2014-04-10 23:50:58 +05:30
// Copyright 2014 The Gogs Authors. All rights reserved.
2017-05-29 12:47:15 +05:30
// Copyright 2017 The Gitea Authors. All rights reserved.
2014-04-10 23:50:58 +05:30
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
2014-05-26 05:41:25 +05:30
package setting
2014-04-10 23:50:58 +05:30
import (
2016-12-26 06:46:37 +05:30
"encoding/base64"
2019-04-02 13:18:31 +05:30
"fmt"
2020-04-23 04:17:23 +05:30
"math"
2017-10-02 19:25:09 +05:30
"net"
2014-09-14 23:05:22 +05:30
"net/url"
2014-04-10 23:50:58 +05:30
"os"
"os/exec"
"path"
"path/filepath"
2019-04-29 01:18:46 +05:30
"runtime"
2016-08-12 03:16:33 +05:30
"strconv"
2014-04-10 23:50:58 +05:30
"strings"
2021-06-15 06:45:12 +05:30
"text/template"
2014-07-25 02:01:59 +05:30
"time"
2014-04-10 23:50:58 +05:30
2022-10-12 10:48:26 +05:30
"code.gitea.io/gitea/modules/container"
2022-10-28 15:28:32 +05:30
"code.gitea.io/gitea/modules/generate"
2021-07-24 21:33:58 +05:30
"code.gitea.io/gitea/modules/json"
2016-12-22 23:42:23 +05:30
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/user"
2020-11-28 08:12:08 +05:30
"code.gitea.io/gitea/modules/util"
2017-01-24 04:14:23 +05:30
2020-10-11 06:08:09 +05:30
gossh "golang.org/x/crypto/ssh"
2019-01-09 22:52:57 +05:30
ini "gopkg.in/ini.v1"
2014-04-10 23:50:58 +05:30
)
2016-11-27 15:44:25 +05:30
// Scheme describes protocol types
2014-05-26 05:41:25 +05:30
type Scheme string
2014-04-14 03:42:07 +05:30
2016-11-27 15:44:25 +05:30
// enumerates all the scheme types
2014-05-26 05:41:25 +05:30
const (
2021-12-06 10:16:11 +05:30
HTTP Scheme = "http"
HTTPS Scheme = "https"
FCGI Scheme = "fcgi"
FCGIUnix Scheme = "fcgi+unix"
HTTPUnix Scheme = "http+unix"
2014-05-26 05:41:25 +05:30
)
2014-04-10 23:50:58 +05:30
2016-11-27 15:44:25 +05:30
// LandingPage describes the default page
2014-11-25 05:17:59 +05:30
type LandingPage string
2016-11-27 15:44:25 +05:30
// enumerates all the landing page types
2014-11-25 05:17:59 +05:30
const (
2017-11-20 13:18:09 +05:30
LandingPageHome LandingPage = "/"
LandingPageExplore LandingPage = "/explore"
LandingPageOrganizations LandingPage = "/explore/organizations"
2020-01-06 22:20:44 +05:30
LandingPageLogin LandingPage = "/user/login"
2014-11-25 05:17:59 +05:30
)
2018-07-05 09:43:05 +05:30
// enumerates all the types of captchas
const (
ImageCaptcha = "image"
ReCaptcha = "recaptcha"
2020-10-03 09:07:53 +05:30
HCaptcha = "hcaptcha"
2022-08-10 18:50:10 +05:30
MCaptcha = "mcaptcha"
2018-07-05 09:43:05 +05:30
)
2016-11-27 15:44:25 +05:30
// settings
2014-04-10 23:50:58 +05:30
var (
2021-02-20 03:06:43 +05:30
// AppVer is the version of the current build of Gitea. It is set in main.go from main.Version.
AppVer string
// AppBuiltWith represents a human readable version go runtime build version and build tags. (See main.go formatBuiltWith().)
AppBuiltWith string
// AppStartTime store time gitea has started
AppStartTime time . Time
// AppName is the Application name, used in the page title.
// It maps to ini:"APP_NAME"
AppName string
// AppURL is the Application ROOT_URL. It always has a '/' suffix
// It maps to ini:"ROOT_URL"
AppURL string
// AppSubURL represents the sub-url mounting point for gitea. It is either "" or starts with '/' and ends without '/', such as '/{subpath}'.
// This value is empty if site does not have sub-url.
AppSubURL string
// AppPath represents the path to the gitea binary
AppPath string
// AppWorkPath is the "working directory" of Gitea. It maps to the environment variable GITEA_WORK_DIR.
// If that is not set it is the default set here by the linker or failing that the directory of AppPath.
//
// AppWorkPath is used as the base path for several other paths.
AppWorkPath string
// AppDataPath is the default path for storing data.
// It maps to ini:"APP_DATA_PATH" and defaults to AppWorkPath + "/data"
AppDataPath string
2022-03-22 22:29:57 +05:30
// LocalURL is the url for locally running applications to contact Gitea. It always has a '/' suffix
// It maps to ini:"LOCAL_ROOT_URL"
LocalURL string
2022-08-23 18:28:04 +05:30
// AssetVersion holds a opaque value that is used for cache-busting assets
AssetVersion string
2014-05-26 05:41:25 +05:30
2015-12-18 09:01:34 +05:30
// Server settings
2022-08-21 23:50:43 +05:30
Protocol Scheme
UseProxyProtocol bool // `ini:"USE_PROXY_PROTOCOL"`
ProxyProtocolTLSBridging bool //`ini:"PROXY_PROTOCOL_TLS_BRIDGING"`
ProxyProtocolHeaderTimeout time . Duration
ProxyProtocolAcceptUnknown bool
Domain string
HTTPAddr string
HTTPPort string
LocalUseProxyProtocol bool
RedirectOtherPort bool
RedirectorUseProxyProtocol bool
PortToRedirect string
OfflineMode bool
CertFile string
KeyFile string
StaticRootPath string
StaticCacheTime time . Duration
EnableGzip bool
LandingPageURL LandingPage
LandingPageCustom string
UnixSocketPermission uint32
EnablePprof bool
PprofDataPath string
EnableAcme bool
AcmeTOS bool
AcmeLiveDirectory string
AcmeEmail string
AcmeURL string
AcmeCARoot string
SSLMinimumVersion string
SSLMaximumVersion string
SSLCurvePreferences [ ] string
SSLCipherSuites [ ] string
GracefulRestartable bool
GracefulHammerTime time . Duration
StartupTimeout time . Duration
PerWriteTimeout = 30 * time . Second
PerWritePerKbTimeout = 10 * time . Second
StaticURLPrefix string
AbsoluteAssetURL string
2014-05-26 05:41:25 +05:30
2016-12-29 16:21:15 +05:30
SSH = struct {
2021-06-15 06:45:12 +05:30
Disabled bool ` ini:"DISABLE_SSH" `
StartBuiltinServer bool ` ini:"START_SSH_SERVER" `
BuiltinServerUser string ` ini:"BUILTIN_SSH_SERVER_USER" `
2022-08-21 23:50:43 +05:30
UseProxyProtocol bool ` ini:"SSH_SERVER_USE_PROXY_PROTOCOL" `
2021-06-15 06:45:12 +05:30
Domain string ` ini:"SSH_DOMAIN" `
Port int ` ini:"SSH_PORT" `
2022-02-08 03:26:45 +05:30
User string ` ini:"SSH_USER" `
2021-06-15 06:45:12 +05:30
ListenHost string ` ini:"SSH_LISTEN_HOST" `
ListenPort int ` ini:"SSH_LISTEN_PORT" `
RootPath string ` ini:"SSH_ROOT_PATH" `
ServerCiphers [ ] string ` ini:"SSH_SERVER_CIPHERS" `
ServerKeyExchanges [ ] string ` ini:"SSH_SERVER_KEY_EXCHANGES" `
ServerMACs [ ] string ` ini:"SSH_SERVER_MACS" `
ServerHostKeys [ ] string ` ini:"SSH_SERVER_HOST_KEYS" `
KeyTestPath string ` ini:"SSH_KEY_TEST_PATH" `
KeygenPath string ` ini:"SSH_KEYGEN_PATH" `
AuthorizedKeysBackup bool ` ini:"SSH_AUTHORIZED_KEYS_BACKUP" `
AuthorizedPrincipalsBackup bool ` ini:"SSH_AUTHORIZED_PRINCIPALS_BACKUP" `
AuthorizedKeysCommandTemplate string ` ini:"SSH_AUTHORIZED_KEYS_COMMAND_TEMPLATE" `
AuthorizedKeysCommandTemplateTemplate * template . Template ` ini:"-" `
MinimumKeySizeCheck bool ` ini:"-" `
MinimumKeySizes map [ string ] int ` ini:"-" `
CreateAuthorizedKeysFile bool ` ini:"SSH_CREATE_AUTHORIZED_KEYS_FILE" `
CreateAuthorizedPrincipalsFile bool ` ini:"SSH_CREATE_AUTHORIZED_PRINCIPALS_FILE" `
ExposeAnonymous bool ` ini:"SSH_EXPOSE_ANONYMOUS" `
AuthorizedPrincipalsAllow [ ] string ` ini:"SSH_AUTHORIZED_PRINCIPALS_ALLOW" `
AuthorizedPrincipalsEnabled bool ` ini:"-" `
TrustedUserCAKeys [ ] string ` ini:"SSH_TRUSTED_USER_CA_KEYS" `
TrustedUserCAKeysFile string ` ini:"SSH_TRUSTED_USER_CA_KEYS_FILENAME" `
TrustedUserCAKeysParsed [ ] gossh . PublicKey ` ini:"-" `
PerWriteTimeout time . Duration ` ini:"SSH_PER_WRITE_TIMEOUT" `
PerWritePerKbTimeout time . Duration ` ini:"SSH_PER_WRITE_PER_KB_TIMEOUT" `
2016-12-29 16:21:15 +05:30
} {
2021-06-15 06:45:12 +05:30
Disabled : false ,
StartBuiltinServer : false ,
Domain : "" ,
Port : 22 ,
2022-02-10 21:34:16 +05:30
ServerCiphers : [ ] string { "chacha20-poly1305@openssh.com" , "aes128-ctr" , "aes192-ctr" , "aes256-ctr" , "aes128-gcm@openssh.com" , "aes256-gcm@openssh.com" } ,
