Commit Graph

635 Commits

Author SHA1 Message Date
parnic 35742d4af7
Reintroduce squash merge default comment as a config setting (#16134)
* Reinstate most of commit 09304db9a5

* Move the behaviour behind a config setting

* Also fix the initial #12365
2021-06-19 00:08:22 +02:00
KN4CK3R 29695cd6d5
Add asymmetric JWT signing (#16010)
* Added asymmetric token signing.

* Load signing key from settings.

* Added optional kid parameter.

* Updated documentation.

* Add "kid" to token header.
2021-06-17 23:56:46 +02:00
zeripath ffbf35b7e9
Clean-up the settings hierarchy for issue_indexer queue (#16001)
There are a couple of settings in `[indexer]` relating to the `issue_indexer` queue
which override settings in unpredictable ways. This PR adjusts this hierarchy and makes
explicit that these settings are deprecated.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-16 18:19:20 -04:00
zeripath 95352e6bd5
Make command in authorized keys a template (#16003)
Fix #15595
Replaces #15978

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-14 21:15:12 -04:00
KN4CK3R 440039c0cc
Add push to remote mirror repository (#15157)
* Added push mirror model.

* Integrated push mirror into queue.

* Moved methods into own file.

* Added basic implementation.

* Mirror wiki too.

* Removed duplicated method.

* Get url for different remotes.

* Added migration.

* Unified remote url access.

* Add/Remove push mirror remotes.

* Prevent hangs with missing credentials.

* Moved code between files.

* Changed sanitizer interface.

* Added push mirror backend methods.

* Only update the mirror remote.

* Limit refs on push.

* Added UI part.

* Added missing table.

* Delete mirror if repository gets removed.

* Changed signature. Handle object errors.

* Added upload method.

* Added "upload" unit tests.

* Added transfer adapter unit tests.

* Send correct headers.

* Added pushing of LFS objects.

* Added more logging.

* Simpler body handling.

* Process files in batches to reduce HTTP calls.

* Added created timestamp.

* Fixed invalid column name.

* Changed name to prevent xorm auto setting.

* Remove table header im empty.

* Strip exit code from error message.

* Added docs page about mirroring.

* Fixed date.

* Fixed merge errors.

* Moved test to integrations.

* Added push mirror test.

* Added test.
2021-06-14 19:20:43 +02:00
zeripath daa5a23548
Set self-adjusting deadline for connection writing (#16068)
* Set self-adjusting deadline for connection writing

In #16055 it appears that the simple 5s deadline doesn't work for large
file writes. Now we can't - or at least shouldn't just set no deadline
as go will happily let these connections block indefinitely. However,
what seems reasonable is to set some minimum rate we expect for writing.

This PR suggests the following algorithm:

* Every write has a minimum timeout of 5s (adjustable at compile time.)
* If there has been a previous write - then consider its previous
deadline, add half of the minimum timeout + 2s per kb about to written.
* If that new deadline is after the minimum timeout use that.

Fix #16055

* Linearly increase timeout

* Make PerWriteTimeout, PerWritePerKbTimeouts configurable

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-06-11 00:25:25 +03:00
Kyle D a5d8f58341
Update queue workers for v1.15 (#15999)
* Update queue workers for v1.15

* update app.example.ini

* update re queue path

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-05-28 13:33:52 -04:00
techknowlogick 568fe8c595
follow redirect when fetching theme archive (#15986) 2021-05-26 18:03:39 -04:00
Patrick Schratz d957a1569a
Bump `postgres` and `mysql` versions (#15710)
* bump postgres and mysql DB versions

* posgres test against v10

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-21 18:11:48 -04:00
a1012112796 fec8324026
add a new internal hook to save ssh log (#15787)
* add a new internal hook to save ssh log

as title, when a ssh error ocure like #15785.
only when switch ``RUN_MODE`` to dev can we
found which error is ocure. But this way is
not a good idea for production envirment.

this changes try save ssh error mesage to the
log file like other log by a new internal hook.
I think it's usefull for find error message
in production envirment. Thanks.

