1
1
mirror of https://github.com/go-gitea/gitea synced 2025-01-25 17:14:32 +00:00

Merge branch 'main' into api-repo-actions

This commit is contained in:
Chester 2023-10-20 14:56:35 -04:00 committed by GitHub
commit e61a33eba3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1440 changed files with 19571 additions and 17167 deletions
.changelog.yml.drone.yml.eslintrc.yaml
.github
.gitignore.markdownlint.yaml.stylelintrc.yaml.yamllint.yamlBSDmakefileCHANGELOG.mdCONTRIBUTING.mdMAINTAINERSMakefileREADME.mdREADME_ZH.mdSECURITY.md
assets
cmd
contrib/fixtures
custom/conf
docs/content

@ -13,46 +13,42 @@ groups:
- -
name: BREAKING name: BREAKING
labels: labels:
- kind/breaking - pr/breaking
- -
name: SECURITY name: SECURITY
labels: labels:
- kind/security - topic/security
- -
name: FEATURES name: FEATURES
labels: labels:
- kind/feature - type/feature
- -
name: API name: API
labels: labels:
- kind/api - modifies/api
- -
name: ENHANCEMENTS name: ENHANCEMENTS
labels: labels:
- kind/enhancement - type/enhancement
- kind/refactor - type/refactoring
- kind/ui - topic/ui
- -
name: BUGFIXES name: BUGFIXES
labels: labels:
- kind/bug - type/bug
- -
name: TESTING name: TESTING
labels: labels:
- kind/testing - type/testing
-
name: TRANSLATION
labels:
- kind/translation
- -
name: BUILD name: BUILD
labels: labels:
- kind/build - topic/build
- kind/lint - topic/code-linting
- -
name: DOCS name: DOCS
labels: labels:
- kind/docs - type/docs
- -
name: MISC name: MISC
default: true default: true

@ -1,425 +0,0 @@
---
kind: pipeline
name: release-version
platform:
os: linux
arch: amd64
workspace:
base: /source
path: /
trigger:
event:
- tag
volumes:
- name: deps
temp: {}
steps:
- name: fetch-tags
image: docker:git
pull: always
commands:
- git fetch --tags --force
- name: deps-frontend
image: node:20
pull: always
commands:
- make deps-frontend
- name: deps-backend
image: gitea/test_env:linux-1.20-amd64
pull: always
commands:
- make deps-backend
volumes:
- name: deps
path: /go
- name: static
image: techknowlogick/xgo:go-1.21.x
pull: always
commands:
- curl -sL https://deb.nodesource.com/setup_20.x | bash - && apt-get -qqy install nodejs
- export PATH=$PATH:$GOPATH/bin
- make release
environment:
GOPROXY: https://goproxy.io # proxy.golang.org is blocked in China, this proxy is not
TAGS: bindata sqlite sqlite_unlock_notify
DEBIAN_FRONTEND: noninteractive
depends_on: [fetch-tags]
volumes:
- name: deps
path: /go
- name: gpg-sign
image: plugins/gpgsign:1
pull: always
settings:
detach_sign: true
excludes:
- "dist/release/*.sha256"
files:
- "dist/release/*"
environment:
GPGSIGN_KEY:
from_secret: gpgsign_key
GPGSIGN_PASSPHRASE:
from_secret: gpgsign_passphrase
depends_on: [static]
- name: release-tag
image: woodpeckerci/plugin-s3:latest
pull: always
settings:
acl:
from_secret: aws_s3_acl
region:
from_secret: aws_s3_region
bucket:
from_secret: aws_s3_bucket
endpoint:
from_secret: aws_s3_endpoint
path_style:
from_secret: aws_s3_path_style
source: "dist/release/*"
strip_prefix: dist/release/
target: "/gitea/${DRONE_TAG##v}"
environment:
AWS_ACCESS_KEY_ID:
from_secret: aws_access_key_id
AWS_SECRET_ACCESS_KEY:
from_secret: aws_secret_access_key
depends_on: [gpg-sign]
- name: github
image: plugins/github-release:latest
pull: always
settings:
files:
- "dist/release/*"
file_exists: overwrite
environment:
GITHUB_TOKEN:
from_secret: github_token
depends_on: [gpg-sign]
---
kind: pipeline
type: docker
name: docker-linux-amd64-release-version
platform:
os: linux
arch: amd64
trigger:
ref:
include:
- "refs/tags/**"
exclude:
- "refs/tags/**-rc*"
paths:
exclude:
- "docs/**"
steps:
- name: fetch-tags
image: docker:git
pull: always
commands:
- git fetch --tags --force
- name: publish
image: plugins/docker:latest
pull: always
settings:
auto_tag: true
auto_tag_suffix: linux-amd64
repo: gitea/gitea
build_args:
- GOPROXY=https://goproxy.io
password:
from_secret: docker_password
username:
from_secret: docker_username
environment:
PLUGIN_MIRROR:
from_secret: plugin_mirror
DOCKER_BUILDKIT: 1
when:
event:
exclude:
- pull_request
- name: publish-rootless
image: plugins/docker:latest
settings:
dockerfile: Dockerfile.rootless
auto_tag: true
auto_tag_suffix: linux-amd64-rootless
repo: gitea/gitea
build_args:
- GOPROXY=https://goproxy.io
password:
from_secret: docker_password
username:
from_secret: docker_username
environment:
PLUGIN_MIRROR:
from_secret: plugin_mirror
DOCKER_BUILDKIT: 1
when:
event:
exclude:
- pull_request
---
kind: pipeline
type: docker
name: docker-linux-amd64-release-candidate-version
platform:
os: linux
arch: amd64
trigger:
ref:
- "refs/tags/**-rc*"
paths:
exclude:
- "docs/**"
steps:
- name: fetch-tags
image: docker:git
pull: always
commands:
- git fetch --tags --force
- name: publish
image: plugins/docker:latest
pull: always
settings:
tags: ${DRONE_TAG##v}-linux-amd64
repo: gitea/gitea
build_args:
- GOPROXY=https://goproxy.io
password:
from_secret: docker_password
username:
from_secret: docker_username
environment:
PLUGIN_MIRROR:
from_secret: plugin_mirror
DOCKER_BUILDKIT: 1
when:
event:
exclude:
- pull_request
- name: publish-rootless
image: plugins/docker:latest
settings:
dockerfile: Dockerfile.rootless
tags: ${DRONE_TAG##v}-linux-amd64-rootless
repo: gitea/gitea
build_args:
- GOPROXY=https://goproxy.io
password:
from_secret: docker_password
username:
from_secret: docker_username
environment:
PLUGIN_MIRROR:
from_secret: plugin_mirror
DOCKER_BUILDKIT: 1
when:
event:
exclude:
- pull_request
---
kind: pipeline
type: docker
name: docker-linux-arm64-release-version
platform:
os: linux
arch: arm64
trigger:
ref:
include:
- "refs/tags/**"
exclude:
- "refs/tags/**-rc*"
paths:
exclude:
- "docs/**"
steps:
- name: fetch-tags
image: docker:git
pull: always
commands:
- git fetch --tags --force
- name: publish
image: plugins/docker:latest
pull: always
settings:
auto_tag: true
auto_tag_suffix: linux-arm64
repo: gitea/gitea
build_args:
- GOPROXY=https://goproxy.io
password:
from_secret: docker_password
username:
from_secret: docker_username
environment:
PLUGIN_MIRROR:
from_secret: plugin_mirror
DOCKER_BUILDKIT: 1
when:
event:
exclude:
- pull_request
- name: publish-rootless
image: plugins/docker:latest
settings:
dockerfile: Dockerfile.rootless
auto_tag: true
auto_tag_suffix: linux-arm64-rootless
repo: gitea/gitea
build_args:
- GOPROXY=https://goproxy.io
password:
from_secret: docker_password
username:
from_secret: docker_username
environment:
PLUGIN_MIRROR:
from_secret: plugin_mirror
DOCKER_BUILDKIT: 1
when:
event:
exclude:
- pull_request
---
kind: pipeline
type: docker
name: docker-linux-arm64-release-candidate-version
platform:
os: linux
arch: arm64
trigger:
ref:
- "refs/tags/**-rc*"
paths:
exclude:
- "docs/**"
steps:
- name: fetch-tags
image: docker:git
pull: always
commands:
- git fetch --tags --force
- name: publish
image: plugins/docker:latest
pull: always
settings:
tags: ${DRONE_TAG##v}-linux-arm64
repo: gitea/gitea
build_args:
- GOPROXY=https://goproxy.io
password:
from_secret: docker_password
username:
from_secret: docker_username
environment:
PLUGIN_MIRROR:
from_secret: plugin_mirror
DOCKER_BUILDKIT: 1
when:
event:
exclude:
- pull_request
- name: publish-rootless
image: plugins/docker:latest
settings:
dockerfile: Dockerfile.rootless
tags: ${DRONE_TAG##v}-linux-arm64-rootless
repo: gitea/gitea
build_args:
- GOPROXY=https://goproxy.io
password:
from_secret: docker_password
username:
from_secret: docker_username
environment:
PLUGIN_MIRROR:
from_secret: plugin_mirror
DOCKER_BUILDKIT: 1
when:
event:
exclude:
- pull_request
---
kind: pipeline
type: docker
name: docker-manifest-version
platform:
os: linux
arch: amd64
steps:
- name: manifest-rootless
image: plugins/manifest
pull: always
settings:
auto_tag: true
ignore_missing: true
spec: docker/manifest.rootless.tmpl
password:
from_secret: docker_password
username:
from_secret: docker_username
- name: manifest
image: plugins/manifest
settings:
auto_tag: true
ignore_missing: true
spec: docker/manifest.tmpl
password:
from_secret: docker_password
username:
from_secret: docker_username
trigger:
ref:
- "refs/tags/**"
paths:
exclude:
- "docs/**"
depends_on:
- docker-linux-amd64-release-version
- docker-linux-amd64-release-candidate-version
- docker-linux-arm64-release-version
- docker-linux-arm64-release-candidate-version

@ -11,14 +11,15 @@ parserOptions:
plugins: plugins:
- "@eslint-community/eslint-plugin-eslint-comments" - "@eslint-community/eslint-plugin-eslint-comments"
- eslint-plugin-array-func - eslint-plugin-array-func
- eslint-plugin-custom-elements - eslint-plugin-i
- eslint-plugin-import
- eslint-plugin-jquery - eslint-plugin-jquery
- eslint-plugin-no-jquery - eslint-plugin-no-jquery
- eslint-plugin-no-use-extend-native - eslint-plugin-no-use-extend-native
- eslint-plugin-regexp - eslint-plugin-regexp
- eslint-plugin-sonarjs - eslint-plugin-sonarjs
- eslint-plugin-unicorn - eslint-plugin-unicorn
- eslint-plugin-vitest
- eslint-plugin-vitest-globals
- eslint-plugin-wc - eslint-plugin-wc
env: env:
@ -41,11 +42,67 @@ overrides:
no-restricted-globals: [2, addEventListener, blur, close, closed, confirm, defaultStatus, defaultstatus, error, event, external, find, focus, frameElement, frames, history, innerHeight, innerWidth, isFinite, isNaN, length, locationbar, menubar, moveBy, moveTo, name, onblur, onerror, onfocus, onload, onresize, onunload, open, opener, opera, outerHeight, outerWidth, pageXOffset, pageYOffset, parent, print, removeEventListener, resizeBy, resizeTo, screen, screenLeft, screenTop, screenX, screenY, scroll, scrollbars, scrollBy, scrollTo, scrollX, scrollY, status, statusbar, stop, toolbar, top] no-restricted-globals: [2, addEventListener, blur, close, closed, confirm, defaultStatus, defaultstatus, error, event, external, find, focus, frameElement, frames, history, innerHeight, innerWidth, isFinite, isNaN, length, locationbar, menubar, moveBy, moveTo, name, onblur, onerror, onfocus, onload, onresize, onunload, open, opener, opera, outerHeight, outerWidth, pageXOffset, pageYOffset, parent, print, removeEventListener, resizeBy, resizeTo, screen, screenLeft, screenTop, screenX, screenY, scroll, scrollbars, scrollBy, scrollTo, scrollX, scrollY, status, statusbar, stop, toolbar, top]
- files: ["build/generate-images.js"] - files: ["build/generate-images.js"]
rules: rules:
import/no-unresolved: [0] i/no-unresolved: [0]
import/no-extraneous-dependencies: [0] i/no-extraneous-dependencies: [0]
- files: ["*.config.*"] - files: ["*.config.*"]
rules: rules:
import/no-unused-modules: [0] i/no-unused-modules: [0]
- files: ["**/*.test.*", "web_src/js/test/setup.js"]
env:
vitest-globals/env: true
rules:
vitest/consistent-test-filename: [0]
vitest/consistent-test-it: [0]
vitest/expect-expect: [0]
vitest/max-expects: [0]
vitest/max-nested-describe: [0]
vitest/no-alias-methods: [0]
vitest/no-commented-out-tests: [0]
vitest/no-conditional-expect: [0]
vitest/no-conditional-in-test: [0]
vitest/no-conditional-tests: [0]
vitest/no-disabled-tests: [0]
vitest/no-done-callback: [0]
vitest/no-duplicate-hooks: [0]
vitest/no-focused-tests: [0]
vitest/no-hooks: [0]
vitest/no-identical-title: [2]
vitest/no-interpolation-in-snapshots: [0]
vitest/no-large-snapshots: [0]
vitest/no-mocks-import: [0]
vitest/no-restricted-matchers: [0]
vitest/no-restricted-vi-methods: [0]
vitest/no-standalone-expect: [0]
vitest/no-test-prefixes: [0]
vitest/no-test-return-statement: [0]
vitest/prefer-called-with: [0]
vitest/prefer-comparison-matcher: [0]
vitest/prefer-each: [0]
vitest/prefer-equality-matcher: [0]
vitest/prefer-expect-resolves: [0]
vitest/prefer-hooks-in-order: [0]
vitest/prefer-hooks-on-top: [2]
vitest/prefer-lowercase-title: [0]
vitest/prefer-mock-promise-shorthand: [0]
vitest/prefer-snapshot-hint: [0]
vitest/prefer-spy-on: [0]
vitest/prefer-strict-equal: [0]
vitest/prefer-to-be: [0]
vitest/prefer-to-be-falsy: [0]
vitest/prefer-to-be-object: [0]
vitest/prefer-to-be-truthy: [0]
vitest/prefer-to-contain: [0]
vitest/prefer-to-have-length: [0]
vitest/prefer-todo: [0]
vitest/require-hook: [0]
vitest/require-to-throw-message: [0]
vitest/require-top-level-describe: [0]
vitest/valid-describe-callback: [2]
vitest/valid-expect: [2]
vitest/valid-title: [2]
- files: ["web_src/js/modules/fetch.js", "web_src/js/standalone/**/*"]
rules:
no-restricted-syntax: [2, WithStatement, ForInStatement, LabeledStatement, SequenceExpression]
rules: rules:
"@eslint-community/eslint-comments/disable-enable-pair": [2] "@eslint-community/eslint-comments/disable-enable-pair": [2]
@ -85,19 +142,6 @@ rules:
consistent-this: [0] consistent-this: [0]
constructor-super: [2] constructor-super: [2]
curly: [0] curly: [0]
custom-elements/expose-class-on-global: [0]
custom-elements/extends-correct-class: [2]
custom-elements/file-name-matches-element: [2]
custom-elements/no-constructor: [2]
custom-elements/no-customized-built-in-elements: [2]
custom-elements/no-dom-traversal-in-attributechangedcallback: [2]
custom-elements/no-dom-traversal-in-connectedcallback: [2]
custom-elements/no-exports-with-element: [2]
custom-elements/no-method-prefixed-with-on: [2]
custom-elements/no-unchecked-define: [0]
custom-elements/one-element-per-file: [0]
custom-elements/tag-name-matches-class: [2]
custom-elements/valid-tag-name: [2]
default-case-last: [2] default-case-last: [2]
default-case: [0] default-case: [0]
default-param-last: [0] default-param-last: [0]
@ -120,49 +164,49 @@ rules:
id-length: [0] id-length: [0]
id-match: [0] id-match: [0]
implicit-arrow-linebreak: [0] implicit-arrow-linebreak: [0]
import/consistent-type-specifier-style: [0] i/consistent-type-specifier-style: [0]
import/default: [0] i/default: [0]
import/dynamic-import-chunkname: [0] i/dynamic-import-chunkname: [0]
import/export: [2] i/export: [2]
import/exports-last: [0] i/exports-last: [0]
import/extensions: [2, always, {ignorePackages: true}] i/extensions: [2, always, {ignorePackages: true}]
import/first: [2] i/first: [2]
import/group-exports: [0] i/group-exports: [0]
import/max-dependencies: [0] i/max-dependencies: [0]
import/named: [2] i/named: [2]
import/namespace: [0] i/namespace: [0]
import/newline-after-import: [0] i/newline-after-import: [0]
import/no-absolute-path: [0] i/no-absolute-path: [0]
import/no-amd: [2] i/no-amd: [2]
import/no-anonymous-default-export: [0] i/no-anonymous-default-export: [0]
import/no-commonjs: [2] i/no-commonjs: [2]
import/no-cycle: [2, {ignoreExternal: true, maxDepth: 1}] i/no-cycle: [2, {ignoreExternal: true, maxDepth: 1}]
import/no-default-export: [0] i/no-default-export: [0]
import/no-deprecated: [0] i/no-deprecated: [0]
import/no-dynamic-require: [0] i/no-dynamic-require: [0]
import/no-empty-named-blocks: [2] i/no-empty-named-blocks: [2]
import/no-extraneous-dependencies: [2] i/no-extraneous-dependencies: [2]
import/no-import-module-exports: [0] i/no-import-module-exports: [0]
import/no-internal-modules: [0] i/no-internal-modules: [0]
import/no-mutable-exports: [0] i/no-mutable-exports: [0]
import/no-named-as-default-member: [0] i/no-named-as-default-member: [0]
import/no-named-as-default: [2] i/no-named-as-default: [2]
import/no-named-default: [0] i/no-named-default: [0]
import/no-named-export: [0] i/no-named-export: [0]
import/no-namespace: [0] i/no-namespace: [0]
import/no-nodejs-modules: [0] i/no-nodejs-modules: [0]
import/no-relative-packages: [0] i/no-relative-packages: [0]
import/no-relative-parent-imports: [0] i/no-relative-parent-imports: [0]
import/no-restricted-paths: [0] i/no-restricted-paths: [0]
import/no-self-import: [2] i/no-self-import: [2]
import/no-unassigned-import: [0] i/no-unassigned-import: [0]
import/no-unresolved: [2, {commonjs: true, ignore: ["\\?.+$", ^vitest/]}] i/no-unresolved: [2, {commonjs: true, ignore: ["\\?.+$", ^vitest/]}]
import/no-unused-modules: [2, {unusedExports: true}] i/no-unused-modules: [2, {unusedExports: true}]
import/no-useless-path-segments: [2, {commonjs: true}] i/no-useless-path-segments: [2, {commonjs: true}]
import/no-webpack-loader-syntax: [2] i/no-webpack-loader-syntax: [2]
import/order: [0] i/order: [0]
import/prefer-default-export: [0] i/prefer-default-export: [0]
import/unambiguous: [0] i/unambiguous: [0]
indent: [2, 2, {SwitchCase: 1}] indent: [2, 2, {SwitchCase: 1}]
init-declarations: [0] init-declarations: [0]
jquery/no-ajax-events: [2] jquery/no-ajax-events: [2]
@ -420,7 +464,7 @@ rules:
no-restricted-exports: [0] no-restricted-exports: [0]
no-restricted-globals: [2, addEventListener, blur, close, closed, confirm, defaultStatus, defaultstatus, error, event, external, find, focus, frameElement, frames, history, innerHeight, innerWidth, isFinite, isNaN, length, location, locationbar, menubar, moveBy, moveTo, name, onblur, onerror, onfocus, onload, onresize, onunload, open, opener, opera, outerHeight, outerWidth, pageXOffset, pageYOffset, parent, print, removeEventListener, resizeBy, resizeTo, screen, screenLeft, screenTop, screenX, screenY, scroll, scrollbars, scrollBy, scrollTo, scrollX, scrollY, self, status, statusbar, stop, toolbar, top, __dirname, __filename] no-restricted-globals: [2, addEventListener, blur, close, closed, confirm, defaultStatus, defaultstatus, error, event, external, find, focus, frameElement, frames, history, innerHeight, innerWidth, isFinite, isNaN, length, location, locationbar, menubar, moveBy, moveTo, name, onblur, onerror, onfocus, onload, onresize, onunload, open, opener, opera, outerHeight, outerWidth, pageXOffset, pageYOffset, parent, print, removeEventListener, resizeBy, resizeTo, screen, screenLeft, screenTop, screenX, screenY, scroll, scrollbars, scrollBy, scrollTo, scrollX, scrollY, self, status, statusbar, stop, toolbar, top, __dirname, __filename]
no-restricted-imports: [0] no-restricted-imports: [0]
no-restricted-syntax: [2, WithStatement, ForInStatement, LabeledStatement, SequenceExpression] no-restricted-syntax: [2, WithStatement, ForInStatement, LabeledStatement, SequenceExpression, {selector: "CallExpression[callee.name='fetch']", message: "use modules/fetch.js instead"}]
no-return-assign: [0] no-return-assign: [0]
no-script-url: [2] no-script-url: [2]
no-self-assign: [2, {props: true}] no-self-assign: [2, {props: true}]
@ -483,7 +527,7 @@ rules:
prefer-exponentiation-operator: [2] prefer-exponentiation-operator: [2]
prefer-named-capture-group: [0] prefer-named-capture-group: [0]
prefer-numeric-literals: [2] prefer-numeric-literals: [2]
prefer-object-has-own: [0] prefer-object-has-own: [2]
prefer-object-spread: [2] prefer-object-spread: [2]
prefer-promise-reject-errors: [2, {allowEmptyReject: false}] prefer-promise-reject-errors: [2, {allowEmptyReject: false}]
prefer-regex-literals: [2] prefer-regex-literals: [2]
@ -508,6 +552,7 @@ rules:
regexp/no-empty-character-class: [0] regexp/no-empty-character-class: [0]
regexp/no-empty-group: [2] regexp/no-empty-group: [2]
regexp/no-empty-lookarounds-assertion: [2] regexp/no-empty-lookarounds-assertion: [2]
regexp/no-empty-string-literal: [2]
regexp/no-escape-backspace: [2] regexp/no-escape-backspace: [2]
regexp/no-extra-lookaround-assertions: [0] regexp/no-extra-lookaround-assertions: [0]
regexp/no-invalid-regexp: [2] regexp/no-invalid-regexp: [2]
@ -538,6 +583,8 @@ rules:
regexp/no-useless-non-capturing-group: [2] regexp/no-useless-non-capturing-group: [2]
regexp/no-useless-quantifier: [2] regexp/no-useless-quantifier: [2]
regexp/no-useless-range: [2] regexp/no-useless-range: [2]
regexp/no-useless-set-operand: [2]
regexp/no-useless-string-literal: [2]
regexp/no-useless-two-nums-quantifier: [2] regexp/no-useless-two-nums-quantifier: [2]
regexp/no-zero-quantifier: [2] regexp/no-zero-quantifier: [2]
regexp/optimal-lookaround-quantifier: [2] regexp/optimal-lookaround-quantifier: [2]
@ -557,10 +604,12 @@ rules:
regexp/prefer-regexp-exec: [2] regexp/prefer-regexp-exec: [2]
regexp/prefer-regexp-test: [2] regexp/prefer-regexp-test: [2]
regexp/prefer-result-array-groups: [0] regexp/prefer-result-array-groups: [0]
regexp/prefer-set-operation: [2]
regexp/prefer-star-quantifier: [2] regexp/prefer-star-quantifier: [2]
regexp/prefer-unicode-codepoint-escapes: [2] regexp/prefer-unicode-codepoint-escapes: [2]
regexp/prefer-w: [0] regexp/prefer-w: [0]
regexp/require-unicode-regexp: [0] regexp/require-unicode-regexp: [0]
regexp/simplify-set-operations: [2]
regexp/sort-alternatives: [0] regexp/sort-alternatives: [0]
regexp/sort-character-class-elements: [0] regexp/sort-character-class-elements: [0]
regexp/sort-flags: [0] regexp/sort-flags: [0]
@ -737,14 +786,27 @@ rules:
valid-typeof: [2, {requireStringLiterals: true}] valid-typeof: [2, {requireStringLiterals: true}]
vars-on-top: [0] vars-on-top: [0]
wc/attach-shadow-constructor: [2] wc/attach-shadow-constructor: [2]
wc/define-tag-after-class-definition: [0]
wc/expose-class-on-global: [0]
wc/file-name-matches-element: [2]
wc/guard-define-call: [0]
wc/guard-super-call: [2] wc/guard-super-call: [2]
wc/max-elements-per-file: [0]
wc/no-child-traversal-in-attributechangedcallback: [2]
wc/no-child-traversal-in-connectedcallback: [2]
wc/no-closed-shadow-root: [2] wc/no-closed-shadow-root: [2]
wc/no-constructor-attributes: [2] wc/no-constructor-attributes: [2]
wc/no-constructor-params: [2] wc/no-constructor-params: [2]
wc/no-invalid-element-name: [0] # covered by custom-elements/valid-tag-name wc/no-constructor: [2]
wc/no-customized-built-in-elements: [2]
wc/no-exports-with-element: [2]
wc/no-invalid-element-name: [2]
wc/no-invalid-extends: [2]
wc/no-method-prefixed-with-on: [2]
wc/no-self-class: [2] wc/no-self-class: [2]
wc/no-typos: [2] wc/no-typos: [2]
wc/require-listener-teardown: [2] wc/require-listener-teardown: [2]
wc/tag-name-matches-class: [2]
wrap-iife: [2, inside] wrap-iife: [2, inside]
wrap-regex: [0] wrap-regex: [0]
yield-star-spacing: [2, after] yield-star-spacing: [2, after]

@ -1,6 +1,6 @@
name: Bug Report name: Bug Report
description: Found something you weren't expecting? Report it here! description: Found something you weren't expecting? Report it here!
labels: ["kind/bug"] labels: ["type/bug"]
body: body:
- type: markdown - type: markdown
attributes: attributes:

@ -1,6 +1,6 @@
name: Feature Request name: Feature Request
description: Got an idea for a feature that Gitea doesn't have currently? Submit your idea here! description: Got an idea for a feature that Gitea doesn't have currently? Submit your idea here!
labels: ["kind/proposal"] labels: ["type/proposal"]
body: body:
- type: markdown - type: markdown
attributes: attributes:

@ -1,6 +1,6 @@
name: Web Interface Bug Report name: Web Interface Bug Report
description: Something doesn't look quite as it should? Report it here! description: Something doesn't look quite as it should? Report it here!
labels: ["kind/bug", "kind/ui"] labels: ["type/bug", "topic/ui"]
body: body:
- type: markdown - type: markdown
attributes: attributes:

5
.github/actionlint.yaml vendored Normal file

@ -0,0 +1,5 @@
self-hosted-runner:
labels:
- actuated-4cpu-8gb
- actuated-4cpu-16gb
- nscloud

30
.github/labeler.yml vendored

@ -1,32 +1,36 @@
kind/docs: modifies/docs:
- "**/*.md" - "**/*.md"
- "docs/**" - "docs/**"
kind/ui: modifies/frontend:
- "web_src/**/*" - "web_src/**/*"
modifies/templates:
- all: ["templates/**", "!templates/swagger/v1_json.tmpl"] - all: ["templates/**", "!templates/swagger/v1_json.tmpl"]
kind/api: modifies/api:
- "templates/swagger/v1_json.tmpl"
- "routers/api/**" - "routers/api/**"
- "templates/swagger/v1_json.tmpl"
kind/build: modifies/cli:
- "cmd/**"
modifies/translation:
- "options/locale/*.ini"
modifies/migrations:
- "models/migrations/**/*"
modifies/internal:
- "Makefile" - "Makefile"
- "Dockerfile" - "Dockerfile"
- "Dockerfile.rootless" - "Dockerfile.rootless"
- "docker/**" - "docker/**"
- "webpack.config.js" - "webpack.config.js"
theme/package-registry:
- "modules/packages/**"
kind/cli:
- "cmd/**"
kind/lint:
- ".eslintrc.yaml" - ".eslintrc.yaml"
- ".golangci.yml" - ".golangci.yml"
- ".markdownlint.yaml" - ".markdownlint.yaml"
- ".spectral.yaml" - ".spectral.yaml"
- ".stylelintrc.yaml" - ".stylelintrc.yaml"
- ".yamllint.yaml" - ".yamllint.yaml"
- ".github/**"

@ -10,10 +10,10 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: github.repository == 'go-gitea/gitea' if: github.repository == 'go-gitea/gitea'
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
- run: make generate-license generate-gitignore - run: make generate-license generate-gitignore
timeout-minutes: 40 timeout-minutes: 40

@ -10,7 +10,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: github.repository == 'go-gitea/gitea' if: github.repository == 'go-gitea/gitea'
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- name: download from crowdin - name: download from crowdin
uses: docker://jonasfranz/crowdin uses: docker://jonasfranz/crowdin
env: env:
@ -35,7 +35,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: github.repository == 'go-gitea/gitea' if: github.repository == 'go-gitea/gitea'
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- name: push translations to crowdin - name: push translations to crowdin
uses: docker://jonasfranz/crowdin uses: docker://jonasfranz/crowdin
env: env:

40
.github/workflows/disk-clean.yml vendored Normal file

@ -0,0 +1,40 @@
name: disk-clean
on:
workflow_call:
jobs:
triage:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# FIXME: https://github.com/jlumbroso/free-disk-space/issues/17
- name: same as 'large-packages' but without 'google-cloud-sdk'
shell: bash
run: |
sudo apt-get update
sudo apt-get remove -y '^dotnet-.*' || true
sudo apt-get remove -y '^llvm-.*' || true
sudo apt-get remove -y 'php.*' || true
sudo apt-get remove -y '^mongodb-.*' || true
sudo apt-get remove -y '^mysql-.*' || true
sudo apt-get remove -y azure-cli google-chrome-stable firefox powershell mono-devel libgl1-mesa-dri || true
sudo apt-get autoremove -y
sudo apt-get clean
env:
DEBIAN_FRONTEND: noninteractive
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/free-disk-space@main
with:
# this might remove tools that are actually needed,
# if set to "true" but frees about 6 GB
tool-cache: false
# all of these default to true, but feel free to set to
# "false" if necessary for your workflow
android: true
dotnet: true
haskell: true
large-packages: false
docker-images: false
swap-storage: true

@ -34,7 +34,7 @@ jobs:
swagger: ${{ steps.changes.outputs.swagger }} swagger: ${{ steps.changes.outputs.swagger }}
yaml: ${{ steps.changes.outputs.yaml }} yaml: ${{ steps.changes.outputs.yaml }}
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: dorny/paths-filter@v2 - uses: dorny/paths-filter@v2
id: changes id: changes
with: with:
@ -64,9 +64,12 @@ jobs:
- "**/*.md" - "**/*.md"
- "docs/**" - "docs/**"
- ".markdownlint.yaml" - ".markdownlint.yaml"
- "package.json"
- "package-lock.json"
actions: actions:
- ".github/workflows/*" - ".github/workflows/*"
- "Makefile"
templates: templates:
- "templates/**/*.tmpl" - "templates/**/*.tmpl"
@ -90,3 +93,5 @@ jobs:
- "**/*.yml" - "**/*.yml"
- "**/*.yaml" - "**/*.yaml"
- ".yamllint.yaml" - ".yamllint.yaml"
- "pyproject.toml"
- "poetry.lock"

