Commit graph

1129 commits

Author SHA1 Message Date
wxiaoguang 998cea5888
Use secure cookie for HTTPS sites (#26999)
If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's
default value should be true.

And, if a user visits an "http" site with "https" AppURL, they won't be
able to login, and they should have been warned. The only problem is
that the "language" can't be set either in such case, while I think it
is not a serious problem, and it could be fixed easily if needed.

![image](https://github.com/go-gitea/gitea/assets/2114189/7bc9a859-dcc1-467d-bc7c-1dd6a10389e3)
2023-09-11 17:03:51 +08:00
silverwind 6d96f0b0d1
Add fetch wrappers, ignore network errors in actions view (#26985)
1. Introduce lightweight `fetch` wrapper functions that automatically
sets csfr token, content-type and use it in `RepoActionView.vue`.
2. Fix a specific issue on `RepoActionView.vue` where a fetch network
error is shortly visible during page reload sometimes. It can be
reproduced by F5-in in quick succession on the actions view page and was
also producing a red error box on the page.

Once approved, we can replace all current `fetch` uses in UI with this
in another PR.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-11 10:25:10 +02:00
Infinoid de68953bac
Correct the database.LOG_SQL default value in config cheat sheet (#26997)
The default is false, fix the docs to reflect that.

Fixes: #26989
2023-09-10 15:45:06 +00:00
Lunny Xiao e97e883ad5
Add reverseproxy auth for API back with default disabled (#26703)
This feature was removed by #22219 to avoid possible CSRF attack.

This PR takes reverseproxy auth for API back but with default disabled.

To prevent possbile CSRF attack, the responsibility will be the
reverseproxy but not Gitea itself.

For those want to enable this `ENABLE_REVERSE_PROXY_AUTHENTICATION_API`,
they should know what they are doing.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-07 08:31:46 +00:00
silverwind e596806217
Update nginx recommendations (#26924)
- `Connection` and `Upgrade` [needed for
websockets](https://www.nginx.com/blog/websocket-nginx/)
- ~~`X-Real-IP` unnecessary and duplicate with `X-Forwarded-For`. [chi
checks both
headers](https://github.com/go-chi/chi/blob/master/middleware/realip.go),
but XFF is definitely the more "standard" one.~~
2023-09-06 17:49:45 +00:00
Panagiotis "Ivory" Vasilopoulos d1353ad55a
docs: Update Profile README information (#26947)
Follow-up of https://github.com/go-gitea/gitea/pull/26295
2023-09-06 10:22:50 -04:00
KazzmanK b3d88ada01
Add a documentation note for Windows Service (#26938)
Service may fail to start at boot time with timeout
Resolves #26934

Co-authored-by: Nikolay Kobzarev <n.kobzarev@aeronavigator.ru>
2023-09-06 11:14:12 +00:00
FuXiaoHei 460a2b0edf
Artifacts retention and auto clean up (#26131)
Currently, Artifact does not have an expiration and automatic cleanup
mechanism, and this feature needs to be added. It contains the following
key points:

- [x] add global artifact retention days option in config file. Default
value is 90 days.
- [x] add cron task to clean up expired artifacts. It should run once a
day.
- [x] support custom retention period from `retention-days: 5` in
`upload-artifact@v3`.
- [x] artifacts link in actions view should be non-clickable text when
expired.
2023-09-06 07:41:06 +00:00
Sven Seeberg 5f7fa27a44
Improve LDAP group config documentation, fixes #21159 (#21227)
Improve the wording of the LDAP group attributes documentation and
expand the examples.
2023-09-05 13:18:53 -04:00
JonRB 1859c5b636
Update backup instructions to align with archive structure (#26902)
Signed-off-by: JonRB <jon.roadleybattin@gmail.com>
fixes https://github.com/go-gitea/gitea/issues/25878
2023-09-05 09:26:12 +08:00
Lunny Xiao 1bfb3f78f6
Update documents to fix some links (#26885) 2023-09-03 18:45:20 +00:00
JonRB 99a5595408
clarify aspects of the dump command (#26887)
clarify aspects of the dump command