Signed-off-by: a1012112796 <1012112796@qq.com>

* rename and fix nit

* Update modules/private/hook.go

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-21 17:37:16 -04:00
zeripath 17be645498
Encrypt LDAP bind password in db with SECRET_KEY (#15547)
* Encrypt LDAP bind password in db with SECRET_KEY

The LDAP source bind password are currently stored in plaintext in the db
This PR simply encrypts them with the setting.SECRET_KEY.

Fix #15460

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove ui warning regarding unencrypted password

Co-authored-by: silverwind <me@silverwind.io>
2021-05-20 09:29:57 +01:00
Ikko Ashimine 3e068fcdcb
Fix typo in hacking-on-gitea.en-us.md (#15918)
* continously -> continuously
* continous -> continuous
2021-05-18 19:35:59 +02:00
Ian Wienand c3aaf5eafd
Rework Token API comments (#15162)
Move the token API discussion into a common section discussing the
generation and listing of the tokens.  Add a note on the display of
the sha1 during creation and listing.

Co-authored-by: Norwin <noerw@users.noreply.github.com>
2021-05-16 15:51:53 +02:00
Jimmy 44286e29f0
reverse proxy for IIS (#15555)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-14 00:36:53 -04:00
zeripath 418c5feded
Add information on how to rotate logging from outside container (#15852)
Fix #15842

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-05-14 00:36:23 -04:00
Adam Szatyin d86d123322
Add mimetype mapping settings (#15133)
* Fix APK's Content-Type header

* Fix case sensitive comparison

* Add custom mime type mapping for downloadable files

* Add documentation for MIME type mapping

* Rename download.mimetype.mapping configuration to repository.mimetype_mapping

Co-authored-by: zeripath <art27@cantab.net>
2021-05-10 16:38:08 -04:00
a1012112796 75d8297045
add note about ``cron.SCHEDULE`` format in document (#15812)
* add note about ``cron.SCHEDULE`` format in document

Signed-off-by: a1012112796 <1012112796@qq.com>

* Update custom/conf/app.example.ini

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-10 12:54:45 -04:00
6543 a229e34387
Allow only internal registration (#15795)
* Add ALLOW_ONLY_INTERNAL_REGISTRATION into settings

* OpenID respect setting too
2021-05-09 16:13:35 +02:00
6543 a98c09d2ae
Changelog v1.14.2 (#15794) (#15799)
* Changelog v1.14.2 (#15794)

* changelog tool generate

* format & add

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-05-09 13:49:26 +02:00
6543 16034bb613
OAuth2 login: Set account link to "login" as default behavior (#15768) 2021-05-07 16:15:16 +02:00
6543 640066840e
Use a generic markup class to display externally rendered files and diffs (#15735)
* creates and implements generic markup less class

* How to give custom CSS to externally rendered html

* Clarifies sources of CSS styling of markup

* further clarification of sources of markup styling

* rename _markdown to _markup

* remove defunct import

* fix orphaned reference

* Update docs/content/doc/advanced/external-renderers.en-us.md

* more renames markdown -> markup

* do not suggest less customization

* add back tokens

* fix class whitespace, remove useless if-clause

* remove unused csv-data rules

* use named exports and rename functions

* sort imports

Co-authored-by: HarvsG <11440490+HarvsG@users.noreply.github.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
2021-05-07 10:43:41 +02:00
silverwind 9b5185d3cc
Improve logo customization docs (#15754)
* Improve logo customization docs

* Update docs/content/doc/advanced/customizing-gitea.en-us.md

* Update docs/content/doc/advanced/customizing-gitea.en-us.md

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-07 02:32:29 -04:00
John Olheiser 2bd5408e5f
MySQL 5 FAQ (#15729)
* MySQL 5

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Wording
2021-05-05 05:39:09 +01:00
techknowlogick ab77a24f18
update branch in CI and docs (#15631) 2021-05-04 12:16:23 -04:00
a1012112796 ae6d7860be
add cron job to delete old actions from database (#15688)
that's a way to save database storage space.

