mirror of
1
Fork 0
Commit Graph

661 Commits

Author SHA1 Message Date
a1012112796 ae6d7860be
add cron job to delete old actions from database (#15688)
that's a way to save database storage space.

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-05-01 14:17:02 +02:00
yearski 49b28956e2
Docs: fix location for custom/options/license (#15671) 2021-04-30 16:36:28 +02:00
6543 a6bfe59b4b
Docs: renderers rst: rst2html.py -> pandoc (#15659) 2021-04-30 14:50:55 +08:00
Dong Nguyen 6ea6e2b4eb
Update config-cheat-sheet.en-us.md (#15606)
Add more guide about `PROVIDER_CONFIG` when `PROVIDER` is `db` (https://github.com/go-gitea/gitea/issues/14016)
2021-04-24 16:58:40 +02:00
Björn Heinrichs 72e0ad8000
Fix docker enviroment variable from TYPE to DB_TYPE (#15585)
As documented in https://docs.gitea.io/en-us/config-cheat-sheet/ the database type is defined using db_type not type.
2021-04-22 16:34:12 +02:00
Nathan Zook 2242f381e6
Added OpenAPI document link to usage (#15535)
* Added OpenAPI document link to usage

The OpenAPI document at /api/swagger.v1.json needs an obvious reference.  Sadly, I am English monolingual, so someone else is going to have to do the other languages.  In the mean time, this PR should help anyone looking for the file.

* Update docs/content/doc/developers/api-usage.en-us.md

Co-authored-by: a1012112796 <1012112796@qq.com>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-04-19 23:29:08 -04:00
Raphael Kruse c9cc6698d2
Fix a broken link in customizing-gitea.en-us.md (#15543) 2021-04-19 11:47:49 -04:00
Lunny Xiao ce8255fb7b
Change the chinese discuss link to discourse (#15533) 2021-04-18 19:12:16 +08:00
techknowlogick c29e85228f
frontport: 1.14.1 changelog (#15503)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-04-16 00:06:02 -04:00
Kyle D f44543a1bb
Disable Stars config option (#14653)
* Add config option to disable stars

* Replace "stars" with watched in user profile

* Add documentation
2021-04-15 18:53:57 +02:00
firesoft-de af2adb4e35
Specify relation between multiple signing options (#15496) 2021-04-15 18:06:32 +02:00
Martin Michaelis 55eb1745bd
OAuth2 auto-register (#5123)
* Refactored handleOAuth2SignIn in routers/user/auth.go

The function handleOAuth2SignIn was called twice but some code path could only
be reached by one of the invocations. Moved the unnecessary code path out of
handleOAuth2SignIn.


* Refactored user creation

There was common code to create a user and display the correct error message.
And after the creation the only user should be an admin and if enabled a
confirmation email should be sent. This common code is now abstracted into
two functions and a helper function to call both.

* Added auto-register for OAuth2 users

If enabled new OAuth2 users will be registered with their OAuth2 details.
The UserID, Name and Email fields from the gothUser are used.
Therefore the OpenID Connect provider needs additional scopes to return
the coresponding claims.

* Added error for missing fields in OAuth2 response

* Linking and auto linking on oauth2 registration

* Set default username source to nickname

* Add automatic oauth2 scopes for github and google

* Add hint to change the openid connect scopes if fields are missing

* Extend info about auto linking security risk

Co-authored-by: Viktor Kuzmin <kvaster@gmail.com>
Signed-off-by: Martin Michaelis <code@mgjm.de>
2021-04-14 14:02:12 +02:00
Lunny Xiao 66f0fd0959
Add NeedPostProcess for Parser interface to improve performance of csv render (#15153) 2021-04-13 15:06:31 +08:00
techknowlogick 26e16e4ee4
docs: rm deprecated docs regarding environment variable usage in docker image (#15405)
* docs: rm deprecated docs regarding environment variable usage in docker image

* Update docs/content/doc/installation/with-docker.en-us.md

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
2021-04-12 15:42:02 -04:00
6543 18efe9a023
Changelog v1.14.0 (#15360) (#15400)
* Changelog v1.14.0 (#15360)

* clean & merge & update v1.14.0 changelog

* backport v1.13.x changelogs

* update latest gitea version
2021-04-11 13:23:55 +08:00
silverwind 0d1a5e0ffc
Add frontend testing, require node 12 (#15315)
- Add basic frontend unit testing infrastructure using jest in ESM mode
- Rename 'make test' to 'make test-backend'
- Introduce 'make test-frontend' and 'make test' that runs both
- Bump Node.js requirement to v12. v10 will be EOL in less than a month.
- Convert all build-related JS files to ESM.

