summaryrefslogtreecommitdiffstats
path: root/modules/setting/setting.go
Commit message (Collapse)AuthorAgeFilesLines
* Allow HOST has no port (#22280) (#22409)Lunny Xiao2023-01-121-2/+2
| | | | | | | Fix #22274 Backport #22280 This PR will allow `HOST` without port. Then a default port will be given in future steps.
* Add more test directory to exclude dir of air, remove watching templates ↵Lunny Xiao2022-12-291-1/+4
| | | | | | | | | | | | | | | | | | from air include dir because gitea has internal mechanism (#22246) (#22247) backport #22246 Since #20218 introduced internal watching template, template watching should be removed from `air`. This will prevent restart the whole server once the template files changed to speed up developing when using `make watch`. To ensure `make watch` will reuse template watching, this PR introduced a new ENV `GITEA_RUN_MODE` to make sure `make watch` will always run in a dev mode of Gitea so that template watching will open. This PR also added more exclude testdata directories. Co-authored-by: 6543 <6543@obermui.de>
* Make gitea work using cmd.exe again (#22073) (#22133)zeripath2022-12-141-0/+7
| | | | | | | | | | | | | | Backport #22073 Gitea will attempt to lookup its location using LookPath however, this fails on cmd.exe if gitea is in the current working directory. exec.LookPath will return an exec.ErrDot error which we can test for and then simply using filepath.Abs(os.Args[0]) to absolute gitea against the current working directory. Fix #22063 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Correct the fallbacks for mailer configuration (#21945) (#21953)zeripath2022-11-271-1/+1
| | | | | | | | | | | | | | | | | Backport #21945 Unfortunately the fallback configuration code for [mailer] that were added in #18982 are incorrect. When you read a value from an ini section that key is added. This leads to a failure of the fallback mechanism. Further there is also a spelling mistake in the startTLS configuration. This PR restructures the mailer code to first map the deprecated settings on to the new ones - and then use ini.MapTo to map those on to the struct with additional validation as necessary. Ref #21744 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix token generation when using INTERNAL_TOKEN_URI (#21669) (#21670)wxiaoguang2022-11-031-1/+11
| | | | | | | | | | | | Backport #21669 Fix https://github.com/go-gitea/gitea/issues/21666 Caused by https://github.com/go-gitea/gitea/pull/19663 Before: when install, the INTERNAL_TOKEN was always generated and saved. But the internal token may be already there by INTERNAL_TOKEN_URI After: INTERNAL_TOKEN_URI file must be non-empty. When install, skip internal token generation if the token exists.
* Revert: auto generate INTERNAL_TOKEN (#21608) (#21609)wxiaoguang2022-10-271-0/+19
| | | | | | | | Backport #21608 Follow #19663 Some users do cluster deployment, they still depend on this auto-generating behavior.
* Add system setting table with cache and also add cache supports for user ↵Lunny Xiao2022-10-171-0/+7
| | | | setting (#18058)
* Add generic set type (#21408)KN4CK3R2022-10-121-3/+4
| | | | | This PR adds a generic set type to get rid of maps used as sets. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663)Clar Fon2022-10-021-42/+32
| | | | | | Only load SECRET_KEY and INTERNAL_TOKEN if they exist. Never write the config file if the keys do not exist, which was only a fallback for Gitea upgraded from < 1.5 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add KaTeX rendering to Markdown. (#20571)zeripath2022-09-141-0/+2
| | | | | | | | | | | | | | | | | | | | This PR adds mathematical rendering with KaTeX. The first step is to add a Goldmark extension that detects the latex (and tex) mathematics delimiters. The second step to make this extension only run if math support is enabled. The second step is to then add KaTeX CSS and JS to the head which will load after the dom is rendered. Fix #3445 Signed-off-by: Andrew Thornton <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Only show relevant repositories on explore page (#19361)Gusted2022-08-251-0/+2
| | | | | | | Adds a new option to only show relevant repo's on the explore page, for bigger Gitea instances like Codeberg this is a nice option to enable to make the explore page more populated with unique and "high" quality repo's. A note is shown that the results are filtered and have the possibility to see the unfiltered results. Co-authored-by: vednoc <vednoc@protonmail.com> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de>
* Enable contenthash in filename for dynamic assets (#20813)silverwind2022-08-231-0/+3
| | | | | This should solve the main problem of dynamic assets getting stale after a version upgrade. Everything not affected will use query-string based cache busting, which includes files loaded via HTML or worker scripts.
