

$ curl 0.0.0.0:3001
<a href="https://gitea.example.com:3000//">Found</a>.

After:

$ curl 0.0.0.0:3001
<a href="https://gitea.example.com:3000/">Found</a>.

Fixes #5536
 2018-12-13 10:42:38 -05:00
Lunny Xiao
800271ee1f fix bug when a read perm user to edit his issue (#5516) (#5534) 2018-12-12 12:37:22 -05:00
Lunny Xiao
e6362f3d23 fix detect force push failure on deletion of protected branches (#5522) (#5531) 2018-12-12 09:49:47 -05:00
Greg Karékinian
716c2918be Backported #5525 Fix the Let's Encrypt handler (#5527) 
* Fix the Let's Encrypt handler by listening on a valid address

Also handle errors in the HTTP server go routine, return a fatal error
when something goes wrong.

Thanks to @gbl08ma for finding the actual bug

Here is an example of the error handling:

    2018/12/11 14:23:07 [....io/gitea/cmd/web.go:87 func1()] [E] Failed to
    start the Let's Encrypt handler on port 30: listen tcp 0.0.0.0:30: bind:
    permission denied

Closes #5280

* Fix a typo
 2018-12-11 13:34:35 -05:00
Lunny Xiao
60d7b614fe fix forgot deletion of notification when delete repository (#5506) (#5514) 2018-12-11 19:09:53 +08:00
Lunny Xiao
9cf9a54dca fix undeleted content when deleting user (#5509) 2018-12-11 10:33:20 +08:00
Lunny Xiao
2b4f87da46 Fix empty wiki (#5504) (#5508) 
* fix wiki page when wiki path is exist but empty

* improve the error check
 2018-12-10 22:37:56 +02:00
techknowlogick
ad9f9cdc30 Add 1.6.1 changelog (#5500) 2018-12-09 21:06:16 +08:00
Lunny Xiao
8237fd4a2d fix topic name length on database (#5493) (#5495) 2018-12-09 02:57:49 +02:00
romankl
8e4a0a978a ensure that the closed_at is set for closed (#5450) 
right now the `closed_at` field for json responses is not filled during
the `APIIssue` creation for api responses.

For a closed issue you get a result like:
```json
"state":"open","comments":0,"created_at":"2018-11-29T16:39:24+01:00",
"updated_at":"2018-11-30T10:49:19+01:00","closed_at":null,
"due_date":null,"pull_request":null}
```
which has no information about the closing date. (which exists in the
db and ui)
with this PR the result changes to this:

```json
:null,"assignee":null,"assignees":null,
"state":"closed",
"comments":0,"created_at":"2018-11-29T16:43:05+01:00",
"updated_at":"2018-12-02T19:17:05+01:00",
"closed_at":"2018-12-02T19:17:05+01:00",
"due_date":null,"pull_request":null}
```

fixes: https://github.com/go-gitea/gitea/issues/5446
Signed-off-by: Roman <romaaan.git@gmail.com>
 2018-12-02 17:50:47 -05:00
Lanre Adelowo
c1275e2ba6 Admin should be able to delete repos even if he is not a member of the organization (#5443) (#5447) 2018-12-02 20:07:20 +02:00
romankl
7bc1faabdb word-break the WebHook url to prevent a ui-break (#5445) 
right now, the url is displayed with an anchor tag with no classes. If
the url is really really long, the url will break out of the containing
div and (depending on the url length) the browser shows the horizontal
scrollbar.
This pr makes use of the already existing css class `dont-break-out`
which gives all the anchor the necessary properties to prevent the
break.
Another solution could be to introduce some classes like
`text text-break-word`, but that would duplicate the `dont-break-out`
class just for text elements that use the `text` class.

fixes: https://github.com/go-gitea/gitea/issues/5416
Signed-off-by: Roman <romaaan.git@gmail.com>
 2018-12-02 10:47:45 -05:00
Lunny Xiao
e406dc058d Fix repository deletion when there is large number of issues in it (#5426) (#5434) 2018-11-30 09:38:35 -05:00
Lauris BH
328e38ebc7 Fix dependent issue searching when gitea is run in subpath (#5392) (#5400) 2018-11-25 19:27:17 -05:00
Daniel Balko
773addf727 Backported #5383 on v1.6: API: '/orgs/:org/repos': return private repos with read access (#5310) (#3829) (#5393) 
Signed-off-by: Daniel Balko <inxonic+github@gmail.com>
 2018-11-24 13:14:27 +02:00
Lunny Xiao
0da8bc9ec0 add changelog of v1.6.0 (#5379) 
* add changelog of v1.6.0

* improve changelog
 2018-11-22 22:53:58 -05:00
Lunny Xiao
5d69703d3c dont' send assign webhooks when creating issue (#5365) (#5369) 2018-11-21 23:12:17 +08:00
Florian Eitel
ffc0c7f611 Migration fixes 5318 1.6 backport (#5355) 
* Remove field from migration to support upgrades from older version

That will ensure the field does not get queried in the Select if it does
not exist yet:

```
[I] [SQL] SELECT "id", "repo_id", "index", "poster_id", "name", "content", "milestone_id", "priority", "assignee_id", "is_closed", "is_pull", "num_comments", "ref", "deadline_unix", "created_unix", "updated_unix
[...itea/routers/init.go:60 GlobalInit()] [E] Failed to initialize ORM engine: migrate: do migrate: pq: column "ref" does not exist
```

see #5318

* Skip remove stale watcher migration if not required

Otherwise the migration will fail if executed from a older database
version without multiple IssueWatch feature.

```
2018/11/11 23:51:14 [I] [SQL] SELECT DISTINCT "issue_watch"."user_id", "issue"."repo_id" FROM "issue_watch" INNER JOIN issue ON issue_watch.issue_id = issue.id WHERE (issue_watch.is_watching = $1) LIMIT 50 []int
[...itea/routers/init.go:60 GlobalInit()] [E] Failed to initialize ORM engine: migrate: do migrate: pq: relation "issue_watch" does not exist
```

see #5318
 2018-11-18 22:34:14 +02:00
Lunny Xiao
8670decafb Fix create team, update team missing units (#5188) (#5313) 2018-11-11 12:43:56 -05:00
Lauris BH
297e619074 Fix file edit change preview functionality (#5300) (#5311) 2018-11-10 16:12:58 +02:00
Lunny Xiao
e9b984e162 fix bug when users have serval teams with different units on different repositories (#5307) (#5308) 2018-11-09 17:46:38 +08:00
Lauris BH
5995b65175 Fix U2F if gitea is configured in subpath (#5302) (#5306) 2018-11-09 13:45:50 +08:00
Lauris BH
996ce8cc03 Fix markdown image with link (#4675) (#5299) 
* Fix markdown image with link

* Add gitea copyright notice

* add a test for markdown image with link

* remove svg related variables
 2018-11-08 17:47:24 -05:00
Lauris BH
fe7cef0e1f Add changelog for 1.5.3 release (#5227) (#5298) 2018-11-08 17:20:10 -05:00
Lauris BH
464dcd1b66 Remove maxlines option for file logger (#5282) (#5287) 2018-11-07 09:14:44 +02:00
Lauris BH
68938d5dc4 Backport fix broken translation (#5284) 2018-11-07 06:50:52 +02:00
techknowlogick
9c11fafdb0 1.6.0-RC2 Changelog (#5275) 2018-11-04 17:07:08 -05:00
zeripath
c0bbbdd30b Backport #5250 on v1.6: Fix Issue 5249 and protect /api/v1/admin routes with CSRF token (#5272) 
* Add CSRF checking to reqToken and place CSRF in the post for deadline creation

Fixes #5226, #5249

* /api/v1/admin/users routes should have reqToken middleware
 2018-11-04 10:42:15 -05:00
kolaente
f95c966770 Backported wrong api request url for instances running in subfolders (#5247) (#5261) 2018-11-03 17:43:11 -04:00
Peter Hoffmann
14a074f979 fix: Accept web-command cli flags if web-command is commited (#5245) 
* Added flags of default cmd CmdWeb to app-wide flags
* If command *is* specified app-wide flags are ignored

Backport of #5200
Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>
 2018-11-01 11:24:23 -04:00
Lunny Xiao
3786369356 This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql (#5136) (#5229) 
* This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql

* fix tests
 2018-10-31 20:21:31 -04:00
Lunny Xiao
79464216d9 fix data race on migrate repository (#5224) (#5230) 2018-10-31 20:23:13 +08:00
Peter Hoffmann
e28801ff1a fix: Add secret to all webhook's payload where it has been missing (#5208) 
* Updated dependency manager via `dep ensure -update code.gitea.io/sdk`
* Gopkg.toml was not changed as sdk version is set to "master"
* affects webhooks for: Delete, Fork, IssueComment, Release
* also contains changes from go-gitea/go-sdk#125 and hence a swagger update

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>
Resolves: #4732, #5173
 2018-10-30 17:14:12 +02:00
Lunny Xiao
478ba7f318 fix sqlite lock (#5210) (#5223) 2018-10-30 14:21:55 +08:00
Kim "BKC" Carlbäcker
582213a858 Update go-macaron/session to latest mast to fix RCE-bug (#5195) 2018-10-30 13:36:50 +08:00
Lunny Xiao
4d66de684f Fix race on updatesize (#5190) (#5215) 
* fix race on updatesize

* fix more repoPath
 2018-10-30 09:20:18 +08:00
Rodrigo Villablanca Vásquez
d220a3d772 fix to 3819 - Backport (#5219) 2018-10-29 15:56:21 -04:00
Lunny Xiao
7022957b15 fix sqlite and mssql lock (#5214) (#5218) 2018-10-29 14:10:50 -04:00
Lunny Xiao
e7128e8c41 Fix sqlite lock (#5176) (#5179) 
* fix sqlite lock

* fix sqlite lock on getUnitType
 2018-10-25 17:30:25 +03:00
Jonas Franz
274ff0d011 Add comment replies (#5147) 
*         Add comment replies

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Use review.ID instead

Signed-off-by: Jonas Franz <info@jonasfranz.software>
 2018-10-23 10:38:06 -04:00
Filip Navara
7238bb329a Fix SQL quoting (#5137) 
`show` is keyword in MySQL and has to be quoted to reference a column name. Use grave accents (ASCII code 96) for quoting to match rest of the source code. It's non-standard SQL, but it's supported by SQLite and MySQL.

Signed-off-by: Filip Navara <navara@emclient.com>
 2018-10-22 14:46:47 -04:00
kolaente
49d666f99a Fix regex to support optional end line of old section in diff hunk (#5097) 
+ Named groups in reges for easier group parsing
 2018-10-18 09:57:35 +08:00
3786 changed files with 102425 additions and 608454 deletions
Expand all files Collapse all files

832
.drone.yml
View File

@@ -1,658 +1,346 @@
---
kind: pipeline
name: testing
platform:
os: linux
arch: amd64
workspace:
base: /go
path: src/code.gitea.io/gitea
services:
- name: mysql
pull: default
image: mysql:5.7
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: yes
MYSQL_DATABASE: test
clone:
git:
image: plugins/git:next
depth: 50
tags: true
- name: mysql8
pull: default
image: mysql:8.0
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: yes
MYSQL_DATABASE: testgitea
- name: pgsql
pull: default
image: postgres:9.5
environment:
POSTGRES_DB: test
- name: mssql
pull: default
image: microsoft/mssql-server-linux:latest
environment:
ACCEPT_EULA: Y
MSSQL_PID: Standard
SA_PASSWORD: MwantsaSecurePassword1
- name: ldap
pull: default
image: gitea/test-openldap:latest
steps:
- name: fetch-tags
pull: default
image: docker:git
commands:
- git fetch --tags --force
pipeline:
download_translations:
image: jonasfranz/crowdin
pull: true
secrets: [ crowdin_key ]
project_identifier: gitea
ignore_branch: true
download: true
export_dir: options/locale/
when:
event:
exclude:
- pull_request
event: [ push ]
branch: [ master ]
- name: pre-build
pull: always
image: webhippie/nodejs:latest
update-translations:
image: alpine:3.7
commands:
- make css
- make js
- mv ./options/locale/locale_en-US.ini ./options/
- sed -i -e 's/="/=/g' -e 's/"$$//g' ./options/locale/*.ini
- sed -i -e 's/\\\\"/"/g' ./options/locale/*.ini
- mv ./options/locale_en-US.ini ./options/locale/
when:
event: [ push ]
branch: [ master ]
- name: build-without-gcc
pull: always
image: golang:1.10 # this step is kept as the lowest version of golang that we support
git_push:
image: appleboy/drone-git-push
pull: true
secrets: [ git_push_ssh_key ]
remote: git@github.com:go-gitea/gitea.git
force: false
commit: true
commit_message: "[skip ci] Updated translations via Crowdin"
author_name: GiteaBot
author_email: teabot@gitea.io
when:
event: [ push ]
branch: [ master ]
pre-build:
image: webhippie/nodejs:latest
pull: true
commands:
- npm install
- make stylesheets-check
when:
event: [ push, tag, pull_request ]
build-without-gcc:
image: golang:1.9
pull: true
commands:
- go build -o gitea_no_gcc # test if build succeeds without the sqlite tag
when:
event: [ push, tag, pull_request ]
- name: build
pull: always
image: golang:1.12
build:
image: golang:1.11
pull: true
environment:
TAGS: bindata sqlite
commands:
- make clean
- make generate
- make golangci-lint
- make revive
- make vet
- make lint
- make fmt-check
- make swagger-check
- make swagger-validate
- make misspell-check
- make test-vendor
- make build
environment:
TAGS: bindata sqlite sqlite_unlock_notify
when:
event: [ push, tag, pull_request ]
- name: unit-test
pull: always
image: golang:1.12
test:
image: golang:1.11
pull: true
group: test
environment:
TAGS: bindata sqlite
commands:
- make unit-test-coverage
environment:
TAGS: bindata sqlite sqlite_unlock_notify
depends_on:
- build
when:
branch:
- master
event:
- push
- pull_request
event: [ push, pull_request ]
branch: [ master ]
- name: release-test
pull: always
image: golang:1.12
test:
image: golang:1.11
pull: true
group: test
environment:
TAGS: bindata sqlite
commands:
- make test
environment:
TAGS: bindata sqlite sqlite_unlock_notify
depends_on:
- build
when:
branch:
- "release/*"
event:
- push
- pull_request
event: [ push, pull_request ]
branch: [ release/* ]
- name: tag-test
pull: always
image: golang:1.12
test:
image: golang:1.11
pull: true
group: test
environment:
TAGS: bindata
commands:
- make test
environment:
TAGS: bindata
depends_on:
- build
when:
event:
- tag
event: [ tag ]
- name: test-sqlite
pull: always
image: golang:1.12
commands:
- "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
- apt-get install -y git-lfs
- timeout -s ABRT 20m make test-sqlite-migration
- timeout -s ABRT 20m make test-sqlite
# Commented until db locking have been resolved!
# test-sqlite:
# image: golang:1.10
# pull: true
# group: test
# environment:
# TAGS: bindata
# commands:
# - make test-sqlite
# when:
# event: [ push, tag, pull_request ]
test-mysql:
image: golang:1.11
pull: true
group: test
environment:
TAGS: bindata
depends_on:
- build
- name: test-mysql
pull: always
image: golang:1.12
TEST_LDAP: "1"
commands:
- "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
- curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash
- apt-get install -y git-lfs
- make test-mysql-migration
- make integration-test-coverage
environment:
TAGS: bindata
TEST_LDAP: 1
depends_on:
- build
when:
branch:
- master
event:
- push
- pull_request
event: [ push, pull_request ]
branch: [ master ]
- name: tag-test-mysql
pull: always
image: golang:1.12
commands:
- "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
- apt-get install -y git-lfs
- timeout -s ABRT 20m make test-mysql-migration
- timeout -s ABRT 20m make test-mysql
test-mysql:
image: golang:1.11
pull: true
group: test
environment:
TAGS: bindata
TEST_LDAP: 1
depends_on:
- build
TEST_LDAP: "1"
commands:
- curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash
- apt-get install -y git-lfs
- make test-mysql
when:
event:
- tag
event: [ tag ]
- name: test-mysql8
pull: always
image: golang:1.12
commands:
- "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
- apt-get install -y git-lfs
- timeout -s ABRT 20m make test-mysql8-migration
- timeout -s ABRT 20m make test-mysql8
test-pgsql:
image: golang:1.11
pull: true
group: test
environment:
TAGS: bindata
TEST_LDAP: 1
depends_on:
- build
- name: test-pgsql
pull: always
image: golang:1.12
TEST_LDAP: "1"
commands:
- "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
- curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash
- apt-get install -y git-lfs
- timeout -s ABRT 20m make test-pgsql-migration
- timeout -s ABRT 20m make test-pgsql
- make test-pgsql
when:
event: [ push, tag, pull_request ]
generate-coverage:
image: golang:1.11
pull: true
environment:
TAGS: bindata
TEST_LDAP: 1
depends_on:
- build
- name: test-mssql
pull: always
image: golang:1.12
commands:
- "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
- apt-get install -y git-lfs
- make test-mssql-migration
- make test-mssql
environment:
TAGS: bindata
TEST_LDAP: 1
depends_on:
- build
- name: generate-coverage
pull: always
image: golang:1.12
commands:
- make coverage
environment:
TAGS: bindata
depends_on:
- unit-test
- test-mysql
when:
branch:
- master
event:
- push
- pull_request
event: [ push, pull_request ]
branch: [ master ]
- name: coverage
pull: always
coverage:
image: robertstettner/drone-codecov
settings:
files:
- coverage.all
environment:
CODECOV_TOKEN:
from_secret: codecov_token
depends_on:
- generate-coverage
secrets: [ codecov_token ]
files:
- coverage.all
when:
branch:
- master
event:
- push
- pull_request
event: [ push, pull_request ]
branch: [ master ]
---
kind: pipeline
name: translations
platform:
os: linux
arch: amd64
workspace:
base: /go
path: src/code.gitea.io/gitea
trigger:
branch:
- master
event:
- push
steps:
- name: download
pull: always
image: jonasfranz/crowdin
settings:
download: true
export_dir: options/locale/
ignore_branch: true
project_identifier: gitea
static:
image: karalabe/xgo-latest:latest
pull: true
environment:
CROWDIN_KEY:
from_secret: crowdin_key
- name: update
pull: default
image: alpine:3.10
commands:
- mv ./options/locale/locale_en-US.ini ./options/
- "sed -i -e 's/=\"/=/g' -e 's/\"$$//g' ./options/locale/*.ini"
- "sed -i -e 's/\\\\\\\\\"/\"/g' ./options/locale/*.ini"
- mv ./options/locale_en-US.ini ./options/locale/
- name: push
pull: always
image: appleboy/drone-git-push
settings:
author_email: "teabot@gitea.io"
author_name: GiteaBot
commit: true
commit_message: "[skip ci] Updated translations via Crowdin"
remote: "git@github.com:go-gitea/gitea.git"
environment:
GIT_PUSH_SSH_KEY:
from_secret: git_push_ssh_key
- name: upload_translations
pull: always
image: jonasfranz/crowdin
settings:
files:
locale_en-US.ini: options/locale/locale_en-US.ini
ignore_branch: true
project_identifier: gitea
environment:
CROWDIN_KEY:
from_secret: crowdin_key
---
kind: pipeline
name: release-master
platform:
os: linux
arch: amd64
workspace:
base: /go
path: src/code.gitea.io/gitea
trigger:
branch:
- master
- "release/*"
event:
- push
depends_on:
- testing
- translations
steps:
- name: fetch-tags
pull: default
image: docker:git
commands:
- git fetch --tags --force
- name: static
pull: always
image: techknowlogick/xgo:latest
TAGS: bindata sqlite
commands:
- export PATH=$PATH:$GOPATH/bin
- make generate
- make release
environment:
TAGS: bindata sqlite sqlite_unlock_notify
- name: gpg-sign
pull: always
image: plugins/gpgsign:1
settings:
detach_sign: true
excludes:
- "dist/release/*.sha256"
files:
- "dist/release/*"
environment:
GPGSIGN_KEY:
from_secret: gpgsign_key
GPGSIGN_PASSPHRASE:
from_secret: gpgsign_passphrase
depends_on:
- static
- name: release-branch-release
pull: always
image: plugins/s3:1
settings:
acl: public-read
bucket: releases
endpoint: https://storage.gitea.io
path_style: true
source: "dist/release/*"
strip_prefix: dist/release/
target: "/gitea/${DRONE_BRANCH##release/v}"
environment:
AWS_ACCESS_KEY_ID:
from_secret: aws_access_key_id
AWS_SECRET_ACCESS_KEY:
from_secret: aws_secret_access_key
depends_on:
- gpg-sign
when:
branch:
- "release/*"
event:
- push
event: [ push, tag ]
- name: release
pull: always
image: plugins/s3:1
settings:
acl: public-read
bucket: releases
endpoint: https://storage.gitea.io
path_style: true
source: "dist/release/*"
strip_prefix: dist/release/
target: /gitea/master
environment:
AWS_ACCESS_KEY_ID:
from_secret: aws_access_key_id
AWS_SECRET_ACCESS_KEY:
from_secret: aws_secret_access_key
depends_on:
- gpg-sign
when:
branch:
- master
event:
- push
---
kind: pipeline
name: release-version
platform:
os: linux
arch: amd64
workspace:
base: /go
path: src/code.gitea.io/gitea
trigger:
event:
- tag
depends_on:
- testing
- translations
steps:
- name: fetch-tags
pull: default
image: docker:git
commands:
- git fetch --tags --force
- name: static
pull: always
image: techknowlogick/xgo:latest
commands:
- export PATH=$PATH:$GOPATH/bin
- make generate
- make release
environment:
TAGS: bindata sqlite sqlite_unlock_notify
- name: gpg-sign
pull: always
image: plugins/gpgsign:1
settings:
detach_sign: true
excludes:
- "dist/release/*.sha256"
files:
- "dist/release/*"
environment:
GPGSIGN_KEY:
from_secret: gpgsign_key
GPGSIGN_PASSPHRASE:
from_secret: gpgsign_passphrase
depends_on:
- static
- name: release
pull: always
image: plugins/s3:1
settings:
acl: public-read
bucket: releases
endpoint: https://storage.gitea.io
path_style: true
source: "dist/release/*"
strip_prefix: dist/release/
target: "/gitea/${DRONE_TAG##v}"
environment:
AWS_ACCESS_KEY_ID:
from_secret: aws_access_key_id
AWS_SECRET_ACCESS_KEY:
from_secret: aws_secret_access_key
depends_on:
- gpg-sign
- name: github
pull: always
image: plugins/github-release:1
settings:
files:
- "dist/release/*"
environment:
GITHUB_TOKEN:
from_secret: github_token
depends_on:
- gpg-sign
---
kind: pipeline
name: docs
platform:
os: linux
arch: amd64
workspace:
base: /go
path: src/code.gitea.io/gitea
steps:
- name: build-docs
pull: always
build-docs:
image: webhippie/hugo:latest
pull: true
commands:
- cd docs
- make trans-copy
- make clean
- make build
- name: publish-docs
pull: always
publish-docs:
image: lucap/drone-netlify:latest
settings:
path: docs/public/
site_id: d2260bae-7861-4c02-8646-8f6440b12672
environment:
NETLIFY_TOKEN:
from_secret: netlify_token
pull: true
secrets: [ netlify_token ]
site_id: d2260bae-7861-4c02-8646-8f6440b12672
path: docs/public/
when:
branch:
- master
event:
- push
event: [ push ]
branch: [ master ]
---
kind: pipeline
name: docker
platform:
os: linux
arch: amd64
workspace:
base: /go
path: src/code.gitea.io/gitea
steps:
- name: fetch-tags
pull: default
image: docker:git
commands:
- git fetch --tags --force
docker:
image: plugins/docker:17.12
pull: true
secrets: [ docker_username, docker_password ]
repo: gitea/gitea
tags: [ '${DRONE_BRANCH##release/v}' ]
when:
event:
exclude:
- pull_request
event: [ push ]
branch: [ release/* ]
- name: dryrun
pull: always
image: plugins/docker:18.09
settings:
cache_from: gitea/gitea
dry_run: true
repo: gitea/gitea
docker:
image: plugins/docker:17.12
secrets: [ docker_username, docker_password ]
pull: true
repo: gitea/gitea
default_tags: true
when:
event:
- pull_request
event: [ push, tag ]
- name: release
pull: always
image: plugins/docker:18.09
settings:
cache_from: gitea/gitea
repo: gitea/gitea
tags:
- "${DRONE_BRANCH##release/v}"
environment:
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USERNAME:
from_secret: docker_username
depends_on:
- dryrun
gpg-sign:
image: plugins/gpgsign:1
pull: true
secrets: [ gpgsign_key, gpgsign_passphrase ]
detach_sign: true
files:
- dist/release/*
excludes:
- dist/release/*.sha256
when:
branch:
- "release/*"
event:
- push
event: [ push, tag ]
- name: latest
pull: always
image: plugins/docker:18.09
settings:
cache_from: gitea/gitea
default_tags: true
repo: gitea/gitea
environment:
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USERNAME:
from_secret: docker_username
depends_on:
- dryrun
release:
image: plugins/s3:1
pull: true
secrets: [ aws_access_key_id, aws_secret_access_key ]
bucket: releases
endpoint: https://storage.gitea.io
path_style: true
strip_prefix: dist/release/
source: dist/release/*
target: /gitea/${DRONE_TAG##v}
when:
branch:
- master
event:
- push
- tag
event: [ tag ]
---
kind: pipeline
name: notify
release:
image: plugins/s3:1
pull: true
secrets: [ aws_access_key_id, aws_secret_access_key ]
bucket: releases
endpoint: https://storage.gitea.io
path_style: true
strip_prefix: dist/release/
source: dist/release/*
target: /gitea/${DRONE_BRANCH##release/v}
when:
event: [ push ]
branch: [ release/* ]
platform:
os: linux
arch: amd64
release:
image: plugins/s3:1
pull: true
secrets: [ aws_access_key_id, aws_secret_access_key ]
bucket: releases
endpoint: https://storage.gitea.io
path_style: true
strip_prefix: dist/release/
source: dist/release/*
target: /gitea/master
when:
event: [ push ]
branch: [ master ]
workspace:
base: /go
path: src/code.gitea.io/gitea
github:
image: plugins/github-release:1
pull: true
secrets: [ github_token ]
files:
- dist/release/*
when:
event: [ tag ]
when:
status:
- success
- failure
upload_translations:
image: jonasfranz/crowdin
pull: true
secrets: [ crowdin_key ]
project_identifier: gitea
ignore_branch: true
download: false
files:
locale_en-US.ini: options/locale/locale_en-US.ini
when:
event: [ push ]
branch: [ master ]
depends_on:
- testing
- translations
- release-version
- release-master
- docker
- docs
steps:
- name: discord
pull: always
discord:
image: appleboy/drone-discord:1.0.0
pull: true
secrets: [ discord_webhook_id, discord_webhook_token ]
when:
event: [ push, tag, pull_request ]
status: [ changed, failure ]
services:
mysql:
image: mysql:5.7
environment:
DISCORD_WEBHOOK_ID:
from_secret: discord_webhook_id
DISCORD_WEBHOOK_TOKEN:
from_secret: discord_webhook_token
- MYSQL_DATABASE=test
- MYSQL_ALLOW_EMPTY_PASSWORD=yes
when:
event: [ push, tag, pull_request ]
pgsql:
image: postgres:9.5
environment:
- POSTGRES_DB=test
when:
event: [ push, tag, pull_request ]
ldap:
image: gitea/test-openldap:latest
when:
event: [ push, tag, pull_request ]

5
.editorconfig
View File

@@ -1,4 +1,5 @@
# http://editorconfig.org
root = true
[*]
@@ -14,11 +15,11 @@ indent_size = 8
indent_style = tab
indent_size = 4
[*.less]
[*.{less}]
indent_style = space
indent_size = 4
[*.{yml,json}]
[*.{yml}]
indent_style = space
indent_size = 2

25
.eslintrc
View File

@@ -1,25 +0,0 @@
root: true
extends:
- eslint:recommended
parserOptions:
ecmaVersion: 2015
env:
browser: true
jquery: true
es6: true
globals:
Clipboard: false
CodeMirror: false
emojify: false
SimpleMDE: false
Vue: false
Dropzone: false
u2fApi: false
hljs: false
rules:
no-unused-vars: [error, {args: all, argsIgnorePattern: ^_, varsIgnorePattern: ^_, ignoreRestSiblings: true}]

1
.github/FUNDING.yml vendored
View File

@@ -1 +0,0 @@
open_collective: gitea

6
.github/issue_template.md vendored
View File

@@ -1,9 +1,7 @@
<!-- NOTE: If your issue is a security concern, please send an email to security@gitea.io instead of opening a public issue -->
<!--
1. Please speak English, this is the language all maintainers can speak and write.
1. Please speak English, this is the language all of us can speak and write.
2. Please ask questions or configuration/deploy problems on our Discord
server (https://discord.gg/gitea) or forum (https://discourse.gitea.io).
server (https://discord.gg/NsatcWJ) or forum (https://discourse.gitea.io).
3. Please take a moment to check that your issue doesn't already exist.
4. Please give all relevant information below for bug reports, because
incomplete details will be handled as an invalid report.

53
.github/stale.yml vendored
View File

@@ -1,53 +0,0 @@
# Configuration for probot-stale - https://github.com/probot/stale
# Number of days of inactivity before an Issue or Pull Request becomes stale
daysUntilStale: 60
# Number of days of inactivity before an Issue or Pull Request with the stale label is closed.
# Set to false to disable. If disabled, issues still need to be closed manually, but will remain marked as stale.
daysUntilClose: 14
# Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable
exemptLabels:
- status/blocked
- kind/security
- lgtm/done
- reviewed/confirmed
- priority/critical
- kind/proposal
# Set to true to ignore issues in a project (defaults to false)
exemptProjects: false
# Set to true to ignore issues in a milestone (defaults to false)
exemptMilestones: false
# Label to use when marking as stale
staleLabel: stale
# Comment to post when marking as stale. Set to `false` to disable
markComment: >
This issue has been automatically marked as stale because it has not had
recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you
for your contributions.
# Comment to post when closing a stale Issue or Pull Request.
closeComment: >
This issue has been automatically closed because of inactivity.
You can re-open it if needed.
# Limit the number of actions per hour, from 1-30. Default is 30
limitPerRun: 1
# Optionally, specify configuration settings that are specific to just 'issues' or 'pulls':
pulls:
daysUntilStale: 60
daysUntilClose: 60
markComment: >
This pull request has been automatically marked as stale because it has not had
recent activity. It will be closed if no further activity occurs during the next 2 months. Thank you
for your contributions.
closeComment: >
This pull request has been automatically closed because of inactivity.
You can re-open it if needed.

10
.gitignore vendored
View File

@@ -51,23 +51,15 @@ coverage.all
/log
/public/img/avatar
/integrations/gitea-integration-mysql
/integrations/gitea-integration-mysql8
/integrations/gitea-integration-pgsql
/integrations/gitea-integration-sqlite
/integrations/gitea-integration-mssql
/integrations/indexers-mysql
/integrations/indexers-mysql8
/integrations/indexers-pgsql
/integrations/indexers-sqlite
/integrations/indexers-mssql
/integrations/mysql.ini
/integrations/mysql8.ini
/integrations/pgsql.ini
/integrations/mssql.ini
/node_modules
/modules/indexer/issues/indexers
routers/repo/authorized_keys
/yarn.lock
# Snapcraft
snap/.snapcraft/

97
.golangci.yml
View File

@@ -1,97 +0,0 @@
linters:
enable:
- gosimple
- deadcode
- typecheck
- govet
- errcheck
- staticcheck
- unused
- structcheck
- varcheck
- golint
- dupl
#- gocyclo # The cyclomatic complexety of a lot of functions is too high, we should refactor those another time.
- gofmt
- misspell
- gocritic
enable-all: false
disable-all: true
fast: false
linters-settings:
gocritic:
disabled-checks:
- ifElseChain
- singleCaseSwitch # Every time this occured in the code, there was no other way.
issues:
exclude-rules:
# Exclude some linters from running on tests files.
- path: _test\.go
linters:
- gocyclo
- errcheck
- dupl
- gosec
- unparam
- staticcheck
- path: models/migrations/v
linters:
- gocyclo
- errcheck
- dupl
- gosec
- linters:
- dupl
text: "webhook"
- linters:
- gocritic
text: "`ID' should not be capitalized"
- path: modules/templates/helper.go
linters:
- gocritic
- linters:
- unused
- deadcode
text: "swagger"
- path: contrib/pr/checkout.go
linters:
- errcheck
- path: models/issue.go
linters:
- errcheck
- path: models/migrations/
linters:
- errcheck
- path: modules/log/
linters:
- errcheck
- path: routers/routes/routes.go
linters:
- dupl
- path: routers/repo/view.go
linters:
- dupl
- path: models/migrations/
linters:
- unused
- linters:
- staticcheck
text: "argument x is overwritten before first use"
- path: modules/httplib/httplib.go
linters:
- staticcheck
# Enabling this would require refactoring the methods and how they are called.
- path: models/issue_comment_list.go
linters:
- dupl
# "Destroy" is misspelled in github.com/go-macaron/session/session.go:213 so it's not our responsability to fix it
- path: modules/session/virtual.go
linters:
- misspell
text: '`Destory` is a misspelling of `Destroy`'
- path: modules/session/memory.go
linters:
- misspell
text: '`Destory` is a misspelling of `Destroy`'

1
.npmrc
View File

@@ -1 +0,0 @@
save-exact=true

25
.revive.toml
View File

@@ -1,25 +0,0 @@
ignoreGeneratedHeader = false
severity = "warning"
confidence = 0.8
errorCode = 1
warningCode = 1
[rule.blank-imports]
[rule.context-as-argument]
[rule.context-keys-type]
[rule.dot-imports]
[rule.error-return]
[rule.error-strings]
[rule.error-naming]
[rule.exported]
[rule.if-return]
[rule.increment-decrement]
[rule.var-naming]
[rule.var-declaration]
[rule.package-comments]
[rule.range]
[rule.receiver-naming]
[rule.time-naming]
[rule.unexported-return]
[rule.indent-error-flow]
[rule.errorf]

11
.stylelintrc
View File

@@ -1,11 +0,0 @@
extends: stylelint-config-standard
rules:
block-closing-brace-empty-line-before: null
color-hex-length: null
comment-empty-line-before: null
declaration-empty-line-before: null
indentation: 4
no-descending-specificity: null
rule-empty-line-before: null
selector-pseudo-element-colon-notation: null