I opted to run frontend tests run as part of the compliance pipeline because
they complete fast and are not platform-specific like the golang tests.
2021-04-08 12:41:57 +02:00
6543 298d56fe8b
[Frontport] Changelog (v1.13.6, v1.13.7, v1.14.0-rc2) (#15328)
* Changelog v1.13.7 (#15319)

* Update Changelog (#15322)

* update

* next

* RC2

* Update Docs Version
2021-04-07 13:41:02 -04:00
Kyle D 8d9f191195
Update docs for bad ini syntax in noreply (#15226) 2021-03-31 17:13:46 -04:00
David Crocker 79ac7468dc
Fix documentation for the fallback mail subject (#15223)
The documentation for the [fallback mail subject](d989247bb0/services/mailer/mail_issue.go (L14-L16)) was missing `{{}}` around `.Issue.Index`.
2021-03-31 11:36:21 -04:00
KN4CK3R 0c6137617f
Add Tabular Diff for CSV files (#14661)
Implements request #14320 The rendering of CSV files does match the diff style.

* Moved CSV logic into base package.

* Added method to create a tabular diff.

* Added CSV compare context.

* Added CSV diff template.

* Use new table style in CSV markup.

* Added file size limit for CSV rendering.

* Display CSV parser errors in diff.

* Lazy read single file.

* Lazy read rows for full diff.

* Added unit tests for various CSV changes.
2021-03-29 22:44:28 +02:00
techknowlogick 5ad65c8f5d
update docs to reference 1.13.6 (#15182) 2021-03-28 11:09:01 +08:00
silverwind 1a03fa7a4f
Update JS dependencies (#15033)
* Update JS dependencies

- Update all JS dependencies
- For octicons, rename trashcan to trash
- For svgo, migrate to v2 api, output seems to have slightly changed but icons look the same
- For stylelint, update config, fix custom property duplicates
- For monaco, drop legacy Edge support
- For eslint, enable new rules, fix new issues
- For less-loader, remove deprecated import syntax

* update svgo usage in generate-images and rebuild logo.svg with it
2021-03-22 05:04:19 +01:00
Lasse Brandt Thomsen 0fe32826ed
Allow read/write to user root and only read to group git on documentation (#15041)
Co-authored-by: Lasse Brandt Thomsen <lasse@bitmand.dk>
2021-03-20 00:45:04 +01:00
Lauris BH 044cd4d016
Add reverse proxy configuration support for remote IP address (#14959)
* Add reverse proxy configuration support for remote IP address validation

* Trust all IP addresses in containerized environments by default

* Use single option to specify networks and proxy IP addresses. By default trust all loopback IPs

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-16 00:27:28 +02:00
tuxmaster5000 f268b4896b
Update comparison docs for gitlab (#14999) 2021-03-15 11:19:00 -04:00
zeripath c8e5c79cfd
Add ui.explore settings to control view of explore pages (2) (#14094)
This is an alternative PR to #13687.

Add `[ui.explore]` settings to allow restricting the
explore pages to logged in users only and to disable the users explore page.

The two proposed settings are:

- `REQUIRE_SIGNIN_VIEW`: Only allows access to the explore pages if the
user is signed in. Also restricts
  - `/api/v1/user/search`
  - `/api/v1/users/{username}`
  - `/api/v1/users/{username}/repos`
  - but does not restrict `/api/v1/users/{username}/heatmap`
- `DISABLE_USERS_PAGE`: Disables the /explore/users page

Fix #2908

Close #13687 

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-11 13:40:54 +00:00
KN4CK3R bc423a1e84
Use correct default value (#14949)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-11 00:09:30 -05:00
zeripath c03f530212
Make internal SSH server host key path configurable (#14918)
* Make SSH server host key path configurable

* make it possible to have multiple keys

* Make gitea.rsa the default key

* Add some more logging

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-08 03:43:59 +01:00
zeripath 9b261f52f0
Add SameSite setting for cookies (#14900)
Add SameSite setting for cookies and rationalise the cookie setting code. Switches SameSite to Lax by default. 