2022-03-16 07:29:53 +05:30
ServerKeyExchanges : [ ] string { "curve25519-sha256" , "ecdh-sha2-nistp256" , "ecdh-sha2-nistp384" , "ecdh-sha2-nistp521" , "diffie-hellman-group14-sha256" , "diffie-hellman-group14-sha1" } ,
2022-02-10 21:34:16 +05:30
ServerMACs : [ ] string { "hmac-sha2-256-etm@openssh.com" , "hmac-sha2-256" , "hmac-sha1" } ,
2021-06-15 06:45:12 +05:30
KeygenPath : "ssh-keygen" ,
MinimumKeySizeCheck : true ,
2022-07-07 02:19:27 +05:30
MinimumKeySizes : map [ string ] int { "ed25519" : 256 , "ed25519-sk" : 256 , "ecdsa" : 256 , "ecdsa-sk" : 256 , "rsa" : 2047 } ,
2021-06-15 06:45:12 +05:30
ServerHostKeys : [ ] string { "ssh/gitea.rsa" , "ssh/gogs.rsa" } ,
AuthorizedKeysCommandTemplate : "{{.AppPath}} --config={{.CustomConf}} serv key-{{.Key.ID}}" ,
PerWriteTimeout : PerWriteTimeout ,
PerWritePerKbTimeout : PerWritePerKbTimeout ,
2016-02-28 07:18:39 +05:30
}
2015-12-18 09:01:34 +05:30
// Security settings
2019-11-15 04:09:48 +05:30
InstallLock bool
SecretKey string
LogInRememberDays int
CookieUserName string
CookieRememberName string
ReverseProxyAuthUser string
ReverseProxyAuthEmail string
2022-08-16 12:00:27 +05:30
ReverseProxyAuthFullName string
2021-03-16 03:57:28 +05:30
ReverseProxyLimit int
ReverseProxyTrustedProxies [ ] string
2019-11-15 04:09:48 +05:30
MinPasswordLength int
ImportLocalPaths bool
DisableGitHooks bool
2021-02-11 23:04:34 +05:30
DisableWebhooks bool
2019-11-15 04:09:48 +05:30
OnlyAllowPushIfGiteaEnvironmentSet bool
PasswordComplexity [ ] string
PasswordHashAlgo string
2020-09-09 03:36:39 +05:30
PasswordCheckPwn bool
2021-08-18 00:00:42 +05:30
SuccessfulTokensCacheSize int
2014-04-10 23:50:58 +05:30
2022-03-29 13:57:37 +05:30
Camo = struct {
Enabled bool
ServerURL string ` ini:"SERVER_URL" `
HMACKey string ` ini:"HMAC_KEY" `
Allways bool
} { }
2015-12-18 09:01:34 +05:30
// UI settings
2016-12-23 12:48:05 +05:30
UI = struct {
2019-08-25 22:36:36 +05:30
ExplorePagingNum int
2022-06-25 22:36:01 +05:30
SitemapPagingNum int
2019-08-25 22:36:36 +05:30
IssuePagingNum int
RepoSearchPagingNum int
2019-12-06 11:04:54 +05:30
MembersPagingNum int
2019-08-25 22:36:36 +05:30
FeedMaxCommitNum int
2020-08-11 20:18:13 +05:30
FeedPagingNum int
2022-03-30 14:12:47 +05:30
PackagesPagingNum int
2019-08-25 22:36:36 +05:30
GraphMaxCommitNum int
CodeCommentLines int
ReactionMaxUserNum int
ThemeColorMetaTag string
MaxDisplayFileSize int64
ShowUserEmail bool
DefaultShowFullName bool
DefaultTheme string
Themes [ ] string
2019-12-02 04:27:24 +05:30
Reactions [ ] string
2022-10-12 10:48:26 +05:30
ReactionsLookup container . Set [ string ] ` ini:"-" `
2021-06-29 19:58:38 +05:30
CustomEmojis [ ] string
CustomEmojisMap map [ string ] string ` ini:"-" `
2019-08-25 22:36:36 +05:30
SearchRepoDescription bool
2019-11-22 01:36:23 +05:30
UseServiceWorker bool
2022-08-26 00:08:41 +05:30
OnlyShowRelevantRepos bool
2016-07-23 21:53:54 +05:30
2020-04-24 09:27:38 +05:30
Notification struct {
2020-05-08 03:19:00 +05:30
MinTimeout time . Duration
TimeoutStep time . Duration
MaxTimeout time . Duration
EventSourceUpdateTime time . Duration
2020-04-24 09:27:38 +05:30
} ` ini:"ui.notification" `
2021-01-13 09:15:19 +05:30
SVG struct {
Enabled bool ` ini:"ENABLE_RENDER" `
} ` ini:"ui.svg" `
2021-03-30 02:14:28 +05:30
CSV struct {
MaxFileSize int64
} ` ini:"ui.csv" `
2016-07-23 21:53:54 +05:30
Admin struct {
UserPagingNum int
RepoPagingNum int
NoticePagingNum int
OrgPagingNum int
} ` ini:"ui.admin" `
User struct {
RepoPagingNum int
} ` ini:"ui.user" `
2017-04-01 06:33:01 +05:30
Meta struct {
Author string
Description string
Keywords string
} ` ini:"ui.meta" `
2016-12-23 12:48:05 +05:30
} {
2017-10-27 11:40:54 +05:30
ExplorePagingNum : 20 ,
2022-06-25 22:36:01 +05:30
SitemapPagingNum : 20 ,
2022-08-06 16:13:40 +05:30
IssuePagingNum : 20 ,
RepoSearchPagingNum : 20 ,
2019-12-06 11:04:54 +05:30
MembersPagingNum : 20 ,
2017-10-27 11:40:54 +05:30
FeedMaxCommitNum : 5 ,
2020-08-11 20:18:13 +05:30
FeedPagingNum : 20 ,
2022-03-30 14:12:47 +05:30
PackagesPagingNum : 20 ,
2018-07-23 19:42:06 +05:30
GraphMaxCommitNum : 100 ,
2018-08-06 10:13:22 +05:30
CodeCommentLines : 4 ,
2017-12-04 04:44:26 +05:30
ReactionMaxUserNum : 10 ,
2017-10-27 11:40:54 +05:30
ThemeColorMetaTag : ` #6cc644 ` ,
MaxDisplayFileSize : 8388608 ,
2021-09-27 20:17:44 +05:30
DefaultTheme : ` auto ` ,
Themes : [ ] string { ` auto ` , ` gitea ` , ` arc-green ` } ,
2019-12-02 04:27:24 +05:30
Reactions : [ ] string { ` +1 ` , ` -1 ` , ` laugh ` , ` hooray ` , ` confused ` , ` heart ` , ` rocket ` , ` eyes ` } ,
2021-07-02 19:34:57 +05:30
CustomEmojis : [ ] string { ` git ` , ` gitea ` , ` codeberg ` , ` gitlab ` , ` github ` , ` gogs ` } ,
CustomEmojisMap : map [ string ] string { "git" : ":git:" , "gitea" : ":gitea:" , "codeberg" : ":codeberg:" , "gitlab" : ":gitlab:" , "github" : ":github:" , "gogs" : ":gogs:" } ,
2020-04-24 09:27:38 +05:30
Notification : struct {
2020-05-08 03:19:00 +05:30
MinTimeout time . Duration
TimeoutStep time . Duration
MaxTimeout time . Duration
EventSourceUpdateTime time . Duration
2020-04-24 09:27:38 +05:30
} {
2020-05-08 03:19:00 +05:30
MinTimeout : 10 * time . Second ,
TimeoutStep : 10 * time . Second ,
MaxTimeout : 60 * time . Second ,
EventSourceUpdateTime : 10 * time . Second ,
2020-04-24 09:27:38 +05:30
} ,
2021-01-13 09:15:19 +05:30
SVG : struct {
Enabled bool ` ini:"ENABLE_RENDER" `
} {
Enabled : true ,
} ,
2021-03-30 02:14:28 +05:30
CSV : struct {
MaxFileSize int64
} {
MaxFileSize : 524288 ,
} ,
2016-12-23 12:48:05 +05:30
Admin : struct {
UserPagingNum int
RepoPagingNum int
NoticePagingNum int
OrgPagingNum int
} {
UserPagingNum : 50 ,
RepoPagingNum : 50 ,
NoticePagingNum : 25 ,
OrgPagingNum : 50 ,
} ,
User : struct {
RepoPagingNum int
} {
RepoPagingNum : 15 ,
} ,
2017-04-01 06:33:01 +05:30
Meta : struct {
Author string
Description string
Keywords string
} {
Author : "Gitea - Git with a cup of tea" ,
Description : "Gitea (Git with a cup of tea) is a painless self-hosted Git service written in Go" ,
Keywords : "go,git,self-hosted,gitea" ,
} ,
2016-07-23 21:53:54 +05:30
}
2014-04-10 23:50:58 +05:30
2017-03-15 06:22:01 +05:30
// Markdown settings
2016-12-23 12:48:05 +05:30
Markdown = struct {
2020-05-24 13:44:26 +05:30
EnableHardLineBreakInComments bool
EnableHardLineBreakInDocuments bool
CustomURLSchemes [ ] string ` ini:"CUSTOM_URL_SCHEMES" `
FileExtensions [ ] string
2022-09-13 22:03:37 +05:30
EnableMath bool
2016-12-23 12:48:05 +05:30
} {
2020-05-24 13:44:26 +05:30
EnableHardLineBreakInComments : true ,
EnableHardLineBreakInDocuments : false ,
FileExtensions : strings . Split ( ".md,.markdown,.mdown,.mkd" , "," ) ,
2022-09-13 22:03:37 +05:30
EnableMath : true ,
2015-09-01 18:02:02 +05:30
}
2017-02-14 17:46:00 +05:30
// Admin settings
Admin struct {
DisableRegularOrgCreation bool
2019-08-29 19:35:42 +05:30
DefaultEmailNotification string
2017-02-14 17:46:00 +05:30
}
2015-12-18 09:01:34 +05:30
// Log settings
2021-03-29 00:38:19 +05:30
LogLevel log . Level
2019-04-02 13:18:31 +05:30
StacktraceLogLevel string
2019-02-06 08:36:41 +05:30
LogRootPath string
2021-05-22 03:07:16 +05:30
EnableSSHLog bool
2019-04-02 13:18:31 +05:30
EnableXORMLog bool
2014-04-10 23:50:58 +05:30
2022-01-20 17:11:25 +05:30
DisableRouterLog bool
EnableAccessLog bool
AccessLogTemplate string
2015-12-18 09:01:34 +05:30
// Time settings
2014-07-25 02:01:59 +05:30
TimeFormat string
2019-08-15 20:16:21 +05:30
// UILocation is the location on the UI, so that we can display the time on UI.
