Commit graph

1207 commits

Author SHA1 Message Date
KN4CK3R
c6c829fe3f
Enhanced auth token / remember me (#27606)
Closes #27455

> The mechanism responsible for long-term authentication (the 'remember
me' cookie) uses a weak construction technique. It will hash the user's
hashed password and the rands value; it will then call the secure cookie
code, which will encrypt the user's name with the computed hash. If one
were able to dump the database, they could extract those two values to
rebuild that cookie and impersonate a user. That vulnerability exists
from the date the dump was obtained until a user changed their password.
> 
> To fix this security issue, the cookie could be created and verified
using a different technique such as the one explained at
https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies.

The PR removes the now obsolete setting `COOKIE_USERNAME`.
2023-10-14 00:56:41 +00:00
techknowlogick
c573d96b70
rm outdated docs from some languages (#27530)
related to #27499
2023-10-13 19:29:18 +00:00
Lunny Xiao
dca195e9bd
Fix the robots.txt path 2023-10-11 18:01:52 +08:00
Lunny Xiao
7ff1f2527c
Make actions default enabled for newly created repository if global configuraion enabled (#27482) 2023-10-10 14:45:31 +00:00
Nanguan Lin
5b6258a0b9
Fix the wrong HTTP response status code for duplicate packages (#27480)
fix #27470 
(hope there is nothing missing 😢 )

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-10-10 15:39:58 +02:00
Jason Song
2c7b6c378e
Increase queue length (#27555) 2023-10-10 18:47:49 +08:00
Nanguan Lin
28ead9ea62
Improve docs about register/run as a service (#27461)
As title
2023-10-09 13:20:16 +00:00
KN4CK3R
e94a4ad28d
Add docs section for sub-paths with the container registry (#27505)
Fixes #21092

suggested by
https://github.com/go-gitea/gitea/issues/21092#issuecomment-1749965397

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-10-09 12:45:41 +08:00
M Hickford
a825cc0f34
Pre-register OAuth application for tea (#27509)
It remains to implement OAuth login in tea
https://gitea.com/gitea/tea/issues/598

Fixes #27510
2023-10-08 03:51:08 +00:00
silverwind
56ea9a4225
Enable markdownlint no-duplicate-header (#27500)
Duplicate headers in a single Markdown document are problemlematic
because the auto-generated links won't be stable. Enable this rule with
no exceptions which is also the default of `markdownlint`. For example:

```md
# A
## Example
# B
## Example
```
Docasaurus will generated `example` and `example-1` links for this. If
the first heading is altered, the link `example` will unexpectedly move
to the second example heading.

Ref: https://github.com/go-gitea/gitea/pull/27461#discussion_r1347987659
2023-10-07 15:30:21 +02:00
silverwind
023e937141
Rename the default themes to gitea-light, gitea-dark, gitea-auto (#27419)
Part of https://github.com/go-gitea/gitea/issues/27097:

- `gitea` theme is renamed to `gitea-light`
- `arc-green` theme is renamed to `gitea-dark`
- `auto` theme is renamed to `gitea-auto`

I put both themes in separate CSS files, removing all colors from the
base CSS. Existing users will be migrated to the new theme names. The
dark theme recolor will follow in a separate PR.

## ⚠️ BREAKING ⚠️

1. If there are existing custom themes with the names `gitea-light` or
`gitea-dark`, rename them before this upgrade and update the `theme`
column in the `user` table for each affected user.
2. The theme in `<html>` has moved from `class="theme-name"` to
`data-theme="name"`, existing customizations that depend on should be
updated.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-10-06 09:46:36 +02:00
Andrew Imeson
04e88e6ca5
Rephrase template documentation to be more clear about .gitea/template (#27450)
Closes #27336

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-10-06 14:51:33 +08:00
Nanguan Lin
7014ee0e39
Fix Installation from package doc (#27459)
Fix the title size and add notes to the Gitea snap package.
Related issue #27424, #27423, #27422, #27420
2023-10-05 21:57:28 +08:00
silverwind
e94f9fcafd
Require MySQL 8.0, PostgreSQL 12, MSSQL 2012 (#27337)
- MySQL 5.7 support and testing is dropped
- MySQL tests now execute against 8.1, up from 5.7 and 8.0
- PostgreSQL 10 and 11 support ist dropped
- PostgreSQL tests now execute against 16, up from 15
- MSSQL 2008 support is dropped
- MSSQL tests now run against locked 2022 version

Fixes: https://github.com/go-gitea/gitea/issues/25657

Ref: https://endoflife.date/mysql
Ref: https://endoflife.date/postgresql
Ref: https://endoflife.date/mssqlserver

## ⚠️ BREAKING ⚠️

Support for MySQL 5.7, PostgreSQL 10 and 11, and MSSQL 2008 is dropped.
You are encouraged to upgrade to supported versions.