There is a possible future extension of differentiating which cookies could be set at Strict by default but that is for a future PR.

Fix #5583

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-07 08:12:43 +00:00
6543 8ac1367718
[Docs] Fix how lfs data path is set (#14855)
* fix docs: lfs data path

* DEPRECATED note

* 已废弃

* better english sentence

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-03-04 18:01:44 +01:00
6543 1d18b76e0e
Add changelog for v1.13.3 (#14877) (#14883)
* Add changelog for v1.13.3 (#14877)

Add changelog for v1.13.3

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <matti@mdranta.net>

* Update Docs

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <matti@mdranta.net>
2021-03-04 10:00:23 -05:00
techknowlogick 47f6a4ec3f
go1.16 (#14783) 2021-02-28 18:08:33 -05:00
a1012112796 2e8ce1eaed
Remove pt-pt from doc config file (#14830)
Because it not has any content now. It's not necessary to
show this link on the footer.

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-02-28 11:46:21 +01:00
Kyle D 61f347e349
Add environment-to-ini to docker image (#14762)
* Add environment-to-app.ini routine

* Call environment-to-ini in docker setup scripts

* Automatically convert section vars to lower case to match documentation

* Remove git patch instructions

* Add env variable documentation to Install Docker
2021-02-23 20:21:44 +01:00
Ikko Ashimine ca9c1f822e
[docs] Fix typo in command-line.en-us.md (#14746)
seperated -> separated

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-02-19 11:29:22 -05:00
zeripath 0a9a484e1e
Create DB session provider(based on xorm) (#13031)
* Create Xorm session provider

This PR creates a Xorm session provider which creates
the appropriate Session table for macaron/session.

Fix #7137

Signed-off-by: Andrew Thornton <art27@cantab.net>

* extraneous l

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* use key instead of ID to be compatible with go-macaron/session

Signed-off-by: Andrew Thornton <art27@cantab.net>

* And change the migration too.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update spacing of imports

Co-authored-by: 6543 <6543@obermui.de>

* Update modules/session/xorm.go

Co-authored-by: techknowlogick <matti@mdranta.net>

* add xorm provider to the virtual provider

Signed-off-by: Andrew Thornton <art27@cantab.net>

* prep for master merge

* prep for merge master

* As per @lunny

* move migration out of the way

* Move to call this db session as per @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-02-15 00:33:31 -05:00
Damien Goutte-Gattat fc4a8c2980
Allow blocking some email domains from registering an account (#14667)
Gitea allows to whitelist email domains so that only email addresses from certain domains are allowed to register an account, but does not currently allows to do the opposite: blacklisting email domains so that addresses from certain domains are *forbidden* to register an account.

The idea has been briefly mentioned in the discussion about issue #6350, but never implemented. This PR does that.

The rationale is that, in my experience of running a Gitea instance, *a single email domain* is responsible for *most* of the spam accounts, and for *all* of the spam accounts that manage to get past the email confirmation step. So on top of the other spam mitigation measures already available (email confirmation, CAPTCHA, etc.), having the option to block a particularly annoying domain would be helpful.

close #13628
2021-02-15 00:31:29 +01:00
Lunny Xiao 5e4fa7c703
Turn default hash password algorightm back to pbkdf2 from argon2 until we found a better one (#14673)
* Turn default hash password algorightm back to pbkdf2 from argon2 until we found a better one

* Add a warning on document
2021-02-13 18:03:29 +01:00
Paweł Bogusławski 7d7007dca7
Added option to disable webhooks (#13176)
* Added option to disable web hooks

This mod introduces DISABLE_WEB_HOOKS parameter in [security] section
of app.ini (by default set to false). If set to true it disables web
hooks feature. Any existing undelivered web hook tasks will be cancelled.
Any existing web hook definitions will be left untouched in db but
its delivery tasks will be ignored.

Author-Change-Id: IB#1105130

* Webhook spelling fixed

Webhook spelling fixed.

Fixes: 07df6614dc
Related: https://github.com/go-gitea/gitea/pull/13176#pullrequestreview-510868421
Author-Change-Id: IB#1105174

* Parameter description fixed

Parameter description fixed.