843
CHANGELOG.md
View File

@@ -4,849 +4,6 @@ This changelog goes through all the changes that have been made in each release
without substantial changes to our git log; to see the highlights of what has
been added to each release, please refer to the [blog](https://blog.gitea.io).
## [1.9.0-RC1](https://github.com/go-gitea/gitea/releases/tag/v1.9.0-rc1) - 2019-07-06
* BREAKING
* Better logging (#6038) (#6095)
* FEATURE
* Content API for Creating, Updating, Deleting Files (#6314)
* Enable tls-alpn-01: Use certmanager provided TLSConfig for LetsEncrypt (#7229)
* Add command to convert mysql database from utf8 to utf8mb4 (#7144)
* Fixes #2738 - Adds the /git/tags API endpoint (#7138)
* Compare branches, commits and tags with each other (#6991)
* Show Pull Request button or status of latest PR in branch list (#6990)
* Repository avatars (#6986)
* Show git-notes (#6984)
* Add commit statuses reports on pull request view (#6845)
* Number of commits ahead/behind in branch overview (#6695)
* Add CLI commands to manage LDAP authentication source (#6681)
* Add support for MS Teams webhooks (#6632)
* OAuth2 Grant UI (#6625)
* Add SUBJECT_PREFIX mailer config option (#6605)
* Include custom configuration file in dump (#6516)
* Add API for manipulating Git hooks (#6436)
* Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290)
* Add option to blame files (#5721)
* Implement Default Webhooks (#4299)
* Telegram webhook (#4227)
* BUGFIXES
* Correctly adjust mirror url (#6593)
* Handle early git version's lack of get-url (#7065)
* Fix icon position in issue view (#7354)
* Cut timeline length with last element on issue view (#7355)
* Fix mirror repository webhooks (#7366)
* Fix api route for hooks (#7346)
* Fix bug conflict between SyncReleasesWithTags and InsertReleases (#7337)
* Fix pull view ui merge section (#7335)
* Fix 7303 - remove unnessesary buttons on archived repos (#7326)
* Fix topic bar to allow prefixes (#7325)
* Fixes #7152 - Allow create/update/delete message to be empty, use default message (#7324)
* Fixes #7238 - Annotated tag commit ID incorrect (#7321)
* Dark theme fixes (#7319)
* Gitea own dark codemirror theme (#7317)
* Fixes #7292 - API File Contents bug (#7301)
* Fix API link header (#7298)
* Fix extra newlines when copying from diff in Firefox (#7288)
* Make diff line-marker non-selectable (#7279)
* Fix Submodule dection in subdir (#7275)
* Fix error log when loading issues caused by a xorm bug (#7271)
* Add .fa icon margin like .octicon (#7258)
* Fix hljs unintenionally highlighting commit links (#7244)
* Only check and config git on web subcommand but not others (#7236)
* Fix migration panic when Head.User is not exist (#7226)
* Only warn on errors in deleting LFS orphaned files during repo deletion (#7213)
* Fix duplicated file on pull request conflicted files (#7211)
* Allow colon between fixing word and issue (#7207)
* Fix overflow issues in repo (#7190)
* API error cleanup (#7186)
* Add error for fork already existing (#7185)
* Fixes diff on merged pull requests (#7171)
* If milestone id is zero don't get it from database (#7169)
* Fix pusher name via ssh push (#7167)
* Fix database lock when use random repository fallback image (#7166)
* Various fixes for issue mail notifications (#7165)
* Allow archived repos to be (un)starred and (un)watched (#7163)
* Fix GCArgs load from ini (#7156)
* Detect noreply email address as user (#7133)
* Avoid arbitrary format strings upon calling fail() function (#7112)
* Validate External Tracker URL Format (#7089)
* Repository avatar fallback configuration (#7087)
* Fix #732: Add LFS objects to base repository on merging (#7082)
* Install page - Handle invalid administrator username better (#7060)
* Workaround for posting single comments in split diff view (#7052)
* Fix possbile mysql invalid connnection error (#7051)
* Fix charset was not saved after installation finished (#7048)
* Handle insecure and ports in go get (#7041)
* Avoid bad database state after failed migration (#7040)
* Fix wrong init dependency on markup extensions (#7038)
* Fix default for allowing new organization creation for new users (#7017)
* Fix content download and /verify LFS handler expecting wrong content-type (#7015)
* Fix missing repo description when migrating (#7000)
* Fix LFS Locks over SSH (#6999)
* Do not attempt to return blob on submodule (#6996)
* Fix U2F for Chrome >= 74 (#6980)
* Fix index produces problem when issues/pulls deleted (#6973)
* Allow collaborators to view repo owned by private org (#6965)
* Stop running hooks on pr merge (#6963)
* Run hooks on merge/edit and cope with protected branches (#6961)
* Webhook Logs show proper HTTP Method, and allow change HTTP method in form (#6953)
* Stop colorizing log files by default (#6949)
* Rotate serv.log, http.log and hook logs and stop stacktracing in these (#6935)
* Fix plain text overflow line wrap (#6915)
* Fix input size for dependency select (#6913)
* Change drone token name to let users know to use oauth2 (#6912)
* Fix syntax highlight in blame view #6895 (#6909)
* Use AppURL for Oauth user link (#6894)
* Fixes #6881 - API users search fix (#6882)
* Fix 404 when send pull request some situation (#6871)
* Enforce osusergo build tag for releases (#6862)
* Fix 500 when reviewer is deleted with integration tests (#6856)
* Fix v85.go (#6851)
* Make dropTableColumns drop columns on sqlite and constraints on all (#6849)
* Fix double-generation of scratch token (#6832) (#6833)
* When mirroring we should set the remote to mirror (#6824)
* Fix the v78 migration "Drop is_bare" on MSSQL #6707 (#6823)
* Change verbose flag in dump command to avoid colliding with global version flag (#6822)
* Fix #6813: Allow git.GetTree to take both commit and tree names (#6816)
* Remove `seen` map from `getLastCommitForPaths` (#6807)
* Show scrollbar only when needed (#6802)
* Restore IsWindows variable assignment (#6722) (#6790)
* Service worker js is a missing comma (#6788)
* Fix team edit API panic (#6780)
* Set user search base field optional in LDAP (simple auth) edit page (#6779)
* Ignore already existing public keys after ldap sync (#6766)
* Fix pulls broken when fork repository deleted (#6754)
* Fix missing return (#6751)
* Fix new team 500 (#6749)
* OAuth2 token can be used in basic auth (#6747)
* Fix org visibility bug when git cloning (#6743)
* Fix bug when sort repos on org home page login with non-admin (#6741)
* Stricter domain name pattern in email regex (#6739)
* Fix admin template error (#6737)
* Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736)
* UI: Detect and restore encoding and BOM in content (#6727)
* Load issue attributes when editing an issue with API (#6723)
* Fix team members API (#6714)
* Unfortunately MemProvider Init does not actually Init properly (#6692)
* Fix partial reversion of #6657 caused by #6314 (#6685)
* Prevent creating empty sessions (#6677)
* Fixes #6659 - Swagger schemes selection default to page's protocol (#6660)
* Update highlight.js to 9.15.6 (#6658)
* Properly escape on the redirect from the web editor (#6657)
* Fix #6655 - Don't EscapePound .Link as it is already escaped (#6656)
* Use ctx.metas for SHA hash links (#6645)
* Fix wrong GPG expire date (#6643)
* upgrade version of lib/pq to v1.1.0 (#6640)
* Fix forking an empty repository (#6637)
* Fix issuer of OTP URI should be URI-encoded. (#6634)
* Return a UserList from /api/v1/admin/users (#6629)
* Add json tags for oauth2 form (#6627)
* Remove extra slash from twitter card (#6619)
* remove bash requirement in makefile (#6617)
* Fix Open Graph og:image link (#6612)
* Fix cross-compile builds (#6609)
* Change commit summary to full message in API (#6591)
* Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579)
* Prevent server 500 on compare branches with no common history (#6555)
* Properly escape release attachment URL (#6512)
* Delete local branch when repo branch is deleted (#6497)
* Fix bug when user login and want to resend register confirmation email (#6482)
* Fix upload attachments (#6481)
* Avoid multi-clicks in oauth2 login (#6467)
* Hacky fix for alignment of the create-organization dialog (#6455)
* Change order that PostProcess Processors are run (#6445)
* Clean up ref name rules (#6437)
* Fix Hook & HookList in Swagger (#6432)
* Fixed unitTypeCode not being used in accessLevelUnit (#6419)
* Display correct error for invalid mirror interval (#6414)
* Don't Unescape redirect_to cookie value (#6399)
* Fix dump table name error and add some test for dump database (#6394)
* Fix migrations 82 to ignore unsynced tags between database and git data and missing is_archived on repository table (#6387)
* Make sure units of a team are returned (#6379)
* Fix bug manifest.json will not request with cookie so that session will created every request (#6372)
* Disable benchmarking during tag events on DroneIO (#6365)
* Comments list performance optimization (#5305)
* ENHANCEMENT
* Add API Endpoint for Repo Edit (#7006)
* Add state param to milestone listing API (#7131)
* Make captcha and password optional for external accounts (#6606)
* Detect migrating batch size (#7353)
* Fix 7255 - wrap long texts on user profile info (#7333)
* Use commit graph files for listing pages (#7314)
* Add git command line commitgraph support global default true when git version >= 2.18 (#7313)
* Add LFS_START_SERVER option to control git-lfs support (#7281)
* Dark theme markdown fixes (#7260)
* Update go-git to v4.12.0 (#7249)
* Show lfs config on admin panel (#7220)
* Disable same user check for internal SSH (#7215)
* Add LastLogin to the User API (#7196)
* Add missing description of label on API (#7159)
* Use go method to calculate ssh key fingerprint (#7128)
* Enable Rust highlighting (#7125)
* Refactor submodule URL parsing (#7100)
* Change issue mail title. (#7064)
* Use batch insert on migrating repository to make the process faster (#7050)
* Improve github downloader on migrations (#7049)
* When git version >= 2.18, git command could run with git wire protocol version 2 param if enabled (#7047)
* Fix Erlang and Elixir highlight mappings (#7044)
* API Org Visibility (#7028)
* Improve handling of non-square avatars (#7025)
* Bugfix: Align comment label and actions to the right (#7024)
* Change UpdateRepoIndex api to include watchers (#7012)
* Move serv hook functionality & drop GitLogger (#6993)
* Add support of utf8mb4 for mysql (#6992)
* Make webhook http connections resuable (#6976)
* Move xorm logger bridge from log to models so that log module could be a standalone package (#6944)
* Refactor models.NewRepoContext to extract git related codes to modules/git (#6941)
* Remove macaron dependent on models (#6940)
* Add less linter via npx (#6936)
* Remove macaron dependent on modules/log (#6933)
* Remove macaron dependent on models/mail.go (#6931)
* Clean less files (#6921)
* Fix code overflow (#6914)
* Style orgs list in user profile (#6911)
* Improve description of branch protection (fix #6886) (#6906)
* Move sdk structs to modules/structs (#6905)
* update sdk to latest (#6903)
* Escape the commit message on issues update and title in telegram hook (#6901)
* SearchRepositoryByName improvements and unification (#6897)
* Change the color of issues/pulls list, merged is purple and closed is red (#6874)
* Refactor table width to have more info shown in file list (#6867)
* Monitor all git commands; move blame to git package and replace git as a variable (#6864)
* Fix config ui error about cache ttl (#6861)
* Improve localization of git activity stats (#6848)
* Generate access token in admin cli (#6847)
* Update github.com/urfave/cli to version 1.2.0 (#6838)
* Rename LFS_JWT_SECRET cli option to include OAUTH2 as well (#6826)
* internal/ssh: ignore env command totally (#6825)
* Allow Recaptcha service url to be configured (#6820)
* update github.com/mcuadros/go-version to v0.0.0-20190308113854-92cdf37c5b75 (#6815)
* Use modules/git for git commands (#6775)
* Add GET requests to webhook (#6771)
* Move PushUpdate dependency from models to repofiles (#6763)
* Tweak tab text and icon colors (#6760)
* Ignore non-standard refs in git push (#6758)
* Disable web preview for telegram webhook (#6719)
* Show full name if DEFAULT_SHOW_FULL_NAME setting enabled (#6710)
* Reorder file actions (#6706)
* README WordPress the code is overflowing #6679 (#6696)
* Improve issue reference on commit (#6694)
* Handle redirects for git clone commands (#6688)
* Fix one performance/correctness regression in #6478 found on Rails repository. (#6686)
* API OTP Context (#6674)
* Remove local clones & make hooks run on merge/edit/upload (#6672)
* Bump github.com/stretchr/testify from 1.2.2 to 1.3.0 (#6663)
* Bump gopkg.in/src-d/go-git.v4 from 4.8.0 to 4.10.0 (#6662)
* Fix dropdown icon padding (#6651)
* Add more title attributes on shortened names (#6647)
* Update UI for topics labels on projects (#6639)
* Trace Logging on Permission Denied & ColorFormat (#6618)
* Add .gpg url (match github behaviour) (#6610)
* Support for custom GITEA_CUSTOM env var in docker(#6608)
* Show "delete branch" button on closed pull requests (#6570) (#6601)
* Add option to disable refresh token invalidation (#6584)
* Fix new repo dropdown alignment (#6583)
* Fix mail notification when close/reopen issue (#6581)
* Pre-calculate the absolute path of git (#6575)
* Minor CSS cleanup for the navbar (#6553)
* Render SHA1 links as code blocks (#6546)
* Add username flag in create-user command (#6534)
* Unifies pagination template usage (#6531) (#6533)
* Fixes pagination width on mobile view (#5711) (#6532)
* Improve SHA1 link detection (#6526)
* Fixes #6446 - Sort team members and team's repositories (#6525)
* Use stricter boundaries for auto-link detection (#6522)
* Use regular line-height on frontpage entries (#6518)
* Fixes #6514 - New Pull Request on files and pulls pages the same (#6515)
* Make distinction between DisplayName and Username in email templates (#6495)
* Add X-Auto-Response-Suppress header to outgoing messages (#6492)
* Cleaned permission checks for API -> site admin can now do anything (#6483)
* Support search operators for commits search (#6479)
* Improve listing performance by using go-git (#6478)
* Fix repo sub_menu font color in arc-green (#6477)
* Show last commit status in pull request lists (#6465)
* Add signatures to webhooks (#6428)
* Optimize all images in public/img (#6427)
* Add golangci (#6418)
* Make "Ghost" not link to 404 page (#6410)
* Include more variables on admin/config page (#6378)
* Markdown: enable some more extensions (#6362)
* Include repo name in page title tag (#6343)
* Show locale string on timestamp (#6324)
* Handle CORS requests (#6289)
* Improve issue autolinks (#6273)
* Migration Tweaks (#6260)
* Add title attributes to all items in the repo list viewer (#6258)
* Issue indexer queue redis support (#6218)
* Add bio field for user (#6113)
* Make the version within makefile overwriteable (#6080)
* Updates to API 404 responses (#6077)
* Use Go1.11 module (#5743)
* UX + Security current user password reset (#5042)
* Refactor: append, build variable and type switch (#4940)
* Git statistics in Activity tab (#4724)
* Drop the bits argument when generating an ed25519 key (#6504)
* SECURITY
* Shadow the password on cache and session config on admin panel (#7300)
* TESTING
* Exclude pull_request from fetch-tags step, fixes #7108 (#7120)
* Refactor and improve git test (#7086)
* Fix TestSearchRepo by waiting till indexing is done (#7004)
* Add mssql migration tests (needs #6823) (#6852)
* Add tests for Org API (#6731)
* Context.ServerError and NotFound should log from their caller (#6550)
* TRANSLATION
* Add french specific rule for translating plural texts (#6846)
* BUILD
* Update mssql driver to last working version 20180314172330-6a30f4e59a44 (#7306)
* Alpine 3.10 (#7256)
* Use vfsgen instead of go-bindata (#7080)
* remove and disable package-lock (#6969)
* add make targets for js and css, add js linter (#6952)
* Added tags pull step to drone config to show correct version hashes i… (#6836)
* Make CustomPath, CustomConf and AppWorkPath configurable at build (#6631)
* chore: update drone format to 1.0 (#6602)
* Fix race in integration testlogger (#6556)
* Quieter Integration Tests (#6513)
* Drop the docker Makefile from the image (#6507)
* Add make version on gitea version (#6485)
* Fix #6468 - Uses space match and adds newline for all sed flavors (#6473)
* Move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* Update npm dependencies and various tweaks (#7344)
* Fix updated drone file (#7336)
* Add 'npm' and 'npm-update' make targets and lockfile (#7246)
* DOCS
* Add work path CLI option (#6922)
* Fix logging documentation (#6904)
* Some logging documentation (#6498)
* Fix link to Hacking on Gitea on From-Source doc page (#6471)
* Fix typos in docs command-line examples (#6466)
* Added docker example for backup (#5846)
## [1.8.3](https://github.com/go-gitea/gitea/releases/tag/v1.8.3) - 2019-06-17
* BUGFIXES
* Always set userID on LFS authentication (#7224) (Part of #6993)
* Fix LFS Locks over SSH (#6999) (#7223)
* Fix duplicated file on pull request conflicted files (#7211) (#7214)
* Detect noreply email address as user (#7133) (#7195)
* Don't get milestone from DB if ID is zero (#7169) (#7174)
* Allow archived repos to be (un)starred and (un)watched (#7163) (#7168)
* Fix GCArgs load from ini (#7156) (#7157)
## [1.8.2](https://github.com/go-gitea/gitea/releases/tag/v1.8.2) - 2019-05-29
* BUGFIXES
* Fix possbile mysql invalid connnection error (#7051) (#7071)
* Handle invalid administrator username on install page (#7060) (#7063)
* Disable arm7 builds (#7037) (#7042)
* Fix default for allowing new organization creation for new users (#7017) (#7034)
* SearchRepositoryByName improvements and unification (#6897) (#7002)
* Fix u2f registrationlist ToRegistrations() method (#6980) (#6982)
* Allow collaborators to view repo owned by private org (#6965) (#6968)
* Use AppURL for Oauth user link (#6894) (#6925)
* Escape the commit message on issues update (#6901) (#6902)
* Fix regression for API users search (#6882) (#6885)
* Handle early git version's lack of get-url (#7065) (#7076)
* Fix wrong init dependency on markup extensions (#7038) (#7074)
## [1.8.1](https://github.com/go-gitea/gitea/releases/tag/v1.8.1) - 2019-05-08
* BUGFIXES
* Fix 404 when sending pull requests in some situations (#6871) (#6873)
* Enforce osusergo build tag for releases (#6862) (#6869)
* Don't post process commit summary in templates (#6842) (#6868)
* Fix 500 when reviewer is deleted (#6856) (#6860)
* Fix v78 migration for MSSQL (#6823) (#6854)
* Added tags pull step to drone config to show correct version hashes (#6836) (#6839)
* Fix double-generation of scratch token (#6833) (#6835)
* When mirroring we should set the remote to mirror (#6824) (#6834)
* Show scrollbar only when needed (#6802) (#6803)
* Service worker js is missing a comma (#6788) (#6795)
* Set user search base field optional in LDAP (simple auth) edit page (#6779) (#6789)
* Fix team edit API panic (#6780) (#6785)
* Minor CSS cleanup for the navbar (#6553) (#6781)
* Stricter domain name pattern in email regex (#6739) (#6768)
* Detect and restore encoding and BOM in content (#6727) (#6765)
* Fix org visibility bug when git cloning (#6743) (#6762)
* OAuth2 token can be used in basic auth (#6747) (#6761)
* Fix missing return (#6751) (#6756)
* Fix sorting repos on org home page with non-admin login (#6741) (#6746)
* Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736) (#6744)
* Fix team members API (#6714) (#6729)
* Load issue attributes when editing an issue with API (#6723) (#6725)
* Fix config ui error about cache ttl (#6861) (#6865)
## [1.8.0](https://github.com/go-gitea/gitea/releases/tag/v1.8.0) - 2019-04-20
* SECURITY
* Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
* Resolve 2FA bypass on API (#6676) (#6674)
* Prevent the creation of empty sessions for non-logged in users (#6690) (#6677)
* BREAKING
* Add "ghost" and "notifications" to list of reserved user names. (#6208)
* Change sqlite DB path default to data directory (#6198)
* Adds MustChangePassword to user create/edit API (#6193)
* Disable redirect for i18n (#5910)
* Releases API paging (#5831)
* Allow Macaron to be set to log through to gitea.log (#5667)
* Don't close issues via commits on non-default branch (#5622)
* FEATURE
* Add regenerate secret feature for oauth2 (#6291)
* Expose issue stopwatch toggling via API (#5970)
* Add other session providers (#5963)
* Pull request conflict files detection (#5951)
* Integrate OAuth2 Provider (#5378)
* Implement "conversation lock" for issue comments (#5073)
* Feature: Archive repos (#5009)
* Discord Oauth2 support (#4476)
* Allow to set organization visibility (public, internal, private) (#1763)
* Added URL mapping for Release attachments like on github.com (#1707)
* ENHANCEMENT
* Add support for client basic auth for exchanging access tokens (#6293)
* Add ability to sort issues by due date (#6206) (#6244)
* Style tweaks to issue selection (#6196)
* Increase Username and Orgname MaxSize 35 -> 40 (#6178)
* Coverage profile with multiple packages (#6167)
* Split setting.go to multiple files (#6154)
* Allow labels to contain emoji (#6063)
* Disable git fsck for mirrored repos by default (#6018)
* Add default time out for git operations (#6015)
* Split setting.go as multiple files (#6014)
* Make dashboard navbar and footer full-width (#6013)
* Add lang specific font stacks for CJK (#6007)
* Fix header menu misalignment (#6002)
* Enhance closed PR and Issue status in the list (#6000)
* Make navbar full width (#5998)
* Add option to close issues via commit on a non master branch (#5992)
* Support n as a line highlight prefix (#5987)
* Search for org repos (#3031) (#5986)
* Minor UI tweaks (#5980)
* Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
* Dashboard tweaks (#5974)
* Fixes for repo topic editor (#5971)
* Display the branch name in the commit view (#5950)
* handle milestone events for issues and PR (#5947)
* Add label names as filter in issue search api (#5946)
* Repo header tweaks (#5945)
* Better support for long repo names (#5932)
* Fix wrapping long code lines (#5927)
* Change GPG Validation colors and remove inline CSS (#5404) (#5896)
* Fix "pulls.blocked_by_approvals" text (#5879)
* Rename reject to 'request changes' (#5858)
* Move input fields to add members to a team and repos to a team (#5853)
* Config option to disable automatic repo watching (#5852)
* New Issue ?body= query (#5851)
* Add API to list tags (#5850)
* Pagination for git tree API (#5838)
* Add InternalTokenURI to load InternalToken from an external file (#5812)
* Allow markdown files to read from the LFS (#5787)
* Add the ability to use multiple labels as filters (#5786)
* Adjust log settings when a user is not found. (#5771)
* Log IP of failed ssh connection (#5766)
* Moved defaults in defaults.go to setting.go (#5764)
* Make DB connect more robust (#5738)
* Add Default Pull Request Title (#5735)
* Refactor repo.isBare to repo.isEmpty #5629 (#5714)
* Add flag to skip repository dumping (#5695)
* Prioritize "readme.md" (#5691)
* Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690)
* Allow for user specific themes (#5668)
* Display branch name in delete branch confirmation modal. (#5654)
* New API routes added (#5594)
* Refactor notification for indexer (#5111)
* Refactor mail notification (#5110)
* Show email if the authenticated user owns the profile page being requested for (#4981)
* Optimize pulls merging (#4921)
* Sort Repositories widget by most recently updated (#3963) (#4599)
* Allow markdown table to scroll (#4401)
* Automatically clear stopwatch on merging a PR (#4327)
* Add the Owner Name to differentiate when merging (#3807)
* Add title attributes to all items in the repo list viewer (#6258) (#6650)
* BUGFIXES
* Fix dropdown icon padding (#6651) (#6654)
* Fix wrong GPG expire date (#6643) (#6644)
* Fix forking an empty repository (#6637) (#6653)
* Remove call to EscapePound .Link as it is already escaped (#6656) (#6666)
* Properly escape on the redirect from the web editor (#6657) (#6667)
* Allow resend of confirmation email when logged in (#6482) (#6486)
* Fix mail notification when close/reopen issue (#6581) (#6588)
* Change API commit summary to full message (#6591) (#6592)
* Add option to disable refresh token invalidation (#6584) (#6587)
* Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) (#6586)
* Fix new repo alignment (#6583) (#6585)
* Prevent server 500 on compare branches with no common history (#6555) (#6558)
* Properly escape release attachment URL (#6512) (#6523)
* Hacky fix for alignment of the create-organization dialog (#6455) (#6462)
* Disable benchmarking during tag events on DroneIO (#6365) (#6366)
* Make sure units of a team are returned (#6379) (#6381)
* Don't Unescape redirect_to cookie value (#6399) (#6401)
* Fix dump table name error and add some test for dump database (#6394) (#6402)
* Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403)
* Display correct error for invalid mirror interval (#6414) (#6429)
* Clean up ref name rules (#6437) (#6439)
* Fix Hook & HookList in Swagger (#6432) (#6440)
* Change order that PostProcess Processors are run (#6445) (#6447)
* Clean up various use of escape/unescape functions for URL generation (#6334)
* Return 409 when creating repo if it already exists. (#6330)
* Add same changes from issues page to milestone->issues page (#6328)
* Fix ParsePatch function to work with quoted diff --git strings (#6323)
* Fix reported issue in repo description (#6306)
* Use url.PathEscape to escape the branchname (#6304)
* Add robots.txt as reserved username (#6272)
* Replace linkRegex with xurls library (#6261)
* Remove visitLinksForShortLinks features (#6257)
* Add unit types to repo action URL to correctly show 404 when archived (#6247)
* Check organization visibility before everything else (#6234) (#6235)
* Prevent double-close of issues (#6233)
* Override xorm type mapping for U2F counter (#6232)
* Add isAdmin to user API response (#6231)
* Update git vendor to fix wrong release commit id and add migrations (#6224)
* Fix fork button (#6223)
* Fix renames over redirects (#6216)
* Fix display dashboard even if require to change password (#6214)
* Create a repo redirect when transferring ownership (#6210) (#6211)
* Fix issue update race condition (#6194)
* Fix bug when migrate repository 500 when repo is existed (#6188)
* Fix scrollbar always present on page body (#6177)
* Fix bug when set indexer as db and add tests (#6173)
* Modify linkRegex to require http|https (#6171)
* Fix bug user could change private repository to public when force private enabled. (#6156)
* Fix admin list user/org API (#6143)
* Make repo creation for API similar to UI (#6142)
* Make document body a flexbox (#6139)
* Refactor issue indexer, add some testing and fix a bug (#6131)
* Load Issue attributes for API call (#6122)
* Fix bug when update owner team then visit team's repo return 404 (#6119)
* Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
* Show private organization for admin, fix #6111 (#6112)
* Fix prohibit login check on authorization (#6106)
* Move to ldap.v3 to fix #5928 (#6105)
* Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
* Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
* Make sure labels are actually returned (#6053)
* Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041)
* After deleting a repo on admin panel, UI should remember the last sort type (#6033)
* Default create repository on organisation on its dashboard (#6026)
* Swagger: Remove spaces in MergePullRequestOption enum (#6016)
* Fix metrics auth token detection (#6006)
* Fix repo header issues (#5995)
* Fix bug when deleting a linked account will removed all (#5989)
* Make organization dropdown scrollable when using mouse wheel (#5988)
* Fix empty ssh key importing in ldap (#5984)
* Admin config page mailertype setting option update (#5973)
* Fix redirect loop during forced password change (#5965)
* Show user who created the repository instead of the organisation in action feed (#5948)
* Remove all CommitStatus when a repo is deleted (#5940)
* Fix ssh deploy and user key constraints (#1357) (#5939)
* Fix log output (#5938)
* Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935)
* Fix compare button (#5929)
* Fix bug when read public repo lfs file (#5912)
* Only allow local login if password is non-empty (#5906)
* Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
* Provide better panic handling (#5902)
* Respect value of REQUIRE_SIGNIN_VIEW (#5901)
* Show a 404 not a 500 if a repo does not exist (#5900)
* Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
* Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
* Correct footer height if screen-width is to small (fixes #5878) (#5889)
* In gitea serv switch off console logger to fix #5866 (#5887)
* Don't allow pull requests to be created on an archived repository (#5883)
* Support reviews on a deleted file path (#5880)
* Fix compare button on upstream repo leading to 404 (#5877)
* Fix null pointer on not logged in attempt to Sudo (#5872)
* Fix new release creation API to allow empty target (#5870)
* Fix an error while adding a dependency via UI. (#5862)
* Fix failing migration v67 (#5849)
* Fix delete correct temp directory (#5839)
* Make sure .git/info is created before generating .git/info/sparse-che… (#5825)
* Fix topics saving internal error and disable for archived repos (#5821)
* Fix TLS errors when using acme/autocert for local connections (#5820)
* When creating new repository fsck option should be enabled (#5817)
* Request for public keys only if LDAP attribute is set (#5816)
* Fix serving of raw wiki files other than .md (#5814)
* Fix migration 78 error mssql (#5791)
* Disallow empty titles (#5785)
* Fix the v78 migration script (#5776)
* Ensure valid git author names passed in signatures (#5774)
* Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769)
* Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
* Fixing PostgreSQL dump creation (#5747)
* Add proper CORS preflight origin validation (#5740)
* Disable auto-migrate in docker container (#5730)
* In basic auth check for tokens before call UserSignIn (#5725)
* Pooled and buffered gzip implementation (#5722)
* Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
* Keep file permissions during database migration (#5707)
* Use correct value for "MSpan Structures Obtained" #4742 (#5706)
* Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
* Update xorm to fix issue #5659 and #5651 (#5680)
* Fix public will not be reused as public key after deleting as deploy key (#5671)
* When redirecting, clean the path (#5669)
* Don't list an issue on its own dependency list UI. (#5658)
* Fix commit page showing status for current default branch (#5649) (#5650)
* Only count users own actions for heatmap contributions (#5647)
* Fix sqlite deadlock when assigning to a PR (#5640)
* Refactor issue indexer (#5363)
* TESTING
* Run benchmark at tag to track performances (#6035)
* Add test environment for MySQL8 (#5234)
* BUILD
* Use go 1.12 for tests and deprecate go 1.9 (#6186)
* Makefile changes for Windows and easier development (#6103)
* Update bleve dependency to latest master revision (#6100)
* Switch to more recent build of xgo (#6070)
* Add autoprefixer to css build (#6029)
* Update the version of less (#6010)
* Make log mailer for testing (#5893)
* DOCS
* Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
* update default value of `--must-change-password` cli flag (#6032)
* Update and expand information about building Gitea (#6019)
* Update U2F Section of app.ini.sample (#5994)
* Update swagger for release API pagination (#5841)
* Added docs for the tree api (#5834)
* MISC
* Add single commit API support (#5843)
* Add missing GET teams endpoints (#5382)
* Migrate database if app.ini found (#5290)
## [1.7.6](https://github.com/go-gitea/gitea/releases/tag/v1.7.6) - 2019-04-12
* SECURITY
* Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595)
* BUGFIXES
* Allow resend of confirmation email when logged in (#6482) (#6487)
## [1.7.5](https://github.com/go-gitea/gitea/releases/tag/v1.7.5) - 2019-03-27
* BUGFIXES
* Fix unitTypeCode not being used in accessLevelUnit (#6419) (#6423)
* Fix bug where manifest.json was being requested without cookies and continuously creating new sessions (#6372) (#6383)
* Fix ParsePatch function to work with quoted diff --git strings (#6323) (#6332)
## [1.7.4](https://github.com/go-gitea/gitea/releases/tag/v1.7.4) - 2019-03-12
* SECURITY
* Fix potential XSS vulnerability in repository description. (#6306) (#6308)
* BUGFIXES
* Fix wrong release commit id (#6224) (#6300)
* Fix panic on empty signed commits (#6292) (#6300)
* Fix organization dropdown not being scrollable when using mouse wheel (#5988) (#6246)
* Fix displaying dashboard even if required to change password (#6214) (#6215)
## [1.7.3](https://github.com/go-gitea/gitea/releases/tag/v1.7.3) - 2019-02-27
* BUGFIXES
* Fix server 500 when trying to migrate to an already existing repository (#6188) (#6197)
* Load Issue attributes for API /repos/{owner}/{repo}/issues/{index} (#6122) (#6185)
* Fix bug whereby user could change private repository to public when force private enabled. (#6156) (#6165)
* Fix bug when update owner team then visit team's repo return 404 (#6119) (#6166)
* Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) (#6137)
* Fix prohibit login check on authorization (#6106) (#6115)
* Fix LDAP protocol error regression by moving to ldap.v3 (#6105) (#6107)
* Fix deadlock in webhook PullRequest (#6102) (#6104)
* Fix redirect loop when password change is required and Gitea is installed as a suburl (#5965) (#6101)
* Fix compare button regression (#5929) (#6098)
* Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) (#6097)
## [1.7.2](https://github.com/go-gitea/gitea/releases/tag/v1.7.2) - 2019-02-14
* BUGFIXES
* Remove all CommitStatus when a repo is deleted (#5940) (#5941)
* Fix notifications on pushing with deploy keys by setting hook environment variables (#5935) (#5944)
* Silence console logger in gitea serv (#5887) (#5943)
* Handle milestone webhook events for issues and PR (#5947) (#5955)
* Show user who created the repository instead of the organization in action feed (#5948) (#5956)
* Fix ssh deploy and user key constraints (#1357) (#5939) (#5966)
* Fix bug when deleting a linked account will removed all (#5989) (#5990)
* Fix empty ssh key importing in ldap (#5984) (#6009)
* Fix metrics auth token detection (#6006) (#6017)
* Create repository on organisation by default on its dashboard (#6026) (#6048)
* Make sure labels are actually returned in API (#6053) (#6059)
* Switch to more recent build of xgo (#6070) (#6072)
* In basic auth check for tokens before call UserSignIn (#5725) (#6083)
## [1.7.1](https://github.com/go-gitea/gitea/releases/tag/v1.7.1) - 2019-01-31
* SECURITY
* Disable redirect for i18n (#5910) (#5916)
* Only allow local login if password is non-empty (#5906) (#5908)
* Fix go-get URL generation (#5905) (#5907)
* BUGFIXES
* Fix TLS errors when using acme/autocert for local connections (#5820) (#5826)
* Request for public keys only if LDAP attribute is set (#5816) (#5819)
* Fix delete correct temp directory (#5840) (#5839)
* Fix an error while adding a dependency via UI (#5862) (#5876)
* Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884)
* When creating new repository fsck option should be enabled (#5817) (#5885)
* Prevent nil dereference in mailIssueCommentToParticipants (#5891) (#5895) (#5894)
* Fix bug when read public repo lfs file (#5913) (#5912)
* Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915)
* Fix compare button on upstream repo leading to 404 (#5877) (#5914)
* DOCS
* Added docs for the tree api (#5835)
* MISC
* Include Go toolchain to --version (#5832) (#5830)
## [1.7.0](https://github.com/go-gitea/gitea/releases/tag/v1.7.0) - 2019-01-22
* SECURITY
* Do not display the raw OpenID error in the UI (#5705) (#5712)
* When redirecting clean the path to avoid redirecting to external site (#5669) (#5679)
* Prevent DeleteFilePost doing arbitrary deletion (#5631)
* BREAKING
* Restrict permission check on repositories and fix some problems (#5314)
* Show only opened milestones on issues page milestone filter (#5051)
* FEATURE
* Implement git refs API for listing references (branches, tags and other) (#5354)
* Approvals at Branch Protection (#5350)
* Add raw blob endpoint to get objects by SHA ID (#5334)
* Add api for user to create org (#5268)
* Create AuthorizedKeysCommand (#5236)
* User action heatmap (#5131)
* Refactor heatmap to vue component (#5401)
* Webhook for Pull Request approval/rejection (#5027)
* Add command for migrating database (#4954)
* Search keyword by splitting provided values by , (#4939)
* Create Progressive Web App (#4730)
* Give user a link to create PR after push (#4716)
* Add rebase with merge commit merge style (#3844) (#4052)
* BUGFIXES
* Disallow empty titles (#5785) (#5794)
* Fix sqlite deadlock when assigning to a PR (#5640) (#5642)
* Don't close issues via commits on non-default branch. (#5622) (#5643)
* Fix commit page showing status for current default branch (#5650) (#5653)
* Only count users own actions for heatmap contributions (#5647) (#5655)
* Update xorm to fix issue postgresql dumping issues (#5680) (#5692)
* Use correct value for "MSpan Structures Obtained" (#5706) (#5716)
* Fix bug on modifying sshd username (#5624)
* Delete tags in mirror which are removed for original repo. (#5609)
* Fix wrong text getting saved on editing second comment on an issue. (#5608)
* Fix nil pointer when adding a due date (#5587)
* Fix type mismatch of format string (#5574)
* Fix bug on upload file name (#5571)
* Issue is not overdue when it is on the same date #5566 (#5568)
* Fix indexer reindex bug when gitea restart (#5563)
* Fix table name typo on SQL (#5562)
* Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557)
* Fix makefile generate buildstep (#5556)
* Fix nil pointer base branch bug (#5555)
* Fix permission check on api create org (#5523)
* Fix detect force push failure on deletion of protected branches (#5522)
* Fix approvals limitation (#5521)
* Fix bug when a read perm user to edit his issue (#5516)
* Fix adding reaction fail for read permission user (#5515)
* Fixing MSSQL timestamp type (#5511)
* Fix forgot deletion of notification when delete repository (#5506)
* Fix empty wiki (#5504)
* Fix clone wiki failed via ssh (#5503)
* Fix code review on mssql (#5502)
* Fix lfs version check warning log when using ssh protocol (#5501)
* Fix topic name length on database (#5493)
* Ensure that the `closed_at` is set for closed issues (#5449)
* Admin should be able to delete repos via the API even if he is not a member of the organization (#5443)
* Word-Break the WebHook url to prevent a ui-break (#5432)
* Fix forgot removed records when deleting user (#5429)
* Fix repository deletion when there is large number of issues in it (#5426)
* Fix heatmap colors for Chrome/Safari (#5421)
* Fix password variable shadowing (#5405)
* Fix dependent issue searching when gitea is run in subpath (#5392)
* Don't force a password change for the admin user when creating an account via cli (#5391)
* API: '/orgs/:org/repos': return private repos with read access (#5383)
* Don't send assign webhooks when creating issue (#5365)
* Removing Labels via EditPullRequest API (#5348)
* Migration fixes for gogs (0.11.66) to gitea (1.6.0) #5318 (#5341)
* Fix bug when users have serval teams with different units on different repositories (#5307)
* Fix U2F if gitea is configured in subpath (#5302)
* Fix file edit change preview functionality (#5300)
* Update gitignore list (#5258)
* Fixed heatmap not working in mssql (#5248)
* Fixed wrong api request url for instances running in subfolders (#5247)
* Fix compatibility heatmap with mysql 8 (#5232)
* Fix data race on migrate repository (#5224)
* Fix sqlite and mssql lock (#5214)
* Fix sqlite lock (#5210)
* Fix: Accept web-command cli flags if web-command is commited (#5200)
* Fix: Add secret to all webhook's payload where it has been missing (#5199)
* Fix race on updatesize (#5190)
* Fix create team, update team missing units (#5188)
* Fix sqlite lock (#5184 & #5176)
* Fix showing pull request link when delete a branch (#5166)
* Fix JSON result of empty array in heatmap data array (#5154)
* Update build tags for sqlite_unlock notify (#5144)
* This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql (#5136)
* Fix deadlock when sqlite (#5118)
* Add comment replies (#5104)
* Fix home page template regression (#5102)
* Fix regex to support optional end line of old section in diff hunk (#5096)
* LDAP via simple auth separate bind user and search base (#5055)
* Fix markdown image with link (#4675)
* Fix to 3819 - Filtering issues by tags on main screen issues (#3824)
* ENHANCEMENT
* Delete organization endpoint added (#5601)
* Update Licenses (#5558)
* Support reverse proxy providing email (#5554)
* Add git protocol v2 support via SSH on Docker image (#5520)
* Add tests for api user orgs (#5494)
* Allow link verification for services like Mastodon (#5481)
* Improve team members and repositories settings UI (#5457)
* Remove the required class from optional ssh port in installation page (#5428)
* Explicitly disable Git credential helper (#5367)
* Setting Labels via EditPullRequest API (#5347)
* Implement pasting image from clipboard for browsers that supports that (#5317)
* Milestone issues and pull requests (#5293)
* Support envs on external render commands (#5278)
* Add option to disable automatic mirror syncing. (#5242)
* Remove unused db init on commands serv, update, hooks (#5225)
* Serve audio files using HTML5 audio tag (#5221)
* Pass link prefixes to external markup parsers (#5201)
* Add AutoHead functionality. (#5186)
* Fix emojis not showing in commit messages (#5168)
* Block registration based on email domain (#5157)
* Update vendor/go-sqlite3 (#5133 & #5162)
* Update x/net lib (#5169)
* Show review summary in pull requests (#5132)
* Use type switch (#5122)
* Remove duplicated if bodies (#5121)
* Remove check for negative length (#5120)
* Make switch more clear (#5119)
* Use named const instead of a raw string (#5115)
* Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094)
* Refactor: err != nil check, just return error instead (#5093)
* Add notification interface and refactor UI notifications (#5085)
* Use APP_NAME on home page (#5048)
* Explicitly decide whether to use TLS in mailer's configuration (#5024)
* Generate random password (#5023)
* UX of link account (Step 1) (#5006)
* Make sure argsSet verifies string isn't empty too (#4980)
* Improve performance of dashboard (#4977)
* Keys API changes (#4960)
* Add must-change-password flag to cli for creating a user (#4955)
* Use native go method to get current user rather than environment variable (#4930)
* Make gitea serv use api/internal (#4886)
* Add support for search by uid (#4876)
* Allow to add organization members as collaborators on organization owned repositories (#4748)
* TESTING
* Kill testing processes if the test takes too long (#5174)
* Update outdated Go toolchain version for .drone.yml (#5146)
* Increase the retry limit to 20 times and the interval to 200ms (#5134)
* Retry test-fixtures loading in case of transaction rollback (#5125)
* Added test environment for mssql (#4282)
* BUILD
* Replace lint to revive (#5422)
* Update golang version in Dockerfile (#5246)
* DOCS
* Typo in routers/api/v1/org/org.go fixed. (#5598)
* Update the docs for sqlite_unlock_notify (#5145)
* CN translation of docs part (#5049)
* Kubernetes deployment file (#5046)
* MISC
* Upgrade alpine to 3.8 (#5423)
* Git-Trees API (#5403)
* Only chown directories during docker setup if necessary. Fix #4425 (#5064)
## [1.6.4](https://github.com/go-gitea/gitea/releases/tag/v1.6.4) - 2019-01-15
* BUGFIX
* Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685)
* When redirecting clean the path to avoid redirecting to external site (#5669) (#5703)
* Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715)
## [1.6.3](https://github.com/go-gitea/gitea/releases/tag/v1.6.3) - 2019-01-04
* SECURITY
* Prevent DeleteFilePost doing arbitrary deletion (#5631)
* BUGFIX
* Fix wrong text getting saved on editing second comment on an issue (#5608)
## [1.6.2](https://github.com/go-gitea/gitea/releases/tag/v1.6.2) - 2018-12-21
* SECURITY
* Sanitize uploaded file names (#5571) (#5573)

48
CONTRIBUTING.md
View File

@@ -64,31 +64,20 @@ high-level discussions.
## Testing redux
Before submitting a pull request, run all the tests for the whole tree
to make sure your changes don't cause regression elsewhere.
Here's how to run the test suite:
- Install the correct version of the drone-cli package. As of this
writing, the correct drone-cli version is
[1.1.0](https://docs.drone.io/cli/install/).
- Ensure you have enough free disk space. You will need at least
15-20 Gb of free disk space to hold all of the containers drone
creates (a default AWS or GCE disk size won't work -- see
[#6243](https://github.com/go-gitea/gitea/issues/6243)).
- Change into the base directory of your copy of the gitea repository,
and run `drone exec --local --build-event pull_request`.
The drone version, command line, and disk requirements do change over
time (see [#4053](https://github.com/go-gitea/gitea/issues/4053) and
[#6243](https://github.com/go-gitea/gitea/issues/6243)); if you
discover any issues, please feel free to send us a pull request to
update these instructions.
Before sending code out for review, run all the tests for the
whole tree to make sure the changes don't break other usage
and keep the compatibility on upgrade. To make sure you are
running the test suite exactly like we do, you should install
the CLI for [Drone CI](https://github.com/drone/drone), as
we are using the server for continuous testing, following [these
instructions](http://docs.drone.io/cli-installation/). After that,
you can simply call `drone exec --local --build-event "pull_request"` within
your working directory and it will try to run the test suite locally.
## Vendoring
We keep a cached copy of dependencies within the `vendor/` directory,
managing updates via [Modules](https://golang.org/cmd/go/#hdr-Module_maintenance).
managing updates via [dep](https://github.com/golang/dep).
Pull requests should only include `vendor/` updates if they are part of
the same change, be it a bugfix or a feature addition.
@@ -97,7 +86,7 @@ The `vendor/` update needs to be justified as part of the PR description,
and must be verified by the reviewers and/or merger to always reference
an existing upstream commit.
You can find more information on how to get started with it on the [Modules Wiki](https://github.com/golang/go/wiki/Modules).
You can find more information on how to get started with it on the [dep project website](https://golang.github.io/dep/docs/introduction.html).
## Translation
@@ -113,8 +102,8 @@ included in the next released version.
Generally, the go build tools are installed as-needed in the `Makefile`.
An exception are the tools to build the CSS and images.
- To build CSS: Install [Node.js](https://nodejs.org/en/download/package-manager) at version 8.0 or above
with `npm` and then run `npm install` and `make css`.
- To build CSS: Install [Node.js](https://nodejs.org/en/download/package-manager)
with `npm` and then run `npm install` and `make generate-stylesheets`.
- To build Images: ImageMagick, inkscape and zopflipng binaries must be
available in your `PATH` to run `make generate-images`.
@@ -214,7 +203,7 @@ to the maintainers team. If a maintainer is inactive for more than 3
months and forgets to leave the maintainers team, the owners may move
him or her from the maintainers team to the advisors team.
For security reasons, Maintainers should use 2FA for their accounts and
if possible provide gpg signed commits.
if possible provide gpg signed commits.
https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/
https://help.github.com/articles/signing-commits-with-gpg/
@@ -255,11 +244,6 @@ they served:
* [Lauris Bukšis-Haberkorns](https://github.com/lafriks) <lauris@nix.lv>
* [Kim Carlbäcker](https://github.com/bkcsoft) <kim.carlbacker@gmail.com>
* 2019-01-01 ~ 2019-12-31
* [Lunny Xiao](https://github.com/lunny) <xiaolunwen@gmail.com>
* [Lauris Bukšis-Haberkorns](https://github.com/lafriks) <lauris@nix.lv>
* [Matti Ranta](https://github.com/techknowlogick) <matti@mdranta.net>
## Versions
Gitea has the `master` branch as a tip branch and has version branches
@@ -281,7 +265,7 @@ be reviewed by two maintainers and must pass the automatic tests.
* Create `-dev` tag as `git tag -s -F release.notes v$vmaj.$vmin.0-dev` and push the tag as `git push origin v$vmaj.$vmin.0-dev`.
* When CI has finished building tag then you have to create a new branch named `release/v$vmaj.$vmin`
* If it is bugfix version create PR for changelog on branch `release/v$vmaj.$vmin` and wait till it is reviewed and merged.
* Add a tag as `git tag -s -F release.notes v$vmaj.$vmin.$`, release.notes file could be a temporary file to only include the changelog this version which you added to `CHANGELOG.md`.
* Add a tag as `git tag -s -F release.notes v$vmaj.$vmin.$`, release.notes file could be a temporary file to only include the changelog this version which you added to `CHANGELOG.md`.
* And then push the tag as `git push origin v$vmaj.$vmin.$`. Drone CI will automatically created a release and upload all the compiled binary. (But currently it didn't add the release notes automatically. Maybe we should fix that.)
* If needed send PR for changelog on branch `master`.
* Send PR to [blog repository](https://github.com/go-gitea/blog) announcing the release.
@@ -291,7 +275,7 @@ be reviewed by two maintainers and must pass the automatic tests.
Code that you contribute should use the standard copyright header:
```
// Copyright 2019 The Gitea Authors. All rights reserved.
// Copyright 2018 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
```

8
Dockerfile
View File

@@ -1,10 +1,10 @@
###################################
#Build stage
FROM golang:1.12-alpine3.10 AS build-env
FROM golang:1.10-alpine3.7 AS build-env
ARG GITEA_VERSION
ARG TAGS="sqlite sqlite_unlock_notify"
ARG TAGS="sqlite"
ENV TAGS "bindata $TAGS"
#Build deps
@@ -18,7 +18,7 @@ WORKDIR ${GOPATH}/src/code.gitea.io/gitea
RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \
&& make clean generate build
FROM alpine:3.10
FROM alpine:3.7
LABEL maintainer="maintainers@gitea.io"
EXPOSE 22 3000
@@ -56,6 +56,6 @@ VOLUME ["/data"]
ENTRYPOINT ["/usr/bin/entrypoint"]
CMD ["/bin/s6-svscan", "/etc/s6"]
COPY docker/root /
COPY docker /
COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
RUN ln -s /app/gitea/gitea /usr/local/bin/gitea

1007
Gopkg.lock generated Normal file
View File

File diff suppressed because it is too large Load Diff

105
Gopkg.toml Normal file
View File

@@ -0,0 +1,105 @@
ignored = ["google.golang.org/appengine*"]
[prune]
go-tests = true
unused-packages = true
non-go = true
[[constraint]]
branch = "master"
name = "code.gitea.io/git"
[[constraint]]
branch = "master"
name = "code.gitea.io/sdk"
[[constraint]]
revision = "12dd70caea0268ac0d6c2707d0611ef601e7c64e"
name = "golang.org/x/crypto"
[[constraint]]
revision = "a646d33e2ee3172a661fc09bca23bb4889a41bc8"
name = "golang.org/x/sys"
[[constraint]]
revision = "2bf8f2a19ec09c670e931282edfe6567f6be21c9"
name = "golang.org/x/text"
[[constraint]]
revision = "f2499483f923065a842d38eb4c7f1927e6fc6e6d"
name = "golang.org/x/net"
[[override]]
name = "github.com/go-xorm/xorm"
#version = "0.6.5"
revision = "ad69f7d8f0861a29438154bb0a20b60501298480"
[[override]]
name = "github.com/go-sql-driver/mysql"
revision = "d523deb1b23d913de5bdada721a6071e71283618"
[[override]]
name = "github.com/gorilla/mux"
revision = "757bef944d0f21880861c2dd9c871ca543023cba"
[[constraint]]
name = "github.com/gorilla/context"
version = "1.1.1"
[[constraint]]
name = "github.com/lafriks/xormstore"
version = "1.0.0"
[[constraint]]
branch = "master"
name = "github.com/lunny/dingtalk_webhook"
[[constraint]]
name = "github.com/markbates/goth"
version = "1.46.1"
[[constraint]]
branch = "master"
name = "github.com/mcuadros/go-version"
[[constraint]]
branch = "master"
name = "github.com/russross/blackfriday"
[[constraint]]
branch = "master"
name = "github.com/tstranex/u2f"
[[constraint]]
name = "gopkg.in/editorconfig/editorconfig-core-go.v1"
version = "1.2.0"
[[constraint]]
branch = "v2"
name = "gopkg.in/gomail.v2"
[[constraint]]
name = "gopkg.in/ini.v1"
version = "1.31.1"
[[constraint]]
name = "gopkg.in/ldap.v2"
version = "2.4.1"
[[constraint]]
name = "gopkg.in/macaron.v1"
version = "1.2.4"
[[constraint]]
name = "gopkg.in/testfixtures.v2"
version = "2.0.0"
[[override]]
name = "github.com/boltdb/bolt"
revision = "ccd680d8c1a0179ac3d68f692b01e1a1589cbfc7"
source = "github.com/go-gitea/bolt"
[[override]]
revision = "c10ba270aa0bf8b8c1c986e103859c67a9103061"
name = "golang.org/x/oauth2"

10
MAINTAINERS
View File

@@ -20,13 +20,7 @@ Jonas Östanbäck <jonas.ostanback@gmail.com> (@cez81)
David Schneiderbauer <dschneiderbauer@gmail.com> (@daviian)
Peter Žeby <morlinest@gmail.com> (@morlinest)
Matti Ranta <matti@mdranta.net> (@techknowlogick)
Jonas Franz <info@jonasfranz.software> (@jonasfranz)
Michael Lustfield <mtecknology@debian.org> (@MTecknology)
Jonas Franz <info@jonasfranz.software> (@JonasFranzDEV)
Alexey Terentyev <axifnx@gmail.com> (@axifive)
Lanre Adelowo <yo@lanre.wtf> (@adelowo)
Konrad Langenberg <k@knt.li> (@kolaente)
He-Long Zhang <outman99@hotmail.com> (@BetaCat0)
Andrew Thornton <art27@cantab.net> (@zeripath)
John Olheiser <john.olheiser@gmail.com> (@jolheiser)
Richard Mahn <rich.mahn@unfoldingword.org> (@richmahn)
Mrsdizzie <info@mrsdizzie.com> (@mrsdizzie)
silverwind <me@silverwind.io> (@silverwind)

