aboutsummaryrefslogtreecommitdiffstats
path: root/custom/conf/app.example.ini
Commit message (Collapse)AuthorAgeFilesLines
* Update documentation to disable duration settings with -1 instead of 0 (#19647)Jimmy Praet2022-05-091-6/+6
| | | To turn off the notification endpoint polling, the value should be set to -1, not 0.
* Federation: return useful statistic information for nodeinfo (#19561)65432022-05-021-0/+3
| | | Add statistic information for total user count, active user count, issue count and comment count for `/nodeinfo`
* Disable unnecessary GitHooks elementsPawel Boguslawski2022-04-261-0/+1
| | | | | | | This mod fixes disabling unnecessary GitHooks elements. Related: https://github.com/go-gitea/gitea/pull/13129 Author-Change-Id: IB#1115251
* Use "main" as default branch name (#19354)wxiaoguang2022-04-081-1/+1
| | | | | * Use "main" as default branch name * fix test code
* Allow custom redirect for landing page (#19324)techknowlogick2022-04-051-1/+1
| | | | | | | | | | | | | * Allow custom redirect for landing page * Update modules/setting/setting.go Co-authored-by: delvh <dev.lh@web.de> * fix lint * one option Co-authored-by: delvh <dev.lh@web.de>
* Remove legacy unmaintained packages, refactor to support change default ↵wxiaoguang2022-04-031-0/+1
| | | | | | | | | | locale (#19308) Remove two unmaintained vendor packages `i18n` and `paginater`. Changes: * Rewrite `i18n` package with a more clear fallback mechanism. Fix an unstable `Tr` behavior, add more tests. * Refactor the legacy `Paginater` to `Paginator`, test cases are kept unchanged. Trivial enhancement (no breaking for end users): * Use the first locale in LANGS setting option as the default, add a log to prevent from surprising users.
* Add Package Registry (#16510)KN4CK3R2022-03-301-0/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added package store settings. * Added models. * Added generic package registry. * Added tests. * Added NuGet package registry. * Moved service index to api file. * Added NPM package registry. * Added Maven package registry. * Added PyPI package registry. * Summary is deprecated. * Changed npm name. * Sanitize project url. * Allow only scoped packages. * Added user interface. * Changed method name. * Added missing migration file. * Set page info. * Added documentation. * Added documentation links. * Fixed wrong error message. * Lint template files. * Fixed merge errors. * Fixed unit test storage path. * Switch to json module. * Added suggestions. * Added package webhook. * Add package api. * Fixed swagger file. * Fixed enum and comments. * Fixed NuGet pagination. * Print test names. * Added api tests. * Fixed access level. * Fix User unmarshal. * Added RubyGems package registry. * Fix lint. * Implemented io.Writer. * Added support for sha256/sha512 checksum files. * Improved maven-metadata.xml support. * Added support for symbol package uploads. * Added tests. * Added overview docs. * Added npm dependencies and keywords. * Added no-packages information. * Display file size. * Display asset count. * Fixed filter alignment. * Added package icons. * Formatted instructions. * Allow anonymous package downloads. * Fixed comments. * Fixed postgres test. * Moved file. * Moved models to models/packages. * Use correct error response format per client. * Use simpler search form. * Fixed IsProd. * Restructured data model. * Prevent empty filename. * Fix swagger. * Implemented user/org registry. * Implemented UI. * Use GetUserByIDCtx. * Use table for dependencies. * make svg * Added support for unscoped npm packages. * Add support for npm dist tags. * Added tests for npm tags. * Unlink packages if repository gets deleted. * Prevent user/org delete if a packages exist. * Use package unlink in repository service. * Added support for composer packages. * Restructured package docs. * Added missing tests. * Fixed generic content page. * Fixed docs. * Fixed swagger. * Added missing type. * Fixed ambiguous column. * Organize content store by sha256 hash. * Added admin package management. * Added support for sorting. * Add support for multiple identical versions/files. * Added missing repository unlink. * Added file