---------

Co-authored-by: techknowlogick <techknowlogick@gitea.com>
2023-10-03 13:27:57 -04:00
Francesco Antognazza
bc21723717
Make Actions tasks/jobs timeouts configurable by the user (#27400)
With this PR we added the possibility to configure the Actions timeouts
values for killing tasks/jobs.
Particularly this enhancement is closely related to the `act_runner`
configuration reported below:
```
# The timeout for a job to be finished.
# Please note that the Gitea instance also has a timeout (3h by default) for the job.
# So the job could be stopped by the Gitea instance if it's timeout is shorter than this.
timeout: 3h
```

---

Setting the corresponding key in the INI configuration file, it is
possible to let jobs run for more than 3 hours.

Signed-off-by: Francesco Antognazza <francesco.antognazza@gmail.com>
2023-10-02 23:09:26 +02:00
Lunny Xiao
4999d909a6
Remove upgrade from Gogs doc because the diverse has been 7 years and the code base changed totally (#27387)
The documentation becomes no help since that but make people confusing.
2023-10-02 14:53:55 +08:00
Ayaka
79e1f27eda
Fix incorrect Chinese translation of linked-references.zh-cn.md (#27382)
---

The original text "To address this" should be translated to "为了解决这个问题".
"工单" looks like corresponds to "issue".
2023-10-02 06:13:08 +00:00
Marcin Kuźmiński
89fa8f9896
Update comparison page with RhodeCode CE & EE (#27329)
Update RhodeCode features and add EE version
2023-09-29 13:31:54 +08:00
Lunny Xiao
5600504eed
Fix chinese translation (#27296)
Fix translation from #27291 
Source Map will be kept as English in Chinese usage habit.
2023-09-27 08:15:12 +00:00
silverwind
c5247eff73
Enable production source maps for index.js, fix CSS sourcemaps (#27291)
Previously, the production build never output sourcemaps. Now we emit
one file for `index.js` because it is the most likely one where we need
to be able to better debug reported issues like
https://github.com/go-gitea/gitea/issues/27213. This will currently
increase the binary size of gitea by around 700kB which is what the
gzipped source map file has.

Also, I fixed the CSS sourcemap generation which was broken since the
introduction of lightningcss.
2023-09-26 22:05:49 -04:00
techknowlogick
0816463cf4
Update database-preparation and add note re: MariaDB (#27232)
update DB docs per feedback.
https://gitea.com/gitea/gitea-docusaurus/issues/69
2023-09-24 21:24:17 +00:00
Zettat123
9336286e35
Improve actions docs related to pull_request event (#27126)
Related to #27039

The `ref` property in Gitea Actions is different from GitHub Actions.
This PR improves the documentation to explain the difference.
2023-09-20 06:28:35 +00:00
delvh
24a215e317
Remove outdated paragraphs when comparing Gitea Actions to GitHub Actions (#27119)
No backport needed as this new state only applies to 1.21+

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-09-20 11:02:58 +08:00
silverwind
ae8e8f055e
Use fetch helpers instead of fetch (#27026)
WIP because:

- [x] Some calls set a `content-type` but send no body, can likely
remove the header
- [x] Need to check whether `charset=utf-8` has any significance on the
webauthn calls, I assume not as it is the default for json content.
- [x] Maybe `no-restricted-globals` is better for eslint, but will
require a lot of duplication in the yaml or moving eslint config to a
`.js` extension.
- [x] Maybe export `request` as `fetch`, shadowing the global.
2023-09-19 00:50:30 +00:00
KN4CK3R
ed64f1c2b8
Support .git-blame-ignore-revs file (#26395)
Closes #26329

This PR adds the ability to ignore revisions specified in the
`.git-blame-ignore-revs` file in the root of the repository.


![grafik](https://github.com/go-gitea/gitea/assets/1666336/9e91be0c-6e9c-431c-bbe9-5f80154251c8)

The banner is displayed in this case. I intentionally did not add a UI
way to bypass the ignore file (same behaviour as Github) but you can add
`?bypass-blame-ignore=true` to the url manually.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-16 17:42:34 +00:00
Lunny Xiao
e5ec57cd60
Actions are no longer experimental, so enable them by default (#27054)
This PR makes the actions enabled by default, so people will find it
easier to enable actions in repository setting.
2023-09-15 06:43:39 +00:00
Lunny Xiao
3cd719a63d
Update brew installation documentation since gitea moved to brew core package (#27070)
ref: https://gitea.com/gitea/homebrew-gitea/pulls/178
2023-09-15 06:14:24 +00:00
merlleu
e6a059a3d0
add sparse url in cargo package guide (#26937)
Hello,

The current package guide for cargo gives you only the git index, with
the HTTP Index stabilized being used as default for crates.io and being
better for most use-cases.

However, it's not documented that gitea supports the sparse spec, and it
does not require the _crates-index git repo for the sparse api.

I personally think we should push users to use the sparse instead of the
git repository. (Even let users disable crates-index repos if they only
want to use sparse)
2023-09-13 12:14:10 +08:00
wxiaoguang
998cea5888
Use secure cookie for HTTPS sites (#26999)
If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's
default value should be true.