237
Makefile
View File

@@ -1,17 +1,13 @@
DIST := dist
IMPORT := code.gitea.io/gitea
export GO111MODULE=off
GO ?= go
SED_INPLACE := sed -i
SHASUM ?= shasum -a 256
export PATH := $($(GO) env GOPATH)/bin:$(PATH)
ifeq ($(OS), Windows_NT)
EXECUTABLE ?= gitea.exe
EXECUTABLE := gitea.exe
else
EXECUTABLE ?= gitea
EXECUTABLE := gitea
UNAME_S := $(shell uname -s)
ifeq ($(UNAME_S),Darwin)
SED_INPLACE := sed -i ''
@@ -25,23 +21,21 @@ GOFMT ?= gofmt -s
GOFLAGS := -i -v
EXTRA_GOFLAGS ?=
MAKE_VERSION := $(shell make -v | head -n 1)
ifneq ($(DRONE_TAG),)
VERSION ?= $(subst v,,$(DRONE_TAG))
GITEA_VERSION ?= $(VERSION)
GITEA_VERSION := $(VERSION)
else
ifneq ($(DRONE_BRANCH),)
VERSION ?= $(subst release/v,,$(DRONE_BRANCH))
else
VERSION ?= master
endif
GITEA_VERSION ?= $(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')
GITEA_VERSION := $(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')
endif
LDFLAGS := $(LDFLAGS) -X "main.MakeVersion=$(MAKE_VERSION)" -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)"
LDFLAGS := -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)"
PACKAGES ?= $(filter-out code.gitea.io/gitea/integrations/migration-test,$(filter-out code.gitea.io/gitea/integrations,$(shell $(GO) list ./... | grep -v /vendor/)))
PACKAGES ?= $(filter-out code.gitea.io/gitea/integrations,$(shell $(GO) list ./... | grep -v /vendor/))
SOURCES ?= $(shell find . -name "*.go" -type f)
TAGS ?=
@@ -49,26 +43,23 @@ TAGS ?=
TMPDIR := $(shell mktemp -d 2>/dev/null || mktemp -d -t 'gitea-temp')
SWAGGER_SPEC := templates/swagger/v1_json.tmpl
SWAGGER_SPEC_S_TMPL := s|"basePath": *"/api/v1"|"basePath": "{{AppSubUrl}}/api/v1"|g
SWAGGER_SPEC_S_JSON := s|"basePath": *"{{AppSubUrl}}/api/v1"|"basePath": "/api/v1"|g
SWAGGER_NEWLINE_COMMAND := -e '$$a\'
SWAGGER_SPEC_S_TMPL := s|"basePath":\s*"/api/v1"|"basePath": "{{AppSubUrl}}/api/v1"|g
SWAGGER_SPEC_S_JSON := s|"basePath":\s*"{{AppSubUrl}}/api/v1"|"basePath": "/api/v1"|g
TEST_MYSQL_HOST ?= mysql:3306
TEST_MYSQL_DBNAME ?= testgitea
TEST_MYSQL_USERNAME ?= root
TEST_MYSQL_PASSWORD ?=
TEST_MYSQL8_HOST ?= mysql8:3306
TEST_MYSQL8_DBNAME ?= testgitea
TEST_MYSQL8_USERNAME ?= root
TEST_MYSQL8_PASSWORD ?=
TEST_PGSQL_HOST ?= pgsql:5432
TEST_PGSQL_DBNAME ?= testgitea
TEST_PGSQL_USERNAME ?= postgres
TEST_PGSQL_PASSWORD ?= postgres
TEST_MSSQL_HOST ?= mssql:1433
TEST_MSSQL_DBNAME ?= gitea
TEST_MSSQL_USERNAME ?= sa
TEST_MSSQL_PASSWORD ?= MwantsaSecurePassword1
ifeq ($(OS), Windows_NT)
EXECUTABLE := gitea.exe
else
EXECUTABLE := gitea
endif
# $(call strip-suffix,filename)
strip-suffix = $(firstword $(subst ., ,$(1)))
@@ -83,9 +74,9 @@ clean:
$(GO) clean -i ./...
rm -rf $(EXECUTABLE) $(DIST) $(BINDATA) \
integrations*.test \
integrations/gitea-integration-pgsql/ integrations/gitea-integration-mysql/ integrations/gitea-integration-mysql8/ integrations/gitea-integration-sqlite/ \
integrations/gitea-integration-mssql/ integrations/indexers-mysql/ integrations/indexers-mysql8/ integrations/indexers-pgsql integrations/indexers-sqlite \
integrations/indexers-mssql integrations/mysql.ini integrations/mysql8.ini integrations/pgsql.ini integrations/mssql.ini
integrations/gitea-integration-pgsql/ integrations/gitea-integration-mysql/ integrations/gitea-integration-sqlite/ \
integrations/indexers-mysql/ integrations/indexers-pgsql integrations/indexers-sqlite \
integrations/mysql.ini integrations/pgsql.ini
.PHONY: fmt
fmt:
@@ -97,16 +88,18 @@ vet:
.PHONY: generate
generate:
GO111MODULE=on $(GO) generate $(PACKAGES)
@hash go-bindata > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
$(GO) get -u github.com/jteeuwen/go-bindata/...; \
fi
$(GO) generate $(PACKAGES)
.PHONY: generate-swagger
generate-swagger:
@hash swagger > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
GO111MODULE="on" $(GO) get -u github.com/go-swagger/go-swagger/cmd/swagger@v0.19.0; \
$(GO) get -u github.com/go-swagger/go-swagger/cmd/swagger; \
fi
swagger generate spec -o './$(SWAGGER_SPEC)'
$(SED_INPLACE) '$(SWAGGER_SPEC_S_TMPL)' './$(SWAGGER_SPEC)'
$(SED_INPLACE) $(SWAGGER_NEWLINE_COMMAND) './$(SWAGGER_SPEC)'
.PHONY: swagger-check
swagger-check: generate-swagger
@@ -135,21 +128,17 @@ errcheck:
.PHONY: lint
lint:
@echo 'make lint is depricated. Use "make revive" if you want to use the old lint tool, or "make golangci-lint" to run a complete code check.'
.PHONY: revive
revive:
@hash revive > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
$(GO) get -u github.com/mgechev/revive; \
@hash golint > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
$(GO) get -u golang.org/x/lint/golint; \
fi
revive -config .revive.toml -exclude=./vendor/... ./... || exit 1
for PKG in $(PACKAGES); do golint -set_exit_status $$PKG || exit 1; done;
.PHONY: misspell-check
misspell-check:
@hash misspell > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
$(GO) get -u github.com/client9/misspell/cmd/misspell; \
fi
misspell -error -i unknwon,destory $(GOFILES)
misspell -error -i unknwon $(GOFILES)
.PHONY: misspell
misspell:
@@ -170,7 +159,7 @@ fmt-check:
.PHONY: test
test:
GO111MODULE=on $(GO) test -mod=vendor -tags='sqlite sqlite_unlock_notify' $(PACKAGES)
$(GO) test -tags=sqlite $(PACKAGES)
.PHONY: coverage
coverage:
@@ -181,11 +170,14 @@ coverage:
.PHONY: unit-test-coverage
unit-test-coverage:
$(GO) test -tags='sqlite sqlite_unlock_notify' -cover -coverprofile coverage.out $(PACKAGES) && echo "\n==>\033[32m Ok\033[m\n" || exit 1
for PKG in $(PACKAGES); do $(GO) test -tags=sqlite -cover -coverprofile $$GOPATH/src/$$PKG/coverage.out $$PKG || exit 1; done;
.PHONY: vendor
vendor:
GO111MODULE=on $(GO) mod tidy && GO111MODULE=on $(GO) mod vendor
@hash dep > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
$(GO) get -u github.com/golang/dep/cmd/dep; \
fi
dep ensure -vendor-only
.PHONY: test-vendor
test-vendor: vendor
@@ -195,74 +187,32 @@ test-vendor: vendor
echo "$${diff}"; \
exit 1; \
fi;
#TODO add dep status -missing when implemented
.PHONY: test-sqlite
test-sqlite: integrations.sqlite.test
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test
.PHONY: test-sqlite\#%
test-sqlite\#%: integrations.sqlite.test
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test -test.run $*
.PHONY: test-sqlite-migration
test-sqlite-migration: migrations.sqlite.test
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./migrations.sqlite.test
generate-ini:
sed -e 's|{{TEST_MYSQL_HOST}}|${TEST_MYSQL_HOST}|g' \
-e 's|{{TEST_MYSQL_DBNAME}}|${TEST_MYSQL_DBNAME}|g' \
-e 's|{{TEST_MYSQL_USERNAME}}|${TEST_MYSQL_USERNAME}|g' \
-e 's|{{TEST_MYSQL_PASSWORD}}|${TEST_MYSQL_PASSWORD}|g' \
integrations/mysql.ini.tmpl > integrations/mysql.ini
sed -e 's|{{TEST_MYSQL8_HOST}}|${TEST_MYSQL8_HOST}|g' \
-e 's|{{TEST_MYSQL8_DBNAME}}|${TEST_MYSQL8_DBNAME}|g' \
-e 's|{{TEST_MYSQL8_USERNAME}}|${TEST_MYSQL8_USERNAME}|g' \
-e 's|{{TEST_MYSQL8_PASSWORD}}|${TEST_MYSQL8_PASSWORD}|g' \
integrations/mysql8.ini.tmpl > integrations/mysql8.ini
sed -e 's|{{TEST_PGSQL_HOST}}|${TEST_PGSQL_HOST}|g' \
-e 's|{{TEST_PGSQL_DBNAME}}|${TEST_PGSQL_DBNAME}|g' \
-e 's|{{TEST_PGSQL_USERNAME}}|${TEST_PGSQL_USERNAME}|g' \
-e 's|{{TEST_PGSQL_PASSWORD}}|${TEST_PGSQL_PASSWORD}|g' \
integrations/pgsql.ini.tmpl > integrations/pgsql.ini
sed -e 's|{{TEST_MSSQL_HOST}}|${TEST_MSSQL_HOST}|g' \
-e 's|{{TEST_MSSQL_DBNAME}}|${TEST_MSSQL_DBNAME}|g' \
-e 's|{{TEST_MSSQL_USERNAME}}|${TEST_MSSQL_USERNAME}|g' \
-e 's|{{TEST_MSSQL_PASSWORD}}|${TEST_MSSQL_PASSWORD}|g' \
integrations/mssql.ini.tmpl > integrations/mssql.ini
.PHONY: test-mysql
test-mysql: integrations.test generate-ini
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.test
.PHONY: test-mysql-migration
test-mysql-migration: migrations.test generate-ini
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./migrations.test
.PHONY: test-mysql8
test-mysql8: integrations.test generate-ini
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql8.ini ./integrations.test
.PHONY: test-mysql8-migration
test-mysql8-migration: migrations.test generate-ini
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql8.ini ./migrations.test
.PHONY: test-pgsql
test-pgsql: integrations.test generate-ini
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.test
.PHONY: test-pgsql-migration
test-pgsql-migration: migrations.test generate-ini
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./migrations.test
.PHONY: test-mssql
test-mssql: integrations.test generate-ini
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mssql.ini ./integrations.test
.PHONY: test-mssql-migration
test-mssql-migration: migrations.test generate-ini
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mssql.ini ./migrations.test
.PHONY: bench-sqlite
bench-sqlite: integrations.sqlite.test
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
@@ -271,10 +221,6 @@ bench-sqlite: integrations.sqlite.test
bench-mysql: integrations.test generate-ini
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
.PHONY: bench-mssql
bench-mssql: integrations.test generate-ini
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mssql.ini ./integrations.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
.PHONY: bench-pgsql
bench-pgsql: integrations.test generate-ini
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
@@ -285,21 +231,13 @@ integration-test-coverage: integrations.cover.test generate-ini
GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.cover.test -test.coverprofile=integration.coverage.out
integrations.test: $(SOURCES)
GO111MODULE=on $(GO) test -mod=vendor -c code.gitea.io/gitea/integrations -o integrations.test
$(GO) test -c code.gitea.io/gitea/integrations -o integrations.test
integrations.sqlite.test: $(SOURCES)
GO111MODULE=on $(GO) test -mod=vendor -c code.gitea.io/gitea/integrations -o integrations.sqlite.test -tags 'sqlite sqlite_unlock_notify'
$(GO) test -c code.gitea.io/gitea/integrations -o integrations.sqlite.test -tags 'sqlite'
integrations.cover.test: $(SOURCES)
GO111MODULE=on $(GO) test -mod=vendor -c code.gitea.io/gitea/integrations -coverpkg $(shell echo $(PACKAGES) | tr ' ' ',') -o integrations.cover.test
.PHONY: migrations.test
migrations.test: $(SOURCES)
$(GO) test -c code.gitea.io/gitea/integrations/migration-test -o migrations.test
.PHONY: migrations.sqlite.test
migrations.sqlite.test: $(SOURCES)
$(GO) test -c code.gitea.io/gitea/integrations/migration-test -o migrations.sqlite.test -tags 'sqlite sqlite_unlock_notify'
$(GO) test -c code.gitea.io/gitea/integrations -coverpkg $(shell echo $(PACKAGES) | tr ' ' ',') -o integrations.cover.test
.PHONY: check
check: test
@@ -312,7 +250,7 @@ install: $(wildcard *.go)
build: $(EXECUTABLE)
$(EXECUTABLE): $(SOURCES)
GO111MODULE=on $(GO) build -mod=vendor $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@
$(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@
.PHONY: release
release: release-dirs release-windows release-linux release-darwin release-copy release-compress release-check
@@ -324,100 +262,68 @@ release-dirs:
.PHONY: release-windows
release-windows:
@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
$(GO) get -u src.techknowlogick.com/xgo; \
$(GO) get -u github.com/karalabe/xgo; \
fi
xgo -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'windows/*' -out gitea-$(VERSION) .
xgo -dest $(DIST)/binaries -tags 'netgo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'windows/*' -out gitea-$(VERSION) .
ifeq ($(CI),drone)
cp /build/* $(DIST)/binaries
mv /build/* $(DIST)/binaries
endif
.PHONY: release-linux
release-linux:
@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
$(GO) get -u src.techknowlogick.com/xgo; \
$(GO) get -u github.com/karalabe/xgo; \
fi
xgo -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'linux/amd64,linux/386,linux/arm-5,linux/arm-6,linux/arm64,linux/mips64le,linux/mips,linux/mipsle' -out gitea-$(VERSION) .
xgo -dest $(DIST)/binaries -tags 'netgo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'linux/*' -out gitea-$(VERSION) .
ifeq ($(CI),drone)
cp /build/* $(DIST)/binaries
mv /build/* $(DIST)/binaries
endif
.PHONY: release-darwin
release-darwin:
@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
$(GO) get -u src.techknowlogick.com/xgo; \
$(GO) get -u github.com/karalabe/xgo; \
fi
xgo -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '$(LDFLAGS)' -targets 'darwin/*' -out gitea-$(VERSION) .
xgo -dest $(DIST)/binaries -tags 'netgo $(TAGS)' -ldflags '$(LDFLAGS)' -targets 'darwin/*' -out gitea-$(VERSION) .
ifeq ($(CI),drone)
cp /build/* $(DIST)/binaries
mv /build/* $(DIST)/binaries
endif
.PHONY: release-copy
release-copy:
cd $(DIST); for file in `find /build -type f -name "*"`; do cp $${file} ./release/; done;
$(foreach file,$(wildcard $(DIST)/binaries/$(EXECUTABLE)-*),cp $(file) $(DIST)/release/$(notdir $(file));)
.PHONY: release-check
release-check:
cd $(DIST)/release/; for file in `find . -type f -name "*"`; do echo "checksumming $${file}" && $(SHASUM) `echo $${file} | sed 's/^..//'` > $${file}.sha256; done;
cd $(DIST)/release; $(foreach file,$(wildcard $(DIST)/release/$(EXECUTABLE)-*),sha256sum $(notdir $(file)) > $(notdir $(file)).sha256;)
.PHONY: release-compress
release-compress:
@hash gxz > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
$(GO) get -u github.com/ulikunitz/xz/cmd/gxz; \
fi
cd $(DIST)/release/; for file in `find . -type f -name "*"`; do echo "compressing $${file}" && gxz -k -9 $${file}; done;
cd $(DIST)/release; $(foreach file,$(wildcard $(DIST)/binaries/$(EXECUTABLE)-*),gxz -k -9 $(notdir $(file));)
npm-check:
@hash npm > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
echo "Please install Node.js 8.x or greater with npm"; \
exit 1; \
fi;
@hash npx > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
echo "Please install Node.js 8.x or greater with npm"; \
exit 1; \
fi;
.PHONY: javascripts
javascripts: public/js/index.js
.PHONY: npm
npm: npm-check
npm install --no-save
.PHONY: npm-update
npm-update: npm-check
npx updates -cu
rm -rf node_modules package-lock.json
npm install --package-lock
.PHONY: js
js: npm
npx eslint public/js
.PHONY: css
css: npm
npx stylelint public/less
npx lessc --clean-css="--s0 -b" public/less/index.less public/css/index.css
$(foreach file, $(filter-out public/less/themes/_base.less, $(wildcard public/less/themes/*)),npx lessc --clean-css="--s0 -b" public/less/themes/$(notdir $(file)) > public/css/theme-$(notdir $(call strip-suffix,$(file))).css;)
npx postcss --use autoprefixer --no-map --replace public/css/*
.IGNORE: public/js/index.js
public/js/index.js: $(JAVASCRIPTS)
cat $< >| $@
.PHONY: stylesheets-check
stylesheets-check: generate-stylesheets
@diff=$$(git diff public/css/*); \
if ([ -n "$$CI" ] && [ -n "$$diff" ]); then \
echo "Generated files in public/css have changed, please commit the result:"; \
if [ -n "$$diff" ]; then \
echo "Please run 'make generate-stylesheets' and commit the result:"; \
echo "$${diff}"; \
exit 1; \
fi;
.PHONY: javascripts
javascripts:
echo "'make javascripts' is deprecated, please use 'make js'"
$(MAKE) js
.PHONY: stylesheets-check
stylesheets-check:
echo "'make stylesheets-check' is deprecated, please use 'make css'"
$(MAKE) css
.PHONY: generate-stylesheets
generate-stylesheets:
echo "'make generate-stylesheets' is deprecated, please use 'make css'"
$(MAKE) css
node_modules/.bin/lessc --clean-css public/less/index.less public/css/index.css
$(foreach file, $(filter-out public/less/themes/_base.less, $(wildcard public/less/themes/*)),node_modules/.bin/lessc --clean-css public/less/themes/$(notdir $(file)) > public/css/theme-$(notdir $(call strip-suffix,$(file))).css;)
.PHONY: swagger-ui
swagger-ui:
@@ -441,8 +347,6 @@ update-translations:
generate-images:
mkdir -p $(TMPDIR)/images
inkscape -f $(PWD)/assets/logo.svg -w 880 -h 880 -e $(PWD)/public/img/gitea-lg.png
inkscape -f $(PWD)/assets/logo.svg -w 512 -h 512 -e $(PWD)/public/img/gitea-512.png
inkscape -f $(PWD)/assets/logo.svg -w 192 -h 192 -e $(PWD)/public/img/gitea-192.png
inkscape -f $(PWD)/assets/logo.svg -w 120 -h 120 -jC -i layer1 -e $(TMPDIR)/images/sm-1.png
inkscape -f $(PWD)/assets/logo.svg -w 120 -h 120 -jC -i layer2 -e $(TMPDIR)/images/sm-2.png
composite -compose atop $(TMPDIR)/images/sm-2.png $(TMPDIR)/images/sm-1.png $(PWD)/public/img/gitea-sm.png
@@ -454,25 +358,12 @@ generate-images:
inkscape -f $(PWD)/assets/logo.svg -w 32 -h 32 -jC -i layer2 -e $(TMPDIR)/images/32-2.png
composite -compose atop $(TMPDIR)/images/32-2.png $(TMPDIR)/images/32-1.png $(TMPDIR)/images/32-raw.png
inkscape -f $(PWD)/assets/logo.svg -w 16 -h 16 -jC -i layer1 -e $(TMPDIR)/images/16-raw.png
zopflipng -m -y $(TMPDIR)/images/128-raw.png $(TMPDIR)/images/128.png
zopflipng -m -y $(TMPDIR)/images/64-raw.png $(TMPDIR)/images/64.png
zopflipng -m -y $(TMPDIR)/images/32-raw.png $(TMPDIR)/images/32.png
zopflipng -m -y $(TMPDIR)/images/16-raw.png $(TMPDIR)/images/16.png
zopflipng $(TMPDIR)/images/128-raw.png $(TMPDIR)/images/128.png
zopflipng $(TMPDIR)/images/64-raw.png $(TMPDIR)/images/64.png
zopflipng $(TMPDIR)/images/32-raw.png $(TMPDIR)/images/32.png
zopflipng $(TMPDIR)/images/16-raw.png $(TMPDIR)/images/16.png
rm -f $(TMPDIR)/images/*-*.png
convert $(TMPDIR)/images/16.png $(TMPDIR)/images/32.png \
$(TMPDIR)/images/64.png $(TMPDIR)/images/128.png \
$(PWD)/public/img/favicon.ico
rm -rf $(TMPDIR)/images
$(foreach file, $(shell find public/img -type f -name '*.png'),zopflipng -m -y $(file) $(file);)
.PHONY: pr
pr:
$(GO) run contrib/pr/checkout.go $(PR)
.PHONY: golangci-lint
golangci-lint:
@hash golangci-lint > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
export BINARY="golangci-lint"; \
curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(GOPATH)/bin v1.16.0; \
fi
golangci-lint run

2
README.md
View File

@@ -38,7 +38,7 @@ More info: https://docs.gitea.io/en-us/install-from-source/
./gitea web
NOTE: If you're interested in using our APIs, we have experimental
support with [documentation](https://try.gitea.io/api/swagger).
support with [documentation](https://godoc.org/code.gitea.io/sdk/gitea).
## Contributing

2
README_ZH.md
View File

@@ -5,7 +5,7 @@
[![Build Status](https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg)](https://drone.gitea.io/go-gitea/gitea)
[![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/NsatcWJ)
[![](https://images.microbadger.com/badges/image/gitea/gitea.svg)](https://microbadger.com/images/gitea/gitea "Get your own image badge on microbadger.com")
[![codecov](https://codecov.io/gh/go-gitea/gitea/branch/master/graph/badge.svg)](https://codecov.io/gh/go-gitea/gitea)
[![Coverage Status](https://coverage.gitea.io/badges/go-gitea/gitea/coverage.svg)](https://coverage.gitea.io/go-gitea/gitea)
[![Go Report Card](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea)
[![GoDoc](https://godoc.org/code.gitea.io/gitea?status.svg)](https://godoc.org/code.gitea.io/gitea)
[![GitHub release](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest)

205
cmd/admin.go
View File

@@ -6,15 +6,13 @@
package cmd
import (
"errors"
"fmt"
"os"
"text/tabwriter"
"code.gitea.io/git"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/auth/oauth2"
"code.gitea.io/gitea/modules/generate"
"code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
@@ -42,10 +40,6 @@ var (
Flags: []cli.Flag{
cli.StringFlag{
Name: "name",
Usage: "Username. DEPRECATED: use username instead",
},
cli.StringFlag{
Name: "username",
Usage: "Username",
},
cli.StringFlag{
@@ -60,22 +54,10 @@ var (
Name: "admin",
Usage: "User is an admin",
},
cli.BoolFlag{
Name: "random-password",
Usage: "Generate a random password for the user",
},
cli.BoolFlag{
Name: "must-change-password",
Usage: "Force the user to change his/her password after initial login",
},
cli.IntFlag{
Name: "random-password-length",
Usage: "Length of the random password to be generated",
Value: 12,
},
cli.BoolFlag{
Name: "access-token",
Usage: "Generate access token for the user",
cli.StringFlag{
Name: "config, c",
Value: "custom/conf/app.ini",
Usage: "Custom configuration file path",
},
},
}
@@ -95,6 +77,11 @@ var (
Value: "",
Usage: "New password to set for user",
},
cli.StringFlag{
Name: "config, c",
Value: "custom/conf/app.ini",
Usage: "Custom configuration file path",
},
},
}
@@ -117,12 +104,26 @@ var (
Name: "hooks",
Usage: "Regenerate git-hooks",
Action: runRegenerateHooks,
Flags: []cli.Flag{
cli.StringFlag{
Name: "config, c",
Value: "custom/conf/app.ini",
Usage: "Custom configuration file path",
},
},
}
microcmdRegenKeys = cli.Command{
Name: "keys",
Usage: "Regenerate authorized_keys file",
Action: runRegenerateKeys,
Flags: []cli.Flag{
cli.StringFlag{
Name: "config, c",
Value: "custom/conf/app.ini",
Usage: "Custom configuration file path",
},
},
}
subcmdAuth = cli.Command{
@@ -131,10 +132,6 @@ var (
Subcommands: []cli.Command{
microcmdAuthAddOauth,
microcmdAuthUpdateOauth,
cmdAuthAddLdapBindDn,
cmdAuthUpdateLdapBindDn,
cmdAuthAddLdapSimpleAuth,
cmdAuthUpdateLdapSimpleAuth,
microcmdAuthList,
microcmdAuthDelete,
},
@@ -144,20 +141,40 @@ var (
Name: "list",
Usage: "List auth sources",
Action: runListAuth,
Flags: []cli.Flag{
cli.StringFlag{
Name: "config, c",
Value: "custom/conf/app.ini",
Usage: "Custom configuration file path",
},
},
}
idFlag = cli.Int64Flag{
Name: "id",
Usage: "ID of authentication source",
Usage: "ID of OAuth authentication source",
}
microcmdAuthDelete = cli.Command{
Name: "delete",
Usage: "Delete specific auth source",
Action: runDeleteAuth,
Flags: []cli.Flag{
cli.StringFlag{
Name: "config, c",
Value: "custom/conf/app.ini",
Usage: "Custom configuration file path",
},
idFlag,
},
}
oauthCLIFlags = []cli.Flag{
cli.StringFlag{
Name: "config, c",
Value: "custom/conf/app.ini",
Usage: "Custom configuration file path",
},
cli.StringFlag{
Name: "name",
Value: "",
@@ -230,6 +247,10 @@ func runChangePassword(c *cli.Context) error {
return err
}
if c.IsSet("config") {
setting.CustomConf = c.String("config")
}
if err := initDB(); err != nil {
return err
}
@@ -252,90 +273,29 @@ func runChangePassword(c *cli.Context) error {
}
func runCreateUser(c *cli.Context) error {
if err := argsSet(c, "email"); err != nil {
if err := argsSet(c, "name", "password", "email"); err != nil {
return err
}
if c.IsSet("name") && c.IsSet("username") {
return errors.New("Cannot set both --name and --username flags")
}
if !c.IsSet("name") && !c.IsSet("username") {
return errors.New("One of --name or --username flags must be set")
}
if c.IsSet("password") && c.IsSet("random-password") {
return errors.New("cannot set both -random-password and -password flags")
}
var username string
if c.IsSet("username") {
username = c.String("username")
} else {
username = c.String("name")
fmt.Fprintf(os.Stderr, "--name flag is deprecated. Use --username instead.\n")
}
var password string
if c.IsSet("password") {
password = c.String("password")
} else if c.IsSet("random-password") {
var err error
password, err = generate.GetRandomString(c.Int("random-password-length"))
if err != nil {
return err
}
fmt.Printf("generated random password is '%s'\n", password)
} else {
return errors.New("must set either password or random-password flag")
if c.IsSet("config") {
setting.CustomConf = c.String("config")
}
if err := initDB(); err != nil {
return err
}
// always default to true
var changePassword = true
// If this is the first user being created.
// Take it as the admin and don't force a password update.
if n := models.CountUsers(); n == 0 {
changePassword = false
}
if c.IsSet("must-change-password") {
changePassword = c.Bool("must-change-password")
}
u := &models.User{
Name: username,
Email: c.String("email"),
Passwd: password,
IsActive: true,
IsAdmin: c.Bool("admin"),
MustChangePassword: changePassword,
Theme: setting.UI.DefaultTheme,
}
if err := models.CreateUser(u); err != nil {
if err := models.CreateUser(&models.User{
Name: c.String("name"),
Email: c.String("email"),
Passwd: c.String("password"),
IsActive: true,
IsAdmin: c.Bool("admin"),
}); err != nil {
return fmt.Errorf("CreateUser: %v", err)
}
if c.Bool("access-token") {
t := &models.AccessToken{
Name: "gitea-admin",
UID: u.ID,
}
if err := models.NewAccessToken(t); err != nil {
return err
}
fmt.Printf("Access token was successfully created... %s\n", t.Token)
}
fmt.Printf("New user '%s' has been successfully created!\n", username)
fmt.Printf("New user '%s' has been successfully created!\n", c.String("name"))
return nil
}
@@ -401,6 +361,10 @@ func getReleaseCount(id int64) (int64, error) {
}
func runRegenerateHooks(c *cli.Context) error {
if c.IsSet("config") {
setting.CustomConf = c.String("config")
}
if err := initDB(); err != nil {
return err
}
@@ -408,6 +372,10 @@ func runRegenerateHooks(c *cli.Context) error {
}
func runRegenerateKeys(c *cli.Context) error {
if c.IsSet("config") {
setting.CustomConf = c.String("config")
}
if err := initDB(); err != nil {
return err
}
@@ -436,19 +404,31 @@ func parseOAuth2Config(c *cli.Context) *models.OAuth2Config {
}
func runAddOauth(c *cli.Context) error {
if c.IsSet("config") {
setting.CustomConf = c.String("config")
}
if err := initDB(); err != nil {
return err
}
return models.CreateLoginSource(&models.LoginSource{
if err := models.CreateLoginSource(&models.LoginSource{
Type: models.LoginOAuth2,
Name: c.String("name"),
IsActived: true,
Cfg: parseOAuth2Config(c),
})
}); err != nil {
return err
}
return nil
}
func runUpdateOauth(c *cli.Context) error {
if c.IsSet("config") {
setting.CustomConf = c.String("config")
}
if !c.IsSet("id") {
return fmt.Errorf("--id flag is missing")
}
@@ -485,7 +465,7 @@ func runUpdateOauth(c *cli.Context) error {
}
// update custom URL mapping
var customURLMapping = &oauth2.CustomURLMapping{}
var customURLMapping *oauth2.CustomURLMapping
if oAuth2Config.CustomURLMapping != nil {
customURLMapping.TokenURL = oAuth2Config.CustomURLMapping.TokenURL
@@ -512,10 +492,18 @@ func runUpdateOauth(c *cli.Context) error {
oAuth2Config.CustomURLMapping = customURLMapping
source.Cfg = oAuth2Config
return models.UpdateSource(source)
if err := models.UpdateSource(source); err != nil {
return err
}
return nil
}
func runListAuth(c *cli.Context) error {
if c.IsSet("config") {
setting.CustomConf = c.String("config")
}
if err := initDB(); err != nil {
return err
}
@@ -538,6 +526,10 @@ func runListAuth(c *cli.Context) error {
}
func runDeleteAuth(c *cli.Context) error {
if c.IsSet("config") {
setting.CustomConf = c.String("config")
}
if !c.IsSet("id") {
return fmt.Errorf("--id flag is missing")
}
@@ -551,5 +543,8 @@ func runDeleteAuth(c *cli.Context) error {
return err
}
return models.DeleteSource(source)
if err = models.DeleteSource(source); err != nil {
return err
}
return nil
}

359
cmd/admin_auth_ldap.go
View File

@@ -1,359 +0,0 @@
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package cmd
import (
"fmt"
"strings"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/auth/ldap"
"github.com/urfave/cli"
)
type (
authService struct {
initDB func() error
createLoginSource func(loginSource *models.LoginSource) error
updateLoginSource func(loginSource *models.LoginSource) error
getLoginSourceByID func(id int64) (*models.LoginSource, error)
}
)
var (
commonLdapCLIFlags = []cli.Flag{
cli.StringFlag{
Name: "name",
Usage: "Authentication name.",
},
cli.BoolFlag{
Name: "not-active",
Usage: "Deactivate the authentication source.",
},
cli.StringFlag{
Name: "security-protocol",
Usage: "Security protocol name.",
},
cli.BoolFlag{
Name: "skip-tls-verify",
Usage: "Disable TLS verification.",
},
cli.StringFlag{
Name: "host",
Usage: "The address where the LDAP server can be reached.",
},
cli.IntFlag{
Name: "port",
Usage: "The port to use when connecting to the LDAP server.",
},
cli.StringFlag{
Name: "user-search-base",
Usage: "The LDAP base at which user accounts will be searched for.",
},
cli.StringFlag{
Name: "user-filter",
Usage: "An LDAP filter declaring how to find the user record that is attempting to authenticate.",
},
cli.StringFlag{
Name: "admin-filter",
Usage: "An LDAP filter specifying if a user should be given administrator privileges.",
},
cli.StringFlag{
Name: "username-attribute",
Usage: "The attribute of the users LDAP record containing the user name.",
},
cli.StringFlag{
Name: "firstname-attribute",
Usage: "The attribute of the users LDAP record containing the users first name.",
},
cli.StringFlag{
Name: "surname-attribute",
Usage: "The attribute of the users LDAP record containing the users surname.",
},
cli.StringFlag{
Name: "email-attribute",
Usage: "The attribute of the users LDAP record containing the users email address.",
},
cli.StringFlag{
Name: "public-ssh-key-attribute",
Usage: "The attribute of the users LDAP record containing the users public ssh key.",
},
}
ldapBindDnCLIFlags = append(commonLdapCLIFlags,
cli.StringFlag{
Name: "bind-dn",
Usage: "The DN to bind to the LDAP server with when searching for the user.",
},
cli.StringFlag{
Name: "bind-password",
Usage: "The password for the Bind DN, if any.",
},
cli.BoolFlag{
Name: "attributes-in-bind",
Usage: "Fetch attributes in bind DN context.",
},
cli.BoolFlag{
Name: "synchronize-users",
Usage: "Enable user synchronization.",
},
cli.UintFlag{
Name: "page-size",
Usage: "Search page size.",
})
ldapSimpleAuthCLIFlags = append(commonLdapCLIFlags,
cli.StringFlag{
Name: "user-dn",
Usage: "The users DN.",
})
cmdAuthAddLdapBindDn = cli.Command{
Name: "add-ldap",
Usage: "Add new LDAP (via Bind DN) authentication source",
Action: func(c *cli.Context) error {
return newAuthService().addLdapBindDn(c)
},
Flags: ldapBindDnCLIFlags,
}
cmdAuthUpdateLdapBindDn = cli.Command{
Name: "update-ldap",
Usage: "Update existing LDAP (via Bind DN) authentication source",
Action: func(c *cli.Context) error {
return newAuthService().updateLdapBindDn(c)
},
Flags: append([]cli.Flag{idFlag}, ldapBindDnCLIFlags...),
}
cmdAuthAddLdapSimpleAuth = cli.Command{
Name: "add-ldap-simple",
Usage: "Add new LDAP (simple auth) authentication source",
Action: func(c *cli.Context) error {
return newAuthService().addLdapSimpleAuth(c)
},
Flags: ldapSimpleAuthCLIFlags,
}
cmdAuthUpdateLdapSimpleAuth = cli.Command{
Name: "update-ldap-simple",
Usage: "Update existing LDAP (simple auth) authentication source",
Action: func(c *cli.Context) error {
return newAuthService().updateLdapSimpleAuth(c)
},
Flags: append([]cli.Flag{idFlag}, ldapSimpleAuthCLIFlags...),
}
)
// newAuthService creates a service with default functions.
func newAuthService() *authService {
return &authService{
initDB: initDB,
createLoginSource: models.CreateLoginSource,
updateLoginSource: models.UpdateSource,
getLoginSourceByID: models.GetLoginSourceByID,
}
}
// parseLoginSource assigns values on loginSource according to command line flags.
func parseLoginSource(c *cli.Context, loginSource *models.LoginSource) {
if c.IsSet("name") {
loginSource.Name = c.String("name")
}
if c.IsSet("not-active") {
loginSource.IsActived = !c.Bool("not-active")
}
if c.IsSet("synchronize-users") {
loginSource.IsSyncEnabled = c.Bool("synchronize-users")
}
}
// parseLdapConfig assigns values on config according to command line flags.
func parseLdapConfig(c *cli.Context, config *models.LDAPConfig) error {
if c.IsSet("name") {
config.Source.Name = c.String("name")
}
if c.IsSet("host") {
config.Source.Host = c.String("host")
}
if c.IsSet("port") {
config.Source.Port = c.Int("port")
}
if c.IsSet("security-protocol") {
p, ok := findLdapSecurityProtocolByName(c.String("security-protocol"))
if !ok {
return fmt.Errorf("Unknown security protocol name: %s", c.String("security-protocol"))
}
config.Source.SecurityProtocol = p
}
if c.IsSet("skip-tls-verify") {
config.Source.SkipVerify = c.Bool("skip-tls-verify")
}
if c.IsSet("bind-dn") {
config.Source.BindDN = c.String("bind-dn")
}
if c.IsSet("user-dn") {
config.Source.UserDN = c.String("user-dn")
}
if c.IsSet("bind-password") {
config.Source.BindPassword = c.String("bind-password")
}
if c.IsSet("user-search-base") {
config.Source.UserBase = c.String("user-search-base")
}
if c.IsSet("username-attribute") {
config.Source.AttributeUsername = c.String("username-attribute")
}
if c.IsSet("firstname-attribute") {
config.Source.AttributeName = c.String("firstname-attribute")
}
if c.IsSet("surname-attribute") {
config.Source.AttributeSurname = c.String("surname-attribute")
}
if c.IsSet("email-attribute") {
config.Source.AttributeMail = c.String("email-attribute")
}
if c.IsSet("attributes-in-bind") {
config.Source.AttributesInBind = c.Bool("attributes-in-bind")
}
if c.IsSet("public-ssh-key-attribute") {
config.Source.AttributeSSHPublicKey = c.String("public-ssh-key-attribute")
}
if c.IsSet("page-size") {
config.Source.SearchPageSize = uint32(c.Uint("page-size"))
}
if c.IsSet("user-filter") {
config.Source.Filter = c.String("user-filter")
}
if c.IsSet("admin-filter") {
config.Source.AdminFilter = c.String("admin-filter")
}
return nil
}
// findLdapSecurityProtocolByName finds security protocol by its name ignoring case.
// It returns the value of the security protocol and if it was found.
func findLdapSecurityProtocolByName(name string) (ldap.SecurityProtocol, bool) {
for i, n := range models.SecurityProtocolNames {
if strings.EqualFold(name, n) {
return i, true
}
}
return 0, false
}
// getLoginSource gets the login source by its id defined in the command line flags.
// It returns an error if the id is not set, does not match any source or if the source is not of expected type.
func (a *authService) getLoginSource(c *cli.Context, loginType models.LoginType) (*models.LoginSource, error) {
if err := argsSet(c, "id"); err != nil {
return nil, err
}
loginSource, err := a.getLoginSourceByID(c.Int64("id"))
if err != nil {
return nil, err
}
if loginSource.Type != loginType {
return nil, fmt.Errorf("Invalid authentication type. expected: %s, actual: %s", models.LoginNames[loginType], models.LoginNames[loginSource.Type])
}
return loginSource, nil
}
// addLdapBindDn adds a new LDAP via Bind DN authentication source.
func (a *authService) addLdapBindDn(c *cli.Context) error {
if err := argsSet(c, "name", "security-protocol", "host", "port", "user-search-base", "user-filter", "email-attribute"); err != nil {
return err
}
if err := a.initDB(); err != nil {
return err
}
loginSource := &models.LoginSource{
Type: models.LoginLDAP,
IsActived: true, // active by default
Cfg: &models.LDAPConfig{
Source: &ldap.Source{
Enabled: true, // always true
},
},
}
parseLoginSource(c, loginSource)
if err := parseLdapConfig(c, loginSource.LDAP()); err != nil {
return err
}
return a.createLoginSource(loginSource)
}
// updateLdapBindDn updates a new LDAP via Bind DN authentication source.
func (a *authService) updateLdapBindDn(c *cli.Context) error {
if err := a.initDB(); err != nil {
return err
}
loginSource, err := a.getLoginSource(c, models.LoginLDAP)
if err != nil {
return err
}
parseLoginSource(c, loginSource)
if err := parseLdapConfig(c, loginSource.LDAP()); err != nil {
return err
}
return a.updateLoginSource(loginSource)
}
// addLdapSimpleAuth adds a new LDAP (simple auth) authentication source.
func (a *authService) addLdapSimpleAuth(c *cli.Context) error {
if err := argsSet(c, "name", "security-protocol", "host", "port", "user-dn", "user-filter", "email-attribute"); err != nil {
return err
}
if err := a.initDB(); err != nil {
return err
}
loginSource := &models.LoginSource{
Type: models.LoginDLDAP,
IsActived: true, // active by default
Cfg: &models.LDAPConfig{
Source: &ldap.Source{
Enabled: true, // always true
},
},
}
parseLoginSource(c, loginSource)
if err := parseLdapConfig(c, loginSource.LDAP()); err != nil {
return err
}
return a.createLoginSource(loginSource)
}
// updateLdapBindDn updates a new LDAP (simple auth) authentication source.
func (a *authService) updateLdapSimpleAuth(c *cli.Context) error {
if err := a.initDB(); err != nil {
return err
}
loginSource, err := a.getLoginSource(c, models.LoginDLDAP)
if err != nil {
return err
}
parseLoginSource(c, loginSource)
if err := parseLdapConfig(c, loginSource.LDAP()); err != nil {
return err
}
return a.updateLoginSource(loginSource)
}

1350
cmd/admin_auth_ldap_test.go
View File

File diff suppressed because it is too large Load Diff

21
cmd/cert.go
View File

@@ -170,28 +170,17 @@ func runCert(c *cli.Context) error {
if err != nil {
log.Fatalf("Failed to open cert.pem for writing: %v", err)
}
err = pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
if err != nil {
log.Fatalf("Failed to encode certificate: %v", err)
}
err = certOut.Close()
if err != nil {
log.Fatalf("Failed to write cert: %v", err)
}
pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
certOut.Close()
log.Println("Written cert.pem")
keyOut, err := os.OpenFile("key.pem", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {
log.Fatalf("Failed to open key.pem for writing: %v", err)
}
err = pem.Encode(keyOut, pemBlockForKey(priv))
if err != nil {
log.Fatalf("Failed to encode key: %v", err)
}
err = keyOut.Close()
if err != nil {
log.Fatalf("Failed to write key: %v", err)
}
pem.Encode(keyOut, pemBlockForKey(priv))
keyOut.Close()
log.Println("Written key.pem")
return nil
}

12
cmd/cmd.go
View File

@@ -12,8 +12,6 @@ import (
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
"github.com/urfave/cli"
)
@@ -24,23 +22,15 @@ func argsSet(c *cli.Context, args ...string) error {
if !c.IsSet(a) {
return errors.New(a + " is not set")
}
if util.IsEmptyString(a) {
return errors.New(a + " is required")
}
}
return nil
}
func initDB() error {
return initDBDisableConsole(false)
}
func initDBDisableConsole(disableConsole bool) error {
setting.NewContext()
models.LoadConfigs()
setting.NewXORMLogService(disableConsole)
setting.NewXORMLogService(false)
if err := models.SetEngine(); err != nil {
return fmt.Errorf("models.SetEngine: %v", err)
}

49
cmd/convert.go
View File

@@ -1,49 +0,0 @@
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package cmd
import (
"fmt"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"github.com/urfave/cli"
)
// CmdConvert represents the available convert sub-command.
var CmdConvert = cli.Command{
Name: "convert",
Usage: "Convert the database",
Description: "A command to convert an existing MySQL database from utf8 to utf8mb4",
Action: runConvert,
}
func runConvert(ctx *cli.Context) error {
if err := initDB(); err != nil {
return err
}
log.Trace("AppPath: %s", setting.AppPath)
log.Trace("AppWorkPath: %s", setting.AppWorkPath)
log.Trace("Custom path: %s", setting.CustomPath)
log.Trace("Log path: %s", setting.LogRootPath)
models.LoadConfigs()
if models.DbCfg.Type != "mysql" {
fmt.Println("This command can only be used with a MySQL database")
return nil
}
if err := models.ConvertUtf8ToUtf8mb4(); err != nil {
log.Fatal("Failed to convert database from utf8 to utf8mb4: %v", err)
return err
}
fmt.Println("Converted successfully, please confirm your database's character set is now utf8mb4")
return nil
}

55
cmd/dump.go
View File

@@ -31,12 +31,12 @@ It can be used for backup and capture Gitea server image to send to maintainer`,
Action: runDump,
Flags: []cli.Flag{
cli.StringFlag{
Name: "file, f",
Value: fmt.Sprintf("gitea-dump-%d.zip", time.Now().Unix()),
Usage: "Name of the dump file which will be created.",
Name: "config, c",
Value: "custom/conf/app.ini",
Usage: "Custom configuration file path",
},
cli.BoolFlag{
Name: "verbose, V",
Name: "verbose, v",
Usage: "Show process details",
},
cli.StringFlag{
@@ -48,14 +48,13 @@ It can be used for backup and capture Gitea server image to send to maintainer`,
Name: "database, d",
Usage: "Specify the database SQL syntax",
},
cli.BoolFlag{
Name: "skip-repository, R",
Usage: "Skip the repository dumping",
},
},
}
func runDump(ctx *cli.Context) error {
if ctx.IsSet("config") {
setting.CustomConf = ctx.String("config")
}
setting.NewContext()
setting.NewServices() // cannot access session settings otherwise
models.LoadConfigs()
@@ -80,27 +79,13 @@ func runDump(ctx *cli.Context) error {
os.Setenv("TMPDIR", tmpWorkDir)
}
reposDump := path.Join(tmpWorkDir, "gitea-repo.zip")
dbDump := path.Join(tmpWorkDir, "gitea-db.sql")
fileName := ctx.String("file")
log.Printf("Packing dump files...")
z, err := zip.Create(fileName)
if err != nil {
log.Fatalf("Failed to create %s: %v", fileName, err)
}
log.Printf("Dumping local repositories...%s", setting.RepoRootPath)
zip.Verbose = ctx.Bool("verbose")
if ctx.IsSet("skip-repository") {
log.Printf("Skip dumping local repositories")
} else {
log.Printf("Dumping local repositories...%s", setting.RepoRootPath)
reposDump := path.Join(tmpWorkDir, "gitea-repo.zip")
if err := zip.PackTo(setting.RepoRootPath, reposDump, true); err != nil {
log.Fatalf("Failed to dump local repositories: %v", err)
}
if err := z.AddFile("gitea-repo.zip", reposDump); err != nil {
log.Fatalf("Failed to include gitea-repo.zip: %v", err)
}
if err := zip.PackTo(setting.RepoRootPath, reposDump, true); err != nil {
log.Fatalf("Failed to dump local repositories: %v", err)
}
targetDBType := ctx.String("database")
@@ -114,17 +99,19 @@ func runDump(ctx *cli.Context) error {
log.Fatalf("Failed to dump database: %v", err)
}
fileName := fmt.Sprintf("gitea-dump-%d.zip", time.Now().Unix())
log.Printf("Packing dump files...")
z, err := zip.Create(fileName)
if err != nil {
log.Fatalf("Failed to create %s: %v", fileName, err)
}
if err := z.AddFile("gitea-repo.zip", reposDump); err != nil {
log.Fatalf("Failed to include gitea-repo.zip: %v", err)
}
if err := z.AddFile("gitea-db.sql", dbDump); err != nil {
log.Fatalf("Failed to include gitea-db.sql: %v", err)
}
if len(setting.CustomConf) > 0 {
log.Printf("Adding custom configuration file from %s", setting.CustomConf)
if err := z.AddFile("app.ini", setting.CustomConf); err != nil {
log.Fatalf("Failed to include specified app.ini: %v", err)
}
}
customDir, err := os.Stat(setting.CustomPath)
if err == nil && customDir.IsDir() {
if err := z.AddDir("custom", setting.CustomPath); err != nil {