DefaultUILocation = time . Local
2014-07-25 02:01:59 +05:30
2019-07-12 19:27:31 +05:30
CSRFCookieName = "_csrf"
CSRFCookieHTTPOnly = true
2014-04-10 23:50:58 +05:30
2020-12-24 00:39:54 +05:30
ManifestData string
2020-12-22 16:43:50 +05:30
2016-07-04 14:57:06 +05:30
// API settings
2016-12-23 12:48:05 +05:30
API = struct {
2019-02-06 23:49:26 +05:30
EnableSwagger bool
2019-06-13 02:37:24 +05:30
SwaggerURL string
2019-02-06 23:49:26 +05:30
MaxResponseItems int
DefaultPagingNum int
DefaultGitTreesPerPage int
2019-04-17 21:36:35 +05:30
DefaultMaxBlobSize int64
2016-12-23 12:48:05 +05:30
} {
2019-02-06 23:49:26 +05:30
EnableSwagger : true ,
2019-06-13 02:37:24 +05:30
SwaggerURL : "" ,
2019-02-06 23:49:26 +05:30
MaxResponseItems : 50 ,
DefaultPagingNum : 30 ,
DefaultGitTreesPerPage : 1000 ,
2019-04-17 21:36:35 +05:30
DefaultMaxBlobSize : 10485760 ,
2016-07-04 14:57:06 +05:30
}
2019-03-08 22:12:50 +05:30
OAuth2 = struct {
Enable bool
AccessTokenExpirationTime int64
RefreshTokenExpirationTime int64
2019-04-12 13:20:21 +05:30
InvalidateRefreshTokens bool
2021-06-18 03:26:46 +05:30
JWTSigningAlgorithm string ` ini:"JWT_SIGNING_ALGORITHM" `
2019-03-08 22:12:50 +05:30
JWTSecretBase64 string ` ini:"JWT_SECRET" `
2021-06-18 03:26:46 +05:30
JWTSigningPrivateKeyFile string ` ini:"JWT_SIGNING_PRIVATE_KEY_FILE" `
2020-04-23 04:17:23 +05:30
MaxTokenLength int
2019-03-08 22:12:50 +05:30
} {
Enable : true ,
AccessTokenExpirationTime : 3600 ,
RefreshTokenExpirationTime : 730 ,
2019-04-12 13:20:21 +05:30
InvalidateRefreshTokens : false ,
2021-06-18 03:26:46 +05:30
JWTSigningAlgorithm : "RS256" ,
JWTSigningPrivateKeyFile : "jwt/private.pem" ,
2020-04-23 04:17:23 +05:30
MaxTokenLength : math . MaxInt16 ,
2019-03-08 22:12:50 +05:30
}
2018-11-05 08:50:00 +05:30
// Metrics settings
Metrics = struct {
2021-10-06 00:09:37 +05:30
Enabled bool
Token string
EnabledIssueByLabel bool
EnabledIssueByRepository bool
2018-11-05 08:50:00 +05:30
} {
2021-10-06 00:09:37 +05:30
Enabled : false ,
Token : "" ,
EnabledIssueByLabel : false ,
EnabledIssueByRepository : false ,
2018-11-05 08:50:00 +05:30
}
2015-12-18 09:01:34 +05:30
// I18n settings
2020-06-11 00:05:27 +05:30
Langs [ ] string
Names [ ] string
2014-09-17 23:52:51 +05:30
2017-03-15 06:22:01 +05:30
// Highlight settings are loaded in modules/template/highlight.go
2015-12-18 09:01:34 +05:30
// Other settings
2016-09-01 10:31:32 +05:30
ShowFooterBranding bool
ShowFooterVersion bool
ShowFooterTemplateLoadTime bool
2015-03-23 19:49:19 +05:30
2015-12-18 09:01:34 +05:30
// Global setting objects
2019-08-24 14:54:45 +05:30
Cfg * ini . File
CustomPath string // Custom directory path
CustomConf string
2020-08-18 16:51:24 +05:30
PIDFile = "/run/gitea.pid"
2020-08-16 01:45:27 +05:30
WritePIDFile bool
2020-11-18 04:14:52 +05:30
RunMode string
2021-10-20 20:07:19 +05:30
IsProd bool
2019-08-24 14:54:45 +05:30
RunUser string
IsWindows bool
HasRobotsTxt bool
2022-10-28 20:47:38 +05:30
EnableSitemap bool
2019-08-24 14:54:45 +05:30
InternalToken string // internal access token
2014-04-10 23:50:58 +05:30
)
2017-11-03 14:26:20 +05:30
func getAppPath ( ) ( string , error ) {
var appPath string
var err error
if IsWindows && filepath . IsAbs ( os . Args [ 0 ] ) {
appPath = filepath . Clean ( os . Args [ 0 ] )
} else {
appPath , err = exec . LookPath ( os . Args [ 0 ] )
2017-09-12 17:57:44 +05:30
}
2017-11-03 14:26:20 +05:30
2014-05-26 05:41:25 +05:30
if err != nil {
return "" , err
}
2017-11-03 14:26:20 +05:30
appPath , err = filepath . Abs ( appPath )
if err != nil {
return "" , err
}
// Note: we don't use path.Dir here because it does not handle case
// which path starts with two "/" in Windows: "//psf/Home/..."
2020-10-12 01:57:20 +05:30
return strings . ReplaceAll ( appPath , "\\" , "/" ) , err
2017-11-03 14:26:20 +05:30
}
func getWorkPath ( appPath string ) string {
2019-04-29 23:38:21 +05:30
workPath := AppWorkPath
2017-11-03 14:26:20 +05:30
2019-04-29 23:38:21 +05:30
if giteaWorkPath , ok := os . LookupEnv ( "GITEA_WORK_DIR" ) ; ok {
2017-11-03 14:26:20 +05:30
workPath = giteaWorkPath
2019-04-29 23:38:21 +05:30
}
if len ( workPath ) == 0 {
2017-11-03 14:26:20 +05:30
i := strings . LastIndex ( appPath , "/" )
if i == - 1 {
workPath = appPath
} else {
workPath = appPath [ : i ]
}
}
2022-06-06 20:13:17 +05:30
workPath = strings . ReplaceAll ( workPath , "\\" , "/" )
if ! filepath . IsAbs ( workPath ) {
log . Info ( "Provided work path %s is not absolute - will be made absolute against the current working directory" , workPath )
absPath , err := filepath . Abs ( workPath )
if err != nil {
log . Error ( "Unable to absolute %s against the current working directory %v. Will absolute against the AppPath %s" , workPath , err , appPath )
workPath = filepath . Join ( appPath , workPath )
} else {
workPath = absPath
}
}
2020-10-12 01:57:20 +05:30
return strings . ReplaceAll ( workPath , "\\" , "/" )
2015-11-09 03:29:56 +05:30
}
func init ( ) {
2019-04-29 01:18:46 +05:30
IsWindows = runtime . GOOS == "windows"
2019-04-02 13:18:31 +05:30
// We can rely on log.CanColorStdout being set properly because modules/log/console_windows.go comes before modules/setting/setting.go lexicographically
2021-06-27 06:26:58 +05:30
// By default set this logger at Info - we'll change it later but we need to start with something.
log . NewLogger ( 0 , "console" , "console" , fmt . Sprintf ( ` { "level": "info", "colorize": %t, "stacktraceLevel": "none"} ` , log . CanColorStdout ) )
2015-11-09 03:29:56 +05:30
var err error
2017-11-03 14:26:20 +05:30
if AppPath , err = getAppPath ( ) ; err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to get app path: %v" , err )
2014-05-26 05:41:25 +05:30
}
2017-11-03 14:26:20 +05:30
AppWorkPath = getWorkPath ( AppPath )
2014-05-26 05:41:25 +05:30
}
2015-03-18 13:55:55 +05:30
func forcePathSeparator ( path string ) {
if strings . Contains ( path , "\\" ) {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Do not use '\\' or '\\\\' in paths, instead, please use '/' in all places" )
2015-03-18 13:55:55 +05:30
}
}
2016-08-10 06:11:18 +05:30
// IsRunUserMatchCurrentUser returns false if configured run user does not match
// actual user that runs the app. The first return value is the actual user name.