Possibly closes #26862

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-09-03 14:44:01 -04:00
CaiCandong 7477c93d62
Update docs about attachment path (#26883)
This change was caused by #26271, for configuration as below:
```
[attachment]
ENABLE = true
PATH = data/attachments
MAX_SIZE = 100
MAX_FILES = 5
```
Before #26271, the resolved path is ${AppWorkPath}/${attachments.PATH}
(such as `/var/lib/gitea/data/attachments`)
After #26271, the resolved path is ${AppDataPath}/${attachments.PATH}
(such as `/var/lib/gitea/data/data/attachments`)


Fix  https://github.com/go-gitea/gitea/issues/26864
Follow https://github.com/go-gitea/gitea/pull/26271
2023-09-03 11:40:10 +02:00
wxiaoguang 83208b4991
Improve the "bug report" template and "support options" document (#26753)
* `/help/support` is a better document than
`/administration/logging-config` for bug reporting
* Improve `support.en-us.md`
    * Move/add detailed contents into `Advanced Bug Report Tips` section
    * Merge `Chinese Support` section into `Support Options`
2023-08-28 22:37:39 +00:00
mainboarder c533991519
Expanded minimum RSA Keylength to 3072 (#26604)
German Federal Office for Information Security requests in its technical
guideline BSI TR-02102-1 RSA Keylength not shorter than 3000bits
starting 2024, in the year 2023 3000bits as a recommendation. Gitea
should request longer RSA Keys by default in favor of security and drop
old clients which do not support longer keys.


https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=9
- Page 19, Table 1.2

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-28 00:53:16 +00:00
Lunny Xiao 476b9d1589
Use docs.gitea.com instead of docs.gitea.io (#26739) 2023-08-27 11:59:12 +00:00
Thomas McWork 083b0b4770
Prefer variables over subprocesses (#26690)
… because it doesn't require a separate shell, spawning a process which
cost unnecessary resources and takes time.
2023-08-23 07:43:05 -05:00
Lunny Xiao 3b91b2d6b1
add mfa doc (#26654)
copy and modified from #14572 

> Whilst debating enforcing MFA within our team, I realised there isn't
a lot of context to the side effects of enabling it. Most of us use Git
over HTTP and would need to add a token.

I plan to add another PR that adds a sentence to the UI about needing to
generate a token when enabling MFA if HTTP is to be used.

---------

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
2023-08-22 21:56:11 -04:00
techknowlogick b3f7137174
Update minimum password length requirements (#25946) 2023-08-21 19:27:50 +00:00
lonix1 8f936488f7
docs: template variables (#26547)
Explanation for using gitea's variables in `.tmpl` files.

Thanks to @wxiaoguang for advising me on
[discord](https://discord.com/channels/322538954119184384/561007778139734027/1141217820441587722).
2023-08-19 00:24:27 +00:00
CaiCandong db7b0a1a4e
Update zh-cn documentation (#26406) 2023-08-14 01:35:49 -04:00
delvh e10ba5e5e0
Rename Sync2 -> Sync (#26479)
The xorm `Sync2` has already been deprecated in favor of `Sync`,
so let's do the same inside the Gitea codebase.

Command used to replace everything:
```sh
for i in $(ag Sync2 --files-with-matches); do vim $i -c ':%sno/Sync2/Sync/g' -c ':wq'; done
```
2023-08-13 21:17:21 +02:00
John Olheiser 2eb456dde2
Add matrix to support (#26382)
This PR adds our matrix space to the support options and alphabetizes
the list.

I also considered adding our Mastodon, however that isn't as suitable as
the other options because it's just whoever has access to the account vs
a community chat/forum.

---------

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-12 16:54:50 +02:00
CaiCandong b937adc54d
Update index doc (#26455)
In the previous feature description, numerous functionalities of Gitea
were listed, which appeared redundant and failed to highlight the unique
characteristics of Gitea. Therefore, I have rewritten this section based
on the description provided on the official Gitea website
2023-08-12 00:49:23 +00:00
Lunny Xiao 7e382a5555
Update upgrade documentation to add a check for deprecated configurations (#26451)
fix
https://github.com/go-gitea/gitea/issues/25995#issuecomment-1674096710

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-08-11 13:53:23 +08:00
Denys Konovalov 63ab92d797
Pre-register OAuth2 applications for git credential helpers (#26291)
This PR is an extended implementation of #25189 and builds upon the
proposal by @hickford in #25653, utilizing some ideas proposed
internally by @wxiaoguang.

