aboutsummaryrefslogtreecommitdiffstats
path: root/custom/conf
Commit message (Collapse)AuthorAgeFilesLines
* Allow to fork repository into the same owner (#32819)wxiaoguang2024-12-141-1/+5
| | | | | | | | | | | | This feature is experimental, not fully tested, and may be changed in the future. It is only designed for users who really need it: set `[repository].ALLOW_FORK_INTO_SAME_OWNER=true` in your app.ini Doc: https://gitea.com/gitea/docs/pulls/122 ![image](https://github.com/user-attachments/assets/38d08c23-9cfc-49d8-9321-ff81edf65395)
* Allow to disable the password-based login (sign-in) form (#32687)wxiaoguang2024-12-021-9/+13
| | | | | | | | | | | | | | Usually enterprise/organization users would like to only allow OAuth2 login. This PR adds a new config option to disable the password-based login form. It is a simple and clear approach and won't block the future login-system refactoring works. Fix a TODO in #24821 Replace #21851 Close #7633 , close #13606
* Support optional/configurable IAMEndpoint for Minio Client (#32581) (#32581)Michael Owoc2024-11-221-0/+14
| | | | | | | | | | | | | | | | | | | | | | | Targeting issue #32271 This modification allows native Kubernetes + AWS (EKS) authentication with the Minio client, to Amazon S3 using the IRSA role assigned to a Service account by replacing the hard coded reference to the `DefaultIAMRoleEndpoint` with an optional configurable endpoint. Internally, Minio's `credentials.IAM` provider implements a discovery flow for IAM Endpoints if it is not set. For backwards compatibility: - We have added a configuration mechanism for an `IamEndpoint` to retain the unit test safety in `minio_test.go`. - We believe existing clients will continue to function the same without needing to provide a new config property since the internals of Minio client also often resolve to the `http://169.254.169.254` default endpoint that was being hard coded before To test, we were able to build a docker image from source and, observe it choosing the expected IAM endpoint, and see files uploaded via the client.
* Add avif image file support (#32508)wxiaoguang2024-11-151-1/+1
| | | | | | | | | Most modern browsers support it now ` Update ALLOWED_TYPES #96 ` https://gitea.com/gitea/docs/pulls/96 --------- Co-authored-by: silverwind <me@silverwind.io>
* Add `DEFAULT_MIRROR_REPO_UNITS` and `DEFAULT_TEMPLATE_REPO_UNITS` options ↵Zettat1232024-11-111-0/+8
| | | | | | | | | | | | | (#32416) Resolve #30350 The action unit of mirrors and templates should be disabled by default. This PR adds `DEFAULT_MIRROR_REPO_UNITS` and `DEFAULT_TEMPLATE_REPO_UNITS` options to allow users to specify default units for mirrors and templates. Thanks to @lng2020 for the [idea](https://github.com/go-gitea/gitea/issues/30350#issuecomment-2053942243)
* Use 8 as default value for git lfs concurrency (#32421)wxiaoguang2024-11-051-1/+1
|
* Make LFS http_client parallel within a batch. (#32369)Royce Remer2024-11-041-1/+7
| | | | Signed-off-by: Royce Remer <royceremer@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add new [lfs_client].BATCH_SIZE and [server].LFS_MAX_BATCH_SIZE config ↵Royce Remer2024-10-301-0/+8
| | | | | | | | | | | | | | | | | | settings. (#32307) This contains two backwards-compatible changes: * in the lfs http_client, the number of lfs oids requested per batch is loaded from lfs_client#BATCH_SIZE and defaulted to the previous value of 20 * in the lfs server/service, the max number of lfs oids allowed in a batch api request is loaded from server#LFS_MAX_BATCH_SIZE and defaults to 'nil' which equates to the previous behavior of 'infinite' This fixes #32306 --------- Signed-off-by: Royce Remer <royceremer@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add `DISABLE_ORGANIZATIONS_PAGE` and `DISABLE_CODE_PAGE` settings for ↵Zettat1232024-10-221-0/+18
| | | | | | | | | | | | explore pages and fix an issue related to user search (#32288) These settings can allow users to only display the repositories explore page. Thanks to yp05327 and wxiaoguang ! --------- Co-authored-by: Giteabot <teabot@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Enhance USER_DISABLED_FEATURES to allow disabling change username or full ↵Zisu Zhang2024-10-051-0/+2
| | | | | | | | | | | | | | | name (#31959) Fix #31958 Enhanced `USER_DISABLED_FEATURES`(also `EXTERNAL_USER_DISABLE_FEATURES`) option in `[admin]` section. Added following values: - `change_username`: Disable change username - `change_full_name`: Disable change full name --- Progress: - [x] Update code - [x] Update translations
* Add pure SSH LFS support (#31516)ConcurrentCrab2024-09-271-0/+2
| | | | | | | | | Fixes #17554 /claim #17554 Docs PR https://gitea.com/gitea/docs/pulls/49 To test, run pushes like: `GIT_TRACE=1` git push. The trace output should mention "pure SSH connection".