properties. * make fmt * lint * Added Conan package registry. * Updated docs. * Unify package names. * Added swagger enum. * Use longer TEXT column type. * Removed version composite key. * Merged package and container registry. * Removed index. * Use dedicated package router. * Moved files to new location. * Updated docs. * Fixed JOIN order. * Fixed GROUP BY statement. * Fixed GROUP BY #2. * Added symbol server support. * Added more tests. * Set NOT NULL. * Added setting to disable package registries. * Moved auth into service. * refactor * Use ctx everywhere. * Added package cleanup task. * Changed packages path. * Added container registry. * Refactoring * Updated comparison. * Fix swagger. * Fixed table order. * Use token auth for npm routes. * Enabled ReverseProxy auth. * Added packages link for orgs. * Fixed anonymous org access. * Enable copy button for setup instructions. * Merge error * Added suggestions. * Fixed merge. * Handle "generic". * Added link for TODO. * Added suggestions. * Changed temporary buffer filename. * Added suggestions. * Apply suggestions from code review Co-authored-by: Thomas Boerger <thomas@webhippie.de> * Update docs/content/doc/packages/nuget.en-us.md Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Thomas Boerger <thomas@webhippie.de>
* Provide configuration to allow camo-media proxying (#12802)zeripath2022-03-291-0/+17
| | | | | | | | | * Provide configuration to allow camo-media proxying Fix #916 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* New cron task: delete old system notices (#19219)Pilou2022-03-281-0/+13
| | | Add a new cron task which deletes the old system notices.
* Make cron task no notice on success (#19221)zeripath2022-03-261-17/+17
| | | | | | | | | | | | | | | | | | Change all cron tasks to make them no notice on success default. Instead if a user wants notices on success they need to add NOTICE_ON_SUCCESS=true instead. ## :warning: BREAKING :warning: This changes the cron config so that notices on success are no longer set by default and breaks NO_SUCCESS_NOTICE settings. Instead users who want notices on success must set NOTICE_ON_SUCCESS=true instead. Signed-off-by: Andrew Thornton <art27@cantab.net> * Update custom/conf/app.example.ini Co-authored-by: Norwin <noerw@users.noreply.github.com> Co-authored-by: Norwin <noerw@users.noreply.github.com>
* Add warning to set SENDMAIL_ARGS to -- (#19102)zeripath2022-03-181-0/+1
| | | | | | | Even with #17688 email addresses that contain an initial `-` may still be present in the db and it may in future still be possible to imagine a situation whereby initial `-` are repermitted. This PR simply updates the documentation to warn users to set their SENDMAIL_ARGS with a terminal `--` to prevent this possibility email addresses being interpreted as options. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update golang.org/x/crypto (#19097)Gusted2022-03-161-1/+1
| | | | | | | | | | | | | | | | | | | | * Update golang.org/x/crypto - Update dependency to include fix for CVE. - See https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ?utm_medium=email&utm_source=footer * Fix deprecation notice * Remove workaround - Introduced in https://github.com/go-gitea/gitea/pull/17281 - Fixed in x/crypto: - https://github.com/golang/crypto/commit/5d542ad81a58c89581d596f49d0ba5d435481bcf - & https://github.com/golang/crypto/commit/3147a52a75dda54ac3a611ef8978640d85188a2a * Update Kex Algorithms - Use standardized name for curve22519-sha256. https://github.com/golang/crypto/commit/9b076918e3c7e908b2bdea932f272a9979f2488a - Prefer SHA256 version over SHA1 version. https://github.com/golang/crypto/commit/e4b3678e5f38521e67eba223ddd1902ceb3a303c
* Support ignore all santize for external renderer (#18984)Lunny Xiao2022-03-061-0/+2
| | | | | | | | | | | | | | * Support ignore all santize for external renderer * Update docs * Apply suggestions from code review Co-authored-by: silverwind <me@silverwind.io> * Fix doc Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: 6543 <6543@obermui.de>
* Don't clean up hardcoded `tmp` (#18983)KN4CK3R2022-03-021-2/+2
| | | | | * Don't clean up hardcoded `tmp`. * Fixed import.