9
cmd/generate.go
View File

@@ -40,10 +40,9 @@ var (
}
microcmdGenerateLfsJwtSecret = cli.Command{
Name: "JWT_SECRET",
Aliases: []string{"LFS_JWT_SECRET"},
Usage: "Generate a new JWT_SECRET",
Action: runGenerateLfsJwtSecret,
Name: "LFS_JWT_SECRET",
Usage: "Generate a new LFS_JWT_SECRET",
Action: runGenerateLfsJwtSecret,
}
microcmdGenerateSecretKey = cli.Command{
@@ -64,7 +63,7 @@ func runGenerateInternalToken(c *cli.Context) error {
}
func runGenerateLfsJwtSecret(c *cli.Context) error {
JWTSecretBase64, err := generate.NewJwtSecret()
JWTSecretBase64, err := generate.NewLfsJwtSecret()
if err != nil {
return err
}

126
cmd/hook.go
View File

@@ -8,14 +8,16 @@ import (
"bufio"
"bytes"
"fmt"
"net/http"
"os"
"path/filepath"
"strconv"
"strings"
"code.gitea.io/git"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/private"
"code.gitea.io/gitea/modules/setting"
"github.com/urfave/cli"
)
@@ -26,6 +28,13 @@ var (
Name: "hook",
Usage: "Delegate commands to corresponding Git hooks",
Description: "This should only be called by Git",
Flags: []cli.Flag{
cli.StringFlag{
Name: "config, c",
Value: "custom/conf/app.ini",
Usage: "Custom configuration file path",
},
},
Subcommands: []cli.Command{
subcmdHookPreReceive,
subcmdHookUpdate,
@@ -53,19 +62,32 @@ var (
}
)
func hookSetup(logPath string) {
setting.NewContext()
log.NewGitLogger(filepath.Join(setting.LogRootPath, logPath))
models.LoadConfigs()
}
func runHookPreReceive(c *cli.Context) error {
if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
return nil
}
setup("hooks/pre-receive.log")
if c.IsSet("config") {
setting.CustomConf = c.String("config")
} else if c.GlobalIsSet("config") {
setting.CustomConf = c.GlobalString("config")
}
hookSetup("hooks/pre-receive.log")
// the environment setted on serv command
repoID, _ := strconv.ParseInt(os.Getenv(models.ProtectedBranchRepoID), 10, 64)
isWiki := (os.Getenv(models.EnvRepoIsWiki) == "true")
username := os.Getenv(models.EnvRepoUsername)
reponame := os.Getenv(models.EnvRepoName)
userID, _ := strconv.ParseInt(os.Getenv(models.EnvPusherID), 10, 64)
prID, _ := strconv.ParseInt(os.Getenv(models.ProtectedBranchPRID), 10, 64)
userIDStr := os.Getenv(models.EnvPusherID)
repoPath := models.RepoPath(username, reponame)
buf := bytes.NewBuffer(nil)
scanner := bufio.NewScanner(os.Stdin)
@@ -87,22 +109,34 @@ func runHookPreReceive(c *cli.Context) error {
newCommitID := string(fields[1])
refFullName := string(fields[2])
// If the ref is a branch, check if it's protected
if strings.HasPrefix(refFullName, git.BranchPrefix) {
statusCode, msg := private.HookPreReceive(username, reponame, private.HookOptions{
OldCommitID: oldCommitID,
NewCommitID: newCommitID,
RefFullName: refFullName,
UserID: userID,
GitAlternativeObjectDirectories: os.Getenv(private.GitAlternativeObjectDirectories),
GitObjectDirectory: os.Getenv(private.GitObjectDirectory),
ProtectedBranchID: prID,
})
switch statusCode {
case http.StatusInternalServerError:
fail("Internal Server Error", msg)
case http.StatusForbidden:
fail(msg, "")
branchName := strings.TrimPrefix(refFullName, git.BranchPrefix)
protectBranch, err := private.GetProtectedBranchBy(repoID, branchName)
if err != nil {
fail("Internal error", fmt.Sprintf("retrieve protected branches information failed: %v", err))
}
if protectBranch != nil && protectBranch.IsProtected() {
// check and deletion
if newCommitID == git.EmptySHA {
fail(fmt.Sprintf("branch %s is protected from deletion", branchName), "")
}
// detect force push
if git.EmptySHA != oldCommitID {
output, err := git.NewCommand("rev-list", "--max-count=1", oldCommitID, "^"+newCommitID).RunInDir(repoPath)
if err != nil {
fail("Internal error", "Fail to detect force push: %v", err)
} else if len(output) > 0 {
fail(fmt.Sprintf("branch %s is protected from force push", branchName), "")
}
}
userID, _ := strconv.ParseInt(userIDStr, 10, 64)
canPush, err := private.CanUserPush(protectBranch.ID, userID)
if err != nil {
fail("Internal error", "Fail to detect user can push: %v", err)
} else if !canPush {
fail(fmt.Sprintf("protected branch %s can not be pushed to", branchName), "")
}
}
}
@@ -115,7 +149,13 @@ func runHookUpdate(c *cli.Context) error {
return nil
}
setup("hooks/update.log")
if c.IsSet("config") {
setting.CustomConf = c.String("config")
} else if c.GlobalIsSet("config") {
setting.CustomConf = c.GlobalString("config")
}
hookSetup("hooks/update.log")
return nil
}
@@ -125,7 +165,13 @@ func runHookPostReceive(c *cli.Context) error {
return nil
}
setup("hooks/post-receive.log")
if c.IsSet("config") {
setting.CustomConf = c.String("config")
} else if c.GlobalIsSet("config") {
setting.CustomConf = c.GlobalString("config")
}
hookSetup("hooks/post-receive.log")
// the environment setted on serv command
repoUser := os.Getenv(models.EnvRepoUsername)
@@ -154,31 +200,17 @@ func runHookPostReceive(c *cli.Context) error {
newCommitID := string(fields[1])
refFullName := string(fields[2])
res, err := private.HookPostReceive(repoUser, repoName, private.HookOptions{
OldCommitID: oldCommitID,
NewCommitID: newCommitID,
RefFullName: refFullName,
UserID: pusherID,
UserName: pusherName,
})
if res == nil {
fail("Internal Server Error", err)
if err := private.PushUpdate(models.PushUpdateOptions{
RefFullName: refFullName,
OldCommitID: oldCommitID,
NewCommitID: newCommitID,
PusherID: pusherID,
PusherName: pusherName,
RepoUserName: repoUser,
RepoName: repoName,
}); err != nil {
log.GitLogger.Error(2, "Update: %v", err)
}
if res["message"] == false {
continue
}
fmt.Fprintln(os.Stderr, "")
if res["create"] == true {
fmt.Fprintf(os.Stderr, "Create a new pull request for '%s':\n", res["branch"])
fmt.Fprintf(os.Stderr, " %s\n", res["url"])
} else {
fmt.Fprint(os.Stderr, "Visit the existing pull request:\n")
fmt.Fprintf(os.Stderr, " %s\n", res["url"])
}
fmt.Fprintln(os.Stderr, "")
}
return nil

75
cmd/keys.go
View File

@@ -1,75 +0,0 @@
// Copyright 2018 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package cmd
import (
"errors"
"fmt"
"strings"
"code.gitea.io/gitea/models"
"github.com/urfave/cli"
)
// CmdKeys represents the available keys sub-command
var CmdKeys = cli.Command{
Name: "keys",
Usage: "This command queries the Gitea database to get the authorized command for a given ssh key fingerprint",
Action: runKeys,
Flags: []cli.Flag{
cli.StringFlag{
Name: "expected, e",
Value: "git",
Usage: "Expected user for whom provide key commands",
},
cli.StringFlag{
Name: "username, u",
Value: "",
Usage: "Username trying to log in by SSH",
},
cli.StringFlag{
Name: "type, t",
Value: "",
Usage: "Type of the SSH key provided to the SSH Server (requires content to be provided too)",
},
cli.StringFlag{
Name: "content, k",
Value: "",
Usage: "Base64 encoded content of the SSH key provided to the SSH Server (requires type to be provided too)",
},
},
}
func runKeys(c *cli.Context) error {
if !c.IsSet("username") {
return errors.New("No username provided")
}
// Check username matches the expected username
if strings.TrimSpace(c.String("username")) != strings.TrimSpace(c.String("expected")) {
return nil
}
content := ""
if c.IsSet("type") && c.IsSet("content") {
content = fmt.Sprintf("%s %s", strings.TrimSpace(c.String("type")), strings.TrimSpace(c.String("content")))
}
if content == "" {
return errors.New("No key type and content provided")
}
if err := initDBDisableConsole(true); err != nil {
return err
}
publicKey, err := models.SearchPublicKeyByContent(content)
if err != nil {
return err
}
fmt.Println(publicKey.AuthorizedString())
return nil
}

41
cmd/migrate.go
View File

@@ -1,41 +0,0 @@
// Copyright 2018 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package cmd
import (
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/models/migrations"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"github.com/urfave/cli"
)
// CmdMigrate represents the available migrate sub-command.
var CmdMigrate = cli.Command{
Name: "migrate",
Usage: "Migrate the database",
Description: "This is a command for migrating the database, so that you can run gitea admin create-user before starting the server.",
Action: runMigrate,
}
func runMigrate(ctx *cli.Context) error {
if err := initDB(); err != nil {
return err
}
log.Trace("AppPath: %s", setting.AppPath)
log.Trace("AppWorkPath: %s", setting.AppWorkPath)
log.Trace("Custom path: %s", setting.CustomPath)
log.Trace("Log path: %s", setting.LogRootPath)
models.LoadConfigs()
if err := models.NewEngine(migrations.Migrate); err != nil {
log.Fatal("Failed to initialize ORM engine: %v", err)
return err
}
return nil
}

208
cmd/serv.go
View File

@@ -8,11 +8,9 @@ package cmd
import (
"encoding/json"
"fmt"
"net/http"
"net/url"
"os"
"os/exec"
"strconv"
"path/filepath"
"strings"
"time"
@@ -21,6 +19,7 @@ import (
"code.gitea.io/gitea/modules/pprof"
"code.gitea.io/gitea/modules/private"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
"github.com/Unknwon/com"
"github.com/dgrijalva/jwt-go"
@@ -28,6 +27,7 @@ import (
)
const (
accessDenied = "Repository does not exist or you do not have access"
lfsAuthenticateVerb = "git-lfs-authenticate"
)
@@ -38,15 +38,31 @@ var CmdServ = cli.Command{
Description: `Serv provide access auth for repositories`,
Action: runServ,
Flags: []cli.Flag{
cli.StringFlag{
Name: "config, c",
Value: "custom/conf/app.ini",
Usage: "Custom configuration file path",
},
cli.BoolFlag{
Name: "enable-pprof",
},
},
}
func setup(logPath string) {
_ = log.DelLogger("console")
func setup(logPath string) error {
setting.NewContext()
log.NewGitLogger(filepath.Join(setting.LogRootPath, logPath))
models.LoadConfigs()
if setting.UseSQLite3 || setting.UseTiDB {
workPath := setting.AppWorkPath
if err := os.Chdir(workPath); err != nil {
log.GitLogger.Fatal(4, "Failed to change directory %s: %v", workPath, err)
}
}
setting.NewXORMLogService(true)
return models.SetEngine()
}
func parseCmd(cmd string) (string, string) {
@@ -73,15 +89,22 @@ func fail(userMessage, logMessage string, args ...interface{}) {
if !setting.ProdMode {
fmt.Fprintf(os.Stderr, logMessage+"\n", args...)
}
log.GitLogger.Fatal(3, logMessage, args...)
return
}
log.GitLogger.Close()
os.Exit(1)
}
func runServ(c *cli.Context) error {
// FIXME: This needs to internationalised
setup("serv.log")
if c.IsSet("config") {
setting.CustomConf = c.String("config")
}
if err := setup("serv.log"); err != nil {
fail("System init failed", fmt.Sprintf("setup: %v", err))
}
if setting.SSH.Disabled {
println("Gitea: SSH has been disabled")
@@ -89,29 +112,13 @@ func runServ(c *cli.Context) error {
}
if len(c.Args()) < 1 {
if err := cli.ShowSubcommandHelp(c); err != nil {
fmt.Printf("error showing subcommand help: %v\n", err)
}
cli.ShowSubcommandHelp(c)
return nil
}
keys := strings.Split(c.Args()[0], "-")
if len(keys) != 2 || keys[0] != "key" {
fail("Key ID format error", "Invalid key argument: %s", c.Args()[0])
}
keyID := com.StrTo(keys[1]).MustInt64()
cmd := os.Getenv("SSH_ORIGINAL_COMMAND")
if len(cmd) == 0 {
key, user, err := private.ServNoCommand(keyID)
if err != nil {
fail("Internal error", "Failed to check provided key: %v", err)
}
if key.Type == models.KeyTypeDeploy {
println("Hi there! You've successfully authenticated with the deploy key named " + key.Name + ", but Gitea does not provide shell access.")
} else {
println("Hi there: " + user.Name + "! You've successfully authenticated with the key named " + key.Name + ", but Gitea does not provide shell access.")
}
println("Hi there, You've successfully authenticated, but Gitea does not provide shell access.")
println("If this is unexpected, please log in with password and setup Gitea under another user.")
return nil
}
@@ -145,19 +152,37 @@ func runServ(c *cli.Context) error {
fail("Error while trying to create PPROF_DATA_PATH", "Error while trying to create PPROF_DATA_PATH: %v", err)
}
stopCPUProfiler, err := pprof.DumpCPUProfileForUsername(setting.PprofDataPath, username)
if err != nil {
fail("Internal Server Error", "Unable to start CPU profile: %v", err)
}
stopCPUProfiler := pprof.DumpCPUProfileForUsername(setting.PprofDataPath, username)
defer func() {
stopCPUProfiler()
err := pprof.DumpMemProfileForUsername(setting.PprofDataPath, username)
if err != nil {
fail("Internal Server Error", "Unable to dump Mem Profile: %v", err)
}
pprof.DumpMemProfileForUsername(setting.PprofDataPath, username)
}()
}
isWiki := false
unitType := models.UnitTypeCode
if strings.HasSuffix(reponame, ".wiki") {
isWiki = true
unitType = models.UnitTypeWiki
reponame = reponame[:len(reponame)-5]
}
os.Setenv(models.EnvRepoUsername, username)
if isWiki {
os.Setenv(models.EnvRepoIsWiki, "true")
} else {
os.Setenv(models.EnvRepoIsWiki, "false")
}
os.Setenv(models.EnvRepoName, reponame)
repo, err := models.GetRepositoryByOwnerAndName(username, reponame)
if err != nil {
if models.IsErrRepoNotExist(err) {
fail(accessDenied, "Repository does not exist: %s/%s", username, reponame)
}
fail("Internal error", "Failed to get repository: %v", err)
}
requestedMode, has := allowedCommands[verb]
if !has {
fail("Unknown git command", "Unknown git command %s", verb)
@@ -173,37 +198,97 @@ func runServ(c *cli.Context) error {
}
}
results, err := private.ServCommand(keyID, username, reponame, requestedMode, verb, lfsVerb)
if err != nil {
if private.IsErrServCommand(err) {
errServCommand := err.(private.ErrServCommand)
if errServCommand.StatusCode != http.StatusInternalServerError {
fail("Unauthorized", "%s", errServCommand.Error())
} else {
fail("Internal Server Error", "%s", errServCommand.Error())
}
}
fail("Internal Server Error", "%s", err.Error())
// Prohibit push to mirror repositories.
if requestedMode > models.AccessModeRead && repo.IsMirror {
fail("mirror repository is read-only", "")
}
// Allow anonymous clone for public repositories.
var (
keyID int64
user *models.User
)
if requestedMode == models.AccessModeWrite || repo.IsPrivate {
keys := strings.Split(c.Args()[0], "-")
if len(keys) != 2 {
fail("Key ID format error", "Invalid key argument: %s", c.Args()[0])
}
key, err := models.GetPublicKeyByID(com.StrTo(keys[1]).MustInt64())
if err != nil {
fail("Invalid key ID", "Invalid key ID[%s]: %v", c.Args()[0], err)
}
keyID = key.ID
// Check deploy key or user key.
if key.Type == models.KeyTypeDeploy {
if key.Mode < requestedMode {
fail("Key permission denied", "Cannot push with deployment key: %d", key.ID)
}
// Check if this deploy key belongs to current repository.
if !models.HasDeployKey(key.ID, repo.ID) {
fail("Key access denied", "Deploy key access denied: [key_id: %d, repo_id: %d]", key.ID, repo.ID)
}
// Update deploy key activity.
deployKey, err := models.GetDeployKeyByRepo(key.ID, repo.ID)
if err != nil {
fail("Internal error", "GetDeployKey: %v", err)
}
deployKey.UpdatedUnix = util.TimeStampNow()
if err = models.UpdateDeployKeyCols(deployKey, "updated_unix"); err != nil {
fail("Internal error", "UpdateDeployKey: %v", err)
}
} else {
user, err = models.GetUserByKeyID(key.ID)
if err != nil {
fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err)
}
if !user.IsActive || user.ProhibitLogin {
fail("Your account is not active or has been disabled by Administrator",
"User %s is disabled and have no access to repository %s",
user.Name, repoPath)
}
mode, err := models.AccessLevel(user.ID, repo)
if err != nil {
fail("Internal error", "Failed to check access: %v", err)
} else if mode < requestedMode {
clientMessage := accessDenied
if mode >= models.AccessModeRead {
clientMessage = "You do not have sufficient authorization for this action"
}
fail(clientMessage,
"User %s does not have level %v access to repository %s",
user.Name, requestedMode, repoPath)
}
if !repo.CheckUnitUser(user.ID, user.IsAdmin, unitType) {
fail("You do not have allowed for this action",
"User %s does not have allowed access to repository %s 's code",
user.Name, repoPath)
}
os.Setenv(models.EnvPusherName, user.Name)
os.Setenv(models.EnvPusherID, fmt.Sprintf("%d", user.ID))
}
}
os.Setenv(models.EnvRepoIsWiki, strconv.FormatBool(results.IsWiki))
os.Setenv(models.EnvRepoName, results.RepoName)
os.Setenv(models.EnvRepoUsername, results.OwnerName)
os.Setenv(models.EnvPusherName, results.UserName)
os.Setenv(models.EnvPusherID, strconv.FormatInt(results.UserID, 10))
os.Setenv(models.ProtectedBranchRepoID, strconv.FormatInt(results.RepoID, 10))
os.Setenv(models.ProtectedBranchPRID, fmt.Sprintf("%d", 0))
//LFS token authentication
if verb == lfsAuthenticateVerb {
url := fmt.Sprintf("%s%s/%s.git/info/lfs", setting.AppURL, url.PathEscape(results.OwnerName), url.PathEscape(results.RepoName))
url := fmt.Sprintf("%s%s/%s.git/info/lfs", setting.AppURL, username, repo.Name)
now := time.Now()
claims := jwt.MapClaims{
"repo": results.RepoID,
"repo": repo.ID,
"op": lfsVerb,
"exp": now.Add(setting.LFS.HTTPAuthExpiry).Unix(),
"nbf": now.Unix(),
"user": results.UserID,
}
if user != nil {
claims["user"] = user.ID
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
@@ -224,6 +309,7 @@ func runServ(c *cli.Context) error {
if err != nil {
fail("Internal error", "Failed to encode LFS json response: %v", err)
}
return nil
}
@@ -240,6 +326,14 @@ func runServ(c *cli.Context) error {
gitcmd = exec.Command(verb, repoPath)
}
if isWiki {
if err = repo.InitWiki(); err != nil {
fail("Internal error", "Failed to init wiki repo: %v", err)
}
}
os.Setenv(models.ProtectedBranchRepoID, fmt.Sprintf("%d", repo.ID))
gitcmd.Dir = setting.RepoRootPath
gitcmd.Stdout = os.Stdout
gitcmd.Stdin = os.Stdin
@@ -249,9 +343,9 @@ func runServ(c *cli.Context) error {
}
// Update user key activity.
if results.KeyID > 0 {
if err = private.UpdatePublicKeyInRepo(results.KeyID, results.RepoID); err != nil {
fail("Internal error", "UpdatePublicKeyInRepo: %v", err)
if keyID > 0 {
if err = private.UpdatePublicKeyUpdated(keyID); err != nil {
fail("Internal error", "UpdatePublicKey: %v", err)
}
}

44
cmd/web.go
View File

@@ -5,6 +5,7 @@
package cmd
import (
"crypto/tls"
"fmt"
"net"
"net/http"
@@ -14,6 +15,7 @@ import (
"strings"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/markup/external"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/routers"
"code.gitea.io/gitea/routers/routes"
@@ -38,6 +40,11 @@ and it takes care of all the other things for you`,
Value: "3000",
Usage: "Temporary port number to prevent conflict",
},
cli.StringFlag{
Name: "config, c",
Value: "custom/conf/app.ini",
Usage: "Custom configuration file path",
},
cli.StringFlag{
Name: "pid, P",
Value: "/var/run/gitea.pid",
@@ -62,7 +69,7 @@ func runHTTPRedirector() {
var err = runHTTP(source, context2.ClearHandler(handler))
if err != nil {
log.Fatal("Failed to start port redirection: %v", err)
log.Fatal(4, "Failed to start port redirection: %v", err)
}
}
@@ -77,13 +84,15 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler)
log.Info("Running Let's Encrypt handler on %s", setting.HTTPAddr+":"+setting.PortToRedirect)
var err = http.ListenAndServe(setting.HTTPAddr+":"+setting.PortToRedirect, certManager.HTTPHandler(http.HandlerFunc(runLetsEncryptFallbackHandler))) // all traffic coming into HTTP will be redirect to HTTPS automatically (LE HTTP-01 validation happens here)
if err != nil {
log.Fatal("Failed to start the Let's Encrypt handler on port %s: %v", setting.PortToRedirect, err)
log.Fatal(4, "Failed to start the Let's Encrypt handler on port %s: %v", setting.PortToRedirect, err)
}
}()
server := &http.Server{
Addr: listenAddr,
Handler: m,
TLSConfig: certManager.TLSConfig(),
Addr: listenAddr,
Handler: m,
TLSConfig: &tls.Config{
GetCertificate: certManager.GetCertificate,
},
}
return server.ListenAndServeTLS("", "")
}
@@ -101,12 +110,18 @@ func runLetsEncryptFallbackHandler(w http.ResponseWriter, r *http.Request) {
}
func runWeb(ctx *cli.Context) error {
if ctx.IsSet("config") {
setting.CustomConf = ctx.String("config")
}
if ctx.IsSet("pid") {
setting.CustomPID = ctx.String("pid")
}
routers.GlobalInit()
external.RegisterParsers()
m := routes.NewMacaron()
routes.RegisterRoutes(m)
@@ -175,20 +190,15 @@ func runWeb(ctx *cli.Context) error {
}
err = runHTTPS(listenAddr, setting.CertFile, setting.KeyFile, context2.ClearHandler(m))
case setting.FCGI:
var listener net.Listener
listener, err = net.Listen("tcp", listenAddr)
listener, err := net.Listen("tcp", listenAddr)
if err != nil {
log.Fatal("Failed to bind %s: %v", listenAddr, err)
log.Fatal(4, "Failed to bind %s", listenAddr, err)
}
defer func() {
if err := listener.Close(); err != nil {
log.Fatal("Failed to stop server: %v", err)
}
}()
defer listener.Close()
err = fcgi.Serve(listener, context2.ClearHandler(m))
case setting.UnixSocket:
if err := os.Remove(listenAddr); err != nil && !os.IsNotExist(err) {
log.Fatal("Failed to remove unix socket directory %s: %v", listenAddr, err)
log.Fatal(4, "Failed to remove unix socket directory %s: %v", listenAddr, err)
}
var listener *net.UnixListener
listener, err = net.ListenUnix("unix", &net.UnixAddr{Name: listenAddr, Net: "unix"})
@@ -199,15 +209,15 @@ func runWeb(ctx *cli.Context) error {
// FIXME: add proper implementation of signal capture on all protocols
// execute this on SIGTERM or SIGINT: listener.Close()
if err = os.Chmod(listenAddr, os.FileMode(setting.UnixSocketPermission)); err != nil {
log.Fatal("Failed to set permission of unix socket: %v", err)
log.Fatal(4, "Failed to set permission of unix socket: %v", err)
}
err = http.Serve(listener, context2.ClearHandler(m))
default:
log.Fatal("Invalid protocol: %s", setting.Protocol)
log.Fatal(4, "Invalid protocol: %s", setting.Protocol)
}
if err != nil {
log.Fatal("Failed to start server: %v", err)
log.Fatal(4, "Failed to start server: %v", err)
}
return nil

2
cmd/web_graceful.go
View File

@@ -34,7 +34,7 @@ func runHTTPS(listenAddr, certFile, keyFile string, m http.Handler) error {
var err error
config.Certificates[0], err = tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
log.Fatal("Failed to load https cert file %s: %v", listenAddr, err)
log.Fatal(4, "Failed to load https cert file %s: %v", listenAddr, err)
}
return gracehttp.Serve(&http.Server{

42
contrib/fhs-compliant-script/gitea
View File

@@ -1,42 +0,0 @@
#!/bin/bash
########################################################################
# This script some defaults for gitea to run in a FHS compliant manner #
########################################################################
# It assumes that you place this script as gitea in /usr/bin
#
# And place the original in /usr/lib/gitea with working files in /var/lib/gitea
# and main configuration in /etc/gitea/app.ini
GITEA="/usr/lib/gitea/gitea"
WORK_DIR="/var/lib/gitea"
APP_INI="/etc/gitea/app.ini"
APP_INI_SET=""
for i in "$@"; do
case "$i" in
"-c")
APP_INI_SET=1
;;
"-c="*)
APP_INI_SET=1
;;
"--config")
APP_INI_SET=1
;;
"--config="*)
APP_INI_SET=1
;;
*)
;;
esac
done
if [ -z "$APP_INI_SET" ]; then
CONF_ARG="-c \"$APP_INI\""
fi
# Provide FHS compliant defaults to
GITEA_WORK_DIR="${GITEA_WORK_DIR:-$WORK_DIR}" "$GITEA" $CONF_ARG "$@"

2
contrib/ide/vscode/launch.json
View File

@@ -19,7 +19,7 @@
"type": "go",
"request": "launch",
"mode": "debug",
"buildFlags": "-tags=\"sqlite sqlite_unlock_notify\"",
"buildFlags": "-tags=\"sqlite\"",
"port": 2345,
"host": "127.0.0.1",
"program": "${workspaceRoot}/main.go",

2
contrib/ide/vscode/tasks.json
View File

@@ -35,7 +35,7 @@
"focus": false,
"panel": "shared"
},
"args": ["build", "-tags=\"sqlite sqlite_unlock_notify\""],
"args": ["build", "-tags=\"sqlite\""],
"linux": {
"args": ["-o", "gitea", "${workspaceRoot}/main.go"]
},

107
contrib/k8s/gitea.yml
View File

@@ -1,107 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: gitea
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: gitea
namespace: gitea
labels:
app: gitea
spec:
replicas: 1
template:
metadata:
name: gitea
labels:
app: gitea
spec:
containers:
- name: gitea
image: gitea/gitea:latest
imagePullPolicy: Always
volumeMounts:
- mountPath: "/var/lib/gitea"
name: "root"
- mountPath: "/data"
name: "data"
ports:
- containerPort: 22
name: ssh
protocol: TCP
- containerPort: 3000
name: http
protocol: TCP
restartPolicy: Always
volumes:
# Set up a data directory for gitea
# For production usage, you should consider using PV/PVC instead(or simply using storage like NAS)
# For more details, please see https://kubernetes.io/docs/concepts/storage/volumes/
- name: "root"
hostPath:
# directory location on host
path: "/var/lib/gitea"
# this field is optional
type: Directory
- name: "data"
hostPath:
path: "/data/gitea"
type: Directory
selector:
matchLabels:
app: gitea
---
# Using cluster mode
apiVersion: v1
kind: Service
metadata:
name: gitea-web
namespace: gitea
labels:
app: gitea-web
spec:
ports:
- port: 80
targetPort: 3000
name: http
selector:
app: gitea
---
# Using node-port mode
# This mainly open a specific TCP port for SSH usage on each host,
# so you can use a proxy layer to handle it(e.g. slb, nginx)
apiVersion: v1
kind: Service
metadata:
name: gitea-ssh
namespace: gitea
labels:
app: gitea-ssh
spec:
ports:
- port: 22
targetPort: 22
nodePort: 30022
name: ssh
selector:
app: gitea
type: NodePort
---
# Ingress is always suitable for HTTP usage,
# we suggest using an proxy layer such as slb to send traffic to different ports.
# Usually 80/443 for web and 22 directly for SSH.
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: gitea
namespace: gitea
spec:
rules:
- host: your-gitea-host.com
http:
paths:
- backend:
serviceName: gitea-web
servicePort: 80

264
contrib/pr/checkout.go
View File

@@ -1,264 +0,0 @@
package main
/*
Checkout a PR and load the tests data into sqlite database
*/
import (
"flag"
"fmt"
"io/ioutil"
"log"
"net/http"
"net/url"
"os"
"os/exec"
"os/user"
"path"
"path/filepath"
"runtime"
"strconv"
"time"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/markup"
"code.gitea.io/gitea/modules/markup/external"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/routers"
"code.gitea.io/gitea/routers/routes"
"github.com/Unknwon/com"
"github.com/go-xorm/xorm"
context2 "github.com/gorilla/context"
"gopkg.in/src-d/go-git.v4"
"gopkg.in/src-d/go-git.v4/config"
"gopkg.in/src-d/go-git.v4/plumbing"
"gopkg.in/testfixtures.v2"
)
var codeFilePath = "contrib/pr/checkout.go"
func runPR() {
log.Printf("[PR] Starting gitea ...\n")
curDir, err := os.Getwd()
if err != nil {
log.Fatal(err)
}
setting.SetCustomPathAndConf("", "", "")
setting.NewContext()
setting.RepoRootPath, err = ioutil.TempDir(os.TempDir(), "repos")
if err != nil {
log.Fatalf("TempDir: %v\n", err)
}
setting.AppDataPath, err = ioutil.TempDir(os.TempDir(), "appdata")
if err != nil {
log.Fatalf("TempDir: %v\n", err)
}
setting.AppWorkPath = curDir
setting.StaticRootPath = curDir
setting.GravatarSourceURL, err = url.Parse("https://secure.gravatar.com/avatar/")
if err != nil {
log.Fatalf("url.Parse: %v\n", err)
}
setting.AppURL = "http://localhost:8080/"
setting.HTTPPort = "8080"
setting.SSH.Domain = "localhost"
setting.SSH.Port = 3000
setting.InstallLock = true
setting.SecretKey = "9pCviYTWSb"
setting.InternalToken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE0OTI3OTU5ODN9.OQkH5UmzID2XBdwQ9TAI6Jj2t1X-wElVTjbE7aoN4I8"
curUser, err := user.Current()
if err != nil {
log.Fatal(err)
}
setting.RunUser = curUser.Username
log.Printf("[PR] Loading fixtures data ...\n")
setting.CheckLFSVersion()
//models.LoadConfigs()
/*
models.DbCfg.Type = "sqlite3"
models.DbCfg.Path = ":memory:"
models.DbCfg.Timeout = 500
*/
db := setting.Cfg.Section("database")
db.NewKey("DB_TYPE", "sqlite3")
db.NewKey("PATH", ":memory:")
setting.LogSQL = true
models.LoadConfigs()
routers.NewServices()
//x, err = xorm.NewEngine("sqlite3", "file::memory:?cache=shared")
var helper testfixtures.Helper = &testfixtures.SQLite{}
models.NewEngine(func(_ *xorm.Engine) error {
return nil
})
models.HasEngine = true
//x.ShowSQL(true)
err = models.InitFixtures(
helper,
path.Join(curDir, "models/fixtures/"),
)
if err != nil {
fmt.Printf("Error initializing test database: %v\n", err)
os.Exit(1)
}
models.LoadFixtures()
os.RemoveAll(setting.RepoRootPath)
os.RemoveAll(models.LocalCopyPath())
com.CopyDir(path.Join(curDir, "integrations/gitea-repositories-meta"), setting.RepoRootPath)
log.Printf("[PR] Setting up router\n")
//routers.GlobalInit()
external.RegisterParsers()
markup.Init()
m := routes.NewMacaron()
routes.RegisterRoutes(m)
log.Printf("[PR] Ready for testing !\n")
log.Printf("[PR] Login with user1, user2, user3, ... with pass: password\n")
/*
log.Info("Listen: %v://%s%s", setting.Protocol, listenAddr, setting.AppSubURL)
if setting.LFS.StartServer {
log.Info("LFS server enabled")
}
if setting.EnablePprof {
go func() {
log.Info("Starting pprof server on localhost:6060")
log.Info("%v", http.ListenAndServe("localhost:6060", nil))
}()
}
*/
//Start the server
http.ListenAndServe(":8080", context2.ClearHandler(m))
log.Printf("[PR] Cleaning up ...\n")
/*
if err = os.RemoveAll(setting.Indexer.IssuePath); err != nil {
fmt.Printf("os.RemoveAll: %v\n", err)
os.Exit(1)
}
if err = os.RemoveAll(setting.Indexer.RepoPath); err != nil {
fmt.Printf("Unable to remove repo indexer: %v\n", err)
os.Exit(1)
}
*/
if err = os.RemoveAll(setting.RepoRootPath); err != nil {
log.Fatalf("os.RemoveAll: %v\n", err)
}
if err = os.RemoveAll(setting.AppDataPath); err != nil {
log.Fatalf("os.RemoveAll: %v\n", err)
}
}
func main() {
var runPRFlag = flag.Bool("run", false, "Run the PR code")
flag.Parse()
if *runPRFlag {
runPR()
return
}
// To force checkout (e.g. Windows complains about unclean work tree) set env variable FORCE=true
force, err := strconv.ParseBool(os.Getenv("FORCE"))
if err != nil {
force = false
}
//Otherwise checkout PR
if len(os.Args) != 2 {
log.Fatal("Need only one arg: the PR number")
}
pr := os.Args[1]
codeFilePath = filepath.FromSlash(codeFilePath) //Convert to running OS
//Copy this file if it will not exist in the PR branch
dat, err := ioutil.ReadFile(codeFilePath)
if err != nil {
log.Fatalf("Failed to cache this code file : %v", err)
}
repo, err := git.PlainOpen(".")
if err != nil {
log.Fatalf("Failed to open the repo : %v", err)
}
//Find remote upstream
remotes, err := repo.Remotes()
if err != nil {
log.Fatalf("Failed to list remotes of repo : %v", err)
}
remoteUpstream := "origin" //Default
for _, r := range remotes {
if r.Config().URLs[0] == "https://github.com/go-gitea/gitea" || r.Config().URLs[0] == "git@github.com:go-gitea/gitea.git" { //fetch at index 0
remoteUpstream = r.Config().Name
break
}
}
branch := fmt.Sprintf("pr-%s-%d", pr, time.Now().Unix())
branchRef := plumbing.NewBranchReferenceName(branch)
log.Printf("Fetching PR #%s in %s\n", pr, branch)
if runtime.GOOS == "windows" {
//Use git cli command for windows
runCmd("git", "fetch", remoteUpstream, fmt.Sprintf("pull/%s/head:%s", pr, branch))
} else {
ref := fmt.Sprintf("refs/pull/%s/head:%s", pr, branchRef)
err = repo.Fetch(&git.FetchOptions{
RemoteName: remoteUpstream,
RefSpecs: []config.RefSpec{
config.RefSpec(ref),
},
})
if err != nil {
log.Fatalf("Failed to fetch %s from %s : %v", ref, remoteUpstream, err)
}
}
tree, err := repo.Worktree()
if err != nil {
log.Fatalf("Failed to parse git tree : %v", err)
}
log.Printf("Checkout PR #%s in %s\n", pr, branch)
err = tree.Checkout(&git.CheckoutOptions{
Branch: branchRef,
Force: force,
})
if err != nil {
log.Fatalf("Failed to checkout %s : %v", branch, err)
}
//Copy this file if not exist
if _, err := os.Stat(codeFilePath); os.IsNotExist(err) {
err = os.MkdirAll(filepath.Dir(codeFilePath), 0755)
if err != nil {
log.Fatalf("Failed to duplicate this code file in PR : %v", err)
}
err = ioutil.WriteFile(codeFilePath, dat, 0644)
if err != nil {
log.Fatalf("Failed to duplicate this code file in PR : %v", err)
}
}
time.Sleep(5 * time.Second)
//Start with integration test
runCmd("go", "run", "-tags", "sqlite sqlite_unlock_notify", codeFilePath, "-run")
}
func runCmd(cmd ...string) {
log.Printf("Executing : %s ...\n", cmd)
c := exec.Command(cmd[0], cmd[1:]...)
c.Stdout = os.Stdout
c.Stderr = os.Stderr
if err := c.Start(); err != nil {
log.Panicln(err)
}
if err := c.Wait(); err != nil {
log.Panicln(err)
}
}

9
contrib/systemd/gitea.service
View File

@@ -2,11 +2,10 @@
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
#Requires=mysql.service
#Requires=mariadb.service
#Requires=postgresql.service
#Requires=memcached.service
#Requires=redis.service
#After=mysqld.service
#After=postgresql.service
#After=memcached.service
#After=redis.service
[Service]
# Modify these two values and uncomment them if you have