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-05-01 14:17:02 +02:00
yearski 49b28956e2
Docs: fix location for custom/options/license (#15671) 2021-04-30 16:36:28 +02:00
6543 a6bfe59b4b
Docs: renderers rst: rst2html.py -> pandoc (#15659) 2021-04-30 14:50:55 +08:00
Dong Nguyen 6ea6e2b4eb
Update config-cheat-sheet.en-us.md (#15606)
Add more guide about `PROVIDER_CONFIG` when `PROVIDER` is `db` (https://github.com/go-gitea/gitea/issues/14016)
2021-04-24 16:58:40 +02:00
Björn Heinrichs 72e0ad8000
Fix docker enviroment variable from TYPE to DB_TYPE (#15585)
As documented in https://docs.gitea.io/en-us/config-cheat-sheet/ the database type is defined using db_type not type.
2021-04-22 16:34:12 +02:00
Nathan Zook 2242f381e6
Added OpenAPI document link to usage (#15535)
* Added OpenAPI document link to usage

The OpenAPI document at /api/swagger.v1.json needs an obvious reference.  Sadly, I am English monolingual, so someone else is going to have to do the other languages.  In the mean time, this PR should help anyone looking for the file.

* Update docs/content/doc/developers/api-usage.en-us.md

Co-authored-by: a1012112796 <1012112796@qq.com>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-04-19 23:29:08 -04:00
Raphael Kruse c9cc6698d2
Fix a broken link in customizing-gitea.en-us.md (#15543) 2021-04-19 11:47:49 -04:00
Lunny Xiao ce8255fb7b
Change the chinese discuss link to discourse (#15533) 2021-04-18 19:12:16 +08:00
techknowlogick c29e85228f
frontport: 1.14.1 changelog (#15503)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-04-16 00:06:02 -04:00
Kyle D f44543a1bb
Disable Stars config option (#14653)
* Add config option to disable stars

* Replace "stars" with watched in user profile

* Add documentation
2021-04-15 18:53:57 +02:00
firesoft-de af2adb4e35
Specify relation between multiple signing options (#15496) 2021-04-15 18:06:32 +02:00
Martin Michaelis 55eb1745bd
OAuth2 auto-register (#5123)
* Refactored handleOAuth2SignIn in routers/user/auth.go

The function handleOAuth2SignIn was called twice but some code path could only
be reached by one of the invocations. Moved the unnecessary code path out of
handleOAuth2SignIn.


* Refactored user creation

There was common code to create a user and display the correct error message.
And after the creation the only user should be an admin and if enabled a
confirmation email should be sent. This common code is now abstracted into
two functions and a helper function to call both.

* Added auto-register for OAuth2 users

If enabled new OAuth2 users will be registered with their OAuth2 details.
The UserID, Name and Email fields from the gothUser are used.
Therefore the OpenID Connect provider needs additional scopes to return
the coresponding claims.

* Added error for missing fields in OAuth2 response

* Linking and auto linking on oauth2 registration

* Set default username source to nickname

* Add automatic oauth2 scopes for github and google

* Add hint to change the openid connect scopes if fields are missing

* Extend info about auto linking security risk

Co-authored-by: Viktor Kuzmin <kvaster@gmail.com>
Signed-off-by: Martin Michaelis <code@mgjm.de>
2021-04-14 14:02:12 +02:00
Lunny Xiao 66f0fd0959
Add NeedPostProcess for Parser interface to improve performance of csv render (#15153) 2021-04-13 15:06:31 +08:00
techknowlogick 26e16e4ee4
docs: rm deprecated docs regarding environment variable usage in docker image (#15405)
* docs: rm deprecated docs regarding environment variable usage in docker image

* Update docs/content/doc/installation/with-docker.en-us.md

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
2021-04-12 15:42:02 -04:00
6543 18efe9a023
Changelog v1.14.0 (#15360) (#15400)
* Changelog v1.14.0 (#15360)

* clean & merge & update v1.14.0 changelog

* backport v1.13.x changelogs

* update latest gitea version
2021-04-11 13:23:55 +08:00
silverwind 0d1a5e0ffc
Add frontend testing, require node 12 (#15315)
- Add basic frontend unit testing infrastructure using jest in ESM mode
- Rename 'make test' to 'make test-backend'
- Introduce 'make test-frontend' and 'make test' that runs both
- Bump Node.js requirement to v12. v10 will be EOL in less than a month.
- Convert all build-related JS files to ESM.