And, if a user visits an "http" site with "https" AppURL, they won't be
able to login, and they should have been warned. The only problem is
that the "language" can't be set either in such case, while I think it
is not a serious problem, and it could be fixed easily if needed.

![image](https://github.com/go-gitea/gitea/assets/2114189/7bc9a859-dcc1-467d-bc7c-1dd6a10389e3)
2023-09-11 17:03:51 +08:00
silverwind
6d96f0b0d1
Add fetch wrappers, ignore network errors in actions view (#26985)
1. Introduce lightweight `fetch` wrapper functions that automatically
sets csfr token, content-type and use it in `RepoActionView.vue`.
2. Fix a specific issue on `RepoActionView.vue` where a fetch network
error is shortly visible during page reload sometimes. It can be
reproduced by F5-in in quick succession on the actions view page and was
also producing a red error box on the page.

Once approved, we can replace all current `fetch` uses in UI with this
in another PR.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-11 10:25:10 +02:00
Infinoid
de68953bac
Correct the database.LOG_SQL default value in config cheat sheet (#26997)
The default is false, fix the docs to reflect that.

Fixes: #26989
2023-09-10 15:45:06 +00:00
Lunny Xiao
e97e883ad5
Add reverseproxy auth for API back with default disabled (#26703)
This feature was removed by #22219 to avoid possible CSRF attack.

This PR takes reverseproxy auth for API back but with default disabled.

To prevent possbile CSRF attack, the responsibility will be the
reverseproxy but not Gitea itself.

For those want to enable this `ENABLE_REVERSE_PROXY_AUTHENTICATION_API`,
they should know what they are doing.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-07 08:31:46 +00:00
silverwind
e596806217
Update nginx recommendations (#26924)
- `Connection` and `Upgrade` [needed for
websockets](https://www.nginx.com/blog/websocket-nginx/)
- ~~`X-Real-IP` unnecessary and duplicate with `X-Forwarded-For`. [chi
checks both
headers](https://github.com/go-chi/chi/blob/master/middleware/realip.go),
but XFF is definitely the more "standard" one.~~
2023-09-06 17:49:45 +00:00
Panagiotis "Ivory" Vasilopoulos
d1353ad55a
docs: Update Profile README information (#26947)
Follow-up of https://github.com/go-gitea/gitea/pull/26295
2023-09-06 10:22:50 -04:00
KazzmanK
b3d88ada01
Add a documentation note for Windows Service (#26938)
Service may fail to start at boot time with timeout
Resolves #26934

Co-authored-by: Nikolay Kobzarev <n.kobzarev@aeronavigator.ru>
2023-09-06 11:14:12 +00:00
FuXiaoHei
460a2b0edf
Artifacts retention and auto clean up (#26131)
Currently, Artifact does not have an expiration and automatic cleanup
mechanism, and this feature needs to be added. It contains the following
key points:

- [x] add global artifact retention days option in config file. Default
value is 90 days.
- [x] add cron task to clean up expired artifacts. It should run once a
day.
- [x] support custom retention period from `retention-days: 5` in
`upload-artifact@v3`.
- [x] artifacts link in actions view should be non-clickable text when
expired.
2023-09-06 07:41:06 +00:00
Sven Seeberg
5f7fa27a44
Improve LDAP group config documentation, fixes #21159 (#21227)
Improve the wording of the LDAP group attributes documentation and
expand the examples.
2023-09-05 13:18:53 -04:00
JonRB
1859c5b636
Update backup instructions to align with archive structure (#26902)
Signed-off-by: JonRB <jon.roadleybattin@gmail.com>
fixes https://github.com/go-gitea/gitea/issues/25878
2023-09-05 09:26:12 +08:00
Lunny Xiao
1bfb3f78f6
Update documents to fix some links (#26885) 2023-09-03 18:45:20 +00:00
JonRB
99a5595408
clarify aspects of the dump command (#26887)
clarify aspects of the dump command

Possibly closes #26862

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-09-03 14:44:01 -04:00
CaiCandong
7477c93d62
Update docs about attachment path (#26883)
This change was caused by #26271, for configuration as below:
```
[attachment]
ENABLE = true
PATH = data/attachments
MAX_SIZE = 100
MAX_FILES = 5
```
Before #26271, the resolved path is ${AppWorkPath}/${attachments.PATH}
(such as `/var/lib/gitea/data/attachments`)
After #26271, the resolved path is ${AppDataPath}/${attachments.PATH}
(such as `/var/lib/gitea/data/data/attachments`)


Fix  https://github.com/go-gitea/gitea/issues/26864
Follow https://github.com/go-gitea/gitea/pull/26271
2023-09-03 11:40:10 +02:00
wxiaoguang
83208b4991
Improve the "bug report" template and "support options" document (#26753)
* `/help/support` is a better document than
`/administration/logging-config` for bug reporting
* Improve `support.en-us.md`
    * Move/add detailed contents into `Advanced Bug Report Tips` section
    * Merge `Chinese Support` section into `Support Options`
2023-08-28 22:37:39 +00:00
mainboarder
c533991519
Expanded minimum RSA Keylength to 3072 (#26604)
German Federal Office for Information Security requests in its technical
guideline BSI TR-02102-1 RSA Keylength not shorter than 3000bits
starting 2024, in the year 2023 3000bits as a recommendation. Gitea
should request longer RSA Keys by default in favor of security and drop
old clients which do not support longer keys.