// This check is ignored under Windows since SSH remote login is not the main
// method to login on Windows.
func IsRunUserMatchCurrentUser ( runUser string ) ( string , bool ) {
2019-06-16 08:19:07 +05:30
if IsWindows || SSH . StartBuiltinServer {
2016-08-10 06:11:18 +05:30
return "" , true
}
currentUser := user . CurrentUsername ( )
return currentUser , runUser == currentUser
}
2017-01-09 17:24:57 +05:30
func createPIDFile ( pidPath string ) {
currentPid := os . Getpid ( )
if err := os . MkdirAll ( filepath . Dir ( pidPath ) , os . ModePerm ) ; err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to create PID folder: %v" , err )
2017-01-09 17:24:57 +05:30
}
file , err := os . Create ( pidPath )
if err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to create PID file: %v" , err )
2017-01-09 17:24:57 +05:30
}
defer file . Close ( )
if _ , err := file . WriteString ( strconv . FormatInt ( int64 ( currentPid ) , 10 ) ) ; err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to write PID information: %v" , err )
2017-01-09 17:24:57 +05:30
}
}
2019-04-29 23:38:21 +05:30
// SetCustomPathAndConf will set CustomPath and CustomConf with reference to the
// GITEA_CUSTOM environment variable and with provided overrides before stepping
// back to the default
2019-05-14 20:50:35 +05:30
func SetCustomPathAndConf ( providedCustom , providedConf , providedWorkPath string ) {
if len ( providedWorkPath ) != 0 {
AppWorkPath = filepath . ToSlash ( providedWorkPath )
}
2019-04-29 23:38:21 +05:30
if giteaCustom , ok := os . LookupEnv ( "GITEA_CUSTOM" ) ; ok {
CustomPath = giteaCustom
}
if len ( providedCustom ) != 0 {
CustomPath = providedCustom
}
2014-05-26 05:41:25 +05:30
if len ( CustomPath ) == 0 {
2017-11-03 14:26:20 +05:30
CustomPath = path . Join ( AppWorkPath , "custom" )
} else if ! filepath . IsAbs ( CustomPath ) {
CustomPath = path . Join ( AppWorkPath , CustomPath )
2014-05-26 05:41:25 +05:30
}
2019-04-29 23:38:21 +05:30
if len ( providedConf ) != 0 {
CustomConf = providedConf
2017-01-09 17:24:57 +05:30
}
2015-02-05 15:42:37 +05:30
if len ( CustomConf ) == 0 {
2017-11-03 14:26:20 +05:30
CustomConf = path . Join ( CustomPath , "conf/app.ini" )
2017-07-01 08:40:04 +05:30
} else if ! filepath . IsAbs ( CustomConf ) {
2017-11-03 14:26:20 +05:30
CustomConf = path . Join ( CustomPath , CustomConf )
2020-02-02 21:50:20 +05:30
log . Warn ( "Using 'custom' directory as relative origin for configuration file: '%s'" , CustomConf )
2015-02-05 15:42:37 +05:30
}
2019-04-29 23:38:21 +05:30
}
2021-12-01 13:20:01 +05:30
// LoadFromExisting initializes setting options from an existing config file (app.ini)
func LoadFromExisting ( ) {
2021-12-08 13:04:23 +05:30
loadFromConf ( false , "" )
2021-12-01 13:20:01 +05:30
}
// LoadAllowEmpty initializes setting options, it's also fine that if the config file (app.ini) doesn't exist
func LoadAllowEmpty ( ) {
2021-12-08 13:04:23 +05:30
loadFromConf ( true , "" )
2021-12-01 13:20:01 +05:30
}
// LoadForTest initializes setting options for tests
2021-12-08 13:04:23 +05:30
func LoadForTest ( extraConfigs ... string ) {
loadFromConf ( true , strings . Join ( extraConfigs , "\n" ) )
2021-12-01 13:20:01 +05:30
if err := PrepareAppDataPath ( ) ; err != nil {
log . Fatal ( "Can not prepare APP_DATA_PATH: %v" , err )
}
}
2022-01-20 22:30:38 +05:30
func deprecatedSetting ( oldSection , oldKey , newSection , newKey string ) {
if Cfg . Section ( oldSection ) . HasKey ( oldKey ) {
log . Error ( "Deprecated fallback `[%s]` `%s` present. Use `[%s]` `%s` instead. This fallback will be removed in v1.18.0" , oldSection , oldKey , newSection , newKey )
}
}
2022-10-17 04:59:26 +05:30
// deprecatedSettingDB add a hint that the configuration has been moved to database but still kept in app.ini
func deprecatedSettingDB ( oldSection , oldKey string ) {
if Cfg . Section ( oldSection ) . HasKey ( oldKey ) {
log . Error ( "Deprecated `[%s]` `%s` present which has been copied to database table sys_setting" , oldSection , oldKey )
}
}
2021-12-01 13:20:01 +05:30
// loadFromConf initializes configuration context.
2019-04-29 23:38:21 +05:30
// NOTE: do not print any log except error.
2021-12-08 13:04:23 +05:30
func loadFromConf ( allowEmpty bool , extraConfig string ) {
2019-04-29 23:38:21 +05:30
Cfg = ini . Empty ( )
2020-08-16 01:45:27 +05:30
if WritePIDFile && len ( PIDFile ) > 0 {
createPIDFile ( PIDFile )
2019-04-29 23:38:21 +05:30
}
2015-02-05 15:42:37 +05:30
2020-11-28 08:12:08 +05:30
isFile , err := util . IsFile ( CustomConf )
if err != nil {
log . Error ( "Unable to check if %s is a file. Error: %v" , CustomConf , err )
}
if isFile {
2017-11-03 14:26:20 +05:30
if err := Cfg . Append ( CustomConf ) ; err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to load custom conf '%s': %v" , CustomConf , err )
2014-05-26 05:41:25 +05:30
}
2021-12-01 13:20:01 +05:30
} else if ! allowEmpty {
log . Fatal ( "Unable to find configuration file: %q.\nEnsure you are running in the correct environment or set the correct configuration file with -c." , CustomConf )
} // else: no config file, a config file might be created at CustomConf later (might not)
2021-12-08 13:04:23 +05:30
if extraConfig != "" {
if err = Cfg . Append ( [ ] byte ( extraConfig ) ) ; err != nil {
log . Fatal ( "Unable to append more config: %v" , err )
}
}
2019-10-15 21:15:39 +05:30
Cfg . NameMapper = ini . SnackCase
2014-05-26 05:41:25 +05:30
2022-04-01 14:17:50 +05:30
homeDir , err := util . HomeDir ( )
2015-12-20 08:13:32 +05:30
if err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to get home directory: %v" , err )
2015-12-20 08:13:32 +05:30
}
2020-10-12 01:57:20 +05:30
homeDir = strings . ReplaceAll ( homeDir , "\\" , "/" )
2015-12-20 08:13:32 +05:30
2021-03-29 00:38:19 +05:30
LogLevel = getLogLevel ( Cfg . Section ( "log" ) , "LEVEL" , log . INFO )
2019-04-02 13:18:31 +05:30
StacktraceLogLevel = getStacktraceLogLevel ( Cfg . Section ( "log" ) , "STACKTRACE_LEVEL" , "None" )
2017-11-03 14:26:20 +05:30
LogRootPath = Cfg . Section ( "log" ) . Key ( "ROOT_PATH" ) . MustString ( path . Join ( AppWorkPath , "log" ) )
2015-03-18 13:55:55 +05:30
forcePathSeparator ( LogRootPath )
2014-12-31 16:07:29 +05:30
sec := Cfg . Section ( "server" )
2016-12-02 10:53:37 +05:30
AppName = Cfg . Section ( "" ) . Key ( "APP_NAME" ) . MustString ( "Gitea: Git with a cup of tea" )
2014-09-14 23:05:22 +05:30
2021-11-28 01:52:03 +05:30
Domain = sec . Key ( "DOMAIN" ) . MustString ( "localhost" )
HTTPAddr = sec . Key ( "HTTP_ADDR" ) . MustString ( "0.0.0.0" )
HTTPPort = sec . Key ( "HTTP_PORT" ) . MustString ( "3000" )
2014-05-26 05:41:25 +05:30
Protocol = HTTP
2021-12-06 10:16:11 +05:30
protocolCfg := sec . Key ( "PROTOCOL" ) . String ( )
switch protocolCfg {
2019-06-13 01:11:28 +05:30
case "https" :
2014-05-26 05:41:25 +05:30
Protocol = HTTPS
2022-02-08 11:15:35 +05:30
// FIXME: DEPRECATED to be removed in v1.18.0
if sec . HasKey ( "ENABLE_ACME" ) {
EnableAcme = sec . Key ( "ENABLE_ACME" ) . MustBool ( false )
} else {
deprecatedSetting ( "server" , "ENABLE_LETSENCRYPT" , "server" , "ENABLE_ACME" )
EnableAcme = sec . Key ( "ENABLE_LETSENCRYPT" ) . MustBool ( false )
2020-01-20 00:37:44 +05:30
}
2022-02-08 11:15:35 +05:30
if EnableAcme {
AcmeURL = sec . Key ( "ACME_URL" ) . MustString ( "" )
AcmeCARoot = sec . Key ( "ACME_CA_ROOT" ) . MustString ( "" )
// FIXME: DEPRECATED to be removed in v1.18.0
if sec . HasKey ( "ACME_ACCEPTTOS" ) {
AcmeTOS = sec . Key ( "ACME_ACCEPTTOS" ) . MustBool ( false )
} else {
deprecatedSetting ( "server" , "LETSENCRYPT_ACCEPTTOS" , "server" , "ACME_ACCEPTTOS" )
AcmeTOS = sec . Key ( "LETSENCRYPT_ACCEPTTOS" ) . MustBool ( false )
}
if ! AcmeTOS {
log . Fatal ( "ACME TOS is not accepted (ACME_ACCEPTTOS)." )
}
// FIXME: DEPRECATED to be removed in v1.18.0
if sec . HasKey ( "ACME_DIRECTORY" ) {
AcmeLiveDirectory = sec . Key ( "ACME_DIRECTORY" ) . MustString ( "https" )
} else {
deprecatedSetting ( "server" , "LETSENCRYPT_DIRECTORY" , "server" , "ACME_DIRECTORY" )
AcmeLiveDirectory = sec . Key ( "LETSENCRYPT_DIRECTORY" ) . MustString ( "https" )