I opted to run frontend tests run as part of the compliance pipeline because
they complete fast and are not platform-specific like the golang tests.
2021-04-08 12:41:57 +02:00
6543 298d56fe8b
[Frontport] Changelog (v1.13.6, v1.13.7, v1.14.0-rc2) (#15328)
* Changelog v1.13.7 (#15319)

* Update Changelog (#15322)

* update

* next

* RC2

* Update Docs Version
2021-04-07 13:41:02 -04:00
Kyle D 8d9f191195
Update docs for bad ini syntax in noreply (#15226) 2021-03-31 17:13:46 -04:00
David Crocker 79ac7468dc
Fix documentation for the fallback mail subject (#15223)
The documentation for the [fallback mail subject](d989247bb0/services/mailer/mail_issue.go (L14-L16)) was missing `{{}}` around `.Issue.Index`.
2021-03-31 11:36:21 -04:00
KN4CK3R 0c6137617f
Add Tabular Diff for CSV files (#14661)
Implements request #14320 The rendering of CSV files does match the diff style.

* Moved CSV logic into base package.

* Added method to create a tabular diff.

* Added CSV compare context.

* Added CSV diff template.

* Use new table style in CSV markup.

* Added file size limit for CSV rendering.

* Display CSV parser errors in diff.

* Lazy read single file.

* Lazy read rows for full diff.

* Added unit tests for various CSV changes.
2021-03-29 22:44:28 +02:00
techknowlogick 5ad65c8f5d
update docs to reference 1.13.6 (#15182) 2021-03-28 11:09:01 +08:00
silverwind 1a03fa7a4f
Update JS dependencies (#15033)
* Update JS dependencies

- Update all JS dependencies
- For octicons, rename trashcan to trash
- For svgo, migrate to v2 api, output seems to have slightly changed but icons look the same
- For stylelint, update config, fix custom property duplicates
- For monaco, drop legacy Edge support
- For eslint, enable new rules, fix new issues
- For less-loader, remove deprecated import syntax

* update svgo usage in generate-images and rebuild logo.svg with it
2021-03-22 05:04:19 +01:00
Lasse Brandt Thomsen 0fe32826ed
Allow read/write to user root and only read to group git on documentation (#15041)
Co-authored-by: Lasse Brandt Thomsen <lasse@bitmand.dk>
2021-03-20 00:45:04 +01:00
Lauris BH 044cd4d016
Add reverse proxy configuration support for remote IP address (#14959)
* Add reverse proxy configuration support for remote IP address validation

* Trust all IP addresses in containerized environments by default

* Use single option to specify networks and proxy IP addresses. By default trust all loopback IPs

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-16 00:27:28 +02:00
tuxmaster5000 f268b4896b
Update comparison docs for gitlab (#14999) 2021-03-15 11:19:00 -04:00
zeripath c8e5c79cfd
Add ui.explore settings to control view of explore pages (2) (#14094)
This is an alternative PR to #13687.

Add `[ui.explore]` settings to allow restricting the
explore pages to logged in users only and to disable the users explore page.

The two proposed settings are:

- `REQUIRE_SIGNIN_VIEW`: Only allows access to the explore pages if the
user is signed in. Also restricts
  - `/api/v1/user/search`
  - `/api/v1/users/{username}`
  - `/api/v1/users/{username}/repos`
  - but does not restrict `/api/v1/users/{username}/heatmap`
- `DISABLE_USERS_PAGE`: Disables the /explore/users page

Fix #2908

Close #13687 

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-11 13:40:54 +00:00