https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=9
- Page 19, Table 1.2

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-28 00:53:16 +00:00
Lunny Xiao
476b9d1589
Use docs.gitea.com instead of docs.gitea.io (#26739) 2023-08-27 11:59:12 +00:00
Thomas McWork
083b0b4770
Prefer variables over subprocesses (#26690)
… because it doesn't require a separate shell, spawning a process which
cost unnecessary resources and takes time.
2023-08-23 07:43:05 -05:00
Lunny Xiao
3b91b2d6b1
add mfa doc (#26654)
copy and modified from #14572 

> Whilst debating enforcing MFA within our team, I realised there isn't
a lot of context to the side effects of enabling it. Most of us use Git
over HTTP and would need to add a token.

I plan to add another PR that adds a sentence to the UI about needing to
generate a token when enabling MFA if HTTP is to be used.

---------

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
2023-08-22 21:56:11 -04:00
techknowlogick
b3f7137174
Update minimum password length requirements (#25946) 2023-08-21 19:27:50 +00:00
lonix1
8f936488f7
docs: template variables (#26547)
Explanation for using gitea's variables in `.tmpl` files.

Thanks to @wxiaoguang for advising me on
[discord](https://discord.com/channels/322538954119184384/561007778139734027/1141217820441587722).
2023-08-19 00:24:27 +00:00
CaiCandong
db7b0a1a4e
Update zh-cn documentation (#26406) 2023-08-14 01:35:49 -04:00
delvh
e10ba5e5e0
Rename Sync2 -> Sync (#26479)
The xorm `Sync2` has already been deprecated in favor of `Sync`,
so let's do the same inside the Gitea codebase.

Command used to replace everything:
```sh
for i in $(ag Sync2 --files-with-matches); do vim $i -c ':%sno/Sync2/Sync/g' -c ':wq'; done
```
2023-08-13 21:17:21 +02:00
John Olheiser
2eb456dde2
Add matrix to support (#26382)
This PR adds our matrix space to the support options and alphabetizes
the list.

I also considered adding our Mastodon, however that isn't as suitable as
the other options because it's just whoever has access to the account vs
a community chat/forum.

---------

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-12 16:54:50 +02:00
CaiCandong
b937adc54d
Update index doc (#26455)
In the previous feature description, numerous functionalities of Gitea
were listed, which appeared redundant and failed to highlight the unique
characteristics of Gitea. Therefore, I have rewritten this section based
on the description provided on the official Gitea website
2023-08-12 00:49:23 +00:00
Lunny Xiao
7e382a5555
Update upgrade documentation to add a check for deprecated configurations (#26451)
fix
https://github.com/go-gitea/gitea/issues/25995#issuecomment-1674096710

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-08-11 13:53:23 +08:00
Denys Konovalov
63ab92d797
Pre-register OAuth2 applications for git credential helpers (#26291)
This PR is an extended implementation of #25189 and builds upon the
proposal by @hickford in #25653, utilizing some ideas proposed
internally by @wxiaoguang.

Mainly, this PR consists of a mechanism to pre-register OAuth2
applications on startup, which can be enabled or disabled by modifying
the `[oauth2].DEFAULT_APPLICATIONS` parameter in app.ini. The OAuth2
applications registered this way are being marked as "locked" and
neither be deleted nor edited over UI to prevent confusing/unexpected
behavior. Instead, they're being removed if no longer enabled in config.


![grafik](https://github.com/go-gitea/gitea/assets/47871822/81a78b1c-4b68-40a7-9e99-c272ebb8f62e)

The implemented mechanism can also be used to pre-register other OAuth2
applications in the future, if wanted.

Co-authored-by: hickford <mirth.hickford@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

---------

Co-authored-by: M Hickford <mirth.hickford@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-09 14:24:07 +02:00
Track3
c1c83dbaec
[docs] Add missing backtick in quickstart.zh-cn.md (#26349)
Added missing backtick in quickstart.zh-cn.md docs so inline code can
render properly.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-06 00:28:25 +08:00
Lunny Xiao
ecb04cc324
Remove backslashed newlines on markdown (#26344)
Fix https://gitea.com/gitea/gitea-docusaurus/issues/56
2023-08-05 12:48:46 +00:00
sillyguodong
68c652d8f3
Fix typos and grammer problems for actions documentation (#26328)
follow #26317
fix typos and adjust grammer problems.
2023-08-04 10:04:37 +00:00
sillyguodong
0da8ebc95b
Update documentation for 1.21 actions (#26317)
As title.
Close #26309
Related to #24724, #24806
2023-08-04 09:06:02 +00:00
Bård Aase
8ba54a2e16
Update Gmail example (#26302)
The `IS_TLS_ENABLED` option in the `mailer` section is deprecated. This
is specified by setting `PROTOCOL=smtps`
2023-08-03 18:20:40 +08:00
wxiaoguang
54c28fddd8
Clarify the logger's MODE config option (#26267)
1. Fix the wrong document (add the missing `MODE=`)
2. Add a more friendly log message to tell users to add `MODE=` in their
config