183
custom/conf/app.ini.sample
View File

@@ -1,4 +1,3 @@
; This file lists the default values used by Gitea
; Copy required sections to your own app.ini (default is custom/conf/app.ini)
; and modify as needed.
@@ -32,13 +31,8 @@ PULL_REQUEST_QUEUE_LENGTH = 1000
PREFERRED_LICENSES = Apache License 2.0,MIT License
; Disable the ability to interact with repositories using the HTTP protocol
DISABLE_HTTP_GIT = false
; Value for Access-Control-Allow-Origin header, default is not to present
; WARNING: This maybe harmful to you website if you do not give it a right value.
ACCESS_CONTROL_ALLOW_ORIGIN =
; Force ssh:// clone url instead of scp-style uri when default SSH port is used
USE_COMPAT_SSH_URI = false
; Close issues as long as a commit on any branch marks it as fixed
DEFAULT_CLOSE_ISSUES_VIA_COMMITS_IN_ANY_BRANCH = false
[repository.editor]
; List of file extensions for which lines should be wrapped in the CodeMirror editor
@@ -70,27 +64,6 @@ MAX_FILES = 5
; List of prefixes used in Pull Request title to mark them as Work In Progress
WORK_IN_PROGRESS_PREFIXES=WIP:,[WIP]
[repository.issue]
; List of reasons why a Pull Request or Issue can be locked
LOCK_REASONS=Too heated,Off-topic,Resolved,Spam
[cors]
; More information about CORS can be found here: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#The_HTTP_response_headers
; enable cors headers (disabled by default)
ENABLED=false
; scheme of allowed requests
SCHEME=http
; list of requesting domains that are allowed
ALLOW_DOMAIN=*
; allow subdomains of headers listed above to request
ALLOW_SUBDOMAIN=false
; list of methods allowed to request
METHODS=GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS
; max time to cache response
MAX_AGE=10m
; allow request with credentials
ALLOW_CREDENTIALS=false
[ui]
; Number of repositories that are displayed on one explore page
EXPLORE_PAGING_NUM = 20
@@ -112,10 +85,6 @@ MAX_DISPLAY_FILE_SIZE = 8388608
SHOW_USER_EMAIL = true
; Set the default theme for the Gitea install
DEFAULT_THEME = gitea
; All available themes. Allow users select personalized themes regardless of the value of `DEFAULT_THEME`.
THEMES = gitea,arc-green
; Whether the full name of the users should be shown where possible. If the full name isn't set, the username will be used.
DEFAULT_SHOW_FULL_NAME = false
[ui.admin]
; Number of users that are displayed on one page
@@ -175,7 +144,7 @@ START_SSH_SERVER = false
BUILTIN_SSH_SERVER_USER =
; Domain name to be exposed in clone URL
SSH_DOMAIN = %(DOMAIN)s
; The network interface the builtin SSH server should listen on
; THe network interface the builtin SSH server should listen on
SSH_LISTEN_HOST =
; Port number to be exposed in clone URL
SSH_PORT = 22
@@ -183,9 +152,6 @@ SSH_PORT = 22
SSH_LISTEN_PORT = %(SSH_PORT)s
; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
SSH_ROOT_PATH =
; Gitea will create a authorized_keys file by default when it is not using the internal ssh server
; If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
SSH_CREATE_AUTHORIZED_KEYS_FILE = true
; For the built-in SSH server, choose the ciphers to support for SSH connections,
; for system SSH this setting has no effect
SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
@@ -260,9 +226,6 @@ PASSWD =
; For Postgres, either "disable" (default), "require", or "verify-full"
; For MySQL, either "false" (default), "true", or "skip-verify"
SSL_MODE = disable
; For MySQL only, either "utf8" or "utf8mb4", default is "utf8".
; NOTICE: for "utf8mb4" you must use MySQL InnoDB > 5.6. Gitea is unable to check this.
CHARSET = utf8
; For "sqlite3" and "tidb", use an absolute path when you start gitea as service
PATH = data/gitea.db
; For "sqlite3" only. Query timeout
@@ -271,26 +234,9 @@ SQLITE_TIMEOUT = 500
ITERATE_BUFFER_SIZE = 50
; Show the database generated SQL
LOG_SQL = true
; Maximum number of DB Connect retries
DB_RETRIES = 10
; Backoff time per DB retry (time.Duration)
DB_RETRY_BACKOFF = 3s
[indexer]
; Issue indexer type, currently support: bleve or db, default is bleve
ISSUE_INDEXER_TYPE = bleve
; Issue indexer storage path, available when ISSUE_INDEXER_TYPE is bleve
ISSUE_INDEXER_PATH = indexers/issues.bleve
; Issue indexer queue, currently support: channel or levelqueue, default is levelqueue
ISSUE_INDEXER_QUEUE_TYPE = levelqueue
; When ISSUE_INDEXER_QUEUE_TYPE is levelqueue, this will be the queue will be saved path,
; default is indexers/issues.queue
ISSUE_INDEXER_QUEUE_DIR = indexers/issues.queue
; When `ISSUE_INDEXER_QUEUE_TYPE` is `redis`, this will store the redis connection string.
ISSUE_INDEXER_QUEUE_CONN_STR = "addrs=127.0.0.1:6379 db=0"
; Batch queue number, default is 20
ISSUE_INDEXER_QUEUE_BATCH_NUMBER = 20
; repo indexer by default disabled, since it uses a lot of disk space
REPO_INDEXER_ENABLED = false
REPO_INDEXER_PATH = indexers/repos.bleve
@@ -312,12 +258,11 @@ COOKIE_USERNAME = gitea_awesome
COOKIE_REMEMBER_NAME = gitea_incredible
; Reverse proxy authentication header name of user name
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
REVERSE_PROXY_AUTHENTICATION_EMAIL = X-WEBAUTH-EMAIL
; The minimum password length for new Users
MIN_PASSWORD_LENGTH = 6
; Set to true to allow users to import local server paths
; True when users are allowed to import local server paths
IMPORT_LOCAL_PATHS = false
; Set to true to prevent all users (including admin) from creating custom git hooks
; Prevent all users (including admin) from creating custom git hooks
DISABLE_GIT_HOOKS = false
[openid]
@@ -361,12 +306,9 @@ ACTIVE_CODE_LIVE_MINUTES = 180
RESET_PASSWD_CODE_LIVE_MINUTES = 180
; Whether a new user needs to confirm their email when registering.
REGISTER_EMAIL_CONFIRM = false
; List of domain names that are allowed to be used to register on a Gitea instance
; gitea.io,example.com
EMAIL_DOMAIN_WHITELIST=
; Disallow registration, only allow admins to create accounts.
DISABLE_REGISTRATION = false
; Allow registration only using third-party services, it works only when DISABLE_REGISTRATION is false
; Allow registration only using third part services, it works only when DISABLE_REGISTRATION is false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
; User must sign in to view anything.
REQUIRE_SIGNIN_VIEW = false
@@ -375,33 +317,23 @@ ENABLE_NOTIFY_MAIL = false
; More detail: https://github.com/gogits/gogs/issues/165
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
ENABLE_REVERSE_PROXY_EMAIL = false
; Enable captcha validation for registration
ENABLE_CAPTCHA = false
; Type of captcha you want to use. Options: image, recaptcha
CAPTCHA_TYPE = image
; Enable recaptcha to use Google's recaptcha service
; Go to https://www.google.com/recaptcha/admin to sign up for a key
RECAPTCHA_SECRET =
RECAPTCHA_SITEKEY =
; Change this to use recaptcha.net or other recaptcha service
RECAPTCHA_URL = https://www.google.com/recaptcha/
RECAPTCHA_SECRET =
RECAPTCHA_SITEKEY =
; Default value for KeepEmailPrivate
; Each new user will get the value of this setting copied into their profile
DEFAULT_KEEP_EMAIL_PRIVATE = false
; Default value for AllowCreateOrganization
; Every new user will have rights set to create organizations depending on this setting
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
; Either "public", "limited" or "private", default is "public"
; Limited is for signed user only
; Private is only for member of the organization
; Public is for everyone
DEFAULT_ORG_VISIBILITY = public
; Default value for EnableDependencies
; Repositories will use dependencies by default depending on this setting
; Repositories will use depencies by default depending on this setting
DEFAULT_ENABLE_DEPENDENCIES = true
; Enable heatmap on users profiles.
ENABLE_USER_HEATMAP = true
; Enable Timetracking
ENABLE_TIMETRACKING = true
; Default value for EnableTimetracking
@@ -414,12 +346,6 @@ DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true
; if he has set KeepEmailPrivate to true. The user's email will be replaced with a
; concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.
NO_REPLY_ADDRESS = noreply.example.org
; Show Registration button
SHOW_REGISTRATION_BUTTON = true
; Default value for AutoWatchNewRepos
; When adding a repo to a team or creating a new repo all team members will watch the
; repo automatically if enabled
AUTO_WATCH_NEW_REPOS = true
[webhook]
; Hook task queue length, increase if webhook shooting starts hanging
@@ -435,8 +361,8 @@ PAGING_NUM = 10
ENABLED = false
; Buffer length of channel, keep it as it is if you don't know what it is.
SEND_BUFFER_LEN = 100
; Prefix displayed before subject in mail
SUBJECT_PREFIX =
; Name displayed in mail title
SUBJECT = %(APP_NAME)s
; Mail server
; Gmail: smtp.gmail.com:587
; QQ: smtp.qq.com:465
@@ -452,8 +378,6 @@ SKIP_VERIFY =
USE_CERTIFICATE = false
CERT_FILE = custom/mailer/cert.pem
KEY_FILE = custom/mailer/key.pem
; Should SMTP connection use TLS
IS_TLS_ENABLED = false
; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
FROM =
; Mailer user name and password
@@ -462,8 +386,8 @@ USER =
PASSWD =
; Send mails as plain text
SEND_AS_PLAIN_TEXT = false
; Set Mailer Type (either SMTP, sendmail or dummy to just send to the log)
MAILER_TYPE = smtp
; Enable sendmail (override SMTP)
USE_SENDMAIL = false
; Specify an alternative sendmail binary
SENDMAIL_PATH = sendmail
; Specify any extra sendmail arguments
@@ -504,18 +428,10 @@ SESSION_LIFE_TIME = 86400
[picture]
AVATAR_UPLOAD_PATH = data/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = data/repo-avatars
; How Gitea deals with missing repository avatars
; none = no avatar will be displayed; random = random avatar will be displayed; image = default image will be used
REPOSITORY_AVATAR_FALLBACK = none
REPOSITORY_AVATAR_FALLBACK_IMAGE = /img/repo_default.png
; Max Width and Height of uploaded avatars.
; This is to limit the amount of RAM used when resizing the image.
; Max Width and Height of uploaded avatars. This is to limit the amount of RAM
; used when resizing the image.
AVATAR_MAX_WIDTH = 4096
AVATAR_MAX_HEIGHT = 3072
; Maximum alloved file size for uploaded avatars.
; This is to limit the amount of RAM used when resizing the image.
AVATAR_MAX_FILE_SIZE = 1048576
; Chinese users can choose "duoshuo"
; or a custom avatar source, like: http://cn.gravatar.com/avatar/
GRAVATAR_SOURCE = gravatar
@@ -551,37 +467,16 @@ ROOT_PATH =
MODE = console
; Buffer length of the channel, keep it as it is if you don't know what it is.
BUFFER_LEN = 10000
REDIRECT_MACARON_LOG = false
MACARON = file
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Info"
ROUTER_LOG_LEVEL = Info
ROUTER = console
ENABLE_ACCESS_LOG = false
ACCESS_LOG_TEMPLATE = {{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}"
ACCESS = file
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
LEVEL = Info
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "None"
STACKTRACE_LEVEL = None
; Generic log modes
[log.x]
FLAGS = stdflags
EXPRESSION =
PREFIX =
COLORIZE = false
LEVEL = Trace
; For "console" mode only
[log.console]
LEVEL =
STDERR = false
; For "file" mode only
[log.file]
LEVEL =
; Set the file_name for the logger. If this is a relative path this
; will be relative to ROOT_PATH
FILE_NAME =
; This enables automated log rotate(switch of following options), default is true
LOG_ROTATE = true
; Max number of lines in a single file, default is 1000000
@@ -592,10 +487,6 @@ MAX_SIZE_SHIFT = 28
DAILY_ROTATE = true
; delete the log file after n days, default is 7
MAX_DAYS = 7
; compress logs with gzip
COMPRESS = true
; compression level see godoc for compress/gzip
COMPRESSION_LEVEL = -1
; For "conn" mode only
[log.conn]
@@ -623,6 +514,14 @@ PASSWD =
; Receivers, can be one or more, e.g. 1@example.com,2@example.com
RECEIVERS =
; For "database" mode only
[log.database]
LEVEL =
; Either "mysql" or "postgres"
DRIVER =
; Based on xorm, e.g.: root:root@localhost/gitea?charset=utf8
CONN =
[cron]
; Enable running cron tasks periodically.
ENABLED = true
@@ -638,7 +537,7 @@ SCHEDULE = @every 10m
SCHEDULE = @every 24h
TIMEOUT = 60s
; Arguments for command 'git fsck', e.g. "--unreachable --tags"
; see more on http://git-scm.com/docs/git-fsck
; see more on http://git-scm.com/docs/git-fsck/1.7.5
ARGS =
; Check repository statistics
@@ -677,14 +576,11 @@ MAX_GIT_DIFF_LINE_CHARACTERS = 5000
; Max number of files shown in diff view
MAX_GIT_DIFF_FILES = 100
; Arguments for command 'git gc', e.g. "--aggressive --auto"
; see more on http://git-scm.com/docs/git-gc/
; see more on http://git-scm.com/docs/git-gc/1.7.5
GC_ARGS =
; If use git wire protocol version 2 when git version >= 2.18, default is true, set to false when you always want git wire protocol version 1
EnableAutoGitWireProtocol = true
; Operation timeout in seconds
[git.timeout]
DEFAULT = 360
MIGRATE = 600
MIRROR = 300
CLONE = 300
@@ -702,24 +598,6 @@ MIN_INTERVAL = 10m
ENABLE_SWAGGER = true
; Max number of items in a page
MAX_RESPONSE_ITEMS = 50
; Default paging number of api
DEFAULT_PAGING_NUM = 30
; Default and maximum number of items per page for git trees api
DEFAULT_GIT_TREES_PER_PAGE = 1000
; Default size of a blob returned by the blobs API (default is 10MiB)
DEFAULT_MAX_BLOB_SIZE = 10485760
[oauth2]
; Enables OAuth2 provider
ENABLE = true
; Lifetime of an OAuth2 access token in seconds
ACCESS_TOKEN_EXPIRATION_TIME=3600
; Lifetime of an OAuth2 access token in hours
REFRESH_TOKEN_EXPIRATION_TIME=730
; Check if refresh token got already used
INVALIDATE_REFRESH_TOKENS=false
; OAuth2 authentication secret for access and refresh tokens, change this a unique string.
JWT_SECRET=Bk0yK7Y9g_p56v86KaHqjSbxvNvu3SbKoOdOt2ZcXvU
[i18n]
LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR
@@ -751,12 +629,11 @@ sv-SE = sv
ko-KR = ko
[U2F]
; NOTE: THE DEFAULT VALUES HERE WILL NEED TO BE CHANGED
; Two Factor authentication with security keys
; https://developers.yubico.com/U2F/App_ID.html
;APP_ID = http://localhost:3000/
; Comma seperated list of trusted facets
;TRUSTED_FACETS = http://localhost:3000/
APP_ID = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
; Comma seperated list of truisted facets
TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
; Extension mapping to highlight class
; e.g. .toml=ini
@@ -777,9 +654,3 @@ FILE_EXTENSIONS = .adoc,.asciidoc
RENDER_COMMAND = "asciidoc --out-file=- -"
; Don't pass the file on STDIN, pass the filename as argument instead.
IS_INPUT_FILE = false
[metrics]
; Enables metrics endpoint. True or false; default is false.
ENABLED = false
; If you want to add authorization, specify a token here
TOKEN =

5
docker/Makefile vendored
View File

@@ -4,11 +4,12 @@ DOCKER_IMAGE ?= gitea/gitea
DOCKER_TAG ?= latest
DOCKER_REF := $(DOCKER_IMAGE):$(DOCKER_TAG)
.PHONY: docker
docker:
docker build --disable-content-trust=false -t $(DOCKER_REF) .
# support also build args docker build --build-arg GITEA_VERSION=v1.2.3 --build-arg TAGS="bindata sqlite sqlite_unlock_notify" .
# support also build args docker build --build-arg GITEA_VERSION=v1.2.3 --build-arg TAGS="bindata sqlite" .
.PHONY: docker-build
docker-build:
docker run -ti --rm -v $(CURDIR):/srv/app/src/code.gitea.io/gitea -w /srv/app/src/code.gitea.io/gitea -e TAGS="bindata $(TAGS)" LDFLAGS="$(LDFLAGS)" webhippie/golang:edge make clean generate build
docker run -ti --rm -v $(CURDIR):/srv/app/src/code.gitea.io/gitea -w /srv/app/src/code.gitea.io/gitea -e TAGS="bindata $(TAGS)" webhippie/golang:edge make clean generate build

0
docker/root/etc/nsswitch.conf → docker/etc/nsswitch.conf
View File

2
docker/etc/profile.d/gitea.sh Executable file
View File

@@ -0,0 +1,2 @@
#!/bin/bash
export GITEA_CUSTOM=/data/gitea

0
docker/root/etc/s6/.s6-svscan/finish → docker/etc/s6/.s6-svscan/finish
View File

0
docker/root/etc/s6/gitea/finish → docker/etc/s6/gitea/finish
View File

0
docker/root/etc/s6/gitea/run → docker/etc/s6/gitea/run
View File

20
docker/root/etc/s6/gitea/setup → docker/etc/s6/gitea/setup
View File

@@ -6,16 +6,12 @@ if [ ! -d /data/git/.ssh ]; then
fi
if [ ! -f /data/git/.ssh/environment ]; then
echo "GITEA_CUSTOM=$GITEA_CUSTOM" >| /data/git/.ssh/environment
echo "GITEA_CUSTOM=/data/gitea" >| /data/git/.ssh/environment
chmod 600 /data/git/.ssh/environment
elif ! grep -q "^GITEA_CUSTOM=$GITEA_CUSTOM$" /data/git/.ssh/environment; then
sed -i /^GITEA_CUSTOM=/d /data/git/.ssh/environment
echo "GITEA_CUSTOM=$GITEA_CUSTOM" >> /data/git/.ssh/environment
fi
if [ ! -f ${GITEA_CUSTOM}/conf/app.ini ]; then
mkdir -p ${GITEA_CUSTOM}/conf
if [ ! -f /data/gitea/conf/app.ini ]; then
mkdir -p /data/gitea/conf
# Set INSTALL_LOCK to true only if SECRET_KEY is not empty and
# INSTALL_LOCK is empty
@@ -31,7 +27,6 @@ if [ ! -f ${GITEA_CUSTOM}/conf/app.ini ]; then
ROOT_URL=${ROOT_URL:-""} \
DISABLE_SSH=${DISABLE_SSH:-"false"} \
SSH_PORT=${SSH_PORT:-"22"} \
LFS_START_SERVER=${LFS_START_SERVER:-"false"} \
DB_TYPE=${DB_TYPE:-"sqlite3"} \
DB_HOST=${DB_HOST:-"localhost:3306"} \
DB_NAME=${DB_NAME:-"gitea"} \
@@ -41,13 +36,8 @@ if [ ! -f ${GITEA_CUSTOM}/conf/app.ini ]; then
DISABLE_REGISTRATION=${DISABLE_REGISTRATION:-"false"} \
REQUIRE_SIGNIN_VIEW=${REQUIRE_SIGNIN_VIEW:-"false"} \
SECRET_KEY=${SECRET_KEY:-""} \
envsubst < /etc/templates/app.ini > ${GITEA_CUSTOM}/conf/app.ini
chown ${USER}:git ${GITEA_CUSTOM}/conf/app.ini
envsubst < /etc/templates/app.ini > /data/gitea/conf/app.ini
fi
# only chown if current owner is not already the gitea ${USER}. No recursive check to save time
if ! [[ $(ls -ld /data/gitea | awk '{print $3}') = ${USER} ]]; then chown -R ${USER}:git /data/gitea; fi
if ! [[ $(ls -ld /app/gitea | awk '{print $3}') = ${USER} ]]; then chown -R ${USER}:git /app/gitea; fi
if ! [[ $(ls -ld /data/git | awk '{print $3}') = ${USER} ]]; then chown -R ${USER}:git /data/git; fi
chown -R ${USER}:git /data/gitea /app/gitea /data/git
chmod 0755 /data/gitea /app/gitea /data/git

0
docker/root/etc/s6/openssh/finish → docker/etc/s6/openssh/finish
View File

2
docker/root/etc/s6/openssh/run → docker/etc/s6/openssh/run
View File

@@ -2,5 +2,5 @@
[[ -f ./setup ]] && source ./setup
pushd /root > /dev/null
exec su-exec root /usr/sbin/sshd -D -e 2>&1
exec su-exec root /usr/sbin/sshd -D
popd

2
docker/root/etc/s6/openssh/setup → docker/etc/s6/openssh/setup
View File

@@ -6,7 +6,7 @@ fi
if [ ! -f /data/ssh/ssh_host_ed25519_key ]; then
echo "Generating /data/ssh/ssh_host_ed25519_key..."
ssh-keygen -t ed25519 -f /data/ssh/ssh_host_ed25519_key -N "" > /dev/null
ssh-keygen -t ed25519 -b 4096 -f /data/ssh/ssh_host_ed25519_key -N "" > /dev/null
fi
if [ ! -f /data/ssh/ssh_host_rsa_key ]; then

2
docker/etc/s6/syslogd/finish Executable file
View File

@@ -0,0 +1,2 @@
#!/bin/bash
exit 0

6
docker/etc/s6/syslogd/run Executable file
View File

@@ -0,0 +1,6 @@
#!/bin/bash
[[ -f ./setup ]] && source ./setup
pushd /root > /dev/null
exec su-exec root /sbin/syslogd -nS -O-
popd

1
docker/etc/s6/syslogd/setup Executable file
View File

@@ -0,0 +1 @@
#!/bin/bash

2
docker/root/etc/ssh/sshd_config → docker/etc/ssh/sshd_config
View File

@@ -29,5 +29,3 @@ AllowUsers git
Banner none
Subsystem sftp /usr/lib/ssh/sftp-server
AcceptEnv GIT_PROTOCOL

2
docker/root/etc/templates/app.ini → docker/etc/templates/app.ini
View File

@@ -17,7 +17,6 @@ HTTP_PORT = $HTTP_PORT
ROOT_URL = $ROOT_URL
DISABLE_SSH = $DISABLE_SSH
SSH_PORT = $SSH_PORT
LFS_START_SERVER = $LFS_START_SERVER
LFS_CONTENT_PATH = /data/git/lfs
[database]
@@ -36,7 +35,6 @@ PROVIDER_CONFIG = /data/gitea/sessions
[picture]
AVATAR_UPLOAD_PATH = /data/gitea/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
[attachment]
PATH = /data/gitea/attachments

10
docker/root/usr/bin/entrypoint → docker/usr/bin/entrypoint
View File

@@ -4,15 +4,7 @@ if [ "${USER}" != "git" ]; then
# rename user
sed -i -e "s/^git\:/${USER}\:/g" /etc/passwd
# switch sshd config to different user
sed -i -e "s/AllowUsers git$/AllowUsers ${USER}/g" /etc/ssh/sshd_config
fi
if [ -z "${USER_GID}" ]; then
USER_GID="`id -g ${USER}`"
fi
if [ -z "${USER_UID}" ]; then
USER_UID="`id -u ${USER}`"
sed -i -e "s/AllowUsers git/AllowUsers ${USER}/g" /etc/ssh/sshd_config
fi
## Change GID for USER?

10
docs/README.md
View File

@@ -1,16 +1,20 @@
# Gitea: Docs
[![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/Gitea)
[![Build Status](http://drone.gitea.io/api/badges/go-gitea/docs/status.svg)](http://drone.gitea.io/go-gitea/docs)
[![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/NsatcWJ)
[![](https://images.microbadger.com/badges/image/gitea/docs.svg)](http://microbadger.com/images/gitea/docs "Get your own image badge on microbadger.com")
## Hosting
These pages are hosted using [netlifycms](https://www.netlifycms.org/) and get
This page is hosted on our infrastructure within Docker containers, it gets
automatically updated on every push to the `master` branch.
If you want to host this page on your own you can take our docker image
[gitea/docs](https://hub.docker.com/r/gitea/docs/).
## Install
These pages use the [Hugo](https://gohugo.io/) static site generator.
This pages uses the [Hugo](https://github.com/spf13/hugo) static site generator.
If you are planning to contribute you'll want to download and install Hugo on
your local machine.

42
docs/README_ZH.md
View File

@@ -1,42 +0,0 @@
# Gitea: 文档
[![Build Status](http://drone.gitea.io/api/badges/go-gitea/docs/status.svg)](http://drone.gitea.io/go-gitea/docs)
[![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/NsatcWJ)
[![](https://images.microbadger.com/badges/image/gitea/docs.svg)](http://microbadger.com/images/gitea/docs "Get your own image badge on microbadger.com")
## 关于托管方式
本页面托管在我们 Docker 容器内的基础设施上, 它会在每次推送到 `master` 分支的时候自动更新,如果你想自己管理这个页面,你可以从我们的 Docker 镜像 [gitea/docs](https://hub.docker.com/r/gitea/docs/) 中获取它。
## 安装 Hugo
本页面使用了 [Hugo](https://github.com/spf13/hugo) 静态页面生成工具,如果您有维护它的意愿,则需要在本地计算机上下载并安装 Hugo。Hugo 的安装教程不在本文档的讲述范围之内,详情请参见 [官方文档](https://gohugo.io/overview/installing/)。
## 如何部署
在 [localhost:1313](http://localhost:1313) 处构建和运行网站的命令如下,如果需要停止可以使用组合键 `Ctrl+C`:
```
make server
```
完成更改后,只需创建一个 Pull Request (PR),该 PR 一经合并网站将自动更新。
## 如何贡献您的代码
Fork -> Patch -> Push -> Pull Request
## 关于我们
* [维护者信息](https://github.com/orgs/go-gitea/people)
* [代码贡献者信息](https://github.com/go-gitea/docs/graphs/contributors)
## 许可证
此项目采用 Apache-2.0 许可协议,请参见 [协议文件](LICENSE) 获取更多信息。
## 版权声明
```
Copyright (c) 2016 The Gitea Authors <https://gitea.io>
```

1
docs/config.yaml
View File

@@ -6,7 +6,6 @@ theme: gitea
defaultContentLanguage: en-us
defaultContentLanguageInSubdir: true
enableMissingTranslationPlaceholders: true
enableEmoji: true
permalinks:
post: /:year/:month/:title/

22
docs/content/doc/advanced/api-usage.en-us.md
View File

@@ -17,7 +17,7 @@ menu:
## Enabling/configuring API access
By default, `ENABLE_SWAGGER` is true, and
By default, `ENABLE_SWAGGER_ENDPOINT` is true, and
`MAX_RESPONSE_ITEMS` is set to 50. See [Config Cheat
Sheet](https://docs.gitea.io/en-us/config-cheat-sheet/) for more
information.
@@ -31,26 +31,18 @@ Gitea supports these methods of API authentication:
- `access_token=...` parameter in URL query string
- `Authorization: token ...` header in HTTP headers
All of these methods accept the same API key token type. You can
All of these methods accept the same apiKey token type. You can
better understand this by looking at the code -- as of this writing,
Gitea parses queries and headers to find the token in
[modules/auth/auth.go](https://github.com/go-gitea/gitea/blob/6efdcaed86565c91a3dc77631372a9cc45a58e89/modules/auth/auth.go#L47).
You can create an API key token via your Gitea installation's web interface:
You can create an apiKey token via your gitea install's web interface:
`Settings | Applications | Generate New Token`.
### OAuth2
Access tokens obtained from Gitea's [OAuth2 provider](https://docs.gitea.io/en-us/oauth2-provider) are accepted by these methods:
- `Authorization bearer ...` header in HTTP headers
- `token=...` parameter in URL query string
- `access_token=...` parameter in URL query string
### More on the `Authorization:` header
For historical reasons, Gitea needs the word `token` included before
the API key token in an authorization header, like this:
the apiKey token in an authorization header, like this:
```
Authorization: token 65eaa9c8ef52460d22a93307fe0aee76289dc675
@@ -82,12 +74,6 @@ $ curl --request GET --url https://yourusername:yourpassword@gitea.your.host/api
[{"name":"test","sha1":"..."},{"name":"dev","sha1":"..."}]
```
As of v1.8.0 of Gitea, if using basic authentication with the API and your user has two factor authentication enabled, you'll need to send an additional header that contains the one time password (6 digit rotating token). An example of the header is `X-Gitea-OTP: 123456` where `123456` is where you'd place the code from your authenticator. Here is how the request would look like in curl:
```
$ curl -H "X-Gitea-OTP: 123456" --request GET --url https://yourusername:yourpassword@gitea.your.host/api/v1/users/yourusername/tokens
```
## Sudo
The API allows admin users to sudo API requests as another user. Simply add either a `sudo=` parameter or `Sudo:` request header with the username of the user to sudo.

2
docs/content/doc/advanced/api-usage.zh-cn.md
View File

@@ -17,7 +17,7 @@ menu:
## 开启/配置 API 访问
通常情况下, `ENABLE_SWAGGER` 默认开启并且参数 `MAX_RESPONSE_ITEMS` 默认为 50。您可以从 [Config Cheat
通常情况下, `ENABLE_SWAGGER_ENDPOINT` 默认开启并且参数 `MAX_RESPONSE_ITEMS` 默认为 50。您可以从 [Config Cheat
Sheet](https://docs.gitea.io/en-us/config-cheat-sheet/) 中获取更多配置相关信息。
## 通过 API 认证

183
docs/content/doc/advanced/config-cheat-sheet.en-us.md
View File

@@ -15,8 +15,8 @@ menu:
# Configuration Cheat Sheet
This is a cheat sheet for the Gitea configuration file. It contains most of the settings
that can be configured as well as their default values.
This is a cheat sheet for the Gitea configuration file. It contains most settings
that can configured as well as their default values.
Any changes to the Gitea configuration file should be made in `custom/conf/app.ini`
or any corresponding location. When installing from a distribution, this will
@@ -44,7 +44,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
- `ROOT`: **~/gitea-repositories/**: Root path for storing all repository data. It must be
an absolute path.
- `SCRIPT_TYPE`: **bash**: The script type this server supports. Usually this is `bash`,
- `SCRIPT_TYPE`: **bash**: The script type this server supports, usually this is `bash`,
but some users report that only `sh` is available.
- `ANSI_CHARSET`: **\<empty\>**: The default charset for an unrecognized charset.
- `FORCE_PRIVATE`: **false**: Force every new repository to be private.
@@ -62,30 +62,11 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
HTTP protocol.
- `USE_COMPAT_SSH_URI`: **false**: Force ssh:// clone url instead of scp-style uri when
default SSH port is used.
- `ACCESS_CONTROL_ALLOW_ORIGIN`: **\<empty\>**: Value for Access-Control-Allow-Origin header,
default is not to present. **WARNING**: This maybe harmful to you website if you do not
give it a right value.
- `DEFAULT_CLOSE_ISSUES_VIA_COMMITS_IN_ANY_BRANCH`: **false**: Close an issue if a commit on a non default branch marks it as closed.
### Repository - Pull Request (`repository.pull-request`)
- `WORK_IN_PROGRESS_PREFIXES`: **WIP:,\[WIP\]**: List of prefixes used in Pull Request
title to mark them as Work In Progress
### Repository - Issue (`repository.issue`)
- `LOCK_REASONS`: **Too heated,Off-topic,Resolved,Spam**: A list of reasons why a Pull Request or Issue can be locked
## CORS (`cors`)
- `ENABLED`: **false**: enable cors headers (disabled by default)
- `SCHEME`: **http**: scheme of allowed requests
- `ALLOW_DOMAIN`: **\***: list of requesting domains that are allowed
- `ALLOW_SUBDOMAIN`: **false**: allow subdomains of headers listed above to request
- `METHODS`: **GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS**: list of methods allowed to request
- `MAX_AGE`: **10m**: max time to cache response
- `ALLOW_CREDENTIALS`: **false**: allow request with credentials
## UI (`ui`)
- `EXPLORE_PAGING_NUM`: **20**: Number of repositories that are shown in one explore page.
@@ -93,9 +74,6 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
- `FEED_MAX_COMMIT_NUM`: **5**: Number of maximum commits shown in one activity feed.
- `GRAPH_MAX_COMMIT_NUM`: **100**: Number of maximum commits shown in the commit graph.
- `DEFAULT_THEME`: **gitea**: \[gitea, arc-green\]: Set the default theme for the Gitea install.
- `THEMES`: **gitea,arc-green**: All available themes. Allow users select personalized themes
regardless of the value of `DEFAULT_THEME`.
- `DEFAULT_SHOW_FULL_NAME`: false: Whether the full name of the users should be shown where possible. If the full name isn't set, the username will be used.
### UI - Admin (`ui.admin`)
@@ -144,8 +122,9 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
- `LFS_CONTENT_PATH`: **./data/lfs**: Where to store LFS files.
- `LFS_JWT_SECRET`: **\<empty\>**: LFS authentication secret, change this a unique string.
- `LFS_HTTP_AUTH_EXPIRY`: **20m**: LFS authentication validity period in time.Duration, pushes taking longer than this may fail.
- `REDIRECT_OTHER_PORT`: **false**: If true and `PROTOCOL` is https, allows redirecting http requests on `PORT_TO_REDIRECT` to the https port Gitea listens on.
- `PORT_TO_REDIRECT`: **80**: Port for the http redirection service to listen on. Used when `REDIRECT_OTHER_PORT` is true.
- `REDIRECT_OTHER_PORT`: **false**: If true and `PROTOCOL` is https, redirects http requests
on another (https) port.
- `PORT_TO_REDIRECT`: **80**: Port used when `REDIRECT_OTHER_PORT` is true.
- `ENABLE_LETSENCRYPT`: **false**: If enabled you must set `DOMAIN` to valid internet facing domain (ensure DNS is set and port 80 is accessible by letsencrypt validation server).
By using Lets Encrypt **you must consent** to their [terms of service](https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf).
- `LETSENCRYPT_ACCEPTTOS`: **false**: This is an explicit check that you accept the terms of service for Let's Encrypt.
@@ -160,22 +139,13 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
- `USER`: **root**: Database username.
- `PASSWD`: **\<empty\>**: Database user password. Use \`your password\` for quoting if you use special characters in the password.
- `SSL_MODE`: **disable**: For PostgreSQL and MySQL only.
- `CHARSET`: **utf8**: For MySQL only, either "utf8" or "utf8mb4", default is "utf8". NOTICE: for "utf8mb4" you must use MySQL InnoDB > 5.6. Gitea is unable to check this.
- `PATH`: **data/gitea.db**: For SQLite3 only, the database file path.
- `LOG_SQL`: **true**: Log the executed SQL.
- `DB_RETRIES`: **10**: How many ORM init / DB connect attempts allowed.
- `DB_RETRY_BACKOFF`: **3s**: time.Duration to wait before trying another ORM init / DB connect attempt, if failure occured.
## Indexer (`indexer`)
- `ISSUE_INDEXER_TYPE`: **bleve**: Issue indexer type, currently support: bleve or db, if it's db, below issue indexer item will be invalid.
- `ISSUE_INDEXER_PATH`: **indexers/issues.bleve**: Index file used for issue search.
- `ISSUE_INDEXER_QUEUE_TYPE`: **levelqueue**: Issue indexer queue, currently supports:`channel`, `levelqueue`, `redis`.
- `ISSUE_INDEXER_QUEUE_DIR`: **indexers/issues.queue**: When `ISSUE_INDEXER_QUEUE_TYPE` is `levelqueue`, this will be the queue will be saved path.
- `ISSUE_INDEXER_QUEUE_CONN_STR`: **addrs=127.0.0.1:6379 db=0**: When `ISSUE_INDEXER_QUEUE_TYPE` is `redis`, this will store the redis connection string.
- `ISSUE_INDEXER_QUEUE_BATCH_NUMBER`: **20**: Batch queue number.
- `REPO_INDEXER_ENABLED`: **false**: Enables code search (uses a lot of disk space, about 6 times more than the repository size).
- `REPO_INDEXER_ENABLED`: **false**: Enables code search (uses a lot of disk space).
- `REPO_INDEXER_PATH`: **indexers/repos.bleve**: Index file used for code search.
- `UPDATE_BUFFER_LEN`: **20**: Buffer length of index request.
- `MAX_FILE_SIZE`: **1048576**: Maximum size in bytes of files to be indexed.
@@ -190,13 +160,9 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
information.
- `REVERSE_PROXY_AUTHENTICATION_USER`: **X-WEBAUTH-USER**: Header name for reverse proxy
authentication.
- `REVERSE_PROXY_AUTHENTICATION_EMAIL`: **X-WEBAUTH-EMAIL**: Header name for reverse proxy
authentication provided email.
- `DISABLE_GIT_HOOKS`: **false**: Set to `true` to prevent all users (including admin) from creating custom
- `DISABLE_GIT_HOOKS`: **false**: Prevent all users (including admin) from creating custom
git hooks.
- `IMPORT_LOCAL_PATHS`: **false**: Set to `false` to prevent all users (including admin) from importing local path on server.
- `INTERNAL_TOKEN`: **\<random at every install if no uri set\>**: Secret used to validate communication within Gitea binary.
- `INTERNAL_TOKEN_URI`: **<empty>**: Instead of defining internal token in the configuration, this configuration option can be used to give Gitea a path to a file that contains the internal token (example value: `file:/etc/gitea/internal_token`)
- `IMPORT_LOCAL_PATHS`: **false**: Prevent all users (including admin) from importing local path on server.
## OpenID (`openid`)
@@ -216,31 +182,17 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
Requires `Mailer` to be enabled.
- `DISABLE_REGISTRATION`: **false**: Disable registration, after which only admin can create
accounts for users.
- `REQUIRE_EXTERNAL_REGISTRATION_PASSWORD`: **false**: Enable this to force externally created
accounts (via GitHub, OpenID Connect, etc) to create a password. Warning: enabling this will
decrease security, so you should only enable it if you know what you're doing.
- `REQUIRE_SIGNIN_VIEW`: **false**: Enable this to force users to log in to view any page.
- `ENABLE_NOTIFY_MAIL`: **false**: Enable this to send e-mail to watchers of a repository when
something happens, like creating issues. Requires `Mailer` to be enabled.
- `ENABLE_REVERSE_PROXY_AUTHENTICATION`: **false**: Enable this to allow reverse proxy authentication.
- `ENABLE_REVERSE_PROXY_AUTO_REGISTRATION`: **false**: Enable this to allow auto-registration
for reverse authentication.
- `ENABLE_REVERSE_PROXY_EMAIL`: **false**: Enable this to allow to auto-registration with a
provided email rather than a generated email.
- `ENABLE_CAPTCHA`: **false**: Enable this to use captcha validation for registration.
- `REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA`: **false**: Enable this to force captcha validation
even for External Accounts (i.e. GitHub, OpenID Connect, etc). You must `ENABLE_CAPTCHA` also.
- `CAPTCHA_TYPE`: **image**: \[image, recaptcha\]
- `RECAPTCHA_SECRET`: **""**: Go to https://www.google.com/recaptcha/admin to get a secret for recaptcha.
- `RECAPTCHA_SITEKEY`: **""**: Go to https://www.google.com/recaptcha/admin to get a sitekey for recaptcha.
- `RECAPTCHA_URL`: **https://www.google.com/recaptcha/**: Set the recaptcha url - allows the use of recaptcha net.
- `DEFAULT_ENABLE_DEPENDENCIES`: **true**: Enable this to have dependencies enabled by default.
- `ENABLE_USER_HEATMAP`: **true**: Enable this to display the heatmap on users profiles.
- `EMAIL_DOMAIN_WHITELIST`: **\<empty\>**: If non-empty, list of domain names that can only be used to register
on this instance.
- `SHOW_REGISTRATION_BUTTON`: **! DISABLE\_REGISTRATION**: Show Registration Button
- `AUTO_WATCH_NEW_REPOS`: **true**: Enable this to let all organisation users watch new repos when they are created
- `DEFAULT_ORG_VISIBILITY`: **public**: Set default visibility mode for organisations, either "public", "limited" or "private".
- `DEFAULT_ENABLE_DEPENDENCIES`: **true** Enable this to have dependencies enabled by default.
## Webhook (`webhook`)
@@ -261,18 +213,12 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
- `PASSWD`: **\<empty\>**: Password of mailing user. Use \`your password\` for quoting if you use special characters in the password.
- `SKIP_VERIFY`: **\<empty\>**: Do not verify the self-signed certificates.
- **Note:** Gitea only supports SMTP with STARTTLS.
- `SUBJECT_PREFIX`: **\<empty\>**: Prefix to be placed before e-mail subject lines.
- `MAILER_TYPE`: **smtp**: \[smtp, sendmail, dummy\]
- **smtp** Use SMTP to send mail
- **sendmail** Use the operating system's `sendmail` command instead of SMTP.
- `USE_SENDMAIL`: **false** Use the operating system's `sendmail` command instead of SMTP.
This is common on linux systems.
- **dummy** Send email messages to the log as a testing phase.
- Note that enabling sendmail will ignore all other `mailer` settings except `ENABLED`,
`FROM`, `SUBJECT_PREFIX` and `SENDMAIL_PATH`.
- Enabling dummy will ignore all settings except `ENABLED`, `SUBJECT_PREFIX` and `FROM`.
`FROM` and `SENDMAIL_PATH`.
- `SENDMAIL_PATH`: **sendmail**: The location of sendmail on the operating system (can be
command or full path).
- ``IS_TLS_ENABLED`` : **false** : Decide if SMTP connections should use TLS.
## Cache (`cache`)
@@ -284,7 +230,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
## Session (`session`)
- `PROVIDER`: **memory**: Session engine provider \[memory, file, redis, mysql, couchbase, memcache, nodb, postgres\].
- `PROVIDER`: **memory**: Session engine provider \[memory, file, redis, mysql\].
- `PROVIDER_CONFIG`: **data/sessions**: For file, the root path; for others, the connection string.
- `COOKIE_SECURE`: **false**: Enable this to force using HTTPS for all session access.
- `COOKIE_NAME`: **i\_like\_gitea**: The name of the cookie used for the session ID.
@@ -297,16 +243,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
- `DISABLE_GRAVATAR`: **false**: Enable this to use local avatars only.
- `ENABLE_FEDERATED_AVATAR`: **false**: Enable support for federated avatars (see
[http://www.libravatar.org](http://www.libravatar.org)).
- `AVATAR_UPLOAD_PATH`: **data/avatars**: Path to store user avatar image files.
- `REPOSITORY_AVATAR_UPLOAD_PATH`: **data/repo-avatars**: Path to store repository avatar image files.
- `REPOSITORY_AVATAR_FALLBACK`: **none**: How Gitea deals with missing repository avatars
- none = no avatar will be displayed
- random = random avatar will be generated
- image = default image will be used (which is set in `REPOSITORY_AVATAR_DEFAULT_IMAGE`)
- `REPOSITORY_AVATAR_FALLBACK_IMAGE`: **/img/repo_default.png**: Image used as default repository avatar (if `REPOSITORY_AVATAR_FALLBACK` is set to image and none was uploaded)
- `AVATAR_MAX_WIDTH`: **4096**: Maximum avatar image width in pixels.
- `AVATAR_MAX_HEIGHT`: **3072**: Maximum avatar image height in pixels.
- `AVATAR_MAX_FILE_SIZE`: **1048576** (1Mb): Maximum avatar image file size in bytes.
- `AVATAR_UPLOAD_PATH`: **data/avatars**: Path to store local and cached files.
## Attachment (`attachment`)
@@ -320,64 +257,8 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
## Log (`log`)
- `ROOT_PATH`: **\<empty\>**: Root path for log files.
- `MODE`: **console**: Logging mode. For multiple modes, use a comma to separate values. You can configure each mode in per mode log subsections `\[log.modename\]`. By default the file mode will log to `$ROOT_PATH/gitea.log`.
- `LEVEL`: **Info**: General log level. \[Trace, Debug, Info, Warn, Error, Critical, Fatal, None\]
- `STACKTRACE_LEVEL`: **None**: Default log level at which to log create stack traces. \[Trace, Debug, Info, Warn, Error, Critical, Fatal, None\]
- `REDIRECT_MACARON_LOG`: **false**: Redirects the Macaron log to its own logger or the default logger.
- `MACARON`: **file**: Logging mode for the macaron logger, use a comma to separate values. Configure each mode in per mode log subsections `\[log.modename.macaron\]`. By default the file mode will log to `$ROOT_PATH/macaron.log`. (If you set this to `,` it will log to default gitea logger.)
- `ROUTER_LOG_LEVEL`: **Info**: The log level that the router should log at. (If you are setting the access log, its recommended to place this at Debug.)
- `ROUTER`: **console**: The mode or name of the log the router should log to. (If you set this to `,` it will log to default gitea logger.)
NB: You must `REDIRECT_MACARON_LOG` and have `DISABLE_ROUTER_LOG` set to `false` for this option to take effect. Configure each mode in per mode log subsections `\[log.modename.router\]`.
- `ENABLE_ACCESS_LOG`: **false**: Creates an access.log in NCSA common log format, or as per the following template
- `ACCESS`: **file**: Logging mode for the access logger, use a comma to separate values. Configure each mode in per mode log subsections `\[log.modename.access\]`. By default the file mode will log to `$ROOT_PATH/access.log`. (If you set this to `,` it will log to the default gitea logger.)
- `ACCESS_LOG_TEMPLATE`: **`{{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}"`**: Sets the template used to create the access log.
- The following variables are available:
- `Ctx`: the `macaron.Context` of the request.
- `Identity`: the SignedUserName or `"-"` if not logged in.
- `Start`: the start time of the request.
- `ResponseWriter`: the responseWriter from the request.
- You must be very careful to ensure that this template does not throw errors or panics as this template runs outside of the panic/recovery script.
- `ENABLE_XORM_LOG`: **true**: Set whether to perform XORM logging. Please note SQL statement logging can be disabled by setting `LOG_SQL` to false in the `[database]` section.
### Log subsections (`log.name`, `log.name.*`)
- `LEVEL`: **log.LEVEL**: Sets the log-level of this sublogger. Defaults to the `LEVEL` set in the global `[log]` section.
- `STACKTRACE_LEVEL`: **log.STACKTRACE_LEVEL**: Sets the log level at which to log stack traces.
- `MODE`: **name**: Sets the mode of this sublogger - Defaults to the provided subsection name. This allows you to have two different file loggers at different levels.
- `EXPRESSION`: **""**: A regular expression to match either the function name, file or message. Defaults to empty. Only log messages that match the expression will be saved in the logger.
- `FLAGS`: **stdflags**: A comma separated string representing the log flags. Defaults to `stdflags` which represents the prefix: `2009/01/23 01:23:23 ...a/b/c/d.go:23:runtime.Caller() [I]: message`. `none` means don't prefix log lines. See `modules/log/base.go` for more information.
- `PREFIX`: **""**: An additional prefix for every log line in this logger. Defaults to empty.
- `COLORIZE`: **false**: Colorize the log lines by default
### Console log mode (`log.console`, `log.console.*`, or `MODE=console`)
- For the console logger `COLORIZE` will default to `true` if not on windows or the terminal is determined to be able to color.
- `STDERR`: **false**: Use Stderr instead of Stdout.
### File log mode (`log.file`, `log.file.*` or `MODE=file`)
- `FILE_NAME`: Set the file name for this logger. Defaults as described above. If relative will be relative to the `ROOT_PATH`
- `LOG_ROTATE`: **true**: Rotate the log files.
- `MAX_SIZE_SHIFT`: **28**: Maximum size shift of a single file, 28 represents 256Mb.
- `DAILY_ROTATE`: **true**: Rotate logs daily.
- `MAX_DAYS`: **7**: Delete the log file after n days
- `COMPRESS`: **true**: Compress old log files by default with gzip
- `COMPRESSION_LEVEL`: **-1**: Compression level
### Conn log mode (`log.conn`, `log.conn.*` or `MODE=conn`)
- `RECONNECT_ON_MSG`: **false**: Reconnect host for every single message.
- `RECONNECT`: **false**: Try to reconnect when connection is lost.
- `PROTOCOL`: **tcp**: Set the protocol, either "tcp", "unix" or "udp".
- `ADDR`: **:7020**: Sets the address to connect to.
### SMTP log mode (`log.smtp`, `log.smtp.*` or `MODE=smtp`)
- `USER`: User email address to send from.
- `PASSWD`: Password for the smtp server.
- `HOST`: **127.0.0.1:25**: The SMTP host to connect to.
- `RECEIVERS`: Email addresses to send to.
- `SUBJECT`: **Diagnostic message from Gitea**
- `MODE`: **console**: Logging mode. For multiple modes, use a comma to separate values.
- `LEVEL`: **Trace**: General log level. \[Trace, Debug, Info, Warn, Error, Critical\]
## Cron (`cron`)
@@ -399,7 +280,7 @@ NB: You must `REDIRECT_MACARON_LOG` and have `DISABLE_ROUTER_LOG` set to `false`
- `SCHEDULE`: **every 24h**: Cron syntax for scheduling repository health check.
- `TIMEOUT`: **60s**: Time duration syntax for health check execution timeout.
- `ARGS`: **\<empty\>**: Arguments for command `git fsck`, e.g. `--unreachable --tags`. See more on http://git-scm.com/docs/git-fsck
- `ARGS`: **\<empty\>**: Arguments for command `git fsck`, e.g. `--unreachable --tags`.
### Cron - Repository Statistics Check (`cron.check_repo_stats`)
@@ -411,37 +292,19 @@ NB: You must `REDIRECT_MACARON_LOG` and have `DISABLE_ROUTER_LOG` set to `false`
- `MAX_GIT_DIFF_LINES`: **100**: Max number of lines allowed of a single file in diff view.
- `MAX_GIT_DIFF_LINE_CHARACTERS`: **5000**: Max character count per line highlighted in diff view.
- `MAX_GIT_DIFF_FILES`: **100**: Max number of files shown in diff view.
- `GC_ARGS`: **\<empty\>**: Arguments for command `git gc`, e.g. `--aggressive --auto`. See more on http://git-scm.com/docs/git-gc/
- `ENABLE_AUTO_GIT_WIRE_PROTOCOL`: **true**: If use git wire protocol version 2 when git version >= 2.18, default is true, set to false when you always want git wire protocol version 1
- `GC_ARGS`: **\<empty\>**: Arguments for command `git gc`, e.g. `--aggressive --auto`.
## Git - Timeout settings (`git.timeout`)
- `DEFAUlT`: **360**: Git operations default timeout seconds.
- `MIGRATE`: **600**: Migrate external repositories timeout seconds.
- `MIRROR`: **300**: Mirror external repositories timeout seconds.
- `CLONE`: **300**: Git clone from internal repositories timeout seconds.
- `PULL`: **300**: Git pull from internal repositories timeout seconds.
- `GC`: **60**: Git repository GC timeout seconds.
## Metrics (`metrics`)
- `ENABLED`: **false**: Enables /metrics endpoint for prometheus.
- `TOKEN`: **\<empty\>**: You need to specify the token, if you want to include in the authorization the metrics . The same token need to be used in prometheus parameters `bearer_token` or `bearer_token_file`.
## API (`api`)
- `ENABLE_SWAGGER`: **true**: Enables /api/swagger, /api/v1/swagger etc. endpoints. True or false; default is true.
- `ENABLE_SWAGGER_ENDPOINT`: **true**: Enables /api/swagger, /api/v1/swagger etc. endpoints. True or false; default is true.
- `MAX_RESPONSE_ITEMS`: **50**: Max number of items in a page.
- `DEFAULT_PAGING_NUM`: **30**: Default paging number of API.
- `DEFAULT_GIT_TREES_PER_PAGE`: **1000**: Default and maximum number of items per page for git trees API.
- `DEFAULT_MAX_BLOB_SIZE`: **10485760**: Default max size of a blob that can be return by the blobs API.
## OAuth2 (`oauth2`)
- `ENABLE`: **true**: Enables OAuth2 provider.
- `ACCESS_TOKEN_EXPIRATION_TIME`: **3600**: Lifetime of an OAuth2 access token in seconds
- `REFRESH_TOKEN_EXPIRATION_TIME`: **730**: Lifetime of an OAuth2 access token in hours
- `INVALIDATE_REFRESH_TOKEN`: **false**: Check if refresh token got already used
- `JWT_SECRET`: **\<empty\>**: OAuth2 authentication secret for access and refresh tokens, change this a unique string.
## i18n (`i18n`)
@@ -495,10 +358,6 @@ IS_INPUT_FILE = false
- RENDER\_COMMAND: External command to render all matching extensions.
- IS\_INPUT\_FILE: **false** Input is not a standard input but a file param followed `RENDER_COMMAND`.
Two special environment variables are passed to the render command:
- `GITEA_PREFIX_SRC`, which contains the current URL prefix in the `src` path tree. To be used as prefix for links.
- `GITEA_PREFIX_RAW`, which contains the current URL prefix in the `raw` path tree. To be used as prefix for image paths.
## Other (`other`)
- `SHOW_FOOTER_BRANDING`: **false**: Show Gitea branding in the footer.