}
// FIXME: DEPRECATED to be removed in v1.18.0
if sec . HasKey ( "ACME_EMAIL" ) {
AcmeEmail = sec . Key ( "ACME_EMAIL" ) . MustString ( "" )
} else {
deprecatedSetting ( "server" , "LETSENCRYPT_EMAIL" , "server" , "ACME_EMAIL" )
AcmeEmail = sec . Key ( "LETSENCRYPT_EMAIL" ) . MustString ( "" )
}
} else {
CertFile = sec . Key ( "CERT_FILE" ) . String ( )
KeyFile = sec . Key ( "KEY_FILE" ) . String ( )
if len ( CertFile ) > 0 && ! filepath . IsAbs ( CertFile ) {
CertFile = filepath . Join ( CustomPath , CertFile )
}
if len ( KeyFile ) > 0 && ! filepath . IsAbs ( KeyFile ) {
KeyFile = filepath . Join ( CustomPath , KeyFile )
}
2020-01-20 00:37:44 +05:30
}
2022-02-08 11:15:35 +05:30
SSLMinimumVersion = sec . Key ( "SSL_MIN_VERSION" ) . MustString ( "" )
SSLMaximumVersion = sec . Key ( "SSL_MAX_VERSION" ) . MustString ( "" )
SSLCurvePreferences = sec . Key ( "SSL_CURVE_PREFERENCES" ) . Strings ( "," )
SSLCipherSuites = sec . Key ( "SSL_CIPHER_SUITES" ) . Strings ( "," )
2019-06-13 01:11:28 +05:30
case "fcgi" :
2014-11-04 07:16:53 +05:30
Protocol = FCGI
2021-12-06 10:16:11 +05:30
case "fcgi+unix" , "unix" , "http+unix" :
switch protocolCfg {
case "fcgi+unix" :
Protocol = FCGIUnix
case "unix" :
log . Warn ( "unix PROTOCOL value is deprecated, please use http+unix" )
fallthrough
case "http+unix" :
Protocol = HTTPUnix
2019-12-10 17:53:26 +05:30
}
2016-08-12 03:25:10 +05:30
UnixSocketPermissionRaw := sec . Key ( "UNIX_SOCKET_PERMISSION" ) . MustString ( "666" )
UnixSocketPermissionParsed , err := strconv . ParseUint ( UnixSocketPermissionRaw , 8 , 32 )
2022-01-20 23:16:10 +05:30
if err != nil || UnixSocketPermissionParsed > 0 o777 {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to parse unixSocketPermission: %s" , UnixSocketPermissionRaw )
2016-08-12 03:25:10 +05:30
}
2021-12-06 10:16:11 +05:30
2016-08-12 03:25:10 +05:30
UnixSocketPermission = uint32 ( UnixSocketPermissionParsed )
2021-11-28 01:52:03 +05:30
if ! filepath . IsAbs ( HTTPAddr ) {
HTTPAddr = filepath . Join ( AppWorkPath , HTTPAddr )
}
2014-11-04 07:16:53 +05:30
}
2022-08-21 23:50:43 +05:30
UseProxyProtocol = sec . Key ( "USE_PROXY_PROTOCOL" ) . MustBool ( false )
ProxyProtocolTLSBridging = sec . Key ( "PROXY_PROTOCOL_TLS_BRIDGING" ) . MustBool ( false )
ProxyProtocolHeaderTimeout = sec . Key ( "PROXY_PROTOCOL_HEADER_TIMEOUT" ) . MustDuration ( 5 * time . Second )
ProxyProtocolAcceptUnknown = sec . Key ( "PROXY_PROTOCOL_ACCEPT_UNKNOWN" ) . MustBool ( false )
2019-10-15 19:09:51 +05:30
GracefulRestartable = sec . Key ( "ALLOW_GRACEFUL_RESTARTS" ) . MustBool ( true )
GracefulHammerTime = sec . Key ( "GRACEFUL_HAMMER_TIME" ) . MustDuration ( 60 * time . Second )
2019-11-22 00:02:02 +05:30
StartupTimeout = sec . Key ( "STARTUP_TIMEOUT" ) . MustDuration ( 0 * time . Second )
2021-06-11 02:55:25 +05:30
PerWriteTimeout = sec . Key ( "PER_WRITE_TIMEOUT" ) . MustDuration ( PerWriteTimeout )
PerWritePerKbTimeout = sec . Key ( "PER_WRITE_PER_KB_TIMEOUT" ) . MustDuration ( PerWritePerKbTimeout )
2017-06-22 13:05:14 +05:30
defaultAppURL := string ( Protocol ) + "://" + Domain
if ( Protocol == HTTP && HTTPPort != "80" ) || ( Protocol == HTTPS && HTTPPort != "443" ) {
defaultAppURL += ":" + HTTPPort
}
2021-02-20 03:06:43 +05:30
AppURL = sec . Key ( "ROOT_URL" ) . MustString ( defaultAppURL + "/" )
// This should be TrimRight to ensure that there is only a single '/' at the end of AppURL.
AppURL = strings . TrimRight ( AppURL , "/" ) + "/"
2017-06-22 13:05:14 +05:30
// Check if has app suburl.
2019-06-13 02:37:24 +05:30
appURL , err := url . Parse ( AppURL )
2017-06-22 13:05:14 +05:30
if err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Invalid ROOT_URL '%s': %s" , AppURL , err )
2017-06-22 13:05:14 +05:30
}
// Suburl should start with '/' and end without '/', such as '/{subpath}'.
// This value is empty if site does not have sub-url.
2019-06-13 02:37:24 +05:30
AppSubURL = strings . TrimSuffix ( appURL . Path , "/" )
2019-10-22 17:41:01 +05:30
StaticURLPrefix = strings . TrimSuffix ( sec . Key ( "STATIC_URL_PREFIX" ) . MustString ( AppSubURL ) , "/" )
2021-02-20 03:06:43 +05:30
2017-10-02 19:25:09 +05:30
// Check if Domain differs from AppURL domain than update it to AppURL's domain
2020-07-27 05:46:22 +05:30
urlHostname := appURL . Hostname ( )
if urlHostname != Domain && net . ParseIP ( urlHostname ) == nil && urlHostname != "" {
2017-10-02 19:25:09 +05:30
Domain = urlHostname
}
2017-06-22 13:05:14 +05:30
2020-12-24 00:39:54 +05:30
AbsoluteAssetURL = MakeAbsoluteAssetURL ( AppURL , StaticURLPrefix )
2022-08-23 18:28:04 +05:30
AssetVersion = strings . ReplaceAll ( AppVer , "+" , "~" ) // make sure the version string is clear (no real escaping is needed)
2020-12-24 00:39:54 +05:30
manifestBytes := MakeManifestData ( AppName , AppURL , AbsoluteAssetURL )
ManifestData = ` application/json;base64, ` + base64 . StdEncoding . EncodeToString ( manifestBytes )
2017-08-03 21:02:13 +05:30
var defaultLocalURL string
switch Protocol {
2021-12-06 10:16:11 +05:30
case HTTPUnix :
2017-08-03 21:02:13 +05:30
defaultLocalURL = "http://unix/"
case FCGI :
defaultLocalURL = AppURL
2019-12-10 17:53:26 +05:30
case FCGIUnix :
defaultLocalURL = AppURL
2017-08-03 21:02:13 +05:30
default :
defaultLocalURL = string ( Protocol ) + "://"
if HTTPAddr == "0.0.0.0" {
2020-07-27 02:01:28 +05:30
defaultLocalURL += net . JoinHostPort ( "localhost" , HTTPPort ) + "/"
2017-08-03 21:02:13 +05:30
} else {
2020-07-27 02:01:28 +05:30
defaultLocalURL += net . JoinHostPort ( HTTPAddr , HTTPPort ) + "/"
2017-08-03 21:02:13 +05:30
}
}
LocalURL = sec . Key ( "LOCAL_ROOT_URL" ) . MustString ( defaultLocalURL )
2022-03-22 22:29:57 +05:30
LocalURL = strings . TrimRight ( LocalURL , "/" ) + "/"
2022-08-21 23:50:43 +05:30
LocalUseProxyProtocol = sec . Key ( "LOCAL_USE_PROXY_PROTOCOL" ) . MustBool ( UseProxyProtocol )
2017-12-26 03:53:43 +05:30
RedirectOtherPort = sec . Key ( "REDIRECT_OTHER_PORT" ) . MustBool ( false )
PortToRedirect = sec . Key ( "PORT_TO_REDIRECT" ) . MustString ( "80" )
2022-08-21 23:50:43 +05:30
RedirectorUseProxyProtocol = sec . Key ( "REDIRECTOR_USE_PROXY_PROTOCOL" ) . MustBool ( UseProxyProtocol )
2014-12-31 16:07:29 +05:30
OfflineMode = sec . Key ( "OFFLINE_MODE" ) . MustBool ( )
DisableRouterLog = sec . Key ( "DISABLE_ROUTER_LOG" ) . MustBool ( )
2020-08-08 19:32:22 +05:30
if len ( StaticRootPath ) == 0 {
StaticRootPath = AppWorkPath
}
StaticRootPath = sec . Key ( "STATIC_ROOT_PATH" ) . MustString ( StaticRootPath )
2019-10-15 03:35:57 +05:30
StaticCacheTime = sec . Key ( "STATIC_CACHE_TIME" ) . MustDuration ( 6 * time . Hour )
2017-11-03 14:26:20 +05:30
AppDataPath = sec . Key ( "APP_DATA_PATH" ) . MustString ( path . Join ( AppWorkPath , "data" ) )
2022-06-06 20:13:17 +05:30
if ! filepath . IsAbs ( AppDataPath ) {
log . Info ( "The provided APP_DATA_PATH: %s is not absolute - it will be made absolute against the work path: %s" , AppDataPath , AppWorkPath )
AppDataPath = filepath . ToSlash ( filepath . Join ( AppWorkPath , AppDataPath ) )
}
2021-12-01 13:20:01 +05:30
2014-12-31 16:07:29 +05:30
EnableGzip = sec . Key ( "ENABLE_GZIP" ) . MustBool ( )
2017-02-05 18:36:25 +05:30
EnablePprof = sec . Key ( "ENABLE_PPROF" ) . MustBool ( false )
2018-08-08 00:19:18 +05:30
PprofDataPath = sec . Key ( "PPROF_DATA_PATH" ) . MustString ( path . Join ( AppWorkPath , "data/tmp/pprof" ) )
if ! filepath . IsAbs ( PprofDataPath ) {
PprofDataPath = filepath . Join ( AppWorkPath , PprofDataPath )
}
2014-12-31 16:07:29 +05:30
2022-04-05 21:46:01 +05:30
landingPage := sec . Key ( "LANDING_PAGE" ) . MustString ( "home" )
switch landingPage {
2014-11-25 05:17:59 +05:30
case "explore" :
2016-11-27 15:44:25 +05:30
LandingPageURL = LandingPageExplore
2017-11-20 13:18:09 +05:30
case "organizations" :
LandingPageURL = LandingPageOrganizations
2020-01-06 22:20:44 +05:30
case "login" :
LandingPageURL = LandingPageLogin
2022-04-05 21:46:01 +05:30
case "" :
case "home" :
2016-11-27 15:44:25 +05:30
LandingPageURL = LandingPageHome
2022-04-05 21:46:01 +05:30
default :
LandingPageURL = LandingPage ( landingPage )