* Support Proxy protocol (#12527)zeripath2022-08-211-34/+48
| | | | | | | | | This PR adds functionality to allow Gitea to sit behind an HAProxy and HAProxy protocolled connections directly. Fix #7508 Signed-off-by: Andrew Thornton <art27@cantab.net>
* auth/reverseproxy: Add support for full name (#20776)Will Norris2022-08-161-0/+2
| | | | | | | | | | | | This adds support for getting the user's full name from the reverse proxy in addition to username and email. Tested locally with caddy serving as reverse proxy with Tailscale authentication. Signed-off-by: Will Norris <will@tailscale.com> Signed-off-by: Will Norris <will@tailscale.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add support mCaptcha as captcha provider (#20458)Gusted2022-08-101-0/+1
| | | | | https://mcaptcha.org/ Co-authored-by: Felipe Leopoldo Sologuren Gutiérrez <fsologureng@users.noreply.github.com>
* Increase default item listing size `ISSUE_PAGING_NUM` to 20 (#20547)Norwin2022-08-061-2/+2
| | | | | | | | * increase default page sizes to 20 * adjust docs to reflect that the setting is used all over the place * fix tests Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Refactor SSH init code, fix directory creation for TrustedUserCAKeys file ↵wxiaoguang2022-07-101-17/+4
| | | | | | | | | | | | | | | | (#20299) * Refactor SSH init code, fix directory creation for TrustedUserCAKeys file * Update modules/ssh/init.go Co-authored-by: zeripath <art27@cantab.net> * fix lint copyright * Update modules/ssh/init.go Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Do not create empty ".ssh" directory when loading config (#20289)wxiaoguang2022-07-091-3/+1
| | | | | | Creating the directory automatically is not correct. In other places for ssh key writing (RewriteAllPrincipalKeys / appendAuthorizedKeysToFile, etc), the directory will still be created when updating the keys. This PR will resolve the confusing and annoying problem: the dummy and empty ".ssh" directory in new git home.
* Allow RSA 2047 bit keys (#20272)zeripath2022-07-061-1/+1
| | | | | | | | | Unfortunately it appears that 2048 bit RSA keys can occasionally be created in such a way that they appear to have 2047 bit length. This PR simply changes our defaults to allow these. Fix #20249 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove U2F support (#20141)Gusted2022-06-261-15/+0
| | | | | | - Completely remove U2F support from 1.18.0, 1.17.0 will be the last release that U2F is somewhat supported. Users who used U2F would already be warned about using U2F for a while now and should hopefully already be migrated. But starting 1.18 definitely remove it.
