Commit Graph

968 Commits

Author SHA1 Message Date
Anthony Wang e86f18a05a
User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133)
* go.mod: add go-fed/{httpsig,activity/pub,activity/streams} dependency

go get github.com/go-fed/activity/streams@master
go get github.com/go-fed/activity/pub@master
go get github.com/go-fed/httpsig@master

* activitypub: implement /api/v1/activitypub/user/{username} (#14186)

Return informations regarding a Person (as defined in ActivityStreams
https://www.w3.org/TR/activitystreams-vocabulary/#dfn-person).

Refs: https://github.com/go-gitea/gitea/issues/14186

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: add the public key to Person (#14186)

Refs: https://github.com/go-gitea/gitea/issues/14186

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: go-fed conformant Clock instance

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: signing http client

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: implement the ReqSignature middleware

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: hack_16834

Signed-off-by: Loïc Dachary <loic@dachary.org>

* Fix CI checks-backend errors with go mod tidy

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Change 2021 to 2022, properly format package imports

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Run make fmt and make generate-swagger

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Use Gitea JSON library, add assert for pkp

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Run make fmt again, fix err var redeclaration

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Remove LogSQL from ActivityPub person test

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Assert if json.Unmarshal succeeds

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Cleanup, handle invalid usernames for ActivityPub person GET request

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Rename hack_16834 to user_settings

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Use the httplib module instead of http for GET requests

* Clean up whitespace with make fmt

* Use time.RFC1123 and make the http.Client proxy-aware

* Check if digest algo is supported in setting module

* Clean up some variable declarations

* Remove unneeded copy

* Use system timezone instead of setting.DefaultUILocation

* Use named constant for httpsigExpirationTime

* Make pubKey IRI #main-key instead of /#main-key

* Move /#main-key to #main-key in tests

* Implemented Webfinger endpoint.

* Add visible check.

* Add user profile as alias.

* Add actor IRI and remote interaction URL to WebFinger response

* fmt

* Fix lint errors

* Use go-ap instead of go-fed

* Run go mod tidy to fix missing modules in go.mod and go.sum

* make fmt

* Convert remaining code to go-ap

* Clean up go.sum

* Fix JSON unmarshall error

* Fix CI errors by adding @context to Person() and making sure types match

* Correctly decode JSON in api_activitypub_person_test.go

* Force CI rerun

* Fix TestActivityPubPersonInbox segfault

* Fix lint error

* Use @mariusor's suggestions for idiomatic go-ap usage

* Correctly add inbox/outbox IRIs to person

* Code cleanup

* Remove another LogSQL from ActivityPub person test

* Move httpsig algos slice to an init() function

* Add actor IRI and remote interaction URL to WebFinger response

* Update TestWebFinger to check for ActivityPub IRI in aliases

* make fmt

* Force CI rerun

* WebFinger: Add CORS header and fix Href -> Template for remote interactions

The CORS header is needed due to https://datatracker.ietf.org/doc/html/rfc7033#section-5 and fixes some Peertube <-> Gitea federation issues

* make lint-backend

* Make sure Person endpoint has Content-Type application/activity+json and includes PreferredUsername, URL, and Icon

Setting the correct Content-Type is essential for federating with Mastodon

* Use UTC instead of GMT

* Rename pkey to pubKey

* Make sure HTTP request Date in GMT

* make fmt

* dont drop err

* Make sure API responses always refer to username in original case

Copied from what I wrote on #19133 discussion: Handling username case is a very tricky issue and I've already encountered a Mastodon <-> Gitea federation bug due to Gitea considering Ta180m and ta180m to be the same user while Mastodon thinks they are two different users. I think the best way forward is for Gitea to only use the original case version of the username for federation so other AP software don't get confused.

* Move httpsig algs constant slice to modules/setting/federation.go

* Add new federation settings to app.example.ini and config-cheat-sheet

* Return if marshalling error

* Make sure Person IRIs are generated correctly

This commit ensures that if the setting.AppURL is something like "http://127.0.0.1:42567" (like in the integration tests), a trailing slash will be added after that URL.

* If httpsig verification fails, fix Host header and try again

This fixes a very rare bug when Gitea and another AP server (confirmed to happen with Mastodon) are running on the same machine, Gitea fails to verify incoming HTTP signatures. This is because the other AP server creates the sig with the public Gitea domain as the Host. However, when Gitea receives the request, the Host header is instead localhost, so the signature verification fails. Manually changing the host header to the correct value and trying the veification again fixes the bug.


* Revert "If httpsig verification fails, fix Host header and try again"

This reverts commit f53e46c721a037c55facb9200106a6b491bf834c.

The bug was actually caused by nginx messing up the Host header when reverse-proxying since I didn't have the line `proxy_set_header Host $host;` in my nginx config for Gitea.

* Go back to using ap.IRI to generate inbox and outbox IRIs

* use const for key values

* Update routers/web/webfinger.go

* Use ctx.JSON in Person response to make code cleaner

* Revert "Use ctx.JSON in Person response to make code cleaner"

This doesn't work because the ctx.JSON() function already sends the response out and it's too late to edit the headers.

This reverts commit 95aad988975be3393c76094864ed6ba962157e0c.

* Use activitypub.ActivityStreamsContentType for Person response Content Type

* Limit maximum ActivityPub request and response sizes to a configurable setting

* Move setting key constants to models/user/setting_keys.go

* Fix failing ActivityPubPerson integration test by checking the correct field for username

* Add a warning about changing settings that can break federation

* Add better comments

* Don't multiply Federation.MaxSize by 1<<20 twice

* Add more better comments

* Fix failing ActivityPubMissingPerson test

We now use ctx.ContextUser so the message printed out when a user does not exist is slightly different

* make generate-swagger

For some reason I didn't realize that /templates/swagger/v1_json.tmpl was machine-generated by make generate-swagger... I've been editing it by hand for three months! 🤦

* Move getting the RFC 2616 time to a separate function

* More code cleanup

* Update go-ap to fix empty liked collection and removed unneeded HTTP headers

* go mod tidy

* Add ed25519 to httpsig algorithms

* Use go-ap/jsonld to add @context and marshal JSON

* Change Gitea user agent from the default to Gitea/Version

* Use ctx.ServerError and remove all remote interaction code from webfinger.go
2022-06-19 07:25:12 +02:00
wxiaoguang e4ceaf65fb
Update document to clarify that ALLOWED_DOMAINS/BLOCKED_DOMAINS support wildcard (#20016) 2022-06-18 15:23:06 -04:00
wxiaoguang 157b405753
Remove legacy git code (ver < 2.0), fine tune markup tests (#19930)
* clean git support for ver < 2.0

* fine tune tests for markup (which requires git module)

* remove unnecessary comments

* try to fix tests

* try test again

* use const for GitVersionRequired instead of var

* try to fix integration test

* Refactor CheckAttributeReader to make a *git.Repository version

* update document for commit signing with Gitea's internal gitconfig

* update document for commit signing with Gitea's internal gitconfig

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-16 23:47:44 +08:00
Lunny Xiao b01dce2a6e
Allow render HTML with css/js external links (#19017)
* Allow render HTML with css/js external links

* Fix bug because of filename escape chars

* Fix lint

* Update docs about new configuration item

* Fix bug of render HTML in sub directory

* Add CSP head for displaying iframe in rendering file

* Fix test

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Some improvements

* some improvement

* revert change in SanitizerDisabled of external renderer

* Add sandbox for iframe and support allow-scripts and allow-same-origin

* refactor

* fix

* fix lint

* fine tune

* use single option RENDER_CONTENT_MODE, use sandbox=allow-scripts

* fine tune CSP

* Apply suggestions from code review

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-06-16 11:33:23 +08:00
AHOHNMYC 97548d2722
Uppercase first languages letters (#19965) 2022-06-15 12:08:49 +02:00
yutotnh 3708ca8e28
fix: some typos (#19956) 2022-06-13 15:34:46 +08:00
wxiaoguang 5f618248a9
Use Golang 1.18 for Gitea 1.17 release (#19918)
Use Golang 1.18 (as minimal requirement) for Gitea 1.17 release, make sure the Golang version is still actively supported during Gitea 1.17 lifecycle.

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-06-10 05:34:41 +02:00
wxiaoguang 3d9c02a1bb
Update frontend guideline (#19901)
* update frontend guideline

* "Native" => "Vanilla JS", fix typo comma.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-06 10:44:20 -04:00
Paweł Bogusławski 14d96ff7ac
Disable unnecessary mirroring elements (#18527)
* Disable unnecessary mirroring elements

This mod fixes disabling unnecessary mirroring elements.

Related: https://github.com/go-gitea/gitea/pull/16957
Related: https://github.com/go-gitea/gitea/pull/13084
Author-Change-Id: IB#1105104

* Checkbox rendering disabled instead of hiding it

Fixes: 02b45051503d4330da9757ff084c9cc5e6e60d84
Related: https://github.com/go-gitea/gitea/pull/18527#pullrequestreview-878061913
Author-Change-Id: IB#1105104

* Update custom/conf/app.example.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-authored-by: silverwind <me@silverwind.io>

* Mirror filter removed only when whole mirroring feature is disabled

Fixes: 02b45051503d4330da9757ff084c9cc5e6e60d84
Related: https://github.com/go-gitea/gitea/pull/18527#discussion_r883268890
Author-Change-Id: IB#1105104

Co-authored-by: silverwind <me@silverwind.io>
2022-06-04 19:42:17 +08:00
ttys3 0c759fd4de
feat: add DEFAULT_MERGE_STYLE to `repository.pull-request` section for repo init (#19751) 2022-06-02 23:45:54 -04:00
wxiaoguang 6171ea7d31
update documents (#19868) 2022-06-02 00:22:42 -04:00
singuliere 40e87d031f
docs: recommendations to ensure backup consistency and reliability (#19845)
* docs: recommendations to ensure backup consistency and reliability

* s/stooping/stopping/

* Update docs/content/doc/usage/backup-and-restore.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

Co-authored-by: delvh <dev.lh@web.de>
2022-05-31 14:42:32 -04:00
singuliere fdc784dbf4
docs: update the ROOT documentation and error messages (#19832)
* docs: update the ROOT documentation and error messages

* The documentation now reflects what happens in the
  setting/repository.go::newRepository function:
  filepath.Join(AppWorkPath, RepoRootPath) was missing.

* The error message displayed when RepoRootPath is not found now
  displays the value of RepoRootPath. Given the complexity of the
  construction of this value, only referring to it in the abstract
  is likely to be misleading to the Gitea admin trying to interpret
  the message.

Co-authored-by: delvh <dev.lh@web.de>
2022-05-31 00:47:55 +02:00
delvh 5976e3e89b Add version hint in the docs when packages are available (#19838)
* Add version hint in the docs when packages are available

* Change italic to bold
2022-05-29 14:10:21 -04:00
Yehonatan Ezron 4cac908255
docs(hacking-on-gitea): fix installation instruction for elasticsearch docker (#19829) 2022-05-29 20:59:25 +03:00
singuliere 410df1fbd4
docs: FAQ: the WorkPath can be set from --work-path (#19822) 2022-05-28 16:47:13 +08:00
Vladimir Yakovlev b41111bc78
Fix duplicate paragraph in documentation (#19820) 2022-05-27 15:40:00 -04:00
Ondřej Čertík 8720f876c7
Make WIP prefixes case insensitive, e.g. allow `Draft` as a WIP prefix (#19780)
The issue was that only the actual title was converted to uppercase, but
not the prefix as specified in `WORK_IN_PROGRESS_PREFIXES`. As a result,
the following did not work:

    WORK_IN_PROGRESS_PREFIXES=Draft:,[Draft],WIP:,[WIP]

One possible workaround was:

    WORK_IN_PROGRESS_PREFIXES=DRAFT:,[DRAFT],WIP:,[WIP]

Then indeed one could use `Draft` (as well as `DRAFT`) in the title.
However, the link `Start the title with DRAFT: to prevent the pull request
from being merged accidentally.` showed the suggestion in uppercase; so
it is not possible to show it as `Draft`. This PR fixes it, and allows
to use `Draft` in `WORK_IN_PROGRESS_PREFIXES`.