@ -16,10 +16,10 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
- run: make deps-backend deps-tools - run: make deps-backend deps-tools
- run: make lint-backend - run: make lint-backend
@ -31,7 +31,7 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-python@v4 - uses: actions/setup-python@v4
with: with:
python-version: "3.11" python-version: "3.11"
@ -44,7 +44,7 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-python@v4 - uses: actions/setup-python@v4
with: with:
python-version: "3.11" python-version: "3.11"
@ -57,7 +57,7 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-node@v3 - uses: actions/setup-node@v3
with: with:
node-version: 20 node-version: 20
@ -69,10 +69,10 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
- run: make deps-backend deps-tools - run: make deps-backend deps-tools
- run: make lint-go-windows lint-go-vet - run: make lint-go-windows lint-go-vet
@ -86,10 +86,10 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
- run: make deps-backend deps-tools - run: make deps-backend deps-tools
- run: make lint-go - run: make lint-go
@ -101,10 +101,10 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
- run: make deps-backend deps-tools - run: make deps-backend deps-tools
- run: make --always-make checks-backend # ensure the "go-licenses" make target runs - run: make --always-make checks-backend # ensure the "go-licenses" make target runs
@ -114,7 +114,7 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-node@v3 - uses: actions/setup-node@v3
with: with:
node-version: 20 node-version: 20
@ -129,10 +129,10 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
# no frontend build here as backend should be able to build # no frontend build here as backend should be able to build
# even without any frontend files # even without any frontend files
@ -161,7 +161,7 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-node@v3 - uses: actions/setup-node@v3
with: with:
node-version: 20 node-version: 20
@ -174,6 +174,9 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- run: make lint-actions - run: make lint-actions

@ -17,7 +17,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
services: services:
pgsql: pgsql:
image: postgres:15 image: postgres:12
env: env:
POSTGRES_DB: test POSTGRES_DB: test
POSTGRES_PASSWORD: postgres POSTGRES_PASSWORD: postgres
@ -31,17 +31,17 @@ jobs:
minio: minio:
# as github actions doesn't support "entrypoint", we need to use a non-official image # as github actions doesn't support "entrypoint", we need to use a non-official image
# that has a custom entrypoint set to "minio server /data" # that has a custom entrypoint set to "minio server /data"
image: bitnami/minio:2021.3.17 image: bitnami/minio:2023.8.31
env: env:
MINIO_ACCESS_KEY: 123456 MINIO_ROOT_USER: 123456
MINIO_SECRET_KEY: 12345678 MINIO_ROOT_PASSWORD: 12345678
ports: ports:
- "9000:9000" - "9000:9000"
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
- name: Add hosts to /etc/hosts - name: Add hosts to /etc/hosts
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 pgsql ldap minio" | sudo tee -a /etc/hosts' run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 pgsql ldap minio" | sudo tee -a /etc/hosts'
@ -63,10 +63,10 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
- run: make deps-backend - run: make deps-backend
- run: make backend - run: make backend
@ -85,13 +85,6 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
services: services:
mysql:
image: mysql:5.7
env:
MYSQL_ALLOW_EMPTY_PASSWORD: true
MYSQL_DATABASE: test
ports:
- "3306:3306"
elasticsearch: elasticsearch:
image: elasticsearch:7.5.0 image: elasticsearch:7.5.0
env: env:
@ -104,13 +97,6 @@ jobs:
MEILI_ENV: development # disable auth MEILI_ENV: development # disable auth
ports: ports:
- "7700:7700" - "7700:7700"
smtpimap:
image: tabascoterrier/docker-imap-devel:latest
ports:
- "25:25"
- "143:143"
- "587:587"
- "993:993"
redis: redis:
image: redis image: redis
options: >- # wait until redis has started options: >- # wait until redis has started
@ -128,10 +114,10 @@ jobs:
ports: ports:
- "9000:9000" - "9000:9000"
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
- name: Add hosts to /etc/hosts - name: Add hosts to /etc/hosts
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mysql elasticsearch meilisearch smtpimap" | sudo tee -a /etc/hosts' run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mysql elasticsearch meilisearch smtpimap" | sudo tee -a /etc/hosts'
@ -152,16 +138,16 @@ jobs:
RACE_ENABLED: true RACE_ENABLED: true
GITHUB_READ_TOKEN: ${{ secrets.GITHUB_READ_TOKEN }} GITHUB_READ_TOKEN: ${{ secrets.GITHUB_READ_TOKEN }}
test-mysql5: test-mysql:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true' if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
services: services:
mysql: mysql:
image: mysql:5.7 image: mysql:8.0
env: env:
MYSQL_ALLOW_EMPTY_PASSWORD: true MYSQL_ALLOW_EMPTY_PASSWORD: true
MYSQL_DATABASE: test MYSQL_DATABASE: testgitea
ports: ports:
- "3306:3306" - "3306:3306"
elasticsearch: elasticsearch:
@ -178,10 +164,10 @@ jobs:
- "587:587" - "587:587"
- "993:993" - "993:993"
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
- name: Add hosts to /etc/hosts - name: Add hosts to /etc/hosts
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mysql elasticsearch smtpimap" | sudo tee -a /etc/hosts' run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mysql elasticsearch smtpimap" | sudo tee -a /etc/hosts'
@ -197,43 +183,13 @@ jobs:
USE_REPO_TEST_DIR: 1 USE_REPO_TEST_DIR: 1
TEST_INDEXER_CODE_ES_URL: "http://elastic:changeme@elasticsearch:9200" TEST_INDEXER_CODE_ES_URL: "http://elastic:changeme@elasticsearch:9200"
test-mysql8:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
services:
mysql8:
image: mysql:8
env:
MYSQL_ALLOW_EMPTY_PASSWORD: true
MYSQL_DATABASE: testgitea
ports:
- "3306:3306"
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: "~1.21"
check-latest: true
- name: Add hosts to /etc/hosts
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mysql8" | sudo tee -a /etc/hosts'
- run: make deps-backend
- run: make backend
env:
TAGS: bindata
- run: make test-mysql8-migration test-mysql8
timeout-minutes: 50
env:
TAGS: bindata
USE_REPO_TEST_DIR: 1
test-mssql: test-mssql:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true' if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
services: services:
mssql: mssql:
image: mcr.microsoft.com/mssql/server:latest image: mcr.microsoft.com/mssql/server:2017-latest
env: env:
ACCEPT_EULA: Y ACCEPT_EULA: Y
MSSQL_PID: Standard MSSQL_PID: Standard
@ -241,10 +197,10 @@ jobs:
ports: ports:
- "1433:1433" - "1433:1433"
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
- name: Add hosts to /etc/hosts - name: Add hosts to /etc/hosts
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mssql" | sudo tee -a /etc/hosts' run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mssql" | sudo tee -a /etc/hosts'

@ -16,10 +16,10 @@ jobs:
needs: files-changed needs: files-changed
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
- uses: actions/setup-node@v3 - uses: actions/setup-node@v3
with: with:

@ -18,4 +18,3 @@ jobs:
- uses: actions/labeler@v4 - uses: actions/labeler@v4
with: with:
dot: true dot: true
sync-labels: true

@ -1,20 +1,26 @@
name: release-nightly-assets name: release-nightly
on: on:
push: push:
branches: [ main, release/v* ] branches: [ main, release/v* ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs: jobs:
disk-clean:
uses: ./.github/workflows/disk-clean.yml
nightly-binary: nightly-binary:
runs-on: ubuntu-latest runs-on: nscloud
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions # fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force - run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v4 - uses: actions/setup-go@v4
with: with:
go-version: "~1.21" go-version-file: go.mod
check-latest: true check-latest: true
- uses: actions/setup-node@v3 - uses: actions/setup-node@v3
with: with:
@ -42,22 +48,26 @@ jobs:
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//') REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
echo "Cleaned name is ${REF_NAME}" echo "Cleaned name is ${REF_NAME}"
echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT" echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
- name: configure aws
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: upload binaries to s3 - name: upload binaries to s3
uses: jakejarvis/s3-sync-action@master run: |
env: aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} nightly-docker-rootful:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.AWS_REGION }}
SOURCE_DIR: dist/release
DEST_DIR: gitea/${{ steps.clean_name.outputs.branch }}
nightly-docker:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions # fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force - run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- uses: docker/setup-qemu-action@v2 - uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2 - uses: docker/setup-buildx-action@v2
- name: Get cleaned branch name - name: Get cleaned branch name
@ -75,6 +85,8 @@ jobs:
with: with:
username: ${{ secrets.DOCKERHUB_USERNAME }} username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }} password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: fetch go modules
run: make vendor
- name: build rootful docker image - name: build rootful docker image
uses: docker/build-push-action@v4 uses: docker/build-push-action@v4
with: with:
@ -82,6 +94,36 @@ jobs:
platforms: linux/amd64,linux/arm64 platforms: linux/amd64,linux/arm64
push: true push: true
tags: gitea/gitea:${{ steps.clean_name.outputs.branch }} tags: gitea/gitea:${{ steps.clean_name.outputs.branch }}
nightly-docker-rootless:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2
- name: Get cleaned branch name
id: clean_name
run: |
# if main then say nightly otherwise cleanup name
if [ "${{ github.ref }}" = "refs/heads/main" ]; then
echo "branch=nightly" >> "$GITHUB_OUTPUT"
exit 0
fi
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT"
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: fetch go modules
run: make vendor
- name: build rootless docker image - name: build rootless docker image
uses: docker/build-push-action@v4 uses: docker/build-push-action@v4
with: with:

125
.github/workflows/release-tag-rc.yml vendored Normal file

@ -0,0 +1,125 @@
name: release-tag-rc
on:
push:
tags:
- 'v1*-rc*'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
jobs:
binary:
runs-on: nscloud
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- uses: actions/setup-node@v3
with:
node-version: 20
- run: make deps-frontend deps-backend
# xgo build
- run: make release
env:
TAGS: bindata sqlite sqlite_unlock_notify
- name: import gpg key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v5
with:
gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
- name: sign binaries
run: |
for f in dist/release/*; do
echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
done
# clean branch name to get the folder name in S3
- name: Get cleaned branch name
id: clean_name
run: |
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
echo "Cleaned name is ${REF_NAME}"
echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
- name: configure aws
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: upload binaries to s3
run: |
aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
- name: create github release
run: |
gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --draft --notes-from-tag dist/release/*
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
docker-rootful:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2
- uses: docker/metadata-action@v5
id: meta
with:
images: gitea/gitea
# 1.2.3-rc0
tags: |
type=semver,pattern={{version}}
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: build rootful docker image
uses: docker/build-push-action@v4
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
docker-rootless:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2
- uses: docker/metadata-action@v5
id: meta
with:
images: gitea/gitea
# each tag below will have the suffix of -rootless
flavor: |
suffix=-rootless
# 1.2.3-rc0
tags: |
type=semver,pattern={{version}}
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: build rootless docker image
uses: docker/build-push-action@v4
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
file: Dockerfile.rootless
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

@ -0,0 +1,141 @@
name: release-tag-version
on:
push:
tags:
- 'v1.*'
- '!v1*-rc*'
- '!v1*-dev'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
jobs:
binary:
runs-on: nscloud
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- uses: actions/setup-node@v3
with:
node-version: 20
- run: make deps-frontend deps-backend
# xgo build
- run: make release
env:
TAGS: bindata sqlite sqlite_unlock_notify
- name: import gpg key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v5
with:
gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
- name: sign binaries
run: |
for f in dist/release/*; do
echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
done
# clean branch name to get the folder name in S3
- name: Get cleaned branch name
id: clean_name
run: |
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
echo "Cleaned name is ${REF_NAME}"
echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
- name: configure aws
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: upload binaries to s3
run: |
aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
- name: create github release
run: |
gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --draft --notes-from-tag dist/release/*
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
docker-rootful:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2
- uses: docker/metadata-action@v5
id: meta
with:
images: gitea/gitea
# this will generate tags in the following format:
# latest
# 1
# 1.2
# 1.2.3
tags: |
type=raw,value=latest
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{version}}
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: build rootful docker image
uses: docker/build-push-action@v4
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
docker-rootless:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2
- uses: docker/metadata-action@v5
id: meta
with:
images: gitea/gitea
# each tag below will have the suffix of -rootless
flavor: |
suffix=-rootless
# this will generate tags in the following format (with -rootless suffix added):
# latest
# 1
# 1.2
# 1.2.3
tags: |
type=raw,value=latest
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{version}}
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: build rootless docker image
uses: docker/build-push-action@v4
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
file: Dockerfile.rootless
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

1
.gitignore vendored

@ -95,6 +95,7 @@ cpu.out
/.go-licenses /.go-licenses
# Snapcraft # Snapcraft
/gitea_a*.txt
snap/.snapcraft/ snap/.snapcraft/
parts/ parts/
stage/ stage/

@ -6,7 +6,6 @@ line-length: {code_blocks: false, tables: false, stern: true, line_length: -1}
no-alt-text: false no-alt-text: false
no-bare-urls: false no-bare-urls: false
no-blanks-blockquote: false no-blanks-blockquote: false
no-duplicate-header: {allow_different_nesting: true}
no-emphasis-as-header: false no-emphasis-as-header: false
no-empty-links: false no-empty-links: false
no-hard-tabs: {code_blocks: false} no-hard-tabs: {code_blocks: false}

@ -103,7 +103,7 @@ rules:
property-no-vendor-prefix: null property-no-vendor-prefix: null
rule-empty-line-before: null rule-empty-line-before: null
rule-selector-property-disallowed-list: null rule-selector-property-disallowed-list: null
scale-unlimited/declaration-strict-value: [[color, background-color, border-color, font-weight], {ignoreValues: /^(inherit|transparent|unset|initial|currentcolor|none)$/, ignoreFunctions: false, disableFix: true}] scale-unlimited/declaration-strict-value: [[/color$/, font-weight], {ignoreValues: /^(inherit|transparent|unset|initial|currentcolor|none)$/, ignoreFunctions: false, disableFix: true, expandShorthand: true}]
selector-attribute-name-disallowed-list: null selector-attribute-name-disallowed-list: null
selector-attribute-operator-allowed-list: null selector-attribute-operator-allowed-list: null
selector-attribute-operator-disallowed-list: null selector-attribute-operator-disallowed-list: null

@ -24,8 +24,6 @@ rules:
document-start: document-start:
level: error level: error
present: false present: false
ignore: |
/.drone.yml
document-end: document-end:
present: false present: false
@ -44,5 +42,3 @@ rules:
ignore: | ignore: |
.venv .venv
node_modules node_modules
/models/fixtures
/models/migrations/fixtures

@ -42,13 +42,13 @@ GARGS = "--no-print-directory"
# The GNU convention is to use the lowercased `prefix` variable/macro to # The GNU convention is to use the lowercased `prefix` variable/macro to
# specify the installation directory. Humor them. # specify the installation directory. Humor them.
GPREFIX = "" GPREFIX =
.if defined(PREFIX) && ! defined(prefix) .if defined(PREFIX) && ! defined(prefix)
GPREFIX = 'prefix = "$(PREFIX)"' GPREFIX = 'prefix = "$(PREFIX)"'
.endif .endif
.BEGIN: .SILENT .BEGIN: .SILENT
which $(GMAKE) || printf "Error: GNU Make is required!\n\n" 1>&2 && false which $(GMAKE) || (printf "Error: GNU Make is required!\n\n" 1>&2 && false)
.PHONY: FRC .PHONY: FRC
$(.TARGETS): FRC $(.TARGETS): FRC

@ -4,6 +4,33 @@ This changelog goes through all the changes that have been made in each release
without substantial changes to our git log; to see the highlights of what has without substantial changes to our git log; to see the highlights of what has
been added to each release, please refer to the [blog](https://blog.gitea.com). been added to each release, please refer to the [blog](https://blog.gitea.com).
## [1.20.5](https://github.com/go-gitea/gitea/releases/tag/v1.20.5) - 2023-10-03
* ENHANCEMENTS
* Fix z-index on markdown completion (#27237) (#27242 & #27238)
* Use secure cookie for HTTPS sites (#26999) (#27013)
* BUGFIXES
* Fix git 2.11 error when checking IsEmpty (#27393) (#27396)
* Allow get release download files and lfs files with oauth2 token format (#26430) (#27378)
* Fix orphan check for deleted branch (#27310) (#27320)
* Quote table `release` in sql queries (#27205) (#27219)
* Fix release URL in webhooks (#27182) (#27184)
* Fix successful return value for `SyncAndGetUserSpecificDiff` (#27152) (#27156)
* fix pagination for followers and following (#27127) (#27138)
* Fix issue templates when blank isses are disabled (#27061) (#27082)
* Fix context cache bug & enable context cache for dashabord commits' authors(#26991) (#27017)
* Fix INI parsing for value with trailing slash (#26995) (#27001)
* Fix PushEvent NullPointerException jenkinsci/github-plugin (#27203) (#27249)
* Fix organization field being null in POST /orgs/{orgid}/teams (#27150) (#27167 & #27162)
* Fix bug of review request number (#27406) (#27104)
* TESTING
* services/wiki: Close() after error handling (#27129) (#27137)
* DOCS
* Improve actions docs related to `pull_request` event (#27126) (#27145)
* MISC
* Add logs for data broken of comment review (#27326) (#27344)
* Load reviewer before sending notification (#27063) (#27064)
## [1.20.4](https://github.com/go-gitea/gitea/releases/tag/v1.20.4) - 2023-09-08 ## [1.20.4](https://github.com/go-gitea/gitea/releases/tag/v1.20.4) - 2023-09-08
* SECURITY * SECURITY

@ -225,17 +225,20 @@ PRs without a milestone may not be merged.
### Labels ### Labels
Every PR should be labeled correctly with every label that applies. \ Almost all labels used inside Gitea can be classified as one of the following:
This includes especially the distinction between `bug` (fixing existing functionality), `feature` (new functionality), `enhancement` (upgrades for existing functionality), and `refactoring` (improving the internal code structure without changing the output (much)). \
Furthermore, - `modifies/…`: Determines which parts of the codebase are affected. These labels will be set through the CI.
- `topic/…`: Determines the conceptual component of Gitea that is affected, i.e. issues, projects, or authentication. At best, PRs should only target one component but there might be overlap. Must be set manually.
- `type/…`: Determines the type of an issue or PR (feature, refactoring, docs, bug, …). If GitHub supported scoped labels, these labels would be exclusive, so you should set **exactly** one, not more or less (every PR should fall into one of the provided categories, and only one).
- `issue/…` / `pr/…`: Labels that are specific to issues or PRs respectively and that are only necessary in a given context, i.e. `issue/not-a-bug` or `pr/need-2-approvals`
Every PR should be labeled correctly with every label that applies.
There are also some labels that will be managed automatically.\
In particular, these are
- the amount of pending required approvals - the amount of pending required approvals
- whether this PR is `blocked`, a `backport` or `breaking` - has all `backport`s or needs a manual backport
- if it targets the `ui` or `api`
- if it increases the application `speed`
- reduces `memory usage`
are oftentimes notable labels.
### Breaking PRs ### Breaking PRs

@ -56,3 +56,6 @@ Denys Konovalov <kontakt@denyskon.de> (@denyskon)
Punit Inani <punitinani1@gmail.com> (@puni9869) Punit Inani <punitinani1@gmail.com> (@puni9869)
CaiCandong <1290147055@qq.com> (@caicandong) CaiCandong <1290147055@qq.com> (@caicandong)
Rui Chen <rui@chenrui.dev> (@chenrui333) Rui Chen <rui@chenrui.dev> (@chenrui333)
Nanguan Lin <nanguanlin6@gmail.com> (@lng2020)
kerwin612 <kerwin612@qq.com> (@kerwin612)
Gary Wang <git@blumia.net> (@BLumia)

@ -49,10 +49,14 @@ ifeq ($(HAS_GO), yes)
CGO_CFLAGS ?= $(shell $(GO) env CGO_CFLAGS) $(CGO_EXTRA_CFLAGS) CGO_CFLAGS ?= $(shell $(GO) env CGO_CFLAGS) $(CGO_EXTRA_CFLAGS)
endif endif
ifeq ($(OS), Windows_NT) ifeq ($(GOOS),windows)
GOFLAGS := -v -buildmode=exe IS_WINDOWS := yes
EXECUTABLE ?= gitea.exe else ifeq ($(patsubst Windows%,Windows,$(OS)),Windows)
else ifeq ($(OS), Windows) ifeq ($(GOOS),)
IS_WINDOWS := yes
endif
endif
ifeq ($(IS_WINDOWS),yes)
GOFLAGS := -v -buildmode=exe GOFLAGS := -v -buildmode=exe
EXECUTABLE ?= gitea.exe EXECUTABLE ?= gitea.exe
else else
@ -167,10 +171,6 @@ TEST_MYSQL_HOST ?= mysql:3306
TEST_MYSQL_DBNAME ?= testgitea TEST_MYSQL_DBNAME ?= testgitea
TEST_MYSQL_USERNAME ?= root TEST_MYSQL_USERNAME ?= root
TEST_MYSQL_PASSWORD ?= TEST_MYSQL_PASSWORD ?=
TEST_MYSQL8_HOST ?= mysql8:3306
TEST_MYSQL8_DBNAME ?= testgitea
TEST_MYSQL8_USERNAME ?= root
TEST_MYSQL8_PASSWORD ?=
TEST_PGSQL_HOST ?= pgsql:5432 TEST_PGSQL_HOST ?= pgsql:5432
TEST_PGSQL_DBNAME ?= testgitea TEST_PGSQL_DBNAME ?= testgitea
TEST_PGSQL_USERNAME ?= postgres TEST_PGSQL_USERNAME ?= postgres
@ -226,6 +226,7 @@ help:
@echo " - test-frontend test frontend files" @echo " - test-frontend test frontend files"
@echo " - test-backend test backend files" @echo " - test-backend test backend files"
@echo " - test-e2e[\#TestSpecificName] test end to end using playwright" @echo " - test-e2e[\#TestSpecificName] test end to end using playwright"
@echo " - update update js and py dependencies"
@echo " - update-js update js dependencies" @echo " - update-js update js dependencies"
@echo " - update-py update py dependencies" @echo " - update-py update py dependencies"
@echo " - webpack build webpack files" @echo " - webpack build webpack files"
@ -277,16 +278,15 @@ clean-all: clean
.PHONY: clean .PHONY: clean
clean: clean:
$(GO) clean -i ./...
rm -rf $(EXECUTABLE) $(DIST) $(BINDATA_DEST) $(BINDATA_HASH) \ rm -rf $(EXECUTABLE) $(DIST) $(BINDATA_DEST) $(BINDATA_HASH) \
integrations*.test \ integrations*.test \
e2e*.test \ e2e*.test \
tests/integration/gitea-integration-pgsql/ tests/integration/gitea-integration-mysql/ tests/integration/gitea-integration-mysql8/ tests/integration/gitea-integration-sqlite/ \ tests/integration/gitea-integration-* \
tests/integration/gitea-integration-mssql/ tests/integration/indexers-mysql/ tests/integration/indexers-mysql8/ tests/integration/indexers-pgsql tests/integration/indexers-sqlite \ tests/integration/indexers-* \
tests/integration/indexers-mssql tests/mysql.ini tests/mysql8.ini tests/pgsql.ini tests/mssql.ini man/ \ tests/mysql.ini tests/pgsql.ini tests/mssql.ini man/ \
tests/e2e/gitea-e2e-pgsql/ tests/e2e/gitea-e2e-mysql/ tests/e2e/gitea-e2e-mysql8/ tests/e2e/gitea-e2e-sqlite/ \ tests/e2e/gitea-e2e-*/ \
tests/e2e/gitea-e2e-mssql/ tests/e2e/indexers-mysql/ tests/e2e/indexers-mysql8/ tests/e2e/indexers-pgsql/ tests/e2e/indexers-sqlite/ \ tests/e2e/indexers-*/ \
tests/e2e/indexers-mssql/ tests/e2e/reports/ tests/e2e/test-artifacts/ tests/e2e/test-snapshots/ tests/e2e/reports/ tests/e2e/test-artifacts/ tests/e2e/test-snapshots/
.PHONY: fmt .PHONY: fmt
fmt: fmt:
@ -550,27 +550,6 @@ test-mysql\#%: integrations.mysql.test generate-ini-mysql
.PHONY: test-mysql-migration .PHONY: test-mysql-migration
test-mysql-migration: migrations.mysql.test migrations.individual.mysql.test test-mysql-migration: migrations.mysql.test migrations.individual.mysql.test
generate-ini-mysql8:
sed -e 's|{{TEST_MYSQL8_HOST}}|${TEST_MYSQL8_HOST}|g' \
-e 's|{{TEST_MYSQL8_DBNAME}}|${TEST_MYSQL8_DBNAME}|g' \
-e 's|{{TEST_MYSQL8_USERNAME}}|${TEST_MYSQL8_USERNAME}|g' \
-e 's|{{TEST_MYSQL8_PASSWORD}}|${TEST_MYSQL8_PASSWORD}|g' \
-e 's|{{REPO_TEST_DIR}}|${REPO_TEST_DIR}|g' \
-e 's|{{TEST_LOGGER}}|$(or $(TEST_LOGGER),test$(COMMA)file)|g' \
-e 's|{{TEST_TYPE}}|$(or $(TEST_TYPE),integration)|g' \
tests/mysql8.ini.tmpl > tests/mysql8.ini
.PHONY: test-mysql8
test-mysql8: integrations.mysql8.test generate-ini-mysql8
GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql8.ini ./integrations.mysql8.test
.PHONY: test-mysql8\#%
test-mysql8\#%: integrations.mysql8.test generate-ini-mysql8
GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql8.ini ./integrations.mysql8.test -test.run $(subst .,/,$*)
.PHONY: test-mysql8-migration
test-mysql8-migration: migrations.mysql8.test migrations.individual.mysql8.test
generate-ini-pgsql: generate-ini-pgsql:
sed -e 's|{{TEST_PGSQL_HOST}}|${TEST_PGSQL_HOST}|g' \ sed -e 's|{{TEST_PGSQL_HOST}}|${TEST_PGSQL_HOST}|g' \
-e 's|{{TEST_PGSQL_DBNAME}}|${TEST_PGSQL_DBNAME}|g' \ -e 's|{{TEST_PGSQL_DBNAME}}|${TEST_PGSQL_DBNAME}|g' \
@ -643,14 +622,6 @@ test-e2e-mysql: playwright e2e.mysql.test generate-ini-mysql
test-e2e-mysql\#%: playwright e2e.mysql.test generate-ini-mysql test-e2e-mysql\#%: playwright e2e.mysql.test generate-ini-mysql
GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini ./e2e.mysql.test -test.run TestE2e/$* GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini ./e2e.mysql.test -test.run TestE2e/$*
.PHONY: test-e2e-mysql8
test-e2e-mysql8: playwright e2e.mysql8.test generate-ini-mysql8
GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql8.ini ./e2e.mysql8.test
.PHONY: test-e2e-mysql8\#%
test-e2e-mysql8\#%: playwright e2e.mysql8.test generate-ini-mysql8
GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql8.ini ./e2e.mysql8.test -test.run TestE2e/$*
.PHONY: test-e2e-pgsql .PHONY: test-e2e-pgsql
test-e2e-pgsql: playwright e2e.pgsql.test generate-ini-pgsql test-e2e-pgsql: playwright e2e.pgsql.test generate-ini-pgsql
GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini ./e2e.pgsql.test GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini ./e2e.pgsql.test
@ -694,9 +665,6 @@ integration-test-coverage-sqlite: integrations.cover.sqlite.test generate-ini-sq
integrations.mysql.test: git-check $(GO_SOURCES) integrations.mysql.test: git-check $(GO_SOURCES)
$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.mysql.test $(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.mysql.test
integrations.mysql8.test: git-check $(GO_SOURCES)
$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.mysql8.test
integrations.pgsql.test: git-check $(GO_SOURCES) integrations.pgsql.test: git-check $(GO_SOURCES)
$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.pgsql.test $(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.pgsql.test
@ -717,11 +685,6 @@ migrations.mysql.test: $(GO_SOURCES) generate-ini-mysql
$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.mysql.test $(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.mysql.test
GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini ./migrations.mysql.test GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini ./migrations.mysql.test
.PHONY: migrations.mysql8.test
migrations.mysql8.test: $(GO_SOURCES) generate-ini-mysql8
$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.mysql8.test
GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql8.ini ./migrations.mysql8.test
.PHONY: migrations.pgsql.test .PHONY: migrations.pgsql.test
migrations.pgsql.test: $(GO_SOURCES) generate-ini-pgsql migrations.pgsql.test: $(GO_SOURCES) generate-ini-pgsql
$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.pgsql.test $(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.pgsql.test
@ -743,13 +706,7 @@ migrations.individual.mysql.test: $(GO_SOURCES)
GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini $(GO) test $(GOTESTFLAGS) -tags '$(TEST_TAGS)' $$pkg; \ GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini $(GO) test $(GOTESTFLAGS) -tags '$(TEST_TAGS)' $$pkg; \
done done
.PHONY: migrations.individual.mysql8.test .PHONY: migrations.individual.sqlite.test\#%
migrations.individual.mysql8.test: $(GO_SOURCES)
for pkg in $(shell $(GO) list code.gitea.io/gitea/models/migrations/...); do \
GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql8.ini $(GO) test $(GOTESTFLAGS) -tags '$(TEST_TAGS)' $$pkg; \
done
.PHONY: migrations.individual.mysql8.test\#%
migrations.individual.sqlite.test\#%: $(GO_SOURCES) generate-ini-sqlite migrations.individual.sqlite.test\#%: $(GO_SOURCES) generate-ini-sqlite
GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GO) test $(GOTESTFLAGS) -tags '$(TEST_TAGS)' code.gitea.io/gitea/models/migrations/$* GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GO) test $(GOTESTFLAGS) -tags '$(TEST_TAGS)' code.gitea.io/gitea/models/migrations/$*
@ -787,9 +744,6 @@ migrations.individual.sqlite.test\#%: $(GO_SOURCES) generate-ini-sqlite
e2e.mysql.test: $(GO_SOURCES) e2e.mysql.test: $(GO_SOURCES)
$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.mysql.test $(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.mysql.test
e2e.mysql8.test: $(GO_SOURCES)
$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.mysql8.test
e2e.pgsql.test: $(GO_SOURCES) e2e.pgsql.test: $(GO_SOURCES)
$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.pgsql.test $(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.pgsql.test
@ -924,6 +878,9 @@ node_modules: package-lock.json
poetry install poetry install
@touch .venv @touch .venv
.PHONY: update
update: update-js update-py
.PHONY: update-js .PHONY: update-js
update-js: node-check | node_modules update-js: node-check | node_modules
npx updates -u -f package.json npx updates -u -f package.json

@ -6,8 +6,8 @@
<h1 align="center">Gitea - Git with a cup of tea</h1> <h1 align="center">Gitea - Git with a cup of tea</h1>
<p align="center"> <p align="center">
<a href="https://drone.gitea.io/go-gitea/gitea" title="Build Status"> <a href="https://github.com/go-gitea/gitea/actions/workflows/release-nightly.yml?query=branch%3Amain" title="Release Nightly">
<img src="https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg?ref=refs/heads/main"> <img src="https://github.com/go-gitea/gitea/actions/workflows/release-nightly.yml/badge.svg?branch=main">
</a> </a>
<a href="https://discord.gg/Gitea" title="Join the Discord chat at https://discord.gg/Gitea"> <a href="https://discord.gg/Gitea" title="Join the Discord chat at https://discord.gg/Gitea">
<img src="https://img.shields.io/discord/322538954119184384.svg"> <img src="https://img.shields.io/discord/322538954119184384.svg">

@ -6,8 +6,8 @@
<h1 align="center">Gitea - Git with a cup of tea</h1> <h1 align="center">Gitea - Git with a cup of tea</h1>
<p align="center"> <p align="center">
<a href="https://drone.gitea.io/go-gitea/gitea" title="Build Status"> <a href="https://github.com/go-gitea/gitea/actions/workflows/release-nightly.yml?query=branch%3Amain" title="Release Nightly">
<img src="https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg?ref=refs/heads/main"> <img src="https://github.com/go-gitea/gitea/actions/workflows/release-nightly.yml/badge.svg?branch=main">
</a> </a>
<a href="https://discord.gg/Gitea" title="Join the Discord chat at https://discord.gg/Gitea"> <a href="https://discord.gg/Gitea" title="Join the Discord chat at https://discord.gg/Gitea">
<img src="https://img.shields.io/discord/322538954119184384.svg"> <img src="https://img.shields.io/discord/322538954119184384.svg">

@ -12,7 +12,7 @@ Please **DO NOT** file a public issue, instead send your report privately to `se
## Protecting Security Information ## Protecting Security Information
Due to the sensitive nature of security information, you can use below GPG public key encrypt your mail body. Due to the sensitive nature of security information, you can use the below GPG public key to encrypt your mail body.
The PGP key is valid until June 24, 2024. The PGP key is valid until June 24, 2024.