Mainly, this PR consists of a mechanism to pre-register OAuth2
applications on startup, which can be enabled or disabled by modifying
the `[oauth2].DEFAULT_APPLICATIONS` parameter in app.ini. The OAuth2
applications registered this way are being marked as "locked" and
neither be deleted nor edited over UI to prevent confusing/unexpected
behavior. Instead, they're being removed if no longer enabled in config.


![grafik](https://github.com/go-gitea/gitea/assets/47871822/81a78b1c-4b68-40a7-9e99-c272ebb8f62e)

The implemented mechanism can also be used to pre-register other OAuth2
applications in the future, if wanted.

Co-authored-by: hickford <mirth.hickford@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

---------

Co-authored-by: M Hickford <mirth.hickford@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-09 14:24:07 +02:00
Track3 c1c83dbaec
[docs] Add missing backtick in quickstart.zh-cn.md (#26349)
Added missing backtick in quickstart.zh-cn.md docs so inline code can
render properly.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-06 00:28:25 +08:00
Lunny Xiao ecb04cc324
Remove backslashed newlines on markdown (#26344)
Fix https://gitea.com/gitea/gitea-docusaurus/issues/56
2023-08-05 12:48:46 +00:00
sillyguodong 68c652d8f3
Fix typos and grammer problems for actions documentation (#26328)
follow #26317
fix typos and adjust grammer problems.
2023-08-04 10:04:37 +00:00
sillyguodong 0da8ebc95b
Update documentation for 1.21 actions (#26317)
As title.
Close #26309
Related to #24724, #24806
2023-08-04 09:06:02 +00:00
Bård Aase 8ba54a2e16
Update Gmail example (#26302)
The `IS_TLS_ENABLED` option in the `mailer` section is deprecated. This
is specified by setting `PROTOCOL=smtps`
2023-08-03 18:20:40 +08:00
wxiaoguang 54c28fddd8
Clarify the logger's MODE config option (#26267)
1. Fix the wrong document (add the missing `MODE=`)
2. Add a more friendly log message to tell users to add `MODE=` in their
config

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-01 18:28:23 +00:00
minijaws ab0e588217
Update Arch linux URL from community to extra (#26273)
Arch linux package link has changed from the community repo to the extra repo.
The link has been updated.
2023-08-01 15:28:20 +00:00
Denys Konovalov fc6c3d626e
Mention devtest in frontend contributing guidelines (#26249)
Our `devtest` page contains some good UI examples which should be taken
as example when working on Gitea UI. Mention it in our frontend
contributing guidelines to for new contributors to know about it.
2023-07-31 12:49:21 +02:00
Panagiotis "Ivory" Vasilopoulos d58c542579
Add 'Show on a map' button to Location in profile, fix layout (#26214)
Not too important, but I think that it'd be a pretty neat touch.

Also fixes some layout bugs introduced by a previous PR.

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Caesar Schinas <caesar@caesarschinas.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-31 08:44:45 +00:00
wxiaoguang 8baa42c8d7
Calculate MAX_WORKERS default value by CPU number (#26177)
To avoid consuming user's 100% CPU, limit the default value of
MAX_WORKERS

Fix #26063 (the CPU 100% problem mentioned in it)
2023-07-27 16:40:35 +08:00
Felix Victor 0533187f28
Update email-setup.en-us.md (#26068)
The setting `MAILER_TYPE` is deprecated.
According to the config cheat sheet, it should be `PROTOCOL`.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-07-26 21:50:15 +08:00
Upstream8022 df9afe3aa8
Update Chinese documents (#26139)
Update part of the documents, translate English to Chinese.
2023-07-26 07:28:44 +00:00
John Olheiser bd4c7ce578
Docusaurus-ify (#26051)
This PR cleans up the docs in a way to make them simpler to ingest by
our [docs repo](https://gitea.com/gitea/gitea-docusaurus).

1. It includes all of the sed invocations our ingestion did, removing
the need to do it at build time.
2. It replaces the shortcode variable replacement method with
`@variable@` style, simply for easier sed invocations when required.
3. It removes unused files and moves the docs up a level as cleanup.