Fixes #19779.

Co-authored-by: zeripath <art27@cantab.net>
2022-05-26 10:19:24 +01:00
wxiaoguang 4266bd924b
Update document to use FHS `/usr/local/bin/gitea` instead of `/app/...` for Docker (#19794)
* Update document to use FHS `/usr/local/bin/gitea` instead of `/app/...` in Docker

* Update docs/content/doc/installation/with-docker.zh-cn.md
2022-05-24 14:57:15 +08:00
Jan-Eric Schober b65ad70f53
Add the possibility to allow the user to have a favicon which differs from the main logo (#18542)
* Changed the filename of the favicon SVG

This allows the user to have a favicon which differs from the logo.

* Added favicon.svg

This is needed to accommodate the changes for allowing the user to have a differing logo and favicon

* Adjusted page to accommodate what icon is used as favicon

* Added functionality to also generate the favicon.svg via generate-images.js

* Adjusted the description for the new favicon compatibility

Co-authored-by: silverwind <me@silverwind.io>

* Updated generate-images.js to generate favicons from a separate favicons.svg file

This belongs to PR #18542.

* Added description on how custom favicons can be generated

* Replaced space indents with tabs

* Synced changes with current state of the file

* Synced changes with current state of the file

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-05-23 23:54:48 +08:00
f0x52 6680cca07f
clarify what session provider 'db' does (#19713)
* clarify what session provider 'db' does

* Also update session.PROVIDER in app.example.ini

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-05-16 00:40:29 +08:00
Jimmy Praet a61a47f9a0
Update documentation to disable duration settings with -1 instead of 0 (#19647)
To turn off the notification endpoint polling, the value should be set to -1, not 0.
2022-05-09 18:33:19 +02:00
Lunny Xiao 4344a64107
Allow custom default merge message with .gitea/default_merge_message/<merge_style>_TEMPLATE.md (#18177)
* Allow custom default merge message with .gitea/MERGE_MESSAGE_<merge_style>_TEMPLATE.md

* Some improvements

* Follow some advices

* Fix bug

* Fix bug

* Fix lint

* Fix close comment

* Fix test

* Fix and docs

* Improve codes

* Update docs and remove unnecessary variables

* return error for GetDefaultMergeMessage

* Fix test

* improve code

* ignore unknow unit type

* return error for GetDefaultMergeMessage

* Update services/pull/merge.go

* Some improvements

* Follow some advices

* Fix bug

* Fix lint

* Improve codes

* Update docs and remove unnecessary variables

* return error for GetDefaultMergeMessage

* improve code

* Handle deleted HeadRepo in GetDefaultMergeMessage

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix test

* Fix test

Co-authored-by: zeripath <art27@cantab.net>
2022-05-08 20:32:45 +08:00
wxiaoguang 7b089c465d
Remove `RequireHighlightJS` field, update plantuml example. (#19615) 2022-05-05 10:53:38 +03:00
ttys3 e933f31426
Add health check endpoint (#18465)
* chore: add health check endpoint

docs: update document about health check

fix: fix up Sqlite3 ping. current ping will success even if the db file is missing

fix: do not expose privacy information in output field

* refactor: remove HealthChecker struct

* Added `/api/healthz` to install routes.

This was needed for using /api/healthz endpoint in Docker healthchecks,
otherwise, Docker would never become healthy if using healthz endpoint
and users would not be able to complete the installation of Gitea.

* Update modules/cache/cache.go

* fine tune

* Remove unnecessary test code. Now there are 2 routes for installation (and maybe more in future)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Marcos de Oliveira <marcossantos@furb.br>
2022-05-04 14:56:20 +03:00
6543 e2a3f3d259
Federation: return useful statistic information for nodeinfo (#19561)
Add statistic information for total user count, active user count, issue count and comment count for `/nodeinfo`
2022-05-02 21:35:45 +08:00
wxiaoguang 509d811243
Upgrade required git version to 2.0 (#19577)
* Upgrade required git version to 2.0

* update document
2022-05-02 20:30:24 +08:00
Pawel Boguslawski 85579dcab5
Disable unnecessary GitHooks elements
This mod fixes disabling unnecessary GitHooks elements.

Related: https://github.com/go-gitea/gitea/pull/13129
Author-Change-Id: IB#1115251
2022-04-26 22:06:58 +01:00
KN4CK3R e4274f640c
Allow package dump skipping (#19506)
* Added addReader to support verbose.

* Allow skipping packages.

* Updated docs.

* Update cmd/dump.go

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-04-26 16:30:51 -04:00
Lunny Xiao 6cc8aed737
Fix two typos (#19504) 2022-04-26 18:01:42 +02:00
Campbell He f2229e0566
doc: add brief intro on using traefik as reverse-proxy (#19432) 2022-04-20 16:08:23 +02:00
KN4CK3R 18727df73a
Add Helm Chart registry (#19406) 2022-04-19 12:55:35 -04:00
Stephen J. Fuhry 695c4b4b0e
upgrade postgres refrence to 14 (#19416) 2022-04-16 11:59:56 -04:00
ktprograms 4396d0e7c9
Note where frontend files are located in docs (#19379)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-04-12 16:36:24 -04:00
wxiaoguang d906858847
Use "main" as default branch name (#19354)
* Use "main" as default branch name

* fix test code
2022-04-08 23:26:48 -05:00
Gusted e20952a9ec
Add `ENABLE_SSH_LOG` to debugging problems (#19316)
- Add this option to the debugging problems section. So users that are
trying to debug SSH-related problems will get the errors logged from `cmd/serv.go`
2022-04-05 16:41:56 -04:00
techknowlogick d4f4e95c63
escape fake link 2022-04-05 13:30:07 -04:00
techknowlogick 48dc88acd0
Allow custom redirect for landing page (#19324)
* Allow custom redirect for landing page

* Update modules/setting/setting.go

Co-authored-by: delvh <dev.lh@web.de>

* fix lint

* one option

Co-authored-by: delvh <dev.lh@web.de>
2022-04-05 12:16:01 -04:00
wxiaoguang d242511e86
Remove legacy unmaintained packages, refactor to support change default locale (#19308)
Remove two unmaintained vendor packages `i18n` and `paginater`. Changes:
* Rewrite `i18n` package with a more clear fallback mechanism. Fix an unstable `Tr` behavior, add more tests.
* Refactor the legacy `Paginater` to `Paginator`, test cases are kept unchanged.

Trivial enhancement (no breaking for end users):
* Use the first locale in LANGS setting option as the default, add a log to prevent from surprising users.
2022-04-03 17:46:48 +08:00
Norwin 4c5cb1e2f2
Improve package registry docs (#19273)
* Improve package registry docs

* move new content down

* add hint re upload a package

* wording, formatting

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-04-01 23:31:40 +08:00
zeripath c88547ce71
Add Goroutine stack inspector to admin/monitor (#19207)
Continues on from #19202.

Following the addition of pprof labels we can now more easily understand the relationship between a goroutine and the requests that spawn them. 

This PR takes advantage of the labels and adds a few others, then provides a mechanism for the monitoring page to query the pprof goroutine profile.

The binary profile that results from this profile is immediately piped in to the google library for parsing this and then stack traces are formed for the goroutines.

If the goroutine is within a context or has been created from a goroutine within a process context it will acquire the process description labels for that process. 

The goroutines are mapped with there associate pids and any that do not have an associated pid are placed in a group at the bottom as unbound.

In this way we should be able to more easily examine goroutines that have been stuck.

A manager command `gitea manager processes` is also provided that can export the processes (with or without stacktraces) to the command line.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-31 19:01:43 +02:00
KN4CK3R 1d332342db
Add Package Registry (#16510)
* Added package store settings.

* Added models.

* Added generic package registry.

* Added tests.

* Added NuGet package registry.

* Moved service index to api file.

* Added NPM package registry.

* Added Maven package registry.

* Added PyPI package registry.

* Summary is deprecated.

* Changed npm name.

* Sanitize project url.

* Allow only scoped packages.

* Added user interface.

* Changed method name.

* Added missing migration file.

* Set page info.

* Added documentation.

* Added documentation links.

* Fixed wrong error message.

* Lint template files.

* Fixed merge errors.

* Fixed unit test storage path.

* Switch to json module.

* Added suggestions.

* Added package webhook.

* Add package api.

* Fixed swagger file.

* Fixed enum and comments.

* Fixed NuGet pagination.

* Print test names.

* Added api tests.

* Fixed access level.

* Fix User unmarshal.

* Added RubyGems package registry.

* Fix lint.

* Implemented io.Writer.

* Added support for sha256/sha512 checksum files.

* Improved maven-metadata.xml support.

* Added support for symbol package uploads.

* Added tests.

* Added overview docs.

* Added npm dependencies and keywords.

* Added no-packages information.

* Display file size.

* Display asset count.

* Fixed filter alignment.

* Added package icons.

* Formatted instructions.

* Allow anonymous package downloads.

* Fixed comments.

* Fixed postgres test.

* Moved file.

* Moved models to models/packages.

* Use correct error response format per client.

* Use simpler search form.

* Fixed IsProd.

* Restructured data model.

* Prevent empty filename.

* Fix swagger.

* Implemented user/org registry.

* Implemented UI.

* Use GetUserByIDCtx.

* Use table for dependencies.

* make svg

* Added support for unscoped npm packages.

* Add support for npm dist tags.

* Added tests for npm tags.

* Unlink packages if repository gets deleted.

* Prevent user/org delete if a packages exist.

* Use package unlink in repository service.

* Added support for composer packages.

* Restructured package docs.

* Added missing tests.

* Fixed generic content page.

* Fixed docs.

* Fixed swagger.

* Added missing type.

* Fixed ambiguous column.

* Organize content store by sha256 hash.

* Added admin package management.

* Added support for sorting.

* Add support for multiple identical versions/files.

* Added missing repository unlink.

* Added file properties.

* make fmt

* lint

* Added Conan package registry.

* Updated docs.

* Unify package names.

* Added swagger enum.

* Use longer TEXT column type.

* Removed version composite key.

* Merged package and container registry.

* Removed index.

* Use dedicated package router.

* Moved files to new location.

* Updated docs.

* Fixed JOIN order.

* Fixed GROUP BY statement.

* Fixed GROUP BY #2.

* Added symbol server support.

* Added more tests.

* Set NOT NULL.

* Added setting to disable package registries.

* Moved auth into service.

* refactor

* Use ctx everywhere.

* Added package cleanup task.

* Changed packages path.

* Added container registry.

* Refactoring

* Updated comparison.

* Fix swagger.

* Fixed table order.

* Use token auth for npm routes.

* Enabled ReverseProxy auth.

* Added packages link for orgs.

* Fixed anonymous org access.

* Enable copy button for setup instructions.

* Merge error

* Added suggestions.

* Fixed merge.

* Handle "generic".

* Added link for TODO.

* Added suggestions.

* Changed temporary buffer filename.

* Added suggestions.

* Apply suggestions from code review

Co-authored-by: Thomas Boerger <thomas@webhippie.de>

* Update docs/content/doc/packages/nuget.en-us.md

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Thomas Boerger <thomas@webhippie.de>
2022-03-30 16:42:47 +08:00
zeripath 97625b44e7
Provide configuration to allow camo-media proxying (#12802)
* Provide configuration to allow camo-media proxying

Fix #916

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-29 10:27:37 +02:00
Pilou 893c8938fc
New cron task: delete old system notices (#19219)
Add a new cron task which deletes the old system notices.
2022-03-28 13:54:59 +01:00
zeripath acb9fc5f8e
Make cron task no notice on success (#19221)
Change all cron tasks to make them no notice on success default. Instead if a user
wants notices on success they need to add NOTICE_ON_SUCCESS=true instead.