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-01 18:28:23 +00:00
minijaws
ab0e588217
Update Arch linux URL from community to extra (#26273)
Arch linux package link has changed from the community repo to the extra repo.
The link has been updated.
2023-08-01 15:28:20 +00:00
Denys Konovalov
fc6c3d626e
Mention devtest in frontend contributing guidelines (#26249)
Our `devtest` page contains some good UI examples which should be taken
as example when working on Gitea UI. Mention it in our frontend
contributing guidelines to for new contributors to know about it.
2023-07-31 12:49:21 +02:00
Panagiotis "Ivory" Vasilopoulos
d58c542579
Add 'Show on a map' button to Location in profile, fix layout (#26214)
Not too important, but I think that it'd be a pretty neat touch.

Also fixes some layout bugs introduced by a previous PR.

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Caesar Schinas <caesar@caesarschinas.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-31 08:44:45 +00:00
wxiaoguang
8baa42c8d7
Calculate MAX_WORKERS default value by CPU number (#26177)
To avoid consuming user's 100% CPU, limit the default value of
MAX_WORKERS

Fix #26063 (the CPU 100% problem mentioned in it)
2023-07-27 16:40:35 +08:00
Felix Victor
0533187f28
Update email-setup.en-us.md (#26068)
The setting `MAILER_TYPE` is deprecated.
According to the config cheat sheet, it should be `PROTOCOL`.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-07-26 21:50:15 +08:00
Upstream8022
df9afe3aa8
Update Chinese documents (#26139)
Update part of the documents, translate English to Chinese.
2023-07-26 07:28:44 +00:00
John Olheiser
bd4c7ce578
Docusaurus-ify (#26051)
This PR cleans up the docs in a way to make them simpler to ingest by
our [docs repo](https://gitea.com/gitea/gitea-docusaurus).

1. It includes all of the sed invocations our ingestion did, removing
the need to do it at build time.
2. It replaces the shortcode variable replacement method with
`@variable@` style, simply for easier sed invocations when required.
3. It removes unused files and moves the docs up a level as cleanup.

---------

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-07-26 04:53:13 +00:00
wxiaoguang
915cdf8f87
Remove "misc" scope check from public API endpoints (#26134)
Fix #26035
2023-07-26 02:53:31 +00:00
thigg
5446d65b0a
added ssh mirror workaround description (#26096)
related #1635 #18159

This will probably be obsolete at some point, but it should not break
anything and it may help some users
2023-07-25 16:06:35 +00:00
wxiaoguang
1ce51a55e3
Improve "gitea doctor" sub-command and fix "help" commands (#26072)
Replace #21790

And close #25965 by the way (it needs a separate fix for 1.20)

Major changes:

1. Move "gitea convert" to "gitea doctor conver". The old "gitea doctor"
still works as a hidden sub-command (to avoid breaking)
2. Do not write "doctor.log" by default, it's not useful in most cases
and causes bugs like 25965
3. Improve documents
4. Fix the "help" commands. Before, the "./gitea doctor" can't show the
sub-command help correctly (regression of the last cli/v2 refactoring)

After this PR:

```
./gitea help # show all sub-commands for the app
./gitea doctor # show the sub-commands for the "doctor"
./gitea doctor help # show the sub-commands for the "doctor", as above
```
2023-07-25 14:38:27 +00:00
caicandong
af1ffbcd63
doc sync authentication.md to zh-cn (#26117)
as title
2023-07-25 07:52:55 +00:00
caicandong
ebb98d7246
doc guide the user to create the appropriate level runner (#26091)
close #26045
2023-07-24 22:39:10 +08:00
JonRB
acc74c2fc6
Update secrets.en-us.md (#26057)
Present documentation does not capture that secrets are only visible if
ACTIONS are enabled for a repository. This PR adds a short note
2023-07-22 09:34:01 +00:00
wxiaoguang
52fb936773
Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974)
Replace #25892

Close  #21942
Close  #25464

Major changes:

1. Serve "robots.txt" and ".well-known/security.txt" in the "public"
custom path
* All files in "public/.well-known" can be served, just like
"public/assets"
3. Add a test for ".well-known/security.txt"
4. Simplify the "FileHandlerFunc" logic, now the paths are consistent so
the code can be simpler
5. Add CORS header for ".well-known" endpoints
6. Add logs to tell users they should move some of their legacy custom
public files

```
2023/07/19 13:00:37 cmd/web.go:178:serveInstalled() [E] Found legacy public asset "img" in CustomPath. Please move it to /work/gitea/custom/public/assets/img
2023/07/19 13:00:37 cmd/web.go:182:serveInstalled() [E] Found legacy public asset "robots.txt" in CustomPath. Please move it to /work/gitea/custom/public/robots.txt
```
This PR is not breaking.

