| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
German Federal Office for Information Security requests in its technical
guideline BSI TR-02102-1 RSA Keylength not shorter than 3000bits
starting 2024, in the year 2023 3000bits as a recommendation. Gitea
should request longer RSA Keys by default in favor of security and drop
old clients which do not support longer keys.
https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=9
- Page 19, Table 1.2
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Set the correct permissions on the .ssh directory and authorized_keys
file, or sshd will refuse to use them and lead to clone/push/pull
failures.
It could happen when users have copied their data to a new volume and
changed the file permission by accident, and it would be very hard to
troubleshoot unless users know how to check the logs of sshd which is
started by s6.
Co-authored-by: Giteabot <teabot@gitea.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since OpenSSH 7.0 and greater similarly disable the ssh-dss (DSA) public
key algorithm, and recommend against its use.
http://www.openssh.com/legacy.html
## :warning: BREAKING :warning:
This patch will remove DSA host key form OpenSSH daemon configuration
file.
Signed-off-by: baronbunny <its@baronbunny.cn>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
| |
|
| |
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
| |
Introduce a new environment variable: SSH_LOG_LEVEL
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Too many docker users are caught out by the default location for the
app.ini file being environment dependent so that when they docker exec
into the container the gitea commands do not work properly and require
additional -c arguments to correctly pick up the configuration.
This PR simply shadows the gitea binary using variants of the FHS
compatible script to make the command gitea have the default locations
by default.
Fix #14468
Reference #17497
Reference #12082
Reference #8941
... amongst others ...
Replace #17501
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
|
| |
* Fix various doc, user-facing, and source comment typos
Found via `codespell -q 3 -S ./options/locale,./vendor -L ba,pullrequest,pullrequests,readby`
|
| |
|
|
|
|
|
|
|
|
| |
Unforunately #16009 makes these settings mandatory. This PR uses the same technique
as used for the certificates to make these settings non-mandatory.
Fix #16044
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A common bug report is the otherwise harmless sshd logging:
```
Could not load host certificate "/data/ssh/ssh_host_ed25519_cert": No such file or directory
```
This PR simply checks if these files exist before creation of sshd_config and if
they do not exist, doesn't add a reference to them.
Fix #14110 amongst others.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
|
| |
|
|
|
|
|
|
|
|
|
| |
* Add environment-to-app.ini routine
* Call environment-to-ini in docker setup scripts
* Automatically convert section vars to lower case to match documentation
* Remove git patch instructions
* Add env variable documentation to Install Docker
|
| |
|
|
|
|
|
| |
I think it's a bad default to have "dev" as the default run mode which
enables debugging and now also disables HTTP caching. It's better to
just default to a value suitable for general deployments.
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* align "make help"
* format
* untouch build/generate-svg.js
* untouch .eslintrc
* combine editorconfig's
* rm editorconfig
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
|
|
|
|
|
| |
In the /install form, the value for SSH Server Domain is taken form the DOMAIN variable
and overwrites SSH_DOMAIN environment variable set the first time if nothing done
Co-authored-by: Adrian POIGET <adrian.poiget@viveris.fr>
|
| |
|
|
|
|
|
|
| |
* fix: ask s6 to stop all service when gitea stop
https://github.com/just-containers/s6-overlay#writing-an-optional-finish-script
* change service folder
|
| | |
|
| |
|
| |
Signed-off-by: leigh capili <leigh@null.net>
|
| |
|
|
|
|
|
|
|
| |
config (#7286)
* - rearrange the templates to make it more logical because now ssh_config is a template
- implemented the updating of the port to the same as the port sent to the gitea config
* change the filename back
|
| | |
|
| | |
|
| |
|
