4a3c19e053
During the Gitea 1.22.1 upgrade we had failures because gitea wanted to write back to its app.ini config file and couldn't do so due to file permissions. We address that by fixing the formatting for one entry in the template then separately update a secret var to match what ended up being deployed to gitea09. In theory this should make everything line up such that we don't actually need to write back to the file at all. If this continues to fail we will instead update file permissions and let gitea rewrite its file instead. But that would be the next thing to try. Change-Id: Ic3a6e2dd25ec906c234c2fea26b68eb8f742201c
142 lines
3.6 KiB
Django/Jinja
142 lines
3.6 KiB
Django/Jinja
APP_NAME = OpenDev: Free Software Needs Free Tools
|
|
RUN_MODE = prod
|
|
RUN_USER = git
|
|
; TODO determine if this is appropriate for our existing installation
|
|
WORK_PATH = /data/gitea
|
|
|
|
[server]
|
|
APP_DATA_PATH = /data/gitea
|
|
SSH_DOMAIN = localhost
|
|
PROTOCOL = https
|
|
HTTP_PORT = 3000
|
|
ROOT_URL = https://opendev.org/
|
|
DISABLE_SSH = false
|
|
SSH_PORT = 22
|
|
DOMAIN = localhost
|
|
LFS_START_SERVER = true
|
|
LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }}
|
|
OFFLINE_MODE = false
|
|
CERT_FILE = /certs/cert.pem
|
|
KEY_FILE = /certs/key.pem
|
|
REDIRECT_OTHER_PORT = true
|
|
PORT_TO_REDIRECT = 3080
|
|
|
|
[database]
|
|
DB_TYPE = mysql
|
|
HOST = localhost:3306
|
|
NAME = gitea
|
|
USER = {{ gitea_db_username }}
|
|
PASSWD = {{ gitea_db_password }}
|
|
SSL_MODE = disable
|
|
LOG_SQL = false
|
|
|
|
[repository]
|
|
ROOT = /data/git/repositories
|
|
DISABLED_REPO_UNITS = repo.issues,repo.pulls,repo.wiki,repo.projects,repo.actions
|
|
DISABLE_STARS = true
|
|
DISABLE_MIGRATIONS = true
|
|
|
|
[git]
|
|
; Implemented in 1.16 but broke older git clients. Now expected to work
|
|
; but we keep explicit config in place should it need to be toggled back
|
|
; to true again.
|
|
DISABLE_PARTIAL_CLONE = false
|
|
|
|
[federation]
|
|
ENABLED = false
|
|
|
|
[packages]
|
|
ENABLED = false
|
|
|
|
[indexer]
|
|
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
|
|
REPO_INDEXER_ENABLED = true
|
|
STARTUP_TIMEOUT = 300s
|
|
|
|
[session]
|
|
PROVIDER_CONFIG = /data/gitea/sessions
|
|
PROVIDER = file
|
|
|
|
[picture]
|
|
AVATAR_UPLOAD_PATH = /data/gitea/avatars
|
|
DISABLE_GRAVATAR = true
|
|
|
|
[attachment]
|
|
PATH = /data/gitea/attachments
|
|
|
|
[log]
|
|
ROOT_PATH = /logs
|
|
LEVEL = Info
|
|
STACKTRACE_LEVEL = Error
|
|
logger.access.MODE = file
|
|
{% raw -%}
|
|
ACCESS_LOG_TEMPLATE = {{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.URL.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}" "{{.Ctx.Req.UserAgent}}"
|
|
{% endraw %}
|
|
|
|
[security]
|
|
INSTALL_LOCK = true
|
|
SECRET_KEY = {{ gitea_secret_key }}
|
|
INTERNAL_TOKEN = {{ gitea_internal_token }}
|
|
PASSWORD_COMPLEXITY = lower,upper,digit
|
|
|
|
[service]
|
|
DISABLE_REGISTRATION = true
|
|
SHOW_REGISTRATION_BUTTON = false
|
|
REQUIRE_SIGNIN_VIEW = false
|
|
REGISTER_EMAIL_CONFIRM = false
|
|
ENABLE_NOTIFY_MAIL = false
|
|
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
|
ENABLE_CAPTCHA = false
|
|
DEFAULT_KEEP_EMAIL_PRIVATE = false
|
|
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
|
|
ENABLE_TIMETRACKING = false
|
|
DEFAULT_ENABLE_TIMETRACKING = false
|
|
NO_REPLY_ADDRESS = noreply.example.org
|
|
|
|
[mailer]
|
|
ENABLED = false
|
|
|
|
[oauth2]
|
|
ENABLED = false
|
|
; TODO we don't do oauth2 do we need to set this value?
|
|
JWT_SECRET = {{ gitea_oauth2_jwt_secret }}
|
|
; TODO we don't do oauth2 do we need to set this value?
|
|
JWT_SIGNING_PRIVATE_KEY_FILE = /data/gitea/jwt/private.pem
|
|
|
|
[openid]
|
|
ENABLE_OPENID_SIGNIN = false
|
|
ENABLE_OPENID_SIGNUP = false
|
|
|
|
[markup.pandoc]
|
|
ENABLED = true
|
|
; List of file extensions that should be rendered by an external command
|
|
FILE_EXTENSIONS = .rst
|
|
; External command to render all matching extensions
|
|
RENDER_COMMAND = /usr/bin/pandoc -f rst
|
|
; Input is not a standard input but a file
|
|
IS_INPUT_FILE = false
|
|
|
|
[actions]
|
|
ENABLED = false
|
|
|
|
[lfs]
|
|
STORAGE_TYPE = local
|
|
PATH = /data/git/lfs
|
|
|
|
; This is an undocumented gitea cron job that will delete all
|
|
; repo archives once daily at midnight. Repo archives are
|
|
; tarballs/zips/etc of repository state generate for things like
|
|
; tags. This helps ensure we don't run out of disk.
|
|
[cron.delete_repo_archives]
|
|
ENABLED = true
|
|
RUN_AT_START = false
|
|
NOTICE_ON_SUCCESS = false
|
|
; Note we run this several hours after 0000 (midnight) to avoid conflict
|
|
; with default cron jobs run by gitea at that time.
|
|
SCHEDULE = 0 0 3 * * *
|
|
|
|
; We don't need gitea phoning out to check versions. We stay on
|
|
; top of new releases using github release notifications over email.
|
|
[cron.update_checker]
|
|
ENABLED = false
|