* Disable service worker by default (#18914)silverwind2022-02-261-1/+1
| | | | | | | | The service worker causes a lot of issues with JS errors after instance upgrades while not bringing any real performance gain over regular HTTP caching. Disable it by default for this reason. Maybe later we can remove it completely, as I simply see no benefit in having it.
* Update SSH Server crypto settings (#18697)Gusted2022-02-101-3/+3
| | | | - Use a better and more curated list of Ciphers and KeyExchanges, these roughly follows OpenSSH's default. - Remove some cryptography values which were deprecated.
* Support custom ACME provider (#18340)Cristian Le2022-02-081-0/+30
| | | | | | * Added ACMECAURL option to support custom ACME provider. Closes #18306 * Refactor setting.go https settings, renamed options and variables, and documented app.example.ini * Refactored runLetsEncrypt to runACME * Improved documentation
* Add separate SSH_USER config option (#17584)Clar Fon2022-02-071-2/+5
| | | Co-authored-by: zeripath <art27@cantab.net>
* Switch to non-deprecation setting (#18358)Gusted2022-01-231-2/+3
| | | | | | * Switch to non-deprecation setting (Avoid by-default: "Deprecated fallback `[server]` `LFS_CONTENT_PATH` present. Use `[lfs]` `PATH` instead. This fallback will be removed in v1.18.0") * Update all references
* Refactor Router Logger (#17308)wxiaoguang2022-01-201-4/+13
| | | | | | Make router logger more friendly, show the related function name/file/line. [BREAKING] This PR substantially changes the logging format of the router logger. If you use this logging for monitoring e.g. fail2ban you will need to update this to match the new format.
* Support webauthn (#17957)Lunny Xiao2022-01-141-2/+3
| | | | | | | Migrate from U2F to Webauthn Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* fix location for custom/options/license (#18194)yearski2022-01-061-1/+1
|
* Enable partial clone by default (#18195)Gusted2022-01-061-1/+3
| | | | | - Enable partial clones(which are by default disabled from git) by default, unless configured otherwise. - Resolves #18190
* Add option to convert CRLF to LF line endings for sendmail (#18075)zeripath2022-01-061-0/+3
| | | | | | | | | | | | | It appears that several versions of sendmail require that the mail is sent to them with LF line endings instead of CRLF endings - which of course they will then convert back to CRLF line endings to comply with the SMTP standard. This PR adds another setting SENDMAIL_CONVERT_CRLF which will pass the message writer through a filter. This will filter out and convert CRLFs to LFs before writing them out to sendmail. Fix #18024 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add MP4 as default allowed attachment type (#18170)Gusted2022-01-041-1/+1
|
* Make AvatarRenderedSizeFactor configurable and set it to 3 (#17951)silverwind2021-12-161-0/+4
| | | | | | | | | | | | Save a bit of bandwidth by only requesting 3-times the rendered avatar size. Factor 4 is only really beneficial on a handful of mobile phones and I don't think they are the primary device we design for. Configurability contributed by zeripath. Fixes: https://github.com/go-gitea/gitea/pull/17422 Fixes: https://github.com/go-gitea/gitea/issues/16287 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Make Co-committed-by and co-authored-by trailers optional (#17848)zeripath2021-11-291-0/+3
| | | | | | | | This PR adds another option to app.ini make co-committed-by and co-authored-by trailers optional on a per server basis. Fix #17194 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add `PULL_LIMIT` and `PUSH_LIMIT` to cron.update_mirror task (#17568)zeripath2021-11-221-0/+6
|
* Use `hostmatcher` to replace `matchlist`, improve security (#17605)wxiaoguang2021-11-201-1/+1
| | | | | Use hostmacher to replace matchlist. And we introduce a better DialContext to do a full host/IP check, otherwise the attackers can still bypass the allow/block list by a 302 redirection.