* Add sitemap support (#18407)Daniil Gentili2022-06-251-0/+2
|
* Make AppDataPath absolute against the AppWorkPath if it is not (#19815)zeripath2022-06-061-0/+16
| | | | | | | | | | | | | | | | | | | | | | | * Make AppDataPath absolute against the AppWorkPath if it is not There are multiple repeated issues whereby a non-absolute provided APP_DATA_PATH causes strange issues. This PR simply absolutes the APP_DATA_PATH against the AppWorkPath if its not so. It also ensures that AppWorkPath is also always absolute. Ref #19367 Signed-off-by: Andrew Thornton <art27@cantab.net> * Add logging Signed-off-by: Andrew Thornton <art27@cantab.net> * absolute workpath against pwd instead of app path first Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Allow custom redirect for landing page (#19324)techknowlogick2022-04-051-2/+7
| | | | | | | | | | | | | * Allow custom redirect for landing page * Update modules/setting/setting.go Co-authored-by: delvh <dev.lh@web.de> * fix lint * one option Co-authored-by: delvh <dev.lh@web.de>
* Refactor legacy `unknwon/com` package, improve golangci lint (#19284)wxiaoguang2022-04-011-2/+1
| | | | | | | | The main purpose is to refactor the legacy `unknwon/com` package. 1. Remove most imports of `unknwon/com`, only `util/legacy.go` imports the legacy `unknwon/com` 2. Use golangci's depguard to process denied packages 3. Fix some incorrect values in golangci.yml, eg, the version should be quoted string `"1.18"` 4. Use correctly escaped content for `go-import` and `go-source` meta tags 5. Refactor `com.Expand` to our stable (and the same fast) `vars.Expand`, our `vars.Expand` can still return partially rendered content even if the template is not good (eg: key mistach).
* Add Package Registry (#16510)KN4CK3R2022-03-301-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added package store settings. * Added models. * Added generic package registry. * Added tests. * Added NuGet package registry. * Moved service index to api file. * Added NPM package registry. * Added Maven package registry. * Added PyPI package registry. * Summary is deprecated. * Changed npm name. * Sanitize project url. * Allow only scoped packages. * Added user interface. * Changed method name. * Added missing migration file. * Set page info. * Added documentation. * Added documentation links. * Fixed wrong error message. * Lint template files. * Fixed merge errors. * Fixed unit test storage path. * Switch to json module. * Added suggestions. * Added package webhook. * Add package api. * Fixed swagger file. * Fixed enum and comments. * Fixed NuGet pagination. * Print test names. * Added api tests. * Fixed access level. * Fix User unmarshal. * Added RubyGems package registry. * Fix lint. * Implemented io.Writer. * Added support for sha256/sha512 checksum files. * Improved maven-metadata.xml support. * Added support for symbol package uploads. * Added tests. * Added overview docs. * Added npm dependencies and keywords. * Added no-packages information. * Display file size. * Display asset count. * Fixed filter alignment. * Added package icons. * Formatted instructions. * Allow anonymous package downloads. * Fixed comments. * Fixed postgres test. * Moved file. * Moved models to models/packages. * Use correct error response format per client. * Use simpler search form. * Fixed IsProd. * Restructured data model. * Prevent empty filename. * Fix swagger. * Implemented user/org registry. * Implemented UI. * Use GetUserByIDCtx. * Use table for dependencies. * make svg * Added support for unscoped npm packages. * Add support for npm dist tags. * Added tests for npm tags. * Unlink packages if repository gets deleted. * Prevent user/org delete if a packages exist. * Use package unlink in repository service. * Added support for composer packages. * Restructured package docs. * Added missing tests. * Fixed generic content page. * Fixed docs. * Fixed swagger. * Added missing type. * Fixed ambiguous column. * Organize content store by sha256 hash. * Added admin package management. * Added support for sorting. * Add support for multiple identical versions/files. * Added missing repository unlink. * Added file properties. * make fmt * lint * Added Conan package registry. * Updated docs. * Unify package names. * Added swagger enum. * Use longer TEXT column type. * Removed version composite key. * Merged package and container registry. * Removed index. * Use dedicated package router. * Moved files to new location. * Updated docs. * Fixed JOIN order. * Fixed GROUP BY statement. * Fixed