File diff suppressed because one or more lines are too long

@ -6,26 +6,13 @@ package cmd
import ( import (
"context" "context"
"errors"
"fmt" "fmt"
"net/url"
"os"
"strings"
"text/tabwriter"
asymkey_model "code.gitea.io/gitea/models/asymkey"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db" "code.gitea.io/gitea/models/db"
repo_model "code.gitea.io/gitea/models/repo" repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/graceful"
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
repo_module "code.gitea.io/gitea/modules/repository" repo_module "code.gitea.io/gitea/modules/repository"
"code.gitea.io/gitea/modules/util"
auth_service "code.gitea.io/gitea/services/auth"
"code.gitea.io/gitea/services/auth/source/oauth2"
"code.gitea.io/gitea/services/auth/source/smtp"
repo_service "code.gitea.io/gitea/services/repository"
"github.com/urfave/cli/v2" "github.com/urfave/cli/v2"
) )
@ -59,28 +46,16 @@ var (
}, },
} }
microcmdRegenHooks = &cli.Command{
Name: "hooks",
Usage: "Regenerate git-hooks",
Action: runRegenerateHooks,
}
microcmdRegenKeys = &cli.Command{
Name: "keys",
Usage: "Regenerate authorized_keys file",
Action: runRegenerateKeys,
}
subcmdAuth = &cli.Command{ subcmdAuth = &cli.Command{
Name: "auth", Name: "auth",
Usage: "Modify external auth providers", Usage: "Modify external auth providers",
Subcommands: []*cli.Command{ Subcommands: []*cli.Command{
microcmdAuthAddOauth, microcmdAuthAddOauth,
microcmdAuthUpdateOauth, microcmdAuthUpdateOauth,
cmdAuthAddLdapBindDn, microcmdAuthAddLdapBindDn,
cmdAuthUpdateLdapBindDn, microcmdAuthUpdateLdapBindDn,
cmdAuthAddLdapSimpleAuth, microcmdAuthAddLdapSimpleAuth,
cmdAuthUpdateLdapSimpleAuth, microcmdAuthUpdateLdapSimpleAuth,
microcmdAuthAddSMTP, microcmdAuthAddSMTP,
microcmdAuthUpdateSMTP, microcmdAuthUpdateSMTP,
microcmdAuthList, microcmdAuthList,
@ -88,170 +63,6 @@ var (
}, },
} }
microcmdAuthList = &cli.Command{
Name: "list",
Usage: "List auth sources",
Action: runListAuth,
Flags: []cli.Flag{
&cli.IntFlag{
Name: "min-width",
Usage: "Minimal cell width including any padding for the formatted table",
Value: 0,
},
&cli.IntFlag{
Name: "tab-width",
Usage: "width of tab characters in formatted table (equivalent number of spaces)",
Value: 8,
},
&cli.IntFlag{
Name: "padding",
Usage: "padding added to a cell before computing its width",
Value: 1,
},
&cli.StringFlag{
Name: "pad-char",
Usage: `ASCII char used for padding if padchar == '\\t', the Writer will assume that the width of a '\\t' in the formatted output is tabwidth, and cells are left-aligned independent of align_left (for correct-looking results, tabwidth must correspond to the tab width in the viewer displaying the result)`,
Value: "\t",
},
&cli.BoolFlag{
Name: "vertical-bars",
Usage: "Set to true to print vertical bars between columns",
},
},
}
idFlag = &cli.Int64Flag{
Name: "id",
Usage: "ID of authentication source",
}
microcmdAuthDelete = &cli.Command{
Name: "delete",
Usage: "Delete specific auth source",
Flags: []cli.Flag{idFlag},
Action: runDeleteAuth,
}
oauthCLIFlags = []cli.Flag{
&cli.StringFlag{
Name: "name",
Value: "",
Usage: "Application Name",
},
&cli.StringFlag{
Name: "provider",
Value: "",
Usage: "OAuth2 Provider",
},
&cli.StringFlag{
Name: "key",
Value: "",
Usage: "Client ID (Key)",
},
&cli.StringFlag{
Name: "secret",
Value: "",
Usage: "Client Secret",
},
&cli.StringFlag{
Name: "auto-discover-url",
Value: "",
Usage: "OpenID Connect Auto Discovery URL (only required when using OpenID Connect as provider)",
},
&cli.StringFlag{
Name: "use-custom-urls",
Value: "false",
Usage: "Use custom URLs for GitLab/GitHub OAuth endpoints",
},
&cli.StringFlag{
Name: "custom-tenant-id",
Value: "",
Usage: "Use custom Tenant ID for OAuth endpoints",
},
&cli.StringFlag{
Name: "custom-auth-url",
Value: "",
Usage: "Use a custom Authorization URL (option for GitLab/GitHub)",
},
&cli.StringFlag{
Name: "custom-token-url",
Value: "",
Usage: "Use a custom Token URL (option for GitLab/GitHub)",
},
&cli.StringFlag{
Name: "custom-profile-url",
Value: "",
Usage: "Use a custom Profile URL (option for GitLab/GitHub)",
},
&cli.StringFlag{
Name: "custom-email-url",
Value: "",
Usage: "Use a custom Email URL (option for GitHub)",
},
&cli.StringFlag{
Name: "icon-url",
Value: "",
Usage: "Custom icon URL for OAuth2 login source",
},
&cli.BoolFlag{
Name: "skip-local-2fa",
Usage: "Set to true to skip local 2fa for users authenticated by this source",
},
&cli.StringSliceFlag{
Name: "scopes",
Value: nil,
Usage: "Scopes to request when to authenticate against this OAuth2 source",
},
&cli.StringFlag{
Name: "required-claim-name",
Value: "",
Usage: "Claim name that has to be set to allow users to login with this source",
},
&cli.StringFlag{
Name: "required-claim-value",
Value: "",
Usage: "Claim value that has to be set to allow users to login with this source",
},
&cli.StringFlag{
Name: "group-claim-name",
Value: "",
Usage: "Claim name providing group names for this source",
},
&cli.StringFlag{
Name: "admin-group",
Value: "",
Usage: "Group Claim value for administrator users",
},
&cli.StringFlag{
Name: "restricted-group",
Value: "",
Usage: "Group Claim value for restricted users",
},
&cli.StringFlag{
Name: "group-team-map",
Value: "",
Usage: "JSON mapping between groups and org teams",
},
&cli.BoolFlag{
Name: "group-team-map-removal",
Usage: "Activate automatic team membership removal depending on groups",
},
}
microcmdAuthUpdateOauth = &cli.Command{
Name: "update-oauth",
Usage: "Update existing Oauth authentication source",
Action: runUpdateOauth,
Flags: append(oauthCLIFlags[:1], append([]cli.Flag{idFlag}, oauthCLIFlags[1:]...)...),
}
microcmdAuthAddOauth = &cli.Command{
Name: "add-oauth",
Usage: "Add new Oauth authentication source",
Action: runAddOauth,
Flags: oauthCLIFlags,
}
subcmdSendMail = &cli.Command{ subcmdSendMail = &cli.Command{
Name: "sendmail", Name: "sendmail",
Usage: "Send a message to all users", Usage: "Send a message to all users",
@ -275,75 +86,9 @@ var (
}, },
} }
smtpCLIFlags = []cli.Flag{ idFlag = &cli.Int64Flag{
&cli.StringFlag{ Name: "id",
Name: "name", Usage: "ID of authentication source",
Value: "",
Usage: "Application Name",
},
&cli.StringFlag{
Name: "auth-type",
Value: "PLAIN",
Usage: "SMTP Authentication Type (PLAIN/LOGIN/CRAM-MD5) default PLAIN",
},
&cli.StringFlag{
Name: "host",
Value: "",
Usage: "SMTP Host",
},
&cli.IntFlag{
Name: "port",
Usage: "SMTP Port",
},
&cli.BoolFlag{
Name: "force-smtps",
Usage: "SMTPS is always used on port 465. Set this to force SMTPS on other ports.",
Value: true,
},
&cli.BoolFlag{
Name: "skip-verify",
Usage: "Skip TLS verify.",
Value: true,
},
&cli.StringFlag{
Name: "helo-hostname",
Value: "",
Usage: "Hostname sent with HELO. Leave blank to send current hostname",
},
&cli.BoolFlag{
Name: "disable-helo",
Usage: "Disable SMTP helo.",
Value: true,
},
&cli.StringFlag{
Name: "allowed-domains",
Value: "",
Usage: "Leave empty to allow all domains. Separate multiple domains with a comma (',')",
},
&cli.BoolFlag{
Name: "skip-local-2fa",
Usage: "Skip 2FA to log on.",
Value: true,
},
&cli.BoolFlag{
Name: "active",
Usage: "This Authentication Source is Activated.",
Value: true,
},
}
microcmdAuthAddSMTP = &cli.Command{
Name: "add-smtp",
Usage: "Add new SMTP authentication source",
Action: runAddSMTP,
Flags: smtpCLIFlags,
}
microcmdAuthUpdateSMTP = &cli.Command{
Name: "update-smtp",
Usage: "Update existing SMTP authentication source",
Action: runUpdateSMTP,
Flags: append(smtpCLIFlags[:1], append([]cli.Flag{idFlag}, smtpCLIFlags[1:]...)...),
} }
) )
@ -389,7 +134,7 @@ func runRepoSyncReleases(_ *cli.Context) error {
} }
log.Trace(" currentNumReleases is %d, running SyncReleasesWithTags", oldnum) log.Trace(" currentNumReleases is %d, running SyncReleasesWithTags", oldnum)
if err = repo_module.SyncReleasesWithTags(repo, gitRepo); err != nil { if err = repo_module.SyncReleasesWithTags(ctx, repo, gitRepo); err != nil {
log.Warn(" SyncReleasesWithTags: %v", err) log.Warn(" SyncReleasesWithTags: %v", err)
gitRepo.Close() gitRepo.Close()
continue continue
@ -420,351 +165,3 @@ func getReleaseCount(ctx context.Context, id int64) (int64, error) {
}, },
) )
} }
func runRegenerateHooks(_ *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
return repo_service.SyncRepositoryHooks(graceful.GetManager().ShutdownContext())
}
func runRegenerateKeys(_ *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
return asymkey_model.RewriteAllPublicKeys()
}
func parseOAuth2Config(c *cli.Context) *oauth2.Source {
var customURLMapping *oauth2.CustomURLMapping
if c.IsSet("use-custom-urls") {
customURLMapping = &oauth2.CustomURLMapping{
TokenURL: c.String("custom-token-url"),
AuthURL: c.String("custom-auth-url"),
ProfileURL: c.String("custom-profile-url"),
EmailURL: c.String("custom-email-url"),
Tenant: c.String("custom-tenant-id"),
}
} else {
customURLMapping = nil
}
return &oauth2.Source{
Provider: c.String("provider"),
ClientID: c.String("key"),
ClientSecret: c.String("secret"),
OpenIDConnectAutoDiscoveryURL: c.String("auto-discover-url"),
CustomURLMapping: customURLMapping,
IconURL: c.String("icon-url"),
SkipLocalTwoFA: c.Bool("skip-local-2fa"),
Scopes: c.StringSlice("scopes"),
RequiredClaimName: c.String("required-claim-name"),
RequiredClaimValue: c.String("required-claim-value"),
GroupClaimName: c.String("group-claim-name"),
AdminGroup: c.String("admin-group"),
RestrictedGroup: c.String("restricted-group"),
GroupTeamMap: c.String("group-team-map"),
GroupTeamMapRemoval: c.Bool("group-team-map-removal"),
}
}
func runAddOauth(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
config := parseOAuth2Config(c)
if config.Provider == "openidConnect" {
discoveryURL, err := url.Parse(config.OpenIDConnectAutoDiscoveryURL)
if err != nil || (discoveryURL.Scheme != "http" && discoveryURL.Scheme != "https") {
return fmt.Errorf("invalid Auto Discovery URL: %s (this must be a valid URL starting with http:// or https://)", config.OpenIDConnectAutoDiscoveryURL)
}
}
return auth_model.CreateSource(&auth_model.Source{
Type: auth_model.OAuth2,
Name: c.String("name"),
IsActive: true,
Cfg: config,
})
}
func runUpdateOauth(c *cli.Context) error {
if !c.IsSet("id") {
return fmt.Errorf("--id flag is missing")
}
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
source, err := auth_model.GetSourceByID(c.Int64("id"))
if err != nil {
return err
}
oAuth2Config := source.Cfg.(*oauth2.Source)
if c.IsSet("name") {
source.Name = c.String("name")
}
if c.IsSet("provider") {
oAuth2Config.Provider = c.String("provider")
}
if c.IsSet("key") {
oAuth2Config.ClientID = c.String("key")
}
if c.IsSet("secret") {
oAuth2Config.ClientSecret = c.String("secret")
}
if c.IsSet("auto-discover-url") {
oAuth2Config.OpenIDConnectAutoDiscoveryURL = c.String("auto-discover-url")
}
if c.IsSet("icon-url") {
oAuth2Config.IconURL = c.String("icon-url")
}
if c.IsSet("scopes") {
oAuth2Config.Scopes = c.StringSlice("scopes")
}
if c.IsSet("required-claim-name") {
oAuth2Config.RequiredClaimName = c.String("required-claim-name")
}
if c.IsSet("required-claim-value") {
oAuth2Config.RequiredClaimValue = c.String("required-claim-value")
}
if c.IsSet("group-claim-name") {
oAuth2Config.GroupClaimName = c.String("group-claim-name")
}
if c.IsSet("admin-group") {
oAuth2Config.AdminGroup = c.String("admin-group")
}
if c.IsSet("restricted-group") {
oAuth2Config.RestrictedGroup = c.String("restricted-group")
}
if c.IsSet("group-team-map") {
oAuth2Config.GroupTeamMap = c.String("group-team-map")
}
if c.IsSet("group-team-map-removal") {
oAuth2Config.GroupTeamMapRemoval = c.Bool("group-team-map-removal")
}
// update custom URL mapping
customURLMapping := &oauth2.CustomURLMapping{}
if oAuth2Config.CustomURLMapping != nil {
customURLMapping.TokenURL = oAuth2Config.CustomURLMapping.TokenURL
customURLMapping.AuthURL = oAuth2Config.CustomURLMapping.AuthURL
customURLMapping.ProfileURL = oAuth2Config.CustomURLMapping.ProfileURL
customURLMapping.EmailURL = oAuth2Config.CustomURLMapping.EmailURL
customURLMapping.Tenant = oAuth2Config.CustomURLMapping.Tenant
}
if c.IsSet("use-custom-urls") && c.IsSet("custom-token-url") {
customURLMapping.TokenURL = c.String("custom-token-url")
}
if c.IsSet("use-custom-urls") && c.IsSet("custom-auth-url") {
customURLMapping.AuthURL = c.String("custom-auth-url")
}
if c.IsSet("use-custom-urls") && c.IsSet("custom-profile-url") {
customURLMapping.ProfileURL = c.String("custom-profile-url")
}
if c.IsSet("use-custom-urls") && c.IsSet("custom-email-url") {
customURLMapping.EmailURL = c.String("custom-email-url")
}
if c.IsSet("use-custom-urls") && c.IsSet("custom-tenant-id") {
customURLMapping.Tenant = c.String("custom-tenant-id")
}
oAuth2Config.CustomURLMapping = customURLMapping
source.Cfg = oAuth2Config
return auth_model.UpdateSource(source)
}
func parseSMTPConfig(c *cli.Context, conf *smtp.Source) error {
if c.IsSet("auth-type") {
conf.Auth = c.String("auth-type")
validAuthTypes := []string{"PLAIN", "LOGIN", "CRAM-MD5"}
if !util.SliceContainsString(validAuthTypes, strings.ToUpper(c.String("auth-type"))) {
return errors.New("Auth must be one of PLAIN/LOGIN/CRAM-MD5")
}
conf.Auth = c.String("auth-type")
}
if c.IsSet("host") {
conf.Host = c.String("host")
}
if c.IsSet("port") {
conf.Port = c.Int("port")
}
if c.IsSet("allowed-domains") {
conf.AllowedDomains = c.String("allowed-domains")
}
if c.IsSet("force-smtps") {
conf.ForceSMTPS = c.Bool("force-smtps")
}
if c.IsSet("skip-verify") {
conf.SkipVerify = c.Bool("skip-verify")
}
if c.IsSet("helo-hostname") {
conf.HeloHostname = c.String("helo-hostname")
}
if c.IsSet("disable-helo") {
conf.DisableHelo = c.Bool("disable-helo")
}
if c.IsSet("skip-local-2fa") {
conf.SkipLocalTwoFA = c.Bool("skip-local-2fa")
}
return nil
}
func runAddSMTP(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
if !c.IsSet("name") || len(c.String("name")) == 0 {
return errors.New("name must be set")
}
if !c.IsSet("host") || len(c.String("host")) == 0 {
return errors.New("host must be set")
}
if !c.IsSet("port") {
return errors.New("port must be set")
}
active := true
if c.IsSet("active") {
active = c.Bool("active")
}
var smtpConfig smtp.Source
if err := parseSMTPConfig(c, &smtpConfig); err != nil {
return err
}
// If not set default to PLAIN
if len(smtpConfig.Auth) == 0 {
smtpConfig.Auth = "PLAIN"
}
return auth_model.CreateSource(&auth_model.Source{
Type: auth_model.SMTP,
Name: c.String("name"),
IsActive: active,
Cfg: &smtpConfig,
})
}
func runUpdateSMTP(c *cli.Context) error {
if !c.IsSet("id") {
return fmt.Errorf("--id flag is missing")
}
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
source, err := auth_model.GetSourceByID(c.Int64("id"))
if err != nil {
return err
}
smtpConfig := source.Cfg.(*smtp.Source)
if err := parseSMTPConfig(c, smtpConfig); err != nil {
return err
}
if c.IsSet("name") {
source.Name = c.String("name")
}
if c.IsSet("active") {
source.IsActive = c.Bool("active")
}
source.Cfg = smtpConfig
return auth_model.UpdateSource(source)
}
func runListAuth(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
authSources, err := auth_model.Sources()
if err != nil {
return err
}
flags := tabwriter.AlignRight
if c.Bool("vertical-bars") {
flags |= tabwriter.Debug
}
padChar := byte('\t')
if len(c.String("pad-char")) > 0 {
padChar = c.String("pad-char")[0]
}
// loop through each source and print
w := tabwriter.NewWriter(os.Stdout, c.Int("min-width"), c.Int("tab-width"), c.Int("padding"), padChar, flags)
fmt.Fprintf(w, "ID\tName\tType\tEnabled\n")
for _, source := range authSources {
fmt.Fprintf(w, "%d\t%s\t%s\t%t\n", source.ID, source.Name, source.Type.String(), source.IsActive)
}
w.Flush()
return nil
}
func runDeleteAuth(c *cli.Context) error {
if !c.IsSet("id") {
return fmt.Errorf("--id flag is missing")
}
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
source, err := auth_model.GetSourceByID(c.Int64("id"))
if err != nil {
return err
}
return auth_service.DeleteSource(source)
}

109
cmd/admin_auth.go Normal file

@ -0,0 +1,109 @@
// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package cmd
import (
"fmt"
"os"
"text/tabwriter"
auth_model "code.gitea.io/gitea/models/auth"
auth_service "code.gitea.io/gitea/services/auth"
"github.com/urfave/cli/v2"
)
var (
microcmdAuthDelete = &cli.Command{
Name: "delete",
Usage: "Delete specific auth source",
Flags: []cli.Flag{idFlag},
Action: runDeleteAuth,
}
microcmdAuthList = &cli.Command{
Name: "list",
Usage: "List auth sources",
Action: runListAuth,
Flags: []cli.Flag{
&cli.IntFlag{
Name: "min-width",
Usage: "Minimal cell width including any padding for the formatted table",
Value: 0,
},
&cli.IntFlag{
Name: "tab-width",
Usage: "width of tab characters in formatted table (equivalent number of spaces)",
Value: 8,
},
&cli.IntFlag{
Name: "padding",
Usage: "padding added to a cell before computing its width",
Value: 1,
},
&cli.StringFlag{
Name: "pad-char",
Usage: `ASCII char used for padding if padchar == '\\t', the Writer will assume that the width of a '\\t' in the formatted output is tabwidth, and cells are left-aligned independent of align_left (for correct-looking results, tabwidth must correspond to the tab width in the viewer displaying the result)`,
Value: "\t",
},
&cli.BoolFlag{
Name: "vertical-bars",
Usage: "Set to true to print vertical bars between columns",
},
},
}
)
func runListAuth(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
authSources, err := auth_model.Sources(ctx)
if err != nil {
return err
}
flags := tabwriter.AlignRight
if c.Bool("vertical-bars") {
flags |= tabwriter.Debug
}
padChar := byte('\t')
if len(c.String("pad-char")) > 0 {
padChar = c.String("pad-char")[0]
}
// loop through each source and print
w := tabwriter.NewWriter(os.Stdout, c.Int("min-width"), c.Int("tab-width"), c.Int("padding"), padChar, flags)
fmt.Fprintf(w, "ID\tName\tType\tEnabled\n")
for _, source := range authSources {
fmt.Fprintf(w, "%d\t%s\t%s\t%t\n", source.ID, source.Name, source.Type.String(), source.IsActive)
}
w.Flush()
return nil
}
func runDeleteAuth(c *cli.Context) error {
if !c.IsSet("id") {
return fmt.Errorf("--id flag is missing")
}
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
source, err := auth_model.GetSourceByID(ctx, c.Int64("id"))
if err != nil {
return err
}
return auth_service.DeleteSource(ctx, source)
}

@ -17,9 +17,9 @@ import (
type ( type (
authService struct { authService struct {
initDB func(ctx context.Context) error initDB func(ctx context.Context) error
createAuthSource func(*auth.Source) error createAuthSource func(context.Context, *auth.Source) error
updateAuthSource func(*auth.Source) error updateAuthSource func(context.Context, *auth.Source) error
getAuthSourceByID func(id int64) (*auth.Source, error) getAuthSourceByID func(ctx context.Context, id int64) (*auth.Source, error)
} }
) )
@ -132,10 +132,10 @@ var (
ldapSimpleAuthCLIFlags = append(commonLdapCLIFlags, ldapSimpleAuthCLIFlags = append(commonLdapCLIFlags,
&cli.StringFlag{ &cli.StringFlag{
Name: "user-dn", Name: "user-dn",
Usage: "The users DN.", Usage: "The user's DN.",
}) })
cmdAuthAddLdapBindDn = &cli.Command{ microcmdAuthAddLdapBindDn = &cli.Command{
Name: "add-ldap", Name: "add-ldap",
Usage: "Add new LDAP (via Bind DN) authentication source", Usage: "Add new LDAP (via Bind DN) authentication source",
Action: func(c *cli.Context) error { Action: func(c *cli.Context) error {
@ -144,7 +144,7 @@ var (
Flags: ldapBindDnCLIFlags, Flags: ldapBindDnCLIFlags,
} }
cmdAuthUpdateLdapBindDn = &cli.Command{ microcmdAuthUpdateLdapBindDn = &cli.Command{
Name: "update-ldap", Name: "update-ldap",
Usage: "Update existing LDAP (via Bind DN) authentication source", Usage: "Update existing LDAP (via Bind DN) authentication source",
Action: func(c *cli.Context) error { Action: func(c *cli.Context) error {
@ -153,7 +153,7 @@ var (
Flags: append([]cli.Flag{idFlag}, ldapBindDnCLIFlags...), Flags: append([]cli.Flag{idFlag}, ldapBindDnCLIFlags...),
} }
cmdAuthAddLdapSimpleAuth = &cli.Command{ microcmdAuthAddLdapSimpleAuth = &cli.Command{
Name: "add-ldap-simple", Name: "add-ldap-simple",
Usage: "Add new LDAP (simple auth) authentication source", Usage: "Add new LDAP (simple auth) authentication source",
Action: func(c *cli.Context) error { Action: func(c *cli.Context) error {
@ -162,7 +162,7 @@ var (
Flags: ldapSimpleAuthCLIFlags, Flags: ldapSimpleAuthCLIFlags,
} }
cmdAuthUpdateLdapSimpleAuth = &cli.Command{ microcmdAuthUpdateLdapSimpleAuth = &cli.Command{
Name: "update-ldap-simple", Name: "update-ldap-simple",
Usage: "Update existing LDAP (simple auth) authentication source", Usage: "Update existing LDAP (simple auth) authentication source",
Action: func(c *cli.Context) error { Action: func(c *cli.Context) error {
@ -289,12 +289,12 @@ func findLdapSecurityProtocolByName(name string) (ldap.SecurityProtocol, bool) {
// getAuthSource gets the login source by its id defined in the command line flags. // getAuthSource gets the login source by its id defined in the command line flags.
// It returns an error if the id is not set, does not match any source or if the source is not of expected type. // It returns an error if the id is not set, does not match any source or if the source is not of expected type.
func (a *authService) getAuthSource(c *cli.Context, authType auth.Type) (*auth.Source, error) { func (a *authService) getAuthSource(ctx context.Context, c *cli.Context, authType auth.Type) (*auth.Source, error) {
if err := argsSet(c, "id"); err != nil { if err := argsSet(c, "id"); err != nil {
return nil, err return nil, err
} }
authSource, err := a.getAuthSourceByID(c.Int64("id")) authSource, err := a.getAuthSourceByID(ctx, c.Int64("id"))
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -332,7 +332,7 @@ func (a *authService) addLdapBindDn(c *cli.Context) error {
return err return err
} }
return a.createAuthSource(authSource) return a.createAuthSource(ctx, authSource)
} }
// updateLdapBindDn updates a new LDAP via Bind DN authentication source. // updateLdapBindDn updates a new LDAP via Bind DN authentication source.
@ -344,7 +344,7 @@ func (a *authService) updateLdapBindDn(c *cli.Context) error {
return err return err
} }
authSource, err := a.getAuthSource(c, auth.LDAP) authSource, err := a.getAuthSource(ctx, c, auth.LDAP)
if err != nil { if err != nil {
return err return err
} }
@ -354,7 +354,7 @@ func (a *authService) updateLdapBindDn(c *cli.Context) error {
return err return err
} }
return a.updateAuthSource(authSource) return a.updateAuthSource(ctx, authSource)
} }
// addLdapSimpleAuth adds a new LDAP (simple auth) authentication source. // addLdapSimpleAuth adds a new LDAP (simple auth) authentication source.
@ -383,7 +383,7 @@ func (a *authService) addLdapSimpleAuth(c *cli.Context) error {
return err return err
} }
return a.createAuthSource(authSource) return a.createAuthSource(ctx, authSource)
} }
// updateLdapBindDn updates a new LDAP (simple auth) authentication source. // updateLdapBindDn updates a new LDAP (simple auth) authentication source.
@ -395,7 +395,7 @@ func (a *authService) updateLdapSimpleAuth(c *cli.Context) error {
return err return err
} }
authSource, err := a.getAuthSource(c, auth.DLDAP) authSource, err := a.getAuthSource(ctx, c, auth.DLDAP)
if err != nil { if err != nil {
return err return err
} }
@ -405,5 +405,5 @@ func (a *authService) updateLdapSimpleAuth(c *cli.Context) error {
return err return err
} }
return a.updateAuthSource(authSource) return a.updateAuthSource(ctx, authSource)
} }

