4ae46fd9c3
Gitea supports internal TLS termination as well as redirection of http to https. That may be simpler than terminating in a reverse proxy. Let's try it. Also, make the dockerfile match the expectation of the job that there will be a gitea-init stage. Also, fix the repository root setting in app.ini. Change-Id: Ia6b66b53cebdb1afa49fef89a0559615f98052f1
87 lines
2.1 KiB
Django/Jinja
87 lines
2.1 KiB
Django/Jinja
APP_NAME = OpenDev: Free Software Needs Free Tools
|
|
RUN_MODE = prod
|
|
RUN_USER = git
|
|
|
|
[server]
|
|
APP_DATA_PATH = /data/gitea
|
|
SSH_DOMAIN = localhost
|
|
PROTOCOL = https
|
|
HTTP_PORT = 3000
|
|
ROOT_URL = https://38.108.68.64/
|
|
DISABLE_SSH = false
|
|
SSH_PORT = 22
|
|
LFS_CONTENT_PATH = /data/git/lfs
|
|
DOMAIN = localhost
|
|
LFS_START_SERVER = true
|
|
LFS_JWT_SECRET = {{ lfs_jwt_secret }}
|
|
OFFLINE_MODE = false
|
|
CERT_FILE = /data/gitea/ssl/cert.pem
|
|
KEY_FILE = /data/gitea/ssl/key.pem
|
|
REDIRECT_OTHER_PORT = true
|
|
PORT_TO_REDIRECT = 3080
|
|
|
|
[database]
|
|
DB_TYPE = mysql
|
|
HOST = gitea-pxc.gitea-db.svc.cluster.local:3306
|
|
NAME = gitea
|
|
USER = {{ db_username }}
|
|
PASSWD = {{ db_password }}
|
|
SSL_MODE = disable
|
|
LOG_SQL = false
|
|
|
|
[repository]
|
|
ROOT = /data/git/repositories
|
|
|
|
[indexer]
|
|
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
|
|
REPO_INDEXER_ENABLED = true
|
|
|
|
[session]
|
|
PROVIDER_CONFIG = /data/gitea/sessions
|
|
PROVIDER = file
|
|
|
|
[picture]
|
|
AVATAR_UPLOAD_PATH = /data/gitea/avatars
|
|
DISABLE_GRAVATAR = false
|
|
ENABLE_FEDERATED_AVATAR = true
|
|
|
|
[attachment]
|
|
PATH = /data/gitea/attachments
|
|
|
|
[log]
|
|
ROOT_PATH = /logs
|
|
LEVEL = Info
|
|
|
|
[security]
|
|
INSTALL_LOCK = true
|
|
SECRET_KEY = {{ secret_key }}
|
|
INTERNAL_TOKEN = {{ internal_token }}
|
|
|
|
[service]
|
|
DISABLE_REGISTRATION = true
|
|
REQUIRE_SIGNIN_VIEW = false
|
|
REGISTER_EMAIL_CONFIRM = false
|
|
ENABLE_NOTIFY_MAIL = false
|
|
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
|
ENABLE_CAPTCHA = false
|
|
DEFAULT_KEEP_EMAIL_PRIVATE = false
|
|
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
|
|
DEFAULT_ENABLE_TIMETRACKING = true
|
|
NO_REPLY_ADDRESS = noreply.example.org
|
|
|
|
[mailer]
|
|
ENABLED = false
|
|
|
|
[openid]
|
|
ENABLE_OPENID_SIGNIN = true
|
|
ENABLE_OPENID_SIGNUP = true
|
|
|
|
[markup.pandoc]
|
|
ENABLED = true
|
|
; List of file extensions that should be rendered by an external command
|
|
FILE_EXTENSIONS = .rst
|
|
; External command to render all matching extensions
|
|
RENDER_COMMAND = "/usr/bin/pandoc -f rst"
|
|
; Input is not a standard input but a file
|
|
IS_INPUT_FILE = false
|