 ## ⚠️ BREAKING ⚠️

This changes the cron config so that notices on success are no longer set by default
and breaks NO_SUCCESS_NOTICE settings. Instead users who want notices on success
must set NOTICE_ON_SUCCESS=true instead.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update custom/conf/app.example.ini

Co-authored-by: Norwin <noerw@users.noreply.github.com>

Co-authored-by: Norwin <noerw@users.noreply.github.com>
2022-03-26 21:13:04 +00:00
Robin 5495ba7660
[docs] Enhance container selection in docker dump (#14292)
* Enhance container selection in docker dump

The problem with the previous query was, that it sometimes selected multiple containers, which make the command file with a hard to understand message. Now, use '^...$' to make sure a regex full match.
2022-03-22 13:50:31 +08:00
zeripath fda5b9fc3e
Add warning to set SENDMAIL_ARGS to -- (#19102)
Even with #17688 email addresses that contain an initial `-` may still be present in the db and it may in future still be possible to imagine a situation whereby initial `-` are repermitted.

This PR simply updates the documentation to warn users to set their SENDMAIL_ARGS with a terminal `--` to prevent this possibility email addresses being interpreted as options.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-18 15:19:02 +01:00
Fredrik Ekre df31ac0e09
Fixed log path in fail2ban documentation (#19103)
This updates the log path in the [gitea-docker] jail configuration
to match the path in the [gitea] jail, which was updated in #13726.
2022-03-16 12:39:13 -04:00
Gusted 6ab4a96855
Update golang.org/x/crypto (#19097)
* Update golang.org/x/crypto

- Update dependency to include fix for CVE.
- See https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ?utm_medium=email&utm_source=footer

* Fix deprecation notice

* Remove workaround

- Introduced in https://github.com/go-gitea/gitea/pull/17281
- Fixed in x/crypto:
- 5d542ad81a
- & 3147a52a75

* Update Kex Algorithms

- Use standardized name for curve22519-sha256. 9b076918e3
- Prefer SHA256 version over SHA1 version. e4b3678e5f
2022-03-16 02:59:53 +01:00
mscherer 35541f853b
Fix documentation and #19065 (#19067) 2022-03-13 18:30:58 +01:00
zeripath 886b1de949
Update the webauthn_credential_id_sequence in Postgres (#19048)
* Update the webauthn_credential_id_sequence in Postgres

There is (yet) another problem with v210 in that Postgres will silently allow preset
ID insertions ... but it will not update the sequence value.

This PR simply adds a little step to the end of the v210 migration to update the
sequence number.

Users who have already migrated who find that they cannot insert new
webauthn_credentials into the DB can either run:

```bash
gitea doctor recreate-table webauthn_credential
```

or

```bash
./gitea doctor --run=check-db-consistency --fix
```

which will fix the bad sequence.

Fix #19012

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-10 23:04:55 +01:00
Lunny Xiao b24e8d38af
Support ignore all santize for external renderer (#18984)
* Support ignore all santize for external renderer

* Update docs

* Apply suggestions from code review

Co-authored-by: silverwind <me@silverwind.io>

* Fix doc

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: 6543 <6543@obermui.de>
2022-03-06 16:41:54 +08:00
KN4CK3R f3cbdee38e
Don't clean up hardcoded `tmp` (#18983)
* Don't clean up hardcoded `tmp`.

* Fixed import.
2022-03-02 23:50:29 +01:00
Marco Blessing df9802ca61
adds restore docs for docker based instances (#18844)
* adds docke restore section

* fix typo

* Update docs/content/doc/usage/backup-and-restore.en-us.md

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* fix container id placeholder

* adds restore help for docker-rootless

* restore yml autoformater quotes

Co-authored-by: Marco Blessing <marco.blessing@komm.one>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-03-02 11:20:00 -05:00
JonRB aa60cd91b2
Update nginx reverse proxy docs (#18922)
Add additional config lines for the set_header to forward additional information (eg the IP)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-26 19:32:09 +01:00
silverwind fa0e2d60c2
Disable service worker by default (#18914)
The service worker causes a lot of issues with JS errors after instance
upgrades while not bringing any real performance gain over regular HTTP
caching.

Disable it by default for this reason. Maybe later we can remove it
completely, as I simply see no benefit in having it.
2022-02-26 18:14:23 +08:00
Nicolas Ferrari 41aa49d910
Update on-cloud-provider.md (#18807) 2022-02-18 23:26:00 +08:00
Lunny Xiao 5348e198db
Add example to render html files (#18736)
* Add example to render html files

* Use class in example

Co-authored-by: zeripath <art27@cantab.net>
2022-02-14 21:56:17 +08:00
zeripath 165ab17a03
Attempt to improve docs (yet again) (#18687)
* Attempt to improve docs (yet again)

Attempt to make the passthrough docs clearer.
Add some more faq entries

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* Update docs/content/doc/installation/with-docker.en-us.md

* Update docs/content/doc/installation/with-docker.en-us.md

Co-authored-by: Gusted <williamzijl7@hotmail.com>
2022-02-10 19:20:06 +00:00
Gusted 581d29ec1d
Update SSH Server crypto settings (#18697)
- Use a better and more curated list of Ciphers and KeyExchanges, these roughly follows OpenSSH's default.
- Remove some cryptography values which were deprecated.
2022-02-10 17:04:16 +01:00
Lunny Xiao c14ca34d57
update the comparison documents (#18669)
* update the comparison documents

* Remove U2f
2022-02-08 11:00:13 -05:00
Cristian Le 60f203385e
Support custom ACME provider (#18340)
* Added ACMECAURL option to support custom ACME provider. Closes #18306
* Refactor setting.go https settings, renamed options and variables, and documented app.example.ini
* Refactored runLetsEncrypt to runACME
* Improved documentation
2022-02-08 13:45:35 +08:00
Clar Fon 99d14f6051
Add separate SSH_USER config option (#17584)
Co-authored-by: zeripath <art27@cantab.net>
2022-02-07 16:56:45 -05:00
Norwin 6ada05940e
Add `contrib/upgrade.sh` (#18286)
Adds an upgrade script that automates upgrading installations on Linux from binary releases, so people don't need to reinvent the wheel. Hopefully this leads to less questions about how to upgrade, and consequently less Gitea instances running unmaintained versions in the wild.

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2022-02-06 21:07:52 +01:00
Sambhav Saggi e2bbbc4876
Fix oauth docs usage for 2fa (#18581) 2022-02-03 17:00:34 +00:00
zeripath bc77b28d9d
Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch (#18551)
* Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch

One of the problems with our current docker tagging is that although we
have strict version tags, latest and dev we do not have a way for docker
users to track the current release branch. This PR simply suggests that
we use the 1.x-dev tag for these and we build and push these. This will
give users who want or need unreleased bug fixes the option of tracking
the pre-release version instead of simply jumping to dev.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-03 09:47:27 +01:00
Lauris BH 8038610a42
Automatically pause queue if index service is unavailable (#15066)
* Handle keyword search error when issue indexer service is not available

* Implement automatic disabling and resume of code indexer queue
2022-01-27 10:30:51 +02:00
Gusted 5e5740af69
Switch to non-deprecation setting (#18358)
* Switch to non-deprecation setting
  (Avoid by-default: "Deprecated fallback `[server]` `LFS_CONTENT_PATH` present. Use `[lfs]` `PATH` instead. This fallback will be removed in v1.18.0")

* Update all references
2022-01-23 20:02:29 +01:00
zeripath 8472884cef
Update the SSH passthrough documentation (#18366) 2022-01-23 12:25:25 -05:00
Dr. Tobias Quathamer 3349fd8f79
Add packagist webhook (#18224)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-23 21:46:30 +08:00
Lunny Xiao f066b293ac
Add deprecated for LFS_CONTENT_PATH on zh-cn docs (#18362)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-23 13:03:26 +08:00
wxiaoguang 5bf8d5445e
Refactor Router Logger (#17308)
Make router logger more friendly, show the related function name/file/line.

[BREAKING]
This PR substantially changes the logging format of the router logger. If you use this logging for monitoring e.g. fail2ban you will need to update this to match the new format.
2022-01-20 19:41:25 +08:00
wxiaoguang 4d0a72a271
Revert "Prevent possible XSS when using jQuery (#18289)" (#18293)
This reverts commit 661d3d28e9.
2022-01-16 11:19:26 +00:00
Gusted 661d3d28e9
Prevent possible XSS when using jQuery (#18289)
In the case of misuse or misunderstanding from a developer whereby,
if `sel` can receive user-controlled data, jQuery `$(sel)` can lead to the
creation of a new element. Current usage is using hard-coded selectors
in the templates, but nobody prevents that from expanding to
user-controlled somehow.
2022-01-16 13:14:32 +08:00
Jan Tojnar a38ab71b20
docs: mention client_max_body_size affects LFS (#18291) 2022-01-15 17:26:01 -05:00
Lunny Xiao 35c3553870
Support webauthn (#17957)
Migrate from U2F to Webauthn

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-14 16:03:31 +01:00
wxiaoguang eaf09a5368
Fix documents for development and bug report (#18249) 2022-01-13 10:58:46 +08:00
Zoran Peričić 17b2079f3e
Add/update SMTP auth providers via cli (#18197)
Allow adding/updating SMTP authentication source via CLI using:
- gitea admin  auth add-smtp 
- gitea admin  auth update-smtp

Signed-off-by: Zoran Peričić <zpericic@netst.org>
2022-01-12 22:54:53 +00:00
M. Zhou ba9e4e2570
[doc] https-setup: explain relative paths for {CERT,KEY}_FILE fields. (#18244)
Closes: https://github.com/go-gitea/gitea/issues/14401
2022-01-11 23:18:28 -05:00
Bo-Yi Wu ee8718e452
chore: remove unnecessary section (#18209)
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2022-01-11 18:27:32 -05:00
Andrey Esin c0ed869e0f
Fix identation typo in doc installation with Docker (#18233) 2022-01-11 19:33:42 +08:00
luzpaz 8c647bf0f6
Fix various typos (#18219)
Found via `codespell -q 3 -S ./options/locale,./vendor -L ba,pullrequest,pullrequests,readby,te,unknwon`

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-01-10 17:32:37 +08:00
Greg Myers 79791ba4ac
Fix typos in docs/content (#18215) 2022-01-09 19:53:03 +08:00
Gusted 4b3bfd7e89
Enable partial clone by default (#18195)
- Enable partial clones(which are by default disabled from git) by
default, unless configured otherwise.
- Resolves #18190
2022-01-06 06:38:38 +01:00
zeripath 1514e13bb8
Add option to convert CRLF to LF line endings for sendmail (#18075)
It appears that several versions of sendmail require that the mail is sent to them with
LF line endings instead of CRLF endings - which of course they will then convert back
to CRLF line endings to comply with the SMTP standard.

This PR adds another setting SENDMAIL_CONVERT_CRLF which will pass the message writer
through a filter. This will filter out and convert CRLFs to LFs before writing them
out to sendmail.

Fix #18024

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-06 01:43:45 +01:00
Lunny Xiao 8760af752a
Team permission allow different unit has different permission (#17811)
* Team permission allow different unit has different permission

* Finish the interface and the logic

* Fix lint

* Fix translation

* align center for table cell content

* Fix fixture

* merge

* Fix test

* Add deprecated

* Improve code

* Add tooltip

* Fix swagger

* Fix newline

* Fix tests

* Fix tests

* Fix test

* Fix test

* Max permission of external wiki and issues should be read

* Move team units with limited max level below units table

* Update label and column names

* Some improvements

* Fix lint

* Some improvements

* Fix template variables

* Add permission docs

* improve doc

* Fix fixture

* Fix bug

* Fix some bug

* fix

* gofumpt

* Integration test for migration (#18124)

integrations: basic test for Gitea {dump,restore}-repo
This is a first step for integration testing of DumpRepository and
RestoreRepository. It:

runs a Gitea server,
dumps a repo via DumpRepository to the filesystem,
restores the repo via RestoreRepository from the filesystem,
dumps the restored repository to the filesystem,
compares the first and second dump and expects them to be identical

The verification is trivial and the goal is to add more tests for each
topic of the dump.