* Use camo.Always instead of camo.Allways (#32097)Lunny Xiao2024-09-211-1/+2
| | | | | Fix #31575 https://gitea.com/gitea/docs/pulls/73
* Enable compression for Actions logs by default (#32013)Jason Song2024-09-091-1/+1
| | | | | | | Close #31801. Follow #31761. Since there are so many benefits of compression and there are no reports of related issues after weeks, it should be fine to enable compression by default.
* Save initial signup information for users to aid in spam prevention (#31852)techknowlogick2024-09-091-0/+3
| | | | | | | | | | | | | | This will allow instance admins to view signup pattern patterns for public instances. It is modelled after discourse, mastodon, and MediaWiki's approaches. Note: This has privacy implications, but as the above-stated open-source projects take this approach, especially MediaWiki, which I have no doubt looked into this thoroughly, it is likely okay for us, too. However, I would be appreciative of any feedback on how this could be improved. --------- Co-authored-by: Giteabot <teabot@gitea.io>
* Use global lock instead of NewExclusivePool to allow distributed lock ↵Lunny Xiao2024-09-061-0/+6
| | | | | | | | | | between multiple Gitea instances (#31813) Replace #26486 Fix #19620 --------- Co-authored-by: Jason Song <i@wolfogre.com>
* Fix typo for `LOG_COMPRESSION` in ini (#31809)Jason Song2024-08-101-1/+1
| | | | | | | Follow #31761 --------- Co-authored-by: silverwind <me@silverwind.io>
* Support compression for Actions logs (#31761)Jason Song2024-08-091-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Support compression for Actions logs to save storage space and bandwidth. Inspired by https://github.com/go-gitea/gitea/issues/24256#issuecomment-1521153015 The biggest challenge is that the compression format should support [seekable](https://github.com/facebook/zstd/blob/dev/contrib/seekable_format/zstd_seekable_compression_format.md). So when users are viewing a part of the log lines, Gitea doesn't need to download the whole compressed file and decompress it. That means gzip cannot help here. And I did research, there aren't too many choices, like bgzip and xz, but I think zstd is the most popular one. It has an implementation in Golang with [zstd](https://github.com/klauspost/compress/tree/master/zstd) and [zstd-seekable-format-go](https://github.com/SaveTheRbtz/zstd-seekable-format-go), and what is better is that it has good compatibility: a seekable format zstd file can be read by a regular zstd reader. This PR introduces a new package `zstd` to combine and wrap the two packages, to provide a unified and easy-to-use API. And a new setting `LOG_COMPRESSION` is added to the config, although I don't see any reason why not to use compression, I think's it's a good idea to keep the default with `none` to be consistent with old versions. `LOG_COMPRESSION` takes effect for only new log files, it adds `.zst` as an extension to the file name, so Gitea can determine if it needs decompression according to the file name when reading. Old files will keep the format since it's not worth converting them, as they will be cleared after #31735. <img width="541" alt="image" src="https://github.com/user-attachments/assets/e9598764-a4e0-4b68-8c2b-f769265183c9">
* Add signature support for the RPM module (#27069)Exploding Dragon2024-08-061-1/+2
| | | | | | | | close #27031 If the rpm package does not contain a matching gpg signature, the installation will fail. See (#27031) , now auto-signing rpm uploads. This option is turned off by default for compatibility.