@ -210,15 +210,15 @@ func TestAddLdapBindDn(t *testing.T) {
initDB: func(context.Context) error { initDB: func(context.Context) error {
return nil return nil
}, },
createAuthSource: func(authSource *auth.Source) error { createAuthSource: func(ctx context.Context, authSource *auth.Source) error {
createdAuthSource = authSource createdAuthSource = authSource
return nil return nil
}, },
updateAuthSource: func(authSource *auth.Source) error { updateAuthSource: func(ctx context.Context, authSource *auth.Source) error {
assert.FailNow(t, "case %d: should not call updateAuthSource", n) assert.FailNow(t, "case %d: should not call updateAuthSource", n)
return nil return nil
}, },
getAuthSourceByID: func(id int64) (*auth.Source, error) { getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) {
assert.FailNow(t, "case %d: should not call getAuthSourceByID", n) assert.FailNow(t, "case %d: should not call getAuthSourceByID", n)
return nil, nil return nil, nil
}, },
@ -226,7 +226,7 @@ func TestAddLdapBindDn(t *testing.T) {
// Create a copy of command to test // Create a copy of command to test
app := cli.NewApp() app := cli.NewApp()
app.Flags = cmdAuthAddLdapBindDn.Flags app.Flags = microcmdAuthAddLdapBindDn.Flags
app.Action = service.addLdapBindDn app.Action = service.addLdapBindDn
// Run it // Run it
@ -441,15 +441,15 @@ func TestAddLdapSimpleAuth(t *testing.T) {
initDB: func(context.Context) error { initDB: func(context.Context) error {
return nil return nil
}, },
createAuthSource: func(authSource *auth.Source) error { createAuthSource: func(ctx context.Context, authSource *auth.Source) error {
createdAuthSource = authSource createdAuthSource = authSource
return nil return nil
}, },
updateAuthSource: func(authSource *auth.Source) error { updateAuthSource: func(ctx context.Context, authSource *auth.Source) error {
assert.FailNow(t, "case %d: should not call updateAuthSource", n) assert.FailNow(t, "case %d: should not call updateAuthSource", n)
return nil return nil
}, },
getAuthSourceByID: func(id int64) (*auth.Source, error) { getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) {
assert.FailNow(t, "case %d: should not call getAuthSourceByID", n) assert.FailNow(t, "case %d: should not call getAuthSourceByID", n)
return nil, nil return nil, nil
}, },
@ -457,7 +457,7 @@ func TestAddLdapSimpleAuth(t *testing.T) {
// Create a copy of command to test // Create a copy of command to test
app := cli.NewApp() app := cli.NewApp()
app.Flags = cmdAuthAddLdapSimpleAuth.Flags app.Flags = microcmdAuthAddLdapSimpleAuth.Flags
app.Action = service.addLdapSimpleAuth app.Action = service.addLdapSimpleAuth
// Run it // Run it
@ -896,15 +896,15 @@ func TestUpdateLdapBindDn(t *testing.T) {
initDB: func(context.Context) error { initDB: func(context.Context) error {
return nil return nil
}, },
createAuthSource: func(authSource *auth.Source) error { createAuthSource: func(ctx context.Context, authSource *auth.Source) error {
assert.FailNow(t, "case %d: should not call createAuthSource", n) assert.FailNow(t, "case %d: should not call createAuthSource", n)
return nil return nil
}, },
updateAuthSource: func(authSource *auth.Source) error { updateAuthSource: func(ctx context.Context, authSource *auth.Source) error {
updatedAuthSource = authSource updatedAuthSource = authSource
return nil return nil
}, },
getAuthSourceByID: func(id int64) (*auth.Source, error) { getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) {
if c.id != 0 { if c.id != 0 {
assert.Equal(t, c.id, id, "case %d: wrong id", n) assert.Equal(t, c.id, id, "case %d: wrong id", n)
} }
@ -920,7 +920,7 @@ func TestUpdateLdapBindDn(t *testing.T) {
// Create a copy of command to test // Create a copy of command to test
app := cli.NewApp() app := cli.NewApp()
app.Flags = cmdAuthUpdateLdapBindDn.Flags app.Flags = microcmdAuthUpdateLdapBindDn.Flags
app.Action = service.updateLdapBindDn app.Action = service.updateLdapBindDn
// Run it // Run it
@ -1286,15 +1286,15 @@ func TestUpdateLdapSimpleAuth(t *testing.T) {
initDB: func(context.Context) error { initDB: func(context.Context) error {
return nil return nil
}, },
createAuthSource: func(authSource *auth.Source) error { createAuthSource: func(ctx context.Context, authSource *auth.Source) error {
assert.FailNow(t, "case %d: should not call createAuthSource", n) assert.FailNow(t, "case %d: should not call createAuthSource", n)
return nil return nil
}, },
updateAuthSource: func(authSource *auth.Source) error { updateAuthSource: func(ctx context.Context, authSource *auth.Source) error {
updatedAuthSource = authSource updatedAuthSource = authSource
return nil return nil
}, },
getAuthSourceByID: func(id int64) (*auth.Source, error) { getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) {
if c.id != 0 { if c.id != 0 {
assert.Equal(t, c.id, id, "case %d: wrong id", n) assert.Equal(t, c.id, id, "case %d: wrong id", n)
} }
@ -1310,7 +1310,7 @@ func TestUpdateLdapSimpleAuth(t *testing.T) {
// Create a copy of command to test // Create a copy of command to test
app := cli.NewApp() app := cli.NewApp()
app.Flags = cmdAuthUpdateLdapSimpleAuth.Flags app.Flags = microcmdAuthUpdateLdapSimpleAuth.Flags
app.Action = service.updateLdapSimpleAuth app.Action = service.updateLdapSimpleAuth
// Run it // Run it

298
cmd/admin_auth_oauth.go Normal file

@ -0,0 +1,298 @@
// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package cmd
import (
"fmt"
"net/url"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/services/auth/source/oauth2"
"github.com/urfave/cli/v2"
)
var (
oauthCLIFlags = []cli.Flag{
&cli.StringFlag{
Name: "name",
Value: "",
Usage: "Application Name",
},
&cli.StringFlag{
Name: "provider",
Value: "",
Usage: "OAuth2 Provider",
},
&cli.StringFlag{
Name: "key",
Value: "",
Usage: "Client ID (Key)",
},
&cli.StringFlag{
Name: "secret",
Value: "",
Usage: "Client Secret",
},
&cli.StringFlag{
Name: "auto-discover-url",
Value: "",
Usage: "OpenID Connect Auto Discovery URL (only required when using OpenID Connect as provider)",
},
&cli.StringFlag{
Name: "use-custom-urls",
Value: "false",
Usage: "Use custom URLs for GitLab/GitHub OAuth endpoints",
},
&cli.StringFlag{
Name: "custom-tenant-id",
Value: "",
Usage: "Use custom Tenant ID for OAuth endpoints",
},
&cli.StringFlag{
Name: "custom-auth-url",
Value: "",
Usage: "Use a custom Authorization URL (option for GitLab/GitHub)",
},
&cli.StringFlag{
Name: "custom-token-url",
Value: "",
Usage: "Use a custom Token URL (option for GitLab/GitHub)",
},
&cli.StringFlag{
Name: "custom-profile-url",
Value: "",
Usage: "Use a custom Profile URL (option for GitLab/GitHub)",
},
&cli.StringFlag{
Name: "custom-email-url",
Value: "",
Usage: "Use a custom Email URL (option for GitHub)",
},
&cli.StringFlag{
Name: "icon-url",
Value: "",
Usage: "Custom icon URL for OAuth2 login source",
},
&cli.BoolFlag{
Name: "skip-local-2fa",
Usage: "Set to true to skip local 2fa for users authenticated by this source",
},
&cli.StringSliceFlag{
Name: "scopes",
Value: nil,
Usage: "Scopes to request when to authenticate against this OAuth2 source",
},
&cli.StringFlag{
Name: "required-claim-name",
Value: "",
Usage: "Claim name that has to be set to allow users to login with this source",
},
&cli.StringFlag{
Name: "required-claim-value",
Value: "",
Usage: "Claim value that has to be set to allow users to login with this source",
},
&cli.StringFlag{
Name: "group-claim-name",
Value: "",
Usage: "Claim name providing group names for this source",
},
&cli.StringFlag{
Name: "admin-group",
Value: "",
Usage: "Group Claim value for administrator users",
},
&cli.StringFlag{
Name: "restricted-group",
Value: "",
Usage: "Group Claim value for restricted users",
},
&cli.StringFlag{
Name: "group-team-map",
Value: "",
Usage: "JSON mapping between groups and org teams",
},
&cli.BoolFlag{
Name: "group-team-map-removal",
Usage: "Activate automatic team membership removal depending on groups",
},
}
microcmdAuthAddOauth = &cli.Command{
Name: "add-oauth",
Usage: "Add new Oauth authentication source",
Action: runAddOauth,
Flags: oauthCLIFlags,
}
microcmdAuthUpdateOauth = &cli.Command{
Name: "update-oauth",
Usage: "Update existing Oauth authentication source",
Action: runUpdateOauth,
Flags: append(oauthCLIFlags[:1], append([]cli.Flag{idFlag}, oauthCLIFlags[1:]...)...),
}
)
func parseOAuth2Config(c *cli.Context) *oauth2.Source {
var customURLMapping *oauth2.CustomURLMapping
if c.IsSet("use-custom-urls") {
customURLMapping = &oauth2.CustomURLMapping{
TokenURL: c.String("custom-token-url"),
AuthURL: c.String("custom-auth-url"),
ProfileURL: c.String("custom-profile-url"),
EmailURL: c.String("custom-email-url"),
Tenant: c.String("custom-tenant-id"),
}
} else {
customURLMapping = nil
}
return &oauth2.Source{
Provider: c.String("provider"),
ClientID: c.String("key"),
ClientSecret: c.String("secret"),
OpenIDConnectAutoDiscoveryURL: c.String("auto-discover-url"),
CustomURLMapping: customURLMapping,
IconURL: c.String("icon-url"),
SkipLocalTwoFA: c.Bool("skip-local-2fa"),
Scopes: c.StringSlice("scopes"),
RequiredClaimName: c.String("required-claim-name"),
RequiredClaimValue: c.String("required-claim-value"),
GroupClaimName: c.String("group-claim-name"),
AdminGroup: c.String("admin-group"),
RestrictedGroup: c.String("restricted-group"),
GroupTeamMap: c.String("group-team-map"),
GroupTeamMapRemoval: c.Bool("group-team-map-removal"),
}
}
func runAddOauth(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
config := parseOAuth2Config(c)
if config.Provider == "openidConnect" {
discoveryURL, err := url.Parse(config.OpenIDConnectAutoDiscoveryURL)
if err != nil || (discoveryURL.Scheme != "http" && discoveryURL.Scheme != "https") {
return fmt.Errorf("invalid Auto Discovery URL: %s (this must be a valid URL starting with http:// or https://)", config.OpenIDConnectAutoDiscoveryURL)
}
}
return auth_model.CreateSource(ctx, &auth_model.Source{
Type: auth_model.OAuth2,
Name: c.String("name"),
IsActive: true,
Cfg: config,
})
}
func runUpdateOauth(c *cli.Context) error {
if !c.IsSet("id") {
return fmt.Errorf("--id flag is missing")
}
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
source, err := auth_model.GetSourceByID(ctx, c.Int64("id"))
if err != nil {
return err
}
oAuth2Config := source.Cfg.(*oauth2.Source)
if c.IsSet("name") {
source.Name = c.String("name")
}
if c.IsSet("provider") {
oAuth2Config.Provider = c.String("provider")
}
if c.IsSet("key") {
oAuth2Config.ClientID = c.String("key")
}
if c.IsSet("secret") {
oAuth2Config.ClientSecret = c.String("secret")
}
if c.IsSet("auto-discover-url") {
oAuth2Config.OpenIDConnectAutoDiscoveryURL = c.String("auto-discover-url")
}
if c.IsSet("icon-url") {
oAuth2Config.IconURL = c.String("icon-url")
}
if c.IsSet("scopes") {
oAuth2Config.Scopes = c.StringSlice("scopes")
}
if c.IsSet("required-claim-name") {
oAuth2Config.RequiredClaimName = c.String("required-claim-name")
}
if c.IsSet("required-claim-value") {
oAuth2Config.RequiredClaimValue = c.String("required-claim-value")
}
if c.IsSet("group-claim-name") {
oAuth2Config.GroupClaimName = c.String("group-claim-name")
}
if c.IsSet("admin-group") {
oAuth2Config.AdminGroup = c.String("admin-group")
}
if c.IsSet("restricted-group") {
oAuth2Config.RestrictedGroup = c.String("restricted-group")
}
if c.IsSet("group-team-map") {
oAuth2Config.GroupTeamMap = c.String("group-team-map")
}
if c.IsSet("group-team-map-removal") {
oAuth2Config.GroupTeamMapRemoval = c.Bool("group-team-map-removal")
}
// update custom URL mapping
customURLMapping := &oauth2.CustomURLMapping{}
if oAuth2Config.CustomURLMapping != nil {
customURLMapping.TokenURL = oAuth2Config.CustomURLMapping.TokenURL
customURLMapping.AuthURL = oAuth2Config.CustomURLMapping.AuthURL
customURLMapping.ProfileURL = oAuth2Config.CustomURLMapping.ProfileURL
customURLMapping.EmailURL = oAuth2Config.CustomURLMapping.EmailURL
customURLMapping.Tenant = oAuth2Config.CustomURLMapping.Tenant
}
if c.IsSet("use-custom-urls") && c.IsSet("custom-token-url") {
customURLMapping.TokenURL = c.String("custom-token-url")
}
if c.IsSet("use-custom-urls") && c.IsSet("custom-auth-url") {
customURLMapping.AuthURL = c.String("custom-auth-url")
}
if c.IsSet("use-custom-urls") && c.IsSet("custom-profile-url") {
customURLMapping.ProfileURL = c.String("custom-profile-url")
}
if c.IsSet("use-custom-urls") && c.IsSet("custom-email-url") {
customURLMapping.EmailURL = c.String("custom-email-url")
}
if c.IsSet("use-custom-urls") && c.IsSet("custom-tenant-id") {
customURLMapping.Tenant = c.String("custom-tenant-id")
}
oAuth2Config.CustomURLMapping = customURLMapping
source.Cfg = oAuth2Config
return auth_model.UpdateSource(ctx, source)
}

201
cmd/admin_auth_stmp.go Normal file

@ -0,0 +1,201 @@
// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package cmd
import (
"errors"
"fmt"
"strings"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/services/auth/source/smtp"
"github.com/urfave/cli/v2"
)
var (
smtpCLIFlags = []cli.Flag{
&cli.StringFlag{
Name: "name",
Value: "",
Usage: "Application Name",
},
&cli.StringFlag{
Name: "auth-type",
Value: "PLAIN",
Usage: "SMTP Authentication Type (PLAIN/LOGIN/CRAM-MD5) default PLAIN",
},
&cli.StringFlag{
Name: "host",
Value: "",
Usage: "SMTP Host",
},
&cli.IntFlag{
Name: "port",
Usage: "SMTP Port",
},
&cli.BoolFlag{
Name: "force-smtps",
Usage: "SMTPS is always used on port 465. Set this to force SMTPS on other ports.",
Value: true,
},
&cli.BoolFlag{
Name: "skip-verify",
Usage: "Skip TLS verify.",
Value: true,
},
&cli.StringFlag{
Name: "helo-hostname",
Value: "",
Usage: "Hostname sent with HELO. Leave blank to send current hostname",
},
&cli.BoolFlag{
Name: "disable-helo",
Usage: "Disable SMTP helo.",
Value: true,
},
&cli.StringFlag{
Name: "allowed-domains",
Value: "",
Usage: "Leave empty to allow all domains. Separate multiple domains with a comma (',')",
},
&cli.BoolFlag{
Name: "skip-local-2fa",
Usage: "Skip 2FA to log on.",
Value: true,
},
&cli.BoolFlag{
Name: "active",
Usage: "This Authentication Source is Activated.",
Value: true,
},
}
microcmdAuthAddSMTP = &cli.Command{
Name: "add-smtp",
Usage: "Add new SMTP authentication source",
Action: runAddSMTP,
Flags: smtpCLIFlags,
}
microcmdAuthUpdateSMTP = &cli.Command{
Name: "update-smtp",
Usage: "Update existing SMTP authentication source",
Action: runUpdateSMTP,
Flags: append(smtpCLIFlags[:1], append([]cli.Flag{idFlag}, smtpCLIFlags[1:]...)...),
}
)
func parseSMTPConfig(c *cli.Context, conf *smtp.Source) error {
if c.IsSet("auth-type") {
conf.Auth = c.String("auth-type")
validAuthTypes := []string{"PLAIN", "LOGIN", "CRAM-MD5"}
if !util.SliceContainsString(validAuthTypes, strings.ToUpper(c.String("auth-type"))) {
return errors.New("Auth must be one of PLAIN/LOGIN/CRAM-MD5")
}
conf.Auth = c.String("auth-type")
}
if c.IsSet("host") {
conf.Host = c.String("host")
}
if c.IsSet("port") {
conf.Port = c.Int("port")
}
if c.IsSet("allowed-domains") {
conf.AllowedDomains = c.String("allowed-domains")
}
if c.IsSet("force-smtps") {
conf.ForceSMTPS = c.Bool("force-smtps")
}
if c.IsSet("skip-verify") {
conf.SkipVerify = c.Bool("skip-verify")
}
if c.IsSet("helo-hostname") {
conf.HeloHostname = c.String("helo-hostname")
}
if c.IsSet("disable-helo") {
conf.DisableHelo = c.Bool("disable-helo")
}
if c.IsSet("skip-local-2fa") {
conf.SkipLocalTwoFA = c.Bool("skip-local-2fa")
}
return nil
}
func runAddSMTP(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
if !c.IsSet("name") || len(c.String("name")) == 0 {
return errors.New("name must be set")
}
if !c.IsSet("host") || len(c.String("host")) == 0 {
return errors.New("host must be set")
}
if !c.IsSet("port") {
return errors.New("port must be set")
}
active := true
if c.IsSet("active") {
active = c.Bool("active")
}
var smtpConfig smtp.Source
if err := parseSMTPConfig(c, &smtpConfig); err != nil {
return err
}
// If not set default to PLAIN
if len(smtpConfig.Auth) == 0 {
smtpConfig.Auth = "PLAIN"
}
return auth_model.CreateSource(ctx, &auth_model.Source{
Type: auth_model.SMTP,
Name: c.String("name"),
IsActive: active,
Cfg: &smtpConfig,
})
}
func runUpdateSMTP(c *cli.Context) error {
if !c.IsSet("id") {
return fmt.Errorf("--id flag is missing")
}
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
source, err := auth_model.GetSourceByID(ctx, c.Int64("id"))
if err != nil {
return err
}
smtpConfig := source.Cfg.(*smtp.Source)
if err := parseSMTPConfig(c, smtpConfig); err != nil {
return err
}
if c.IsSet("name") {
source.Name = c.String("name")
}
if c.IsSet("active") {
source.IsActive = c.Bool("active")
}
source.Cfg = smtpConfig
return auth_model.UpdateSource(ctx, source)
}

46
cmd/admin_regenerate.go Normal file

@ -0,0 +1,46 @@
// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package cmd
import (
asymkey_model "code.gitea.io/gitea/models/asymkey"
"code.gitea.io/gitea/modules/graceful"
repo_service "code.gitea.io/gitea/services/repository"
"github.com/urfave/cli/v2"
)
var (
microcmdRegenHooks = &cli.Command{
Name: "hooks",
Usage: "Regenerate git-hooks",
Action: runRegenerateHooks,
}
microcmdRegenKeys = &cli.Command{
Name: "keys",
Usage: "Regenerate authorized_keys file",
Action: runRegenerateKeys,
}
)
func runRegenerateHooks(_ *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
return repo_service.SyncRepositoryHooks(graceful.GetManager().ShutdownContext())
}
func runRegenerateKeys(_ *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
return asymkey_model.RewriteAllPublicKeys(ctx)
}

@ -115,7 +115,7 @@ func runCreateUser(c *cli.Context) error {
// If this is the first user being created. // If this is the first user being created.
// Take it as the admin and don't force a password update. // Take it as the admin and don't force a password update.
if n := user_model.CountUsers(nil); n == 0 { if n := user_model.CountUsers(ctx, nil); n == 0 {
changePassword = false changePassword = false
} }
@ -146,7 +146,7 @@ func runCreateUser(c *cli.Context) error {
IsRestricted: restricted, IsRestricted: restricted,
} }
if err := user_model.CreateUser(u, overwriteDefault); err != nil { if err := user_model.CreateUser(ctx, u, overwriteDefault); err != nil {
return fmt.Errorf("CreateUser: %w", err) return fmt.Errorf("CreateUser: %w", err)
} }
@ -156,7 +156,7 @@ func runCreateUser(c *cli.Context) error {
UID: u.ID, UID: u.ID,
} }
if err := auth_model.NewAccessToken(t); err != nil { if err := auth_model.NewAccessToken(ctx, t); err != nil {
return err return err
} }

@ -63,7 +63,7 @@ func runGenerateAccessToken(c *cli.Context) error {
UID: user.ID, UID: user.ID,
} }
exist, err := auth_model.AccessTokenByNameExists(t) exist, err := auth_model.AccessTokenByNameExists(ctx, t)
if err != nil { if err != nil {
return err return err
} }
@ -79,7 +79,7 @@ func runGenerateAccessToken(c *cli.Context) error {
t.Scope = accessTokenScope t.Scope = accessTokenScope
// create the token // create the token
if err := auth_model.NewAccessToken(t); err != nil { if err := auth_model.NewAccessToken(ctx, t); err != nil {
return err return err
} }

@ -33,7 +33,7 @@ func runListUsers(c *cli.Context) error {
return err return err
} }
users, err := user_model.GetAllUsers() users, err := user_model.GetAllUsers(ctx)
if err != nil { if err != nil {
return err return err
} }
@ -48,7 +48,7 @@ func runListUsers(c *cli.Context) error {
} }
} }
} else { } else {
twofa := user_model.UserList(users).GetTwoFaStatus() twofa := user_model.UserList(users).GetTwoFaStatus(ctx)
fmt.Fprintf(w, "ID\tUsername\tEmail\tIsActive\tIsAdmin\t2FA\n") fmt.Fprintf(w, "ID\tUsername\tEmail\tIsActive\tIsAdmin\t2FA\n")
for _, u := range users { for _, u := range users {
fmt.Fprintf(w, "%d\t%s\t%s\t%t\t%t\t%t\n", u.ID, u.Name, u.Email, u.IsActive, u.IsAdmin, twofa[u.ID]) fmt.Fprintf(w, "%d\t%s\t%s\t%t\t%t\t%t\n", u.ID, u.Name, u.Email, u.IsActive, u.IsAdmin, twofa[u.ID])

@ -20,9 +20,7 @@ import (
) )
func TestMain(m *testing.M) { func TestMain(m *testing.M) {
unittest.MainTest(m, &unittest.TestOptions{ unittest.MainTest(m)
GiteaRootPath: "..",
})
} }
func makePathOutput(workPath, customPath, customConf string) string { func makePathOutput(workPath, customPath, customConf string) string {

@ -9,6 +9,7 @@ import (
"strings" "strings"
"testing" "testing"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/packages" "code.gitea.io/gitea/models/packages"
"code.gitea.io/gitea/models/unittest" "code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user" user_model "code.gitea.io/gitea/models/user"
@ -30,7 +31,7 @@ func TestMigratePackages(t *testing.T) {
assert.NoError(t, err) assert.NoError(t, err)
defer buf.Close() defer buf.Close()
v, f, err := packages_service.CreatePackageAndAddFile(&packages_service.PackageCreationInfo{ v, f, err := packages_service.CreatePackageAndAddFile(db.DefaultContext, &packages_service.PackageCreationInfo{
PackageInfo: packages_service.PackageInfo{ PackageInfo: packages_service.PackageInfo{
Owner: creator, Owner: creator,
PackageType: packages.TypeGeneric, PackageType: packages.TypeGeneric,

@ -5,6 +5,7 @@
package main package main
import ( import (
"context"
"fmt" "fmt"
"os" "os"
"path/filepath" "path/filepath"
@ -18,7 +19,7 @@ import (
var ( var (
generators = []struct { generators = []struct {
gen func() (string, error) gen func(ctx context.Context) (string, error)
name string name string
}{ }{
{ {
@ -41,16 +42,17 @@ func main() {
fmt.Printf("PrepareTestDatabase: %+v\n", err) fmt.Printf("PrepareTestDatabase: %+v\n", err)
os.Exit(1) os.Exit(1)
} }
ctx := context.Background()
if len(os.Args) == 0 { if len(os.Args) == 0 {
for _, r := range os.Args { for _, r := range os.Args {
if err := generate(r); err != nil { if err := generate(ctx, r); err != nil {
fmt.Printf("generate '%s': %+v\n", r, err) fmt.Printf("generate '%s': %+v\n", r, err)
os.Exit(1) os.Exit(1)
} }
} }
} else { } else {
for _, g := range generators { for _, g := range generators {
if err := generate(g.name); err != nil { if err := generate(ctx, g.name); err != nil {
fmt.Printf("generate '%s': %+v\n", g.name, err) fmt.Printf("generate '%s': %+v\n", g.name, err)
os.Exit(1) os.Exit(1)
} }
@ -58,10 +60,10 @@ func main() {
} }
} }
func generate(name string) error { func generate(ctx context.Context, name string) error {
for _, g := range generators { for _, g := range generators {
if g.name == name { if g.name == name {
data, err := g.gen() data, err := g.gen(ctx)
if err != nil { if err != nil {
return err return err
} }

@ -60,6 +60,7 @@ RUN_USER = ; git
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; ;;
;; The protocol the server listens on. One of 'http', 'https', 'http+unix', 'fcgi' or 'fcgi+unix'. Defaults to 'http' ;; The protocol the server listens on. One of 'http', 'https', 'http+unix', 'fcgi' or 'fcgi+unix'. Defaults to 'http'
;; Note: Value must be lowercase.
;PROTOCOL = http ;PROTOCOL = http
;; ;;
;; Expect PROXY protocol headers on connections ;; Expect PROXY protocol headers on connections
@ -548,7 +549,8 @@ ENABLE = true
;; Pre-register OAuth2 applications for some universally useful services ;; Pre-register OAuth2 applications for some universally useful services
;; * https://github.com/hickford/git-credential-oauth ;; * https://github.com/hickford/git-credential-oauth
;; * https://github.com/git-ecosystem/git-credential-manager ;; * https://github.com/git-ecosystem/git-credential-manager
;DEFAULT_APPLICATIONS = git-credential-oauth, git-credential-manager ;; * https://gitea.com/gitea/tea
;DEFAULT_APPLICATIONS = git-credential-oauth, git-credential-manager, tea
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@ -950,7 +952,7 @@ LEVEL = Info
;; Note: Code and Releases can currently not be deactivated. If you specify default repo units you should still list them for future compatibility. ;; Note: Code and Releases can currently not be deactivated. If you specify default repo units you should still list them for future compatibility.
;; External wiki and issue tracker can't be enabled by default as it requires additional settings. ;; External wiki and issue tracker can't be enabled by default as it requires additional settings.
;; Disabled repo units will not be added to new repositories regardless if it is in the default list. ;; Disabled repo units will not be added to new repositories regardless if it is in the default list.
;DEFAULT_REPO_UNITS = repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects,repo.packages ;DEFAULT_REPO_UNITS = repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects,repo.packages,repo.actions
;; ;;
;; Comma separated list of default forked repo units. ;; Comma separated list of default forked repo units.
;; The set of allowed values and rules are the same as DEFAULT_REPO_UNITS. ;; The set of allowed values and rules are the same as DEFAULT_REPO_UNITS.
@ -1209,10 +1211,10 @@ LEVEL = Info
;SHOW_USER_EMAIL = true ;SHOW_USER_EMAIL = true
;; ;;
;; Set the default theme for the Gitea install ;; Set the default theme for the Gitea install
;DEFAULT_THEME = auto ;DEFAULT_THEME = gitea-auto
;; ;;
;; All available themes. Allow users select personalized themes regardless of the value of `DEFAULT_THEME`. ;; All available themes. Allow users select personalized themes regardless of the value of `DEFAULT_THEME`.
;THEMES = auto,gitea,arc-green ;THEMES = gitea-auto,gitea-light,gitea-dark
;; ;;
;; All available reactions users can choose on issues/prs and comments. ;; All available reactions users can choose on issues/prs and comments.
;; Values can be emoji alias (:smile:) or a unicode emoji. ;; Values can be emoji alias (:smile:) or a unicode emoji.
@ -1420,7 +1422,7 @@ LEVEL = Info
;DATADIR = queues/ ; Relative paths will be made absolute against `%(APP_DATA_PATH)s`. ;DATADIR = queues/ ; Relative paths will be made absolute against `%(APP_DATA_PATH)s`.
;; ;;
;; Default queue length before a channel queue will block ;; Default queue length before a channel queue will block
;LENGTH = 100 ;LENGTH = 100000
;; ;;
;; Batch size to send for batched queues ;; Batch size to send for batched queues
;BATCH_LENGTH = 20 ;BATCH_LENGTH = 20
@ -2562,12 +2564,18 @@ LEVEL = Info
; [actions] ; [actions]
;; Enable/Disable actions capabilities ;; Enable/Disable actions capabilities
;ENABLED = false ;ENABLED = true
;; ;;
;; Default platform to get action plugins, `github` for `https://github.com`, `self` for the current Gitea instance. ;; Default platform to get action plugins, `github` for `https://github.com`, `self` for the current Gitea instance.
;DEFAULT_ACTIONS_URL = github ;DEFAULT_ACTIONS_URL = github
;; Default artifact retention time in days, default is 90 days ;; Default artifact retention time in days, default is 90 days
;ARTIFACT_RETENTION_DAYS = 90 ;ARTIFACT_RETENTION_DAYS = 90
;; Timeout to stop the task which have running status, but haven't been updated for a long time
;ZOMBIE_TASK_TIMEOUT = 10m
;; Timeout to stop the tasks which have running status and continuous updates, but don't end for a long time
;ENDLESS_TASK_TIMEOUT = 3h
;; Timeout to cancel the jobs which have waiting status, but haven't been picked by a runner for a long time
;ABANDONED_JOB_TIMEOUT = 24h
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

@ -1,13 +0,0 @@
---
date: "2017-08-23T09:00:00+02:00"
title: "Avancé"
slug: "administration"
sidebar_position: 30
toc: false
draft: false
menu:
sidebar:
name: "Avancé"
sidebar_position: 20
identifier: "administration"
---

@ -1,13 +0,0 @@
---
date: "2016-12-01T16:00:00+02:00"
title: "運維"
slug: "administration"
sidebar_position: 30
toc: false
draft: false
menu:
sidebar:
name: "運維"
sidebar_position: 20
identifier: "administration"
---

@ -1,68 +0,0 @@
---
date: "2017-01-01T16:00:00+02:00"
title: "用法: 備份與還原"
slug: "backup-and-restore"
sidebar_position: 11
toc: false
draft: false
aliases:
- /zh-tw/backup-and-restore
menu:
sidebar:
parent: "administration"
name: "備份與還原"
sidebar_position: 11
identifier: "backup-and-restore"
---
# 備份與還原
Gitea 目前支援 `dump` 指令,用來將資料備份成 zip 檔案,後續會提供還原指令,讓你可以輕易的將備份資料及還原到另外一台機器。
## 備份指令 (`dump`)
首先,切換到執行 Gitea 的使用者: `su git` (請修改成您指定的使用者),並在安裝目錄內執行 `./gitea dump` 指令,你可以看到 console 畫面如下:
```
2016/12/27 22:32:09 Creating tmp work dir: /tmp/gitea-dump-417443001
2016/12/27 22:32:09 Dumping local repositories.../home/git/gitea-repositories
2016/12/27 22:32:22 Dumping database...
2016/12/27 22:32:22 Packing dump files...
2016/12/27 22:32:34 Removing tmp work dir: /tmp/gitea-dump-417443001
2016/12/27 22:32:34 Finish dumping in file gitea-dump-1482906742.zip
```
備份出來的 `gitea-dump-1482906742.zip` 檔案,檔案內會包含底下內容:
* `custom/conf/app.ini` - 伺服器設定檔。
* `gitea-db.sql` - SQL 備份檔案。
* `gitea-repo.zip` - 此 zip 檔案為全部的 repo 目錄。
請參考 Config -> repository -> `ROOT` 所設定的路徑。
* `log/` - 全部 logs 檔案,如果你要 migrate 到其他伺服器,此目錄不用保留。
你可以透過設定 `--tempdir` 指令參數來指定備份檔案目錄,或者是設定 `TMPDIR` 環境變數來達到此功能。
## 還原指令 (`restore`)
持續更新中: 此文件尚未完成.
例:
```sh
unzip gitea-dump-1610949662.zip
cd gitea-dump-1610949662
mv data/conf/app.ini /etc/gitea/conf/app.ini
mv data/* /var/lib/gitea/data/
mv log/* /var/lib/gitea/log/
mv repos/* /var/lib/gitea/repositories/
chown -R gitea:gitea /etc/gitea/conf/app.ini /var/lib/gitea
# mysql
mysql --default-character-set=utf8mb4 -u$USER -p$PASS $DATABASE <gitea-db.sql
# sqlite3
sqlite3 $DATABASE_PATH <gitea-db.sql
# postgres
psql -U $USER -d $DATABASE < gitea-db.sql
service gitea restart
```