Signed-off-by: Loïc Dachary <loic@dachary.org>

* Team permission allow different unit has different permission

* Finish the interface and the logic

* Fix lint

* Fix translation

* align center for table cell content

* Fix fixture

* merge

* Fix test

* Add deprecated

* Improve code

* Add tooltip

* Fix swagger

* Fix newline

* Fix tests

* Fix tests

* Fix test

* Fix test

* Max permission of external wiki and issues should be read

* Move team units with limited max level below units table

* Update label and column names

* Some improvements

* Fix lint

* Some improvements

* Fix template variables

* Add permission docs

* improve doc

* Fix fixture

* Fix bug

* Fix some bug

* Fix bug

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Aravinth Manivannan <realaravinth@batsense.net>
2022-01-05 11:37:00 +08:00
Gusted 165346c15c
Add MP4 as default allowed attachment type (#18170) 2022-01-04 04:36:47 +01:00
singuliere 1a4e2bfcd1
tests: s/GITEA_UNIT_TESTS_VERBOSE/GITEA_UNIT_TESTS_LOG_SQL/ (#18142)
The GITEA_UNIT_TESTS_VERBOSE variable is an undocumented variable
introduced in 2017 (see 1028ef2def)
whose sole purpose has been to log SQL statements when running unit
tests.

It is renamed for clarity and a warning is displayed for backward
compatibility for people and scripts that know about it.

The documentation is updated to reflect this change.
2022-01-01 04:31:24 +01:00
wxiaoguang c99b8efba2
Improve document for developers: Windows CGO, unit test option (#18140) 2021-12-31 22:21:11 +08:00
Tony e0b41f8c37
docs: add various ways to install from package (#18120)
zh-cn

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-12-30 12:28:56 +08:00
wxiaoguang 38d81cdd01
Fix documents for Windows development (#18109)
* Fix documents for Windows development
2021-12-26 23:27:18 +08:00
Rolf Kaiser 4da2eabd7f
doc: clarify INSTALL_LOCK behavior (#17945) 2021-12-26 11:25:42 +08:00
qwerty287 5754080eb9
Fix various typos of software names (#18083)
* `git` -> `Git`
* `Github` and `github` -> `GitHub`
* `crowdin` -> `Crowdin`
* `git-lfs` -> `Git LFS`
* `githooks`, `git hooks`, `git-hooks` -> `Git Hooks`
* `discord` -> `Discord`
* `2fa` -> `2FA`
* `gitlab` and `Gitlab` -> `GitLab`
* `web hook` -> `webhook`
* `linux` -> `Linux`
* `sqlite` -> `SQLite`
* `MYSQL` and `mysql` -> `MySQL`
* rename refs to `master` branch -> `main`
* Fix English grammar
2021-12-24 11:56:57 +08:00
qwerty287 4cbc865d83
Add option to define refs in issue templates (#17842)
Adds a markdown header option `ref` that allows you to set the ref the issue should belong.
2021-12-17 21:29:09 +00:00
silverwind cc129d2ca2
Make AvatarRenderedSizeFactor configurable and set it to 3 (#17951)
Save a bit of bandwidth by only requesting 3-times the rendered avatar
size. Factor 4 is only really beneficial on a handful of mobile phones
and I don't think they are the primary device we design for.

Configurability contributed by zeripath.

Fixes: https://github.com/go-gitea/gitea/pull/17422
Fixes: https://github.com/go-gitea/gitea/issues/16287

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-12-16 10:18:38 +08:00
zeripath 0981ec30c3
Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes (#16766)
* Add setting to OAuth handlers to override local 2FA settings

This PR adds a setting to OAuth and OpenID login sources to allow the source to
override local 2FA requirements.

Fix #13939

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix regression from #16544

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add scopes settings

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix trace logging in auth_openid

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add required claim options

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Move UpdateExternalUser to externalaccount

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Allow OAuth2/OIDC to set Admin/Restricted status

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Allow use of the same group claim name for the prohibit login value

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fixup! Move UpdateExternalUser to externalaccount

* as per wxiaoguang

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add label back in

Signed-off-by: Andrew Thornton <art27@cantab.net>

* adjust localisation

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-12-14 16:37:11 +08:00
Lunny Xiao 3ca5dc7e32
Move keys to models/asymkey (#17917)
* Move keys to models/keys

* Rename models/keys -> models/asymkey

* change the missed package name

* Fix package alias

* Fix test

* Fix docs

* Fix test

* Fix test

* merge
2021-12-10 16:14:24 +08:00
wxiaoguang a6f961fba4
Refactor install page (db type) (#17919)
* Refactor install page (db type)

* set correct default DB HOST for different DB TYPE
* remove legacy TiDB from documents
* unify the usage of DB TYPE, in code we only use "mysql". "MySQL" is only shown to users for friendly name.

* Gitea can use TiDB via MySQL protocol

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-12-07 13:44:08 +08:00
mscherer f49d160447
Replace "unix" by "http+unix" for PROTOCOL (#17771) 2021-12-05 23:46:11 -05:00
wxiaoguang 5f22e2dfb2
Improve seek-help documents (#17895)
* Add pprof information to seek-help documents 
* Improve zh-cn and zh-tw documents
2021-12-03 21:04:32 +08:00
singuliere 64b7d0de8e
docs: modules do not rely on models, services do (#17861)
services: provide some services for users, usually use
database (models) modules: provide some basic functions without
database, eg: code parser, etc The major difference is services use
database, while modules don’t.

Signed-off-by: singuliere <singuliere@autistici.org>
2021-11-30 11:56:12 +00:00
zeripath b5a9ee94fd
Make Co-committed-by and co-authored-by trailers optional (#17848)
This PR adds another option to app.ini make co-committed-by and co-authored-by trailers
optional on a per server basis.

Fix #17194

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-29 07:09:55 +00:00
qwerty287 3fec2cb3d3
Fix various typos in docs (#17844) 2021-11-28 18:43:18 -05:00
qwerty287 b1df890951
Docs: replace `gitea` with `Gitea` (#17838)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-11-28 21:28:30 +08:00
zeripath 72d82c5b6f
Handle relative unix socket paths (#17836)
Make relative unix sockets absolute by making them absolute against the AppWorkPath

Fix #17833

## ⚠️ BREAKING ⚠️ 

Prior to this PR relative unix sockets would have been asserted to be relative to the current working directory that gitea, gitea serv, hook and manager etc were running in. Hooks and Serv would have failed to work properly under this situation so we expect that although this is a technically breaking change the previous situation was already broken.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-27 20:22:03 +00:00
ThetaDev af901a4ca9
Detect dark theme via css variable (#17800)
* detect dark theme via css variable
* minor refactor, add documentation

If your custom theme is considered a dark theme, set the global css variable `--is-dark-theme` to `true`.
This allows gitea to adjust the Monaco code editor's theme accordingly.
2021-11-25 15:14:48 +08:00
zeripath 188fd2dd1a
Add `PULL_LIMIT` and `PUSH_LIMIT` to cron.update_mirror task (#17568) 2021-11-22 22:09:35 -05:00
Lunny Xiao b2daa7e203
Add documentation for backend development (#17512)
* Add documentation for backend development

* Update backend guidline

* More sections

* Add modules/setting and modules/git

* Uniform gitea as Gitea

* some improvements

* some improvements
2021-11-23 10:10:18 +08:00
wxiaoguang 49b2cb998b
Fix project board bug and improve documents (#17753)
* the project board was broken, this PR fixes it, and refactor the code, and we prevent the uncategorized column from being dragged.
* improve the frontend guideline (as discussed in https://github.com/go-gitea/gitea/pull/17699)
2021-11-22 19:40:17 +08:00
wxiaoguang 013fb73068
Use `hostmatcher` to replace `matchlist`, improve security (#17605)
Use hostmacher to replace matchlist.

And we introduce a better DialContext to do a full host/IP check, otherwise the attackers can still bypass the allow/block list by a 302 redirection.
2021-11-20 17:34:05 +08:00
zeripath c96be0cd98
Make SSL cipher suite configurable (#17440) 2021-11-20 01:12:43 -05:00
zeripath 38347aa16f
Add settings to allow different SMTP envelope from address (#17479)
* Add settings to allow different SMTP envelope from address

Sometimes it may be advisable to hide or alias the from address on an SMTP mail
envelope. This PR adds two new options to the mailer to allow setting of an overriding
from address.

Fix #17477

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-19 23:35:20 +08:00
zeripath 3c4724d70e
Add .gitattribute assisted language detection to blame, diff and render (#17590)
Use check attribute code to check the assigned language of a file and send that in to
chroma as a hint for the language of the file.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-17 20:37:00 +00:00
Lunny Xiao e3da8c1e88
fix migrations documents (#17679)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-11-17 15:17:37 +08:00
rstular 8fdc5247de
Update for reverse proxying static resources (#17670)
Gitea fetches static resources from /assets, so nginx configuration has to be updated accordingly.

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-16 21:53:15 -05:00
缘生 83a04e42cc
fix typo (#17614) 2021-11-14 17:32:48 -05:00
wxiaoguang 7f802631c5
Fix some incorrect async functions, improve frontend document. (#17597) 2021-11-12 20:37:45 +08:00
wxiaoguang d168f0498b
Fix documents for ALLOWED_HOST_LIST, its default value differs between 1.15 and 1.16 (#17530)
* fix documents for ALLOWED_HOST_LIST, its default value differs between 1.15 and 1.16
2021-11-08 11:25:41 +08:00
SahAssar 118fbd9436
Fix list for options under cli->user->admin->create (#17382)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-03 13:27:35 +08:00
Renato Caldas e2995ef515
docs: add SSH passthrough instructions to with-docker-rootless (#17505) (#17508)
The passthrough is based upon AuthorizedKeysCommand and a custom shell wrapper that forwards commands to the container over the docker pipe.
2021-11-01 12:34:12 +00:00
wxiaoguang 599ff1c054
Only allow webhook to send requests to allowed hosts (#17482) 2021-11-01 16:39:52 +08:00
Kane 932780c2bb
Add HAProxy Config to reverse-proxies.en-us.md (#17407)
* Update reverse-proxies.en-us.md

Addition of HAProxy

* Update reverse-proxies.en-us.md
2021-10-24 17:48:26 +02:00
Mashiro f0376b7e02
docs: add permission notes to `SSH Container Passthrough` (#17347)
* Update with-docker.en-us.md

* Update with-docker.en-us.md

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-10-18 12:26:47 -04:00
zeripath 7117c7774a
Make the Mirror Queue a queue (#17326)
Convert the old mirror syncing queue to the more modern queue format.

Fix a bug in the from the repo-archive queue PR - the assumption was made that uniqueness could be enforced with by checking equality in a map in channel unique queues - however this only works for primitive types - which was the initial intention but is an imperfect. This is fixed by marshalling the data and placing the martialled data in the unique map instead.

The documentation is also updated to add information about the deprecated configuration values.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-10-17 12:43:25 +01:00
wxiaoguang 1a7473ff45
Split `index.js` to separate files (#17315)
* split `index.js` to separate files

* tune clipboard

* fix promise

* fix document

* remove intermediate empty file

* fix async event listener

* use `export function` instead of `export {}`, add more comments

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2021-10-17 01:28:04 +08:00
techknowlogick 8edda8b446
Add simple update checker to Gitea (#17212)
* Add simple update checker to Gitea

* update struct and remove comments

* fix lint

* Update custom/conf/app.example.ini

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

* Update custom/conf/app.example.ini

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-authored-by: Steven <61625851+justusbunsi@users.noreply.github.com>

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

* Update modules/cron/tasks_extended.go

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

* Update custom/conf/app.example.ini

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

* take PR feedback into account and display banner on admin dashboard for alerts

* Add more detailed message

* placate lint

* update per feedback

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Steven <61625851+justusbunsi@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-10-16 02:14:34 -04:00
wxiaoguang e18ea9e349
Update documents for Gitea behind reverse proxy. Fix some small bugs (some URLs are generated without sub-path) (#17320)
* Apache `ProxyPassReverse` only works for Location, Content-Location and URI headers on HTTP redirect responses, it causes more problems than it resolves. Now all URLs generated by Gitee have the correct prefix AppSubURL. We do not need to set `ProxyPassReverse`.