GROUP BY #2. * Added symbol server support. * Added more tests. * Set NOT NULL. * Added setting to disable package registries. * Moved auth into service. * refactor * Use ctx everywhere. * Added package cleanup task. * Changed packages path. * Added container registry. * Refactoring * Updated comparison. * Fix swagger. * Fixed table order. * Use token auth for npm routes. * Enabled ReverseProxy auth. * Added packages link for orgs. * Fixed anonymous org access. * Enable copy button for setup instructions. * Merge error * Added suggestions. * Fixed merge. * Handle "generic". * Added link for TODO. * Added suggestions. * Changed temporary buffer filename. * Added suggestions. * Apply suggestions from code review Co-authored-by: Thomas Boerger <thomas@webhippie.de> * Update docs/content/doc/packages/nuget.en-us.md Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Thomas Boerger <thomas@webhippie.de>
* Provide configuration to allow camo-media proxying (#12802)zeripath2022-03-291-0/+15
| | | | | | | | | * Provide configuration to allow camo-media proxying Fix #916 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Ensure that setting.LocalURL always has a trailing slash (#19171)zeripath2022-03-221-1/+4
| | | | | Fix #19166 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update golang.org/x/crypto (#19097)Gusted2022-03-161-1/+1
| | | | | | | | | | | | | | | | | | | | * Update golang.org/x/crypto - Update dependency to include fix for CVE. - See https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ?utm_medium=email&utm_source=footer * Fix deprecation notice * Remove workaround - Introduced in https://github.com/go-gitea/gitea/pull/17281 - Fixed in x/crypto: - https://github.com/golang/crypto/commit/5d542ad81a58c89581d596f49d0ba5d435481bcf - & https://github.com/golang/crypto/commit/3147a52a75dda54ac3a611ef8978640d85188a2a * Update Kex Algorithms - Use standardized name for curve22519-sha256. https://github.com/golang/crypto/commit/9b076918e3c7e908b2bdea932f272a9979f2488a - Prefer SHA256 version over SHA1 version. https://github.com/golang/crypto/commit/e4b3678e5f38521e67eba223ddd1902ceb3a303c
* Disable service worker by default (#18914)silverwind2022-02-261-1/+1
| | | | | | | | The service worker causes a lot of issues with JS errors after instance upgrades while not bringing any real performance gain over regular HTTP caching. Disable it by default for this reason. Maybe later we can remove it completely, as I simply see no benefit in having it.
* Update SSH Server crypto settings (#18697)Gusted2022-02-101-3/+3
| | | | - Use a better and more curated list of Ciphers and KeyExchanges, these roughly follows OpenSSH's default. - Remove some cryptography values which were deprecated.
* Prevent security failure due to bad APP_ID (#18678)zeripath2022-02-091-2/+5
| | | | | | | | | | | WebAuthn may cause a security exception if the provided APP_ID is not allowed for the current origin. Therefore we should reattempt authentication without the appid extension. Also we should allow [u2f] as-well as [U2F] sections. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Support custom ACME provider (#18340)Cristian Le2022-02-081-22/+52
| | | | | | * Added ACMECAURL option to support custom ACME provider. Closes #18306 * Refactor setting.go https settings, renamed options and variables, and documented app.example.ini * Refactored runLetsEncrypt to runACME * Improved documentation
* Only request write when necessary (#18657)Gusted2022-02-081-11/+4
| | | | | | | | | | | | | | | | | * Only request write when necessary - Only request write for `INTERNAL_TOKEN_URI` when no token was found. - Resolves #18655 * Fix perm * Update setting.go * Update setting.go * Update setting.go Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
* Add separate SSH_USER config option (#17584)Clar Fon2022-02-071-0/+2
| | | Co-authored-by: zeripath <art27@cantab.net>
* format with gofumpt (#18184)65432022-01-201-6/+5
| | | | | | | | | | | * gofumpt -w -l . * gofumpt -w -l -extra . * Add linter * manual fix * change make fmt
* Enable deprecation error for v1.17.0 (#18341)Gusted2022-01-201-0/+11
| | | Co-authored-by: Andrew Thornton <art27@cantab.net>
* Refactor Router Logger (#17308)wxiaoguang2022-01-201-5/+5
| | | | | | Make router logger more friendly, show the related function name/file/line. [BREAKING] This PR substantially changes the logging format of the router logger. If you use this logging for monitoring e.g. fail2ban you will need to update this to match the new format.