2014-11-25 05:17:59 +05:30
}
2017-02-14 21:37:37 +05:30
if len ( SSH . Domain ) == 0 {
SSH . Domain = Domain
}
2016-02-28 07:18:39 +05:30
SSH . RootPath = path . Join ( homeDir , ".ssh" )
2017-10-23 20:50:44 +05:30
serverCiphers := sec . Key ( "SSH_SERVER_CIPHERS" ) . Strings ( "," )
if len ( serverCiphers ) > 0 {
SSH . ServerCiphers = serverCiphers
}
2017-11-02 20:56:41 +05:30
serverKeyExchanges := sec . Key ( "SSH_SERVER_KEY_EXCHANGES" ) . Strings ( "," )
if len ( serverKeyExchanges ) > 0 {
SSH . ServerKeyExchanges = serverKeyExchanges
}
serverMACs := sec . Key ( "SSH_SERVER_MACS" ) . Strings ( "," )
if len ( serverMACs ) > 0 {
SSH . ServerMACs = serverMACs
}
2016-02-28 07:18:39 +05:30
SSH . KeyTestPath = os . TempDir ( )
if err = Cfg . Section ( "server" ) . MapTo ( & SSH ) ; err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to map SSH settings: %v" , err )
2016-02-28 07:18:39 +05:30
}
2021-03-08 08:13:59 +05:30
for i , key := range SSH . ServerHostKeys {
if ! filepath . IsAbs ( key ) {
SSH . ServerHostKeys [ i ] = filepath . Join ( AppDataPath , key )
}
}
2016-12-22 23:42:23 +05:30
SSH . KeygenPath = sec . Key ( "SSH_KEYGEN_PATH" ) . MustString ( "ssh-keygen" )
SSH . Port = sec . Key ( "SSH_PORT" ) . MustInt ( 22 )
2017-01-08 08:44:45 +05:30
SSH . ListenPort = sec . Key ( "SSH_LISTEN_PORT" ) . MustInt ( SSH . Port )
2022-08-21 23:50:43 +05:30
SSH . UseProxyProtocol = sec . Key ( "SSH_SERVER_USE_PROXY_PROTOCOL" ) . MustBool ( false )
2016-12-22 23:42:23 +05:30
2016-02-28 07:18:39 +05:30
// When disable SSH, start builtin server value is ignored.
if SSH . Disabled {
SSH . StartBuiltinServer = false
}
2022-07-10 12:20:26 +05:30
SSH . TrustedUserCAKeysFile = sec . Key ( "SSH_TRUSTED_USER_CA_KEYS_FILENAME" ) . MustString ( filepath . Join ( SSH . RootPath , "gitea-trusted-user-ca-keys.pem" ) )
for _ , caKey := range SSH . TrustedUserCAKeys {
2020-10-11 06:08:09 +05:30
pubKey , _ , _ , _ , err := gossh . ParseAuthorizedKey ( [ ] byte ( caKey ) )
if err != nil {
log . Fatal ( "Failed to parse TrustedUserCaKeys: %s %v" , caKey , err )
}
SSH . TrustedUserCAKeysParsed = append ( SSH . TrustedUserCAKeysParsed , pubKey )
}
2022-07-10 12:20:26 +05:30
if len ( SSH . TrustedUserCAKeys ) > 0 {
2020-10-11 06:08:09 +05:30
// Set the default as email,username otherwise we can leave it empty
sec . Key ( "SSH_AUTHORIZED_PRINCIPALS_ALLOW" ) . MustString ( "username,email" )
} else {
sec . Key ( "SSH_AUTHORIZED_PRINCIPALS_ALLOW" ) . MustString ( "off" )
}
SSH . AuthorizedPrincipalsAllow , SSH . AuthorizedPrincipalsEnabled = parseAuthorizedPrincipalsAllow ( sec . Key ( "SSH_AUTHORIZED_PRINCIPALS_ALLOW" ) . Strings ( "," ) )
2020-10-09 12:22:57 +05:30
SSH . MinimumKeySizeCheck = sec . Key ( "MINIMUM_KEY_SIZE_CHECK" ) . MustBool ( SSH . MinimumKeySizeCheck )
2016-02-28 07:18:39 +05:30
minimumKeySizes := Cfg . Section ( "ssh.minimum_key_sizes" ) . Keys ( )
for _ , key := range minimumKeySizes {
if key . MustInt ( ) != - 1 {
SSH . MinimumKeySizes [ strings . ToLower ( key . Name ( ) ) ] = key . MustInt ( )
2020-05-28 18:59:15 +05:30
} else {
delete ( SSH . MinimumKeySizes , strings . ToLower ( key . Name ( ) ) )
2016-02-28 07:18:39 +05:30
}
}
2020-10-11 06:08:09 +05:30
2017-06-28 07:05:35 +05:30
SSH . AuthorizedKeysBackup = sec . Key ( "SSH_AUTHORIZED_KEYS_BACKUP" ) . MustBool ( true )
2018-11-01 19:11:07 +05:30
SSH . CreateAuthorizedKeysFile = sec . Key ( "SSH_CREATE_AUTHORIZED_KEYS_FILE" ) . MustBool ( true )
2020-10-11 06:08:09 +05:30
SSH . AuthorizedPrincipalsBackup = false
SSH . CreateAuthorizedPrincipalsFile = false
if SSH . AuthorizedPrincipalsEnabled {
SSH . AuthorizedPrincipalsBackup = sec . Key ( "SSH_AUTHORIZED_PRINCIPALS_BACKUP" ) . MustBool ( true )
SSH . CreateAuthorizedPrincipalsFile = sec . Key ( "SSH_CREATE_AUTHORIZED_PRINCIPALS_FILE" ) . MustBool ( true )
}
2017-07-15 19:51:51 +05:30
SSH . ExposeAnonymous = sec . Key ( "SSH_EXPOSE_ANONYMOUS" ) . MustBool ( false )
2021-06-15 06:45:12 +05:30
SSH . AuthorizedKeysCommandTemplate = sec . Key ( "SSH_AUTHORIZED_KEYS_COMMAND_TEMPLATE" ) . MustString ( SSH . AuthorizedKeysCommandTemplate )
SSH . AuthorizedKeysCommandTemplateTemplate = template . Must ( template . New ( "" ) . Parse ( SSH . AuthorizedKeysCommandTemplate ) )
2021-06-11 02:55:25 +05:30
SSH . PerWriteTimeout = sec . Key ( "SSH_PER_WRITE_TIMEOUT" ) . MustDuration ( PerWriteTimeout )
SSH . PerWritePerKbTimeout = sec . Key ( "SSH_PER_WRITE_PER_KB_TIMEOUT" ) . MustDuration ( PerWritePerKbTimeout )
2016-02-28 07:18:39 +05:30
2019-03-08 22:12:50 +05:30
if err = Cfg . Section ( "oauth2" ) . MapTo ( & OAuth2 ) ; err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to OAuth2 settings: %v" , err )
2019-03-08 22:12:50 +05:30
return
}
2021-06-18 03:26:46 +05:30
if ! filepath . IsAbs ( OAuth2 . JWTSigningPrivateKeyFile ) {
2021-06-23 20:26:25 +05:30
OAuth2 . JWTSigningPrivateKeyFile = filepath . Join ( AppDataPath , OAuth2 . JWTSigningPrivateKeyFile )
2019-03-08 22:12:50 +05:30
}
2019-08-29 19:35:42 +05:30
sec = Cfg . Section ( "admin" )
Admin . DefaultEmailNotification = sec . Key ( "DEFAULT_EMAIL_NOTIFICATIONS" ) . MustString ( "enabled" )
2014-12-31 16:07:29 +05:30
sec = Cfg . Section ( "security" )
2016-12-23 12:48:05 +05:30
InstallLock = sec . Key ( "INSTALL_LOCK" ) . MustBool ( false )
LogInRememberDays = sec . Key ( "LOGIN_REMEMBER_DAYS" ) . MustInt ( 7 )
CookieUserName = sec . Key ( "COOKIE_USERNAME" ) . MustString ( "gitea_awesome" )
2022-10-01 22:56:33 +05:30
SecretKey = loadSecret ( sec , "SECRET_KEY_URI" , "SECRET_KEY" )
if SecretKey == "" {
// FIXME: https://github.com/go-gitea/gitea/issues/16832
// Until it supports rotating an existing secret key, we shouldn't move users off of the widely used default value
SecretKey = "!#@FDEWREWR&*(" // nolint:gosec
}
2016-12-23 12:48:05 +05:30
CookieRememberName = sec . Key ( "COOKIE_REMEMBER_NAME" ) . MustString ( "gitea_incredible" )
2021-03-16 03:57:28 +05:30
2014-12-31 16:07:29 +05:30
ReverseProxyAuthUser = sec . Key ( "REVERSE_PROXY_AUTHENTICATION_USER" ) . MustString ( "X-WEBAUTH-USER" )
2018-12-18 22:35:48 +05:30
ReverseProxyAuthEmail = sec . Key ( "REVERSE_PROXY_AUTHENTICATION_EMAIL" ) . MustString ( "X-WEBAUTH-EMAIL" )
2022-08-16 12:00:27 +05:30
ReverseProxyAuthFullName = sec . Key ( "REVERSE_PROXY_AUTHENTICATION_FULL_NAME" ) . MustString ( "X-WEBAUTH-FULLNAME" )
2021-03-16 03:57:28 +05:30
ReverseProxyLimit = sec . Key ( "REVERSE_PROXY_LIMIT" ) . MustInt ( 1 )
ReverseProxyTrustedProxies = sec . Key ( "REVERSE_PROXY_TRUSTED_PROXIES" ) . Strings ( "," )
if len ( ReverseProxyTrustedProxies ) == 0 {
ReverseProxyTrustedProxies = [ ] string { "127.0.0.0/8" , "::1/128" }
}
2016-12-24 20:12:11 +05:30
MinPasswordLength = sec . Key ( "MIN_PASSWORD_LENGTH" ) . MustInt ( 6 )
2017-01-23 06:49:50 +05:30
ImportLocalPaths = sec . Key ( "IMPORT_LOCAL_PATHS" ) . MustBool ( false )
2020-10-07 23:54:14 +05:30
DisableGitHooks = sec . Key ( "DISABLE_GIT_HOOKS" ) . MustBool ( true )
2021-02-11 23:04:34 +05:30
DisableWebhooks = sec . Key ( "DISABLE_WEBHOOKS" ) . MustBool ( false )
2019-11-15 04:09:48 +05:30
OnlyAllowPushIfGiteaEnvironmentSet = sec . Key ( "ONLY_ALLOW_PUSH_IF_GITEA_ENVIRONMENT_SET" ) . MustBool ( true )
2021-02-13 22:33:29 +05:30
PasswordHashAlgo = sec . Key ( "PASSWORD_HASH_ALGO" ) . MustString ( "pbkdf2" )
2019-07-12 19:27:31 +05:30
CSRFCookieHTTPOnly = sec . Key ( "CSRF_COOKIE_HTTP_ONLY" ) . MustBool ( true )
2020-09-09 03:36:39 +05:30
PasswordCheckPwn = sec . Key ( "PASSWORD_CHECK_PWN" ) . MustBool ( false )
2021-08-18 00:00:42 +05:30
SuccessfulTokensCacheSize = sec . Key ( "SUCCESSFUL_TOKENS_CACHE_SIZE" ) . MustInt ( 20 )
2019-07-12 19:27:31 +05:30
2022-10-01 22:56:33 +05:30
InternalToken = loadSecret ( sec , "INTERNAL_TOKEN_URI" , "INTERNAL_TOKEN" )
2022-10-28 15:28:32 +05:30
if InstallLock && InternalToken == "" {
// if Gitea has been installed but the InternalToken hasn't been generated (upgrade from an old release), we should generate
// some users do cluster deployment, they still depend on this auto-generating behavior.