@ -50,7 +50,7 @@ a special meaning for your command shell.
If no pattern is provided, all files are listed. If no pattern is provided, all files are listed.
### Example ### Example: Listing all embedded files
Listing all embedded files with `openid` in their path: Listing all embedded files with `openid` in their path:
@ -101,7 +101,7 @@ When Gitea is upgraded to a new version (by replacing the executable), many of t
embedded files will suffer changes. Gitea will honor and use any files found embedded files will suffer changes. Gitea will honor and use any files found
in the `custom` directory, even if they are old and incompatible. in the `custom` directory, even if they are old and incompatible.
### Example ### Example: Extracting mail templates
Extracting mail templates to a temporary directory: Extracting mail templates to a temporary directory:

@ -43,7 +43,7 @@ gitea embedded list [--include-vendored] [patterns...]
如果未提供模式,则列出所有文件。 如果未提供模式,则列出所有文件。
### 示例 ### 示例:列出所有嵌入文件
列出所有路径中包含 `openid` 的嵌入文件: 列出所有路径中包含 `openid` 的嵌入文件:
@ -83,7 +83,7 @@ gitea [--config {file}] embedded extract [--destination {dir}|--custom] [--overw
请确保**只提取需要自定义的文件**。位于 `custom` 目录中的文件不会受到 Gitea 的升级过程的影响。当 Gitea 升级到新版本通过替换可执行文件许多嵌入文件将发生变化。Gitea 将尊重并使用在 `custom` 目录中找到的任何文件,即使这些文件是旧的和不兼容的。 请确保**只提取需要自定义的文件**。位于 `custom` 目录中的文件不会受到 Gitea 的升级过程的影响。当 Gitea 升级到新版本通过替换可执行文件许多嵌入文件将发生变化。Gitea 将尊重并使用在 `custom` 目录中找到的任何文件,即使这些文件是旧的和不兼容的。
### 示例 ### 示例:提取邮件模板
将邮件模板提取到临时目录: 将邮件模板提取到临时目录:

