Caught by #25330 Co-authored-by: Giteabot <teabot@gitea.io>tags/v1.21.0-rc0
@@ -30,7 +30,7 @@ func loadMirrorFrom(rootCfg ConfigProvider) { | |||
// DEPRECATED should not be removed because users maybe upgrade from lower version to the latest version | |||
// if these are removed, the warning will not be shown | |||
deprecatedSetting(rootCfg, "repository", "DISABLE_MIRRORS", "mirror", "ENABLED", "v1.19.0") | |||
if rootCfg.Section("repository").Key("DISABLE_MIRRORS").MustBool(false) { | |||
if ConfigSectionKeyBool(rootCfg.Section("repository"), "DISABLE_MIRRORS") { | |||
Mirror.DisableNewPull = true | |||
} | |||
@@ -120,18 +120,20 @@ func loadOAuth2From(rootCfg ConfigProvider) { | |||
OAuth2.JWTSigningPrivateKeyFile = filepath.Join(AppDataPath, OAuth2.JWTSigningPrivateKeyFile) | |||
} | |||
key := make([]byte, 32) | |||
n, err := base64.RawURLEncoding.Decode(key, []byte(OAuth2.JWTSecretBase64)) | |||
if err != nil || n != 32 { | |||
key, err = generate.NewJwtSecret() | |||
if err != nil { | |||
log.Fatal("error generating JWT secret: %v", err) | |||
} | |||
secretBase64 := base64.RawURLEncoding.EncodeToString(key) | |||
rootCfg.Section("oauth2").Key("JWT_SECRET").SetValue(secretBase64) | |||
if err := rootCfg.Save(); err != nil { | |||
log.Fatal("save oauth2.JWT_SECRET failed: %v", err) | |||
if InstallLock { | |||
key := make([]byte, 32) | |||
n, err := base64.RawURLEncoding.Decode(key, []byte(OAuth2.JWTSecretBase64)) | |||
if err != nil || n != 32 { | |||
key, err = generate.NewJwtSecret() | |||
if err != nil { | |||
log.Fatal("error generating JWT secret: %v", err) | |||
} | |||
secretBase64 := base64.RawURLEncoding.EncodeToString(key) | |||
rootCfg.Section("oauth2").Key("JWT_SECRET").SetValue(secretBase64) | |||
if err := rootCfg.Save(); err != nil { | |||
log.Fatal("save oauth2.JWT_SECRET failed: %v", err) | |||
} | |||
} | |||
} | |||
} |
@@ -262,7 +262,7 @@ func loadRunModeFrom(rootCfg ConfigProvider) { | |||
RunUser = rootSec.Key("RUN_USER").MustString(user.CurrentUsername()) | |||
// The following is a purposefully undocumented option. Please do not run Gitea as root. It will only cause future headaches. | |||
// Please don't use root as a bandaid to "fix" something that is broken, instead the broken thing should instead be fixed properly. | |||
unsafeAllowRunAsRoot := rootSec.Key("I_AM_BEING_UNSAFE_RUNNING_AS_ROOT").MustBool(false) | |||
unsafeAllowRunAsRoot := ConfigSectionKeyBool(rootSec, "I_AM_BEING_UNSAFE_RUNNING_AS_ROOT") | |||
RunMode = os.Getenv("GITEA_RUN_MODE") | |||
if RunMode == "" { | |||
RunMode = rootSec.Key("RUN_MODE").MustString("prod") |