generateSaveInternalToken ( )
}
2014-12-31 16:07:29 +05:30
2019-10-14 20:54:26 +05:30
cfgdata := sec . Key ( "PASSWORD_COMPLEXITY" ) . Strings ( "," )
2020-08-22 04:12:23 +05:30
if len ( cfgdata ) == 0 {
cfgdata = [ ] string { "off" }
}
2019-10-16 08:39:58 +05:30
PasswordComplexity = make ( [ ] string , 0 , len ( cfgdata ) )
for _ , name := range cfgdata {
name := strings . ToLower ( strings . Trim ( name , ` " ` ) )
if name != "" {
PasswordComplexity = append ( PasswordComplexity , name )
2019-10-14 20:54:26 +05:30
}
}
2020-08-18 09:53:45 +05:30
newAttachmentService ( )
2020-09-29 14:35:13 +05:30
newLFSService ( )
2014-07-24 00:45:47 +05:30
2019-08-15 20:16:21 +05:30
timeFormatKey := Cfg . Section ( "time" ) . Key ( "FORMAT" ) . MustString ( "" )
if timeFormatKey != "" {
TimeFormat = map [ string ] string {
"ANSIC" : time . ANSIC ,
"UnixDate" : time . UnixDate ,
"RubyDate" : time . RubyDate ,
"RFC822" : time . RFC822 ,
"RFC822Z" : time . RFC822Z ,
"RFC850" : time . RFC850 ,
"RFC1123" : time . RFC1123 ,
"RFC1123Z" : time . RFC1123Z ,
"RFC3339" : time . RFC3339 ,
"RFC3339Nano" : time . RFC3339Nano ,
"Kitchen" : time . Kitchen ,
"Stamp" : time . Stamp ,
"StampMilli" : time . StampMilli ,
"StampMicro" : time . StampMicro ,
"StampNano" : time . StampNano ,
} [ timeFormatKey ]
// When the TimeFormatKey does not exist in the previous map e.g.'2006-01-02 15:04:05'
if len ( TimeFormat ) == 0 {
TimeFormat = timeFormatKey
TestTimeFormat , _ := time . Parse ( TimeFormat , TimeFormat )
if TestTimeFormat . Format ( time . RFC3339 ) != "2006-01-02T15:04:05Z" {
2019-12-09 02:55:00 +05:30
log . Warn ( "Provided TimeFormat: %s does not create a fully specified date and time." , TimeFormat )
log . Warn ( "In order to display dates and times correctly please check your time format has 2006, 01, 02, 15, 04 and 05" )
2019-08-15 20:16:21 +05:30
}
log . Trace ( "Custom TimeFormat: %s" , TimeFormat )
}
}
zone := Cfg . Section ( "time" ) . Key ( "DEFAULT_UI_LOCATION" ) . String ( )
if zone != "" {
DefaultUILocation , err = time . LoadLocation ( zone )
if err != nil {
log . Fatal ( "Load time zone failed: %v" , err )
} else {
log . Info ( "Default UI Location is %v" , zone )
2017-02-04 18:07:50 +05:30
}
2019-08-15 20:16:21 +05:30
}
if DefaultUILocation == nil {
DefaultUILocation = time . Local
2017-02-04 18:07:50 +05:30
}
2014-07-25 02:01:59 +05:30
2016-12-22 23:42:23 +05:30
RunUser = Cfg . Section ( "" ) . Key ( "RUN_USER" ) . MustString ( user . CurrentUsername ( ) )
2021-10-07 14:22:08 +05:30
// The following is a purposefully undocumented option. Please do not run Gitea as root. It will only cause future headaches.
// Please don't use root as a bandaid to "fix" something that is broken, instead the broken thing should instead be fixed properly.
unsafeAllowRunAsRoot := Cfg . Section ( "" ) . Key ( "I_AM_BEING_UNSAFE_RUNNING_AS_ROOT" ) . MustBool ( false )
2020-12-01 01:22:04 +05:30
RunMode = Cfg . Section ( "" ) . Key ( "RUN_MODE" ) . MustString ( "prod" )
2021-10-20 20:07:19 +05:30
IsProd = strings . EqualFold ( RunMode , "prod" )
2014-05-26 05:41:25 +05:30
// Does not check run user when the install lock is off.
2016-08-10 06:11:18 +05:30
if InstallLock {
currentUser , match := IsRunUserMatchCurrentUser ( RunUser )
if ! match {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Expect user '%s' but current user is: %s" , RunUser , currentUser )
2016-08-10 06:11:18 +05:30
}
2014-05-26 05:41:25 +05:30
}
2021-10-07 14:22:08 +05:30
// check if we run as root
if os . Getuid ( ) == 0 {
if ! unsafeAllowRunAsRoot {
// Special thanks to VLC which inspired the wording of this messaging.