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-21 12:14:20 +00:00
wxiaoguang
d0dbe52e76
Refactor to use urfave/cli/v2 (#25959)
Replace #10912

And there are many new tests to cover the CLI behavior

There were some concerns about the "option order in hook scripts"
(https://github.com/go-gitea/gitea/pull/10912#issuecomment-1137543314),
it's not a problem now. Because the hook script uses `/gitea hook
--config=/app.ini pre-receive` format. The "config" is a global option,
it can appear anywhere.

----

## ⚠️ BREAKING ⚠️

This PR does it best to avoid breaking anything. The major changes are:

* `gitea` itself won't accept web's options: `--install-port` / `--pid`
/ `--port` / `--quiet` / `--verbose` .... They are `web` sub-command's
options.
    * Use `./gitea web --pid ....` instead
* `./gitea` can still run the `web` sub-command as shorthand, with
default options
* The sub-command's options must follow the sub-command
* Before: `./gitea --sub-opt subcmd` might equal to `./gitea subcmd
--sub-opt` (well, might not ...)
    * After: only `./gitea subcmd --sub-opt` could be used
    * The global options like `--config` are not affected
2023-07-21 17:28:19 +08:00
Dominik Heidler
2e128dd1fc
RPM Registry: Show zypper commands for SUSE based distros as well (#25981)
After RPM is supported with https://github.com/go-gitea/gitea/pull/23380
let's show the user
how to add the repo and install the RPM via all common package managers.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-20 17:37:31 +02:00
John Olheiser
0ef2919bb6
Correctly refer to dev tags as nightly in the docker docs (#26004)
As title, `dev` tags are no longer used since we switched to `nightly`

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-07-20 17:26:02 +08:00
wxiaoguang
50e14699d3
Update path related documents (#25417)
Update WorkPath/WORK_PATH related documents, remove out-dated
information.

Remove "StaticRootPath" on the admin config display page, because few
end user really need it, it only causes misconfiguration.


![image](https://github.com/go-gitea/gitea/assets/2114189/8095afa4-da76-436b-9e89-2a92c229c01d)

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-19 11:22:57 +02:00
wxiaoguang
faa28b5a44
Move public asset files to the proper directory (#25907)
Move `public/*` to `public/assets/*`

Some old PRs (like #15219) introduced inconsistent directory system.

For example: why the local directory "public" is accessed by
`http://site/assets`? How to serve the ".well-known" files properly in
the public directory?

For convention rules, the "public" directory is widely used for the
website's root directory. It shouldn't be an exception for Gitea.

So, this PR makes the things consistent:

* `http://site/assets/foo` means `{CustomPath}/public/assets/foo`.
* `{CustomPath}/public/.well-known` and `{CustomPath}/public/robots.txt`
can be used in the future.

This PR is also a prerequisite for a clear solution for:
* #21942
* #25892 
* discourse.gitea.io: [.well-known path serving custom files behind
proxy?](https://discourse.gitea.io/t/well-known-path-serving-custom-files-behind-proxy/5445/1)

This PR is breaking for users who have custom "public" files (CSS/JS).
After getting approvals, I will update the documents.

----

## ⚠️ BREAKING ⚠️

If you have files in your "custom/public/" folder, please move them to
"custom/public/assets/".

---------

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-18 18:06:43 +02:00
HesterG
b137a03297
Update blog links (#25843)
As title. Permalinks for lastest version of blog has changed, update the
blog links.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-12 11:35:07 +00:00
wxiaoguang
fa0b5b14c2
Make "install page" respect environment config (#25648)
Replace #25580

Fix #19453

The problem was: when users set "GITEA__XXX__YYY" , the "install page"
doesn't respect it.

So, to make the result consistent and avoid surprising end users, now
the "install page" also writes the environment variables to the config
file.

And, to make things clear, there are enough messages on the UI to tell
users what will happen.

There are some necessary/related changes to `environment-to-ini.go`:

* The "--clear" flag is removed and it was incorrectly written there.
The "clear" operation should be done if INSTALL_LOCK=true
* The "--prefix" flag is removed because it's never used, never
documented and it only causes inconsistent behavior.


![image](https://github.com/go-gitea/gitea/assets/2114189/12778ee4-3fb5-4664-a73a-41ebbd77cd5b)
2023-07-09 22:43:37 +00:00
leavesster
52b3052757
docs: rootless docker ssh's default port is 2222 (#25771) 2023-07-08 11:38:35 -04:00
wxiaoguang
cea9401634
Following-up improvments for various PRs (#25620)
For:

* #22743
* #25408
* #25412
* #25588
2023-07-01 14:00:10 -04:00
Jason Song
67bd9d4f1e
Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581)
Resolve #24789

## ⚠️ BREAKING ⚠️

Before this, `DEFAULT_ACTIONS_URL` cound be set to any custom URLs like
`https://gitea.com` or `http://your-git-server,https://gitea.com`, and
the default value was `https://gitea.com`.