30
docs/content/doc/advanced/config-cheat-sheet.zh-cn.md
View File

@@ -78,25 +78,10 @@ menu:
- `NAME`: 数据库名称。
- `USER`: 数据库用户名。
- `PASSWD`: 数据库用户密码。
- `SSL_MODE`: MySQL 或 PostgreSQL数据库是否启用SSL模式。
- `CHARSET`: **utf8**: 仅当数据库为 MySQL 时有效, 可以为 "utf8" 或 "utf8mb4"。注意:如果使用 "utf8mb4",你的 MySQL InnoDB 版本必须在 5.6 以上。
- `SSL_MODE`: PostgreSQL数据库是否启用SSL模式。
- `PATH`: Tidb 或者 SQLite3 数据文件存放路径。
- `LOG_SQL`: **true**: 显示生成的SQL默认为真。
## Indexer (`indexer`)
- `ISSUE_INDEXER_TYPE`: **bleve**: 工单索引类型,当前支持 `bleve``db`,当为 `db` 时其它工单索引项可不用设置。
- `ISSUE_INDEXER_PATH`: **indexers/issues.bleve**: 工单索引文件存放路径,当索引类型为 `bleve` 时有效。
- `ISSUE_INDEXER_QUEUE_TYPE`: **levelqueue**: 工单索引队列类型,当前支持 `channel` `levelqueue``redis`
- `ISSUE_INDEXER_QUEUE_DIR`: **indexers/issues.queue**: 当 `ISSUE_INDEXER_QUEUE_TYPE``levelqueue` 时,保存索引队列的磁盘路径。
- `ISSUE_INDEXER_QUEUE_CONN_STR`: **addrs=127.0.0.1:6379 db=0**: 当 `ISSUE_INDEXER_QUEUE_TYPE``redis`保存Redis队列的连接字符串。
- `ISSUE_INDEXER_QUEUE_BATCH_NUMBER`: **20**: 队列处理中批量提交数量。
- `REPO_INDEXER_ENABLED`: **false**: 是否启用代码搜索(启用后会占用比较大的磁盘空间)。
- `REPO_INDEXER_PATH`: **indexers/repos.bleve**: 用于代码搜索的索引文件路径。
- `UPDATE_BUFFER_LEN`: **20**: 代码索引请求的缓冲区长度。
- `MAX_FILE_SIZE`: **1048576**: 进行解析的源代码文件的最大长度,小于该值时才会索引。
## Security (`security`)
- `INSTALL_LOCK`: 是否允许运行安装向导,(跟管理员账号有关,十分重要)。
@@ -203,24 +188,13 @@ menu:
- `GC_ARGS`: 执行 `git gc` 命令的参数, 比如: `--aggressive --auto`
## Git - 超时设置 (`git.timeout`)
- `DEFAUlT`: **360**: Git操作默认超时时间单位秒
- `MIGRATE`: **600**: 迁移外部仓库时的超时时间,单位秒
- `MIRROR`: **300**: 镜像外部仓库的超时时间,单位秒
- `CLONE`: **300**: 内部仓库间克隆的超时时间,单位秒
- `PULL`: **300**: 内部仓库间拉取的超时时间,单位秒
- `GC`: **60**: git仓库GC的超时时间单位秒
- `ENABLE_AUTO_GIT_WIRE_PROTOCOL`: **true**: 是否根据 Git Wire Protocol协议支持情况自动切换版本当 git 版本在 2.18 及以上时会自动切换到版本2。为 `false` 则不切换。
## API (`api`)
- `ENABLE_SWAGGER`: **true**: 是否启用swagger路由 /api/swagger, /api/v1/swagger etc. endpoints. True 或 false; 默认是 true.
- `MAX_RESPONSE_ITEMS`: **50**: 一个页面最大的项目数。
- `DEFAULT_PAGING_NUM`: **30**: API中默认分页条数。
- `DEFAULT_GIT_TREES_PER_PAGE`: **1000**: GIT TREES API每页的默认最大项数.
- `DEFAULT_MAX_BLOB_SIZE`: **10485760**: BLOBS API默认最大大小.
## Markup (`markup`)
## markup (`markup`)
外部渲染工具支持,你可以用你熟悉的文档渲染工具. 比如一下将新增一个名字为 `asciidoc` 的渲染工具which is followed `markup.` ini section. And there are some config items below.

70
docs/content/doc/advanced/customizing-gitea.en-us.md
View File

@@ -15,28 +15,19 @@ menu:
# Customizing Gitea
Customizing Gitea is typically done using the `CustomPath` folder - by default this is
the `custom` folder from the running directory, but may be different if your build has
set this differently. This is the central place to override configuration settings,
templates, etc. You can check the `CustomPath` using `gitea help`. You can override
the `CustomPath` by setting either the `GITEA_CUSTOM` environment variable or by
using the `--custom-path` option on the `gitea` binary. (The option will override the
environment variable.)
Customizing Gitea is typically done using the `custom` folder. This is the central
place to override configuration settings, templates, etc.
If Gitea is deployed from binary, all default paths will be relative to the Gitea
If Gitea is deployed from binary, all default paths will be relative to the gitea
binary. If installed from a distribution, these paths will likely be modified to
the Linux Filesystem Standard. Gitea will attempt to create required folders, including
`custom/`. Distributions may provide a symlink for `custom` using `/etc/gitea/`.
Application settings can be found in file `CustomConf` which is by default,
`CustomPath/conf/app.ini` but may be different if your build has set this differently.
Again `gitea help` will allow you review this variable and you can override it using the
`--config` option on the `gitea` binary.
the Linux Filesystem Standard. Gitea will create required folders, including `custom/`.
Application settings are configured in `custom/conf/app.ini`. Distributions may
provide a symlink for `custom` using `/etc/gitea/`.
- [Quick Cheat Sheet](https://docs.gitea.io/en-us/config-cheat-sheet/)
- [Complete List](https://github.com/go-gitea/gitea/blob/master/custom/conf/app.ini.sample)
If the `CustomPath` folder can't be found despite checking `gitea help`, check the `GITEA_CUSTOM`
If the `custom` folder can't be found next to the binary, check the `GITEA_CUSTOM`
environment variable; this can be used to override the default path to something else.
`GITEA_CUSTOM` might, for example, be set by an init script.
@@ -47,8 +38,7 @@ environment variable; this can be used to override the default path to something
## Customizing /robots.txt
To make Gitea serve a custom `/robots.txt` (default: empty 404), create a file called
`robots.txt` in the `custom` folder (or `CustomPath`) with
[expected contents](http://www.robotstxt.org/).
`robots.txt` in the `custom` folder with [expected contents](http://www.robotstxt.org/).
## Serving custom public files
@@ -65,7 +55,7 @@ Place the png image at the following path: `custom/public/img/avatar\_default.pn
## Customizing Gitea pages
The `custom/templates` folder allows changing every single page of Gitea. Templates
to override can be found in the [`templates`](https://github.com/go-gitea/gitea/tree/master/templates) directory of Gitea source. Override by
to override can be found in the `templates` directory of Gitea source. Override by
making a copy of the file under `custom/templates` using a full path structure
matching source.
@@ -98,50 +88,10 @@ Apart from `extra_links.tmpl` and `extra_tabs.tmpl`, there are other useful temp
- `body_outer_post.tmpl`, before the bottom `<footer>` element.
- `footer.tmpl`, right before the end of the `<body>` tag, a good place for additional Javascript.
## Adding Analytics to Gitea
Google Analytics, Matomo (previously Piwik), and other analytics services can be added to Gitea. To add the tracking code, refer to the `Other additions to the page` section of this document, and add the JavaScript to the `custom/templates/custom/header.tmpl` file.
## Customizing gitignores, labels, licenses, locales, and readmes.
Place custom files in corresponding sub-folder under `custom/options`.
**NOTE:** The files should not have a file extension, e.g. `Labels` rather than `Labels.txt`
### gitignores
To add custom .gitignore, add a file with existing [.gitignore rules](https://git-scm.com/docs/gitignore) in it to `custom/options/gitignore`
### Labels
To add a custom label set, add a file that follows the [label format](https://github.com/go-gitea/gitea/blob/master/options/label/Default) to `custom/options/label`
`#hex-color label name ; label description`
### Licenses
To add a custom license, add a file with the license text to `custom/options/license`
### Locales
Locales are managed via our [crowdin](https://crowdin.com/project/gitea).
You can override a locale by placing an altered locale file in `custom/options/locale`.
Gitea's default locale files can be found in the [`options/locale`](https://github.com/go-gitea/gitea/tree/master/options/locale) source folder and these should be used as examples for your changes.
To add a completely new locale, as well as placing the file in the above location, you will need to add the new lang and name to the `[i18n]` section in your `app.ini`. Keep in mind that Gitea will use those settings as **overrides**, so if you want to keep the other languages as well you will need to copy/paste the default values and add your own to them.
```
[i18n]
LANGS = en-US,foo-BAR
NAMES = English,FooBar
```
Locales may change between versions, so keeping track of your customized locales is highly encouraged.
### Readmes
To add a custom Readme, add a markdown formatted file (without an `.md` extension) to `custom/options/readme`
## Customizing the look of Gitea
As of version 1.6.0 Gitea has built-in themes. The two built-in themes are, the default theme `gitea`, and a dark theme `arc-green`. To change the look of your Gitea install change the value of `DEFAULT_THEME` in the [ui](https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui) section of `app.ini` to another one of the available options.
As of version 1.8.0 Gitea also has per-user themes. The list of themes a user can choose from can be configured with the `THEMES` value in the [ui](https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui) section of `app.ini` (defaults to `gitea` and `arc-green`, light and dark respectively)
Gitea has two built-in themes, the default theme `gitea`, and a dark theme `arc-green`. To change the look of your Gitea install change the value of `DEFAULT_THEME` in the [ui](https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui) section of `app.ini` to another one of the available options.

2
docs/content/doc/advanced/customizing-gitea.zh-cn.md
View File

@@ -57,7 +57,7 @@ Gitea 引用 `custom` 目录中的自定义配置文件来覆盖配置、模板
如果您只是想添加额外的链接到顶部导航栏或额外的选项卡到存储库视图,您可以将它们放在您 `custom/templates/custom/` 目录下的 `extra_links.tmpl``extra_tabs.tmpl` 文件中。
举例说明:假设您需要在网站放置一个静态的“关于”页面,您只需将该页面放在您的
举例说明:假设您在德国必须添加着名的法律要求的“Impressum”用以罗列谁负责网站的内容页面,您只需将该页面放在您的
"custom/public/"目录下(比如 `custom/public/impressum.html`)并且将它与 `custom/templates/custom/extra_links.tmpl` 链接起来即可。
这个链接应当使用一个名为“item”的 class 来匹配当前样式,您可以使用 `{{AppSubUrl}}` 来获取 base URL:

70
docs/content/doc/advanced/external-renderers.en-us.md
View File

@@ -1,70 +0,0 @@
---
date: "2018-11-23:00:00+02:00"
title: "External renderers"
slug: "external-renderers"
weight: 40
toc: true
draft: false
menu:
sidebar:
parent: "advanced"
name: "External renderers"
weight: 40
identifier: "external-renderers"
---
# Custom files rendering configuration
Gitea supports custom file renderings (i.e., Jupyter notebooks, asciidoc, etc.) through external binaries,
it is just a matter of:
* installing external binaries
* add some configuration to your `app.ini` file
* restart your Gitea instance
## Installing external binaries
In order to get file rendering through external binaries, their associated packages must be installed.
If you're using a Docker image, your `Dockerfile` should contain something along this lines:
```
FROM gitea/gitea:1.6.0
[...]
COPY custom/app.ini /data/gitea/conf/app.ini
[...]
RUN apk --no-cache add asciidoctor freetype freetype-dev gcc g++ libpng python-dev py-pip python3-dev py3-pip
# install any other package you need for your external renderers
RUN pip3 install --upgrade pip
RUN pip3 install -U setuptools
RUN pip3 install jupyter matplotlib docutils
# add above any other python package you may need to install
```
## `app.ini` file configuration
add one `[markup.XXXXX]` section per external renderer on your custom `app.ini`:
```
[markup.asciidoc]
ENABLED = true
FILE_EXTENSIONS = .adoc,.asciidoc
RENDER_COMMAND = "asciidoctor --out-file=- -"
; Input is not a standard input but a file
IS_INPUT_FILE = false
[markup.jupyter]
ENABLED = true
FILE_EXTENSIONS = .ipynb
RENDER_COMMAND = "jupyter nbconvert --stdout --to html --template basic "
IS_INPUT_FILE = true
[markup.restructuredtext]
ENABLED = true
FILE_EXTENSIONS = .rst
RENDER_COMMAND = rst2html.py
IS_INPUT_FILE = false
```
Once your configuration changes have been made, restart Gitea to have changes take effect.

280
docs/content/doc/advanced/hacking-on-gitea.en-us.md
View File

@@ -15,275 +15,41 @@ menu:
# Hacking on Gitea
## Installing go and setting the GOPATH
Familiarity with the existing [installation instructions](https://golang.org/doc/install)
is required for this section.
You should [install go](https://golang.org/doc/install) and set up your go
environment correctly. In particular, it is recommended to set the `$GOPATH`
environment variable and to add the go bin directory or directories
`${GOPATH//://bin:}/bin` to the `$PATH`. See the Go wiki entry for
[GOPATH](https://github.com/golang/go/wiki/GOPATH).
To contribute to Gitea, fork the project and work on the `master` branch.
You will also need make.
<a href='{{< relref "doc/advanced/make.en-us.md" >}}'>(See here how to get Make)</a>
Some internal packages are referenced using their respective Github URL. This can
become problematic. To "trick" the Go tool into thinking this is a clone from the
official repository, download the source code using "go get" and follow these instructions.
**Note**: When executing make tasks that require external tools, like
`make misspell-check`, Gitea will automatically download and build these as
necessary. To be able to use these you must have the `"$GOPATH"/bin` directory
on the executable path. If you don't add the go bin directory to the
executable path you will have to manage this yourself.
**Note 2**: Go version 1.9 or higher is required; however, it is important
to note that our continuous integration will check that the formatting of the
source code is not changed by `gofmt` using `make fmt-check`. Unfortunately,
the results of `gofmt` can differ by the version of `go`. It is therefore
recommended to install the version of go that our continuous integration is
running. At the time of writing this is Go version 1.12; however, this can be
checked by looking at the
[master `.drone.yml`](https://github.com/go-gitea/gitea/blob/master/.drone.yml)
(At the time of writing
[line 67](https://github.com/go-gitea/gitea/blob/8917d66571a95f3da232a0c27bc1300210d10fde/.drone.yml#L67)
is the relevant line - but this may change.)
## Downloading and cloning the Gitea source code
Go is quite opinionated about where it expects its source code, and simply
cloning the Gitea repository to an arbitrary path is likely to lead to
problems - the fixing of which is out of scope for this document. Further, some
internal packages are referenced using their respective GitHub URL and at
present we use `vendor/` directories.
The recommended method of obtaining the source code is by using the `go get` command:
```bash
```
go get -d code.gitea.io/gitea
cd "$GOPATH/src/code.gitea.io/gitea"
```
This will clone the Gitea source code to: `"$GOPATH/src/code.gitea.io/gitea"`, or if `$GOPATH`
is not set `"$HOME/go/src/code.gitea.io/gitea"`.
Fork the [Gitea repository](https://github.com/go-gitea/gitea) on GitHub, it should
then be possible to switch the source directory on the command line.
## Forking Gitea
As stated above, you cannot clone Gitea to an arbitrary path. Download the master Gitea source
code as above. Then, fork the [Gitea repository](https://github.com/go-gitea/gitea) on GitHub,
and either switch the git remote origin for your fork or add your fork as another remote:
```bash
# Rename original Gitea origin to upstream
cd "$GOPATH/src/code.gitea.io/gitea"
git remote rename origin upstream
git remote add origin "git@github.com:$GITHUB_USERNAME/gitea.git"
git fetch --all --prune
```
or:
```bash
# Add new remote for our fork
cd "$GOPATH/src/code.gitea.io/gitea"
git remote add "$FORK_NAME" "git@github.com:$GITHUB_USERNAME/gitea.git"
git fetch --all --prune
cd $GOPATH/src/code.gitea.io/gitea
```
To be able to create pull requests, the forked repository should be added as a remote
to the Gitea sources. Otherwise, changes can't be pushed.
to the Gitea sources, otherwise changes can't be pushed.
## Building Gitea (Basic)
Take a look at our
<a href='{{< relref "doc/installation/from-source.en-us.md" >}}'>instructions</a>
for <a href='{{< relref "doc/installation/from-source.en-us.md" >}}'>building
from source</a>.
The simplest recommended way to build from source is:
```bash
TAGS="bindata sqlite sqlite_unlock_notify" make generate build
```
git remote rename origin upstream
git remote add origin git@github.com:<USERNAME>/gitea.git
git fetch --all --prune
```
However, there are a number of additional make tasks you should be aware of.
These are documented below but you can look at our
[`Makefile`](https://github.com/go-gitea/gitea/blob/master/Makefile) for more,
and look at our
[`.drone.yml`](https://github.com/go-gitea/gitea/blob/master/.drone.yml) to see
how our continuous integration works.
This should provide a working development environment for Gitea. Take a look at
the `Makefile` to get an overview about the available tasks. The most common tasks
should be `make test` which will start our test environment and `make build` which
will build a `gitea` binary into the working directory. Writing test cases is not
mandatory to contribute, but it is highly encouraged and helps developers sleep
at night.
### Formatting, linting, vetting and spell-check
Our continous integration will reject PRs that are not properly formatted, fail
linting, vet or spell-check.
You should format your code with `go fmt` using:
```bash
make fmt
```
and can test whether your changes would match the results with:
```bash
make fmt-check # which runs make fmt internally
```
**Note**: The results of `go fmt` are dependent on the version of `go` present.
You should run the same version of go that is on the continuous integration
server as mentioned above. `make fmt-check` will only check if your `go` would
format differently - this may be different from the CI server version.
You should lint, vet and spell-check with:
```bash
make vet lint misspell-check
```
### Updating CSS
To generate the CSS, you will need [Node.js](https://nodejs.org/) 8.0 or greater with npm. At present we use [less](http://lesscss.org/) and [postcss](https://postcss.org) to generate our CSS. Do **not** edit the files in `public/css` directly, as they are generated from `lessc` from the files in `public/less`.
Edit files in `public/less`, run the linter, regenerate the CSS and commit all changed files:
```bash
make css
```
### Updating JS
To run the JavaScript linter you will need [Node.js](https://nodejs.org/) 8.0 or greater with npm. Edit files in `public/js` and run the linter:
```bash
make js
```
### Updating the API
When creating new API routes or modifying existing API routes, you **MUST**
update and/or create [Swagger](https://swagger.io/docs/specification/2-0/what-is-swagger/)
documentation for these using [go-swagger](https://goswagger.io/) comments.
The structure of these comments is described in the [specification](https://goswagger.io/use/spec.html#annotation-syntax).
If you want more information about the Swagger structure, you can look at the
[Swagger 2.0 Documentation](https://swagger.io/docs/specification/2-0/basic-structure/)
or compare with a previous PR adding a new API endpoint, e.g. [PR #5483](https://github.com/go-gitea/gitea/pull/5843/files#diff-2e0a7b644cf31e1c8ef7d76b444fe3aaR20)
You should be careful not to break the API for downstream users which depend
on a stable API. In general, this means additions are acceptable, but deletions
or fundamental changes to the API will be rejected.
Once you have created or changed an API endpoint, please regenerate the Swagger
documentation using:
```bash
make generate-swagger
```
You should validate your generated Swagger file and spell-check it with:
```bash
make swagger-validate mispell-check
```
You should commit the changed swagger JSON file. The continous integration
server will check that this has been done using:
```bash
make swagger-check
```
**Note**: Please note you should use the Swagger 2.0 documentation, not the
OpenAPI 3 documentation.
### Creating new configuration options
When creating new configuration options, it is not enough to add them to the
`modules/setting` files. You should add information to `custom/conf/app.ini`
and to the
<a href='{{< relref "doc/advanced/config-cheat-sheet.en-us.md" >}}'>configuration cheat sheet</a>
found in `docs/content/doc/advanced/config-cheat-sheet.en-us.md`
### Changing the logo
When changing the Gitea logo SVG, you will need to run and commit the results
of:
```bash
make generate-images
```
This will create the necessary Gitea favicon and others.
### Database Migrations
If you make breaking changes to any of the database persisted structs in the
`models/` directory, you will need to make a new migration. These can be found
in `models/migrations/`. You can ensure that your migrations work for the main
database types using:
```bash
make test-sqlite-migration # with sqlite switched for the appropriate database
```
## Testing
There are two types of test run by Gitea: Unit tests and Integration Tests.
```bash
TAGS="bindata sqlite sqlite_unlock_notify" make test # Runs the unit tests
```
Unit tests will not and cannot completely test Gitea alone. Therefore, we
have written integration tests; however, these are database dependent.
```bash
TAGS="bindata sqlite sqlite_unlock_notify" make generate build test-sqlite
```
will run the integration tests in an sqlite environment. Other database tests
are available but may need adjustment to the local environment.
Look at
[`integrations/README.md`](https://github.com/go-gitea/gitea/blob/master/integrations/README.md)
for more information and how to run a single test.
Our continuous integration will test the code passes its unit tests and that
all supported databases will pass integration test in a Docker environment.
Migration from several recent versions of Gitea will also be tested.
Please submit your PR with additional tests and integration tests as
appropriate.
## Documentation for the website
Documentation for the website is found in `docs/`. If you change this you
can test your changes to ensure that they pass continuous integration using:
```bash
cd "$GOPATH/src/code.gitea.io/gitea/docs"
make trans-copy clean build
```
You will require a copy of [Hugo](https://gohugo.io/) to run this task. Please
note: this may generate a number of untracked git objects, which will need to
be cleaned up.
## Visual Studio Code
A `launch.json` and `tasks.json` are provided within `contrib/ide/vscode` for
Visual Studio Code. Look at
[`contrib/ide/README.md`](https://github.com/go-gitea/gitea/blob/master/contrib/ide/README.md)
for more information.
## Submitting PRs
Once you're happy with your changes, push them up and open a pull request. It
is recommended that you allow Gitea Managers and Owners to modify your PR
branches as we will need to update it to master before merging and/or may be
able to help fix issues directly.
Any PR requires two approvals from the Gitea maintainers and needs to pass the
continous integration. Take a look at our
[`CONTRIBUTING.md`](https://github.com/go-gitea/gitea/blob/master/CONTRIBUTING.md)
document.
If you need more help pop on to [Discord](https://discord.gg/gitea) #Develop
and chat there.
That's it! You are ready to hack on Gitea.
That's it! You are ready to hack on Gitea. Test changes, push them to the repository,
and open a pull request.

390
docs/content/doc/advanced/logging-documentation.en-us.md
View File

@@ -1,390 +0,0 @@
---
date: "2019-04-02T17:06:00+01:00"
title: "Advanced: Logging Configuration"
slug: "logging-configuration"
weight: 55
toc: true
draft: false
menu:
sidebar:
parent: "advanced"
name: "Logging Configuration"
weight: 55
identifier: "logging-configuration"
---
# Logging Configuration
The logging framework has been revamped in Gitea 1.9.0.
## Log Groups
The fundamental thing to be aware of in Gitea is that there are several
log groups:
* The "Default" logger
* The Macaron logger
* The Router logger
* The Access logger
* The XORM logger
There is also the go log logger.
### The go log logger
Go provides its own extremely basic logger in the `log` package,
however, this is not sufficient for our purposes as it does not provide
a way of logging at multiple levels, nor does it provide a good way of
controlling where these logs are logged except through setting of a
writer.
We have therefore redirected this logger to our Default logger, and we
will log anything that is logged using the go logger at the INFO level.
### The "Default" logger
Calls to `log.Info`, `log.Debug`, `log.Error` etc. from the `code.gitea.io/gitea/modules/log` package will log to this logger.
You can configure the outputs of this logger by setting the `MODE`
value in the `[log]` section of the configuration.
Each output sublogger is configured in a separate `[log.sublogger]`
section, but there are certain default values. These will not be inherited from the `[log]` section:
* `FLAGS` is `stdflags` (Equal to
`date,time,medfile,shortfuncname,levelinitial`)
* `FILE_NAME` will default to `%(ROOT_PATH)/gitea.log`
* `EXPRESSION` will default to `""`
* `PREFIX` will default to `""`
The provider type of the sublogger can be set using the `MODE` value in
its subsection, but will default to the name. This allows you to have
multiple subloggers that will log to files.
### The "Macaron" logger
By default Macaron will log to its own go `log` instance. This writes
to `os.Stdout`. You can redirect this log to a Gitea configurable logger
through setting the `REDIRECT_MACARON_LOG` setting in the `[log]`
section which you can configure the outputs of by setting the `MACARON`
value in the `[log]` section of the configuration. `MACARON` defaults
to `file` if unset.
Each output sublogger for this logger is configured in
`[log.sublogger.macaron]` sections. There are certain default values
which will not be inherited from the `[log]` or relevant
`[log.sublogger]` sections:
* `FLAGS` is `stdflags` (Equal to
`date,time,medfile,shortfuncname,levelinitial`)
* `FILE_NAME` will default to `%(ROOT_PATH)/macaron.log`
* `EXPRESSION` will default to `""`
* `PREFIX` will default to `""`
NB: You can redirect the macaron logger to send its events to the gitea
log using the value: `MACARON = ,`
### The "Router" logger
There are two types of Router log. By default Macaron send its own
router log which will be directed to Macaron's go `log`, however if you
`REDIRECT_MACARON_LOG` you will enable Gitea's router log. You can
disable both types of Router log by setting `DISABLE_ROUTER_LOG`.
If you enable the redirect, you can configure the outputs of this
router log by setting the `ROUTER` value in the `[log]` section of the
configuration. `ROUTER` will default to `console` if unset. The Gitea
Router logs the same data as the Macaron log but has slightly different
coloring. It logs at the `Info` level by default, but this can be
changed if desired by setting the `ROUTER_LOG_LEVEL` value.
Each output sublogger for this logger is configured in
`[log.sublogger.router]` sections. There are certain default values
which will not be inherited from the `[log]` or relevant
`[log.sublogger]` sections:
* `FILE_NAME` will default to `%(ROOT_PATH)/router.log`
* `FLAGS` defaults to `date,time`
* `EXPRESSION` will default to `""`
* `PREFIX` will default to `""`
NB: You can redirect the router logger to send its events to the Gitea
log using the value: `ROUTER = ,`
### The "Access" logger
The Access logger is a new logger for version 1.9. It provides a NCSA
Common Log compliant log format. It's highly configurable but caution
should be taken when changing its template. The main benefit of this
logger is that Gitea can now log accesses in a standard log format so
standard tools may be used.
You can enable this logger using `ENABLE_ACCESS_LOG`. Its outputs are
configured by setting the `ACCESS` value in the `[log]` section of the
configuration. `ACCESS` defaults to `file` if unset.
Each output sublogger for this logger is configured in
`[log.sublogger.access]` sections. There are certain default values
which will not be inherited from the `[log]` or relevant
`[log.sublogger]` sections:
* `FILE_NAME` will default to `%(ROOT_PATH)/access.log`
* `FLAGS` defaults to `` or None
* `EXPRESSION` will default to `""`
* `PREFIX` will default to `""`
If desired the format of the Access logger can be changed by changing
the value of the `ACCESS_LOG_TEMPLATE`.
NB: You can redirect the access logger to send its events to the Gitea
log using the value: `ACCESS = ,`
#### The ACCESS_LOG_TEMPLATE
This value represent a go template. It's default value is:
`{{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}"`
The template is passed following options:
* `Ctx` is the `macaron.Context`
* `Identity` is the `SignedUserName` or `"-"` if the user is not logged
in
* `Start` is the start time of the request
* `ResponseWriter` is the `macaron.ResponseWriter`
Caution must be taken when changing this template as it runs outside of
the standard panic recovery trap. The template should also be as simple
as it runs for every request.
### The "XORM" logger
The XORM logger is a long-standing logger that exists to collect XORM
log events. It is enabled by default but can be switched off by setting
`ENABLE_XORM_LOG` to `false` in the `[log]` section. Its outputs are
configured by setting the `XORM` value in the `[log]` section of the
configuration. `XORM` defaults to `,` if unset, meaning it is redirected
to the main Gitea log.
XORM will log SQL events by default. This can be changed by setting
the `LOG_SQL` value to `false` in the `[database]` section.
Each output sublogger for this logger is configured in
`[log.sublogger.xorm]` sections. There are certain default values
which will not be inherited from the `[log]` or relevant
`[log.sublogger]` sections:
* `FILE_NAME` will default to `%(ROOT_PATH)/xorm.log`
* `FLAGS` defaults to `date,time`
* `EXPRESSION` will default to `""`
* `PREFIX` will default to `""`
## Log outputs
Gitea provides 4 possible log outputs:
* `console` - Log to `os.Stdout` or `os.Stderr`
* `file` - Log to a file
* `conn` - Log to a keep-alive TCP connection
* `smtp` - Log via email
Certain configuration is common to all modes of log output:
* `LEVEL` is the lowest level that this output will log. This value
is inherited from `[log]` and in the case of the non-default loggers
from `[log.sublogger]`.
* `STACKTRACE_LEVEL` is the lowest level that this output will print
a stacktrace. This value is inherited.
* `MODE` is the mode of the log output. It will default to the sublogger
name. Thus `[log.console.macaron]` will default to `MODE = console`.
* `COLORIZE` will default to `true` for `console` as
described, otherwise it will default to `false`.
### Non-inherited default values
There are several values which are not inherited as described above but
rather default to those specific to type of logger, these are:
`EXPRESSION`, `FLAGS`, `PREFIX` and `FILE_NAME`.
#### `EXPRESSION`
`EXPRESSION` represents a regular expression that log events must match to be logged by the sublogger. Either the log message, (with colors removed), must match or the `longfilename:linenumber:functionname` must match. NB: the whole message or string doesn't need to completely match.
Please note this expression will be run in the sublogger's goroutine
not the logging event subroutine. Therefore it can be complicated.
#### `FLAGS`
`FLAGS` represents the preceding logging context information that is
printed before each message. It is a comma-separated string set. The order of values does not matter.
Possible values are:
* `none` or `,` - No flags.
* `date` - the date in the local time zone: `2009/01/23`.
* `time` - the time in the local time zone: `01:23:23`.
* `microseconds` - microsecond resolution: `01:23:23.123123`. Assumes
time.
* `longfile` - full file name and line number: `/a/b/c/d.go:23`.
* `shortfile` - final file name element and line number: `d.go:23`.
* `funcname` - function name of the caller: `runtime.Caller()`.
* `shortfuncname` - last part of the function name. Overrides
`funcname`.
* `utc` - if date or time is set, use UTC rather than the local time
zone.
* `levelinitial` - Initial character of the provided level in brackets eg. `[I]` for info.
* `level` - Provided level in brackets `[INFO]`
* `medfile` - Last 20 characters of the filename - equivalent to
`shortfile,longfile`.
* `stdflags` - Equivalent to `date,time,medfile,shortfuncname,levelinitial`
### Console mode
For loggers in console mode, `COLORIZE` will default to `true` if not
on windows, or the windows terminal can be set into ANSI mode or is a
cygwin or Msys pipe.
If `STDERR` is set to `true` the logger will use `os.Stderr` instead of
`os.Stdout`.
### File mode
The `FILE_NAME` defaults as described above. If set it will be relative
to the provided `ROOT_PATH` in the master `[log]` section.
Other values:
* `LOG_ROTATE`: **true**: Rotate the log files.
* `MAX_SIZE_SHIFT`: **28**: Maximum size shift of a single file, 28 represents 256Mb.
* `DAILY_ROTATE`: **true**: Rotate logs daily.
* `MAX_DAYS`: **7**: Delete the log file after n days
* `COMPRESS`: **true**: Compress old log files by default with gzip
* `COMPRESSION_LEVEL`: **-1**: Compression level
### Conn mode
* `RECONNECT_ON_MSG`: **false**: Reconnect host for every single message.
* `RECONNECT`: **false**: Try to reconnect when connection is lost.
* `PROTOCOL`: **tcp**: Set the protocol, either "tcp", "unix" or "udp".
* `ADDR`: **:7020**: Sets the address to connect to.
### SMTP mode
It is not recommended to use this logger to send general logging
messages. However, you could perhaps set this logger to work on `FATAL`.
* `USER`: User email address to send from.
* `PASSWD`: Password for the smtp server.
* `HOST`: **127.0.0.1:25**: The SMTP host to connect to.
* `RECEIVERS`: Email addresses to send to.
* `SUBJECT`: **Diagnostic message from Gitea**
## Default Configuration
The default empty configuration is equivalent to:
```ini
[log]
ROOT_PATH = %(GITEA_WORK_DIR)/log
MODE = console
LEVEL = Info
STACKTRACE_LEVEL = None
REDIRECT_MACARON_LOG = false
ENABLE_ACCESS_LOG = false
ENABLE_XORM_LOG = true
XORM = ,
[log.console]
MODE = console
LEVEL = %(LEVEL)
STACKTRACE_LEVEL = %(STACKTRACE_LEVEL)
FLAGS = stdflags
PREFIX =
COLORIZE = true # Or false if your windows terminal cannot color
```
This is equivalent to sending all logs to the console, with default go log being sent to the console log too.
## Log colorization
Logs to the console will be colorized by default when not running on
Windows. Terminal sniffing will occur on Windows and if it is
determined that we are running on a terminal capable of color we will
colorize.
Further, on *nix it is becoming common to have file logs that are
colored by default. Therefore file logs will be colorised by default
when not running on Windows.
You can switch on or off colorization by using the `COLORIZE` value.
From a development point of view. If you write
`log.Info("A %s string", "formatted")` the `formatted` part of the log
message will be Bolded on colorized logs.
You can change this by either rendering the formatted string yourself.
Or you can wrap the value in a `log.ColoredValue` struct.
The `log.ColoredValue` struct contains a pointer to value, a pointer to
string of bytes which should represent a color and second set of reset
bytes. Pointers were chosen to prevent copying of large numbers of
values. There are several helper methods:
* `log.NewColoredValue` takes a value and 0 or more color attributes
that represent the color. If 0 are provided it will default to a cached
bold. Note, it is recommended that color bytes constructed from
attributes should be cached if this is a commonly used log message.
* `log.NewColoredValuePointer` takes a pointer to a value, and
0 or more color attributes that represent the color.
* `log.NewColoredValueBytes` takes a value and a pointer to an array
of bytes representing the color.
These functions will not double wrap a `log.ColoredValue`. They will
also set the `resetBytes` to the cached `resetBytes`.
The `colorBytes` and `resetBytes` are not exported to prevent
accidental overwriting of internal values.
## ColorFormat & ColorFormatted
Structs may implement the `log.ColorFormatted` interface by implementing the `ColorFormat(fmt.State)` function.
If a `log.ColorFormatted` struct is logged with `%-v` format, its `ColorFormat` will be used instead of the usual `%v`. The full `fmt.State` will be passed to allow implementers to look at additional flags.
In order to help implementers provide `ColorFormat` methods. There is a
`log.ColorFprintf(...)` function in the log module that will wrap values in `log.ColoredValue` and recognise `%-v`.
In general it is recommended not to make the results of this function too verbose to help increase its versatility. Usually this should simply be an `ID`:`Name`. If you wish to make a more verbose result, it is recommended to use `%-+v` as your marker.
## Log Spoofing protection
In order to protect the logs from being spoofed with cleverly
constructed messages. Newlines are now prefixed with a tab and control
characters except those used in an ANSI CSI are escaped with a
preceding `\` and their octal value.
## Creating a new named logger group
Should a developer wish to create a new named logger, `NEWONE`. It is
recommended to add an `ENABLE_NEWONE_LOG` value to the `[log]`
section, and to add a new `NEWONE` value for the modes.
A function like `func newNewOneLogService()` is recommended to manage
construction of the named logger. e.g.
```go
func newNewoneLogService() {
EnableNewoneLog = Cfg.Section("log").Key("ENABLE_NEWONE_LOG").MustBool(false)
Cfg.Section("log").Key("NEWONE").MustString("file") // or console? or "," if you want to send this to default logger by default
if EnableNewoneLog {
options := newDefaultLogOptions()
options.filename = filepath.Join(LogRootPath, "newone.log")
options.flags = "stdflags"
options.bufferLength = Cfg.Section("log").Key("BUFFER_LEN").MustInt64(10000)
generateNamedLogger("newone", options)
}
}
```
You should then add `newOneLogService` to `NewServices()` in
`modules/setting/setting.go`

72
docs/content/doc/advanced/migrations.en-us.md
View File

@@ -1,72 +0,0 @@
---
date: "2019-04-15T17:29:00+08:00"
title: "Advanced: Migrations Interfaces"
slug: "migrations-interfaces"
weight: 30
toc: true
draft: false
menu:
sidebar:
parent: "advanced"
name: "Migrations Interfaces"
weight: 55
identifier: "migrations-interfaces"
---
# Migration Features
The new migration features were introduced in Gitea 1.9.0. It defines two interfaces to support migrating
repositories data from other git host platforms to gitea or, in the future migrating gitea data to other
git host platforms. Currently, only the migrations from github via APIv3 to Gitea is implemented.
First of all, Gitea defines some standard objects in packages `modules/migrations/base`. They are
`Repository`, `Milestone`, `Release`, `Label`, `Issue`, `Comment`, `PullRequest`.
## Downloader Interfaces
To migrate from a new git host platform, there are two steps to be updated.
- You should implement a `Downloader` which will get all kinds of repository informations.
- You should implement a `DownloaderFactory` which is used to detect if the URL matches and
create a Downloader.
- You'll need to register the `DownloaderFactory` via `RegisterDownloaderFactory` on init.
```Go
type Downloader interface {
GetRepoInfo() (*Repository, error)
GetMilestones() ([]*Milestone, error)
GetReleases() ([]*Release, error)
GetLabels() ([]*Label, error)
GetIssues(start, limit int) ([]*Issue, error)
GetComments(issueNumber int64) ([]*Comment, error)
GetPullRequests(start, limit int) ([]*PullRequest, error)
}
```
```Go
type DownloaderFactory interface {
Match(opts MigrateOptions) (bool, error)
New(opts MigrateOptions) (Downloader, error)
}
```
## Uploader Interface
Currently, only a `GiteaLocalUploader` is implemented, so we only save downloaded
data via this `Uploader` on the local Gitea instance. Other uploaders are not supported
and will be implemented in future.
```Go
// Uploader uploads all the informations
type Uploader interface {
CreateRepo(repo *Repository, includeWiki bool) error
CreateMilestone(milestone *Milestone) error
CreateRelease(release *Release) error
CreateLabel(label *Label) error
CreateIssue(issue *Issue) error
CreateComment(issueNumber int64, comment *Comment) error
CreatePullRequest(pr *PullRequest) error
Rollback() error
}
```

92
docs/content/doc/advanced/oauth2-provider.md
View File

@@ -1,92 +0,0 @@
---
date: "2019-04-19:44:00+01:00"
title: "OAuth2 provider"
slug: "oauth2-provider"
weight: 41
toc: true
draft: false
menu:
sidebar:
parent: "advanced"
name: "OAuth2 Provider"
weight: 41
identifier: "oauth2-provider"
---
# OAuth2 provider
Gitea supports acting as an OAuth2 provider to allow third party applications to access its resources with the user's consent. This feature is available since release 1.8.0.
## Endpoints
Endpoint | URL
-----------------------|----------------------------
Authorization Endpoint | `/login/oauth/authorize`
Access Token Endpoint | `/login/oauth/access_token`
## Supported OAuth2 Grants
At the moment Gitea only supports the [**Authorization Code Grant**](https://tools.ietf.org/html/rfc6749#section-1.3.1) standard with additional support of the [Proof Key for Code Exchange (PKCE)](https://tools.ietf.org/html/rfc7636) extension.
To use the Authorization Code Grant as a third party application it is required to register a new application via the "Settings" (`/user/settings/applications`) section of the settings.
## Scopes
Currently Gitea does not support scopes (see [#4300](https://github.com/go-gitea/gitea/issues/4300)) and all third party applications will be granted access to all resources of the user and his/her organizations.
## Example
**Note:** This example does not use PKCE.
1. Redirect to user to the authorization endpoint in order to get his/her consent for accessing the resources:
```curl
https://[YOUR-GITEA-URL]/login/oauth/authorize?client_id=CLIENT_ID&redirect_uri=REDIRECT_URI& response_type=code&state=STATE
```
The `CLIENT_ID` can be obtained by registering an application in the settings. The `STATE` is a random string that will be send back to your application after the user authorizes. The `state` parameter is optional but should be used to prevent CSRF attacks.
![Authorization Page](/authorize.png)
The user will now be asked to authorize your application. If they authorize it, the user will be redirected to the `REDIRECT_URL`, for example:
```curl
https://[REDIRECT_URI]?code=RETURNED_CODE&state=STATE
```
2. Using the provided `code` from the redirect, you can request a new application and refresh token. The access token endpoints accepts POST requests with `application/json` and `application/x-www-form-urlencoded` body, for example:
```curl
POST https://[YOUR-GITEA-URL]/login/oauth/access_token
```
```json
{
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"code": "RETURNED_CODE",
"grant_type": "authorization_code",
"redirect_uri": "REDIRECT_URI"
}
```
Response:
```json
{
"access_token":"eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJnbnQiOjIsInR0IjowLCJleHAiOjE1NTUxNzk5MTIsImlhdCI6MTU1NTE3NjMxMn0.0-iFsAwBtxuckA0sNZ6QpBQmywVPz129u75vOM7wPJecw5wqGyBkmstfJHAjEOqrAf_V5Z-1QYeCh_Cz4RiKug",
"token_type":"bearer",
"expires_in":3600,
"refresh_token":"eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJnbnQiOjIsInR0IjoxLCJjbnQiOjEsImV4cCI6MTU1NzgwNDMxMiwiaWF0IjoxNTU1MTc2MzEyfQ.S_HZQBy4q9r5SEzNGNIoFClT43HPNDbUdHH-GYNYYdkRfft6XptJBkUQscZsGxOW975Yk6RbgtGvq1nkEcklOw"
}
```
The `CLIENT_SECRET` is the unique secret code generated for this application. Please note that the secret will only be visible after you created/registered the application with Gitea and cannot be recovered. If you lose the secret you must regenerate the secret via the application's settings.
The `REDIRECT_URI` in the `access_token` request must match the `REDIRECT_URI` in the `authorize` request.
3. Use the `access_token` to make [API requests](https://docs.gitea.io/en-us/api-usage#oauth2) to access the user's resources.

2
docs/content/doc/advanced/specific-variables.en-us.md
View File

@@ -59,7 +59,7 @@ For documentation about each of the variables available, refer to the
* `HOST`: Host Macaron will listen on
* `PORT`: Port Macaron will listen on
* `MACARON_ENV`: global variable to provide special functionality for development environments
vs. production environments. If MACARON_ENV is set to "" or "development", then templates will
vs. production environments. If MACARON_ENV is set to "" or "development" then templates will
be recompiled on every request. For more performance, set the MACARON_ENV environment variable
to "production".