@ -102,7 +102,7 @@ In addition, there is _`StaticRootPath`_ which can be set as a built-in at build
- `ENABLE_PUSH_CREATE_USER`: **false**: Allow users to push local repositories to Gitea and have them automatically created for a user. - `ENABLE_PUSH_CREATE_USER`: **false**: Allow users to push local repositories to Gitea and have them automatically created for a user.
- `ENABLE_PUSH_CREATE_ORG`: **false**: Allow users to push local repositories to Gitea and have them automatically created for an org. - `ENABLE_PUSH_CREATE_ORG`: **false**: Allow users to push local repositories to Gitea and have them automatically created for an org.
- `DISABLED_REPO_UNITS`: **_empty_**: Comma separated list of globally disabled repo units. Allowed values: \[repo.issues, repo.ext_issues, repo.pulls, repo.wiki, repo.ext_wiki, repo.projects, repo.packages, repo.actions\] - `DISABLED_REPO_UNITS`: **_empty_**: Comma separated list of globally disabled repo units. Allowed values: \[repo.issues, repo.ext_issues, repo.pulls, repo.wiki, repo.ext_wiki, repo.projects, repo.packages, repo.actions\]
- `DEFAULT_REPO_UNITS`: **repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects,repo.packages**: Comma separated list of default new repo units. Allowed values: \[repo.code, repo.releases, repo.issues, repo.pulls, repo.wiki, repo.projects, repo.packages, repo.actions\]. Note: Code and Releases can currently not be deactivated. If you specify default repo units you should still list them for future compatibility. External wiki and issue tracker can't be enabled by default as it requires additional settings. Disabled repo units will not be added to new repositories regardless if it is in the default list. - `DEFAULT_REPO_UNITS`: **repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects,repo.packages,repo.actions**: Comma separated list of default new repo units. Allowed values: \[repo.code, repo.releases, repo.issues, repo.pulls, repo.wiki, repo.projects, repo.packages, repo.actions\]. Note: Code and Releases can currently not be deactivated. If you specify default repo units you should still list them for future compatibility. External wiki and issue tracker can't be enabled by default as it requires additional settings. Disabled repo units will not be added to new repositories regardless if it is in the default list.
- `DEFAULT_FORK_REPO_UNITS`: **repo.code,repo.pulls**: Comma separated list of default forked repo units. The set of allowed values and rules is the same as `DEFAULT_REPO_UNITS`. - `DEFAULT_FORK_REPO_UNITS`: **repo.code,repo.pulls**: Comma separated list of default forked repo units. The set of allowed values and rules is the same as `DEFAULT_REPO_UNITS`.
- `PREFIX_ARCHIVE_FILES`: **true**: Prefix archive files by placing them in a directory named after the repository. - `PREFIX_ARCHIVE_FILES`: **true**: Prefix archive files by placing them in a directory named after the repository.
- `DISABLE_MIGRATIONS`: **false**: Disable migrating feature. - `DISABLE_MIGRATIONS`: **false**: Disable migrating feature.
@ -215,9 +215,9 @@ The following configuration set `Content-Type: application/vnd.android.package-a
- `SITEMAP_PAGING_NUM`: **20**: Number of items that are displayed in a single subsitemap. - `SITEMAP_PAGING_NUM`: **20**: Number of items that are displayed in a single subsitemap.
- `GRAPH_MAX_COMMIT_NUM`: **100**: Number of maximum commits shown in the commit graph. - `GRAPH_MAX_COMMIT_NUM`: **100**: Number of maximum commits shown in the commit graph.
- `CODE_COMMENT_LINES`: **4**: Number of line of codes shown for a code comment. - `CODE_COMMENT_LINES`: **4**: Number of line of codes shown for a code comment.
- `DEFAULT_THEME`: **auto**: \[auto, gitea, arc-green\]: Set the default theme for the Gitea install. - `DEFAULT_THEME`: **gitea-auto**: \[gitea-auto, gitea-light, gitea-dark\]: Set the default theme for the Gitea installation.
- `SHOW_USER_EMAIL`: **true**: Whether the email of the user should be shown in the Explore Users page. - `SHOW_USER_EMAIL`: **true**: Whether the email of the user should be shown in the Explore Users page.
- `THEMES`: **auto,gitea,arc-green**: All available themes. Allow users select personalized themes. - `THEMES`: **gitea-auto,gitea-light,gitea-dark**: All available themes. Allow users select personalized themes.
regardless of the value of `DEFAULT_THEME`. regardless of the value of `DEFAULT_THEME`.
- `MAX_DISPLAY_FILE_SIZE`: **8388608**: Max size of files to be displayed (default is 8MiB) - `MAX_DISPLAY_FILE_SIZE`: **8388608**: Max size of files to be displayed (default is 8MiB)
- `REACTIONS`: All available reactions users can choose on issues/prs and comments - `REACTIONS`: All available reactions users can choose on issues/prs and comments
@ -281,6 +281,7 @@ The following configuration set `Content-Type: application/vnd.android.package-a
- `APP_DATA_PATH`: **_`AppWorkPath`_/data**: This is the default root path for storing data. - `APP_DATA_PATH`: **_`AppWorkPath`_/data**: This is the default root path for storing data.
- `PROTOCOL`: **http**: \[http, https, fcgi, http+unix, fcgi+unix\] - `PROTOCOL`: **http**: \[http, https, fcgi, http+unix, fcgi+unix\]
- Note: Value must be lowercase.
- `USE_PROXY_PROTOCOL`: **false**: Expect PROXY protocol headers on connections - `USE_PROXY_PROTOCOL`: **false**: Expect PROXY protocol headers on connections
- `PROXY_PROTOCOL_TLS_BRIDGING`: **false**: When protocol is https, expect PROXY protocol headers after TLS negotiation. - `PROXY_PROTOCOL_TLS_BRIDGING`: **false**: When protocol is https, expect PROXY protocol headers after TLS negotiation.
- `PROXY_PROTOCOL_HEADER_TIMEOUT`: **5s**: Timeout to wait for PROXY protocol header (set to 0 to have no timeout) - `PROXY_PROTOCOL_HEADER_TIMEOUT`: **5s**: Timeout to wait for PROXY protocol header (set to 0 to have no timeout)
@ -483,7 +484,7 @@ Configuration at `[queue]` will set defaults for queues with overrides for indiv
- `TYPE`: **level**: General queue type, currently support: `level` (uses a LevelDB internally), `channel`, `redis`, `dummy`. Invalid types are treated as `level`. - `TYPE`: **level**: General queue type, currently support: `level` (uses a LevelDB internally), `channel`, `redis`, `dummy`. Invalid types are treated as `level`.
- `DATADIR`: **queues/common**: Base DataDir for storing level queues. `DATADIR` for individual queues can be set in `queue.name` sections. Relative paths will be made absolute against `%(APP_DATA_PATH)s`. - `DATADIR`: **queues/common**: Base DataDir for storing level queues. `DATADIR` for individual queues can be set in `queue.name` sections. Relative paths will be made absolute against `%(APP_DATA_PATH)s`.
- `LENGTH`: **100**: Maximal queue size before channel queues block - `LENGTH`: **100000**: Maximal queue size before channel queues block
- `BATCH_LENGTH`: **20**: Batch data before passing to the handler - `BATCH_LENGTH`: **20**: Batch data before passing to the handler
- `CONN_STR`: **redis://127.0.0.1:6379/0**: Connection string for the redis queue type. For `redis-cluster` use `redis+cluster://127.0.0.1:6379/0`. Options can be set using query params. Similarly, LevelDB options can also be set using: **leveldb://relative/path?option=value** or **leveldb:///absolute/path?option=value**, and will override `DATADIR` - `CONN_STR`: **redis://127.0.0.1:6379/0**: Connection string for the redis queue type. For `redis-cluster` use `redis+cluster://127.0.0.1:6379/0`. Options can be set using query params. Similarly, LevelDB options can also be set using: **leveldb://relative/path?option=value** or **leveldb:///absolute/path?option=value**, and will override `DATADIR`
- `QUEUE_NAME`: **_queue**: The suffix for default redis and disk queue name. Individual queues will default to **`name`**`QUEUE_NAME` but can be overridden in the specific `queue.name` section. - `QUEUE_NAME`: **_queue**: The suffix for default redis and disk queue name. Individual queues will default to **`name`**`QUEUE_NAME` but can be overridden in the specific `queue.name` section.
@ -517,7 +518,6 @@ And the following unique queues:
- `SECRET_KEY`: **\<random at every install\>**: Global secret key. This key is VERY IMPORTANT, if you lost it, the data encrypted by it (like 2FA secret) can't be decrypted anymore. - `SECRET_KEY`: **\<random at every install\>**: Global secret key. This key is VERY IMPORTANT, if you lost it, the data encrypted by it (like 2FA secret) can't be decrypted anymore.
- `SECRET_KEY_URI`: **_empty_**: Instead of defining SECRET_KEY, this option can be used to use the key stored in a file (example value: `file:/etc/gitea/secret_key`). It shouldn't be lost like SECRET_KEY. - `SECRET_KEY_URI`: **_empty_**: Instead of defining SECRET_KEY, this option can be used to use the key stored in a file (example value: `file:/etc/gitea/secret_key`). It shouldn't be lost like SECRET_KEY.
- `LOGIN_REMEMBER_DAYS`: **7**: Cookie lifetime, in days. - `LOGIN_REMEMBER_DAYS`: **7**: Cookie lifetime, in days.
- `COOKIE_USERNAME`: **gitea\_awesome**: Name of the cookie used to store the current username.
- `COOKIE_REMEMBER_NAME`: **gitea\_incredible**: Name of cookie used to store authentication - `COOKIE_REMEMBER_NAME`: **gitea\_incredible**: Name of cookie used to store authentication
information. information.
- `REVERSE_PROXY_AUTHENTICATION_USER`: **X-WEBAUTH-USER**: Header name for reverse proxy - `REVERSE_PROXY_AUTHENTICATION_USER`: **X-WEBAUTH-USER**: Header name for reverse proxy
@ -617,7 +617,7 @@ And the following unique queues:
- `REQUIRE_SIGNIN_VIEW`: **false**: Enable this to force users to log in to view any page or to use API. - `REQUIRE_SIGNIN_VIEW`: **false**: Enable this to force users to log in to view any page or to use API.
- `ENABLE_NOTIFY_MAIL`: **false**: Enable this to send e-mail to watchers of a repository when - `ENABLE_NOTIFY_MAIL`: **false**: Enable this to send e-mail to watchers of a repository when
something happens, like creating issues. Requires `Mailer` to be enabled. something happens, like creating issues. Requires `Mailer` to be enabled.
- `ENABLE_BASIC_AUTHENTICATION`: **true**: Disable this to disallow authenticaton using HTTP - `ENABLE_BASIC_AUTHENTICATION`: **true**: Disable this to disallow authentication using HTTP
BASIC and the user's password. Please note if you disable this you will not be able to access the BASIC and the user's password. Please note if you disable this you will not be able to access the
tokens API endpoints using a password. Further, this only disables BASIC authentication using the tokens API endpoints using a password. Further, this only disables BASIC authentication using the
password - not tokens or OAuth Basic. password - not tokens or OAuth Basic.
@ -1107,7 +1107,7 @@ This section only does "set" config, a removed config key from this section won'
- `JWT_SECRET_URI`: **_empty_**: Instead of defining JWT_SECRET in the configuration, this configuration option can be used to give Gitea a path to a file that contains the secret (example value: `file:/etc/gitea/oauth2_jwt_secret`) - `JWT_SECRET_URI`: **_empty_**: Instead of defining JWT_SECRET in the configuration, this configuration option can be used to give Gitea a path to a file that contains the secret (example value: `file:/etc/gitea/oauth2_jwt_secret`)
- `JWT_SIGNING_PRIVATE_KEY_FILE`: **jwt/private.pem**: Private key file path used to sign OAuth2 tokens. The path is relative to `APP_DATA_PATH`. This setting is only needed if `JWT_SIGNING_ALGORITHM` is set to `RS256`, `RS384`, `RS512`, `ES256`, `ES384` or `ES512`. The file must contain a RSA or ECDSA private key in the PKCS8 format. If no key exists a 4096 bit key will be created for you. - `JWT_SIGNING_PRIVATE_KEY_FILE`: **jwt/private.pem**: Private key file path used to sign OAuth2 tokens. The path is relative to `APP_DATA_PATH`. This setting is only needed if `JWT_SIGNING_ALGORITHM` is set to `RS256`, `RS384`, `RS512`, `ES256`, `ES384` or `ES512`. The file must contain a RSA or ECDSA private key in the PKCS8 format. If no key exists a 4096 bit key will be created for you.
- `MAX_TOKEN_LENGTH`: **32767**: Maximum length of token/cookie to accept from OAuth2 provider - `MAX_TOKEN_LENGTH`: **32767**: Maximum length of token/cookie to accept from OAuth2 provider
- `DEFAULT_APPLICATIONS`: **git-credential-oauth, git-credential-manager**: Pre-register OAuth applications for some services on startup. See the [OAuth2 documentation](/development/oauth2-provider.md) for the list of available options. - `DEFAULT_APPLICATIONS`: **git-credential-oauth, git-credential-manager, tea**: Pre-register OAuth applications for some services on startup. See the [OAuth2 documentation](/development/oauth2-provider.md) for the list of available options.
## i18n (`i18n`) ## i18n (`i18n`)
@ -1277,7 +1277,7 @@ Default storage configuration for attachments, lfs, avatars, repo-avatars, repo-
- `MINIO_USE_SSL`: **false**: Minio enabled ssl only available when `STORAGE_TYPE` is `minio` - `MINIO_USE_SSL`: **false**: Minio enabled ssl only available when `STORAGE_TYPE` is `minio`
- `MINIO_INSECURE_SKIP_VERIFY`: **false**: Minio skip SSL verification available when STORAGE_TYPE is `minio` - `MINIO_INSECURE_SKIP_VERIFY`: **false**: Minio skip SSL verification available when STORAGE_TYPE is `minio`
The recommanded storage configuration for minio like below: The recommended storage configuration for minio like below:
```ini ```ini
[storage] [storage]
@ -1384,11 +1384,14 @@ PROXY_HOSTS = *.github.com
## Actions (`actions`) ## Actions (`actions`)
- `ENABLED`: **false**: Enable/Disable actions capabilities - `ENABLED`: **true**: Enable/Disable actions capabilities
- `DEFAULT_ACTIONS_URL`: **github**: Default platform to get action plugins, `github` for `https://github.com`, `self` for the current Gitea instance. - `DEFAULT_ACTIONS_URL`: **github**: Default platform to get action plugins, `github` for `https://github.com`, `self` for the current Gitea instance.
- `STORAGE_TYPE`: **local**: Storage type for actions logs, `local` for local disk or `minio` for s3 compatible object storage service, default is `local` or other name defined with `[storage.xxx]` - `STORAGE_TYPE`: **local**: Storage type for actions logs, `local` for local disk or `minio` for s3 compatible object storage service, default is `local` or other name defined with `[storage.xxx]`
- `MINIO_BASE_PATH`: **actions_log/**: Minio base path on the bucket only available when STORAGE_TYPE is `minio` - `MINIO_BASE_PATH`: **actions_log/**: Minio base path on the bucket only available when STORAGE_TYPE is `minio`
- `ARTIFACT_RETENTION_DAYS`: **90**: Number of days to keep artifacts. Set to 0 to disable artifact retention. Default is 90 days if not set. - `ARTIFACT_RETENTION_DAYS`: **90**: Number of days to keep artifacts. Set to 0 to disable artifact retention. Default is 90 days if not set.
- `ZOMBIE_TASK_TIMEOUT`: **10m**: Timeout to stop the task which have running status, but haven't been updated for a long time
- `ENDLESS_TASK_TIMEOUT`: **3h**: Timeout to stop the tasks which have running status and continuous updates, but don't end for a long time
- `ABANDONED_JOB_TIMEOUT`: **24h**: Timeout to cancel the jobs which have waiting status, but haven't been picked by a runner for a long time
`DEFAULT_ACTIONS_URL` indicates where the Gitea Actions runners should find the actions with relative path. `DEFAULT_ACTIONS_URL` indicates where the Gitea Actions runners should find the actions with relative path.
For example, `uses: actions/checkout@v3` means `https://github.com/actions/checkout@v3` since the value of `DEFAULT_ACTIONS_URL` is `github`. For example, `uses: actions/checkout@v3` means `https://github.com/actions/checkout@v3` since the value of `DEFAULT_ACTIONS_URL` is `github`.
@ -1398,7 +1401,7 @@ Please note that using `self` is not recommended for most cases, as it could mak
Additionally, it requires you to mirror all the actions you need to your Gitea instance, which may not be worth it. Additionally, it requires you to mirror all the actions you need to your Gitea instance, which may not be worth it.
Therefore, please use `self` only if you understand what you are doing. Therefore, please use `self` only if you understand what you are doing.
In earlier versions (<= 1.19), `DEFAULT_ACTIONS_URL` cound be set to any custom URLs like `https://gitea.com` or `http://your-git-server,https://gitea.com`, and the default value was `https://gitea.com`. In earlier versions (<= 1.19), `DEFAULT_ACTIONS_URL` could be set to any custom URLs like `https://gitea.com` or `http://your-git-server,https://gitea.com`, and the default value was `https://gitea.com`.
However, later updates removed those options, and now the only options are `github` and `self`, with the default value being `github`. However, later updates removed those options, and now the only options are `github` and `self`, with the default value being `github`.
However, if you want to use actions from other git server, you can use a complete URL in `uses` field, it's supported by Gitea (but not GitHub). However, if you want to use actions from other git server, you can use a complete URL in `uses` field, it's supported by Gitea (but not GitHub).
Like `uses: https://gitea.com/actions/checkout@v3` or `uses: http://your-git-server/actions/checkout@v3`. Like `uses: https://gitea.com/actions/checkout@v3` or `uses: http://your-git-server/actions/checkout@v3`.

@ -102,7 +102,7 @@ menu:
- `ENABLE_PUSH_CREATE_USER`: **false**: 允许用户将本地存储库推送到Gitea并为用户自动创建它们。 - `ENABLE_PUSH_CREATE_USER`: **false**: 允许用户将本地存储库推送到Gitea并为用户自动创建它们。
- `ENABLE_PUSH_CREATE_ORG`: **false**: 允许用户将本地存储库推送到Gitea并为组织自动创建它们。 - `ENABLE_PUSH_CREATE_ORG`: **false**: 允许用户将本地存储库推送到Gitea并为组织自动创建它们。
- `DISABLED_REPO_UNITS`: **_empty_**: 逗号分隔的全局禁用的仓库单元列表。允许的值是:: \[repo.issues, repo.ext_issues, repo.pulls, repo.wiki, repo.ext_wiki, repo.projects, repo.packages, repo.actions\] - `DISABLED_REPO_UNITS`: **_empty_**: 逗号分隔的全局禁用的仓库单元列表。允许的值是:: \[repo.issues, repo.ext_issues, repo.pulls, repo.wiki, repo.ext_wiki, repo.projects, repo.packages, repo.actions\]
- `DEFAULT_REPO_UNITS`: **repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects,repo.packages**: 逗号分隔的默认新仓库单元列表。允许的值是:: \[repo.code, repo.releases, repo.issues, repo.pulls, repo.wiki, repo.projects, repo.packages, repo.actions\]. 注意目前无法停用代码和发布。如果您指定了默认的仓库单元您仍应将它们列出以保持未来的兼容性。外部wiki和问题跟踪器不能默认启用因为它需要额外的设置。禁用的仓库单元将不会添加到新的仓库中无论它是否在默认列表中。 - `DEFAULT_REPO_UNITS`: **repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects,repo.packages,repo.actions**: 逗号分隔的默认新仓库单元列表。允许的值是:: \[repo.code, repo.releases, repo.issues, repo.pulls, repo.wiki, repo.projects, repo.packages, repo.actions\]. 注意目前无法停用代码和发布。如果您指定了默认的仓库单元您仍应将它们列出以保持未来的兼容性。外部wiki和问题跟踪器不能默认启用因为它需要额外的设置。禁用的仓库单元将不会添加到新的仓库中无论它是否在默认列表中。
- `DEFAULT_FORK_REPO_UNITS`: **repo.code,repo.pulls**: 逗号分隔的默认分叉仓库单元列表。允许的值和规则与`DEFAULT_REPO_UNITS`相同。 - `DEFAULT_FORK_REPO_UNITS`: **repo.code,repo.pulls**: 逗号分隔的默认分叉仓库单元列表。允许的值和规则与`DEFAULT_REPO_UNITS`相同。
- `PREFIX_ARCHIVE_FILES`: **true**: 通过将存档文件放置在以仓库命名的目录中来添加前缀。 - `PREFIX_ARCHIVE_FILES`: **true**: 通过将存档文件放置在以仓库命名的目录中来添加前缀。
- `DISABLE_MIGRATIONS`: **false**: 禁用迁移功能。 - `DISABLE_MIGRATIONS`: **false**: 禁用迁移功能。
@ -214,9 +214,9 @@ menu:
- `SITEMAP_PAGING_NUM`: **20**: 在单个子SiteMap中显示的项数。 - `SITEMAP_PAGING_NUM`: **20**: 在单个子SiteMap中显示的项数。
- `GRAPH_MAX_COMMIT_NUM`: **100**: 提交图中显示的最大commit数量。 - `GRAPH_MAX_COMMIT_NUM`: **100**: 提交图中显示的最大commit数量。
- `CODE_COMMENT_LINES`: **4**: 在代码评论中能够显示的最大代码行数。 - `CODE_COMMENT_LINES`: **4**: 在代码评论中能够显示的最大代码行数。
- `DEFAULT_THEME`: **auto**: \[auto, gitea, arc-green\]: 在Gitea安装时候设置的默认主题。 - `DEFAULT_THEME`: **gitea-auto**: \[gitea-auto, gitea-light, gitea-dark\]: 在Gitea安装时候设置的默认主题。
- `SHOW_USER_EMAIL`: **true**: 用户的电子邮件是否应该显示在`Explore Users`页面中。 - `SHOW_USER_EMAIL`: **true**: 用户的电子邮件是否应该显示在`Explore Users`页面中。
- `THEMES`: **auto,gitea,arc-green**: 所有可用的主题。允许用户选择个性化的主题, - `THEMES`: **gitea-auto,gitea-light,gitea-dark**: 所有可用的主题。允许用户选择个性化的主题,
而不受DEFAULT_THEME 值的影响。 而不受DEFAULT_THEME 值的影响。
- `MAX_DISPLAY_FILE_SIZE`: **8388608**: 能够显示文件的最大大小默认为8MiB - `MAX_DISPLAY_FILE_SIZE`: **8388608**: 能够显示文件的最大大小默认为8MiB
- `REACTIONS`: 用户可以在问题Issue、Pull RequestPR以及评论中选择的所有可选的反应。 - `REACTIONS`: 用户可以在问题Issue、Pull RequestPR以及评论中选择的所有可选的反应。
@ -472,7 +472,7 @@ menu:
- `TYPE`**level**:通用队列类型,当前支持:`level`(在内部使用 LevelDB`channel``redis``dummy`。无效的类型将视为 `level` - `TYPE`**level**:通用队列类型,当前支持:`level`(在内部使用 LevelDB`channel``redis``dummy`。无效的类型将视为 `level`
- `DATADIR`**queues/common**:用于存储 level 队列的基本 DataDir。单独的队列的 `DATADIR` 可以在 `queue.name` 部分进行设置。相对路径将根据 `%(APP_DATA_PATH)s` 变为绝对路径。 - `DATADIR`**queues/common**:用于存储 level 队列的基本 DataDir。单独的队列的 `DATADIR` 可以在 `queue.name` 部分进行设置。相对路径将根据 `%(APP_DATA_PATH)s` 变为绝对路径。
- `LENGTH`**100**:通道队列阻塞之前的最大队列大小 - `LENGTH`**100000**:通道队列阻塞之前的最大队列大小
- `BATCH_LENGTH`**20**:在传递给处理程序之前批处理数据 - `BATCH_LENGTH`**20**:在传递给处理程序之前批处理数据
- `CONN_STR`**redis://127.0.0.1:6379/0**redis 队列类型的连接字符串。对于 `redis-cluster`,使用 `redis+cluster://127.0.0.1:6379/0`。可以使用查询参数来设置选项。类似地LevelDB 选项也可以使用:**leveldb://relative/path?option=value** 或 **leveldb:///absolute/path?option=value** 进行设置,并将覆盖 `DATADIR` - `CONN_STR`**redis://127.0.0.1:6379/0**redis 队列类型的连接字符串。对于 `redis-cluster`,使用 `redis+cluster://127.0.0.1:6379/0`。可以使用查询参数来设置选项。类似地LevelDB 选项也可以使用:**leveldb://relative/path?option=value** 或 **leveldb:///absolute/path?option=value** 进行设置,并将覆盖 `DATADIR`
- `QUEUE_NAME`**_queue**:默认的 redis 和磁盘队列名称的后缀。单独的队列将默认为 **`name`**`QUEUE_NAME`,但可以在特定的 `queue.name` 部分中进行覆盖。 - `QUEUE_NAME`**_queue**:默认的 redis 和磁盘队列名称的后缀。单独的队列将默认为 **`name`**`QUEUE_NAME`,但可以在特定的 `queue.name` 部分中进行覆盖。
@ -506,7 +506,6 @@ Gitea 创建以下非唯一队列:
- `SECRET_KEY`: **\<每次安装时随机生成\>**:全局服务器安全密钥。这个密钥非常重要,如果丢失将无法解密加密的数据(例如 2FA - `SECRET_KEY`: **\<每次安装时随机生成\>**:全局服务器安全密钥。这个密钥非常重要,如果丢失将无法解密加密的数据(例如 2FA
- `SECRET_KEY_URI`: **_empty_**:与定义 `SECRET_KEY` 不同,此选项可用于使用存储在文件中的密钥(示例值:`file:/etc/gitea/secret_key`)。它不应该像 `SECRET_KEY` 一样容易丢失。 - `SECRET_KEY_URI`: **_empty_**:与定义 `SECRET_KEY` 不同,此选项可用于使用存储在文件中的密钥(示例值:`file:/etc/gitea/secret_key`)。它不应该像 `SECRET_KEY` 一样容易丢失。
- `LOGIN_REMEMBER_DAYS`: **7**Cookie 保存时间,单位为天。 - `LOGIN_REMEMBER_DAYS`: **7**Cookie 保存时间,单位为天。
- `COOKIE_USERNAME`: **gitea\_awesome**:保存用户名的 Cookie 名称。
- `COOKIE_REMEMBER_NAME`: **gitea\_incredible**:保存自动登录信息的 Cookie 名称。 - `COOKIE_REMEMBER_NAME`: **gitea\_incredible**:保存自动登录信息的 Cookie 名称。
- `REVERSE_PROXY_AUTHENTICATION_USER`: **X-WEBAUTH-USER**:反向代理认证的 HTTP 头部名称,用于提供用户信息。 - `REVERSE_PROXY_AUTHENTICATION_USER`: **X-WEBAUTH-USER**:反向代理认证的 HTTP 头部名称,用于提供用户信息。
- `REVERSE_PROXY_AUTHENTICATION_EMAIL`: **X-WEBAUTH-EMAIL**:反向代理认证的 HTTP 头部名称,用于提供邮箱信息。 - `REVERSE_PROXY_AUTHENTICATION_EMAIL`: **X-WEBAUTH-EMAIL**:反向代理认证的 HTTP 头部名称,用于提供邮箱信息。
@ -1056,7 +1055,7 @@ Gitea 创建以下非唯一队列:
- `JWT_SECRET_URI`**_empty_**:可以使用此配置选项,而不是在配置中定义`JWT_SECRET`以向Gitea提供包含密钥的文件的路径示例值`file:/etc/gitea/oauth2_jwt_secret`)。 - `JWT_SECRET_URI`**_empty_**:可以使用此配置选项,而不是在配置中定义`JWT_SECRET`以向Gitea提供包含密钥的文件的路径示例值`file:/etc/gitea/oauth2_jwt_secret`)。
- `JWT_SIGNING_PRIVATE_KEY_FILE`**jwt/private.pem**用于签署OAuth2令牌的私钥文件路径。路径相对于`APP_DATA_PATH`。仅当`JWT_SIGNING_ALGORITHM`设置为`RS256``RS384``RS512``ES256``ES384``ES512`时才需要此设置。文件必须包含PKCS8格式的RSA或ECDSA私钥。如果不存在密钥则将为您创建一个4096位密钥。 - `JWT_SIGNING_PRIVATE_KEY_FILE`**jwt/private.pem**用于签署OAuth2令牌的私钥文件路径。路径相对于`APP_DATA_PATH`。仅当`JWT_SIGNING_ALGORITHM`设置为`RS256``RS384``RS512``ES256``ES384``ES512`时才需要此设置。文件必须包含PKCS8格式的RSA或ECDSA私钥。如果不存在密钥则将为您创建一个4096位密钥。
- `MAX_TOKEN_LENGTH`**32767**从OAuth2提供者接受的令牌/cookie的最大长度。 - `MAX_TOKEN_LENGTH`**32767**从OAuth2提供者接受的令牌/cookie的最大长度。
- `DEFAULT_APPLICATIONS`**git-credential-oauthgit-credential-manager**在启动时预注册用于某些服务的OAuth应用程序。有关可用选项列表请参阅[OAuth2文档](/development/oauth2-provider.md)。 - `DEFAULT_APPLICATIONS`**git-credential-oauthgit-credential-manager, tea**在启动时预注册用于某些服务的OAuth应用程序。有关可用选项列表请参阅[OAuth2文档](/development/oauth2-provider.md)。
## i18n (`i18n`) ## i18n (`i18n`)
@ -1331,7 +1330,7 @@ PROXY_HOSTS = *.github.com
## Actions (`actions`) ## Actions (`actions`)
- `ENABLED`: **false**:启用/禁用操作功能 - `ENABLED`: **true**:启用/禁用操作功能
- `DEFAULT_ACTIONS_URL`: **github**:获取操作插件的默认平台,`github`表示`https://github.com``self`表示当前的 Gitea 实例。 - `DEFAULT_ACTIONS_URL`: **github**:获取操作插件的默认平台,`github`表示`https://github.com``self`表示当前的 Gitea 实例。
- `STORAGE_TYPE`: **local**:用于操作日志的存储类型,`local`表示本地磁盘,`minio`表示与S3兼容的对象存储服务默认为`local`,或者使用定义为`[storage.xxx]`的其他名称。 - `STORAGE_TYPE`: **local**:用于操作日志的存储类型,`local`表示本地磁盘,`minio`表示与S3兼容的对象存储服务默认为`local`,或者使用定义为`[storage.xxx]`的其他名称。
- `MINIO_BASE_PATH`: **actions_log/**Minio存储桶上的基本路径仅在`STORAGE_TYPE``minio`时可用。 - `MINIO_BASE_PATH`: **actions_log/**Minio存储桶上的基本路径仅在`STORAGE_TYPE``minio`时可用。

@ -370,7 +370,8 @@ A full list of supported emoji's is at [emoji list](https://gitea.com/gitea/gite
## Customizing the look of Gitea ## Customizing the look of Gitea
The default built-in themes are `gitea` (light), `arc-green` (dark), and `auto` (chooses light or dark depending on operating system settings). The built-in themes are `gitea-light`, `gitea-dark`, and `gitea-auto` (which automatically adapts to OS settings).
The default theme can be changed via `DEFAULT_THEME` in the [ui](administration/config-cheat-sheet.md#ui-ui) section of `app.ini`. The default theme can be changed via `DEFAULT_THEME` in the [ui](administration/config-cheat-sheet.md#ui-ui) section of `app.ini`.
Gitea also has support for user themes, which means every user can select which theme should be used. Gitea also has support for user themes, which means every user can select which theme should be used.
@ -384,7 +385,7 @@ To make a custom theme available to all users:
Community themes are listed in [gitea/awesome-gitea#themes](https://gitea.com/gitea/awesome-gitea#themes). Community themes are listed in [gitea/awesome-gitea#themes](https://gitea.com/gitea/awesome-gitea#themes).
The `arc-green` theme source can be found [here](https://github.com/go-gitea/gitea/blob/main/web_src/css/themes/theme-arc-green.css). The default theme sources can be found [here](https://github.com/go-gitea/gitea/blob/main/web_src/css/themes).
If your custom theme is considered a dark theme, set the global css variable `--is-dark-theme` to `true`. If your custom theme is considered a dark theme, set the global css variable `--is-dark-theme` to `true`.
This allows Gitea to adjust the Monaco code editor's theme accordingly. This allows Gitea to adjust the Monaco code editor's theme accordingly.

@ -86,5 +86,6 @@ Gitea 引用 `custom` 目录中的自定义配置文件来覆盖配置、模板
## 更改 Gitea 外观 ## 更改 Gitea 外观
Gitea 目前由两种内置主题,分别为默认 `gitea` 主题和深色主题 `arc-green`,您可以通过修改 内置主题是“gitea-light”、“gitea-dark”和“gitea-auto”自动适应操作系统设置
`app.ini` [ui](administration/config-cheat-sheet.md#ui-ui) 部分的 `DEFAULT_THEME` 的值来变更至一个可用的 Gitea 外观。
默认主题可以通过 `app.ini` 的 [ui](administration/config-cheat-sheet.md#ui-ui) 部分中的 `DEFAULT_THEME` 进行更改。

@ -381,3 +381,9 @@ If you really need to do so, to make Gitea works with sub-path (eg: `http://exam
1. Set `[server] ROOT_URL = http://example.com/gitea/` in your `app.ini` file. 1. Set `[server] ROOT_URL = http://example.com/gitea/` in your `app.ini` file.
2. Make the reverse-proxy pass `http://example.com/gitea/foo` to `http://gitea-server:3000/foo`. 2. Make the reverse-proxy pass `http://example.com/gitea/foo` to `http://gitea-server:3000/foo`.
3. Make sure the reverse-proxy not decode the URI, the request `http://example.com/gitea/a%2Fb` should be passed as `http://gitea-server:3000/a%2Fb`. 3. Make sure the reverse-proxy not decode the URI, the request `http://example.com/gitea/a%2Fb` should be passed as `http://gitea-server:3000/a%2Fb`.
## Docker / Container Registry
The container registry uses a fixed sub-path `/v2` which can't be changed.
Even if you deploy Gitea with a different sub-path, `/v2` will be used by the `docker` client.
Therefore you may need to add an additional route to your reverse proxy configuration.

@ -23,7 +23,7 @@ If you don't want your repository to be visible for search engines read further.
## Block search engines indexation using robots.txt ## Block search engines indexation using robots.txt
To make Gitea serve a custom `robots.txt` (default: empty 404) for top level installations, To make Gitea serve a custom `robots.txt` (default: empty 404) for top level installations,
create a file called `robots.txt` in the [`custom` folder or `CustomPath`](administration/customizing-gitea.md) create a file with path `public/robots.txt` in the [`custom` folder or `CustomPath`](administration/customizing-gitea.md)
Examples on how to configure the `robots.txt` can be found at [https://moz.com/learn/seo/robotstxt](https://moz.com/learn/seo/robotstxt). Examples on how to configure the `robots.txt` can be found at [https://moz.com/learn/seo/robotstxt](https://moz.com/learn/seo/robotstxt).

@ -22,7 +22,7 @@ menu:
## 使用 robots.txt 阻止搜索引擎索引 ## 使用 robots.txt 阻止搜索引擎索引
为了使 Gitea 为顶级安装提供自定义的`robots.txt`(默认为空的 404请在[`custom`文件夹或`CustomPath`]administration/customizing-gitea.md中创建一个名为 `robots.txt` 的文件。 为了使 Gitea 为顶级安装提供自定义的`robots.txt`(默认为空的 404请在 [`custom`文件夹或`CustomPath`]administration/customizing-gitea.md中创建一个名为 `public/robots.txt` 的文件。
有关如何配置 `robots.txt` 的示例,请参考 [https://moz.com/learn/seo/robotstxt](https://moz.com/learn/seo/robotstxt)。 有关如何配置 `robots.txt` 的示例,请参考 [https://moz.com/learn/seo/robotstxt](https://moz.com/learn/seo/robotstxt)。

@ -1,13 +0,0 @@
---
date: "2021-01-22T00:00:00+02:00"
title: "Übersetzung"
slug: "contributing"
sidebar_position: 35
toc: false
draft: false
menu:
sidebar:
name: "Übersetzung"
sidebar_position: 50
identifier: "contributing"
---

@ -1,13 +0,0 @@
---
date: "2021-01-22T00:00:00+02:00"
title: "貢獻"
slug: "contributing"
sidebar_position: 35
toc: false
draft: false
menu:
sidebar:
name: "貢獻"
sidebar_position: 50
identifier: "contributing"
---

@ -95,7 +95,7 @@ Some lint rules and IDEs also have warnings if the returned Promise is not handl
### Fetching data ### Fetching data
To fetch data, use the wrapper functions `GET`, `POST` etc. from `modules/fetch.js`. They To fetch data, use the wrapper functions `GET`, `POST` etc. from `modules/fetch.js`. They
accept a `data` option for the content, will automatically set CSFR token and return a accept a `data` option for the content, will automatically set CSRF token and return a
Promise for a [Response](https://developer.mozilla.org/en-US/docs/Web/API/Response). Promise for a [Response](https://developer.mozilla.org/en-US/docs/Web/API/Response).
### HTML Attributes and `dataset` ### HTML Attributes and `dataset`

@ -1,34 +0,0 @@
---
date: "2016-12-01T16:00:00+02:00"
title: "在地化"
slug: "localization"
sidebar_position: 70
toc: false
draft: false
aliases:
- /zh-tw/localization
menu:
sidebar:
parent: "contributing"
name: "在地化"
sidebar_position: 70
identifier: "localization"
---
# 在地化
我們在 [Crowdin 專案](https://crowdin.com/project/gitea)上進行在地化工作。
**英語系**的翻譯,可在修改[英文語言檔](https://github.com/go-gitea/gitea/blob/main/options/locale/locale_en-US.ini)後提出合併請求。
**非英語系**的翻譯,請前往上述的 Crowdin 專案。
## 已支援的語言
上述 Crowdin 專案中列出的語言在翻譯超過 25% 後將被支援。
翻譯被認可後將在下次 Crowdin 同步後進入到主儲存庫,通常是在任何合併請求被合併之後。
這表示更改的翻譯要到下次 Gitea 發佈後才會出現。
如果您使用的是最新建置,它將會在同步完成、您更新後出現。

@ -1,13 +0,0 @@
---
date: "2016-12-01T16:00:00+02:00"
title: "開發"
slug: "development"
sidebar_position: 40
toc: false
draft: false
menu:
sidebar:
name: "開發"
sidebar_position: 40
identifier: "development"
---

@ -1,24 +0,0 @@
---
date: "2019-04-15T17:29:00+08:00"
title: "整合"
slug: "integrations"
sidebar_position: 65
toc: false
draft: false
aliases:
- /zh-tw/integrations
menu:
sidebar:
parent: "development"
name: "整合"
sidebar_position: 65
identifier: "integrations"
---
# 整合
Gitea 有著很棒的第三方整合社群, 以及其它有著一流支援的專案。
我們持續的整理一份清單以追蹤他們!請到 [awesome-gitea](https://gitea.com/gitea/awesome-gitea) 查看。
如果您正在找尋有關 [CI/CD](https://gitea.com/gitea/awesome-gitea#user-content-devops)、[SDK](https://gitea.com/gitea/awesome-gitea#user-content-sdk) 或是其它佈景主題,您可以在存儲庫 [awesome-gitea](https://gitea.com/gitea/awesome-gitea) 找到他們。

@ -1,41 +0,0 @@
---
date: "2019-04-15T17:29:00+08:00"
title: "遷移介面"
slug: "migrations-interfaces"
sidebar_position: 55
toc: false
draft: false
aliases:
- /zh-tw/migrations-interfaces
menu:
sidebar:
parent: "development"
name: "遷移介面"
sidebar_position: 55
identifier: "migrations-interfaces"
---
# 遷移功能
完整的遷移從 Gitea 1.9.0 開始提供。它定義了兩個介面用來從其它 Git 託管平臺遷移儲存庫資料到 Gitea未來或許會提供遷移到其它 git 託管平臺。
目前已實作了從 Github, Gitlab 和其它 Gitea 遷移資料。
Gitea 定義了一些基本物件於套件 [modules/migration](https://github.com/go-gitea/gitea/tree/master/modules/migration)。
分別是 `Repository`, `Milestone`, `Release`, `ReleaseAsset`, `Label`, `Issue`, `Comment`, `PullRequest`, `Reaction`, `Review`, `ReviewComment`
## Downloader 介面
從新的 Git 託管平臺遷移,有兩個新的步驟。
- 您必須實作一個 `Downloader`,它用來取得儲存庫資訊。
- 您必須實作一個 `DownloaderFactory`,它用來偵測 URL 是否符合並建立上述的 `Downloader`
- 您需要在 `init()` 透過 `RegisterDownloaderFactory` 來註冊 `DownloaderFactory`
您可以在 [downloader.go](https://github.com/go-gitea/gitea/blob/main/modules/migration/downloader.go) 中找到這些介面。
## Uploader 介面
目前只有 `GiteaLocalUploader` 被實作出來,所以我們只能通過 `Uploader` 儲存已下載的資料到本地的 Gitea 實例。
目前尚未支援其它 Uploader。
您可以在 [uploader.go](https://github.com/go-gitea/gitea/blob/main/modules/migration/uploader.go) 中找到這些介面。

@ -86,6 +86,7 @@ Gitea creates OAuth applications for the following services by default on startu
|-----------|-----------|---------| |-----------|-----------|---------|
|[git-credential-oauth](https://github.com/hickford/git-credential-oauth)|Git credential helper|`a4792ccc-144e-407e-86c9-5e7d8d9c3269`| |[git-credential-oauth](https://github.com/hickford/git-credential-oauth)|Git credential helper|`a4792ccc-144e-407e-86c9-5e7d8d9c3269`|
|[Git Credential Manager](https://github.com/git-ecosystem/git-credential-manager)|Git credential helper|`e90ee53c-94e2-48ac-9358-a874fb9e0662`| |[Git Credential Manager](https://github.com/git-ecosystem/git-credential-manager)|Git credential helper|`e90ee53c-94e2-48ac-9358-a874fb9e0662`|
|[tea](https://gitea.com/gitea/tea)|tea|`d57cb8c4-630c-4168-8324-ec79935e18d4`|
To prevent unexpected behavior, they are being displayed as locked in the UI and their creation can instead be controlled by the `DEFAULT_APPLICATIONS` parameter in `app.ini`. To prevent unexpected behavior, they are being displayed as locked in the UI and their creation can instead be controlled by the `DEFAULT_APPLICATIONS` parameter in `app.ini`.

@ -1,96 +0,0 @@
---
date: "2019-04-19:44:00+01:00"
title: "OAuth2 提供者"
slug: "oauth2-provider"
sidebar_position: 41
toc: false
draft: false
aliases:
- /zh-tw/oauth2-provider
menu:
sidebar:
parent: "development"
name: "OAuth2 提供者"
sidebar_position: 41
identifier: "oauth2-provider"
---
# OAuth2 提供者
**目錄**
Gitea 支援作為 OAuth2 提供者,能讓第三方程式能在使用者同意下存取 Gitea 的資源。此功能自 1.8.0 版開始提供。
## Endpoint
| Endpoint | URL |
| ---------------------- | --------------------------- |
| Authorization Endpoint | `/login/oauth/authorize` |
| Access Token Endpoint | `/login/oauth/access_token` |
## 支援的 OAuth2 Grant
目前 Gitea 只支援 [**Authorization Code Grant**](https://tools.ietf.org/html/rfc6749#section-1.3.1) 標準並額外支援下列擴充標準:
- [Proof Key for Code Exchange (PKCE)](https://tools.ietf.org/html/rfc7636)
- [OpenID Connect (OIDC)](https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth)
若想要讓第三方程式使用 Authorization Code Grant需先在「設定」(`/user/settings/applications`)中註冊一個新的應用程式。
## Scope
目前 Gitea 尚未支援 scope (參見 [#4300](https://github.com/go-gitea/gitea/issues/4300)),所有的第三方程式都可獲得該使用者及他所屬的組織中所有資源的存取權。
## 範例
**備註:** 此範例未使用 PKCE。
1. 重新導向使用者到 authorization endpoint 以獲得他同意授權存取資源:
<!-- 1. Redirect to user to the authorization endpoint in order to get their consent for accessing the resources: -->
```curl
https://[YOUR-GITEA-URL]/login/oauth/authorize?client_id=CLIENT_ID&redirect_uri=REDIRECT_URI& response_type=code&state=STATE
```
在設定中註冊應用程式以獲得 `CLIENT_ID``STATE` 是一個隨機的字串,它將在使用者授權後發送回您的應用程式。`state` 參數是選用的,但應該要用它來防止 CSRF 攻擊。
![Authorization Page](/authorize.png)