But now, `DEFAULT_ACTIONS_URL` supports only
`github`(`https://github.com`) or `self`(the root url of current Gitea
instance), and the default value is `github`.

If it has configured with a URL, an error log will be displayed and it
will fallback to `github`.

Actually, what we really want to do is always make it
`https://github.com`, however, this may not be acceptable for some
instances of internal use, so there's extra support for `self`, but no
more, even `https://gitea.com`.

Please note that `uses: https://xxx/yyy/zzz` always works and it does
exactly what it is supposed to do.

Although it's breaking, I belive it should be backported to `v1.20` due
to some security issues.

Follow-up on the runner side:

- https://gitea.com/gitea/act_runner/pulls/262
- https://gitea.com/gitea/act/pulls/70
2023-06-30 07:26:36 +00:00
Zettat123
72b3af74be
Add documentation about supported workflow trigger events (#25582)
Right now Gitea doesn't support all [Events that trigger
workflows](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows).
This PR lists the supported events to help users write workflow files.
2023-06-29 19:45:53 +08:00
techknowlogick
50dc2d5f5f
Document creating an API key from the CLI (#25504) (#25510)
Frontport of #25504

Credit to @lonix1

Co-authored-by: lonix1 <40320097+lonix1@users.noreply.github.com>
Co-authored-by: delvh <dev.lh@web.de>
2023-06-26 05:13:20 +00:00
Lunny Xiao
9c62ca5689
Fix default value for LocalURL (#25426)
Fix #23769
2023-06-24 11:56:29 +08:00
Jason Song
375fd15fbf
Refactor indexer (#25174)
Refactor `modules/indexer` to make it more maintainable. And it can be
easier to support more features. I'm trying to solve some of issue
searching, this is a precursor to making functional changes.

Current supported engines and the index versions:

| engines | issues | code |
| - | - | - |
| db | Just a wrapper for database queries, doesn't need version | - |
| bleve | The version of index is **2** | The version of index is **6**
|
| elasticsearch | The old index has no version, will be treated as
version **0** in this PR | The version of index is **1** |
| meilisearch | The old index has no version, will be treated as version
**0** in this PR | - |


## Changes

### Split

Splited it into mutiple packages

```text
indexer
├── internal
│   ├── bleve
│   ├── db
│   ├── elasticsearch
│   └── meilisearch
├── code
│   ├── bleve
│   ├── elasticsearch
│   └── internal
└── issues
    ├── bleve
    ├── db
    ├── elasticsearch
    ├── internal
    └── meilisearch
```

- `indexer/interanal`: Internal shared package for indexer.
- `indexer/interanal/[engine]`: Internal shared package for each engine
(bleve/db/elasticsearch/meilisearch).
- `indexer/code`: Implementations for code indexer.
- `indexer/code/internal`: Internal shared package for code indexer.
- `indexer/code/[engine]`: Implementation via each engine for code
indexer.
- `indexer/issues`: Implementations for issues indexer.

### Deduplication

- Combine `Init/Ping/Close` for code indexer and issues indexer.
- ~Combine `issues.indexerHolder` and `code.wrappedIndexer` to
`internal.IndexHolder`.~ Remove it, use dummy indexer instead when the
indexer is not ready.
- Duplicate two copies of creating ES clients.
- Duplicate two copies of `indexerID()`.


### Enhancement

- [x] Support index version for elasticsearch issues indexer, the old
index without version will be treated as version 0.
- [x] Fix spell of `elastic_search/ElasticSearch`, it should be
`Elasticsearch`.
- [x] Improve versioning of ES index. We don't need `Aliases`:
- Gitea does't need aliases for "Zero Downtime" because it never delete
old indexes.
- The old code of issues indexer uses the orignal name to create issue
index, so it's tricky to convert it to an alias.
- [x] Support index version for meilisearch issues indexer, the old
index without version will be treated as version 0.
- [x] Do "ping" only when `Ping` has been called, don't ping
periodically and cache the status.
- [x] Support the context parameter whenever possible.
- [x] Fix outdated example config.
- [x] Give up the requeue logic of issues indexer: When indexing fails,
call Ping to check if it was caused by the engine being unavailable, and
only requeue the task if the engine is unavailable.
- It is fragile and tricky, could cause data losing (It did happen when
I was doing some tests for this PR). And it works for ES only.
- Just always requeue the failed task, if it caused by bad data, it's a
bug of Gitea which should be fixed.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-23 12:37:56 +00:00
wxiaoguang
ce46834b93
Remove "CHARSET" config option for MySQL, always use "utf8mb4" (#25413)
In modern days, there is no reason to make users set "charset" anymore.