Fixes: 07df6614dc
Related: https://github.com/go-gitea/gitea/pull/13176#pullrequestreview-514086107
Author-Change-Id: IB#1105174
2021-02-11 12:34:34 -05:00
zeripath 98827e99f6
Add information on how to build statically (#14594)
Fix #14576

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-02-08 10:06:21 +08:00
zeripath 3477e616ab
Exclude the current dump file from the dump (#14606)
* Exclude the current dump file from the dump

Always prevent the current file from being added to the dump.

Fix #13618

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add skip custom directory option

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-02-08 09:00:12 +08:00
Howie Zhao c295a27d4a
docs: update installation with-docker zh-cn (#14554) 2021-02-03 17:12:35 +01:00
Bagas Sanjaya bd28f1d642
[Docs] Clone filters (#14555)
In summary: set uploadpack.allowfilter

Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
2021-02-03 10:11:20 -05:00
techknowlogick 9b6ff819d7
update docs to show latest stable version (1.13.2) (#14550) 2021-02-03 08:46:42 +01:00
Lunny Xiao 0cd87d64ff
Update docs and comments to remove macaron (#14491) 2021-01-29 16:35:30 +01:00
kevinlin18 0e4a9dbcb9
[docs] Add zh-tw Translations (#14507) 2021-01-29 01:57:58 +01:00
Brad Albright a598877fdf
Cron job to cleanup hook_task table (#13080)
Close **Prune hook_task Table (#10741)**

Added a cron job to delete webhook deliveries in the hook_task table. It can be turned on/off and the schedule controlled globally via app.ini. The data can be deleted by either the age of the delivery which is the default or by deleting the all but the most recent deliveries _per webhook_.

Note: I had previously submitted pr #11416  but I closed it when I realized that I had deleted per repository instead of per webhook. Also, I decided allowing the settings to be overridden via the ui was overkill. Also this version allows the deletion by age which is probably what most people would want.
2021-01-26 22:02:42 +01:00
Lunny Xiao 6433ba0ec3
Move macaron to chi (#14293)
Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR.

- [x] Define `context.ResponseWriter` interface with an implementation `context.Response`.
- [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before.
- [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic .
- [x] Use https://github.com/unrolled/render instead of macaron's internal render
- [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip
- [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK**
- [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha
- [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache
- [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding
- [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors
- [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation`
- [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle.
- [x] Removed macaron log service because it's not need any more. **BREAK**
- [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition.
- [x] Move Git HTTP protocol implementation to use routers directly.
- [x] Fix the problem that chi routes don't support trailing slash but macaron did.
- [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. 

Notices:
- Chi router don't support request with trailing slash
- Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI.

Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 16:36:53 +01:00
techknowlogick d2ea21d0d8
Use caddy's certmagic library for extensible/robust ACME handling (#14177)
* use certmagic for more extensible/robust ACME cert handling

* accept TOS based on config option

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-01-25 01:37:35 +02:00
Klaus Vink Slott 525d75c160
Add link to packages in openSUSE build service (#14439)
* Link to OpenSUSE build service
2021-01-23 15:44:00 +01:00
kolaente b672899372
Add german translation guidelines (#14283)
* Add german translation guidelines

* Add German Language to Docs

* add Translation cateory & move guidelines into it

Co-authored-by: kolaente <k@knt.li>
Co-authored-by: 6543 <6543@obermui.de>
2021-01-22 20:12:50 +01:00
6543 a0e424da85
Enhance Ghost comment mitigation Settings (#14392)
* refactor models.DeleteComment and delete related reactions too

* use deleteComment for UserDeleteWithCommentsMaxDays in DeleteUser

* nits

* Use time.Duration as other time settings have

* docs

* Resolve Fixme & fix potential deadlock

* Disabled by Default

* Update Config Value Description

* switch args

* Update models/issue_comment.go

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2021-01-21 21:56:19 -05:00
Patrick Schratz 1c230f69d9
update ssh passthrough (#14403)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-01-20 21:25:18 -05:00
Jake Howard e05670da84
Note that all template directories are relative to the `CustomPath` configuration, not a `custom` directory inside it (#14399)
* Note that all template directories are relative to the `CustomPath` configuration, not a `custom` directory inside it.