* fix url param

* use AppSubURL instead of AppURL in api/v1

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-10-15 23:34:07 -04:00
wxiaoguang 56362043d3
Frontend refactor: move Vue related code from `index.js` to `components` dir, and remove unused codes. (#17301)
* frontend refactor

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Update templates/base/head.tmpl

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/developers/guidelines-frontend.md

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

* fix typo

* fix typo

* refactor PageData to pageData

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Simply for the visual difference.

Co-authored-by: delvh <dev.lh@web.de>

* Revert "Apply suggestions from code review"

This reverts commit 4d78ad9b0e96ca180e0823de17659a2e0814c099.

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2021-10-15 10:35:26 +08:00
zeripath 01b9d35f1a
Disable core.protectNTFS (#17300)
core.protectNTFS protects NTFS from files which may be difficult to remove or interact
with using the win32 api, however, it also appears to prevent such files from
being entered into the git indexes - fundamentally causing breakages with PRs that
affect these files. However, deliberately setting this to false may cause security
issues due to the remain sparse checkout of files in the merge pipeline.

The only sensible option therefore is to provide an optional setting which admins
could set which would forcibly switch this off if they are affected by this issue.

Fix #17092

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-10-13 14:20:11 -04:00
Romain 987152ba40
Add metrics to get issues by repository (#17225) 2021-10-05 20:39:37 +02:00
Romain fc5ee1edf9
Add metrics to get issues by label (#17201)
* Add metrics to get issues by label

* Add comment on IssueByLabelCount

* Code review - Unify "AS" in SQL (#17201)

* Code review - Remove useless join (#17201)

* Code review - Disable issue_by_label by default in settings (#17201)

* use e

* restore empty line

* update docs

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-10-03 18:46:44 -04:00
techknowlogick babab0bf5e
Add nodeinfo endpoint for federation purposes (#16953)
Nodeinfo is a way to expose certain metadata about a server for use of discovery regarding functionality of its federation capabilities.

Two endpoints are required:
1. `/.well-known/nodeinfo` which informs client where it can find the location of the location of its metadata (including which version of the schema is used)
2. the endpoint which exposes the metadata in json format according to schema.

Notes:
* `openRegistrations` is a required field, but I propose to set to false as default in case someone writes a crawler to discover "open" gitea instances
* to limit data leakage I also propose to not include the `usage` field (note it is required so it should be included, but left as empty).

More info:
https://github.com/jhass/nodeinfo
https://github.com/jhass/nodeinfo/tree/main/schemas/2.1
http://nodeinfo.diaspora.software/protocol.html
2021-09-28 01:38:06 +02:00
Gwyneth Morgan 4e0cca3f7d
Use light/dark theme based on system preference (#17051)
Add a new default theme `auto`, which will automatically switch between
`gitea` (light) and `arc-green` (dark) themes depending on the user's
operating system settings.

Closes: #8183
2021-09-27 15:47:44 +01:00
Forest Johnson 868e937a53
docs: explain where are settings for release files (#17161)
Just a tiny change to save someone some time while reading the docs. I got lost in the angular code and npm packages trying to reverse engineer it  and figure out what setting controlled this file limit: 

![image](https://user-images.githubusercontent.com/7119703/134829716-8f587878-21a3-413b-ba1e-c2bbe9391ad2.png)

Eventually I tracked it down from

b74a0f9060/options/locale/locale_en-US.ini (L2776)

to

b74a0f9060/templates/repo/upload.tmpl (L11)

to 

b74a0f9060/web_src/js/index.js (L1043) 

to 

b74a0f9060/web_src/js/features/dropzone.js (L3)

to

https://www.npmjs.com/package/dropzone

and then I realized I can't read 😅,  back  to 

b74a0f9060/templates/repo/upload.tmpl (L8)

and quickly solved it from there!! 

b74a0f9060/modules/upload/upload.go (L81)


Yes  I know this long path was 90% me failing to read code properly and going on a red herring journey...  but point is we should not have to do this in the first place to know how to  configure this file upload form 🥺 👉 👈
2021-09-27 14:00:54 +01:00
zeripath 123f0aea00
Allow LDAP Sources to provide Avatars (#16851)
* Allow LDAP Sources to provide Avatars

Add setting to LDAP source to allow it to provide an Avatar.

Currently this is required to point to the image bytes.

Fix #4144

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Rename as Avatar Attribute (drop JPEG)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Always synchronize avatar if there is change

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Actually get the avatar from the ldap

Signed-off-by: Andrew Thornton <art27@cantab.net>

* clean-up

Signed-off-by: Andrew Thornton <art27@cantab.net>

* use len()>0 rather than != ""

Signed-off-by: Andrew Thornton <art27@cantab.net>

* slight shortcut in IsUploadAvatarChanged

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-09-26 22:39:36 -04:00
zeripath ba2e600d17
Add minimum versions of databases to the docs (#17080)
We do not currently state the minimum versions of databases we support.

This PR sets them to:
* MySQL >=5.7
* Postgres >=10
* MSSQL >=2008R2 SP3

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-09-17 23:25:50 +01:00
wxiaoguang b83b4fbef9
doc: Upgrade from an old Gitea (#16918)
* doc: Upgrade from an old Gitea

* update backup steps

* Update docs/content/doc/upgrade/from-gitea.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/upgrade/from-gitea.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/upgrade/from-gitea.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/upgrade/from-gitea.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/upgrade/from-gitea.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/upgrade/from-gitea.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/upgrade/from-gitea.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

* update backup tips

* update table header

* Update docs/content/doc/upgrade/from-gitea.en-us.md

Co-authored-by: silverwind <me@silverwind.io>

* Update docs/content/doc/upgrade/from-gitea.en-us.md

Co-authored-by: silverwind <me@silverwind.io>

* Update docs/content/doc/upgrade/from-gitea.en-us.md

Co-authored-by: techknowlogick <matti@mdranta.net>

* Update docs/content/doc/upgrade/from-gitea.en-us.md

Co-authored-by: techknowlogick <matti@mdranta.net>

* Update from-gitea.en-us.md

* Update from-gitea.en-us.md

* Update from-gitea.en-us.md

* Update from-gitea.en-us.md

* Update from-gitea.en-us.md

* Update from-gitea.en-us.md

* Update from-gitea.en-us.md

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-09-09 14:13:21 -04:00
6543 e14b52ea36
Enable Malayalam, Greek, Persian, Hungarian & Indonesian by default (#16998) 2021-09-09 14:16:42 +08:00
Hakermann420 1b922374db
Changes for German language (#16985)
* translated the rest of index.de-de.md to german

* fixed typo in german locale activate_account email

* fixed typo in german doc/content/page/index.md

* Update docs/content/page/index.de-de.md

Co-authored-by: delvh <dev.lh@web.de>

* commited sugesstions

Co-authored-by: delvh <dev.lh@web.de>

* commited sugesstions

Co-authored-by: delvh <dev.lh@web.de>

* commited sugesstions

Co-authored-by: delvh <dev.lh@web.de>

* revert locale change

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-09-08 12:37:06 -04:00
6543 63d7cbcef1
Make mirror feature more configurable (#16957)
Rename`[repository]` `DISABLE_MIRRORS` to `[mirror]` `DISABLE_NEW_PULL`  and add `ENABLED` and `DISABLE_NEW_PUSH` with the below meanings:

- `ENABLED`: **true**: Enables the mirror functionality. Set to **false** to disable all mirrors.
- `DISABLE_NEW_PULL`: **false**: Disable the creation of **new** mirrors. Pre-existing mirrors remain valid.
- `DISABLE_NEW_PUSH`: **false**: Disable the creation of **new** push mirrors. Pre-existing mirrors remain valid.


Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
2021-09-07 17:49:36 +02:00
aceArt-GmbH f3b36e2a39
Doc: Mail-Tempales: Fix AppUrl function name (#16939)
Thanks to https://github.com/go-gitea/gitea/pull/16788 I can see why our docker container kept restarting when adding the custom mail template example.
[The example template](https://docs.gitea.io/en-us/mail-templates/#example) has an error

```
2021/09/03 10:55:25 cmd/web.go:91:func1() [F] PANIC: template: mail/issue/default:35: function "AppURL" not defined
        /usr/local/go/src/html/template/template.go:374 (0x1563bb8)
        /go/src/code.gitea.io/gitea/vendor/github.com/unrolled/render/render.go:322 (0x1563782)
        /go/src/code.gitea.io/gitea/vendor/github.com/unrolled/render/render.go:202 (0x1562f8b)
        /go/src/code.gitea.io/gitea/vendor/github.com/unrolled/render/render.go:146 (0x15629d2)
        /go/src/code.gitea.io/gitea/modules/templates/base.go:88 (0x16b0769)
        /go/src/code.gitea.io/gitea/routers/web/base.go:125 (0x225f284)
        /go/src/code.gitea.io/gitea/routers/web/web.go:95 (0x2261284)
        /go/src/code.gitea.io/gitea/routers/init.go:147 (0x22817ba)
        /go/src/code.gitea.io/gitea/cmd/web.go:158 (0x239741a)
        /go/src/code.gitea.io/gitea/vendor/github.com/urfave/cli/app.go:524 (0x1740884)
        /go/src/code.gitea.io/gitea/vendor/github.com/urfave/cli/command.go:173 (0x17415f8)
        /go/src/code.gitea.io/gitea/vendor/github.com/urfave/cli/app.go:277 (0x173e8c7)
        /go/src/code.gitea.io/gitea/main.go:115 (0x23d3e69)
        /usr/local/go/src/runtime/proc.go:225 (0x443995)
        /usr/local/go/src/runtime/asm_amd64.s:1371 (0x47b360)
```
2021-09-03 12:49:42 +01:00
Patrick Schratz 968225e59c
update theme doc (#16860) 2021-08-29 14:26:43 -04:00
Lunny Xiao d985d4bc2f
Paginate releases page & set default page size to 10 (#16857)
* Add release default page and set it to 10

* use limit

Co-authored-by: 6543 <6543@obermui.de>
2021-08-29 18:25:16 +02:00
wxiaoguang d24eb6e6ce
Add GoLand configuration in hacking on gitea (#16843)
Co-authored-by: zeripath <art27@cantab.net>
2021-08-28 23:25:08 -04:00
Lunny Xiao f9acad82ca
Add proxy settings and support for migration and webhook (#16704)
* Add proxy settings and support for migration and webhook

* Fix default value

* Add newline for example ini

* Add lfs proxy support

* Fix lint

* Follow @zeripath's review

* Fix git clone

* Fix test

* missgin http requests for proxy

* use empty

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-08-18 21:10:39 +08:00
zeripath e0853d4a21
Add API Token Cache (#16547)
One of the issues holding back performance of the API is the problem of hashing.
Whilst banning BASIC authentication with passwords will help, the API Token scheme
still requires a PBKDF2 hash - which means that heavy API use (using Tokens) can
still cause enormous numbers of hash computations.

A slight solution to this whilst we consider moving to using JWT based tokens and/or
a session orientated solution is to simply cache the successful tokens. This has some
security issues but this should be balanced by the security issues of load from
hashing.

Related #14668

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-08-17 14:30:42 -04:00
zeripath e29e163737
Improve SMTP authentication and Fix user creation bugs (#16612)
* Improve SMTP authentication, Fix user creation bugs and add LDAP cert/key options

This PR has two parts:

Improvements for SMTP authentication:

* Default to use SMTPS if port is 465, and allow setting of force SMTPS.
* Always use STARTTLS if available
* Provide CRAM-MD5 mechanism
* Add options for HELO hostname disabling
* Add options for providing certificates and keys
* Handle application specific password response as a failed user login
instead of as a 500.