* Clear up old Actions logs (#31735)Jason Song2024-08-021-0/+2
| | | | | | | | | | | | | | | | | Part of #24256. Clear up old action logs to free up storage space. Users will see a message indicating that the log has been cleared if they view old tasks. <img width="1361" alt="image" src="https://github.com/user-attachments/assets/9f0f3a3a-bc5a-402f-90ca-49282d196c22"> Docs: https://gitea.com/gitea/docs/pulls/40 --------- Co-authored-by: silverwind <me@silverwind.io>
* Add option to change mail from user display name (#31528)65432024-07-141-0/+4
| | | | | | | | | | Make it posible to let mails show e.g.: `Max Musternam (via gitea.kithara.com) <gitea@kithara.com>` Docs: https://gitea.com/gitea/docs/pulls/23 --- *Sponsored by Kithara Software GmbH*
* Allow disabling authentication related user features (#31535)Rowan Bohde2024-07-091-2/+6
| | | | | | | | | | | | | | | | | | | | We have some instances that only allow using an external authentication source for authentication. In this case, users changing their email, password, or linked OpenID connections will not have any effect, and we'd like to prevent showing that to them to prevent confusion. Included in this are several changes to support this: * A new setting to disable user managed authentication credentials (email, password & OpenID connections) * A new setting to disable user managed MFA (2FA codes & WebAuthn) * Fix an issue where some templates had separate logic for determining if a feature was disabled since it didn't check the globally disabled features * Hide more user setting pages in the navbar when their settings aren't enabled --------- Co-authored-by: Kyle D <kdumontnu@gmail.com>
* Fix duplicate sub-path for avatars (#31365)wxiaoguang2024-06-151-0/+4
| | | | | | | | | | | Fix #31361, and add tests And this PR introduces an undocumented & debug-purpose-only config option: `USE_SUB_URL_PATH`. It does nothing for end users, it only helps the development of sub-path related problems. And also fix #31366 Co-authored-by: @ExplodingDragon
* Add `MAX_ROWS` option for CSV rendering (#30268)Henrique Pimentel2024-06-061-0/+3
| | | | | | | | | | | | | | | | | | | This solution implements a new config variable MAX_ROWS, which corresponds to the “Maximum allowed rows to render CSV files. (0 for no limit)” and rewrites the Render function for CSV files in markup module. Now the render function only reads the file once, having MAX_FILE_SIZE+1 as a reader limit and MAX_ROWS as a row limit. When the file is larger than MAX_FILE_SIZE or has more rows than MAX_ROWS, it only renders until the limit, and displays a user-friendly warning informing that the rendered data is not complete, in the user's language. --- Previously, when a CSV file was larger than the limit, the render function lost its function to render the code. There were also multiple reads to the file, in order to determine its size and render or pre-render. The warning: ![image](https://s3.amazonaws.com/i.snag.gy/vcKh90.jpg)
* Add option for mailer to override mail headers (#27860)65432024-06-031-0/+10
| | | | | | Add option to override headers of mails, gitea send out --- *Sponsored by Kithara Software GmbH*
* Azure blob storage support (#30995)Lunny Xiao2024-05-301-2/+47
| | | | | | | | | | | | | | | | | | | | | | | | | This PR implemented object storages(LFS/Packages/Attachments and etc.) for Azure Blob Storage. It depends on azure official golang SDK and can support both the azure blob storage cloud service and azurite mock server. Replace #25458 Fix #22527 - [x] CI Tests - [x] integration test, MSSQL integration tests will now based on azureblob - [x] unit test - [x] CLI Migrate Storage - [x] Documentation for configuration added ------ TODO (other PRs): - [ ] Improve performance of `blob download`. --------- Co-authored-by: yp05327 <576951401@qq.com>
* feat: add support for a credentials chain for minio access (#31051)Rowan Bohde2024-05-271-2/+8
| | | | | | | | | | | | | We wanted to be able to use the IAM role provided by the EC2 instance metadata in order to access S3 via the Minio configuration. To do this, a new credentials chain is added that will check the following locations for credentials when an access key is not provided. In priority order, they are: 1. MINIO_ prefixed environment variables 2. AWS_ prefixed environment variables 3. a minio credentials file 4. an aws credentials file 5. EC2 instance metadata
* Sync up deleted branches & action assets related cleanup documentation (#31022)Kemal Zebari2024-05-221-0/+11
| | | | Syncs up docs associated to actions and deleted branch cleanup i.e. in custom/app.example.ini and the config cheat sheet.
* Supports forced use of S3 virtual-hosted style (#30969)dicarne2024-05-151-0/+6
| | | | | Add a configuration item to enable S3 virtual-hosted style (V2) to solve the problem caused by some S3 service providers not supporting path style (V1).
* Don't have `redis-cluster` as possible cache/session adapter in docs (#30794)Kemal Zebari2024-05-011-7/+5
| | | | | | This is because it doesn't exist as an adapter. The `redis` adapter already handles Redis cluster configurations. Fixes #30534.
