mirror of
1
Fork 0
Commit Graph

23 Commits

Author SHA1 Message Date
Earl Warren 49529badce
[CI] DEFAULT_ACTIONS_URL = https://codeberg.org
[CI] Revert "Restrict `[actions].DEFAULT_ACTIONS_URL` to only `github` or `self` (#25581)"

This reverts commit 67bd9d4f1e.

(cherry picked from commit 0547e94023)
(cherry picked from commit d21ad654ad)
(cherry picked from commit b905e9d838)
(cherry picked from commit 251a5bf235b1723bc2bc324f9e8c03a8668bb5ae)
(cherry picked from commit b370e47694)
(cherry picked from commit 2cc28d0785)
(cherry picked from commit ed870a39e9)
(cherry picked from commit 7bb0c4654e)
(cherry picked from commit bab1f552c3)

Conflicts:
	custom/conf/app.example.ini
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1413

[CI] DEFAULT_ACTIONS_URL = https://codeberg.org

(cherry picked from commit 52b364ddbd)
(cherry picked from commit 99887cd567)
(cherry picked from commit cd5788782a)
(cherry picked from commit 71c698a704)
(cherry picked from commit 71386241dd)
(cherry picked from commit b7ab05aeac)
(cherry picked from commit e78b9ca59c)
(cherry picked from commit edb3adf460)
(cherry picked from commit 3e40088197)

[BRANDING] DEFAULT_ACTIONS_URL = https://code.forgejo.org

(cherry picked from commit d0e4512c90)
(cherry picked from commit 8ba6e04709)
(cherry picked from commit 6349081044)
(cherry picked from commit e06bd44495)
(cherry picked from commit d58219d8e1)
(cherry picked from commit 052f2c2aa4)
(cherry picked from commit 29dc395386)
(cherry picked from commit 9eef3f59f3)
(cherry picked from commit d650391fed)
(cherry picked from commit c2e6e8c55d)
(cherry picked from commit e28a47741d)

[CI] DEFAULT_ACTIONS_URL support for self & github (squash)

Refs: https://codeberg.org/forgejo/forgejo/issues/1062
(cherry picked from commit 74cc25376e)
(cherry picked from commit 405430708f)
(cherry picked from commit 0274a6dee7f383bcd6b65b995b991b5ab0ee635a)
(cherry picked from commit be5cda0fd0)
(cherry picked from commit d27474849f)
(cherry picked from commit 4a5e9e2d81)
(cherry picked from commit 65b31906b2)
(cherry picked from commit 13cf0b0963)

Conflicts:
	custom/conf/app.example.ini
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1413
2023-09-11 15:06:42 +02:00
wxiaoguang 998cea5888
Use secure cookie for HTTPS sites (#26999)
If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's
default value should be true.

And, if a user visits an "http" site with "https" AppURL, they won't be
able to login, and they should have been warned. The only problem is
that the "language" can't be set either in such case, while I think it
is not a serious problem, and it could be fixed easily if needed.

![image](https://github.com/go-gitea/gitea/assets/2114189/7bc9a859-dcc1-467d-bc7c-1dd6a10389e3)
2023-09-11 17:03:51 +08:00
Infinoid de68953bac
Correct the database.LOG_SQL default value in config cheat sheet (#26997)
The default is false, fix the docs to reflect that.

Fixes: #26989
2023-09-10 15:45:06 +00:00
Lunny Xiao e97e883ad5
Add reverseproxy auth for API back with default disabled (#26703)
This feature was removed by #22219 to avoid possible CSRF attack.

This PR takes reverseproxy auth for API back but with default disabled.

To prevent possbile CSRF attack, the responsibility will be the
reverseproxy but not Gitea itself.

For those want to enable this `ENABLE_REVERSE_PROXY_AUTHENTICATION_API`,
they should know what they are doing.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-07 08:31:46 +00:00
silverwind e596806217
Update nginx recommendations (#26924)
- `Connection` and `Upgrade` [needed for
websockets](https://www.nginx.com/blog/websocket-nginx/)
- ~~`X-Real-IP` unnecessary and duplicate with `X-Forwarded-For`. [chi
checks both
headers](https://github.com/go-chi/chi/blob/master/middleware/realip.go),
but XFF is definitely the more "standard" one.~~
2023-09-06 17:49:45 +00:00
FuXiaoHei 460a2b0edf
Artifacts retention and auto clean up (#26131)
Currently, Artifact does not have an expiration and automatic cleanup
mechanism, and this feature needs to be added. It contains the following
key points:

- [x] add global artifact retention days option in config file. Default
value is 90 days.
- [x] add cron task to clean up expired artifacts. It should run once a
day.
- [x] support custom retention period from `retention-days: 5` in
`upload-artifact@v3`.
- [x] artifacts link in actions view should be non-clickable text when
expired.
2023-09-06 07:41:06 +00:00
JonRB 1859c5b636
Update backup instructions to align with archive structure (#26902)
Signed-off-by: JonRB <jon.roadleybattin@gmail.com>
fixes https://github.com/go-gitea/gitea/issues/25878
2023-09-05 09:26:12 +08:00
Lunny Xiao 1bfb3f78f6
Update documents to fix some links (#26885) 2023-09-03 18:45:20 +00:00
JonRB 99a5595408
clarify aspects of the dump command (#26887)
clarify aspects of the dump command