This is a minor clarification, which makes locating where the templates need to be much easier

* Note that it's possible to read the `GITEA_CUSTOM` value from the admin

* Use "$GITEA_CUSTOM" as placeholder

It's more obvious it's a variable and not a typo
2021-01-19 10:50:55 -05:00
Chester Liu 0c0445c97a
Add pager to the branches page (#14202)
* Add pager to the branches page

* override pageSize if bigger than max

* Make branches commit range configurable

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
2021-01-19 05:07:38 +01:00
Daniel Vos 185c5ae2c4
Update back-up restore example for 1.13 changes (#14374)
Signed-off-by: Daniël Vos <danielvos@outlook.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-01-18 21:05:11 -05:00
6543 21da519c0c
Implement ghost comment mitigation (#14349)
* Implement ghost comment mitigation

Adds a config option USER_DELETE_WITH_COMMENTS_MAX_DAYS to the [service] section. See https://codeberg.org/Codeberg/Discussion/issues/24 for the underlying issue.

* cleanup

* use setting module correctly

* add to docs

Co-authored-by: Moritz Marquardt <git@momar.de>
2021-01-17 21:48:38 +01:00
Jonathan Tran 81467e6f35
Display SVG files as images instead of text (#14101)
* Change to display SVG files as images

* Remove unsafe styles from SVG CSP

* Add integration test to test SVG headers

* Add config setting to disable SVG rendering

* Add test for img tag when loading SVG image

* Remove the Raw view button for svg files since we don't fully support this

* Fix copyright year

* Rename and move config setting

* Add setting to cheat sheet in docs

* Fix so that comment matches cheat sheet

* Add allowing styles in CSP based on pull request feedback

* Re-enable raw button since we show SVG styles now

* Change so that SVG files are editable

* Add UI to toggle between source and rendered image for SVGs

* Change to show blame button for SVG images

* Fix to update ctx data

* Add test for DetectContentType when file is longer than sniffLen

Co-authored-by: Jonathan Tran <jon@allspice.io>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
2021-01-12 22:45:19 -05:00
Nuno Silva db9bb1ff69
Update docs to clarify issues raised in #14272 (#14318)
- example config is not supposed to be copied
- 'persistable-channel' uses a leveldb internally
- '*CONN_STR' overrides queue DIR
2021-01-13 08:49:52 +08:00
Grace d2ee1221cc
Upgrade XORM links in documentation. (#14265)
* [en] upgrade XORM link.

* [fr] upgrade XORM link.

* [zh-cn] upgrade XORM link.

* [zh-tw] upgrade XORM link.
2021-01-06 02:25:01 -05:00
Antoine GIRARD 3d38ecb1fc
Publish docker rootless docs (#14240)
Co-authored-by: 6543 <6543@obermui.de>
2021-01-04 15:23:04 +01:00
silverwind 1bf7d71a0a
Consolidate Logos and update README header (#14136)
* Consolidate Logos and update README header

- Remove unused `logo-lg.png`, `logo-sm.png` and `logo-192.png`.
- Consolidate `favicon.svg` and `logo.svg` to just `logo.svg`.
- Remove Safari Mask icon, it seems to work fine with just `favicon.png` (no SVG support).
- Remove Fluid Icon. It only served Firefox and SVG works just fine there.
- Update customization instructions.
- Update README.md to use SVG icon, increase logo size and center it and badges.

* Update README_ZH.md

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

* Update README_ZH.md

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-01-01 14:04:35 -05:00
Johnny Oskarsson a07e67d9cc
Minimal OpenID Connect implementation (#14139)
This is "minimal" in the sense that only the Authorization Code Flow
from OpenID Connect Core is implemented.  No discovery, no configuration
endpoint, and no user scope management.

OpenID Connect is an extension to the (already implemented) OAuth 2.0
protocol, and essentially an `id_token` JWT is added to the access token
endpoint response when using the Authorization Code Flow.  I also added
support for the "nonce" field since it is required to be used in the
id_token if the client decides to include it in its initial request.

In order to enable this extension an OAuth 2.0 scope containing
"openid" is needed. Other OAuth 2.0 requests should not be impacted by
this change.

This minimal implementation is enough to enable single sign-on (SSO)
for other sites, e.g. by using something like `mod_auth_openidc` to
only allow access to a CI server if a user has logged into Gitea.