* Improve oauth2 client "preferred username field" logic and the error ↵wxiaoguang2024-04-251-2/+2
| | | | | | | | | | | | | handling (#30622) Follow #30454 And fix #24957 When using "preferred_username", if no such field, `extractUserNameFromOAuth2` (old `getUserName`) shouldn't return an error. All other USERNAME options do not return such error. And fine tune some logic and error messages, make code more stable and more friendly to end users.
* Initial support for colorblindness-friendly themes (#30625)wxiaoguang2024-04-241-1/+2
| | | | | | | Initial support for #25680 This PR only adds some simple styles from GitHub, it is big enough and it focuses on adding the necessary framework-level supports. More styles could be fine-tuned later.
* Fixup app.example.ini for task section, which is now queue.task (#30555)Jerry Jacobs2024-04-181-16/+0
| | | | | | | Config section `[task]` has been deprecated in favor of `[queue.task]` --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Allow `preferred_username` as username source for OIDC (#30454)SimonErm2024-04-161-1/+2
| | | | | | This PR adds the preferred_username claim as a possible username source for the oauth2_client. Closes #21518
* Add `[other].SHOW_FOOTER_POWERED_BY` setting to hide `Powered by` (#30253)Yakov2024-04-031-0/+2
| | | | | | | | This allows you to hide the "Powered by" text in footer via `SHOW_FOOTER_POWERED_BY` flag in configuration. --------- Co-authored-by: silverwind <me@silverwind.io>
* Add setting to disable user features when user login type is not plain (#29615)Jack Hay2024-03-291-0/+5
| | | | | | | | | ## Changes - Adds setting `EXTERNAL_USER_DISABLE_FEATURES` to disable any supported user features when login type is not plain - In general, this is necessary for SSO implementations to avoid inconsistencies between the external account management and the linked account - Adds helper functions to encourage correct use
* Remember login for a month by default (#30150)delvh2024-03-281-1/+1
| | | | | | | | | | | | | | | Previously, the default was a week. As most instances don't set the setting, this leads to a bad user experience by default. ## :warning: Breaking If your instance requires a high level of security, you may want to set `[security].LOGIN_REMEMBER_DAYS` so that logins are not valid as long. --------- Co-authored-by: Jason Song <i@wolfogre.com>
* add skip ci support for pull request title (#29774)Denys Konovalov2024-03-141-1/+1
| | | | | Extends #28075 to support [skip ci] inside PR titles. Close #29265
* Allow options to disable user ssh keys configuration from the interface on ↵Lunny Xiao2024-03-041-1/+2
| | | | | | | | | | | app.ini (#29447) Follow #29275 Extract from #20549 Fix #24716 --------- Co-authored-by: delvh <dev.lh@web.de>
* Allow options to disable user gpg keys configuration from the interface on ↵Lunny Xiao2024-03-021-1/+2
| | | | | | | | app.ini (#29486) Follow #29447 Fix #29454 Extract from #20549
* Adding back missing options to app.example.ini (#29511)Origami4042024-03-011-0/+6
| | | | | | | | | | | | | | | | In the refactoring of the configuration file #15807, some lines were accidentally deleted: DEFAULT_CLOSE_ISSUES_VIA_COMMITS_IN_ANY_BRANCH = false ENABLE_PUSH_CREATE_USER = false ENABLE_PUSH_CREATE_ORG = false Fix #29510 --------- Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Allow options to disable user deletion from the interface on app.ini (#29275)Lunny Xiao2024-02-231-0/+3
| | | | | | | | | | | | | Extract from #20549 This PR added a new option on app.ini `[admin]USER_DISABLED_FEATURES` to allow the site administrator to disable users visiting deletion user interface or allow. This options are also potentially allowed to define more features in future PRs. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add slow SQL query warning (#27545)Earl Warren2024-02-231-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Databases are one of the most important parts of Forgejo, every interaction uses the database in one way or another. Therefore, it is important to maintain the database and recognize when the server is not doing well with the database. There already is the option to log *every* SQL query along with its execution time, but monitoring becomes impractical for larger instances and takes up unnecessary storage in the logs. - Add a QoL enhancement that allows instance administrators to specify a threshold value beyond which query execution time is logged as a warning in the xorm logger. The default value is a conservative five seconds to avoid this becoming a source of spam in the logs. - The use case for this patch is that with an instance the size of Codeberg, monitoring SQL logs is not very fruitful and most of them are uninteresting. Recently, in the context of persistent deadlock issues (https://codeberg.org/forgejo/forgejo/issues/220), I have noticed that certain queries hold locks on tables like comment and issue for several seconds. This patch helps to identify which queries these are and when they happen. - Added unit test. (cherry picked from commit 9cf501f1af4cd870221cef6af489618785b71186) --------- Co-authored-by: Gusted <postmaster@gusted.xyz> Co-authored-by: Giteabot <teabot@gitea.io> Co-authored-by: 6543 <6543@obermui.de>