* Make SSL cipher suite configurable (#17440)zeripath2021-11-201-0/+10
|
* Add settings to allow different SMTP envelope from address (#17479)zeripath2021-11-191-0/+3
| | | | | | | | | | | * Add settings to allow different SMTP envelope from address Sometimes it may be advisable to hide or alias the from address on an SMTP mail envelope. This PR adds two new options to the mailer to allow setting of an overriding from address. Fix #17477 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix documents for ALLOWED_HOST_LIST, its default value differs between 1.15 ↵wxiaoguang2021-11-081-0/+1
| | | | | and 1.16 (#17530) * fix documents for ALLOWED_HOST_LIST, its default value differs between 1.15 and 1.16
* Only allow webhook to send requests to allowed hosts (#17482)wxiaoguang2021-11-011-0/+6
|
* Make the Mirror Queue a queue (#17326)zeripath2021-10-171-2/+2
| | | | | | | | | Convert the old mirror syncing queue to the more modern queue format. Fix a bug in the from the repo-archive queue PR - the assumption was made that uniqueness could be enforced with by checking equality in a map in channel unique queues - however this only works for primitive types - which was the initial intention but is an imperfect. This is fixed by marshalling the data and placing the martialled data in the unique map instead. The documentation is also updated to add information about the deprecated configuration values. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add simple update checker to Gitea (#17212)techknowlogick2021-10-161-0/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add simple update checker to Gitea * update struct and remove comments * fix lint * Update custom/conf/app.example.ini * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-authored-by: delvh <dev.lh@web.de> * Update custom/conf/app.example.ini Co-authored-by: delvh <dev.lh@web.de> * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-authored-by: delvh <dev.lh@web.de> * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-authored-by: Steven <61625851+justusbunsi@users.noreply.github.com> * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md * Update modules/cron/tasks_extended.go Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> * Update custom/conf/app.example.ini Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> * take PR feedback into account and display banner on admin dashboard for alerts * Add more detailed message * placate lint * update per feedback Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Steven <61625851+justusbunsi@users.noreply.github.com> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Disable core.protectNTFS (#17300)zeripath2021-10-131-0/+2
| | | | | | | | | | | | | | core.protectNTFS protects NTFS from files which may be difficult to remove or interact with using the win32 api, however, it also appears to prevent such files from being entered into the git indexes - fundamentally causing breakages with PRs that affect these files. However, deliberately setting this to false may cause security issues due to the remain sparse checkout of files in the merge pipeline. The only sensible option therefore is to provide an optional setting which admins could set which would forcibly switch this off if they are affected by this issue. Fix #17092 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add metrics to get issues by repository (#17225)Romain2021-10-051-0/+2
|
* Add metrics to get issues by label (#17201)Romain2021-10-031-0/+2
| | | | | | | | | | | | | | | | | | | | | * Add metrics to get issues by label * Add comment on IssueByLabelCount * Code review - Unify "AS" in SQL (#17201) * Code review - Remove useless join (#17201) * Code review - Disable issue_by_label by default in settings (#17201) * use e * restore empty line * update docs Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix typo in app.example.ini (#17213)Petr Vaněk2021-10-031-2/+2
|
* Add nodeinfo endpoint for federation purposes (#16953)techknowlogick2021-09-281-0/+9
| | | | | | | | | | | | | | | | Nodeinfo is a way to expose certain metadata about a server for use of discovery regarding functionality of its federation capabilities. Two endpoints are required: 1. `/.well-known/nodeinfo` which informs client where it can find the location of the location of its metadata (including which version of the schema is used) 2. the endpoint which exposes the metadata in json format according to schema. Notes: * `openRegistrations` is a required field, but I propose to set to false as default in case someone writes a crawler to discover "open" gitea instances * to limit data leakage I also propose to not include the `usage` field (note it is required so it should be included, but left as empty). More info: https://github.com/jhass/nodeinfo https://github.com/jhass/nodeinfo/tree/main/schemas/2.1 http://nodeinfo.diaspora.software/protocol.html