* Support webauthn (#17957)Lunny Xiao2022-01-141-7/+4
| | | | | | | Migrate from U2F to Webauthn Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Simplify parameter types (#18006)Gusted2021-12-201-2/+2
| | | Remove repeated type declarations in function definitions.
* allways set a message-id on mails (#17900)Garionion2021-12-081-5/+11
| | | | | | | * allways set a message-id on mails * Add unit tests for mailer & Message-ID Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Replace "unix" by "http+unix" for PROTOCOL (#17771)mscherer2021-12-051-19/+18
|
* Improve install code to avoid low-level mistakes. (#17779)wxiaoguang2021-12-011-43/+45
| | | | | | | | | | | | | | * Improve install code to avoid low-level mistakes. If a user tries to do a re-install in a Gitea database, they gets a warning and double check. When Gitea runs, it never create empty app.ini automatically. Also some small (related) refactoring: * Refactor db.InitEngine related logic make it more clean (especially for the install code) * Move some i18n strings out from setting.go to make the setting.go can be easily maintained. * Show errors in CLI code if an incorrect app.ini is used. * APP_DATA_PATH is created when installing, and checked when starting (no empty directory is created any more).
* Handle relative unix socket paths (#17836)zeripath2021-11-271-3/+10
| | | | | | | | | | | | Make relative unix sockets absolute by making them absolute against the AppWorkPath Fix #17833 ## :warning: BREAKING :warning: Prior to this PR relative unix sockets would have been asserted to be relative to the current working directory that gitea, gitea serv, hook and manager etc were running in. Hooks and Serv would have failed to work properly under this situation so we expect that although this is a technically breaking change the previous situation was already broken. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Make SSL cipher suite configurable (#17440)zeripath2021-11-201-0/+8
|
* Sync gitea app path for git hooks and authorized keys when starting (#17335)wxiaoguang2021-10-211-0/+12
| | | | | | | | | | | Gitea writes its own AppPath into git hook scripts. If Gitea's AppPath changes, then the git push will fail. This PR: * Introduce an AppState module, it can persist app states into database * During GlobalInit, Gitea will check if the current AppPath is the same as last one. If they don't match, Gitea will sync git hooks. * Refactor some code to make them more clear. * Also, "Detect if gitea binary's name changed" #11341 is related, we call models.RewriteAllPublicKeys to update ssh authorized_keys file
* Use a variable but a function for IsProd because of a slight performance ↵Lunny Xiao2021-10-201-5/+2
| | | | increment (#17368)
* Add protection to disable Gitea when run as root (#17168)techknowlogick2021-10-071-0/+12
| | | | Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de>
* Add metrics to get issues by repository (#17225)Romain2021-10-051-6/+8
|
* Add metrics to get issues by label (#17201)Romain2021-10-031-4/+6
| | | | | | | | | | | | | | | | | | | | | * Add metrics to get issues by label * Add comment on IssueByLabelCount * Code review - Unify "AS" in SQL (#17201) * Code review - Remove useless join (#17201) * Code review - Disable issue_by_label by default in settings (#17201) * use e * restore empty line * update docs Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add nodeinfo endpoint for federation purposes (#16953)techknowlogick2021-09-281-0/+1
| | | | | | | | | | | | | | | | Nodeinfo is a way to expose certain metadata about a server for use of discovery regarding functionality of its federation capabilities. Two endpoints are required: 1. `/.well-known/nodeinfo` which informs client where it can find the location of the location of its metadata (including which version of the schema is used) 2. the endpoint which exposes the metadata in json format according to schema. Notes: * `openRegistrations` is a required field, but I propose to set to false as default in case someone writes a crawler to discover "open" gitea instances * to limit data leakage I also propose to not include the `usage` field (note it is required so it should be included, but left as empty). More info: https://github.com/jhass/nodeinfo https://github.com/jhass/nodeinfo/tree/main/schemas/2.1 http://nodeinfo.diaspora.software/protocol.html
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 04:38:19 +0000