Close #16104

Fix creation of new users:

* A bug was introduced when allowing users to change usernames which
prevents the creation of external users.
* The LoginSource refactor also broke this page.

Close #16104

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-08-11 21:42:58 +01:00
techknowlogick 620c5690ea
Add note about build-time flags for PAM support (#16641)
Fix #16639
2021-08-07 01:22:30 -04:00
zeripath afd88a2418
Allow setting X-FRAME-OPTIONS (#16643)
* Allow setting X-FRAME-OPTIONS

This PR provides a mechanism to set the X-FRAME-OPTIONS header.

Fix #7951

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-authored-by: John Olheiser <john.olheiser@gmail.com>

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2021-08-06 16:47:10 -04:00
Clar Fon 80b7889fee
Clarify where server.LFS_CONTENT_PATH was moved to (#16601)
Signed-off-by: ltdk <usr@ltdk.xyz>
2021-08-03 09:03:04 +01:00
AJ ONeal b9a0e33238
Pre-fill suggested New File 'name' and 'content' with Query Params (#16556)
* feature: add (GitHub-style) querystrings for pre-filling new file content

* docs: add query parameters for new files
2021-07-29 05:39:46 +02:00
techknowlogick e0f9635c06
Add Linode as an installation option in docs (#16529)
Add Linode as an installation option in docs

Co-authored-by: zeripath <art27@cantab.net>
2021-07-24 15:08:23 +01:00
techknowlogick 5a84908d42
Add snap to docs (#16530) 2021-07-24 14:06:38 +01:00
zeripath f135a818f5
Make Mermaid.js limit configurable (#16519)
* Make Mermaid.js limit configurable

Add `MERMAID_MAX_SOURCE_CHARACTERS` to `[markup]` settings
to make the maximum size of a mermaid render configurable.

Fix #16513

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fixup! Make Mermaid.js limit configurable

* Update custom/conf/app.example.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-07-24 00:21:51 -04:00
qwerty287 ab77768fce
Fix typo (#16522) 2021-07-23 15:05:37 +02:00
lengyuqu 078e2b2c39
Add support for corporate WeChat webhooks (#15910)
* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* Update templates/admin/hook_new.tmpl

Co-authored-by: a1012112796 <1012112796@qq.com>

* Update services/webhook/wechatwork.go

Co-authored-by: a1012112796 <1012112796@qq.com>

* 修善wechatwork

* 修善wechatwork

* fix

* Update locale_cs-CZ.ini

fix

* fix build

* fix

* fix build

* make webhooks.zh-cn.md

* delet unnecessary blank line

* delet unnecessary blank line

* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* Update templates/admin/hook_new.tmpl

Co-authored-by: a1012112796 <1012112796@qq.com>

* Update services/webhook/wechatwork.go

Co-authored-by: a1012112796 <1012112796@qq.com>

* 修善wechatwork

* 修善wechatwork

* fix

* fix build

* fix

* fix build

* make webhooks.zh-cn.md

* delet unnecessary blank line

* delet unnecessary blank line

* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* fix

* fix

* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* fix wechat

* fix wechat

* fix wechat

* fix wechat

* Fix invalid params and typo of email templates (#16394)

Signed-off-by: Meano <meanocat@gmail.com>

* Add LRU mem cache implementation (#16226)

The current default memory cache implementation is unbounded in size and number of
objects cached. This is hardly ideal.

This PR proposes creating a TwoQueue LRU cache as the underlying cache for Gitea.
The cache is limited by the number of objects stored in the cache (rather than size)
for simplicity. The default number of objects is 50000 - which is perhaps too small
as most of our objects cached are going to be much less than 1kB.

It may be worth considering using a different LRU implementation that actively limits
sizes or avoids GC - however, this is just a beginning implementation.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* [skip ci] Updated translations via Crowdin

* Replace `plugins/docker` with `techknowlogick/drone-docker`in ci (#16407)

* plugins/docker -> techknowlogick/drone-docker

* It is multi-arch

* docs: rewrite email setup (#16404)

* Add intro for both the docs page and mailer methods
  * Fix numbering level in SMTP section
  * Recommends implicit TLS

Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>

* Validate Issue Index before querying DB (#16406)

* Fix external renderer (#16401)

* fix external renderer

* use GBackground context as fallback

* no fallback, return error

Co-authored-by: Lauris BH <lauris@nix.lv>

* Add checkbox to delete pull branch after successful merge (#16049)

* Add checkbox to delete pull branch after successful merge

* Omit DeleteBranchAfterMerge field in json

* Log a warning instead of error when PR head branch deleted

* Add DefaultDeleteBranchAfterMerge to PullRequestConfig

* Add support for delete_branch_after_merge via API

* Fix for API: the branch should be deleted from the HEAD repo

If head and base repo are the same, reuse the already opened ctx.Repo.GitRepo

* Don't delegate to CleanupBranch, only reuse branch deletion code

CleanupBranch contains too much logic that has already been performed by the Merge

* Reuse gitrepo in MergePullRequest

Co-authored-by: Andrew Thornton <art27@cantab.net>

* [skip ci] Updated translations via Crowdin

* Detect encoding changes while parsing diff (#16330)

* Detect encoding changes while parsing diff

* Let branch/tag name be a valid ref to get CI status (#16400)

* fix #16384#

* refactor: move shared helper func to utils package

* extend Tests

* use ctx.Repo.GitRepo if not nil

* fix

* fix

* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* fix build

* fix build

* Apply suggestions from code review

Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: myheavily <myheavily>
Co-authored-by: zhaoxin <gitea@fake.local>
Co-authored-by: Meano <Meano@foxmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: GiteaBot <teabot@gitea.io>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Bagas Sanjaya <bagasdotme@gmail.com>
Co-authored-by: Norwin <noerw@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Jimmy Praet <jimmy.praet@telenet.be>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-07-23 12:41:27 +08:00
Antoine Goutenoir bb7a7c4292
docs: fix various typos and translate to french (#16477)
Co-authored-by: 6543 <6543@obermui.de>
2021-07-18 12:21:32 -04:00
dosera 95f40047ef
Extend the fail2ban instructions with a hint on how to make X-Real-IP… (#16446)
Following the merging of #14959 - Gitea is a lot more strict regarding the interpretation of `X-Real-IP` and `X-Forwarded-For` headers.

This PR updates the fail2ban documentation to include hints to set: `REVERSE_PROXY_TRUSTED_PROXIES` and `REVERSE_PROXY_LIMIT` appropriately.

See discussion in #16443

Co-authored-by: zeripath <art27@cantab.net>
2021-07-16 10:04:52 +01:00
zeripath d7ee5dc775
Update documentation to reflect #15219 (#16442)
The move to render custom/public as within /assets in #15219 missed updating
several documentation pages.

This PR updates this documentation.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-15 20:49:12 +01:00
Richard Nienaber 908136c557
add configuration option to restrict users by default (#16256)
* add configuration option to restrict users by default

* default IsRestricted permission only set on sign up

setting this in the model messes with other workflows (e.g. syncing LDAP users) where the IsRestricted permission needs to be explicitly set and not overridden by a config value

* fix formatting

* Apply suggestions from code review

* ensure newly created user is set to restricted

* ensure imports are in the correct order

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-07-15 15:19:48 -04:00
Jimmy Praet 8df3d6575a
Change @every 24h default schedules to @midnight (#16431) 2021-07-15 11:55:48 -04:00
techknowlogick 376fc350ee
add note about minimum required version of git installed (#16433) 2021-07-14 23:28:49 -04:00
techknowlogick e180456983
Change docker tag logic (#16421)
* Change docker logic

* Apply suggestions from code review

Co-authored-by: Kyle D. <kdumontnu@gmail.com>

* docs

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Kyle D. <kdumontnu@gmail.com>
2021-07-14 18:08:43 +01:00
Bagas Sanjaya 18c18bb196
docs: rewrite email setup (#16404)
* Add intro for both the docs page and mailer methods
  * Fix numbering level in SMTP section
  * Recommends implicit TLS

Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
2021-07-12 22:05:40 +02:00
zeripath 2f725cbc9e
Add LRU mem cache implementation (#16226)
The current default memory cache implementation is unbounded in size and number of
objects cached. This is hardly ideal.

This PR proposes creating a TwoQueue LRU cache as the underlying cache for Gitea.
The cache is limited by the number of objects stored in the cache (rather than size)
for simplicity. The default number of objects is 50000 - which is perhaps too small
as most of our objects cached are going to be much less than 1kB.

It may be worth considering using a different LRU implementation that actively limits
sizes or avoids GC - however, this is just a beginning implementation.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-10 23:54:15 +02:00
Avahe Kellenberger 8cbb38f546
Added documentation about 413 errors with an nginx solution (#15313)
* Added documentation about 413 errors with an nginx solution.

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Norwin <noerw@users.noreply.github.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-07-10 02:16:07 +02:00
luzpaz e0296b6a6d
Fix various documentation, user-facing, and source comment typos (#16367)
* Fix various doc, user-facing, and source comment typos

Found via `codespell -q 3 -S ./options/locale,./vendor -L ba,pullrequest,pullrequests,readby`
2021-07-08 13:38:13 +02:00
冯天书 9543e068e9
Fix typo in customizing-gitea.en-us.md (#16362)
Fixed a type in a URL in PlantUML code example in `customizing-gitea.en-us.md`.
2021-07-07 17:25:42 +02:00
Lunny Xiao 64122fe105
Fix docs assets link (#16337) 2021-07-04 15:56:40 +02:00
Val Lorentz 2e40ff38d1
docs: Fix broken anchors in links to awesome-gitea (#16331) 2021-07-03 21:42:33 +01:00
6543 836884429a
Add forge emojies (#16296)
* codeberg :codeberg:
* gitlab :gitlab:
* git :git:
* github :github:
* gogs :gogs:
2021-07-02 16:04:57 +02:00
Norwin fc1d9629c6
Clarify GPG binary check (#14832)
fixes #14817

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-07-01 16:14:09 +02:00
zeripath 9979983283
Update Go-Git to take advantage of LargeObjectThreshold (#16316)
Following the merging of https://github.com/go-git/go-git/pull/330 we
can now add a setting to avoid go-git reading and caching large objects.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-06-30 22:58:45 +02:00
6543 653704c102
Add Vultr and DO Marketplace links (#16297)
* fix emoji img path

* move cloudron

* Add Vultr and DO
2021-06-29 15:42:47 -04:00
6543 65548359cc
Add custom emoji support (#16004) 2021-06-29 16:28:38 +02:00
zeripath 2f3d3ac20b
Update fail2ban documentation (#16286)
Following the merge of #16278 we need to update the fail2ban
documentation to take account of the availability of the new
sshConnectionFailed failed authentication attempt log message.

Also add a deprecation notice regarding the previous publicKeyHandler
messages, as these may be a source of false positives.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-06-28 19:26:40 -04:00
6543 0b27b93728
Make allowed Visiblity modes configurable for Users (#16271)
Now that #16069 is merged, some sites may wish to enforce that users are all public, limited or private, and/or disallow users from becoming private.

This PR adds functionality and settings to constrain a user's ability to change their visibility.

Co-authored-by: zeripath <art27@cantab.net>
2021-06-27 19:47:35 +01:00
zeripath 35f37a3625
Add --quiet and --verbose to gitea web to control initial logging (#16260)
One of the repeatedly reported issues has been that gitea produces too much console
logging during set up even if the console logger is turned off.

Fundamentally this is due to some otherwise very helpful logging that has to occur
before logging is set up. This has come to a head with the merging of #16243 where
otherwise potentially helpful Trace logging in the git module now appears on the
console.

