summaryrefslogtreecommitdiffstats
path: root/modules/setting
diff options
context:
space:
mode:
authorGiteabot <teabot@gitea.io>2023-06-18 16:56:50 -0400
committerGitHub <noreply@github.com>2023-06-18 20:56:50 +0000
commite9fab3ea3eae00f4375f01faba5c6cff2b98bf4f (patch)
treec3bb35c7c82b64a11502f36cc9cc73429d8fa78c /modules/setting
parente0bd6ebabdcfa45113beb0f3cc28362e62011716 (diff)
downloadgitea-e9fab3ea3eae00f4375f01faba5c6cff2b98bf4f.tar.gz
gitea-e9fab3ea3eae00f4375f01faba5c6cff2b98bf4f.zip
Avoid polluting the config (#25345) (#25354)
Backport #25345 by @wxiaoguang Caught by #25330 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Diffstat (limited to 'modules/setting')
-rw-r--r--modules/setting/mirror.go2
-rw-r--r--modules/setting/oauth2.go26
-rw-r--r--modules/setting/setting.go2
3 files changed, 16 insertions, 14 deletions
diff --git a/modules/setting/mirror.go b/modules/setting/mirror.go
index cd6b8d4562..3aa530a1f4 100644
--- a/modules/setting/mirror.go
+++ b/modules/setting/mirror.go
@@ -30,7 +30,7 @@ func loadMirrorFrom(rootCfg ConfigProvider) {
// DEPRECATED should not be removed because users maybe upgrade from lower version to the latest version
// if these are removed, the warning will not be shown
deprecatedSetting(rootCfg, "repository", "DISABLE_MIRRORS", "mirror", "ENABLED", "v1.19.0")
- if rootCfg.Section("repository").Key("DISABLE_MIRRORS").MustBool(false) {
+ if ConfigSectionKeyBool(rootCfg.Section("repository"), "DISABLE_MIRRORS") {
Mirror.DisableNewPull = true
}
diff --git a/modules/setting/oauth2.go b/modules/setting/oauth2.go
index 4dab468c10..836a2bb25f 100644
--- a/modules/setting/oauth2.go
+++ b/modules/setting/oauth2.go
@@ -120,18 +120,20 @@ func loadOAuth2From(rootCfg ConfigProvider) {
OAuth2.JWTSigningPrivateKeyFile = filepath.Join(AppDataPath, OAuth2.JWTSigningPrivateKeyFile)
}
- key := make([]byte, 32)
- n, err := base64.RawURLEncoding.Decode(key, []byte(OAuth2.JWTSecretBase64))
- if err != nil || n != 32 {
- key, err = generate.NewJwtSecret()
- if err != nil {
- log.Fatal("error generating JWT secret: %v", err)
- }
-
- secretBase64 := base64.RawURLEncoding.EncodeToString(key)
- rootCfg.Section("oauth2").Key("JWT_SECRET").SetValue(secretBase64)
- if err := rootCfg.Save(); err != nil {
- log.Fatal("save oauth2.JWT_SECRET failed: %v", err)
+ if InstallLock {
+ key := make([]byte, 32)
+ n, err := base64.RawURLEncoding.Decode(key, []byte(OAuth2.JWTSecretBase64))
+ if err != nil || n != 32 {
+ key, err = generate.NewJwtSecret()
+ if err != nil {
+ log.Fatal("error generating JWT secret: %v", err)
+ }
+
+ secretBase64 := base64.RawURLEncoding.EncodeToString(key)
+ rootCfg.Section("oauth2").Key("JWT_SECRET").SetValue(secretBase64)
+ if err := rootCfg.Save(); err != nil {
+ log.Fatal("save oauth2.JWT_SECRET failed: %v", err)
+ }
}
}
}
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index 293333a95b..539eb4b197 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -262,7 +262,7 @@ func loadRunModeFrom(rootCfg ConfigProvider) {
RunUser = rootSec.Key("RUN_USER").MustString(user.CurrentUsername())
// The following is a purposefully undocumented option. Please do not run Gitea as root. It will only cause future headaches.
// Please don't use root as a bandaid to "fix" something that is broken, instead the broken thing should instead be fixed properly.
- unsafeAllowRunAsRoot := rootSec.Key("I_AM_BEING_UNSAFE_RUNNING_AS_ROOT").MustBool(false)
+ unsafeAllowRunAsRoot := ConfigSectionKeyBool(rootSec, "I_AM_BEING_UNSAFE_RUNNING_AS_ROOT")
RunMode = os.Getenv("GITEA_RUN_MODE")
if RunMode == "" {
RunMode = rootSec.Key("RUN_MODE").MustString("prod")