---------

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-07-26 04:53:13 +00:00
wxiaoguang 915cdf8f87
Remove "misc" scope check from public API endpoints (#26134)
Fix #26035
2023-07-26 02:53:31 +00:00
thigg 5446d65b0a
added ssh mirror workaround description (#26096)
related #1635 #18159

This will probably be obsolete at some point, but it should not break
anything and it may help some users
2023-07-25 16:06:35 +00:00
wxiaoguang 1ce51a55e3
Improve "gitea doctor" sub-command and fix "help" commands (#26072)
Replace #21790

And close #25965 by the way (it needs a separate fix for 1.20)

Major changes:

1. Move "gitea convert" to "gitea doctor conver". The old "gitea doctor"
still works as a hidden sub-command (to avoid breaking)
2. Do not write "doctor.log" by default, it's not useful in most cases
and causes bugs like 25965
3. Improve documents
4. Fix the "help" commands. Before, the "./gitea doctor" can't show the
sub-command help correctly (regression of the last cli/v2 refactoring)

After this PR:

```
./gitea help # show all sub-commands for the app
./gitea doctor # show the sub-commands for the "doctor"
./gitea doctor help # show the sub-commands for the "doctor", as above
```
2023-07-25 14:38:27 +00:00
caicandong af1ffbcd63
doc sync authentication.md to zh-cn (#26117)
as title
2023-07-25 07:52:55 +00:00
caicandong ebb98d7246
doc guide the user to create the appropriate level runner (#26091)
close #26045
2023-07-24 22:39:10 +08:00
JonRB acc74c2fc6
Update secrets.en-us.md (#26057)
Present documentation does not capture that secrets are only visible if
ACTIONS are enabled for a repository. This PR adds a short note
2023-07-22 09:34:01 +00:00
wxiaoguang 52fb936773
Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974)
Replace #25892

Close  #21942
Close  #25464

Major changes:

1. Serve "robots.txt" and ".well-known/security.txt" in the "public"
custom path
* All files in "public/.well-known" can be served, just like
"public/assets"
3. Add a test for ".well-known/security.txt"
4. Simplify the "FileHandlerFunc" logic, now the paths are consistent so
the code can be simpler
5. Add CORS header for ".well-known" endpoints
6. Add logs to tell users they should move some of their legacy custom
public files

```
2023/07/19 13:00:37 cmd/web.go:178:serveInstalled() [E] Found legacy public asset "img" in CustomPath. Please move it to /work/gitea/custom/public/assets/img
2023/07/19 13:00:37 cmd/web.go:182:serveInstalled() [E] Found legacy public asset "robots.txt" in CustomPath. Please move it to /work/gitea/custom/public/robots.txt
```
This PR is not breaking.

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-21 12:14:20 +00:00
wxiaoguang d0dbe52e76
Refactor to use urfave/cli/v2 (#25959)
Replace #10912

And there are many new tests to cover the CLI behavior

There were some concerns about the "option order in hook scripts"
(https://github.com/go-gitea/gitea/pull/10912#issuecomment-1137543314),
it's not a problem now. Because the hook script uses `/gitea hook
--config=/app.ini pre-receive` format. The "config" is a global option,
it can appear anywhere.

----

## ⚠️ BREAKING ⚠️

This PR does it best to avoid breaking anything. The major changes are:

* `gitea` itself won't accept web's options: `--install-port` / `--pid`
/ `--port` / `--quiet` / `--verbose` .... They are `web` sub-command's
options.
    * Use `./gitea web --pid ....` instead
* `./gitea` can still run the `web` sub-command as shorthand, with
default options
* The sub-command's options must follow the sub-command
* Before: `./gitea --sub-opt subcmd` might equal to `./gitea subcmd
--sub-opt` (well, might not ...)
    * After: only `./gitea subcmd --sub-opt` could be used
    * The global options like `--config` are not affected
2023-07-21 17:28:19 +08:00
Dominik Heidler 2e128dd1fc
RPM Registry: Show zypper commands for SUSE based distros as well (#25981)
After RPM is supported with https://github.com/go-gitea/gitea/pull/23380
let's show the user
how to add the repo and install the RPM via all common package managers.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-20 17:37:31 +02:00
John Olheiser 0ef2919bb6
Correctly refer to dev tags as nightly in the docker docs (#26004)
As title, `dev` tags are no longer used since we switched to `nightly`

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-07-20 17:26:02 +08:00
wxiaoguang 50e14699d3
Update path related documents (#25417)
Update WorkPath/WORK_PATH related documents, remove out-dated
information.

Remove "StaticRootPath" on the admin config display page, because few
end user really need it, it only causes misconfiguration.


![image](https://github.com/go-gitea/gitea/assets/2114189/8095afa4-da76-436b-9e89-2a92c229c01d)

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-19 11:22:57 +02:00