Fixes: #1310

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-02 00:33:27 +08:00
techknowlogick 9164ff7791
frontport 1.13.1 changelog (#14175)
* frontport 1.13.1 changelog

* Update config.yaml

Co-authored-by: zeripath <art27@cantab.net>
2020-12-28 19:38:44 -05:00
Daniil Pankratov 3175d08626
CLI support for OAuth sources custom icons (#14166)
Co-authored-by: Daniil Pankratov <daniil.pankratov@t-systems.com>
2020-12-28 09:39:12 +01:00
Bagas Sanjaya 25f8970b2c
[Docs] Database preparation: Clarify why database client is installed on Gitea server (#12833)
* Database preparation: Clarify why database client is installed on Gitea server

The database client program (`mysql` or `psql`) is used to test database
connection, but Gitea use Go's database driver to do the same.

Also, rename "server part" and "client part" to "server application" and
"client program" to disambiguate.

* Update docs/content/doc/installation/database-preparation.en-us.md

Co-authored-by: 6543 <6543@obermui.de>
2020-12-27 23:55:45 +08:00
Lunny Xiao dd08853b10
Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244)
* Dump github/gitlab repository data to a local directory

* Fix lint

* Adjust directory structure

* Allow migration special units

* Allow migration ignore release assets

* Fix lint

* Add restore repository

* stage the changes

* Merge

* Fix lint

* Update the interface

* Add some restore methods

* Finish restore

* Add comments

* Fix restore

* Add a token flag

* Fix bug

* Fix test

* Fix test

* Fix bug

* Fix bug

* Fix lint

* Fix restore

* refactor downloader

* fmt

* Fix bug isEnd detection on getIssues

* Refactor maxPerPage

* Remove unused codes

* Remove unused codes

* Fix bug

* Fix restore

* Fix dump

* Uploader should not depend downloader

* use release attachment name but not id

* Fix restore bug

* Fix lint

* Fix restore bug

* Add a method of DownloadFunc for base.Release to make uploader not depend on downloader

* fix Release yml marshal

* Fix trace information

* Fix bug when dump & restore

* Save relative path on yml file

* Fix bug

* Use relative path

* Update docs

* Use git service string but not int

* Recognize clone addr to service type
2020-12-27 11:34:19 +08:00
Lunny Xiao 19ae6439b0
Improve vfsgen to not unzip bindata files but send to browser directly (#7109)
* Don't unzip files from bindata but send to browser directly

* remove dependent for httpgzip

* Add tests for parseAcceptEncoding

* Update docs for ENABLE_GZIP

* Fix bug

* Fix bug

Co-authored-by: zeripath <art27@cantab.net>
2020-12-24 12:25:17 +08:00
Donlon 4d22e2423f
Fix incorrect generated link in documentation page (#14112) 2020-12-22 15:54:12 +00:00
Paweł Bogusławski 839daa85aa
Added option to disable migrations (#13114)
* Added option to disable migrations

This patch introduces DISABLE_MIGRATIONS parameter in [repository]
section of app.ini (by default set to false). If set to true
it blocks access to repository migration feature.

This mod hides also local repo import option in user editor if
local repo importing or migrations is disabled.

* Alter Example config

DISABLE_MIGRATIONS set to false in example config to
match its default value.

* HTTP error 403 instead of 500 on denied access to migration

* Parameter DISABLE_MIGRATIONS exposed via API

Fixes: 04b04cf854
Author-Change-Id: IB#1105130
2020-12-21 15:39:41 +01:00
Jiri Vlasak d7c67a9fb2
Manually approve new registration (#13083)
* Add register manual confirm settings option

The new settings option is used when manually approving new
registrations.

* Enable manual confirmation of new registered user

When manual registration confirmation is desired (by default `false`)
create new user in the database that is *not active*. The user must then
be activated manually.

This change speeds up the process of adding new confirmed users for
Gitea instances without external auth mechanism. (Currently the option
is to manually create new user by admin.)