36
docs/content/doc/advanced/third-party-tools.en-us.md
View File

@@ -1,36 +0,0 @@
---
date: "2018-05-22T11:00:00+00:00"
title: "Advanced: Third Party Tools"
slug: "third-party-tools"
weight: 50
toc: true
draft: false
menu:
sidebar:
parent: "advanced"
name: "Third Party Tools"
weight: 50
identifier: "third-party-tools"
---
# List of third-party tools
**NOTE:** These tools are not endorsed by Gitea. They are listed here for convenience only.
*This is by no means a complete list, so feel free to ask about adding more!*
### Continuous Integration
[BuildKite Connector](https://github.com/techknowlogick/gitea-buildkite-connector)
[Jenkins Plugin](https://github.com/jenkinsci/gitea-plugin)
[Using Gitea with Drone](https://docs.drone.io/installation/gitea/)
### Migrating
[Installation script for Gitea](https://git.coolaj86.com/coolaj86/gitea-installer.sh)
[GitHub Migrator](https://gitea.com/gitea/migrator)
### Mobile
[GitNex for Android](https://gitlab.com/mmarif4u/gitnex)
### Editor Extensions
- [Gitea Extension for Visual Studio](https://github.com/maikebing/Gitea.VisualStudio) Download from [Visual Studio Marketplace](https://marketplace.visualstudio.com/items?itemName=MysticBoy.GiteaExtensionforVisualStudio)

8
docs/content/doc/features/authentication.en-us.md
View File

@@ -91,7 +91,7 @@ Both the LDAP via BindDN and the simple auth LDAP share the following fields:
name given on sign-in form.
- Example: `(&(objectClass=posixAccount)(uid=%s))`
- Example for Microsoft Active Directory (AD): `(&(objectCategory=Person)(memberOf=CN=user-group,OU=example,DC=example,DC=org)(sAMAccountName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))`
- To substitute more than once, `%[1]s` should be used instead, e.g. when
- To substitute more than once `%[1]s` should be used instead, e.g. when
matching supplied login name against multiple attributes such as user
identifier, email or even phone number.
- Example: `(&(objectClass=Person)(|(uid=%[1]s)(mail=%[1]s)(mobile=%[1]s)))`
@@ -115,10 +115,6 @@ Both the LDAP via BindDN and the simple auth LDAP share the following fields:
- Example: `cn=%s,ou=Users,dc=mydomain,dc=com`
- Example: `uid=%s,ou=Users,dc=mydomain,dc=com`
- User Search Base (optional)
- The LDAP base at which user accounts will be searched for.
- Example: `ou=Users,dc=mydomain,dc=com`
- User Filter **(required)**
- An LDAP filter declaring when a user should be allowed to log in. The `%s`
matching parameter will be substituted with login name given on sign-in
@@ -185,7 +181,7 @@ configure this, set the fields below:
## FreeIPA
- In order to log in to Gitea using FreeIPA credentials, a bind account needs to
- In order to log in to Gitea using FreeIPA credentials,a bind account needs to
be created for Gitea:
- On the FreeIPA server, create a `gitea.ldif` file, replacing `dc=example,dc=com`

27
docs/content/doc/features/comparison.en-us.md
View File

@@ -15,9 +15,9 @@ menu:
# Gitea compared to other Git hosting options
To help decide if Gitea is suited for your needs, here is how it compares to other Git self hosted options.
To help decide if Gitea is suited for your needs here is how it compares to other Git self hosted options.
Be warned that we don't regularly check for feature changes in other products, so this list may be outdated. If you find anything that needs to be updated in the table below, please report it in an [issue on GitHub](https://github.com/go-gitea/gitea/issues).
Be warned that we don't regularly check for feature changes in other products so this list can be outdated. If you find anything that needs to be updated in table below please report [issue on Github](https://github.com/go-gitea/gitea/issues).
_Symbols used in table:_
@@ -40,11 +40,11 @@ _Symbols used in table:_
| Orgmode support | ✓ | ✘ | ✓ | ✘ | ✘ | ✘ | ? |
| CSV support | ✓ | ✘ | ✓ | ✘ | ✘ | ✓ | ? |
| Third-party render tool support | ✓ | ✘ | ✘ | ✘ | ✘ | ✓ | ? |
| Static Git-powered pages | [](https://github.com/go-gitea/gitea/issues/302) | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Static Git-powered pages | | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Integrated Git-powered wiki | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Deploy Tokens | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Repository Tokens with write rights | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✓ |
| Built-in Container Registry | [](https://github.com/go-gitea/gitea/issues/2316) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| Built-in Container Registry | | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| External git mirroring | ✓ | ✓ | ✘ | ✘ | ✓ | ✓ | ✓ |
| FIDO U2F (2FA) | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Built-in CI/CD | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
@@ -81,15 +81,13 @@ _Symbols used in table:_
| Related issues | ✘ | ✘ | | ✘ | ✓ | ✘ | ✘ |
| Confidential issues | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| Comment reactions | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Lock Discussion | | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Lock Discussion | | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Batch issue handling | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Issue Boards | [](https://github.com/go-gitea/gitea/issues/3476) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| Issue Boards | | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| Create new branches from issues | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| Issue search | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Global issue search | [](https://github.com/go-gitea/gitea/issues/2434) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Global issue search | | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Issue dependency | ✓ | ✘ | ✘ | ✘ | ✘ | ✘ | ✘ |
| Create issue via email | [](https://github.com/go-gitea/gitea/issues/6226) | [](https://github.com/gogs/gogs/issues/2602) | ✘ | ✘ | ✓ | ✓ | ✘ |
| Service Desk | [](https://github.com/go-gitea/gitea/issues/6219) | ✘ | ✘ | ✘ | ✓ | ✘ | ✘ |
#### Pull/Merge requests
@@ -100,11 +98,11 @@ _Symbols used in table:_
| Rebase merging | ✓ | ✓ | ✓ | ✘ | | ✘ | ✓ |
| Pull/Merge request inline comments | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Pull/Merge request approval | ✓ | ✘ | | ✓ | ✓ | ✓ | ✓ |
| Merge conflict resolution | [](https://github.com/go-gitea/gitea/issues/5158) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Merge conflict resolution | | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Restrict push and merge access to certain users | ✓ | ✘ | ✓ | | ✓ | ✓ | ✓ |
| Revert specific commits or a merge request | [](https://github.com/go-gitea/gitea/issues/5158) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Revert specific commits or a merge request | | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Pull/Merge requests templates | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Cherry-picking changes | [](https://github.com/go-gitea/gitea/issues/5158) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| Cherry-picking changes | | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
#### 3rd-party integrations
@@ -118,9 +116,8 @@ _Symbols used in table:_
| LDAP user synchronization | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| OpenId Connect support | ✓ | ✘ | ✓ | ✓ | ✓ | ? | ✘ |
| OAuth 2.0 integration (external authorization) | ✓ | ✘ | | ✓ | ✓ | ? | ✓ |
| Act as OAuth 2.0 provider | [](https://github.com/go-gitea/gitea/pull/5378) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Act as OAuth 2.0 provider | | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Two factor authentication (2FA) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Mattermost/Slack integration | ✓ | ✓ | | ✓ | ✓ | | ✓ |
| Discord integration | ✓ | ✓ | ✓ | | | ✘ | ✘ |
| Microsoft Teams integration | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Discord integration | ✓ | ✓ | ✓ | | | ✘ | ✘ |
| External CI/CD status display | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |

127
docs/content/doc/features/comparison.zh-cn.md
View File

@@ -1,127 +0,0 @@
---
date: "2019-02-14T11:51:04+08:00"
title: "横向对比 Gitea 与其它 Git 托管工具"
slug: "comparison"
weight: 5
toc: true
draft: false
menu:
sidebar:
parent: "features"
name: "横向对比"
weight: 5
identifier: "comparison"
---
# 横向对比 Gitea 与其它 Git 托管工具
这里列出了 Gitea 与其它一些 Git 托管工具之间的异同,以便确认 Gitea 是否能够满足您的需求。
请注意,此列表中的某些表项可能已经过时,因为我们并没有定期检查其它产品的功能是否有所更改。你可以前往 [Github issue](https://github.com/go-gitea/gitea/issues) 来帮助我们更新过时的内容,感谢!
_表格中的符号含义:_
* _✓ - 支持_
* _ - 部分支持_
* _✘ - 不支持_
* _? - 不确定_
#### 主要特性
| 特性 | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
|-----------------------|-------|------|-----------|-----------|-----------|-----------|--------------|
| 开源免费 | ✓ | ✓ | ✘ | ✓ | ✘ | ✘ | ✓ |
| 低资源开销 (RAM/CPU) | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ | ✘ |
| 支持多种数据库 | ✓ | ✓ | ✘ | | | ✓ | ✓ |
| 支持多种操作系统 | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ | ✓ |
| 升级简便 | ✓ | ✓ | ✘ | ✓ | ✓ | ✘ | ✓ |
| 支持 Markdown | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 支持 Orgmode | ✓ | ✘ | ✓ | ✘ | ✘ | ✘ | ? |
| 支持 CSV | ✓ | ✘ | ✓ | ✘ | ✘ | ✓ | ? |
| 支持第三方渲染工具 | ✓ | ✘ | ✘ | ✘ | ✘ | ✓ | ? |
| Git 驱动的静态 pages | ✘ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Git 驱动的集成化 wiki | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 部署令牌 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 仓库写权限令牌 | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✓ |
| 内置容器 Registry | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 外部 Git 镜像 | ✓ | ✓ | ✘ | ✘ | ✓ | ✓ | ✓ |
| FIDO U2F (2FA) | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 内置 CI/CD | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 子组织:组织内的组织 | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✓ |
#### 代码管理
| 特性 | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
|------------------------------------------|-------|------|-----------|-----------|-----------|-----------|--------------|
| 仓库主题描述 | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 仓库内代码搜索 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 全局代码搜索 | ✓ | ✘ | ✓ | ✘ | ✓ | ✓ | ✓ |
| Git LFS 2.0 | ✓ | ✘ | ✓ | ✓ | ✓ | | ✓ |
| 组织里程碑 | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 细粒度用户角色 (例如 Code, Issues, Wiki) | ✓ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 提交人的身份验证 | ✘ | ✘ | ? | ✓ | ✓ | ✓ | ✘ |
| GPG 签名的提交 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 拒绝未用通过验证的提交 | ✘ | ✘ | ✓ | ✓ | ✓ | ✘ | ✓ |
| 仓库活跃度页面 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 分支管理 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 建立新分支 | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 在线代码编辑 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 提交的统计图表 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
#### Issue 管理
| 特性 | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
|----------------------|-------|------|-----------|-----------|-----------|-----------|--------------|
| 跟踪 Issue | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Issue 模板 | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 标签 | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 跟踪时间 | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Issue 可有多个负责人 | ✓ | ✘ | ✓ | ✘ | ✓ | ✘ | ✘ |
| 关联的 issues | ✘ | ✘ | | ✘ | ✓ | ✘ | ✘ |
| 私密 issues | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 评论反馈 | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 锁定讨论 | ✘ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Issue 批量处理 | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Issue 看板 | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 从 issues 创建分支 | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| Issue 搜索 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 全局 Issue 搜索 | ✘ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Issue 依赖 | ✓ | ✘ | ✘ | ✘ | ✘ | ✘ | ✘ |
| 通过 Email 创建工单 | [](https://github.com/go-gitea/gitea/issues/6226) | [](https://github.com/gogs/gogs/issues/2602) | ✘ | ✘ | ✓ | ✓ | ✘ |
| Service Desk | [](https://github.com/go-gitea/gitea/issues/6219) | ✘ | ✘ | ✘ | ✓ | ✘ | ✘ |
#### Pull/Merge requests
| 特性 | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
|--------------------------------------|-------|------|-----------|-----------|-----------|-----------|--------------|
| Pull/Merge requests | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Squash merging | ✓ | ✘ | ✓ | ✘ | ✓ | ✓ | ✓ |
| Rebase merging | ✓ | ✓ | ✓ | ✘ | | ✘ | ✓ |
| 评论 Pull/Merge request 中的某行代码 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 指定 Pull/Merge request 的审核人 | ✓ | ✘ | | ✓ | ✓ | ✓ | ✓ |
| 解决 Merge 冲突 | ✘ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 限制某些用户的 push 和 merge 权限 | ✓ | ✘ | ✓ | | ✓ | ✓ | ✓ |
| 回退某些 commits 或 merge request | ✘ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| Pull/Merge requests 模板 | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 查看 Cherry-picking 的更改 | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
#### 第三方集成
| 特性 | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
|----------------------------|-------|------|-----------|-----------|-----------|-----------|--------------|
| 支持 Webhook | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 自定义 Git 钩子 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 集成 AD / LDAP | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 支持多个 LDAP / AD 服务 | ✓ | ✓ | ✘ | ✘ | ✓ | ✓ | ✓ |
| LDAP 用户同步 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 支持 OpenId 连接 | ✓ | ✘ | ✓ | ✓ | ✓ | ? | ✘ |
| 集成 OAuth 2.0(外部授权) | ✓ | ✘ | | ✓ | ✓ | ? | ✓ |
| 作为 OAuth 2.0 provider | [](https://github.com/go-gitea/gitea/pull/5378) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 二次验证 (2FA) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 集成 Mattermost/Slack | ✓ | ✓ | | ✓ | ✓ | | ✓ |
| 集成 Discord | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 显示外部 CI/CD 的状态 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |

8
docs/content/doc/features/webhooks.en-us.md
View File

@@ -15,8 +15,8 @@ menu:
# Webhooks
Gitea supports web hooks for repository events. This can be found in the settings
page `/:username/:reponame/settings/hooks`. All event pushes are POST requests.
Gitea supports web hooks for repository events, this can be found in the settings
page(`/:username/:reponame/settings/hooks`). All event pushes are POST requests.
The two methods currently supported are Gitea and Slack.
### Event information
@@ -26,8 +26,8 @@ a Payload URL:
```
X-GitHub-Delivery: f6266f16-1bf3-46a5-9ea4-602e06ead473
X-GitHub-Event: push
X-Github-Delivery: f6266f16-1bf3-46a5-9ea4-602e06ead473
X-Github-Event: push
X-Gogs-Delivery: f6266f16-1bf3-46a5-9ea4-602e06ead473
X-Gogs-Event: push
X-Gitea-Delivery: f6266f16-1bf3-46a5-9ea4-602e06ead473

270
docs/content/doc/help/faq.en-us.md
View File

@@ -1,270 +0,0 @@
---
date: "2019-04-05T16:00:00+02:00"
title: "FAQ"
slug: "faq"
weight: 5
toc: true
draft: false
menu:
sidebar:
parent: "help"
name: "FAQ"
weight: 5
identifier: "faq"
---
# Frequently Asked Questions
This page contains some common questions and answers.
Also see [Support Options]({{< relref "doc/help/seek-help.en-us.md" >}})
* [Difference between 1.x and 1.x.x downloads](#difference-between-1-x-and-1-x-x-downloads)
* [How to migrate from Gogs/GitHub/etc. to Gitea](#how-to-migrate-from-gogs-github-etc-to-gitea)
* [Where does Gitea store "x" file](#where-does-gitea-store-x-file)
* [Not seeing a clone URL or the clone URL being incorrect](#not-seeing-a-clone-url-or-the-clone-url-being-incorrect)
* [Custom Templates not loading or working incorrectly](#custom-templates-not-loading-or-working-incorrectly)
* [Active user vs login prohibited user](#active-user-vs-login-prohibited-user)
* [Setting up logging](#setting-up-logging)
* [What is Swagger?](#what-is-swagger)
* [Adjusting your server for public/private use](#adjusting-your-server-for-public-private-use)
* [Preventing spammers](#preventing-spammers)
* [Only allow/block certain email domains](#only-allow-block-certain-email-domains)
* [Issue only users](#issue-only-users)
* [Enable Fail2ban](#enable-fail2ban)
* [Adding custom themes](#how-to-add-use-custom-themes)
* [SSHD vs built-in SSH](#sshd-vs-built-in-ssh)
* [Gitea is running slow](#gitea-is-running-slow)
* [Can't create repositories/files](#cant-create-repositories-files)
* [Translation is incorrect/how to add more translations](#translation-is-incorrect-how-to-add-more-translations)
* [Hooks aren't running](#hooks-aren-t-running)
* [SSH Issues](#ssh-issues)
* [SSH Common Errors](#ssh-common-errors)
* [Missing releases after migration repository with tags](#missing-releases-after-migrating-repository-with-tags)
* [LFS Issues](#lfs-issues)
## Difference between 1.x and 1.x.x downloads
Version 1.7.x will be used for this example.
**NOTE:** this example applies to Docker images as well!
On our [downloads page](https://dl.gitea.io/gitea/) you will see a 1.7 directory, as well as directories for 1.7.0, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 1.7.5, and 1.7.6.
The 1.7 and 1.7.0 directories are **not** the same. The 1.7 directory is built on each merged commit to the [`release/v1.7`](https://github.com/go-gitea/gitea/tree/release/v1.7) branch.
The 1.7.0 directory, however, is a build that was created when the [`v1.7.0`](https://github.com/go-gitea/gitea/releases/tag/v1.7.0) tag was created.
This means that 1.x downloads will change as commits are merged to their respective branch (think of it as a separate "master" branch for each release).
On the other hand, 1.x.x downloads should never change.
## How to migrate from Gogs/GitHub/etc. to Gitea
To migrate from Gogs to Gitea:
* [Gogs version 0.9.146 or less]({{< relref "doc/upgrade/from-gogs.en-us.md" >}})
* [Gogs version 0.11.46.0418](https://github.com/go-gitea/gitea/issues/4286)
To migrate from GitHub to Gitea, you can use Gitea's [Migrator tool](https://gitea.com/gitea/migrator)
To migrate from Gitlab to Gitea, you can use this non-affiliated tool:
https://github.com/loganinak/MigrateGitlabToGogs
## Where does Gitea store "x" file
* WorkPath
* Environment variable `GITEA_WORK_DIR`
* Else binary location
* AppDataPath (default for database, indexers, etc.)
* `APP_DATA_PATH` from `app.ini`
* Else `%(WorkPath)/data`
* CustomPath (custom templates)
* Environment variable `GITEA_CUSTOM`
* Else `%(WorkPath)/custom`
* HomeDir
* Unix: Environment variable `HOME`
* Windows: Environment variable `USERPROFILE`, else environment variables `HOMEDRIVE`+`HOMEPATH`
* RepoRootPath
* `ROOT` in `app.ini`
* Else `%(HomeDir)/gitea-repositories`
* INI (config file)
* `-c` flag
* Else `%(CustomPath)/conf/app.ini`
* SQLite Database
* `PATH` in `database` section of `app.ini`
* Else `%(AppDataPath)/gitea.db`
## Not seeing a clone URL or the clone URL being incorrect
There are a few places that could make this show incorrectly.
1. If using a reverse proxy, make sure you have followed the correction directions in the [reverse proxy guide]({{< relref "doc/usage/reverse-proxies.en-us.md" >}})
2. Make sure you have correctly set `ROOT_URL` in the `server` section of your `app.ini`
If certain clone options aren't showing up (HTTP/S or SSH), the following options can be checked in your `app.ini`
`DISABLE_HTTP_GIT`: if set to true, there will be no HTTP/HTTPS link
`DISABLE_SSH`: if set to true, there will be no SSH link
`SSH_EXPOSE_ANONYMOUS`: if set to false, SSH links will be hidden for anonymous users
## Custom Templates not loading or working incorrectly
Gitea's custom templates must be added to the correct location or Gitea will not find and use them.
The correct path for the template(s) will be relative to the `CustomPath`
1. To find `CustomPath`, look for Custom File Root Path in Site Administration -> Configuration
* If that doesn't exist, you can try `echo $GITEA_CUSTOM`
2. If you are still unable to find a path, the default can be [calculated above](#where-does-gitea-store-x-file)
3. Once you have figured out the correct custom path, you can refer to the [customizing Gitea]({{< relref "doc/advanced/customizing-gitea.en-us.md" >}}) page to add your template to the correct location.
## Active user vs login prohibited user
In Gitea, an "active" user refers to a user that has activated their account via email.
A "login prohibited" user is a user that is not allowed to log in to Gitea anymore
## Setting up logging
* [Official Docs]({{< relref "doc/advanced/logging-documentation.en-us.md" >}})
## What is Swagger?
[Swagger](https://swagger.io/) is what Gitea uses for its API.
All Gitea instances have the built-in API, though it can be disabled by setting `ENABLE_SWAGGER` to `false` in the `api` section of your `app.ini`
For more information, refer to Gitea's [API docs]({{< relref "doc/advanced/api-usage.en-us.md" >}})
[Swagger Example](https://try.gitea.io/api/swagger)
## Adjusting your server for public/private use
### Preventing spammers
There are multiple things you can combine to prevent spammers.
1. By only whitelisting certain domains with OpenID (see below)
2. Setting `ENABLE_CAPTCHA` to `true` in your `app.ini` and properly configuring `RECAPTCHA_SECRET` and `RECAPTCHA_SITEKEY`
3. Settings `DISABLE_REGISTRATION` to `true` and creating new users via the [CLI]({{< relref "doc/usage/command-line.en-us.md" >}}), [API]({{< relref "doc/advanced/api-usage.en-us.md" >}}), or Gitea's Admin UI
### Only allow/block certain email domains
If using OpenID, you can configure `WHITELISTED_URIS` or `BLACKLISTED_URIS` in your `app.ini`
**NOTE:** whitelisted takes precedence, so if it is non-blank then blacklisted is ignored
### Issue only users
The current way to achieve this is to create/modify a user with a max repo creation limit of 0.
### Enable Fail2ban
Use [Fail2Ban]({{ relref "doc/usage/fail2ban-setup.md" >}}) to monitor and stop automated login attempts or other malicious behavior based on log patterns
## How to add/use custom themes
Gitea supports two official themes right now, `gitea` and `arc-green` (`light` and `dark` respectively)
To add your own theme, currently the only way is to provide a complete theme (not just color overrides)
As an example, let's say our theme is `arc-blue` (this is a real theme, and can be found [in this issue](https://github.com/go-gitea/gitea/issues/6011))
Name the `.css` file `theme-arc-blue.css` and add it to your custom folder in `custom/pulic/css`
Allow users to use it by adding `arc-blue` to the list of `THEMES` in your `app.ini`
## SSHD vs built-in SSH
SSHD is the built-in SSH server on most Unix systems.
Gitea also provides its own SSH server, for usage when SSHD is not available.
## Gitea is running slow
The most common culprit for this is loading federated avatars.
This can be turned off by setting `ENABLE_FEDERATED_AVATAR` to `false` in your `app.ini`
Another option that may need to be changed is setting `DISABLE_GRAVATAR` to `true` in your `app.ini`
## Can't create repositories/files
Make sure that Gitea has sufficient permissions to write to its home directory and data directory.
See [AppDataPath and RepoRootPath](#where-does-gitea-store-x-file)
**Note for Arch users:** At the time of writing this, there is an issue with the Arch package's systemd file including this line:
`ReadWritePaths=/etc/gitea/app.ini`
Which makes all other paths non-writeable to Gitea.
## Translation is incorrect/how to add more translations
Our translations are currently crowd-sourced on our [Crowdin project](https://crowdin.com/project/gitea)
Whether you want to change a translation or add a new one, it will need to be there as all translations are overwritten in our CI via the Crowdin integration.
## Hooks aren't running
If Gitea is not running hooks, a common cause is incorrect setup of SSH keys.
See [SSH Issues](#ssh-issues) for more information.
You can also try logging into the administration panel and running the `Resynchronize pre-receive, update and post-receive hooks of all repositories.` option.
## SSH issues
If you cannot reach repositories over `ssh`, but `https` works fine, consider looking into the following.
First, make sure you can access Gitea via SSH.
`ssh git@myremote.example`
If the connection is successful, you should receive an error message like the following:
```
Hi there, You've successfully authenticated, but Gitea does not provide shell access.
If this is unexpected, please log in with password and setup Gitea under another user.
```
If you do not get the above message but still connect, it means your SSH key is **not** being managed by Gitea. This means hooks won't run, among other potential problems.
If you cannot connect at all, your SSH key may not be configured correctly locally.
This is specific to SSH and not Gitea, so will not be covered here.
### SSH Common Errors
```
Permission denied (publickey).
fatal: Could not read from remote repository.
```
This error signifies that the server rejected a log in attempt, check the
following things:
* On the client:
* Ensure the public and private ssh keys are added to the correct Gitea user.
* Make sure there are no issues in the remote url. In particular, ensure the name of the
git user (before the `@`) is spelled correctly.
* Ensure public and private ssh keys are correct on client machine.
* On the server:
* Make sure the repository exists and is correctly named.
* Check the permissions of the `.ssh` directory in the system user's home directory.
* Verify that the correct public keys are added to `.ssh/authorized_keys`.
Try to run `Rewrite '.ssh/authorized_keys' file (for Gitea SSH keys)` on the
Gitea admin panel.
* Read Gitea logs.
* Read /var/log/auth (or similar).
* Check permissions of repositories.
The following is an example of a missing public SSH key where authentication
succeeded, but some other setting is preventing SSH from reaching the correct
repository.
```
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
```
In this case, look into the following settings:
* On the server:
* Make sure that the `git` system user has a usable shell set
* Verify this with `getent passwd git | cut -d: -f7`
* `usermod` or `chsh` can be used to modify this.
* Ensure that the `gitea serv` command in `.ssh/authorized_keys` uses the
correct configuration file.
## Missing releases after migrating repository with tags
To migrate an repository *with* all tags, you need to do two things:
* Push tags to the repository:
```
git push --tags
```
* (Re-)sync tags of all repositories within Gitea:
```
gitea admin repo-sync-releases
```
## LFS Issues
For issues concerning LFS data upload
```
batch response: Authentication required: Authorization error: <GITEA_LFS_URL>/info/lfs/objects/batch
Check that you have proper access to the repository
error: failed to push some refs to '<GIT_REPO_URL>'
```
Check the value of `LFS_HTTP_AUTH_EXPIRY` in your `app.ini` file.
By default, your LFS token will expire after 20 minutes. If you have a slow connection or a large file (or both), it may not finish uploading within the time limit.
You may want to set this value to `60m` or `120m`.

13
docs/content/doc/help/seek-help.en-us.md
View File

@@ -15,21 +15,12 @@ menu:
# Support Options
- [Discord](https://discord.gg/Gitea)
- [Discord](https://discord.gg/NsatcWJ)
- [Discourse Forum](https://discourse.gitea.io/)
**NOTE:** When asking for support, it may be a good idea to have the following available so that the person helping has all the info they need:
1. Your `app.ini` (with any sensitive data scrubbed as necessary)
2. The `gitea.log` (and any other appropriate log files for the situation)
* e.g. If the error is related to the database, the `xorm.log` might be helpful
3. Any error messages you are seeing
4. When possible, try to replicate the issue on [try.gitea.io](https://try.gitea.io) and include steps so that others can reproduce the issue.
* This will greatly improve the chance that the root of the issue can be quickly discovered and resolved.
## Bugs
If you found a bug, please create an [issue on GitHub](https://github.com/go-gitea/gitea/issues).
If you found a bug, please create an [issue on Github](https://github.com/go-gitea/gitea/issues).
## Chinese Support

82
docs/content/doc/help/troubleshooting.en-us.md Normal file
View File

@@ -0,0 +1,82 @@
---
date: "2016-11-08T16:00:00+02:00"
title: "Troubleshooting"
slug: "troubleshooting"
weight: 10
toc: true
draft: false
menu:
sidebar:
parent: "help"
name: "Troubleshooting"
weight: 20
identifier: "troubleshooting"
---
# Troubleshooting
This page contains some common seen issues and their solutions.
## SSH issues
For issues reaching repositories over `ssh` while the gitea web front-end, but
`https` based git repository access works fine, consider looking into the following.
```
Permission denied (publickey).
fatal: Could not read from remote repository.
```
This error signifies that the server rejected a log in attempt, check the
following things:
* On the client:
* Ensure the public and private ssh keys are added to the correct Gitea user.
* Make sure there are no issues in the remote url, ensure the name of the
git user (before the `@`) is spelled correctly.
* Ensure public and private ssh keys are correct on client machine.
* Try to connect using ssh (ssh git@myremote.example) to ensure a connection
can be made.
* On the server:
* Make sure the repository exists and is correctly named.
* Check the permissions of the `.ssh` directory in the system user's home directory.
* Verify that the correct public keys are added to `.ssh/authorized_keys`.
Try to run `Rewrite '.ssh/authorized_keys' file (for Gitea SSH keys)` on the
Gitea admin panel.
* Read gitea logs.
* Read /var/log/auth (or similar).
* Check permissions of repositories.
The following is an example of a missing public SSH key where authentication
succeeded, but some other setting is preventing SSH from reaching the correct
repository.
```
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
```
In this case, look into the following settings:
* On the server:
* Make sure that the `git` system user has a usable shell set
* Verify this with `getent passwd git | cut -d: -f7`
* `usermod` or `chsh` can be used to modify this.
* Ensure that the `gitea serv` command in `.ssh/authorized_keys` uses the
correct configuration file.
## Missing releases after migrating repository with tags
To migrate an repository *with* all tags you need to do two things
* Push tags to the repository:
```
git push --tags
```
* (Re-)sync tags of all repositories within gitea:
```
gitea admin repo-sync-releases
```

74
docs/content/doc/installation/from-binary.en-us.md
View File

@@ -17,20 +17,20 @@ menu:
All downloads come with SQLite, MySQL and PostgreSQL support, and are built with
embedded assets. This can be different for older releases. Choose the file matching
the destination platform from the [downloads page](https://dl.gitea.io/gitea/), copy
the destination platform from the [downloads page](https://dl.gitea.io/gitea), copy
the URL and replace the URL within the commands below:
```sh
wget -O gitea https://dl.gitea.io/gitea/1.8.3/gitea-1.8.3-linux-amd64
wget -O gitea https://dl.gitea.io/gitea/1.5.0/gitea-1.5.0-linux-amd64
chmod +x gitea
```
## Verify GPG signature
Gitea signs all binaries with a [GPG key](https://pgp.mit.edu/pks/lookup?op=vindex&fingerprint=on&search=0x2D9AE806EC1592E2) to prevent against unwanted modification of binaries. To validate the binary, download the signature file which ends in `.asc` for the binary you downloaded and use the gpg command line tool.
Gitea signs all binaries with a [GPG key](https://pgp.mit.edu/pks/lookup?op=vindex&fingerprint=on&search=0x2D9AE806EC1592E2) to prevent against unwanted modification of binaries. To validate the binary download the signature file which ends in `.asc` for the binary you downloaded and use the gpg command line tool.
```sh
gpg --keyserver pgp.mit.edu --recv 7C9E68152594688862D62AF62D9AE806EC1592E2
gpg --verify gitea-1.8.3-linux-amd64.asc gitea-1.8.3-linux-amd64
gpg --keyserver pgp.mit.edu --recv 0x2D9AE806EC1592E2
gpg --verify gitea-1.5.0-linux-amd64.asc gitea-1.5.0-linux-amd64
```
## Test
@@ -44,17 +44,14 @@ location. When launched manually, Gitea can be killed using `Ctrl+C`.
## Recommended server configuration
**NOTE:** Many of the following directories can be configured using [Environment Variables]({{< relref "doc/advanced/specific-variables.en-us.md" >}}) as well!
Of note, configuring `GITEA_WORK_DIR` will tell Gitea where to base its working directory, as well as ease installation.
### Prepare environment
Check that Git is installed on the server. If it is not, install it first.
Check that git is installed on the server, if it is not install it first.
```sh
git --version
```
Create user to run Gitea (ex. `git`)
Create user to run gitea (ex. `git`)
```sh
adduser \
--system \
@@ -69,51 +66,33 @@ adduser \
### Create required directory structure
```sh
mkdir -p /var/lib/gitea/{custom,data,log}
chown -R git:git /var/lib/gitea/
chmod -R 750 /var/lib/gitea/
mkdir -p /var/lib/gitea/{custom,data,indexers,public,log}
chown git:git /var/lib/gitea/{data,indexers,log}
chmod 750 /var/lib/gitea/{data,indexers,log}
mkdir /etc/gitea
chown root:git /etc/gitea
chmod 770 /etc/gitea
```
**NOTE:** `/etc/gitea` is temporary set with write rights for user `git` so that Web installer could write configuration file. After installation is done, it is recommended to set rights to read-only using:
**NOTE:** `/etc/gitea` is temporary set with write rights for user `git` so that Web installer could write configuration file. After installation is done it is recommended to set rights to read-only using:
```
chmod 750 /etc/gitea
chmod 644 /etc/gitea/app.ini
```
If you don't want the web installer to be able to write the config file at all, it is also possible to make the config file read-only for the gitea user (owner/group `root:root`, mode `0660`), and set `INSTALL_LOCK = true`. In that case all database configuration details must be set beforehand in the config file, as well as the `SECRET_KEY` and `INTERNAL_TOKEN` values. See the [command line documentation]({{< relref "doc/usage/command-line.en-us.md" >}}) for information on using `gitea generate secret INTERNAL_TOKEN`.
### Configure Gitea's working directory
**NOTE:** If you plan on running Gitea as a Linux service, you can skip this step as the service file allows you to set `WorkingDirectory`. Otherwise, consider setting this environment variable (semi-)permanently so that Gitea consistently uses the correct working directory.
```
export GITEA_WORK_DIR=/var/lib/gitea/
```
### Copy Gitea binary to global location
### Copy gitea binary to global location
```
cp gitea /usr/local/bin/gitea
```
## Running Gitea
After the above steps, two options to run Gitea are:
### 1. Creating a service file to start Gitea automatically (recommended)
### Create service file to start gitea automatically
See how to create [Linux service]({{< relref "run-as-service-in-ubuntu.en-us.md" >}})
### 2. Running from command-line/terminal
```
GITEA_WORK_DIR=/var/lib/gitea/ /usr/local/bin/gitea web -c /etc/gitea/app.ini
```
## Updating to a new version
You can update to a new version of Gitea by stopping Gitea, replacing the binary at `/usr/local/bin/gitea` and restarting the instance.
You can update to a new version of gitea by stopping gitea, replacing the binary at `/usr/local/bin/gitea` and restarting the instance.
The binary file name should not be changed during the update to avoid problems
in existing repositories.
@@ -123,7 +102,7 @@ If you have carried out the installation steps as described above, the binary sh
have the generic name `gitea`. Do not change this, i.e. to include the version number.
See below for troubleshooting instructions to repair broken repositories after
an update of your Gitea version.
an update of your gitea version.
## Troubleshooting
@@ -136,25 +115,16 @@ SQLite support in the binaries provided by dl.gitea.io. In this situation, it is
possible to [install from source]({{< relref "from-source.en-us.md" >}}) without sqlite
support.
### Running Gitea on another port
### Running gitea on another port
For errors like `702 runWeb()] [E] Failed to start server: listen tcp 0.0.0.0:3000:
bind: address already in use` Gitea needs to be started on another free port. This
is possible using `./gitea web -p $PORT`. It's possible another instance of Gitea
bind: address already in use` gitea needs to be started on another free port. This
is possible using `./gitea web -p $PORT`. It's possible another instance of gitea
is already running.
### Running Gitea on Raspbian
### Git error after updating to a new version of gitea
As of v1.8, there is a problem with the arm7 version of Gitea and it doesn't run on Raspberry Pi and similar devices.
It is therefore recommended to switch to the arm6 version which has been tested and shown to work on Raspberry Pi and similar devices.
<!---
please remove after fixing the arm7 bug
--->
### Git error after updating to a new version of Gitea
If the binary file name has been changed during the update to a new version of Gitea,
If the binary file name has been changed during the update to a new version of gitea,
git hooks in existing repositories will not work any more. In that case, a git
error will be displayed when pushing to the repository.
@@ -162,7 +132,7 @@ error will be displayed when pushing to the repository.
remote: ./hooks/pre-receive.d/gitea: line 2: [...]: No such file or directory
```
The `[...]` part of the error message will contain the path to your previous Gitea
The `[...]` part of the error message will contain the path to your previous gitea
binary.
To solve this, go to the admin options and run the task `Resynchronize pre-receive,
@@ -170,6 +140,6 @@ update and post-receive hooks of all repositories` to update all hooks to contai
the new binary path. Please note that this overwrite all git hooks including ones
with customizations made.
If you aren't using the built-in to Gitea SSH server you will also need to re-write
If you aren't using the built-in to Gitea ssh server you will also need to re-write
the authorized key file by running the `Update the '.ssh/authorized_keys' file with
Gitea SSH keys.` task in the admin options.

2
docs/content/doc/installation/from-package.en-us.md
View File

@@ -20,7 +20,7 @@ menu:
Although there is a package of Gitea in Debian's [contrib](https://wiki.debian.org/SourcesList),
it is not supported directly by us.
Unfortunately, the package is not maintained anymore and broken because of missing sources.
Unfortunately the package is not maintained anymore and broken because of missing sources.
Please follow the [deployment from binary]({{< relref "from-binary.en-us.md" >}}) guide instead.
Should the packages get updated and fixed, we will provide up-to-date installation instructions here.

113
docs/content/doc/installation/from-source.en-us.md
View File

@@ -15,60 +15,43 @@ menu:
# Installation from source
You should [install go](https://golang.org/doc/install) and set up your go
environment correctly. In particular, it is recommended to set the `$GOPATH`
environment variable and to add the go bin directory or directories
`${GOPATH//://bin:}/bin` to the `$PATH`. See the Go wiki entry for
[GOPATH](https://github.com/golang/go/wiki/GOPATH).
This section will not include basic [installation instructions](https://golang.org/doc/install).
**Note**: When executing make tasks that require external tools, like
`make misspell-check`, Gitea will automatically download and build these as
necessary. To be able to use these, you must have the `"$GOPATH/bin"` directory
on the executable path. If you don't add the go bin directory to the
executable path, you will have to manage this yourself.
**Note 2**: Go version 1.9 or higher is required. However, it is recommended to
obtain the same version as our continuous integration, see the advice given in
<a href='{{< relref "doc/advanced/hacking-on-gitea.en-us.md" >}}'>Hacking on
Gitea</a>
**Note**: Go version 1.8 or higher is required
## Download
First, retrieve the source code. The easiest way is to use the Go tool. Use the
following commands to fetch the source and switch into the source directory.
Go is quite opinionated about where it expects its source code, and simply
cloning the Gitea repository to an arbitrary path is likely to lead to
problems - the fixing of which is out of scope for this document.
First retrieve the source code. The easiest way is to use the Go tool. Use the following
commands to fetch the source and switch into the source directory.
```bash
```
go get -d -u code.gitea.io/gitea
cd "$GOPATH/src/code.gitea.io/gitea"
cd $GOPATH/src/code.gitea.io/gitea
```
Decide which version of Gitea to build and install. Currently, there are
multiple options to choose from. The `master` branch represents the current
development version. To build with master, skip to the [build section](#build).
Decide which version of Gitea to build and install. Currently, there are multiple options
to choose from. The `master` branch represents the current development version. To build
with master, skip to the [build section](#build).
To work with tagged releases, the following commands can be used:
```bash
```
git branch -a
git checkout v1.0
```
To validate a Pull Request, first enable the new branch (`xyz` is the PR id;
for example `2663` for [#2663](https://github.com/go-gitea/gitea/pull/2663)):
To validate a Pull Request, first enable the new branch (`xyz` is the PR id; for example
`2663` for [#2663](https://github.com/go-gitea/gitea/pull/2663)):
```bash
```
git fetch origin pull/xyz/head:pr-xyz
```
To build Gitea from source at a specific tagged release (like v1.0.0), list the
available tags and check out the specific tag.
To build Gitea from source at a specific tagged release (like v1.0.0), list the available
tags and check out the specific tag.
List available tags with the following.
```bash
```
git tag -l
git checkout v1.0.0 # or git checkout pr-xyz
```
@@ -76,67 +59,33 @@ git checkout v1.0.0 # or git checkout pr-xyz
## Build
Since all required libraries are already bundled in the Gitea source, it's
possible to build Gitea with no additional downloads apart from Make
<a href='{{< relref "doc/advanced/make.en-us.md" >}}'>(See here how to get Make)</a>.
Various [make tasks](https://github.com/go-gitea/gitea/blob/master/Makefile)
are provided to keep the build process as simple as possible.
possible to build Gitea with no additional downloads. Various
[make tasks](https://github.com/go-gitea/gitea/blob/master/Makefile) are
provided to keep the build process as simple as possible.
<a href='{{< relref "doc/advanced/make.en-us.md" >}}'>See here how to get Make</a>.
Depending on requirements, the following build tags can be included.
* `bindata`: Build a single monolithic binary, with all assets included.
* `sqlite sqlite_unlock_notify`: Enable support for a
[SQLite3](https://sqlite.org/) database. Suggested only for tiny
installations.
* `pam`: Enable support for PAM (Linux Pluggable Authentication Modules). Can
be used to authenticate local users or extend authentication to methods
available to PAM.
* `sqlite`: Enable support for a [SQLite3](https://sqlite.org/) database. Suggested only
for tiny installations.
* `tidb`: Enable support for a [TiDB](https://github.com/pingcap/tidb) database.
* `pam`: Enable support for PAM (Linux Pluggable Authentication Modules). Can be used to
authenticate local users or extend authentication to methods available to PAM.
Bundling assets into the binary using the `bindata` build tag can make
development and testing easier, but is not ideal for a production deployment.
To include assets, they must be built separately using the `generate` make
task e.g.:
Bundling assets into the binary using the `bindata` build tag can make development and
testing easier, but is not ideal for a production deployment. To include assets, they
must be built separately using the `generate` make task.
```bash
TAGS="bindata" make generate build
```
In the default release build of our continuous integration system, the build
tags are: `TAGS="bindata sqlite sqlite_unlock_notify"`. The simplest
recommended way to build from source is therefore:
```bash
TAGS="bindata sqlite sqlite_unlock_notify" make generate build
TAGS="bindata" make generate build
```
## Test
After following the steps above, a `gitea` binary will be available in the working directory.
After following the steps above a `gitea` binary will be available in the working directory.
It can be tested from this directory or moved to a directory with test data. When Gitea is
launched manually from command line, it can be killed by pressing `Ctrl + C`.
```bash
```
./gitea web
```
## Changing the default CustomPath, CustomConf and AppWorkDir
Gitea will search for a number of things from the `CustomPath`. By default this is
the `custom/` directory in the current working directory when running Gitea. It will also
look for its configuration file `CustomConf` in `$CustomPath/conf/app.ini`, and will use the
current working directory as the relative base path `AppWorkDir` for a number configurable
values.
These values, although useful when developing, may conflict with downstream users preferences.
One option is to use a script file to shadow the `gitea` binary and create an appropriate
environment before running Gitea. However, when building you can change these defaults
using the `LDFLAGS` environment variable for `make`. The appropriate settings are as follows
* To set the `CustomPath` use `LDFLAGS="-X \"code.gitea.io/gitea/modules/setting.CustomPath=custom-path\""`
* For `CustomConf` you should use `-X \"code.gitea.io/gitea/modules/setting.CustomConf=conf.ini\"`
* For `AppWorkDir` you should use `-X \"code.gitea.io/gitea/modules/setting.AppWorkDir=working-directory\"`
Add as many of the strings with their preceding `-X` to the `LDFLAGS` variable and run `make build`
with the appropriate `TAGS` as above.
Running `gitea help` will allow you to review what the computed settings will be for your `gitea`.