使用者將會被詢問是否授權給您的應用程式。如果它們同意了,使用者將被重新導向到 `REDIRECT_URL`,例如:
```curl
https://[REDIRECT_URI]?code=RETURNED_CODE&state=STATE
```
1. 使用重新導向提供的 `code`,您可以要求一個新的應用程式和 Refresh Token。Access Token Endpoint 接受 POST 請求使用 `application/json``application/x-www-form-urlencoded` 類型的請求內容,例如:
```curl
POST https://[YOUR-GITEA-URL]/login/oauth/access_token
```
```json
{
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"code": "RETURNED_CODE",
"grant_type": "authorization_code",
"redirect_uri": "REDIRECT_URI"
}
```
回應:
```json
{
"access_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJnbnQiOjIsInR0IjowLCJleHAiOjE1NTUxNzk5MTIsImlhdCI6MTU1NTE3NjMxMn0.0-iFsAwBtxuckA0sNZ6QpBQmywVPz129u75vOM7wPJecw5wqGyBkmstfJHAjEOqrAf_V5Z-1QYeCh_Cz4RiKug",
"token_type": "bearer",
"expires_in": 3600,
"refresh_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJnbnQiOjIsInR0IjoxLCJjbnQiOjEsImV4cCI6MTU1NzgwNDMxMiwiaWF0IjoxNTU1MTc2MzEyfQ.S_HZQBy4q9r5SEzNGNIoFClT43HPNDbUdHH-GYNYYdkRfft6XptJBkUQscZsGxOW975Yk6RbgtGvq1nkEcklOw"
}
```
`CLIENT_SECRET` 是產生給此應用程式的唯一密鑰。請記住該密鑰只會在您於 Gitea 建立/註冊應用程式時出現一次。若您遺失密鑰,您必須在該應用程式的設定中重新產生密鑰。
`access_token` 請求中的 `REDIRECT_URI` 必須符合 `authorize` 請求中的 `REDIRECT_URI`
1. 發送 [API requests](development/api-usage.md#oauth2-provider) 時使用 `access_token` 以存取使用者的資源。

@ -1,13 +0,0 @@
---
date: "2017-01-20T15:00:00+08:00"
title: "Aide"
slug: "help"
sidebar_position: 5
toc: false
draft: false
menu:
sidebar:
name: "Aide"
sidebar_position: 100
identifier: "help"
---

@ -1,13 +0,0 @@
---
date: "2017-01-20T15:00:00+08:00"
title: "幫助"
slug: "help"
sidebar_position: 5
toc: false
draft: false
menu:
sidebar:
name: "幫助"
sidebar_position: 100
identifier: "help"
---

@ -181,7 +181,7 @@ Use [Fail2Ban](administration/fail2ban-setup.md) to monitor and stop automated l
## How to add/use custom themes ## How to add/use custom themes
Gitea supports three official themes right now, `gitea` (light), `arc-green` (dark), and `auto` (automatically switches between the previous two depending on operating system settings). Gitea supports three official themes right now, `gitea-light`, `gitea-dark`, and `gitea-auto` (automatically switches between the previous two depending on operating system settings).
To add your own theme, currently the only way is to provide a complete theme (not just color overrides) To add your own theme, currently the only way is to provide a complete theme (not just color overrides)
As an example, let's say our theme is `arc-blue` (this is a real theme, and can be found [in this issue](https://github.com/go-gitea/gitea/issues/6011)) As an example, let's say our theme is `arc-blue` (this is a real theme, and can be found [in this issue](https://github.com/go-gitea/gitea/issues/6011))

@ -185,7 +185,7 @@ Gitea不提供内置的Pages服务器。您需要一个专用的域名来提供
## 如何添加/使用自定义主题 ## 如何添加/使用自定义主题
Gitea 目前支持三个官方主题,分别是 `gitea`(亮色)、`arc-green`(暗色)和 `auto`(根据操作系统设置自动切换前两个主题)。 Gitea 目前支持三个官方主题,分别是 `gitea-light`、`gitea-dark``gitea-auto`(根据操作系统设置自动切换前两个主题)。
要添加自己的主题,目前唯一的方法是提供一个完整的主题(不仅仅是颜色覆盖)。 要添加自己的主题,目前唯一的方法是提供一个完整的主题(不仅仅是颜色覆盖)。
假设我们的主题是 `arc-blue`(这是一个真实的主题,可以在[此问题](https://github.com/go-gitea/gitea/issues/6011)中找到) 假设我们的主题是 `arc-blue`(这是一个真实的主题,可以在[此问题](https://github.com/go-gitea/gitea/issues/6011)中找到)

@ -1,35 +0,0 @@
---
date: "2018-05-21T15:00:00+00:00"
title: "取得協助"
slug: "support"
sidebar_position: 20
toc: false
draft: false
aliases:
- /zh-tw/seek-help
menu:
sidebar:
parent: "help"
name: "取得協助"
sidebar_position: 20
identifier: "support"
---
# 取得協助
- [Discord 聊天室](https://discord.gg/Gitea)
- [Discourse 討論區](https://discourse.gitea.io/)
**備註:** 尋求支援時,若能先備妥下列資訊將可讓提供協助的人能快速地分析您的問題:
1. 您的 `app.ini` (必要時清除掉任何機密資訊)
2. `gitea.log` (以及任何有關的日誌檔案)
- 例:如果錯誤和資料庫相關,提供 `xorm.log` 可能會有幫助
3. 您看到的任何錯誤訊息
4. 儘可能地在 [try.gitea.io](https://try.gitea.io) 觸發您的問題並記下步驟,以便其他人能重現那個問題。
- 這將讓我們更有機會快速地找出問題的根源並解決它。
5. 堆棧跟踪,[請參考英文文檔](https://docs.gitea.com/help/support)
## 錯誤回報
如果您發現錯誤,請到 [GitHub 的 Issue](https://github.com/go-gitea/gitea/issues) 回報。

@ -1,36 +0,0 @@
---
date: "2023-01-07T22:03:00+01:00"
title: "Dokumentation"
slug: /
sidebar_position: 10
toc: false
draft: false
---
# Was ist Gitea?
Gitea ist ein einfacher, selbst gehosteter Git-Service. Änlich wie GitHub, Bitbucket oder GitLab.
Gitea ist ein [Gogs](http://gogs.io)-Fork.
## Ziele
* Einfach zu installieren
* Plattformübergreifend
* Leichtgewichtig
* Quelloffen
## System Voraussetzungen
* Ein Raspberry Pi 3 ist leistungsstark genug, um Gitea für kleine Belastungen laufen zu lassen.
* 2 CPU Kerne und 1GB RAM sind für kleine Teams/Projekte ausreichend.
* Gitea sollte unter einem seperaten nicht-root Account auf UNIX-Systemen ausgeführt werden.
* Achtung: Gitea verwaltet die `~/.ssh/authorized_keys` Datei. Gitea unter einem normalen Benutzer auszuführen könnte dazu führen, dass dieser sich nicht mehr anmelden kann.
* [Git](https://git-scm.com/) Version 2.0 oder aktueller wird benötigt.
* Wenn Git >= 2.1.2 und [Git LFS](https://git-lfs.github.com/) vorhanden ist, dann wird Git LFS Support automatisch für Gitea aktiviert.
* Wenn Git >= 2.18, dann wird das Rendern von Commit-Graphen automatisch aktiviert.
## Browser Unterstützung
* Die neuesten zwei Versionen von Chrome, Firefox, Safari und Edge
* Firefox ESR

@ -1,273 +0,0 @@
---
date: "2017-08-23T09:00:00+02:00"
title: "Documentation"
slug: /
sidebar_position: 10
toc: false
draft: false
---
# A propos de Gitea
Gitea est un service Git auto-hébergé très simple à installer et à utiliser. Il est similaire à GitHub, Bitbucket ou Gitlab. Le développement initial provient sur [Gogs] (http://gogs.io), mais nous l'avons forké puis renommé Gitea. Si vous souhaitez en savoir plus sur les raisons pour lesquelles nous avons fait cela, lisez [cette publication] (https://blog.gitea.com/welcome-to-gitea/) sur le blog.
## Objectif
Le but de ce projet est de fournir de la manière la plus simple, la plus rapide et sans complication un service Git auto-hébergé. Grâce à Go, cela peut se faire via un binaire indépendant fonctionnant sur toutes les plateformes que Go prend en charge, y compris Linux, macOS et Windows, même sur des architectures comme ARM ou PowerPC.
## Fonctionalités
- Tableau de bord de l'utilisateur
- Choix du contexte (organisation ou utilisateur actuel)
- Chronologie de l'activité
- Révisions (_Commits_)
- Tickets
- Demande d'ajout (_Pull request_)
- Création de dépôts
- Liste des dépôts
- Liste de vos organisations
- Liste des dépôts miroires
- Tableau de bord des tickets
- Choix du contexte (organisation ou utilisateur actuel)
- Filtres
- Ouvert
- Fermé
- Vos dépôts
- Tickets assignés
- Vos tickets
- Dépôts
- Options de tri
- Plus vieux
- Dernière mise à jour
- Nombre de commentaires
- Tableau de bord des demandes d'ajout
- Identique au tableau de bord des tickets
- Types de dépôt
- Miroire
- Normal
- Migré
- Notifications (courriel et web)
- Lu
- Non lu
- Épinglé
- Page d'exploration
- Utilisateurs
- Dépôts
- Organisations
- Moteur de recherche
- Interface personnalisables
- Fichiers publiques remplaçables (logo, css, etc)
- Protection CSRF et XSS
- Support d'HTTPS
- Configuration des types et de la taille maximale des fichiers téléversés
- Journalisation (_Log_)
- Configuration
- Base de données
- MySQL
- PostgreSQL
- SQLite3
- MSSQL
- [TiDB](https://github.com/pingcap/tidb) (MySQL protocol)
- Fichier de configuration
- Voir [ici](https://github.com/go-gitea/gitea/blob/main/custom/conf/app.example.ini)
- Panel d'administration
- Statistiques
- Actions
- Suppression des comptes inactifs
- Suppression des dépôts archivés
- Suppression des dépôts pour lesquels il manque leurs fichiers
- Exécution du _garbage collector_ sur les dépôts
- Ré-écriture des clefs SSH
- Resynchronisation des hooks
- Recreation des dépôts manquants
- Status du server
- Temps de disponibilité
- Mémoire
- Nombre de goroutines
- et bien plus...
- Gestion des utilisateurs
- Recherche
- Tri
- Dernière connexion
- Méthode d'authentification
- Nombre maximum de dépôts
- Désactivation du compte
- Permissions d'administration
- Permission pour crééer des hooks
- Permission pour crééer des organisations
- Permission pour importer des dépôts
- Gestion des organisations
- Membres
- Équipes
- Avatar
- Hooks
- Gestion des depôts
- Voir toutes les informations pour un dépôt donné et gérer tous les dépôts
- Méthodes d'authentification
- OAuth
- PAM
- LDAP
- SMTP
- Visualisation de la configuration
- Tout ce que contient le fichier de configuration
- Alertes du système
- Quand quelque chose d'inattendu survient
- Surveillance
- Processus courrants
- Tâches CRON
- Mise à jour des dépôts miroires
- Vérification de l'état des dépôts
- Vérification des statistiques des dépôts
- Nettoyage des anciennes archives
- Variables d'environement
- Options de ligne de commande
- Internationalisation ([21 langues](https://github.com/go-gitea/gitea/tree/master/options/locale))
- Courriel
- Notifications
- Confirmation d'inscription
- Ré-initialisation du mot de passe
- Support de _reverse proxy_
- _subpaths_ inclus
- Utilisateurs
- Profil
- Nom
- Prénom
- Courriel
- Site internet
- Date de création
- Abonnés et abonnements
- Organisations
- Dépôts
- Activité
- Dépôts suivis
- Paramètres
- Identiques au profil avec en plus les éléments ci-dessous
- Rendre l'adresse de courriel privée
- Avatar
- Gravatar
- Libravatar
- Personnalisé
- Mot de passe
- Courriels multiples
- Clefs SSH
- Applications connectées
- Authentification à double facteurs
- Identités OAuth2 attachées
- Suppression du compte
- Dépôts
- Clone à partir de SSH / HTTP / HTTPS
- Git LFS
- Suivre, Voter, Fork
- Voir les personnes qui suivent, les votes et les forks
- Code
- Navigation entre les branches
- Création ou téléversement de fichier depuis le navigateur
- URLs pour clôner le dépôt
- Téléchargement
- ZIP
- TAR.GZ
- Édition en ligne
- Éditeur Markdown
- Éditeur de texte
- Coloration syntaxique
- Visualisation des Diffs
- Visualisation
- Possibilité de choisir où sauvegarder la révision
- Historiques des fichiers
- Suppression de fichiers
- Voir le fichier brut
- Tickets
- Modèle de ticket
- Jalons
- Étiquettes
- Affecter des tickets
- Filtres
- Ouvert
- Ferme
- Personne assignée
- Créer par vous
- Qui vous mentionne
- Tri
- Plus vieux
- Dernière mise à jour
- Nombre de commentaires
- Moteur de recherche
- Commentaires
- Joindre des fichiers
- Demande dajout (_Pull request_)
- Les mêmes fonctionnalités que pour les tickets
- Révisions (_Commits_)
- Representation graphique des révisions
- Révisions par branches
- Moteur de recherche
- Voir les différences
- Voir les numéro de révision SHA
- Voir l'auteur
- Naviguer dans les fichiers d'une révision donnée
- Publication
- Pièces jointes
- Titre
- Contenu
- Suppression
- Définir comme une pré-publication
- Choix de la branche
- Wiki
- Import
- Éditeur Markdown
- Paramètres
- Options
- Nom
- Description
- Privé / Publique
- Site internet
- Wiki
- Activé / Désactivé
- Interne / externe
- Tickets
- Activé / Désactivé
- Interne / externe
- URL personnalisable pour une meilleur intégration avec un gestionnaire de tickets externe
- Activer / désactiver les demandes d'ajout (_Pull request_)
- Transfert du dépôt
- Suppression du wiki
- Suppression du dépôt
- Collaboration
- Lecture / Écriture / Administration
- Branches
- Branche par défaut
- Protection
- Webhooks
- Git hooks
- Clefs de déploiement
## Configuration requise
- Un simple Raspberry Pi est assez puissant pour les fonctionnalités de base.
- Un processeur double coeurs et 1Gb de RAM est une bonne base pour une utilisation en équipe.
- Gitea est censé être exécuté avec un compte utilisateur dédié et non root, aucun autre mode de fonctionnement n'est pris en charge. (**NOTE**: Dans le cas où vous l'exécutez avec votre propre compte d'utilisateur et que le serveur SSH intégré est désactivé, Gitea modifie le fichier `~ /.ssh /authorized_keys` afin que vous ne soyez **plus capable** de vous connecter interactivement).
## Navigateurs supportés
- Chrome, Firefox, Safari, Edge
## Composants
- Framework web : [Chi](http://github.com/go-chi/chi)
- ORM: [XORM](https://xorm.io)
- Interface graphique :
- [jQuery](https://jquery.com)
- [Fomantic UI](https://fomantic-ui.com)
- [Vue3](https://vuejs.org)
- [CodeMirror](https://codemirror.net)
- [EasyMDE](https://github.com/Ionaru/easy-markdown-editor)
- [Monaco Editor](https://microsoft.github.io/monaco-editor)
- ... (package.json)
- Connecteurs de base de données :
- [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql)
- [github.com/lib/pq](https://github.com/lib/pq)
- [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3)
- [github.com/denisenkom/go-mssqldb](https://github.com/denisenkom/go-mssqldb)
## Logiciels et services
- [Drone](https://github.com/drone/drone) (Intégration continue)

@ -1,79 +0,0 @@
---
date: "2016-11-08T16:00:00+02:00"
title: "文件"
slug: /
sidebar_position: 10
toc: false
draft: false
---
# 關於 Gitea
Gitea 是一個可自行託管的 Git 服務。你可以拿 GitHub、Bitbucket 或 Gitlab 來比較看看。
Gitea 是從 [Gogs](http://gogs.io) Fork 出來的,請閱讀部落格文章 [Gitea 公告](https://blog.gitea.com/welcome-to-gitea/)以了解我們 Fork 的理由。
## 目標
本專案的首要目標是建立一個容易安裝,執行快速,安装和使用體驗良好的自建 Git 服務。我們採用 GO 為後端語言Go 可以產生各平台使用的執行檔。它支援 Linux、macOS 和 Windows 外,處理器架構包含 amd64、i386、ARM 和 PowerPC 等。
## 功能
- 代碼託管Gitea 支援建立和管理存儲庫、瀏覽提交歷史和程式碼檔案、審查和合併程式碼提交、管理協作者、處理分支等。它還支援許多常見的 Git 功能如標籤、Cherry-pick、鉤子、集成協作工具等。
- 輕量級和快速Gitea 的設計目標之一就是輕量級和快速響應。與某些大型代碼託管平台不同它保持了精簡在速度方面表現出色適用於資源有限的伺服器環境。由於其輕量級設計Gitea 的資源消耗相對較低,在資源受限的環境中表現出色。
- 易於部署和維護:它可以輕鬆地部署在各種伺服器上,無需複雜的配置或依賴。這使得個人開發者或小團隊可以方便地設置和管理自己的 Git 服務。
- 安全性Gitea 強調安全性,提供用戶權限管理、訪問控制列表等功能,確保程式碼和數據的安全性。
- 代碼審查:代碼審查同時支援拉取請求工作流和 AGit 工作流。審查者可以在線瀏覽程式碼並提供審查意見或反饋。提交者可以接收審查意見並在線回覆或修改程式碼。代碼審查可以幫助個人和組織提升程式碼質量。
- CI/CDGitea Actions 支援 CI/CD 功能,與 GitHub Actions 相容。用戶可以使用熟悉的 YAML 格式編寫工作流程,並重複使用各種現有的 Actions 插件。Actions 插件支援從任何 Git 網站下載。
- 專案管理Gitea 通過看板和工單來追蹤一個專案的需求、功能和錯誤。工單支援分支、標籤、里程碑、指派、時間追蹤、到期日期、依賴關係等功能。
- 制品庫Gitea 支援超過 20 種不同類型的公有或私有軟體包管理包括Cargo、Chef、Composer、Conan、Conda、Container、Helm、Maven、npm、NuGet、Pub、PyPI、RubyGems、Vagrant 等。
- 開源社區支援Gitea 是一個基於 MIT 許可證的開源專案,擁有活躍的開源社區,能夠持續進行開發和改進,同時也積極接受社區貢獻,保持了平台的更新和創新。
- 多語言支援Gitea 提供多種語言界面,適應全球範圍內的用戶,促進了國際化和本地化。
更多功能特性詳見https://docs.gitea.com/installation/comparison#general-features
## 系統需求
- Raspberry Pi 3 的效能足夠讓 Gitea 承擔小型工作負載。
- 雙核心 CPU 和 1GB 記憶體通常足以應付小型團隊/專案。
- 在類 UNIX 系統上, 應該以專用的非 root 系統帳號來執行 Gitea。
- 備註Gitea 管理著 `~/.ssh/authorized_keys` 檔案。以一般身份使用者執行 Gitea 可能會破壞該使用者的登入能力。
- [Git](https://git-scm.com/) 的最低需求為 2.0 或更新版本。
- 當 git 版本 >= 2.1.2 時,可啟用 Git [large file storage](https://git-lfs.github.com/)。
- 當 git 版本 >= 2.18 時,將自動啟用 Git 提交線圖渲染。
## 瀏覽器支援
- 最近 2 個版本的 Chrome, Firefox, Safari, Edge
- Firefox ESR
## 元件
- Web 框架: [Chi](http://github.com/go-chi/chi)
- ORM [XORM](https://xorm.io)
- UI 元件:
- [jQuery](https://jquery.com)
- [Fomantic UI](https://fomantic-ui.com)
- [Vue3](https://vuejs.org)
- [CodeMirror](https://codemirror.net)
- [EasyMDE](https://github.com/Ionaru/easy-markdown-editor)
- [Monaco Editor](https://microsoft.github.io/monaco-editor)
- ... (package.json)
- 資料庫驅動程式:
- [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql)
- [github.com/lib/pq](https://github.com/lib/pq)
- [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3)
- [github.com/denisenkom/go-mssqldb](https://github.com/denisenkom/go-mssqldb)
## 集成支持
請訪問 [Awesome Gitea](https://gitea.com/gitea/awesome-gitea/) 獲得更多的第三方集成支持

@ -1,13 +0,0 @@
---
date: "2017-08-23T09:00:00+02:00"
title: "Installation"
slug: "installation"
sidebar_position: 10
toc: false
draft: false
menu:
sidebar:
name: "Installation"
sidebar_position: 10
identifier: "installation"
---

@ -1,13 +0,0 @@
---
date: "2016-12-01T16:00:00+02:00"
title: "安裝"
slug: "installation"
sidebar_position: 10
toc: false
draft: false
menu:
sidebar:
name: "安裝"
sidebar_position: 10
identifier: "installation"
---

@ -33,117 +33,117 @@ _Symbols used in table:_
## General Features ## General Features
| Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE | | Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE | RhodeCode EE |
| ------------------------------------------------ | --------------------------------------------------- | ---- | --------- | --------- | --------- | --------- | ------------ | | ------------------------------------------------ | --------------------------------------------------- | ---- | --------- | --------- | --------- | --------- | ------------ | ------------ |
| Open source and free | ✓ | ✓ | ✘ | ✓ | ✘ | ✘ | ✓ | | Open source and free | ✓ | ✓ | ✘ | ✓ | ✘ | ✘ | ✓ | ✓ |
| Low RAM/ CPU usage | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ | ✘ | | Low RAM/ CPU usage | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ | ✘ | ✘ |
| Multiple database support | ✓ | ✓ | ✘ | | | ✓ | ✓ | | Multiple database support | ✓ | ✓ | ✘ | | | ✓ | ✓ | ✓ |
| Multiple OS support | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ | ✓ | | Multiple OS support | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ | ✓ | ✓ |
| Easy upgrades | ✓ | ✓ | ✘ | ✓ | ✓ | ✘ | ✓ | | Easy upgrades | ✓ | ✓ | ✘ | ✓ | ✓ | ✘ | ✓ | ✓ |
| Telemetry | **✘** | ✘ | ✓ | ✓ | ✓ | ✓ | ? | | Telemetry | **✘** | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Third-party render tool support | ✓ | ✘ | ✘ | ✘ | ✘ | ✓ | ? | | Third-party render tool support | ✓ | ✘ | ✘ | ✘ | ✘ | ✓ | ✘ | ✘ |
| WebAuthn (2FA) | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ? | | WebAuthn (2FA) | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | ✓ |
| Extensive API | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | | Extensive API | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Built-in Package/Container Registry | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | | Built-in Package/Container Registry | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Sync commits to an external repo (push mirror) | ✓ | ✓ | ✘ | ✓ | ✓ | ✘ | ✓ | | Sync commits to an external repo (push mirror) | ✓ | ✓ | ✘ | ✓ | ✓ | ✘ | ✓ | ✓ |
| Sync commits from an external repo (pull mirror) | ✓ | ✘ | ✘ | ✓ | ✓ | ✘ | ? | | Sync commits from an external repo (pull mirror) | ✓ | ✘ | ✘ | ✓ | ✓ | ✘ | ✓ | ✓ |
| Light and Dark Theme | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ? | | Light and Dark Theme | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Custom Theme Support | ✓ | ✓ | ✘ | ✘ | ✘ | ✓ | | | Custom Theme Support | ✓ | ✓ | ✘ | ✘ | ✘ | ✓ | ✓ | ✓ |
| Markdown support | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | | Markdown support | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| CSV support | ✓ | ✘ | ✓ | ✘ | ✘ | ✓ | ? | | CSV support | ✓ | ✘ | ✓ | ✘ | ✘ | ✓ | ✘ | ✘ |
| 'GitHub / GitLab pages' | [⚙️][gitea-pages-server], [⚙️][gitea-caddy-plugin] | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | | 'GitHub / GitLab pages' | [⚙️][gitea-pages-server], [⚙️][gitea-caddy-plugin] | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Repo-specific wiki (as a repo itself) | ✓ | ✓ | ✓ | ✓ | ✓ | / | ✘ | | Repo-specific wiki (as a repo itself) | ✓ | ✓ | ✓ | ✓ | ✓ | / | ✘ | ✘ |
| Deploy Tokens | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | | Deploy Tokens | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Repository Tokens with write rights | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Repository Tokens with write rights | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| RSS Feeds | ✓ | ✘ | ✓ | ✘ | ✘ | ✘ | | | RSS Feeds | ✓ | ✘ | ✓ | ✘ | ✘ | ✘ | ✓ | ✓ |
| Built-in CI/CD | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | | Built-in CI/CD | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Subgroups: groups within groups | [](https://github.com/go-gitea/gitea/issues/1872) | ✘ | ✘ | ✓ | ✓ | ✘ | ✓ | | Subgroups: groups within groups | [](https://github.com/go-gitea/gitea/issues/1872) | ✘ | ✘ | ✓ | ✓ | ✘ | ✓ | ✓ |
| Interaction with other instances | [/](https://github.com/go-gitea/gitea/issues/18240) | ✘ | ✘ | ✘ | ✘ | ✘ | ✘ | | Interaction with other instances | [/](https://github.com/go-gitea/gitea/issues/18240) | ✘ | ✘ | ✘ | ✘ | ✘ | ✘ | ✘ |
| Mermaid diagrams in Markdown | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | | Mermaid diagrams in Markdown | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Math syntax in Markdown | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | | | Math syntax in Markdown | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✓ | ✓ |
## Code management ## Code management
| Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE | | Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE | RhodeCode EE |
| ------------------------------------------- | --------------------------------------------------- | ---- | --------- | --------- | --------- | --------- | ------------ | | ------------------------------------------- | --------------------------------------------------- | ---- | --------- | --------- | --------- | --------- | ------------ | ------------ |
| Repository topics | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | | Repository topics | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Repository code search | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Repository code search | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Global code search | ✓ | ✘ | ✓ | ✘ | ✓ | ✓ | ✓ | | Global code search | ✓ | ✘ | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ |
| Git LFS 2.0 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Git LFS 2.0 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Group Milestones | [](https://github.com/go-gitea/gitea/issues/14622) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | | Group Milestones | [](https://github.com/go-gitea/gitea/issues/14622) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Granular user roles (Code, Issues, Wiki, …) | ✓ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | | Granular user roles (Code, Issues, Wiki, …) | ✓ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Verified Committer | | ✘ | ? | ✓ | ✓ | ✓ | ✘ | | Verified Committer | | ✘ | ? | ✓ | ✓ | ✓ | ✘ | ✘ |
| GPG Signed Commits | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | GPG Signed Commits | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| SSH Signed Commits | ✓ | ✘ | ✓ | ✓ | ✓ | ? | ? | | SSH Signed Commits | ✓ | ✘ | ✓ | ✓ | ✓ | ? | ✘ | ✘ |
| Reject unsigned commits | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Reject unsigned commits | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Migrating repos from other services | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Migrating repos from other services | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Repository Activity page | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Repository Activity page | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Branch manager | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Branch manager | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Create new branches | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | | Create new branches | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Web code editor | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | | Web code editor | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Commit graph | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Commit graph | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Template Repositories | ✓ | ✘ | ✓ | ✘ | ✓ | ✓ | ✘ | | Template Repositories | ✓ | ✘ | ✓ | ✘ | ✓ | ✓ | ✘ | ✘ |
| Git Blame | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | | | Git Blame | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Visual comparison of image changes | ✓ | ✘ | ✓ | ? | ? | ? | ? | | Visual comparison of image changes | ✓ | ✘ | ✓ | ? | ? | ? | ✘ | ✘ |
## Issue Tracker ## Issue Tracker
| Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE | | Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE | RhodeCode EE |
| ----------------------------- | --------------------------------------------------- | ---- | --------- | --------- | --------- | --------- | ------------ | | ----------------------------- | --------------------------------------------------- | ---- | --------- | --------- | --------- | --------- | ------------ | ------------ |
| Issue tracker | ✓ | ✓ | ✓ | ✓ | ✓ | / | ✘ | | Issue tracker | ✓ | ✓ | ✓ | ✓ | ✓ | / | ✘ | ✘ |
| Issue templates | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ | | Issue templates | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Labels | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ | | Labels | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Time tracking | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | | Time tracking | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Multiple assignees for issues | ✓ | ✘ | ✓ | ✘ | ✓ | ✘ | ✘ | | Multiple assignees for issues | ✓ | ✘ | ✓ | ✘ | ✓ | ✘ | ✘ | ✘ |
| Related issues | ✘ | ✘ | | ✓ | ✓ | ✘ | ✘ | | Related issues | ✘ | ✘ | | ✓ | ✓ | ✘ | ✘ | ✘ |
| Confidential issues | [](https://github.com/go-gitea/gitea/issues/3217) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | | Confidential issues | [](https://github.com/go-gitea/gitea/issues/3217) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Comment reactions | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | | Comment reactions | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Lock Discussion | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | | Lock Discussion | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Batch issue handling | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | | Batch issue handling | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Issue Boards (Kanban) | [/](https://github.com/go-gitea/gitea/issues/14710) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | | Issue Boards (Kanban) | [/](https://github.com/go-gitea/gitea/issues/14710) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Create branch from issue | [](https://github.com/go-gitea/gitea/issues/20226) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | | Create branch from issue | [](https://github.com/go-gitea/gitea/issues/20226) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Convert comment to new issue | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | | Convert comment to new issue | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Issue search | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | | Issue search | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Global issue search | [/](https://github.com/go-gitea/gitea/issues/2434) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | | Global issue search | [/](https://github.com/go-gitea/gitea/issues/2434) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Issue dependency | ✓ | ✘ | ✘ | ✘ | ✘ | ✘ | ✘ | | Issue dependency | ✓ | ✘ | ✘ | ✘ | ✘ | ✘ | ✘ | ✘ |
| Create issue via email | [](https://github.com/go-gitea/gitea/issues/6226) | ✘ | ✘ | ✓ | ✓ | ✓ | ✘ | | Create issue via email | [](https://github.com/go-gitea/gitea/issues/6226) | ✘ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Service Desk | [](https://github.com/go-gitea/gitea/issues/6219) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | | Service Desk | [](https://github.com/go-gitea/gitea/issues/6219) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | ✘ |
## Pull/Merge requests ## Pull/Merge requests
| Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE | | Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE | RhodeCode EE |
| ----------------------------------------------- | -------------------------------------------------- | ---- | --------- | --------- | --------- | --------- | ------------ | | ----------------------------------------------- | -------------------------------------------------- | ---- | --------- | --------- | --------- | --------- | ------------ | ------------ |
| Pull/Merge requests | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | | Pull/Merge requests | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Squash merging | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Squash merging | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Rebase merging | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | | Rebase merging | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Pull/Merge request inline comments | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Pull/Merge request inline comments | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Pull/Merge request approval | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Pull/Merge request approval | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Pull/Merge require approval | ✓ | ✘ | ✓ | ✘ | ✓ | ✓ | ✓ | | Pull/Merge require approval | ✓ | ✘ | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ |
| Pull/Merge multiple reviewers | ✓ | ✓ | ✓ | ✘ | ✓ | ✓ | ✓ | | Pull/Merge multiple reviewers | ✓ | ✓ | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ |
| Merge conflict resolution | [](https://github.com/go-gitea/gitea/issues/9014) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | | Merge conflict resolution | [](https://github.com/go-gitea/gitea/issues/9014) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Restrict push and merge access to certain users | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Restrict push and merge access to certain users | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Revert specific commits | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | | Revert specific commits | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Pull/Merge requests templates | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ | | Pull/Merge requests templates | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ |
| Cherry-picking changes | ✓ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | | Cherry-picking changes | ✓ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ | ✓ |
| Download Patch | ✓ | ✘ | ✓ | ✓ | ✓ | / | | | Download Patch | ✓ | ✘ | ✓ | ✓ | ✓ | / | ✓ | ✓ |
| Merge queues | ✘ | ✘ | ✓ | ✘ | ✓ | ✘ | ✘ | | Merge queues | ✘ | ✘ | ✓ | ✘ | ✓ | ✘ | ✘ | ✘ |
## 3rd-party integrations ## 3rd-party integrations
| Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE | | Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE | RhodeCode EE |
| ---------------------------------------------- | ------------------------------------------------ | ---- | --------- | --------- | --------- | --------- | ------------ | | ---------------------------------------------- | ------------------------------------------------ | ---- | --------- | --------- | --------- | --------- | ------------ | ------------ |
| Webhooks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | | Webhooks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Git Hooks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | | Git Hooks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| AD / LDAP integration | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | | AD / LDAP integration | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Multiple LDAP / AD server support | ✓ | ✓ | ✘ | ✘ | ✓ | ✓ | ✓ | | Multiple LDAP / AD server support | ✓ | ✓ | ✘ | ✘ | ✓ | ✓ | ✓ | ✓ |
| LDAP user synchronization | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | LDAP user synchronization | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | ✓ |
| SAML 2.0 service provider | [](https://github.com/go-gitea/gitea/issues/5512) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | | SAML 2.0 service provider | [](https://github.com/go-gitea/gitea/issues/5512) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | ✓ |
| OpenID Connect support | ✓ | ✘ | ✓ | ✓ | ✓ | ? | ✘ | | OpenID Connect support | ✓ | ✘ | ✓ | ✓ | ✓ | ? | ✘ | ✓ |
| OAuth 2.0 integration (external authorization) | ✓ | ✘ | | ✓ | ✓ | ? | ✓ | | OAuth 2.0 integration (external authorization) | ✓ | ✘ | | ✓ | ✓ | ? | ✘ | ✓ |
| Act as OAuth 2.0 provider | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | | Act as OAuth 2.0 provider | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Two factor authentication (2FA) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | | Two factor authentication (2FA) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✓ |
| Integration with the most common services | ✓ | / | | ✓ | ✓ | | ✓ | | Integration with the most common services | ✓ | / | | ✓ | ✓ | | ✓ | ✓ |
| Incorporate external CI/CD | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | | Incorporate external CI/CD | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
[gitea-caddy-plugin]: https://github.com/42wim/caddy-gitea [gitea-caddy-plugin]: https://github.com/42wim/caddy-gitea
[gitea-pages-server]: https://codeberg.org/Codeberg/pages-server [gitea-pages-server]: https://codeberg.org/Codeberg/pages-server

@ -1,137 +0,0 @@
---
date: "2018-05-07T13:00:00+02:00"
title: "比較 Gitea 和其它自託管 Git 服務"
slug: "comparison"
sidebar_position: 5
toc: false
draft: false
aliases:
- /zh-tw/comparison
menu:
sidebar:
parent: "installation"
name: "比較"
sidebar_position: 5
identifier: "comparison"
---
# 比較 Gitea 和其它自託管 Git 服務
**目錄**
為了幫助您判斷 Gitea 是否適合您的需求,這裡列出了它和其它自託管 Git 服務的比較。
請注意我們不會經常檢查其它產品的功能異動,所以這份清單可能過期,如果您在下方表格中找到需要更新的資料,請在 [GitHub 的 Issue](https://github.com/go-gitea/gitea/issues) 回報。
表格中使用的符號:
- ✓ - 支援
- - 有限度的支援
- ✘ - 不支援
- _⚙ - 由第三方服務或外掛程式支援_
## 一般功能
| 功能 | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
| ------------------------ | -------------------------------------------------- | ---- | --------- | --------- | --------- | --------- | ------------ |
| 免費及開放原始碼 | ✓ | ✓ | ✘ | ✓ | ✘ | ✘ | ✓ |
| 低資源使用 (RAM/CPU) | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ | ✘ |
| 支援多種資料庫 | ✓ | ✓ | ✘ | | | ✓ | ✓ |
| 支援多種作業系統 | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ | ✓ |
| 簡單的升級程序 | ✓ | ✓ | ✘ | ✓ | ✓ | ✘ | ✓ |
| 支援 Markdown | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 支援 Orgmode | ✓ | ✘ | ✓ | ✘ | ✘ | ✘ | ? |
| 支援 CSV | ✓ | ✘ | ✓ | ✘ | ✘ | ✓ | ? |
| 支援第三方渲染工具 | ✓ | ✘ | ✘ | ✘ | ✘ | ✓ | ? |
| Git 驅動的靜態頁面 | [⚙️][gitea-pages-server], [⚙️][gitea-caddy-plugin] | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Git 驅動的整合 wiki | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 部署 Token | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 有寫入權限的儲存庫 Token | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✓ |
| 內建 Container Registry | [](https://github.com/go-gitea/gitea/issues/2316) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 對外部 Git 鏡像 | ✓ | ✓ | ✘ | ✘ | ✓ | ✓ | ✓ |
| FIDO (2FA) | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 內建 CI/CD | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 子群組: 群組中的群組 | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✓ |
## 程式碼管理
| 功能 | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
| ----------------------------------------- | ------------------------------------------------ | ---- | --------- | --------- | --------- | --------- | ------------ |
| 儲存庫主題描述 | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 儲存庫程式碼搜尋 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 全域程式碼搜尋 | ✓ | ✘ | ✓ | ✘ | ✓ | ✓ | ✓ |
| Git LFS 2.0 | ✓ | ✘ | ✓ | ✓ | ✓ | | ✓ |
| 群組里程碑 | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 精細的使用者權限(程式碼, 問題, Wiki 等) | ✓ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 驗證提交者 | | ✘ | ? | ✓ | ✓ | ✓ | ✘ |
| GPG 簽署提交 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 拒絕未經簽署的提交 | [](https://github.com/go-gitea/gitea/pull/9708) | ✘ | ✓ | ✓ | ✓ | ✘ | ✓ |
| 儲存庫動態頁 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 分支管理 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 建立新分支 | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 網頁程式碼編輯器 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 提交線圖 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 儲存庫範本 | [](https://github.com/go-gitea/gitea/pull/8768) | ✘ | ✓ | ✘ | ✓ | ✓ | ✘ |