* Add merge style `fast-forward-only` (#28954)Chris Copeland2024-02-121-1/+1
| | | | | | | | | With this option, it is possible to require a linear commit history with the following benefits over the next best option `Rebase+fast-forward`: The original commits continue existing, with the original signatures continuing to stay valid instead of being rewritten, there is no merge commit, and reverting commits becomes easier. Closes #24906
* Fixing small space missing in sample config file (#28967)Arnaud Morin2024-01-281-1/+1
|
* Fix inconsistent naming of OAuth 2.0 `ENABLE` setting (#28951)wackbyte2024-01-281-1/+1
| | | | | | | | | | | | Renames it to `ENABLED` to be consistent with other settings and deprecates it. I believe this change is necessary because other setting groups such as `attachment`, `cors`, `mailer`, etc. have an `ENABLED` setting, but `oauth2` is the only one with an `ENABLE` setting, which could cause confusion for users. This is no longer a breaking change because `ENABLE` has been set as deprecated and as an alias to `ENABLED`.
* Retarget depending pulls when the parent branch is deleted (#28686)Viktor Kuzmin2024-01-171-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | Sometimes you need to work on a feature which depends on another (unmerged) feature. In this case, you may create a PR based on that feature instead of the main branch. Currently, such PRs will be closed without the possibility to reopen in case the parent feature is merged and its branch is deleted. Automatic target branch change make life a lot easier in such cases. Github and Bitbucket behave in such way. Example: $PR_1$: main <- feature1 $PR_2$: feature1 <- feature2 Currently, merging $PR_1$ and deleting its branch leads to $PR_2$ being closed without the possibility to reopen. This is both annoying and loses the review history when you open a new PR. With this change, $PR_2$ will change its target branch to main ($PR_2$: main <- feature2) after $PR_1$ has been merged and its branch has been deleted. This behavior is enabled by default but can be disabled. For security reasons, this target branch change will not be executed when merging PRs targeting another repo. Fixes #27062 Fixes #18408 --------- Co-authored-by: Denys Konovalov <kontakt@denyskon.de> Co-authored-by: delvh <dev.lh@web.de>
* Recommend/convert to use case-sensitive collation for MySQL/MSSQL (#28662)wxiaoguang2024-01-101-0/+2
| | | | | | | | | | | | | | | | | | Mainly for MySQL/MSSQL. It is important for Gitea to use case-sensitive database charset collation. If the database is using a case-insensitive collation, Gitea will show startup error/warning messages, and show the errors/warnings on the admin panel's Self-Check page. Make `gitea doctor convert` work for MySQL to convert the collations of database & tables & columns. * Fix #28131 ## :warning: BREAKING :warning: It is not quite breaking, but it's highly recommended to convert the database&table&column to a consistent and case-sensitive collation.
* Normalize oauth email username (#28561)Kyle D2024-01-031-0/+4
|
* Add global setting how timestamps should be rendered (#28657)Yarden Shoham2024-01-021-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | - Resolves https://github.com/go-gitea/gitea/issues/22493 - Related to https://github.com/go-gitea/gitea/issues/4520 Some admins prefer all timestamps to display the full date instead of relative time. They can do that now by setting ```ini [ui] PREFERRED_TIMESTAMP_TENSE = absolute ``` This setting is set to `mixed` by default, allowing dates to render as "5 hours ago". Here are some screenshots of the UI with this setting set to `absolute`: ![image](https://github.com/go-gitea/gitea/assets/20454870/f496457f-6afa-44be-a1e7-249ee5fe0706) ![image](https://github.com/go-gitea/gitea/assets/20454870/c03b14f5-063d-4e13-9780-76ab002d76a9) ![image](https://github.com/go-gitea/gitea/assets/20454870/f4b34e28-1546-4374-9199-c43348844edd) --------- Signed-off-by: Yarden Shoham <git@yardenshoham.com> Co-authored-by: delvh <dev.lh@web.de>
* Improve document for ARTIFACT_RETENTION_DAYS (#28646)wxiaoguang2023-12-291-1/+1
| | | Follow #28626