This PR proposes three things:

1. Change the initial default logger to Info not Trace.
2. Change the logging for the AppPath things to Info in recompense.
3. Add two new command line options to gitea web: --quiet and --verbose

`gitea web -q` or `gitea web --quiet` will only log Fatal level initially.
`gitea web -verbose` will log at Trace.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-26 20:56:58 -04:00
Sergey Dryabzhinsky 22a0636544
Add Visible modes function from Organisation to Users too (#16069)
You can limit or hide organisations. This pull make it also posible for users

- new strings to translte
- add checkbox to user profile form
- add checkbox to admin user.edit form
- filter explore page user search
- filter api admin and public user searches
- allow admins view "hidden" users
- add app option DEFAULT_USER_VISIBILITY
- rewrite many files to use Visibility field
- check for teams intersection
- fix context output
- right fake 404 if not visible

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-06-26 20:53:14 +01:00
ayb 9b33d18899
Added support for gopher URLs. (#14749)
* Added support for gopher URLs.

* Add setting and make this user settable instead

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-06-25 18:38:27 -04:00
KN4CK3R 44b8b07631
Add tag protection (#15629)
* Added tag protection in hook.

* Prevent UI tag creation if protected.

* Added settings page.

* Added tests.

* Added suggestions.

* Moved tests.

* Use individual errors.

* Removed unneeded methods.

* Switched delete selector.

* Changed method names.

* No reason to be unique.

* Allow editing of protected tags.

* Removed unique key from migration.

* Added docs page.

* Changed date.

* Respond with 404 to not found tags.

* Replaced glob with regex pattern.

* Added support for glob and regex pattern.

* Updated documentation.

* Changed white* to allow*.

* Fixed edit button link.

* Added cancel button.

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-06-25 16:28:55 +02:00
Martin Strob 7a0ed9a046
fix IIS reverse proxy doc (#16246) 2021-06-25 14:38:41 +02:00
Lunny Xiao b223d36195
Rework repository archive (#14723)
* Use storage to store archive files

* Fix backend lint

* Add archiver table on database

* Finish archive download

* Fix test

* Add database migrations

* Add status for archiver

* Fix lint

* Add queue

* Add doctor to check and delete old archives

* Improve archive queue

* Fix tests

* improve archive storage

* Delete repo archives

* Add missing fixture

* fix fixture

* Fix fixture

* Fix test

* Fix archiver cleaning

* Fix bug

* Add docs for repository archive storage

* remove repo-archive configuration

* Fix test

* Fix test

* Fix lint

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-23 17:12:38 -04:00
KN4CK3R c9c7afda1a
Add sanitizer rules per renderer (#16110)
* Added sanitizer rules per renderer.

* Updated documentation.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-23 17:09:51 -04:00
techknowlogick 8640717f5f
Add docs for windows env vars (#16236)
* Add docs for windows env vars

Fix #16213

* Fix docs/content/doc/developers/hacking-on-gitea.en-us.md

Co-authored-by: John Olheiser <john.olheiser@gmail.com>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2021-06-23 15:57:56 -04:00
KN4CK3R 31f6b95dfa
Use data path instead of config path (#16227) 2021-06-23 16:56:25 +02:00
zeripath 6a083a7234
Update documentation for Implicit TLS (#16220)
As per RFC 8314, it is now recommended to prefer TLS over STARTTLS.

Fix #16160

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-06-21 14:34:37 -04:00
parnic 35742d4af7
Reintroduce squash merge default comment as a config setting (#16134)
* Reinstate most of commit 09304db9a5

* Move the behaviour behind a config setting

* Also fix the initial #12365
2021-06-19 00:08:22 +02:00
KN4CK3R 29695cd6d5
Add asymmetric JWT signing (#16010)
* Added asymmetric token signing.

* Load signing key from settings.

* Added optional kid parameter.

* Updated documentation.

* Add "kid" to token header.
2021-06-17 23:56:46 +02:00
zeripath ffbf35b7e9
Clean-up the settings hierarchy for issue_indexer queue (#16001)
There are a couple of settings in `[indexer]` relating to the `issue_indexer` queue
which override settings in unpredictable ways. This PR adjusts this hierarchy and makes
explicit that these settings are deprecated.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-16 18:19:20 -04:00
zeripath 95352e6bd5
Make command in authorized keys a template (#16003)
Fix #15595
Replaces #15978

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-14 21:15:12 -04:00
KN4CK3R 440039c0cc
Add push to remote mirror repository (#15157)
* Added push mirror model.

* Integrated push mirror into queue.

* Moved methods into own file.

* Added basic implementation.

* Mirror wiki too.

* Removed duplicated method.

* Get url for different remotes.

* Added migration.

* Unified remote url access.

* Add/Remove push mirror remotes.

* Prevent hangs with missing credentials.

* Moved code between files.

* Changed sanitizer interface.

* Added push mirror backend methods.

* Only update the mirror remote.

* Limit refs on push.

* Added UI part.

* Added missing table.

* Delete mirror if repository gets removed.

* Changed signature. Handle object errors.

* Added upload method.

* Added "upload" unit tests.

* Added transfer adapter unit tests.

* Send correct headers.

* Added pushing of LFS objects.

* Added more logging.

* Simpler body handling.

* Process files in batches to reduce HTTP calls.

* Added created timestamp.

* Fixed invalid column name.

* Changed name to prevent xorm auto setting.

* Remove table header im empty.

* Strip exit code from error message.

* Added docs page about mirroring.

* Fixed date.

* Fixed merge errors.

* Moved test to integrations.

* Added push mirror test.

* Added test.
2021-06-14 19:20:43 +02:00
zeripath daa5a23548
Set self-adjusting deadline for connection writing (#16068)
* Set self-adjusting deadline for connection writing

In #16055 it appears that the simple 5s deadline doesn't work for large
file writes. Now we can't - or at least shouldn't just set no deadline
as go will happily let these connections block indefinitely. However,
what seems reasonable is to set some minimum rate we expect for writing.

This PR suggests the following algorithm:

* Every write has a minimum timeout of 5s (adjustable at compile time.)
* If there has been a previous write - then consider its previous
deadline, add half of the minimum timeout + 2s per kb about to written.
* If that new deadline is after the minimum timeout use that.

Fix #16055

* Linearly increase timeout

* Make PerWriteTimeout, PerWritePerKbTimeouts configurable

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-06-11 00:25:25 +03:00
Kyle D a5d8f58341
Update queue workers for v1.15 (#15999)
* Update queue workers for v1.15

* update app.example.ini

* update re queue path

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-05-28 13:33:52 -04:00
Patrick Schratz d957a1569a
Bump `postgres` and `mysql` versions (#15710)
* bump postgres and mysql DB versions

* posgres test against v10

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-21 18:11:48 -04:00
a1012112796 fec8324026
add a new internal hook to save ssh log (#15787)
* add a new internal hook to save ssh log

as title, when a ssh error ocure like #15785.
only when switch ``RUN_MODE`` to dev can we
found which error is ocure. But this way is
not a good idea for production envirment.

this changes try save ssh error mesage to the
log file like other log by a new internal hook.
I think it's usefull for find error message
in production envirment. Thanks.

Signed-off-by: a1012112796 <1012112796@qq.com>

* rename and fix nit

* Update modules/private/hook.go

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-21 17:37:16 -04:00
zeripath 17be645498
Encrypt LDAP bind password in db with SECRET_KEY (#15547)
* Encrypt LDAP bind password in db with SECRET_KEY

The LDAP source bind password are currently stored in plaintext in the db
This PR simply encrypts them with the setting.SECRET_KEY.

Fix #15460

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove ui warning regarding unencrypted password

Co-authored-by: silverwind <me@silverwind.io>
2021-05-20 09:29:57 +01:00
Ikko Ashimine 3e068fcdcb
Fix typo in hacking-on-gitea.en-us.md (#15918)
* continously -> continuously
* continous -> continuous
2021-05-18 19:35:59 +02:00
Ian Wienand c3aaf5eafd
Rework Token API comments (#15162)
Move the token API discussion into a common section discussing the
generation and listing of the tokens.  Add a note on the display of
the sha1 during creation and listing.

Co-authored-by: Norwin <noerw@users.noreply.github.com>
2021-05-16 15:51:53 +02:00
Jimmy 44286e29f0
reverse proxy for IIS (#15555)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-14 00:36:53 -04:00
zeripath 418c5feded
Add information on how to rotate logging from outside container (#15852)
Fix #15842

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-05-14 00:36:23 -04:00
Adam Szatyin d86d123322
Add mimetype mapping settings (#15133)
* Fix APK's Content-Type header

* Fix case sensitive comparison

* Add custom mime type mapping for downloadable files

* Add documentation for MIME type mapping

* Rename download.mimetype.mapping configuration to repository.mimetype_mapping

Co-authored-by: zeripath <art27@cantab.net>
2021-05-10 16:38:08 -04:00
a1012112796 75d8297045
add note about ``cron.SCHEDULE`` format in document (#15812)
* add note about ``cron.SCHEDULE`` format in document

Signed-off-by: a1012112796 <1012112796@qq.com>

* Update custom/conf/app.example.ini

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-10 12:54:45 -04:00
6543 a229e34387
Allow only internal registration (#15795)
* Add ALLOW_ONLY_INTERNAL_REGISTRATION into settings

* OpenID respect setting too
2021-05-09 16:13:35 +02:00
6543 16034bb613
OAuth2 login: Set account link to "login" as default behavior (#15768) 2021-05-07 16:15:16 +02:00
6543 640066840e
Use a generic markup class to display externally rendered files and diffs (#15735)
* creates and implements generic markup less class

* How to give custom CSS to externally rendered html

* Clarifies sources of CSS styling of markup

* further clarification of sources of markup styling

* rename _markdown to _markup

* remove defunct import

* fix orphaned reference

* Update docs/content/doc/advanced/external-renderers.en-us.md

* more renames markdown -> markup

* do not suggest less customization

* add back tokens

* fix class whitespace, remove useless if-clause

* remove unused csv-data rules

* use named exports and rename functions

* sort imports

Co-authored-by: HarvsG <11440490+HarvsG@users.noreply.github.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
2021-05-07 10:43:41 +02:00
silverwind 9b5185d3cc
Improve logo customization docs (#15754)
* Improve logo customization docs

* Update docs/content/doc/advanced/customizing-gitea.en-us.md

* Update docs/content/doc/advanced/customizing-gitea.en-us.md

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-07 02:32:29 -04:00
John Olheiser 2bd5408e5f
MySQL 5 FAQ (#15729)
* MySQL 5

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Wording
2021-05-05 05:39:09 +01:00
techknowlogick ab77a24f18
update branch in CI and docs (#15631) 2021-05-04 12:16:23 -04:00
a1012112796 ae6d7860be
add cron job to delete old actions from database (#15688)
that's a way to save database storage space.

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-05-01 14:17:02 +02:00
yearski 49b28956e2
Docs: fix location for custom/options/license (#15671) 2021-04-30 16:36:28 +02:00
6543 a6bfe59b4b
Docs: renderers rst: rst2html.py -> pandoc (#15659) 2021-04-30 14:50:55 +08:00
Dong Nguyen 6ea6e2b4eb
Update config-cheat-sheet.en-us.md (#15606)
Add more guide about `PROVIDER_CONFIG` when `PROVIDER` is `db` (https://github.com/go-gitea/gitea/issues/14016)
2021-04-24 16:58:40 +02:00
Björn Heinrichs 72e0ad8000
Fix docker enviroment variable from TYPE to DB_TYPE (#15585)
As documented in https://docs.gitea.io/en-us/config-cheat-sheet/ the database type is defined using db_type not type.
2021-04-22 16:34:12 +02:00
Nathan Zook 2242f381e6
Added OpenAPI document link to usage (#15535)
* Added OpenAPI document link to usage

The OpenAPI document at /api/swagger.v1.json needs an obvious reference.  Sadly, I am English monolingual, so someone else is going to have to do the other languages.  In the mean time, this PR should help anyone looking for the file.