Possibly closes #26862

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-09-03 14:44:01 -04:00
CaiCandong 7477c93d62
Update docs about attachment path (#26883)
This change was caused by #26271, for configuration as below:
```
[attachment]
ENABLE = true
PATH = data/attachments
MAX_SIZE = 100
MAX_FILES = 5
```
Before #26271, the resolved path is ${AppWorkPath}/${attachments.PATH}
(such as `/var/lib/gitea/data/attachments`)
After #26271, the resolved path is ${AppDataPath}/${attachments.PATH}
(such as `/var/lib/gitea/data/data/attachments`)


Fix  https://github.com/go-gitea/gitea/issues/26864
Follow https://github.com/go-gitea/gitea/pull/26271
2023-09-03 11:40:10 +02:00
mainboarder c533991519
Expanded minimum RSA Keylength to 3072 (#26604)
German Federal Office for Information Security requests in its technical
guideline BSI TR-02102-1 RSA Keylength not shorter than 3000bits
starting 2024, in the year 2023 3000bits as a recommendation. Gitea
should request longer RSA Keys by default in favor of security and drop
old clients which do not support longer keys.


https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=9
- Page 19, Table 1.2

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-28 00:53:16 +00:00
Lunny Xiao 476b9d1589
Use docs.gitea.com instead of docs.gitea.io (#26739) 2023-08-27 11:59:12 +00:00
techknowlogick b3f7137174
Update minimum password length requirements (#25946) 2023-08-21 19:27:50 +00:00
lonix1 8f936488f7
docs: template variables (#26547)
Explanation for using gitea's variables in `.tmpl` files.

Thanks to @wxiaoguang for advising me on
[discord](https://discord.com/channels/322538954119184384/561007778139734027/1141217820441587722).
2023-08-19 00:24:27 +00:00
CaiCandong db7b0a1a4e
Update zh-cn documentation (#26406) 2023-08-14 01:35:49 -04:00
delvh e10ba5e5e0
Rename `Sync2` -> `Sync` (#26479)
The xorm `Sync2` has already been deprecated in favor of `Sync`,
so let's do the same inside the Gitea codebase.

Command used to replace everything:
```sh
for i in $(ag Sync2 --files-with-matches); do vim $i -c ':%sno/Sync2/Sync/g' -c ':wq'; done
```
2023-08-13 21:17:21 +02:00
Denys Konovalov 63ab92d797
Pre-register OAuth2 applications for git credential helpers (#26291)
This PR is an extended implementation of #25189 and builds upon the
proposal by @hickford in #25653, utilizing some ideas proposed
internally by @wxiaoguang.

Mainly, this PR consists of a mechanism to pre-register OAuth2
applications on startup, which can be enabled or disabled by modifying
the `[oauth2].DEFAULT_APPLICATIONS` parameter in app.ini. The OAuth2
applications registered this way are being marked as "locked" and
neither be deleted nor edited over UI to prevent confusing/unexpected
behavior. Instead, they're being removed if no longer enabled in config.


![grafik](https://github.com/go-gitea/gitea/assets/47871822/81a78b1c-4b68-40a7-9e99-c272ebb8f62e)

The implemented mechanism can also be used to pre-register other OAuth2
applications in the future, if wanted.

Co-authored-by: hickford <mirth.hickford@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

---------

Co-authored-by: M Hickford <mirth.hickford@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-09 14:24:07 +02:00
Bård Aase 8ba54a2e16
Update Gmail example (#26302)
The `IS_TLS_ENABLED` option in the `mailer` section is deprecated. This
is specified by setting `PROTOCOL=smtps`
2023-08-03 18:20:40 +08:00
wxiaoguang 54c28fddd8
Clarify the logger's MODE config option (#26267)
1. Fix the wrong document (add the missing `MODE=`)
2. Add a more friendly log message to tell users to add `MODE=` in their
config

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-01 18:28:23 +00:00
Panagiotis "Ivory" Vasilopoulos d58c542579
Add 'Show on a map' button to Location in profile, fix layout (#26214)
Not too important, but I think that it'd be a pretty neat touch.

Also fixes some layout bugs introduced by a previous PR.

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Caesar Schinas <caesar@caesarschinas.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-31 08:44:45 +00:00
wxiaoguang 8baa42c8d7
Calculate MAX_WORKERS default value by CPU number (#26177)
To avoid consuming user's 100% CPU, limit the default value of
MAX_WORKERS

Fix #26063 (the CPU 100% problem mentioned in it)
2023-07-27 16:40:35 +08:00
Felix Victor 0533187f28
Update email-setup.en-us.md (#26068)
The setting `MAILER_TYPE` is deprecated.
According to the config cheat sheet, it should be `PROTOCOL`.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-07-26 21:50:15 +08:00
John Olheiser bd4c7ce578
Docusaurus-ify (#26051)
This PR cleans up the docs in a way to make them simpler to ingest by
our [docs repo](https://gitea.com/gitea/gitea-docusaurus).

1. It includes all of the sed invocations our ingestion did, removing
the need to do it at build time.
2. It replaces the shortcode variable replacement method with
`@variable@` style, simply for easier sed invocations when required.
3. It removes unused files and moves the docs up a level as cleanup.

---------

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-07-26 04:53:13 +00:00