* Update docs/content/doc/advanced/config-cheat-sheet.zh-cn.md

Co-authored-by: a1012112796 <1012112796@qq.com>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-12-19 20:31:06 -05:00
Kyle D 4cd94e3689
gitea png to logo (#13974)
* gitea png to logo.svg

* gitea safari svg to logo

* minify svgs

* Update english docs

* Update missing section on customizing logo
2020-12-18 20:17:27 -05:00
zeripath 511f6138d4
Use native git variants by default with go-git variants as build tag (#13673)
* Move last commit cache back into modules/git

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove go-git from the interface for last commit cache

Signed-off-by: Andrew Thornton <art27@cantab.net>

* move cacheref to last_commit_cache

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove go-git from routers/private/hook

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Move FindLFSFiles to pipeline

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Make no-go-git variants

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Submodule RefID

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix issue with GetCommitsInfo

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix GetLastCommitForPaths

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Improve efficiency

Signed-off-by: Andrew Thornton <art27@cantab.net>

* More efficiency

Signed-off-by: Andrew Thornton <art27@cantab.net>

* even faster

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Reduce duplication

* As per @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

* attempt to fix drone

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test-tags

Signed-off-by: Andrew Thornton <art27@cantab.net>

* default to use no-go-git variants and add gogit build tag

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @6543

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-12-17 22:00:47 +08:00
zeripath 5e09de174c
fix label of --id in admin delete user (#14005)
* fix label of --id in admin delete user

This pr fixes the label descriptor of `gitea admin delete user`
but also adds a `--username` option.

Fix #13995

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix-spacing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add delete email support

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-12-17 02:57:32 -05:00
Bo-Yi Wu c57e1f2653
docs(docker): fix diff format. (#14035)
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2020-12-17 00:00:43 -05:00
techknowlogick 88b585c2e0
Store repository data in data path if not previously set (#13991)
* Store repository data in data path if not previously set

* update docs

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-authored-by: silverwind <me@silverwind.io>

* update docs

Co-authored-by: silverwind <me@silverwind.io>
2020-12-15 16:52:59 -05:00
zeripath 980b0df829
Standardise logging of failed authentication attempts in internal SSH (#13962)
Continuing on from #13953 continue to improve and standardise
logging from internal SSH.

Also updates the fail2ban setup

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-12-15 08:45:13 +00:00
Patrick Schratz af79677a44
Reformat docs (#13897)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-12-09 07:47:06 +01:00
Eric Lesiuta abb9cffe4a
Log IP on SSH authentication failure for Built-in SSH server (#13150)
* Log IP on SSH authentication failure

fixes https://github.com/go-gitea/gitea/issues/13094

* include string 'Failed authentication attempt' in error

* update fail2ban docs

also match failed authentication over command line

* better logging of authentication errors with IP addresses

* format ...

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: 6543 <6543@obermui.de>
2020-12-08 18:54:33 +01:00
6543 6bdcacd73b
Added Table of Contents to long documentation pages (#13890)
* Redo #13836 with new shortcode
(https://gitea.com/gitea/theme/pulls/90)

* add Api Usage

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-12-07 23:52:26 -05:00
techknowlogick 9b22ada0a7
Self-host cloudron image for docs (#13895)
* Add cloudron image to docs itself

* rm cloudron csp

* Update from-package.en-us.md
2020-12-07 22:20:37 -05:00
John Olheiser a33db35b38
Fully qualify cloudron CSP (#13892)
* Wildcard cloudron

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Just use FQDN

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-12-07 16:17:27 -06:00
John Olheiser 991ab899ff
Add cloudron to img-src CSP (#13887)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-12-07 10:33:22 -06:00
techknowlogick 9c71c6c4a5
Add link to shop in docs (#13864)
Replaced link to code.gitea.io as that subdomain isn't meant for human consumption, but rather for our vanity go import URLs
Only replaced link for english, open to adding links for other languages if anyone is able/willing to add them
2020-12-05 17:34:29 -05:00
silverwind d8c2c6cd59
Remove Noto Color Emoji fallback (#13838)
It's causing browser errors logged in Firefox under certain
circumstances, and I think we're better off recommending Linux users to
install a proper emoji font into their system.
2020-12-04 16:01:47 +01:00
Holger Schmidt 51d70024c2
fixed and updated FAQ table of contents links (#13835)
* fixed and updated FAQ table of contents links, rewording one heading that wouldn't generate a working link

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-12-04 08:33:38 +01:00
Patrick Schratz c3893a8bd1
Update docker ssh passthrough docs (#13732)
* update docker ssh passthrough docs

* remove mailto:git part in SSH forwarding call

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-12-02 18:23:54 -05:00
6543 594cc4aa2a
Update Gitea Version & Fix Migration Comments (#13789)
* correct migration version comments