## 問題追蹤器
| 功能 | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
| -------------------- | -------------------------------------------------- | --------------------------------------------- | --------- | ----------------------------------------------------------------------- | --------- | --------- | ------------ |
| 問題追蹤器 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 問題範本 | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 標籤 | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 時間追蹤 | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 指派問題給多個成員 | ✓ | ✘ | ✓ | ✘ | ✓ | ✘ | ✘ |
| 相關問題 | ✘ | ✘ | | [](https://docs.gitlab.com/ce/user/project/issues/related_issues.html) | ✓ | ✘ | ✘ |
| 機密問題 | [](https://github.com/go-gitea/gitea/issues/3217) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 對留言的反應 | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 鎖定對話 | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 批次處理問題 | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 問題看板(看板方法) | [](https://github.com/go-gitea/gitea/pull/8346) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 從問題建立新分支 | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 問題搜尋 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 全域問題搜尋 | [](https://github.com/go-gitea/gitea/issues/2434) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 問題相依 | ✓ | ✘ | ✘ | ✘ | ✘ | ✘ | ✘ |
| 從電子郵件建立問題 | [](https://github.com/go-gitea/gitea/issues/6226) | [](https://github.com/gogs/gogs/issues/2602) | ✘ | ✓ | ✓ | ✓ | ✘ |
| 服務台 | [](https://github.com/go-gitea/gitea/issues/6219) | ✘ | ✘ | [](https://gitlab.com/groups/gitlab-org/-/epics/3103) | ✓ | ✘ | ✘ |
## 拉取/合併請求
| 功能 | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
| -------------------------- | -------------------------------------------------- | ---- | --------- | --------------------------------------------------------------------------------- | --------- | ------------------------------------------------------------------------ | ------------ |
| 拉取/合併請求 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Squash 合併 | ✓ | ✘ | ✓ | [](https://docs.gitlab.com/ce/user/project/merge_requests/squash_and_merge.html) | ✓ | ✓ | ✓ |
| Rebase 合併 | ✓ | ✓ | ✓ | ✘ | | ✘ | ✓ |
| 拉取/合併請求的行內留言 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 拉取/合併請求的核可 | ✓ | ✘ | | ✓ | ✓ | ✓ | ✓ |
| 解決合併衝突 | [](https://github.com/go-gitea/gitea/issues/5158) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 限制某些使用者的推送及合併 | ✓ | ✘ | ✓ | | ✓ | ✓ | ✓ |
| 還原指定的提交或合併請求 | [](https://github.com/go-gitea/gitea/issues/5158) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 拉取/合併請求範本 | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| Cherry-picking 變更 | [](https://github.com/go-gitea/gitea/issues/5158) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
| 下載 Patch | ✓ | ✘ | ✓ | ✓ | ✓ | [/](https://jira.atlassian.com/plugins/servlet/mobile#issue/BCLOUD-8323) | ✘ |
## 第三方整合
| 功能 | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
| ------------------------- | ------------------------------------------------ | ---- | --------- | --------- | --------- | --------- | ------------ |
| 支援 Webhook | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 自訂 Git Hook | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 整合 AD / LDAP | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 支援多重 LDAP / AD 伺服器 | ✓ | ✓ | ✘ | ✘ | ✓ | ✓ | ✓ |
| 同步 LDAP 使用者 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
| SAML 2.0 service provider | [](https://github.com/go-gitea/gitea/issues/5512) | [](https://github.com/gogs/gogs/issues/1221) | ✓ | ✓ | ✓ | ✓ | ✘ |
| 支援 OpenId Connect | ✓ | ✘ | ✓ | ✓ | ✓ | ? | ✘ |
| 整合 OAuth 2.0 (外部驗證) | ✓ | ✘ | | ✓ | ✓ | ? | ✓ |
| 成為 OAuth 2.0 提供者 | [](https://github.com/go-gitea/gitea/pull/5378) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 兩步驟驗證 (2FA) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 整合 Mattermost/Slack | ✓ | ✓ | | ✓ | ✓ | | ✓ |
| 整合 Discord | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
| 整合 Microsoft Teams | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
| 顯示外部 CI/CD 狀態 | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
[gitea-caddy-plugin]: https://github.com/42wim/caddy-gitea
[gitea-pages-server]: https://codeberg.org/Codeberg/pages-server

@ -17,13 +17,15 @@ menu:
# Database Preparation # Database Preparation
You need a database to use Gitea. Gitea supports PostgreSQL (>=10), MySQL (>=5.7), SQLite, and MSSQL (>=2008R2 SP3). This page will guide into preparing database. Only PostgreSQL and MySQL will be covered here since those database engines are widely-used in production. If you plan to use SQLite, you can ignore this chapter. You need a database to use Gitea. Gitea supports PostgreSQL (>= 12), MySQL (>= 8.0), MariaDB, SQLite, and MSSQL (>= 2012 SP4). This page will guide into preparing database. Only PostgreSQL and MySQL will be covered here since those database engines are widely-used in production. If you plan to use SQLite, you can ignore this chapter.
If you use an unsupported database version, please [get in touch](/help/support) with us for information on our Extended Support Contracts. We can provide testing and support for older databases and integrate those fixes into the Gitea codebase.
Database instance can be on same machine as Gitea (local database setup), or on different machine (remote database). Database instance can be on same machine as Gitea (local database setup), or on different machine (remote database).
Note: All steps below requires that the database engine of your choice is installed on your system. For remote database setup, install the server application on database instance and client program on your Gitea server. The client program is used to test connection to the database from Gitea server, while Gitea itself use database driver provided by Go to accomplish the same thing. In addition, make sure you use same engine version for both server and client for some engine features to work. For security reason, protect `root` (MySQL) or `postgres` (PostgreSQL) database superuser with secure password. The steps assumes that you run Linux for both database and Gitea servers. Note: All steps below requires that the database engine of your choice is installed on your system. For remote database setup, install the server application on database instance and client program on your Gitea server. The client program is used to test connection to the database from Gitea server, while Gitea itself use database driver provided by Go to accomplish the same thing. In addition, make sure you use same engine version for both server and client for some engine features to work. For security reason, protect `root` (MySQL) or `postgres` (PostgreSQL) database superuser with secure password. The steps assumes that you run Linux for both database and Gitea servers.
## MySQL ## MySQL/MariaDB
1. For remote database setup, you will need to make MySQL listen to your IP address. Edit `bind-address` option on `/etc/mysql/my.cnf` on database instance to: 1. For remote database setup, you will need to make MySQL listen to your IP address. Edit `bind-address` option on `/etc/mysql/my.cnf` on database instance to:
@ -45,7 +47,7 @@ Note: All steps below requires that the database engine of your choice is instal
```sql ```sql
SET old_passwords=0; SET old_passwords=0;
CREATE USER 'gitea' IDENTIFIED BY 'gitea'; CREATE USER 'gitea'@'%' IDENTIFIED BY 'gitea';
``` ```
For remote database: For remote database:
@ -182,7 +184,7 @@ If the communication between Gitea and your database instance is performed throu
- On the database server certificate, one of `Subject Alternative Name` or `Common Name` entries must be the fully-qualified domain name (FQDN) of the database instance (e.g. `db.example.com`). On the database client certificate, one of the entries mentioned above must contain the database username that Gitea will be using to connect. - On the database server certificate, one of `Subject Alternative Name` or `Common Name` entries must be the fully-qualified domain name (FQDN) of the database instance (e.g. `db.example.com`). On the database client certificate, one of the entries mentioned above must contain the database username that Gitea will be using to connect.
- You need domain name mappings of both Gitea and database servers to their respective IP addresses. Either set up DNS records for them or add local mappings to `/etc/hosts` (`%WINDIR%\System32\drivers\etc\hosts` in Windows) on each system. This allows the database connections to be performed by domain name instead of IP address. See documentation of your system for details. - You need domain name mappings of both Gitea and database servers to their respective IP addresses. Either set up DNS records for them or add local mappings to `/etc/hosts` (`%WINDIR%\System32\drivers\etc\hosts` in Windows) on each system. This allows the database connections to be performed by domain name instead of IP address. See documentation of your system for details.
### PostgreSQL ### PostgreSQL TLS
The PostgreSQL driver used by Gitea supports two-way TLS. In two-way TLS, both database client and server authenticate each other by sending their respective certificates to their respective opposite for validation. In other words, the server verifies client certificate, and the client verifies server certificate. The PostgreSQL driver used by Gitea supports two-way TLS. In two-way TLS, both database client and server authenticate each other by sending their respective certificates to their respective opposite for validation. In other words, the server verifies client certificate, and the client verifies server certificate.
@ -250,7 +252,7 @@ The PostgreSQL driver used by Gitea supports two-way TLS. In two-way TLS, both d
You should be prompted to enter password for the database user, and then be connected to the database. You should be prompted to enter password for the database user, and then be connected to the database.
### MySQL ### MySQL/MariaDB TLS
While the MySQL driver used by Gitea also supports two-way TLS, Gitea currently supports only one-way TLS. See issue #10828 for details. While the MySQL driver used by Gitea also supports two-way TLS, Gitea currently supports only one-way TLS. See issue #10828 for details.

@ -17,13 +17,13 @@ menu:
# 数据库准备 # 数据库准备
在使用 Gitea 前您需要准备一个数据库。Gitea 支持 PostgreSQL>=10、MySQL>=5.7、SQLite 和 MSSQL>=2008R2 SP3)这几种数据库。本页将指导您准备数据库。由于 PostgreSQL 和 MySQL 在生产环境中被广泛使用,因此本文档将仅涵盖这两种数据库。如果您计划使用 SQLite则可以忽略本章内容。 在使用 Gitea 前您需要准备一个数据库。Gitea 支持 PostgreSQL>= 12、MySQL>= 8.0、SQLite 和 MSSQL>= 2012 SP4)这几种数据库。本页将指导您准备数据库。由于 PostgreSQL 和 MySQL 在生产环境中被广泛使用,因此本文档将仅涵盖这两种数据库。如果您计划使用 SQLite则可以忽略本章内容。
数据库实例可以与 Gitea 实例在相同机器上(本地数据库),也可以与 Gitea 实例在不同机器上(远程数据库)。 数据库实例可以与 Gitea 实例在相同机器上(本地数据库),也可以与 Gitea 实例在不同机器上(远程数据库)。
注意:以下所有步骤要求您的选择的数据库引擎已安装在您的系统上。对于远程数据库设置,请在数据库实例上安装服务器应用程序,在 Gitea 服务器上安装客户端程序。客户端程序用于测试 Gitea 服务器与数据库之间的连接,而 Gitea 本身使用 Go 提供的数据库驱动程序完成相同的任务。此外,请确保服务器和客户端使用相同的引擎版本,以使某些引擎功能正常工作。出于安全原因,请使用安全密码保护 `root`MySQL`postgres`PostgreSQL数据库超级用户。以下步骤假设您在数据库和 Gitea 服务器上都使用 Linux。 注意:以下所有步骤要求您的选择的数据库引擎已安装在您的系统上。对于远程数据库设置,请在数据库实例上安装服务器应用程序,在 Gitea 服务器上安装客户端程序。客户端程序用于测试 Gitea 服务器与数据库之间的连接,而 Gitea 本身使用 Go 提供的数据库驱动程序完成相同的任务。此外,请确保服务器和客户端使用相同的引擎版本,以使某些引擎功能正常工作。出于安全原因,请使用安全密码保护 `root`MySQL`postgres`PostgreSQL数据库超级用户。以下步骤假设您在数据库和 Gitea 服务器上都使用 Linux。
## MySQL ## MySQL/MariaDB
1. 对于远程数据库设置,您需要让 MySQL 监听您的 IP 地址。编辑数据库实例上的 `/etc/mysql/my.cnf` 文件中的 `bind-address` 选项为: 1. 对于远程数据库设置,您需要让 MySQL 监听您的 IP 地址。编辑数据库实例上的 `/etc/mysql/my.cnf` 文件中的 `bind-address` 选项为:
@ -182,7 +182,7 @@ menu:
- 在数据库服务器证书中,`Subject Alternative Name``Common Name` 条目之一必须是数据库实例的完全限定域名FQDN例如 `db.example.com`)。在数据库客户端证书中,上述提到的条目之一必须包含 Gitea 将用于连接的数据库用户名。 - 在数据库服务器证书中,`Subject Alternative Name``Common Name` 条目之一必须是数据库实例的完全限定域名FQDN例如 `db.example.com`)。在数据库客户端证书中,上述提到的条目之一必须包含 Gitea 将用于连接的数据库用户名。
- 您需要将 Gitea 和数据库服务器的域名映射到它们各自的 IP 地址。可以为它们设置 DNS 记录,也可以在每个系统上的 `/etc/hosts`Windows 中的 `%WINDIR%\System32\drivers\etc\hosts`)中添加本地映射。这样可以通过域名而不是 IP 地址进行数据库连接。有关详细信息,请参阅您系统的文档。 - 您需要将 Gitea 和数据库服务器的域名映射到它们各自的 IP 地址。可以为它们设置 DNS 记录,也可以在每个系统上的 `/etc/hosts`Windows 中的 `%WINDIR%\System32\drivers\etc\hosts`)中添加本地映射。这样可以通过域名而不是 IP 地址进行数据库连接。有关详细信息,请参阅您系统的文档。
### PostgreSQL ### PostgreSQL TLS
Gitea 使用的 PostgreSQL 驱动程序支持双向 TLS。在双向 TLS 中,数据库客户端和服务器通过将各自的证书发送给对方进行验证来相互认证。换句话说,服务器验证客户端证书,客户端验证服务器证书。 Gitea 使用的 PostgreSQL 驱动程序支持双向 TLS。在双向 TLS 中,数据库客户端和服务器通过将各自的证书发送给对方进行验证来相互认证。换句话说,服务器验证客户端证书,客户端验证服务器证书。
@ -250,7 +250,7 @@ Gitea 使用的 PostgreSQL 驱动程序支持双向 TLS。在双向 TLS 中,
您将被提示输入数据库用户的密码,然后连接到数据库。 您将被提示输入数据库用户的密码,然后连接到数据库。
### MySQL ### MySQL/MariaDB TLS
虽然 Gitea 使用的MySQL驱动程序也支持双向 TLS但目前 Gitea 仅支持单向 TLS。有关详细信息请参见工单10828。 虽然 Gitea 使用的MySQL驱动程序也支持双向 TLS但目前 Gitea 仅支持单向 TLS。有关详细信息请参见工单10828。

@ -1,47 +0,0 @@
---
date: "2017-08-23T09:00:00+02:00"
title: "Installation avec le binaire pré-compilé"
slug: "install-from-binary"
sidebar_position: 15
toc: false
draft: false
aliases:
- /fr-fr/install-from-binary
menu:
sidebar:
parent: "installation"
name: "Binaire pré-compilé"
sidebar_position: 15
identifier: "install-from-binary"
---
# Installation avec le binaire pré-compilé
Tous les binaires sont livrés avec le support de SQLite, MySQL et PostgreSQL, et sont construits avec les ressources incorporées. Gardez à l'esprit que cela peut être différent pour les versions antérieures. L'installation basée sur nos binaires est assez simple, il suffit de choisir le fichier correspondant à votre plateforme à partir de la [page de téléchargement](https://dl.gitea.com/gitea). Copiez l'URL et remplacer l'URL dans les commandes suivantes par la nouvelle:
```
wget -O gitea https://dl.gitea.com/gitea/@version@/gitea-@version@-linux-amd64
chmod +x gitea
```
## Test
Après avoir suivi les étapes ci-dessus, vous aurez un binaire `gitea` dans votre répertoire de travail. En premier lieu, vous pouvez tester si le binaire fonctionne comme prévu et ensuite vous pouvez le copier vers la destination où vous souhaitez le stocker. Lorsque vous lancez Gitea manuellement à partir de votre CLI, vous pouvez toujours le tuer en appuyant sur `Ctrl + C`.
```
./gitea web
```
## Dépannage
### Anciennes version de glibc
Les anciennes distributions Linux (comme Debian 7 ou CentOS 6) peuvent ne pas être capable d'exécuter le binaire Gitea, résultant généralement une erreur du type ```./gitea: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.14' not found (required by ./gitea)```. Cette erreur est due au driver SQLite que nous intégrons dans le binaire Gitea. Dans le futur, nous fournirons des binaires sans la dépendance pour la bibliothèque glibc. En attendant, vous pouvez mettre à jour votre distribution ou installer Gitea depuis le [code source](installation/from-source.md).
### Exécuter Gitea avec un autre port
Si vous obtenez l'erreur `702 runWeb()] [E] Failed to start server: listen tcp 0.0.0.0:3000: bind: address already in use`, Gitea à besoin d'utiliser un autre port. Vous pouvez changer le port par défaut en utilisant `./gitea web -p $PORT`.
## Il manque quelque chose ?
Est-ce que nous avons oublié quelque chose sur cette page ? N'hésitez pas à nous contacter sur notre [serveur Discord](https://discord.gg/Gitea), vous obtiendrez des réponses à toute vos questions assez rapidement.

@ -1,37 +0,0 @@
---
date: "2016-12-01T16:00:00+02:00"
title: "執行檔安裝"
slug: "install-from-binary"
sidebar_position: 15
toc: false
draft: false
aliases:
- /zh-tw/install-from-binary
menu:
sidebar:
parent: "installation"
name: "執行檔"
sidebar_position: 15
identifier: "install-from-binary"
---
# 從執行檔安裝
所有的執行檔皆支援 SQLite, MySQL and PostgreSQL且所有檔案都已經包在執行檔內這一點跟之前的版本有所不同。關於執行檔的安裝方式非常簡單只要從[下載頁面](https://dl.gitea.com/gitea)選擇相對應平台,複製下載連結,使用底下指令就可以完成了:
```
wget -O gitea https://dl.gitea.com/gitea/@version@/gitea-@version@-linux-amd64
chmod +x gitea
```
## 測試
執行完上述步驟,您將會得到 `gita` 執行檔,在複製到遠端伺服器前,您可以先測試看看,在命令列執行完成後,可以透過 `Ctrl + C` 關閉程式。
```
./gitea web
```
## 需要協助?
如果本頁中無法解決您的問題,請直接到 [Discord server](https://discord.gg/Gitea),在那邊可以快速得到協助。

@ -15,22 +15,23 @@ menu:
identifier: "install-from-package" identifier: "install-from-package"
--- ---
# Official packages # Installation from Package
## macOS ## Official packages
### macOS
Currently, the only supported method of installation on MacOS is [Homebrew](http://brew.sh/). Currently, the only supported method of installation on MacOS is [Homebrew](http://brew.sh/).
Following the [deployment from binary](installation/from-binary.md) guide may work, Following the [deployment from binary](installation/from-binary.md) guide may work,
but is not supported. To install Gitea via `brew`: but is not supported. To install Gitea via `brew`:
``` ```
brew tap gitea/tap https://gitea.com/gitea/homebrew-gitea
brew install gitea brew install gitea
``` ```
# Unofficial packages ## Unofficial packages
## Alpine Linux ### Alpine Linux
Alpine Linux has [Gitea](https://pkgs.alpinelinux.org/packages?name=gitea&branch=edge) in its community repository which follows the latest stable version. Alpine Linux has [Gitea](https://pkgs.alpinelinux.org/packages?name=gitea&branch=edge) in its community repository which follows the latest stable version.
@ -38,7 +39,7 @@ Alpine Linux has [Gitea](https://pkgs.alpinelinux.org/packages?name=gitea&branch
apk add gitea apk add gitea
``` ```
## Arch Linux ### Arch Linux
The rolling release distribution has [Gitea](https://www.archlinux.org/packages/extra/x86_64/gitea/) in their official extra repository and package updates are provided with new Gitea releases. The rolling release distribution has [Gitea](https://www.archlinux.org/packages/extra/x86_64/gitea/) in their official extra repository and package updates are provided with new Gitea releases.
@ -46,7 +47,7 @@ The rolling release distribution has [Gitea](https://www.archlinux.org/packages/
pacman -S gitea pacman -S gitea
``` ```
## Arch Linux ARM ### Arch Linux ARM
Arch Linux ARM provides packages for [aarch64](https://archlinuxarm.org/packages/aarch64/gitea), [armv7h](https://archlinuxarm.org/packages/armv7h/gitea) and [armv6h](https://archlinuxarm.org/packages/armv6h/gitea). Arch Linux ARM provides packages for [aarch64](https://archlinuxarm.org/packages/aarch64/gitea), [armv7h](https://archlinuxarm.org/packages/armv7h/gitea) and [armv6h](https://archlinuxarm.org/packages/armv6h/gitea).
@ -54,7 +55,7 @@ Arch Linux ARM provides packages for [aarch64](https://archlinuxarm.org/packages
pacman -S gitea pacman -S gitea
``` ```
## Gentoo Linux ### Gentoo Linux
The rolling release distribution has [Gitea](https://packages.gentoo.org/packages/www-apps/gitea) in their official community repository and package updates are provided with new Gitea releases. The rolling release distribution has [Gitea](https://packages.gentoo.org/packages/www-apps/gitea) in their official community repository and package updates are provided with new Gitea releases.
@ -62,20 +63,21 @@ The rolling release distribution has [Gitea](https://packages.gentoo.org/package
emerge gitea -va emerge gitea -va
``` ```
## Canonical Snap ### Canonical Snap
There is a [Gitea Snap](https://snapcraft.io/gitea) package which follows the latest stable version. There is a [Gitea Snap](https://snapcraft.io/gitea) package which follows the latest stable version.
*Note: The Gitea snap package is [strictly confined](https://snapcraft.io/docs/snap-confinement). Strictly confined snaps run in complete isolation, so some of the Gitea functionals may not work with the confinement*
```sh ```sh
snap install gitea snap install gitea
``` ```
## SUSE and openSUSE ### SUSE and openSUSE
OpenSUSE build service provides packages for [openSUSE and SLE](https://software.opensuse.org/download/package?package=gitea&project=devel%3Atools%3Ascm) OpenSUSE build service provides packages for [openSUSE and SLE](https://software.opensuse.org/download/package?package=gitea&project=devel%3Atools%3Ascm)
in the Development Software Configuration Management Repository in the Development Software Configuration Management Repository
## Windows ### Windows
There is a [Gitea](https://chocolatey.org/packages/gitea) package for Windows by [Chocolatey](https://chocolatey.org/). There is a [Gitea](https://chocolatey.org/packages/gitea) package for Windows by [Chocolatey](https://chocolatey.org/).
@ -85,7 +87,7 @@ choco install gitea
Or follow the [deployment from binary](installation/from-binary.md) guide. Or follow the [deployment from binary](installation/from-binary.md) guide.
## FreeBSD ### FreeBSD
A FreeBSD port `www/gitea` is available. To install the pre-built binary package: A FreeBSD port `www/gitea` is available. To install the pre-built binary package:
@ -108,7 +110,7 @@ is in `/usr/local/etc/rc.d/gitea`.
To enable Gitea to run as a service, run `sysrc gitea_enable=YES` and start it with `service gitea start`. To enable Gitea to run as a service, run `sysrc gitea_enable=YES` and start it with `service gitea start`.
## Others ### Others
Various other third-party packages of Gitea exist. Various other third-party packages of Gitea exist.
To see a curated list, head over to [awesome-gitea](https://gitea.com/gitea/awesome-gitea/src/branch/master/README.md#user-content-packages). To see a curated list, head over to [awesome-gitea](https://gitea.com/gitea/awesome-gitea/src/branch/master/README.md#user-content-packages).

@ -1,59 +0,0 @@
---
date: "2016-12-01T16:00:00+02:00"
title: "Installation depuis le gestionnaire de paquets"
slug: "install-from-package"
sidebar_position: 20
toc: false
draft: false
aliases:
- /fr-fr/install-from-package
menu:
sidebar:
parent: "installation"
name: "Gestionnaire de paquets"
sidebar_position: 20
identifier: "install-from-package"
---
# Installation depuis le gestionnaire de paquets
## Linux
Nous n'avons pas encore publié de paquet pour Linux, nous allons mettre à jour cette page directement lorsque nous commencerons à publier des paquets pour toutes distributions Linux. En attendant, vous devriez suivre les [instructions d'installation](installation/from-binary.md) avec le binaire pré-compilé.
## Windows
Nous n'avons pas encore publié de paquet pour Windows, nous allons mettre à jour cette page directement lorsque nous commencerons à publier des paquets sous la forme de fichiers `MSI` ou via [Chocolatey](https://chocolatey.org/). En attendant, vous devriez suivre les [instructions d'installation](installation/from-binary.md) avec le binaire pré-compilé.
## macOS
Actuellement, nous ne supportons que l'installation via `brew` pour macOS. Si vous n'utilisez pas [Homebrew](http://brew.sh/), vous pouvez suivre les [instructions d'installation](installation/from-binary.md) avec le binaire pré-compilé. Pour installer Gitea depuis `brew`, utilisez les commandes suivantes :
```
brew tap go-gitea/gitea
brew install gitea
```
## FreeBSD
Le portage FreeBSD `www/gitea` est disponible. Vous pouvez également installer le paquet pré-compilé avec la commande suivante:
```
pkg install gitea
```
Pour une version plus récente, ou pour les instructions de compilations, veuillez consulter la documentation officielle de FreeBSD : [install it from the port](https://www.freebsd.org/doc/handbook/ports-using.html)
```
su -
cd /usr/ports/www/gitea
make install clean
```
Le port utilise la schéma standard du système de fichiers FreeBSD : Les fichiers de configuration sont localisés dans le répertoire `/usr/local/etc/gitea`, les modèles, options, plugins et thèmes sont localisés dans le répertoire `/usr/local/share/gitea`, et le script de démarrage se situe dans `/usr/local/etc/rc.d/gitea`.
Pour exécuter Gitea en tant que service, utilisez la commande `sysrc gitea_enable=YES` et la commande `service gitea start` pour démarrer le service.
## Il manque quelque chose ?
Est-ce que nous avons oublié quelque chose sur cette page ? N'hésitez pas à nous contacter sur notre [serveur Discord](https://discord.gg/Gitea), vous obtiendrez des réponses à toute vos questions assez rapidement.

@ -22,7 +22,6 @@ menu:
macOS 平台下当前我们仅支持通过 `brew` 来安装。如果你没有安装 [Homebrew](http://brew.sh/),你也可以查看 [从二进制安装](installation/from-binary.md)。在你安装了 `brew` 之后, 你可以执行以下命令: macOS 平台下当前我们仅支持通过 `brew` 来安装。如果你没有安装 [Homebrew](http://brew.sh/),你也可以查看 [从二进制安装](installation/from-binary.md)。在你安装了 `brew` 之后, 你可以执行以下命令:
``` ```
brew tap gitea/tap https://gitea.com/gitea/homebrew-gitea
brew install gitea brew install gitea
``` ```

@ -1,61 +0,0 @@
---
date: "2016-12-01T16:00:00+02:00"
title: "套件安裝"
slug: "install-from-package"
sidebar_position: 20
toc: false
draft: false
aliases:
- /zh-tw/install-from-package
menu:
sidebar:
parent: "installation"
name: "套件安裝"
sidebar_position: 20
identifier: "install-from-package"
---
# 從套件安裝
## Linux
目前尚未發佈任何 Linux 套件,如果我們發佈了,會直接更新此網頁。在這之前請先參考[執行檔安裝](installation/from-binary.md)方式。
## Windows
在 Windows 作業系統你可以透過 [Chocolatey](https://chocolatey.org/) 套件管理器安裝 [Gitea](https://chocolatey.org/packages/gitea) 套件:
```sh
choco install gitea
```
也可以參考[執行檔安裝](installation/from-binary.md)方式。
## macOS
目前我們只支援透過 `brew` 來安裝套件。假如您尚未使用 [Homebrew](http://brew.sh/),您就必須參考[執行檔安裝](installation/from-binary.md)方式。透過 `brew` 安裝 Gitea您只需要執行底下指令:
```
brew tap go-gitea/gitea
brew install gitea
```
## FreeBSD
下載 FreeBSD port `www/gitea` 套件。你可以安裝 pre-built 執行檔:
```
pkg install gitea
```
對於最新版本或想要自行編譯特定選項,請使用 [port 安裝](https://www.freebsd.org/doc/handbook/ports-using.html):
```
su -
cd /usr/ports/www/gitea
make install clean
```
## 需要協助?
如果本頁中無法解決您的問題,請直接到 [Discord server](https://discord.gg/Gitea),在那邊可以快速得到協助。

@ -128,8 +128,6 @@ If pre-built frontend files are present it is possible to only build the backend
TAGS="bindata" make backend TAGS="bindata" make backend
``` ```
Webpack source maps are by default enabled in development builds and disabled in production builds. They can be enabled by setting the `ENABLE_SOURCEMAP=true` environment variable.
## Test ## Test
After following the steps above, a `gitea` binary will be available in the working directory. After following the steps above, a `gitea` binary will be available in the working directory.
@ -260,3 +258,11 @@ GOARCH=amd64 \
TAGS="bindata sqlite sqlite_unlock_notify" \ TAGS="bindata sqlite sqlite_unlock_notify" \
make build make build
``` ```
## Source Maps
By default, gitea generates reduced source maps for frontend files to conserve space. This can be controlled with the `ENABLE_SOURCEMAP` environment variable:
- `ENABLE_SOURCEMAP=true` generates all source maps, the default for development builds
- `ENABLE_SOURCEMAP=reduced` generates limited source maps, the default for production builds
- `ENABLE_SOURCEMAP=false` generates no source maps

@ -1,80 +0,0 @@
---
date: "2017-08-23T09:00:00+02:00"
title: "Installation depuis le code source"
slug: "install-from-source"
sidebar_position: 30
toc: false
draft: false
aliases:
- /fr-fr/install-from-source
menu:
sidebar:
parent: "installation"
name: "Code source"
sidebar_position: 30
identifier: "install-from-source"
---
# Installation depuis le code source
Nous ne couvrirons pas les bases de la configuration de Golang dans ce guide. Si vous ne savez pas comment démarrer un environnement fonctionnel, vous devrez suivre les [instructions d'installation](https://golang.org/doc/install) officielles.
**Attention**: La version 1.7 ou suppérieur de Go est nécessaire
## Téléchargement
Tout d'abord, vous devez récupérer le code source, la manière la plus simple est d'utiliser directement Go. Il suffit d'appeler les commandes suivantes pour récupérer le code source et passer au répertoire de travail.
```
go get -d -u code.gitea.io/gitea
cd $GOPATH/src/code.gitea.io/gitea
```
Maintenant, il est temps de décider quelle version de Gitea vous souhaitez compiler et installer. Actuellement, ils existent plusieurs options possibles. Si vous voulez compiler notre branche `master`, vous pouvez directement passer à la [section compilation](#compilation), cette branche représente la dernière version en cours de développement et n'a pas vocation à être utiliser en production.
Si vous souhaitez compiler la dernière version stable, utilisez les étiquettes ou les différentes branches disponibles. Vous pouvez voir les branches disponibles et comment utiliser cette branche avec ces commandes:
```
git branch -a
git checkout v@version@
```
Si vous souhaitez valider une demande d'ajout (_Pull request_), vous devez activer cette branche en premier :
```
git fetch origin pull/xyz/head:pr-xyz # xyz is PR value
```
Enfin, vous pouvez directement utiliser les versions étiquettées (ex : `v@version@`). Pour utiliser les étiquettes, vous devez lister les étiquettes disponibles et choisir une étiquette spécifique avec les commandes suivantes :
```
git tag -l
git checkout v@version@
git checkout pr-xyz
```
## Compilation
Comme nous regroupons déjà toutes les bibliothèques requises pour compiler Gitea, vous pouvez continuer avec le processus de compilation lui-même. Nous fournissons diverses [tâches Make](https://github.com/go-gitea/gitea/blob/main/Makefile) pour rendre le processus de construction aussi simple que possible. [Voyez ici comment obtenir Make](/fr-fr/hacking-on-gitea/). Selon vos besoins, vous pourrez éventuellement ajouter diverses options de compilation, vous pouvez choisir entre ces options :
* `bindata`: Intègre toutes les ressources nécessaires à l'exécution d'une instance de Gitea, ce qui rend un déploiement facile car il n'est pas nécessaire de se préoccuper des fichiers supplémentaires.
* `sqlite sqlite_unlock_notify`: Active la prise en charge d'une base de données [SQLite3](https://sqlite.org/), ceci n'est recommandé que pour les petites installations de Gitea.
* `pam`: Active la prise en charge de PAM (mLinux Pluggable Authentication Modules), très utile si vos utilisateurs doivent être authentifiés avec les comptes du système.
Il est temps de compiler le binaire, nous suggérons d'intégrer les ressources avec l'option de compilation `bindata`:
```
TAGS="bindata" make build
```
## Test
Après avoir suivi toutes les étapes, vous devriez avoir le binaire `gitea` dans votre répertoire courant. Dans un premier temps, vous pouvez tester qu'il fonctionne puis, dans un second temps, vous pouvez le copier dans la destination de votre choix. Lorsque vous lancez Gitea manuellement à partir de votre CLI, vous pouvez toujours le tuer en appuyant sur `Ctrl + C`.
```
./gitea web
```
## Il manque quelque chose ?
Est-ce que nous avons oublié quelque chose sur cette page ? N'hésitez pas à nous contacter sur notre [serveur Discord](https://discord.gg/Gitea), vous obtiendrez des réponses à toute vos questions assez rapidement.

@ -100,8 +100,6 @@ TAGS="bindata sqlite sqlite_unlock_notify" make build
TAGS="bindata" make backend TAGS="bindata" make backend
``` ```
在开发构建中,默认启用 Webpack 源映射,在生产构建中禁用。可以通过设置`ENABLE_SOURCEMAP=true`环境变量来启用它们。
## 测试 ## 测试
按照上述步骤完成后,工作目录中将会有一个`gitea`二进制文件。可以从该目录进行测试,或将其移动到带有测试数据的目录中。当手动从命令行启动 Gitea 时,可以通过按下`Ctrl + C`来停止程序。 按照上述步骤完成后,工作目录中将会有一个`gitea`二进制文件。可以从该目录进行测试,或将其移动到带有测试数据的目录中。当手动从命令行启动 Gitea 时,可以通过按下`Ctrl + C`来停止程序。
@ -221,3 +219,11 @@ GOARCH=amd64 \
TAGS="bindata sqlite sqlite_unlock_notify" \ TAGS="bindata sqlite sqlite_unlock_notify" \
make build make build
``` ```
## Source Map
默认情况下gitea 会为前端文件生成精简的 Source Map 以节省空间。 这可以通过“ENABLE_SOURCEMAP”环境变量进行控制
- `ENABLE_SOURCEMAP=true` 生成所有Source Map这是开发版本的默认设置
- `ENABLE_SOURCEMAP=reduced` 生成有限的Source Map这是生产版本的默认设置
- `ENABLE_SOURCEMAP=false` 不生成Source Map

@ -1,73 +0,0 @@
---
date: "2016-12-01T16:00:00+02:00"
title: "原始碼安裝"
slug: "install-from-source"
sidebar_position: 30
toc: false
draft: false
aliases:
- /zh-tw/install-from-source
menu:
sidebar:
parent: "installation"
name: "原始碼安裝"
sidebar_position: 30
identifier: "install-from-source"
---
# 從原始碼安裝
我們不會在本文教大家如何安裝 Golang 環境。假如您不知道如何設定環境,請直接參考[官方安裝文件](https://golang.org/doc/install)。
## 下載
首先您必須先下載原始碼,最簡單的方式就是透過 Go 指令下載,請透過底下指令下載原始碼並且切換到工作目錄。
```
go get -d -u code.gitea.io/gitea
cd $GOPATH/src/code.gitea.io/gitea
```
現在該決定您要編譯或安裝的 Gitea 版本,您有很多可以選擇。如果您想編譯 `master` 版本,你可以直接跳到[編譯章節](#編譯),這是我們開發分支,雖然很穩定,但是不建議用在正式環境。
假如您想要編譯最新穩定版本,可以執行底下命令切換到正確版本:
```
git branch -a
git checkout v@version@
```
最後您也可以直接編譯最新的標籤版本像是 `v@version@`,假如您想要從原始碼編譯,這方法是最合適的,在編譯標籤版本前,您需要列出當下所有標籤,並且直接切換到標籤版本,請使用底下指令::
```
git tag -l
git checkout v@version@
```
## 編譯
完成設定相依性套件環境等工作後,您就可以開始編譯工作了。我們提供了不同的[編譯選項](https://github.com/go-gitea/gitea/blob/main/Makefile) ,讓編譯過程更加簡單。您可以根據需求來調整編譯選項,底下是可用的編譯選項說明:
* `bindata`: 使用此標籤來嵌入所有 Gitea 相關資源,您不用擔心其他額外檔案,對於部署來說非常方便。
* `sqlite sqlite_unlock_notify`: 使用此標籤來啟用 [SQLite3](https://sqlite.org/) 資料庫,建議只有少數人時才使用此模式。
* `pam`: 使用此標籤來啟用 PAM (Linux Pluggable Authentication Modules) 認證,對於系統使用者來說,此方式最方便了。
現在您可以開始編譯執行檔了,我們建議使用 `bindata` 編譯選項:
```
TAGS="bindata" make build
```
**注意**: 因為使用了套件管理工具,我們建議 Go 環境版本為 1.6 或者是更高,這樣不用在 Go 1.5 版本設定全域變數 `GO15VENDOREXPERIMENT`
## 測試
完成上述步驟後,您可以在當下目錄發現 `gitea` 執行檔,在複製執行檔到遠端環境之前,您必須透過底下指令執行測試,使用 `Ctrl + C` 則可以關閉當下 gitea 程序。
```
./gitea web
```
## 需要協助?
如果本頁中無法解決您的問題,請直接到 [Discord server](https://discord.gg/Gitea),在那邊可以快速得到協助。

@ -1,72 +0,0 @@
---
date: "2020-03-19T19:27:00+02:00"
title: "在 Kubernetes 安裝"
slug: "install-on-kubernetes"
sidebar_position: 80
toc: false
draft: false
aliases:
- /zh-tw/install-on-kubernetes
menu:
sidebar:
parent: "installation"
name: "Kubernetes"
sidebar_position: 80
identifier: "install-on-kubernetes"
---
# 使用 Helm 安裝 (在 Kubernetes)
Gitea 提供 Helm Chart 用來安裝於 kubernetes。
非自訂安裝可使用下列指令:
```
helm repo add gitea-charts https://dl.gitea.com/charts/
helm install gitea gitea-charts/gitea
```
若您想自訂安裝(包括使用 kubernetes ingress請前往完整的 [Gitea helm chart configuration details](https://gitea.com/gitea/helm-chart/)
## 運行狀況檢查終端節點
Gitea 附帶了一個運行狀況檢查端點 `/api/healthz`,你可以像這樣在 kubernetes 中配置它:
```yaml
livenessProbe:
httpGet:
path: /api/healthz
port: http
initialDelaySeconds: 200
timeoutSeconds: 5
periodSeconds: 10
successThreshold: 1
failureThreshold: 10
```
成功的運行狀況檢查回應將使用 HTTP 代碼 `200` 進行回應,下面是示例:
```
HTTP/1.1 200 OK
{
"status": "pass",
"description": "Gitea: Git with a cup of tea",
"checks": {
"cache:ping": [
{
"status": "pass",
"time": "2022-02-19T09:16:08Z"
}
],
"database:ping": [
{
"status": "pass",
"time": "2022-02-19T09:16:08Z"
}
]
}
}
```
有關更多信息請參考kubernetes文檔[定義一個存活態 HTTP請求接口]https://kubernetes.io/zh/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/

@ -1,6 +1,6 @@
--- ---
date: "2017-07-21T12:00:00+02:00" date: "2017-07-21T12:00:00+02:00"
title: "Run as service in Linux" title: "Run as a Linux service"
slug: "linux-service" slug: "linux-service"
sidebar_position: 40 sidebar_position: 40
toc: false toc: false
@ -15,11 +15,11 @@ menu:
identifier: "linux-service" identifier: "linux-service"
--- ---
### Run Gitea as Linux service # Run as a Linux service
You can run Gitea as service, using either systemd or supervisor. The steps below tested on Ubuntu 16.04, but those should work on any Linux distributions (with little modification). You can run Gitea as a Linux service, using either systemd or supervisor. The steps below tested on Ubuntu 16.04, but those should work on any Linux distributions (with little modification).
#### Using systemd ## Using systemd
Copy the sample [gitea.service](https://github.com/go-gitea/gitea/blob/main/contrib/systemd/gitea.service) to `/etc/systemd/system/gitea.service`, then edit the file with your favorite editor. Copy the sample [gitea.service](https://github.com/go-gitea/gitea/blob/main/contrib/systemd/gitea.service) to `/etc/systemd/system/gitea.service`, then edit the file with your favorite editor.
@ -41,7 +41,7 @@ If you have systemd version 220 or later, you can enable and immediately start G
sudo systemctl enable gitea --now sudo systemctl enable gitea --now
``` ```
#### Using supervisor ## Using supervisor
Install supervisor by running below command in terminal: Install supervisor by running below command in terminal:

Some files were not shown because too many files have changed in this diff Show More