Close #25378

## ⚠️ BREAKING

The key `[database].CHARSET` was removed completely as every newer
(>10years) MySQL database supports `utf8mb4` already.
There is a (deliberately) undocumented new fallback option if anyone
still needs to use it, but we don't recommend using it as it simply
causes problems.
2023-06-21 10:49:25 +00:00
Lunny Xiao
e79ff50560
Use the new download domain replace the old (#25405)
As title.
2023-06-21 03:11:17 +00:00
Kyle D
8220e50b56
Substitute variables in path names of template repos too (#25294)
### Summary

Extend the template variable substitution to replace file paths. This
can be helpful for setting up log files & directories that should match
the repository name.

### PR Changes

 - Move files matching glob pattern when setting up repos from template
- For security, added ~escaping~ sanitization for cross-platform support
and to prevent directory traversal (thanks @silverwind for the
reference)
 - Added unit testing for escaping function 
- Fixed the integration tests for repo template generation by passing
the repo_template_id
- Updated the integration testfiles to add some variable substitution &
assert the outputs

I had to fix the existing repo template integration test and extend it
to add a check for variable substitutions.

Example:

![image](https://github.com/go-gitea/gitea/assets/12700993/621feb09-0ef3-460e-afa8-da74cd84fa4e)
2023-06-20 21:14:47 +00:00
Philip Miglinci
1d92d0cf0f
Add Exoscale to installation on cloud provider docs (#25342)
We created a Gitea application for the [Exoscale
Marketplace](https://www.exoscale.com/marketplace/listing/glasskube-gitea/)
for easier installation on the European cloud provider.

The installation is managed via the [Glasskube Kubernetes
Operator](https://github.com/glasskube/operator).

Signed-off-by: Philip Miglinci <pmig@glasskube.eu>
2023-06-18 15:00:33 +02:00
techknowlogick
20c712ed7e
Add link to support page for commercial support (#25293) 2023-06-16 12:08:08 +08:00
Zisu Zhang
e00f3c7742
Docs about how to generate config for act runner with docker and setup it with docker-compose (#25256)
In this pull request, the following changes are addressed:

- State user should create `config.yaml` before start container to avoid
errors.
- Provided instructions to deploy runners using docker compose.
2023-06-16 11:46:59 +08:00
silverwind
e24f651c86
Add template linting via djlint (#25212)
So I found this [linter](https://github.com/Riverside-Healthcare/djlint)
which features a mode for go templates, so I gave it a try and it did
find a number of valid issue, like unbalanced tags etc. It also has a
number of bugs, I had to disable/workaround many issues.

Given that this linter is written in python, this does add a dependency
on `python` >= 3.8 and `poetry` to the development environment to be
able to run this linter locally.

- `e.g.` prefixes on placeholders are removed because the linter had a
false-positive on `placeholder="e.g. cn=Search"` for the `attr=value`
syntax and it's not ideal anyways to write `e.g.` into a placeholder
because a placeholder is meant to hold a sample value.
- In `templates/repo/settings/options.tmpl` I simplified the logic to
not conditionally create opening tags without closing tags because this
stuff confuses the linter (and possibly the reader as well).
2023-06-14 18:17:58 +00:00
Lunny Xiao
d6dd6d641b
Fix all possible setting error related storages and added some tests (#23911)
Follow up #22405

Fix #20703 

This PR rewrites storage configuration read sequences with some breaks
and tests. It becomes more strict than before and also fixed some
inherit problems.

- Move storage's MinioConfig struct into setting, so after the
configuration loading, the values will be stored into the struct but not
still on some section.
- All storages configurations should be stored on one section,
configuration items cannot be overrided by multiple sections. The
prioioty of configuration is `[attachment]` > `[storage.attachments]` |
`[storage.customized]` > `[storage]` > `default`
- For extra override configuration items, currently are `SERVE_DIRECT`,
`MINIO_BASE_PATH`, `MINIO_BUCKET`, which could be configured in another
section. The prioioty of the override configuration is `[attachment]` >
`[storage.attachments]` > `default`.
- Add more tests for storages configurations.
- Update the storage documentations.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-14 11:42:38 +08:00
editfund-founder
139704f499
Update from-source.zh-cn.md & from-source.en-us.md - Cross Compile Using Zig (#25194)
## Compile & Cross Compile Gitea With CGO Dependencies Using Zig

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2023-06-13 10:53:51 +08:00
wxiaoguang
34498e62c3
Improve some documents: release version, logging, NFS lock (#25202)
Close #23654
Close #24684

@techknowlogick I still think we need to rename
https://dl.gitea.com/gitea/1.20/ to
https://dl.gitea.com/gitea/1.20-nightly/

`/gitea/1.20/` is quite confusing, it needs these words to explain why.
If we call it `1.20-nightly`, the FAQ can be simplified a lot.
2023-06-12 17:05:49 +08:00
Vladimir Buyanov
3bdd48016f
Add codeowners feature (#24910)
Hello.
This PR adds a github like configuration for the CODEOWNERS file.

Resolves: #10161
2023-06-08 16:56:05 +08:00
HesterG
206d3fbae9
Change branch name from master to main in some documents' links (#25126)
As title. And needs to backport to 1.19
2023-06-08 07:35:55 +00:00