* update lates version in docs
2020-12-03 00:04:19 +08:00
silverwind bc455ed257
Set RUN_MODE prod by default (#13765)
I think it's a bad default to have "dev" as the default run mode which
enables debugging and now also disables HTTP caching. It's better to
just default to a value suitable for general deployments.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-30 14:52:04 -05:00
6543 b2435af9be
Add Allow-/Block-List for Migrate & Mirrors (#13610)
* add black list and white list support for migrating repositories

* fix fmt

* fix lint

* fix vendor

* fix modules.txt

* clean diff

* specify log message

* use blocklist/allowlist

* allways use lowercase to match url

* Apply allow/block

* Settings: use existing "migrations" section

* convert domains lower case

* dont store unused value

* Block private addresses for migration by default

* fix lint

* use proposed-upstream func to detect private IP addr

* a nit

* add own error for blocked migration, add tests, imprufe api

* fix test

* fix-if-localhost-is-ipv4

* rename error & error message

* rename setting options

* Apply suggestions from code review

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-28 19:37:58 -05:00
6543 e7b47c5215
Format files (#13698)
* align "make help"

* format

* untouch build/generate-svg.js

* untouch .eslintrc

* combine editorconfig's

* rm editorconfig

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-28 01:12:22 -05:00
Jesse Laprade 5b75f17043
Fixed the log path on fail2ban page (#13726)
* Changed path from /home/git/gitea/log/gitea.log to
  /var/lib/gitea/log/gitea.log on the fail2ban page, so the log matches
  the instructions found on the following binary installation page:
  https://docs.gitea.io/en-us/install-from-binary/#create-required-directory-structure
2020-11-27 20:08:23 -05:00
techknowlogick 64bd5f4c66
specific version in docker compose (#13644)
* specific version in docker compose

fix #13643

* update latest version
2020-11-19 11:36:48 -05:00
gsilvan 76cdf3b7af
Docs: Installation from package (#13607)
* add Arch Linux

* add Arch Linux ARM

* remove Debian

There is no package in any of Debian's official repositories as of 17.11.2020 17:55 UTC.

* shrink Alpine Linux

* Update docs/content/doc/installation/from-package.en-us.md

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <matti@mdranta.net>
2020-11-18 01:51:22 +02:00
silverwind 0615b668dc
HTTP cache rework and enable caching for storage assets (#13569)
This enabled HTTP time-based cache for storage assets, primarily
avatars. I have not observed If-Modified-Since from browsers during
tests but I guess it's good to support regardless.

It introduces a new generic httpcache module that can handle both
time-based and etag-based caching.

Additionally, manifest.json and robots.txt are now also cachable.
2020-11-17 17:44:52 -05:00
Cacciuc a31a6e3996
proper signature validation (#13523)
$header_signature could be a typed float (start with 0e and then only numbers) and a float does equal a string when comparing with typed juggle.
eg: 0e123 != "abc" does return false, but 0e123 !== "abc" returns true.

you previously could circumvent the signature check when providing a header signature in the float format (0e...)

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-11-13 13:28:15 -05:00
Simon Legner 1213301b50
docs(comparison): GitHub Actions (#13474)
https://github.com/features/actions
2020-11-08 17:35:28 -05:00
techknowlogick 8a7101fdd3
Add note about installation on kubernetes to docs (#13469)
Co-authored-by: zeripath <art27@cantab.net>
2020-11-08 15:50:40 -05:00
Antoine GIRARD fe458ce877
docker: rootless image (#10154)
* docker: rootless image

* improve docs + remove check for write perm on custom

* add more info on ssh passtrough

* Add comment for internal ssh server in container config
2020-10-31 20:58:22 -04:00
zeripath dd12384f22
Fix --port setting (#13288)
* Fix --port setting

Unfortunately there was an error in #13195 which set the --port
option before the settings were read. This PR fixes this by
moving applying this option to after the the settings are read

However, on looking further into this code I believe that the setPort
code was slightly odd.

Firstly, it may make sense to run the install page on a different
temporary port to the full system and this should be possible with
a --install-port option.

Secondy, if the --port option is provided we should apply it to both
otherwise there will be unusual behaviour on graceful restart

Thirdly, the documentation for --port says that the setting is
temporary - it should therefore not save its result to the configuration

(This however, does mean that authorized_keys and internal links may
not be correct. - I think we need to discuss this option further.)

Fix #13277

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update cmd/web.go

* Apply suggestions from code review

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-30 15:26:03 -04:00