summaryrefslogtreecommitdiffstats
path: root/modules
diff options
context:
space:
mode:
authorYarden Shoham <hrsi88@gmail.com>2023-02-28 00:29:17 +0200
committerGitHub <noreply@github.com>2023-02-28 00:29:17 +0200
commit111c5092878c1701909d89fd1075262cf415d6f2 (patch)
tree730bfd5f94df28a8448cc6c01eae45575f3f5d67 /modules
parent9d7ef0ad633a5bac164b67610dc16c95db739d73 (diff)
downloadgitea-111c5092878c1701909d89fd1075262cf415d6f2.tar.gz
gitea-111c5092878c1701909d89fd1075262cf415d6f2.zip
Add InsecureSkipVerify to Minio Client for Storage (#23166) (#23177)
Backport #23166 Allows using Minio with untrusted certificates Closes #23128 Signed-off-by: Yarden Shoham <hrsi88@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Diffstat (limited to 'modules')
-rw-r--r--modules/setting/storage.go1
-rw-r--r--modules/storage/minio.go22
2 files changed, 14 insertions, 9 deletions
diff --git a/modules/setting/storage.go b/modules/setting/storage.go
index 9197c5f8bb..4d401614e4 100644
--- a/modules/setting/storage.go
+++ b/modules/setting/storage.go
@@ -41,6 +41,7 @@ func getStorage(rootCfg ConfigProvider, name, typ string, targetSec *ini.Section
sec.Key("MINIO_BUCKET").MustString("gitea")
sec.Key("MINIO_LOCATION").MustString("us-east-1")
sec.Key("MINIO_USE_SSL").MustBool(false)
+ sec.Key("MINIO_INSECURE_SKIP_VERIFY").MustBool(false)
if targetSec == nil {
targetSec, _ = rootCfg.NewSection(name)
diff --git a/modules/storage/minio.go b/modules/storage/minio.go
index 912f820ede..c427d8d7e3 100644
--- a/modules/storage/minio.go
+++ b/modules/storage/minio.go
@@ -5,7 +5,9 @@ package storage
import (
"context"
+ "crypto/tls"
"io"
+ "net/http"
"net/url"
"os"
"path"
@@ -42,13 +44,14 @@ const MinioStorageType Type = "minio"
// MinioStorageConfig represents the configuration for a minio storage
type MinioStorageConfig struct {
- Endpoint string `ini:"MINIO_ENDPOINT"`
- AccessKeyID string `ini:"MINIO_ACCESS_KEY_ID"`
- SecretAccessKey string `ini:"MINIO_SECRET_ACCESS_KEY"`
- Bucket string `ini:"MINIO_BUCKET"`
- Location string `ini:"MINIO_LOCATION"`
- BasePath string `ini:"MINIO_BASE_PATH"`
- UseSSL bool `ini:"MINIO_USE_SSL"`
+ Endpoint string `ini:"MINIO_ENDPOINT"`
+ AccessKeyID string `ini:"MINIO_ACCESS_KEY_ID"`
+ SecretAccessKey string `ini:"MINIO_SECRET_ACCESS_KEY"`
+ Bucket string `ini:"MINIO_BUCKET"`
+ Location string `ini:"MINIO_LOCATION"`
+ BasePath string `ini:"MINIO_BASE_PATH"`
+ UseSSL bool `ini:"MINIO_USE_SSL"`
+ InsecureSkipVerify bool `ini:"MINIO_INSECURE_SKIP_VERIFY"`
}
// MinioStorage returns a minio bucket storage
@@ -90,8 +93,9 @@ func NewMinioStorage(ctx context.Context, cfg interface{}) (ObjectStorage, error
log.Info("Creating Minio storage at %s:%s with base path %s", config.Endpoint, config.Bucket, config.BasePath)
minioClient, err := minio.New(config.Endpoint, &minio.Options{
- Creds: credentials.NewStaticV4(config.AccessKeyID, config.SecretAccessKey, ""),
- Secure: config.UseSSL,
+ Creds: credentials.NewStaticV4(config.AccessKeyID, config.SecretAccessKey, ""),
+ Secure: config.UseSSL,
+ Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: config.InsecureSkipVerify}},
})
if err != nil {
return nil, convertMinioErr(err)