diff options
author | Yarden Shoham <hrsi88@gmail.com> | 2023-02-28 00:29:17 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-02-28 00:29:17 +0200 |
commit | 111c5092878c1701909d89fd1075262cf415d6f2 (patch) | |
tree | 730bfd5f94df28a8448cc6c01eae45575f3f5d67 /modules | |
parent | 9d7ef0ad633a5bac164b67610dc16c95db739d73 (diff) | |
download | gitea-111c5092878c1701909d89fd1075262cf415d6f2.tar.gz gitea-111c5092878c1701909d89fd1075262cf415d6f2.zip |
Add InsecureSkipVerify to Minio Client for Storage (#23166) (#23177)
Backport #23166
Allows using Minio with untrusted certificates
Closes #23128
Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Diffstat (limited to 'modules')
-rw-r--r-- | modules/setting/storage.go | 1 | ||||
-rw-r--r-- | modules/storage/minio.go | 22 |
2 files changed, 14 insertions, 9 deletions
diff --git a/modules/setting/storage.go b/modules/setting/storage.go index 9197c5f8bb..4d401614e4 100644 --- a/modules/setting/storage.go +++ b/modules/setting/storage.go @@ -41,6 +41,7 @@ func getStorage(rootCfg ConfigProvider, name, typ string, targetSec *ini.Section sec.Key("MINIO_BUCKET").MustString("gitea") sec.Key("MINIO_LOCATION").MustString("us-east-1") sec.Key("MINIO_USE_SSL").MustBool(false) + sec.Key("MINIO_INSECURE_SKIP_VERIFY").MustBool(false) if targetSec == nil { targetSec, _ = rootCfg.NewSection(name) diff --git a/modules/storage/minio.go b/modules/storage/minio.go index 912f820ede..c427d8d7e3 100644 --- a/modules/storage/minio.go +++ b/modules/storage/minio.go @@ -5,7 +5,9 @@ package storage import ( "context" + "crypto/tls" "io" + "net/http" "net/url" "os" "path" @@ -42,13 +44,14 @@ const MinioStorageType Type = "minio" // MinioStorageConfig represents the configuration for a minio storage type MinioStorageConfig struct { - Endpoint string `ini:"MINIO_ENDPOINT"` - AccessKeyID string `ini:"MINIO_ACCESS_KEY_ID"` - SecretAccessKey string `ini:"MINIO_SECRET_ACCESS_KEY"` - Bucket string `ini:"MINIO_BUCKET"` - Location string `ini:"MINIO_LOCATION"` - BasePath string `ini:"MINIO_BASE_PATH"` - UseSSL bool `ini:"MINIO_USE_SSL"` + Endpoint string `ini:"MINIO_ENDPOINT"` + AccessKeyID string `ini:"MINIO_ACCESS_KEY_ID"` + SecretAccessKey string `ini:"MINIO_SECRET_ACCESS_KEY"` + Bucket string `ini:"MINIO_BUCKET"` + Location string `ini:"MINIO_LOCATION"` + BasePath string `ini:"MINIO_BASE_PATH"` + UseSSL bool `ini:"MINIO_USE_SSL"` + InsecureSkipVerify bool `ini:"MINIO_INSECURE_SKIP_VERIFY"` } // MinioStorage returns a minio bucket storage @@ -90,8 +93,9 @@ func NewMinioStorage(ctx context.Context, cfg interface{}) (ObjectStorage, error log.Info("Creating Minio storage at %s:%s with base path %s", config.Endpoint, config.Bucket, config.BasePath) minioClient, err := minio.New(config.Endpoint, &minio.Options{ - Creds: credentials.NewStaticV4(config.AccessKeyID, config.SecretAccessKey, ""), - Secure: config.UseSSL, + Creds: credentials.NewStaticV4(config.AccessKeyID, config.SecretAccessKey, ""), + Secure: config.UseSSL, + Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: config.InsecureSkipVerify}}, }) if err != nil { return nil, convertMinioErr(err) |