* Use light/dark theme based on system preference (#17051)Gwyneth Morgan2021-09-271-2/+2
| | | | | | | | Add a new default theme `auto`, which will automatically switch between `gitea` (light) and `arc-green` (dark) themes depending on the user's operating system settings. Closes: #8183
* Enable Malayalam, Greek, Persian, Hungarian & Indonesian by default (#16998)65432021-09-091-2/+2
|
* Make mirror feature more configurable (#16957)65432021-09-071-3/+6
| | | | | | | | | | | Rename`[repository]` `DISABLE_MIRRORS` to `[mirror]` `DISABLE_NEW_PULL` and add `ENABLED` and `DISABLE_NEW_PUSH` with the below meanings: - `ENABLED`: **true**: Enables the mirror functionality. Set to **false** to disable all mirrors. - `DISABLE_NEW_PULL`: **false**: Disable the creation of **new** mirrors. Pre-existing mirrors remain valid. - `DISABLE_NEW_PUSH`: **false**: Disable the creation of **new** push mirrors. Pre-existing mirrors remain valid. Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: delvh <dev.lh@web.de>
* Paginate releases page & set default page size to 10 (#16857)Lunny Xiao2021-08-291-0/+1
| | | | | | | * Add release default page and set it to 10 * use limit Co-authored-by: 6543 <6543@obermui.de>
* Add EdDSA JWT signing algorithm (#16786)Aliaksandr Mianzhynski2021-08-251-1/+1
| | | | | | | | * Add EdDSA signing algorithm * Fix typo Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add proxy settings and support for migration and webhook (#16704)Lunny Xiao2021-08-181-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | * Add proxy settings and support for migration and webhook * Fix default value * Add newline for example ini * Add lfs proxy support * Fix lint * Follow @zeripath's review * Fix git clone * Fix test * missgin http requests for proxy * use empty Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
* Add API Token Cache (#16547)zeripath2021-08-171-0/+4
| | | | | | | | | | | | | | | | | One of the issues holding back performance of the API is the problem of hashing. Whilst banning BASIC authentication with passwords will help, the API Token scheme still requires a PBKDF2 hash - which means that heavy API use (using Tokens) can still cause enormous numbers of hash computations. A slight solution to this whilst we consider moving to using JWT based tokens and/or a session orientated solution is to simply cache the successful tokens. This has some security issues but this should be balanced by the security issues of load from hashing. Related #14668 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Allow setting X-FRAME-OPTIONS (#16643)zeripath2021-08-061-0/+3
| | | | | | | | | | | | | | | * Allow setting X-FRAME-OPTIONS This PR provides a mechanism to set the X-FRAME-OPTIONS header. Fix #7951 Signed-off-by: Andrew Thornton <art27@cantab.net> * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-authored-by: John Olheiser <john.olheiser@gmail.com> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Make Mermaid.js limit configurable (#16519)zeripath2021-07-241-0/+9
| | | | | | | | | | | | | | | | | | | | | | | * Make Mermaid.js limit configurable Add `MERMAID_MAX_SOURCE_CHARACTERS` to `[markup]` settings to make the maximum size of a mermaid render configurable. Fix #16513 Signed-off-by: Andrew Thornton <art27@cantab.net> * fixup! Make Mermaid.js limit configurable * Update custom/conf/app.example.ini Co-authored-by: silverwind <me@silverwind.io> * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* add configuration option to restrict users by default (#16256)Richard Nienaber2021-07-151-0/+3
| | | | | | | | | | | | | | | | | | * add configuration option to restrict users by default * default IsRestricted permission only set on sign up setting this in the model messes with other workflows (e.g. syncing LDAP users) where the IsRestricted permission needs to be explicitly set and not overridden by a config value * fix formatting * Apply suggestions from code review * ensure newly created user is set to restricted * ensure imports are in the correct order Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-30 23:22:14 +0000