3
docs/content/doc/installation/from-source.fr-fr.md
View File

@@ -57,7 +57,8 @@ git checkout pr-xyz
Comme nous regroupons déjà toutes les bibliothèques requises pour compiler Gitea, vous pouvez continuer avec le processus de compilation lui-même. Nous fournissons diverses [tâches Make](https://github.com/go-gitea/gitea/blob/master/Makefile) pour rendre le processus de construction aussi simple que possible. <a href='{{< relref "doc/advanced/make.fr-fr.md" >}}'>Voyez ici comment obtenir Make</a>. Selon vos besoins, vous pourrez éventuellement ajouter diverses options de compilation, vous pouvez choisir entre ces options :
* `bindata`: Intègre toutes les ressources nécessaires à l'exécution d'une instance de Gitea, ce qui rend un déploiement facile car il n'est pas nécessaire de se préoccuper des fichiers supplémentaires.
* `sqlite sqlite_unlock_notify`: Active la prise en charge d'une base de données [SQLite3](https://sqlite.org/), ceci n'est recommandé que pour les petites installations de Gitea.
* `sqlite`: Active la prise en charge d'une base de données [SQLite3](https://sqlite.org/), ceci n'est recommandé que pour les petites installations de Gitea.
* `tidb`: Active la prise en charge d'une base de données [TiDB](https://github.com/pingcap/tidb), c'est une base de données simplet et basée sur des fichiers. Elle est comparable à SQLite.
* `pam`: Active la prise en charge de PAM (mLinux Pluggable Authentication Modules), très utile si vos utilisateurs doivent être authentifiés avec les comptes du système.
Il est temps de compiler le binaire, nous suggérons d'intégrer les ressources avec l'option de compilation `bindata`. Pour inclure les ressources, vous devrez également exécuter la tâche Make `generate`. Dans le cas échéant, les ressources ne pourront pas être intégrées:

3
docs/content/doc/installation/from-source.zh-cn.md
View File

@@ -47,7 +47,8 @@ git checkout v1.0.0
我们已经将所有的依赖项拷贝到本工程,我们提供了一些 [编译选项](https://github.com/go-gitea/gitea/blob/master/Makefile) 来让编译更简单。你可以按照你的需求来设置编译开关,可用编译选项如下:
* `bindata`: 这个编译选项将会把运行Gitea所需的所有外部资源都打包到可执行文件中这样部署将非常简单因为除了可执行程序将不再需要任何其他文件。
* `sqlite sqlite_unlock_notify`: 这个编译选项将启用SQLite3数据库的支持建议只在少数人使用时使用这个模式。
* `sqlite`: 这个编译选项将启用SQLite3数据库的支持建议只在少数人使用时使用这个模式。
* `tidb`: 这个编译选项启用tidb嵌入式数据库的支持他跟SQLite类似但是是用纯Go编写的。
* `pam`: 这个编译选项将会启用 PAM (Linux Pluggable Authentication Modules) 认证,如果你使用这一认证模式的话需要开启这个选项。
我们支持两种方式进行编译Make 工具 和 Go 工具。不过我们推荐使用 Make工具因为他将会给出更多的编译选项。

3
docs/content/doc/installation/from-source.zh-tw.md
View File

@@ -47,7 +47,8 @@ git checkout v1.0.0
完成設定相依性套件環境等工作後,您就可以開始編譯工作了。我們提供了不同的[編譯選項](https://github.com/go-gitea/gitea/blob/master/Makefile) ,讓編譯過程更加簡單。您可以根據需求來調整編譯選項,底下是可用的編譯選項說明:
* `bindata`: 使用此標籤來嵌入所有 Gitea 相關資源,您不用擔心其他額外檔案,對於部署來說非常方便。
* `sqlite sqlite_unlock_notify`: 使用此標籤來啟用 [SQLite3](https://sqlite.org/) 資料庫,建議只有少數人時才使用此模式。
* `sqlite`: 使用此標籤來啟用 [SQLite3](https://sqlite.org/) 資料庫,建議只有少數人時才使用此模式。
* `tidb`: 使用此標籤來啟用 [TiDB](https://github.com/pingcap/tidb) 資料庫,它是檔案形式的資料庫,跟 SQLite 類似。
* `pam`: 使用此標籤來啟用 PAM (Linux Pluggable Authentication Modules) 認證,對於系統使用者來說,此方式最方便了。
現在您可以開始編譯執行檔了,我們建議使用 `bindata` 編譯選項,使用 `bindata` 選項前,您必須執行 `generate` 任務將所有資源都一起編譯進去,否則相關資源都不會被編譯進執行檔:

6
docs/content/doc/installation/run-as-service-in-ubuntu.en-us.md
View File

@@ -29,7 +29,7 @@ Uncomment any service that needs to be enabled on this host, such as MySQL.
Change the user, home directory, and other required startup values. Change the
PORT or remove the -p flag if default port is used.
Enable and start Gitea at boot:
Enable and start gitea at boot:
```
sudo systemctl enable gitea
sudo systemctl start gitea
@@ -45,7 +45,7 @@ sudo apt install supervisor
Create a log dir for the supervisor logs:
```
# assuming Gitea is installed in /home/git/gitea/
# assuming gitea is installed in /home/git/gitea/
mkdir /home/git/gitea/log/supervisor
```
@@ -57,7 +57,7 @@ sudo vim /etc/supervisor/supervisord.conf
Append the configuration from the sample
[supervisord config](https://github.com/go-gitea/gitea/blob/master/contrib/supervisor/gitea).
Change the user (git) and home (/home/git) settings to match the deployment
Change the user(git) and home(/home/git) settings to match the deployment
environment. Change the PORT or remove the -p flag if default port is used.
Lastly enable and start supervisor at boot:

63
docs/content/doc/installation/run-as-service-in-ubuntu.zh-cn.md
View File

@@ -1,63 +0,0 @@
---
date: "2017-07-21T12:00:00+02:00"
title: "在 Linux 中以 service 方式运行"
slug: "linux-service"
weight: 10
toc: true
draft: false
menu:
sidebar:
parent: "installation"
name: "在Linux中以service方式运行"
weight: 20
identifier: "linux-service"
---
### 在 Ubuntu 16.04 LTS 中以 service 方式运行
#### systemd 方式
在 terminal 中执行以下命令:
```
sudo vim /etc/systemd/system/gitea.service
```
接着拷贝示例代码 [gitea.service](https://github.com/go-gitea/gitea/blob/master/contrib/systemd/gitea.service) 并取消对任何需要运行在主机上的服务部分的注释,譬如 MySQL。
修改 userhome 目录以及其他必须的初始化参数,如果使用自定义端口,则需修改 PORT 参数,反之如果使用默认端口则需删除 -p 标记。
激活 gitea 并将它作为系统自启动服务:
```
sudo systemctl enable gitea
sudo systemctl start gitea
```
#### 使用 supervisor
在 terminal 中执行以下命令安装 supervisor
```
sudo apt install supervisor
```
为 supervisor 配置日志路径:
```
# assuming gitea is installed in /home/git/gitea/
mkdir /home/git/gitea/log/supervisor
```
在文件编辑器中打开 supervisor 的配置文件:
```
sudo vim /etc/supervisor/supervisord.conf
```
增加如下示例配置
[supervisord config](https://github.com/go-gitea/gitea/blob/master/contrib/supervisor/gitea)。
将 user(git) 和 home(/home/git) 设置为与上文部署中匹配的值。如果使用自定义端口,则需修改 PORT 参数,反之如果使用默认端口则需删除 -p 标记。
最后激活 supervisor 并将它作为系统自启动服务:
```
sudo systemctl enable supervisor
sudo systemctl start supervisor
```

23
docs/content/doc/installation/windows-service.en-us.md
View File

@@ -13,27 +13,6 @@ menu:
identifier: "windows-service"
---
# Prerequisites
The following changes are made in C:\gitea\custom\conf\app.ini:
```
RUN_USER = COMPUTERNAME$
```
Sets Gitea to run as the local system user.
COMPUTERNAME is whatever the response is from `echo %COMPUTERNAME%` on the command line. If the response is `USER-PC` then `RUN_USER = USER-PC$`
## Use absolute paths
If you use sqlite3, change the `PATH` to include the full path:
```
[database]
PATH = c:/gitea/data/gitea.db
```
# Register as a Windows Service
To register Gitea as a Windows service, open a command prompt (cmd) as an Administrator,
@@ -46,7 +25,7 @@ sc create gitea start= auto binPath= ""C:\gitea\gitea.exe" web --config "C:\gite
Do not forget to replace `C:\gitea` with the correct Gitea directory.
Open "Windows Services", search for the service named "gitea", right-click it and click on
"Run". If everything is OK, Gitea will be reachable on `http://localhost:3000` (or the port
"Run". If everything is OK Gitea will be reachable on `http://localhost:3000` (or the port
that was configured).
## Unregister as a service

96
docs/content/doc/installation/with-docker.en-us.md
View File

@@ -19,14 +19,14 @@ Gitea provides automatically updated Docker images within its Docker Hub organiz
possible to always use the latest stable tag or to use another service that handles updating
Docker images.
This reference setup guides users through the setup based on `docker-compose`, but the installation
of `docker-compose` is out of scope of this documentation. To install `docker-compose` itself, follow
This reference setup guides users through the setup based on `docker-compose`, the installation
of `docker-compose` is out of scope of this documentation. To install `docker-compose` follow
the official [install instructions](https://docs.docker.com/compose/install/).
## Basics
The most simple setup just creates a volume and a network and starts the `gitea/gitea:latest`
image as a service. Since there is no database available, one can be initialized using SQLite3.
image as a service. Since there is no database available one can be initialized using SQLite3.
Create a directory like `gitea` and paste the following content into a file named `docker-compose.yml`.
Note that the volume should be owned by the user/group with the UID/GID specified in the config file.
If you don't give the volume correct permissions, the container may not start.
@@ -187,7 +187,7 @@ services:
To use named volumes instead of host volumes, define and use the named volume
within the `docker-compose.yml` configuration. This change will automatically
create the required volume. You don't need to worry about permissions with
named volumes; Docker will deal with that automatically.
named volumes, Docker will deal with that automatically.
```diff
version: "2"
@@ -230,10 +230,10 @@ Notice: if using a non-3000 port on http, change app.ini to match
## Install
After starting the Docker setup via `docker-compose`, Gitea should be available using a
After starting the Docker setup via `docker-compose` Gitea should be available using a
favorite browser to finalize the installation. Visit http://server-ip:3000 and follow the
installation wizard. If the database was started with the `docker-compose` setup as
documented above, please note that `db` must be used as the database hostname.
documented above please note that `db` must be used as the database hostname.
## Environments variables
@@ -248,12 +248,11 @@ You can configure some of Gitea's settings via environment variables:
* `DISABLE_SSH`: **false**: Disable SSH feature when it's not available.
* `HTTP_PORT`: **3000**: HTTP listen port.
* `ROOT_URL`: **""**: Overwrite the automatically generated public URL. This is useful if the internal and the external URL don't match (e.g. in Docker).
* `LFS_START_SERVER`: **false**: Enables git-lfs support.
* `DB_TYPE`: **sqlite3**: The database type in use \[mysql, postgres, mssql, sqlite3\].
* `DB_HOST`: **localhost:3306**: Database host address and port.
* `DB_NAME`: **gitea**: Database name.
* `DB_USER`: **root**: Database username.
* `DB_PASSWD`: **"\<empty>"**: Database user password. Use \`your password\` for quoting if you use special characters in the password.
* `DB_PASSWD`: **"<empty>"**: Database user password. Use \`your password\` for quoting if you use special characters in the password.
* `INSTALL_LOCK`: **false**: Disallow access to the install page.
* `SECRET_KEY`: **""**: Global secret key. This should be changed. If this has a value and `INSTALL_LOCK` is empty, `INSTALL_LOCK` will automatically set to `true`.
* `DISABLE_REGISTRATION`: **false**: Disable registration, after which only admin can create accounts for users.
@@ -264,84 +263,7 @@ You can configure some of Gitea's settings via environment variables:
# Customization
Customization files described [here](https://docs.gitea.io/en-us/customizing-gitea/) should
be placed in `/data/gitea` directory. If using host volumes, it's quite easy to access these
files; for named volumes, this is done through another container or by direct access at
be placed in `/data/gitea` directory. If using host volumes it's quite easy to access these
files; for named volumes this is done through another container or by direct access at
`/var/lib/docker/volumes/gitea_gitea/_data`. The configuration file will be saved at
`/data/gitea/conf/app.ini` after the installation.
# Upgrading
:exclamation::exclamation: **Make sure you have volumed data to somewhere outside Docker container** :exclamation::exclamation:
To upgrade your installation to the latest release:
```
# Edit `docker-compose.yml` to update the version, if you have one specified
# Pull new images
docker-compose pull
# Start a new container, automatically removes old one
docker-compose up -d
```
# SSH Container Passthrough
Since SSH is running inside the container, you'll have to pass SSH from the host to the
container if you wish to use SSH support. If you wish to do this without running the container
SSH on a non-standard port (or move your host port to a non-standard port), you can forward
SSH connections destined for the container with a little extra setup.
This guide assumes that you have created a user on the host called `git` which shares the same
UID/GID as the container values `USER_UID`/`USER_GID`. You should also create the directory
`/var/lib/gitea` on the host, owned by the `git` user and mounted in the container, e.g.
```
services:
server:
image: gitea/gitea:latest
environment:
- USER_UID=1000
- USER_GID=1000
restart: always
networks:
- gitea
volumes:
- /var/lib/gitea:/data
ports:
- "3000:3000"
- "127.0.0.1:2222:22"
```
You can see that we're also exposing the container SSH port to port 2222 on the host, and binding this
to 127.0.0.1 to prevent it being accessible external to the host machine itself.
On the **host**, you should create the file `/app/gitea/gitea` with the following contents and
make it executable (`chmod +x /app/gitea/gitea`):
```
#!/bin/sh
ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
```
Your `git` user needs to have an SSH key generated:
```
sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"
```
Still on the host, symlink the container `.ssh/authorized_keys` file to your git user `.ssh/authorized_keys`.
This can be done on the host as the `/var/lib/gitea` directory is mounted inside the container under `/data`:
```
ln -s /var/lib/gitea/git/.ssh/authorized_keys /home/git/.ssh/authorized_keys
```
Then echo the `git` user SSH key into the authorized_keys file so the host can talk to the container over SSH:
```
echo "no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty $(cat /home/git/.ssh/id_rsa.pub)" >> /var/lib/gitea/git/.ssh/authorized_keys
```
Now you should be able to use Git over SSH to your container without disrupting SSH access to the host.
Please note: SSH container passthrough will work only if using opensshd in container, and will not work if
`AuthorizedKeysCommand` is used in combination with setting `SSH_CREATE_AUTHORIZED_KEYS_FILE=false` to disable
authorized files key generation.

3
docs/content/doc/upgrade/from-gogs.en-us.md
View File

@@ -31,7 +31,6 @@ There are some basic steps to follow. On a Linux system run as the Gogs user:
* Copy `gogs/data/` to `gitea/data/`. It contains issue attachments and avatars.
* Verify by starting Gitea with `gitea web`.
* Enter Gitea admin panel on the UI, run `Rewrite '.ssh/authorized_keys' file`.
* Launch every major version of the binary ( `1.1.4``1.2.3``1.3.4``1.4.2` → etc ) to migrate database.
* If custom or config path was changed, run `Rewrite all update hook of repositories`.
## Change gogs specific information
@@ -70,7 +69,7 @@ There are some basic steps to follow. On a Linux system run as the Gogs user:
## Upgrading to most recent `gitea` version
After successful migration from `gogs` to `gitea 1.0.x`, it is possible to upgrade to the recent `gitea` version.
After successful migration from `gogs` to `gitea 1.0.x` it is possible to upgrade to the recent `gitea` version.
Simply download the file matching the destination platform from the [downloads page](https://dl.gitea.io/gitea)
and replace the binary.

1
docs/content/doc/upgrade/from-gogs.fr-fr.md
View File

@@ -27,7 +27,6 @@ Veuillez suivre les étapes ci-dessous. Sur Unix, toute les commandes s'exécute
* Si vous avez d'autres répertoires personnalisés comme `gitignore, label, license, locale, readme` dans `gogs/custom/conf` copiez-les vers `gitea/custom/options`.
* Copiez le répertoire `gogs/data/` vers `gitea/data/`.
* Vérifiez votre installation en exécutant Gitea avec la commande `gitea web`.
* Lancez le binaire de version majeure en version majeure ( `1.1.4``1.2.3``1.3.4``1.4.2` → etc ) afin de récupérer les migrations de base de données.
* Connectez vous au panel d'administration de Gitea et exécutez l'action `Rewrite '.ssh/authorized_keys' file`, puis l'action `Rewrite all update hook of repositories` (obligatoire si le chemin menant à votre configuration personnalisée à changé).
## Modifier les informations spécifiques de gogs

28
docs/content/doc/usage/backup-and-restore.en-us.md
View File

@@ -20,10 +20,10 @@ file can be unpacked and used to restore an instance.
## Backup Command (`dump`)
Switch to the user running Gitea: `su git`. Run `./gitea dump -c /path/to/app.ini` in the Gitea installation
Switch to the user running gitea: `su git`. Run `./gitea dump -c /path/to/app.ini` in the gitea installation
directory. There should be some output similar to the following:
```none
```
2016/12/27 22:32:09 Creating tmp work dir: /tmp/gitea-dump-417443001
2016/12/27 22:32:09 Dumping local repositories.../home/git/gitea-repositories
2016/12/27 22:32:22 Dumping database...
@@ -34,8 +34,7 @@ directory. There should be some output similar to the following:
Inside the `gitea-dump-1482906742.zip` file, will be the following:
* `app.ini` - Optional copy of configuration file if originally stored outside of the default `custom/` directory
* `custom` - All config or customization files in `custom/`.
* `custom` - All config or customerize files in `custom/`.
* `data` - Data directory in <GITEA_WORK_DIR>, except sessions if you are using file session. This directory includes `attachments`, `avatars`, `lfs`, `indexers`, sqlite file if you are using sqlite.
* `gitea-db.sql` - SQL dump of database
* `gitea-repo.zip` - Complete copy of the repository directory.
@@ -44,34 +43,17 @@ Inside the `gitea-dump-1482906742.zip` file, will be the following:
Intermediate backup files are created in a temporary directory specified either with the
`--tempdir` command-line parameter or the `TMPDIR` environment variable.
### Using Docker (`dump`)
There are a few caveats for using the `dump` command with Docker.
The command has to be executed with the `RUN_USER = <OS_USERNAME>` specified in `gitea/conf/app.ini`; and, for the zipping of the backup folder to occur without permission error the command `docker exec` must be executed inside of the `--tempdir`.
Example:
```none
docker exec -u <OS_USERNAME> -it -w <--tempdir> $(docker ps -qf "name=<NAME_OF_DOCKER_CONTAINER>") bash -c '/app/gitea/gitea dump -c </path/to/app.ini>'
```
*Note: `--tempdir` refers to the temporary directory of the docker environment used by Gitea; if you have not specified a custom `--tempdir`, then Gitea uses `/tmp` or the `TMPDIR` environment variable of the docker container. For `--tempdir` adjust your `docker exec` command options accordingly.
The result should be a file, stored in the `--tempdir` specified, along the lines of: `gitea-dump-1482906742.zip`
## Restore Command (`restore`)
There is currently no support for a recovery command. It is a manual process that mostly
involves moving files to their correct locations and restoring a database dump.
Example:
```none
```
apt-get install gitea
unzip gitea-dump-1482906742.zip
cd gitea-dump-1482906742
mv custom/conf/app.ini /etc/gitea/conf/app.ini # or mv app.ini /etc/gitea/conf/app.ini
mv custom/conf/app.ini /etc/gitea/conf/app.ini
unzip gitea-repo.zip
mv gitea-repo/* /var/lib/gitea/repositories/
chown -R gitea:gitea /etc/gitea/conf/app.ini /var/lib/gitea/repositories/

283
docs/content/doc/usage/command-line.en-us.md
View File

@@ -1,283 +0,0 @@
---
date: "2017-01-01T16:00:00+02:00"
title: "Usage: Command Line"
slug: "command-line"
weight: 10
toc: true
draft: false
menu:
sidebar:
parent: "usage"
name: "Command Line"
weight: 10
identifier: "command-line"
---
## Command Line
### Usage
`gitea [global options] command [command or global options] [arguments...]`
### Global options
All global options can be placed at the command level.
- `--help`, `-h`: Show help text and exit. Optional.
- `--version`, `-v`: Show version and exit. Optional. (example: `Gitea version 1.1.0+218-g7b907ed built with: bindata, sqlite`).
- `--custom-path path`, `-C path`: Location of the Gitea custom folder. Optional. (default: `AppWorkPath`/custom or `$GITEA_CUSTOM`).
- `--config path`, `-c path`: Gitea configuration file path. Optional. (default: `custom`/conf/app.ini).
- `--work-path path`, `-w path`: Gitea `AppWorkPath`. Optional. (default: LOCATION_OF_GITEA_BINARY or `$GITEA_WORK_DIR`)
NB: The defaults custom-path, config and work-path can also be
changed at build time (if preferred).
### Commands
#### web
Starts the server:
- Options:
- `--port number`, `-p number`: Port number. Optional. (default: 3000). Overrides configuration file.
- `--pid path`, `-P path`: Pidfile path. Optional.
- Examples:
- `gitea web`
- `gitea web --port 80`
- `gitea web --config /etc/gitea.ini --pid /var/run/gitea.pid`
- Notes:
- Gitea should not be run as root. To bind to a port below 1000, you can use setcap on
Linux: `sudo setcap 'cap_net_bind_service=+ep' /path/to/gitea`. This will need to be
redone every time you update Gitea.
#### admin
Admin operations:
- Commands:
- `create-user`
- Options:
- `--name value`: Username. Required. As of gitea 1.9.0, use the `--username` flag instead.
- `--username value`: Username. Required. New in gitea 1.9.0.
- `--password value`: Password. Required.
- `--email value`: Email. Required.
- `--admin`: If provided, this makes the user an admin. Optional.
- `--access-token`: If provided, an access token will be created for the user. Optional. (default: false).
- `--must-change-password`: If provided, the created user will be required to choose a newer password after
the initial login. Optional. (default: true).
- ``--random-password``: If provided, a randomly generated password will be used as the password of
the created user. The value of `--password` will be discarded. Optional.
- `--random-password-length`: If provided, it will be used to configure the length of the randomly
generated password. Optional. (default: 12)
- Examples:
- `gitea admin create-user --username myname --password asecurepassword --email me@example.com`
- `change-password`
- Options:
- `--username value`, `-u value`: Username. Required.
- `--password value`, `-p value`: New password. Required.
- Examples:
- `gitea admin change-password --username myname --password asecurepassword`
- `regenerate`
- Options:
- `hooks`: Regenerate git-hooks for all repositories
- `keys`: Regenerate authorized_keys file
- Examples:
- `gitea admin regenerate hooks`
- `gitea admin regenerate keys`
- `auth`:
- `list`:
- Description: lists all external authentication sources that exist
- Examples:
- `gitea admin auth list`
- `delete`:
- Options:
- `--id`: ID of source to be deleted. Required.
- Examples:
- `gitea admin auth delete --id 1`
- `add-oauth`:
- Options:
- `--name`: Application Name.
- `--provider`: OAuth2 Provider.
- `--key`: Client ID (Key).
- `--secret`: Client Secret.
- `--auto-discover-url`: OpenID Connect Auto Discovery URL (only required when using OpenID Connect as provider).
- `--use-custom-urls`: Use custom URLs for GitLab/GitHub OAuth endpoints.
- `--custom-auth-url`: Use a custom Authorization URL (option for GitLab/GitHub).
- `--custom-token-url`: Use a custom Token URL (option for GitLab/GitHub).
- `--custom-profile-url`: Use a custom Profile URL (option for GitLab/GitHub).
- `--custom-email-url`: Use a custom Email URL (option for GitHub).
- Examples:
- `gitea admin auth add-oauth --name external-github --provider github --key OBTAIN_FROM_SOURCE --secret OBTAIN_FROM_SOURCE`
- `update-oauth`:
- Options:
- `--id`: ID of source to be updated. Required.
- `--name`: Application Name.
- `--provider`: OAuth2 Provider.
- `--key`: Client ID (Key).
- `--secret`: Client Secret.
- `--auto-discover-url`: OpenID Connect Auto Discovery URL (only required when using OpenID Connect as provider).
- `--use-custom-urls`: Use custom URLs for GitLab/GitHub OAuth endpoints.
- `--custom-auth-url`: Use a custom Authorization URL (option for GitLab/GitHub).
- `--custom-token-url`: Use a custom Token URL (option for GitLab/GitHub).
- `--custom-profile-url`: Use a custom Profile URL (option for GitLab/GitHub).
- `--custom-email-url`: Use a custom Email URL (option for GitHub).
- Examples:
- `gitea admin auth update-oauth --id 1 --name external-github-updated`
- `add-ldap`: Add new LDAP (via Bind DN) authentication source
- Options:
- `--name value`: Authentication name. Required.
- `--not-active`: Deactivate the authentication source.
- `--security-protocol value`: Security protocol name. Required.
- `--skip-tls-verify`: Disable TLS verification.
- `--host value`: The address where the LDAP server can be reached. Required.
- `--port value`: The port to use when connecting to the LDAP server. Required.
- `--user-search-base value`: The LDAP base at which user accounts will be searched for. Required.
- `--user-filter value`: An LDAP filter declaring how to find the user record that is attempting to authenticate. Required.
- `--admin-filter value`: An LDAP filter specifying if a user should be given administrator privileges.
- `--username-attribute value`: The attribute of the users LDAP record containing the user name.
- `--firstname-attribute value`: The attribute of the users LDAP record containing the users first name.
- `--surname-attribute value`: The attribute of the users LDAP record containing the users surname.
- `--email-attribute value`: The attribute of the users LDAP record containing the users email address. Required.
- `--public-ssh-key-attribute value`: The attribute of the users LDAP record containing the users public ssh key.
- `--bind-dn value`: The DN to bind to the LDAP server with when searching for the user.
- `--bind-password value`: The password for the Bind DN, if any.
- `--attributes-in-bind`: Fetch attributes in bind DN context.
- `--synchronize-users`: Enable user synchronization.
- `--page-size value`: Search page size.
- Examples:
- `gitea admin auth add-ldap --name ldap --security-protocol unencrypted --host mydomain.org --port 389 --user-search-base "ou=Users,dc=mydomain,dc=org" --user-filter "(&(objectClass=posixAccount)(uid=%s))" --email-attribute mail`
- `update-ldap`: Update existing LDAP (via Bind DN) authentication source
- Options:
- `--id value`: ID of authentication source. Required.
- `--name value`: Authentication name.
- `--not-active`: Deactivate the authentication source.
- `--security-protocol value`: Security protocol name.
- `--skip-tls-verify`: Disable TLS verification.
- `--host value`: The address where the LDAP server can be reached.
- `--port value`: The port to use when connecting to the LDAP server.
- `--user-search-base value`: The LDAP base at which user accounts will be searched for.
- `--user-filter value`: An LDAP filter declaring how to find the user record that is attempting to authenticate.
- `--admin-filter value`: An LDAP filter specifying if a user should be given administrator privileges.
- `--username-attribute value`: The attribute of the users LDAP record containing the user name.
- `--firstname-attribute value`: The attribute of the users LDAP record containing the users first name.
- `--surname-attribute value`: The attribute of the users LDAP record containing the users surname.
- `--email-attribute value`: The attribute of the users LDAP record containing the users email address.
- `--public-ssh-key-attribute value`: The attribute of the users LDAP record containing the users public ssh key.
- `--bind-dn value`: The DN to bind to the LDAP server with when searching for the user.
- `--bind-password value`: The password for the Bind DN, if any.
- `--attributes-in-bind`: Fetch attributes in bind DN context.
- `--synchronize-users`: Enable user synchronization.
- `--page-size value`: Search page size.
- Examples:
- `gitea admin auth update-ldap --id 1 --name "my ldap auth source"`
- `gitea admin auth update-ldap --id 1 --username-attribute uid --firstname-attribute givenName --surname-attribute sn`
- `add-ldap-simple`: Add new LDAP (simple auth) authentication source
- Options:
- `--name value`: Authentication name. Required.
- `--not-active`: Deactivate the authentication source.
- `--security-protocol value`: Security protocol name. Required.
- `--skip-tls-verify`: Disable TLS verification.
- `--host value`: The address where the LDAP server can be reached. Required.
- `--port value`: The port to use when connecting to the LDAP server. Required.
- `--user-search-base value`: The LDAP base at which user accounts will be searched for.
- `--user-filter value`: An LDAP filter declaring how to find the user record that is attempting to authenticate. Required.
- `--admin-filter value`: An LDAP filter specifying if a user should be given administrator privileges.
- `--username-attribute value`: The attribute of the users LDAP record containing the user name.
- `--firstname-attribute value`: The attribute of the users LDAP record containing the users first name.
- `--surname-attribute value`: The attribute of the users LDAP record containing the users surname.
- `--email-attribute value`: The attribute of the users LDAP record containing the users email address. Required.
- `--public-ssh-key-attribute value`: The attribute of the users LDAP record containing the users public ssh key.
- `--user-dn value`: The users DN. Required.
- Examples:
- `gitea admin auth add-ldap-simple --name ldap --security-protocol unencrypted --host mydomain.org --port 389 --user-dn "cn=%s,ou=Users,dc=mydomain,dc=org" --user-filter "(&(objectClass=posixAccount)(cn=%s))" --email-attribute mail`
- `update-ldap-simple`: Update existing LDAP (simple auth) authentication source
- Options:
- `--id value`: ID of authentication source. Required.
- `--name value`: Authentication name.
- `--not-active`: Deactivate the authentication source.
- `--security-protocol value`: Security protocol name.
- `--skip-tls-verify`: Disable TLS verification.
- `--host value`: The address where the LDAP server can be reached.
- `--port value`: The port to use when connecting to the LDAP server.
- `--user-search-base value`: The LDAP base at which user accounts will be searched for.
- `--user-filter value`: An LDAP filter declaring how to find the user record that is attempting to authenticate.
- `--admin-filter value`: An LDAP filter specifying if a user should be given administrator privileges.
- `--username-attribute value`: The attribute of the users LDAP record containing the user name.
- `--firstname-attribute value`: The attribute of the users LDAP record containing the users first name.
- `--surname-attribute value`: The attribute of the users LDAP record containing the users surname.
- `--email-attribute value`: The attribute of the users LDAP record containing the users email address.
- `--public-ssh-key-attribute value`: The attribute of the users LDAP record containing the users public ssh key.
- `--user-dn value`: The users DN.
- Examples:
- `gitea admin auth update-ldap-simple --id 1 --name "my ldap auth source"`
- `gitea admin auth update-ldap-simple --id 1 --username-attribute uid --firstname-attribute givenName --surname-attribute sn`
#### cert
Generates a self-signed SSL certificate. Outputs to `cert.pem` and `key.pem` in the current
directory and will overwrite any existing files.
- Options:
- `--host value`: Comma seperated hostnames and ips which this certificate is valid for.
Wildcards are supported. Required.
- `--ecdsa-curve value`: ECDSA curve to use to generate a key. Optional. Valid options
are P224, P256, P384, P521.
- `--rsa-bits value`: Size of RSA key to generate. Optional. Ignored if --ecdsa-curve is
set. (default: 2048).
- `--start-date value`: Creation date. Optional. (format: `Jan 1 15:04:05 2011`).
- `--duration value`: Duration which the certificate is valid for. Optional. (default: 8760h0m0s)
- `--ca`: If provided, this cert generates it's own certificate authority. Optional.
- Examples:
- `gitea cert --host git.example.com,example.com,www.example.com --ca`
#### dump
Dumps all files and databases into a zip file. Outputs into a file like `gitea-dump-1482906742.zip`
in the current directory.
- Options:
- `--file name`, `-f name`: Name of the dump file with will be created. Optional. (default: gitea-dump-[timestamp].zip).
- `--tempdir path`, `-t path`: Path to the temporary directory used. Optional. (default: /tmp).
- `--skip-repository`, `-R`: Skip the repository dumping. Optional.
- `--database`, `-d`: Specify the database SQL syntax. Optional.
- `--verbose`, `-V`: If provided, shows additional details. Optional.
- Examples:
- `gitea dump`
- `gitea dump --verbose`
#### generate
Generates random values and tokens for usage in configuration file. Useful for generating values
for automatic deployments.
- Commands:
- `secret`:
- Options:
- `INTERNAL_TOKEN`: Token used for an internal API call authentication.
- `JWT_SECRET`: LFS & OAUTH2 JWT authentication secret (LFS_JWT_SECRET is aliased to this option for backwards compatibility).
- `SECRET_KEY`: Global secret key.
- Examples:
- `gitea generate secret INTERNAL_TOKEN`
- `gitea generate secret JWT_SECRET`
- `gitea generate secret SECRET_KEY`
#### keys
Provides an SSHD AuthorizedKeysCommand. Needs to be configured in the sshd config file:
```ini
...
# The value of -e and the AuthorizedKeysCommandUser should match the
# username running gitea
AuthorizedKeysCommandUser git
AuthorizedKeysCommand /path/to/gitea keys -e git -u %u -t %t -k %k
```
The command will return the appropriate authorized_keys line for the
provided key. You should also set the value
`SSH_CREATE_AUTHORIZED_KEYS_FILE=false` in the `[server]` section of
`app.ini`.
NB: opensshd requires the gitea program to be owned by root and not
writable by group or others. The program must be specified by an absolute
path.

165
docs/content/doc/usage/command-line.md Normal file
View File

@@ -0,0 +1,165 @@
---
date: "2017-01-01T16:00:00+02:00"
title: "Usage: Command Line"
slug: "command-line"
weight: 10
toc: true
draft: false
menu:
sidebar:
parent: "usage"
name: "Command Line"
weight: 10
identifier: "command-line"
---
## Command Line
### Usage
`gitea [global options] command [command options] [arguments...]`
### Global options
- `--help`, `-h`: Show help text and exit. Optional. This can be used with any of the
subcommands to see help text for it.
- `--version`, `-v`: Show version and exit. Optional. (example: `Gitea version
1.1.0+218-g7b907ed built with: bindata, sqlite`).
### Commands
#### web
Starts the server:
- Options:
- `--port number`, `-p number`: Port number. Optional. (default: 3000). Overrides configuration file.
- `--config path`, `-c path`: Gitea configuration file path. Optional. (default: custom/conf/app.ini).
- `--pid path`, `-P path`: Pidfile path. Optional.
- Examples:
- `gitea web`
- `gitea web --port 80`
- `gitea web --config /etc/gitea.ini --pid /var/run/gitea.pid`
- Notes:
- Gitea should not be run as root. To bind to a port below 1000, you can use setcap on
Linux: `sudo setcap 'cap_net_bind_service=+ep' /path/to/gitea`. This will need to be
redone every time you update Gitea.
#### admin
Admin operations:
- Commands:
- `create-user`
- Options:
- `--name value`: Username. Required.
- `--password value`: Password. Required.
- `--email value`: Email. Required.
- `--admin`: If provided, this makes the user an admin. Optional.
- `--config path`: Gitea configuration file path. Optional. (default: custom/conf/app.ini).
- Examples:
- `gitea admin create-user --name myname --password asecurepassword --email me@example.com`
- `change-password`
- Options:
- `--username value`, `-u value`: Username. Required.
- `--password value`, `-p value`: New password. Required.
- `--config path`: Gitea configuration file path. Optional. (default: custom/conf/app.ini).
- Examples:
- `gitea admin change-password --username myname --password asecurepassword`
- `regenerate`
- Options:
- `hooks`: Regenerate git-hooks for all repositories
- `keys`: Regenerate authorized_keys file
- Examples:
- `gitea admin regenerate hooks`
- `gitea admin regenerate keys`
- `auth`:
- `list`:
- Description: lists all external authentication sources that exist
- Options:
- `--config path`: Gitea configuration file path. Optional. (default: custom/conf/app.ini).
- Examples:
- `gitea auth list`
- `delete`:
- Options:
- `--id`: ID of source to be deleted. Required.
- `--config path`: Gitea configuration file path. Optional. (default: custom/conf/app.ini).
- Examples:
- `gitea auth delete --id 1`
- `add-oauth`:
- Options:
- `--config path`: Gitea configuration file path. Optional. (default: custom/conf/app.ini).
- `--name`: Application Name.
- `--provider`: OAuth2 Provider.
- `--key`: Client ID (Key).
- `--secret`: Client Secret.
- `--auto-discover-url`: OpenID Connect Auto Discovery URL (only required when using OpenID Connect as provider).
- `--use-custom-urls`: Use custom URLs for GitLab/GitHub OAuth endpoints.
- `--custom-auth-url`: Use a custom Authorization URL (option for GitLab/GitHub).
- `--custom-token-url`: Use a custom Token URL (option for GitLab/GitHub).
- `--custom-profile-url`: Use a custom Profile URL (option for GitLab/GitHub).
- `--custom-email-url`: Use a custom Email URL (option for GitHub).
- Examples:
- `gitea auth add-oauth --name external-github --provider github --key OBTAIN_FROM_SOURCE --secret OBTAIN_FROM_SOURCE`
- `update-oauth`:
- Options:
- `--id`: ID of source to be updated. Required.
- `--config path`: Gitea configuration file path. Optional. (default: custom/conf/app.ini).
- `--name`: Application Name.
- `--provider`: OAuth2 Provider.
- `--key`: Client ID (Key).
- `--secret`: Client Secret.
- `--auto-discover-url`: OpenID Connect Auto Discovery URL (only required when using OpenID Connect as provider).
- `--use-custom-urls`: Use custom URLs for GitLab/GitHub OAuth endpoints.
- `--custom-auth-url`: Use a custom Authorization URL (option for GitLab/GitHub).
- `--custom-token-url`: Use a custom Token URL (option for GitLab/GitHub).
- `--custom-profile-url`: Use a custom Profile URL (option for GitLab/GitHub).
- `--custom-email-url`: Use a custom Email URL (option for GitHub).
- Examples:
- `gitea auth update-oauth --id 1 --name external-github-updated`
#### cert
Generates a self-signed SSL certificate. Outputs to `cert.pem` and `key.pem` in the current
directory and will overwrite any existing files.
- Options:
- `--host value`: Comma seperated hostnames and ips which this certificate is valid for.
Wildcards are supported. Required.
- `--ecdsa-curve value`: ECDSA curve to use to generate a key. Optional. Valid options
are P224, P256, P384, P521.
- `--rsa-bits value`: Size of RSA key to generate. Optional. Ignored if --ecdsa-curve is
set. (default: 2048).
- `--start-date value`: Creation date. Optional. (format: `Jan 1 15:04:05 2011`).
- `--duration value`: Duration which the certificate is valid for. Optional. (default: 8760h0m0s)
- `--ca`: If provided, this cert generates it's own certificate authority. Optional.
- Examples:
- `gitea cert --host git.example.com,example.com,www.example.com --ca`
#### dump
Dumps all files and databases into a zip file. Outputs into a file like `gitea-dump-1482906742.zip`
in the current directory.
- Options:
- `--config path`, `-c path`: Gitea configuration file path. Optional. (default: custom/conf/app.ini).
- `--tempdir path`, `-t path`: Path to the temporary directory used. Optional. (default: /tmp).
- `--verbose`, `-v`: If provided, shows additional details. Optional.
- Examples:
- `gitea dump`
- `gitea dump --verbose`
#### generate
Generates random values and tokens for usage in configuration file. Useful for generating values
for automatic deployments.
- Commands:
- `secret`:
- Options:
- `INTERNAL_TOKEN`: Token used for an internal API call authentication.
- `LFS_JWT_SECRET`: LFS authentication secret.
- `SECRET_KEY`: Global secret key.
- Examples:
- `gitea generate secret INTERNAL_TOKEN`
- `gitea generate secret LFS_JWT_SECRET`
- `gitea generate secret SECRET_KEY`

6
docs/content/doc/usage/fail2ban-setup.md
View File

@@ -19,7 +19,7 @@ menu:
sure to test this before relying on it so you don't lock yourself out.**
Gitea returns an HTTP 200 for bad logins in the web logs, but if you have logging options on in
`app.ini`, then you should be able to go off of `log/gitea.log`, which gives you something like this
`app.ini`, then you should be able to go off of log/gitea.log, which gives you something like this
on a bad authentication:
```log
@@ -52,8 +52,8 @@ action = iptables-allports
Make sure and read up on fail2ban and configure it to your needs, this bans someone
for **15 minutes** (from all ports) when they fail authentication 10 times in an hour.
If you run Gitea behind a reverse proxy with Nginx (for example with Docker), you need to add
this to your Nginx configuration so that IPs don't show up as 127.0.0.1:
If you run Gitea behind a reverse proxy with nginx (for example with docker), you need to add
this to your nginx configuration so that IPs don't show up as 127.0.0.1:
```
proxy_set_header X-Real-IP $remote_addr;

28
docs/content/doc/usage/https-support.md
View File

@@ -15,12 +15,12 @@ menu:
# HTTPS setup to encrypt connections to Gitea
## Using the built-in server
## Using built-in server
Before you enable HTTPS, make sure that you have valid SSL/TLS certificates.
Before you enable HTTPS make sure that you have valid SSL/TLS certificates.
You could use self-generated certificates for evaluation and testing. Please run `gitea cert --host [HOST]` to generate a self signed certificate.
To use Gitea's built-in HTTPS support, you must change your `app.ini` file:
To use Gitea's built-in HTTPS support you must change your `app.ini` file:
```ini
[server]
@@ -30,27 +30,13 @@ HTTP_PORT = 3000
CERT_FILE = cert.pem
KEY_FILE = key.pem
```
To learn more about the config values, please checkout the [Config Cheat Sheet](../config-cheat-sheet#server).
### Setting up HTTP redirection
The Gitea server is only able to listen to one port; to redirect HTTP requests to the HTTPS port, you will need to enable the HTTP redirection service:
```ini
[server]
REDIRECT_OTHER_PORT = true
; Port the redirection service should listen on
PORT_TO_REDIRECT = 3080
```
If you are using Docker, make sure that this port is configured in your `docker-compose.yml` file.
## Using Let's Encrypt
[Let's Encrypt](https://letsencrypt.org/) is a Certificate Authority that allows you to automatically request and renew SSL/TLS certificates. In addition to starting Gitea on your configured port, to request HTTPS certificates, Gitea will also need to listed on port 80, and will set up an autoredirect to HTTPS for you. Let's Encrypt will need to be able to access Gitea via the Internet to verify your ownership of the domain.
[Let's Encrypt](https://letsencrypt.org/) is a Certificate Authority that allows you to automatically request and renew SSL/TLS certificates. In addition to starting Gitea on your configured port, to request HTTPS certificates Gitea will also need to listed on port 80, and will set up an autoredirect to HTTPS for you. Let's Encrypt will need to be able to access Gitea via the Internet to verify your ownership of the domain.
By using Let's Encrypt **you must consent** to their [terms of service](https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf).
By using Lets Encrypt **you must consent** to their [terms of service](https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf)
```ini
[server]
@@ -66,7 +52,7 @@ To learn more about the config values, please checkout the [Config Cheat Sheet](
## Using reverse proxy
Setup up your reverse proxy as shown in the [reverse proxy guide](../reverse-proxies).
Setup up your reverse proxy like shown in the [reverse proxy guide](../reverse-proxies).
After that, enable HTTPS by following one of these guides:
@@ -74,5 +60,5 @@ After that, enable HTTPS by following one of these guides:
* [apache2/httpd](https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html)
* [caddy](https://caddyserver.com/docs/tls)
Note: Your connection between your reverse proxy and Gitea might be unencrypted. To encrypt it too, follow the [built-in server guide](#using-built-in-server) and change
Note: You connection between your reverse proxy and gitea might be unencrypted. To encrypt it too follow the [built-in server guide](#using-built-in-server) and change
the proxy url to `https://[URL]`.

11
docs/content/doc/usage/issue-pull-request-templates.en-us.md
View File

@@ -15,11 +15,11 @@ menu:
# Issue and Pull Request Templates
Some projects have a standard list of questions that users need to answer
when creating an issue or pull request. Gitea supports adding templates to the
For some projects there are a standard list of questions that users need to be asked
for creating an issue, or adding a pull request. Gitea supports adding templates to the
main branch of the repository so that they can autopopulate the form when users are
creating issues and pull requests. This will cut down on the initial back and forth
of getting some clarifying details.
creating issues, and pull requests. This will cut down on the initial back and forth
of getting some clarifiying details.
Possible file names for issue templates:
@@ -39,6 +39,3 @@ Possible file names for PR templates:
* .gitea/pull_request_template.md
* .github/PULL_REQUEST_TEMPLATE.md
* .github/pull_request_template.md
Additionally, the New Issue page URL can be suffixed with `?body=Issue+Text` and the form will be populated with that string. This string will be used instead of the template if there is one.

2
docs/content/doc/usage/pull-request.en-us.md
View File

@@ -28,4 +28,4 @@ The first value of the list will be used in helpers.
## Pull Request Templates
You can find more information about pull request templates at the page [Issue and Pull Request templates](../issue-pull-request-templates).
You can find more information about pull request templates in the dedicated page : [Issue and Pull Request templates](../issue-pull-request-templates)

14
docs/content/doc/usage/reverse-proxies.en-us.md
View File

@@ -14,7 +14,7 @@ menu:
---
## Using Nginx as a reverse proxy
If you want Nginx to serve your Gitea instance, you can the following `server` section inside the `http` section of `nginx.conf`:
If you want Nginx to serve your Gitea instance you can the following `server` section inside the `http` section of `nginx.conf`:
```
server {
@@ -27,7 +27,7 @@ server {
}
```
## Using Nginx with a sub-path as a reverse proxy
## Using Nginx with a Sub-path as a reverse proxy
In case you already have a site, and you want Gitea to share the domain name, you can setup Nginx to serve Gitea under a sub-path by adding the following `server` section inside the `http` section of `nginx.conf`:
@@ -46,7 +46,7 @@ Then set `[server] ROOT_URL = http://git.example.com/git/` in your configuration
## Using Apache HTTPD as a reverse proxy
If you want Apache HTTPD to serve your Gitea instance, you can add the following to your Apache HTTPD configuration (usually located at `/etc/apache2/httpd.conf` in Ubuntu):
If you want Apache HTTPD to serve your Gitea instance you can add the following to you Apache HTTPD configuration (usually located at `/etc/apache2/httpd.conf` in Ubuntu):
```
<VirtualHost *:80>
@@ -60,7 +60,7 @@ If you want Apache HTTPD to serve your Gitea instance, you can add the following
Note: The following Apache HTTPD mods must be enabled: `proxy`, `proxy_http`
## Using Apache HTTPD with a sub-path as a reverse proxy
## Using Apache HTTPD with a Sub-path as a reverse proxy
In case you already have a site, and you want Gitea to share the domain name, you can setup Apache HTTPD to serve Gitea under a sub-path by adding the following to you Apache HTTPD configuration (usually located at `/etc/apache2/httpd.conf` in Ubuntu):
@@ -83,7 +83,7 @@ Note: The following Apache HTTPD mods must be enabled: `proxy`, `proxy_http`
## Using Caddy as a reverse proxy
If you want Caddy to serve your Gitea instance, you can add the following server block to your Caddyfile:
If you want Caddy to serve your Gitea instance you can add the following server block to your Caddyfile:
```
git.example.com {
@@ -91,9 +91,9 @@ git.example.com {
}
```
## Using Caddy with a sub-path as a reverse proxy
## Using Caddy with a Sub-path as a reverse proxy
In case you already have a site, and you want Gitea to share the domain name, you can setup Caddy to serve Gitea under a sub-path by adding the following to your server block in your Caddyfile:
In case you already have a site, and you want Gitea to share the domain name, you can setup Caddy to serve Gitea under a sub-path by adding the following to you server block in your Caddyfile:
```
git.example.com {

Some files were not shown because too many files have changed in this diff Show More