* Update docs/content/doc/developers/api-usage.en-us.md

Co-authored-by: a1012112796 <1012112796@qq.com>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-04-19 23:29:08 -04:00
Raphael Kruse c9cc6698d2
Fix a broken link in customizing-gitea.en-us.md (#15543) 2021-04-19 11:47:49 -04:00
Lunny Xiao ce8255fb7b
Change the chinese discuss link to discourse (#15533) 2021-04-18 19:12:16 +08:00
Kyle D f44543a1bb
Disable Stars config option (#14653)
* Add config option to disable stars

* Replace "stars" with watched in user profile

* Add documentation
2021-04-15 18:53:57 +02:00
firesoft-de af2adb4e35
Specify relation between multiple signing options (#15496) 2021-04-15 18:06:32 +02:00
Martin Michaelis 55eb1745bd
OAuth2 auto-register (#5123)
* Refactored handleOAuth2SignIn in routers/user/auth.go

The function handleOAuth2SignIn was called twice but some code path could only
be reached by one of the invocations. Moved the unnecessary code path out of
handleOAuth2SignIn.


* Refactored user creation

There was common code to create a user and display the correct error message.
And after the creation the only user should be an admin and if enabled a
confirmation email should be sent. This common code is now abstracted into
two functions and a helper function to call both.

* Added auto-register for OAuth2 users

If enabled new OAuth2 users will be registered with their OAuth2 details.
The UserID, Name and Email fields from the gothUser are used.
Therefore the OpenID Connect provider needs additional scopes to return
the coresponding claims.

* Added error for missing fields in OAuth2 response

* Linking and auto linking on oauth2 registration

* Set default username source to nickname

* Add automatic oauth2 scopes for github and google

* Add hint to change the openid connect scopes if fields are missing

* Extend info about auto linking security risk

Co-authored-by: Viktor Kuzmin <kvaster@gmail.com>
Signed-off-by: Martin Michaelis <code@mgjm.de>
2021-04-14 14:02:12 +02:00
Lunny Xiao 66f0fd0959
Add NeedPostProcess for Parser interface to improve performance of csv render (#15153) 2021-04-13 15:06:31 +08:00
techknowlogick 26e16e4ee4
docs: rm deprecated docs regarding environment variable usage in docker image (#15405)
* docs: rm deprecated docs regarding environment variable usage in docker image

* Update docs/content/doc/installation/with-docker.en-us.md

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
2021-04-12 15:42:02 -04:00
Kyle D 8d9f191195
Update docs for bad ini syntax in noreply (#15226) 2021-03-31 17:13:46 -04:00
David Crocker 79ac7468dc
Fix documentation for the fallback mail subject (#15223)
The documentation for the [fallback mail subject](d989247bb0/services/mailer/mail_issue.go (L14-L16)) was missing `{{}}` around `.Issue.Index`.
2021-03-31 11:36:21 -04:00
KN4CK3R 0c6137617f
Add Tabular Diff for CSV files (#14661)
Implements request #14320 The rendering of CSV files does match the diff style.

* Moved CSV logic into base package.

* Added method to create a tabular diff.

* Added CSV compare context.

* Added CSV diff template.

* Use new table style in CSV markup.

* Added file size limit for CSV rendering.

* Display CSV parser errors in diff.

* Lazy read single file.

* Lazy read rows for full diff.

* Added unit tests for various CSV changes.
2021-03-29 22:44:28 +02:00
silverwind 1a03fa7a4f
Update JS dependencies (#15033)
* Update JS dependencies

- Update all JS dependencies
- For octicons, rename trashcan to trash
- For svgo, migrate to v2 api, output seems to have slightly changed but icons look the same
- For stylelint, update config, fix custom property duplicates
- For monaco, drop legacy Edge support
- For eslint, enable new rules, fix new issues
- For less-loader, remove deprecated import syntax

* update svgo usage in generate-images and rebuild logo.svg with it
2021-03-22 05:04:19 +01:00
Lasse Brandt Thomsen 0fe32826ed
Allow read/write to user root and only read to group git on documentation (#15041)
Co-authored-by: Lasse Brandt Thomsen <lasse@bitmand.dk>
2021-03-20 00:45:04 +01:00
Lauris BH 044cd4d016
Add reverse proxy configuration support for remote IP address (#14959)
* Add reverse proxy configuration support for remote IP address validation

* Trust all IP addresses in containerized environments by default

* Use single option to specify networks and proxy IP addresses. By default trust all loopback IPs

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-16 00:27:28 +02:00
tuxmaster5000 f268b4896b
Update comparison docs for gitlab (#14999) 2021-03-15 11:19:00 -04:00
zeripath c8e5c79cfd
Add ui.explore settings to control view of explore pages (2) (#14094)
This is an alternative PR to #13687.

Add `[ui.explore]` settings to allow restricting the
explore pages to logged in users only and to disable the users explore page.

The two proposed settings are:

- `REQUIRE_SIGNIN_VIEW`: Only allows access to the explore pages if the
user is signed in. Also restricts
  - `/api/v1/user/search`
  - `/api/v1/users/{username}`
  - `/api/v1/users/{username}/repos`
  - but does not restrict `/api/v1/users/{username}/heatmap`
- `DISABLE_USERS_PAGE`: Disables the /explore/users page

Fix #2908

Close #13687 

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-11 13:40:54 +00:00
KN4CK3R bc423a1e84
Use correct default value (#14949)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-11 00:09:30 -05:00
zeripath c03f530212
Make internal SSH server host key path configurable (#14918)
* Make SSH server host key path configurable

* make it possible to have multiple keys

* Make gitea.rsa the default key

* Add some more logging

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-08 03:43:59 +01:00
zeripath 9b261f52f0
Add SameSite setting for cookies (#14900)
Add SameSite setting for cookies and rationalise the cookie setting code. Switches SameSite to Lax by default. 

There is a possible future extension of differentiating which cookies could be set at Strict by default but that is for a future PR.

Fix #5583

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-07 08:12:43 +00:00
6543 8ac1367718
[Docs] Fix how lfs data path is set (#14855)
* fix docs: lfs data path

* DEPRECATED note

* 已废弃

* better english sentence

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-03-04 18:01:44 +01:00
Kyle D 61f347e349
Add environment-to-ini to docker image (#14762)
* Add environment-to-app.ini routine

* Call environment-to-ini in docker setup scripts

* Automatically convert section vars to lower case to match documentation

* Remove git patch instructions

* Add env variable documentation to Install Docker
2021-02-23 20:21:44 +01:00
Ikko Ashimine ca9c1f822e
[docs] Fix typo in command-line.en-us.md (#14746)
seperated -> separated

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-02-19 11:29:22 -05:00
zeripath 0a9a484e1e
Create DB session provider(based on xorm) (#13031)
* Create Xorm session provider

This PR creates a Xorm session provider which creates
the appropriate Session table for macaron/session.

Fix #7137

Signed-off-by: Andrew Thornton <art27@cantab.net>

* extraneous l

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* use key instead of ID to be compatible with go-macaron/session

Signed-off-by: Andrew Thornton <art27@cantab.net>

* And change the migration too.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update spacing of imports

Co-authored-by: 6543 <6543@obermui.de>

* Update modules/session/xorm.go

Co-authored-by: techknowlogick <matti@mdranta.net>

* add xorm provider to the virtual provider

Signed-off-by: Andrew Thornton <art27@cantab.net>

* prep for master merge

* prep for merge master

* As per @lunny

* move migration out of the way

* Move to call this db session as per @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-02-15 00:33:31 -05:00
Damien Goutte-Gattat fc4a8c2980
Allow blocking some email domains from registering an account (#14667)
Gitea allows to whitelist email domains so that only email addresses from certain domains are allowed to register an account, but does not currently allows to do the opposite: blacklisting email domains so that addresses from certain domains are *forbidden* to register an account.

The idea has been briefly mentioned in the discussion about issue #6350, but never implemented. This PR does that.

The rationale is that, in my experience of running a Gitea instance, *a single email domain* is responsible for *most* of the spam accounts, and for *all* of the spam accounts that manage to get past the email confirmation step. So on top of the other spam mitigation measures already available (email confirmation, CAPTCHA, etc.), having the option to block a particularly annoying domain would be helpful.

close #13628
2021-02-15 00:31:29 +01:00
Lunny Xiao 5e4fa7c703
Turn default hash password algorightm back to pbkdf2 from argon2 until we found a better one (#14673)
* Turn default hash password algorightm back to pbkdf2 from argon2 until we found a better one

* Add a warning on document
2021-02-13 18:03:29 +01:00
Paweł Bogusławski 7d7007dca7
Added option to disable webhooks (#13176)
* Added option to disable web hooks

This mod introduces DISABLE_WEB_HOOKS parameter in [security] section
of app.ini (by default set to false). If set to true it disables web
hooks feature. Any existing undelivered web hook tasks will be cancelled.
Any existing web hook definitions will be left untouched in db but
its delivery tasks will be ignored.

Author-Change-Id: IB#1105130

* Webhook spelling fixed

Webhook spelling fixed.

Fixes: 07df6614dc84cdd2e9f39c57577fa1062bd70012
Related: https://github.com/go-gitea/gitea/pull/13176#pullrequestreview-510868421
Author-Change-Id: IB#1105174

* Parameter description fixed

Parameter description fixed.

Fixes: 07df6614dc84cdd2e9f39c57577fa1062bd70012
Related: https://github.com/go-gitea/gitea/pull/13176#pullrequestreview-514086107
Author-Change-Id: IB#1105174
2021-02-11 12:34:34 -05:00
zeripath 98827e99f6
Add information on how to build statically (#14594)
Fix #14576

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-02-08 10:06:21 +08:00
zeripath 3477e616ab
Exclude the current dump file from the dump (#14606)
* Exclude the current dump file from the dump

Always prevent the current file from being added to the dump.

Fix #13618

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add skip custom directory option

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-02-08 09:00:12 +08:00
Howie Zhao c295a27d4a
docs: update installation with-docker zh-cn (#14554) 2021-02-03 17:12:35 +01:00
Bagas Sanjaya bd28f1d642
[Docs] Clone filters (#14555)
In summary: set uploadpack.allowfilter

Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
2021-02-03 10:11:20 -05:00
Lunny Xiao 0cd87d64ff
Update docs and comments to remove macaron (#14491) 2021-01-29 16:35:30 +01:00
kevinlin18 0e4a9dbcb9
[docs] Add zh-tw Translations (#14507) 2021-01-29 01:57:58 +01:00
Brad Albright a598877fdf
Cron job to cleanup hook_task table (#13080)
Close **Prune hook_task Table (#10741)**

Added a cron job to delete webhook deliveries in the hook_task table. It can be turned on/off and the schedule controlled globally via app.ini. The data can be deleted by either the age of the delivery which is the default or by deleting the all but the most recent deliveries _per webhook_.

Note: I had previously submitted pr #11416  but I closed it when I realized that I had deleted per repository instead of per webhook. Also, I decided allowing the settings to be overridden via the ui was overkill. Also this version allows the deletion by age which is probably what most people would want.
2021-01-26 22:02:42 +01:00
Lunny Xiao 6433ba0ec3
Move macaron to chi (#14293)
Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR.

- [x] Define `context.ResponseWriter` interface with an implementation `context.Response`.
- [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before.
- [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic .
- [x] Use https://github.com/unrolled/render instead of macaron's internal render
- [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip
- [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK**
- [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha
- [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache
- [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding
- [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors
- [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation`
- [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle.
- [x] Removed macaron log service because it's not need any more. **BREAK**
- [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition.
- [x] Move Git HTTP protocol implementation to use routers directly.
- [x] Fix the problem that chi routes don't support trailing slash but macaron did.
- [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. 

Notices:
- Chi router don't support request with trailing slash
- Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI.

Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 16:36:53 +01:00
Klaus Vink Slott 525d75c160
Add link to packages in openSUSE build service (#14439)
* Link to OpenSUSE build service
2021-01-23 15:44:00 +01:00
kolaente b672899372
Add german translation guidelines (#14283)
* Add german translation guidelines

* Add German Language to Docs

* add Translation cateory & move guidelines into it

Co-authored-by: kolaente <k@knt.li>
Co-authored-by: 6543 <6543@obermui.de>
2021-01-22 20:12:50 +01:00