log . Fatal ( "Gitea is not supposed to be run as root. Sorry. If you need to use privileged TCP ports please instead use setcap and the `cap_net_bind_service` permission" )
}
log . Critical ( "You are running Gitea using the root user, and have purposely chosen to skip built-in protections around this. You have been warned against this." )
}
2017-10-14 21:21:00 +05:30
SSH . BuiltinServerUser = Cfg . Section ( "server" ) . Key ( "BUILTIN_SSH_SERVER_USER" ) . MustString ( RunUser )
2022-02-08 03:26:45 +05:30
SSH . User = Cfg . Section ( "server" ) . Key ( "SSH_USER" ) . MustString ( SSH . BuiltinServerUser )
2017-10-14 21:21:00 +05:30
2019-03-16 08:42:44 +05:30
newRepository ( )
2016-08-11 18:18:08 +05:30
2020-10-14 18:37:51 +05:30
newPictureService ( )
2014-07-26 09:54:27 +05:30
2022-03-30 14:12:47 +05:30
newPackages ( )
2016-07-23 21:53:54 +05:30
if err = Cfg . Section ( "ui" ) . MapTo ( & UI ) ; err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to map UI settings: %v" , err )
2016-07-23 21:53:54 +05:30
} else if err = Cfg . Section ( "markdown" ) . MapTo ( & Markdown ) ; err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to map Markdown settings: %v" , err )
2017-02-14 17:46:00 +05:30
} else if err = Cfg . Section ( "admin" ) . MapTo ( & Admin ) ; err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Fail to map Admin settings: %v" , err )
2016-08-10 12:28:15 +05:30
} else if err = Cfg . Section ( "api" ) . MapTo ( & API ) ; err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to map API settings: %v" , err )
2018-11-05 08:50:00 +05:30
} else if err = Cfg . Section ( "metrics" ) . MapTo ( & Metrics ) ; err != nil {
2019-04-02 13:18:31 +05:30
log . Fatal ( "Failed to map Metrics settings: %v" , err )
2022-03-29 13:57:37 +05:30
} else if err = Cfg . Section ( "camo" ) . MapTo ( & Camo ) ; err != nil {
log . Fatal ( "Failed to map Camo settings: %v" , err )
}
if Camo . Enabled {
if Camo . ServerURL == "" || Camo . HMACKey == "" {
log . Fatal ( ` Camo settings require "SERVER_URL" and HMAC_KEY ` )
}
2016-08-10 12:17:16 +05:30
}
2019-06-13 02:37:24 +05:30
u := * appURL
u . Path = path . Join ( u . Path , "api" , "swagger" )
API . SwaggerURL = u . String ( )
2019-03-16 08:42:44 +05:30
newGit ( )
2019-02-10 04:14:24 +05:30
2021-09-07 21:19:36 +05:30
newMirror ( )
2014-09-17 09:33:03 +05:30
2014-12-31 16:07:29 +05:30
Langs = Cfg . Section ( "i18n" ) . Key ( "LANGS" ) . Strings ( "," )
2016-12-22 23:42:23 +05:30
if len ( Langs ) == 0 {
2021-12-01 13:20:01 +05:30
Langs = defaultI18nLangs ( )
2016-12-22 23:42:23 +05:30
}
2014-12-31 16:07:29 +05:30
Names = Cfg . Section ( "i18n" ) . Key ( "NAMES" ) . Strings ( "," )
2016-12-22 23:42:23 +05:30
if len ( Names ) == 0 {
2021-12-01 13:20:01 +05:30
Names = defaultI18nNames ( )
2016-12-22 23:42:23 +05:30
}
2014-09-22 05:09:10 +05:30
2016-12-23 12:48:05 +05:30
ShowFooterBranding = Cfg . Section ( "other" ) . Key ( "SHOW_FOOTER_BRANDING" ) . MustBool ( false )
ShowFooterVersion = Cfg . Section ( "other" ) . Key ( "SHOW_FOOTER_VERSION" ) . MustBool ( true )
ShowFooterTemplateLoadTime = Cfg . Section ( "other" ) . Key ( "SHOW_FOOTER_TEMPLATE_LOAD_TIME" ) . MustBool ( true )
2022-10-28 20:47:38 +05:30
EnableSitemap = Cfg . Section ( "other" ) . Key ( "ENABLE_SITEMAP" ) . MustBool ( true )
2015-03-23 19:49:19 +05:30
2017-01-01 08:21:10 +05:30
UI . ShowUserEmail = Cfg . Section ( "ui" ) . Key ( "SHOW_USER_EMAIL" ) . MustBool ( true )
2019-05-08 14:11:35 +05:30
UI . DefaultShowFullName = Cfg . Section ( "ui" ) . Key ( "DEFAULT_SHOW_FULL_NAME" ) . MustBool ( false )
2019-08-25 22:36:36 +05:30
UI . SearchRepoDescription = Cfg . Section ( "ui" ) . Key ( "SEARCH_REPO_DESCRIPTION" ) . MustBool ( true )
2022-02-26 15:44:23 +05:30
UI . UseServiceWorker = Cfg . Section ( "ui" ) . Key ( "USE_SERVICE_WORKER" ) . MustBool ( false )
2022-08-26 00:08:41 +05:30
UI . OnlyShowRelevantRepos = Cfg . Section ( "ui" ) . Key ( "ONLY_SHOW_RELEVANT_REPOS" ) . MustBool ( false )
2017-01-01 08:21:10 +05:30
2020-11-28 08:12:08 +05:30
HasRobotsTxt , err = util . IsFile ( path . Join ( CustomPath , "robots.txt" ) )
if err != nil {
log . Error ( "Unable to check if %s is a file. Error: %v" , path . Join ( CustomPath , "robots.txt" ) , err )
}
2017-11-07 12:03:06 +05:30
2019-03-16 08:42:44 +05:30
newMarkup ( )
2019-02-19 20:09:39 +05:30
2022-10-12 10:48:26 +05:30
UI . ReactionsLookup = make ( container . Set [ string ] )
2019-12-08 03:34:19 +05:30
for _ , reaction := range UI . Reactions {
2022-10-12 10:48:26 +05:30
UI . ReactionsLookup . Add ( reaction )
2019-12-08 03:34:19 +05:30
}
2021-06-29 19:58:38 +05:30
UI . CustomEmojisMap = make ( map [ string ] string )
for _ , emoji := range UI . CustomEmojis {
UI . CustomEmojisMap [ emoji ] = ":" + emoji + ":"
}
2014-05-26 05:41:25 +05:30
}
2020-10-11 06:08:09 +05:30
func parseAuthorizedPrincipalsAllow ( values [ ] string ) ( [ ] string , bool ) {
anything := false
email := false
username := false
for _ , value := range values {
v := strings . ToLower ( strings . TrimSpace ( value ) )
switch v {
case "off" :
return [ ] string { "off" } , false
case "email" :
email = true
case "username" :
username = true
case "anything" :
anything = true
}
}
if anything {
return [ ] string { "anything" } , true
}
authorizedPrincipalsAllow := [ ] string { }
if username {
authorizedPrincipalsAllow = append ( authorizedPrincipalsAllow , "username" )
}
if email {
authorizedPrincipalsAllow = append ( authorizedPrincipalsAllow , "email" )
}
return authorizedPrincipalsAllow , true
}
2022-11-04 02:25:09 +05:30
// loadSecret load the secret from ini by uriKey or verbatimKey, only one of them could be set
// If the secret is loaded from uriKey (file), the file should be non-empty, to guarantee the behavior stable and clear.
2022-10-01 22:56:33 +05:30
func loadSecret ( sec * ini . Section , uriKey , verbatimKey string ) string {
// don't allow setting both URI and verbatim string
uri := sec . Key ( uriKey ) . String ( )
verbatim := sec . Key ( verbatimKey ) . String ( )
if uri != "" && verbatim != "" {
log . Fatal ( "Cannot specify both %s and %s" , uriKey , verbatimKey )
}
// if we have no URI, use verbatim
2021-12-01 13:20:01 +05:30
if uri == "" {
2022-10-01 22:56:33 +05:30
return verbatim
2019-03-14 04:19:43 +05:30
}
2022-10-01 22:56:33 +05:30
2019-03-14 04:19:43 +05:30
tempURI , err := url . Parse ( uri )
if err != nil {
2022-10-01 22:56:33 +05:30
log . Fatal ( "Failed to parse %s (%s): %v" , uriKey , uri , err )
2019-03-14 04:19:43 +05:30
}
switch tempURI . Scheme {
case "file" :
2022-02-08 07:04:37 +05:30
buf , err := os . ReadFile ( tempURI . RequestURI ( ) )
2022-10-01 22:56:33 +05:30
if err != nil {
log . Fatal ( "Failed to read %s (%s): %v" , uriKey , tempURI . RequestURI ( ) , err )
2019-03-14 04:19:43 +05:30
}
2022-11-04 02:25:09 +05:30
val := strings . TrimSpace ( string ( buf ) )
if val == "" {
// The file shouldn't be empty, otherwise we can not know whether the user has ever set the KEY or KEY_URI
// For example: if INTERNAL_TOKEN_URI=file:///empty-file,
// Then if the token is re-generated during installation and saved to INTERNAL_TOKEN
// Then INTERNAL_TOKEN and INTERNAL_TOKEN_URI both exist, that's a fatal error (they shouldn't)
log . Fatal ( "Failed to read %s (%s): the file is empty" , uriKey , tempURI . RequestURI ( ) )
}
return val
2022-10-01 22:56:33 +05:30
// only file URIs are allowed
2019-03-14 04:19:43 +05:30
default :
2019-04-02 13:18:31 +05:30
log . Fatal ( "Unsupported URI-Scheme %q (INTERNAL_TOKEN_URI = %q)" , tempURI . Scheme , uri )
2022-10-01 22:56:33 +05:30
return ""
2019-03-14 04:19:43 +05:30
}
}
2022-10-28 15:28:32 +05:30
// generateSaveInternalToken generates and saves the internal token to app.ini
func generateSaveInternalToken ( ) {
token , err := generate . NewInternalToken ( )
if err != nil {
log . Fatal ( "Error generate internal token: %v" , err )
}
InternalToken = token
CreateOrAppendToCustomConf ( "security.INTERNAL_TOKEN" , func ( cfg * ini . File ) {
cfg . Section ( "security" ) . Key ( "INTERNAL_TOKEN" ) . SetValue ( token )
} )
}
2020-12-24 00:39:54 +05:30
// MakeAbsoluteAssetURL returns the absolute asset url prefix without a trailing slash
2021-12-20 10:11:31 +05:30
func MakeAbsoluteAssetURL ( appURL , staticURLPrefix string ) string {
2020-12-24 00:39:54 +05:30
parsedPrefix , err := url . Parse ( strings . TrimSuffix ( staticURLPrefix , "/" ) )
if err != nil {
log . Fatal ( "Unable to parse STATIC_URL_PREFIX: %v" , err )
}
if err == nil && parsedPrefix . Hostname ( ) == "" {
if staticURLPrefix == "" {
return strings . TrimSuffix ( appURL , "/" )
}
// StaticURLPrefix is just a path
2021-02-28 17:59:22 +05:30
return util . URLJoin ( appURL , strings . TrimSuffix ( staticURLPrefix , "/" ) )
2020-12-24 00:39:54 +05:30
}
return strings . TrimSuffix ( staticURLPrefix , "/" )
}
// MakeManifestData generates web app manifest JSON
2021-12-20 10:11:31 +05:30
func MakeManifestData ( appName , appURL , absoluteAssetURL string ) [ ] byte {
2020-12-24 00:39:54 +05:30
type manifestIcon struct {
Src string ` json:"src" `
Type string ` json:"type" `
Sizes string ` json:"sizes" `
}
type manifestJSON struct {
Name string ` json:"name" `
ShortName string ` json:"short_name" `
StartURL string ` json:"start_url" `
Icons [ ] manifestIcon ` json:"icons" `
}
bytes , err := json . Marshal ( & manifestJSON {
Name : appName ,
ShortName : appName ,
StartURL : appURL ,
Icons : [ ] manifestIcon {
{
2021-04-28 18:05:06 +05:30
Src : absoluteAssetURL + "/assets/img/logo.png" ,
2020-12-24 00:39:54 +05:30
Type : "image/png" ,
Sizes : "512x512" ,
} ,
{
2021-04-28 18:05:06 +05:30
Src : absoluteAssetURL + "/assets/img/logo.svg" ,
2021-01-02 00:34:35 +05:30
Type : "image/svg+xml" ,
Sizes : "512x512" ,
2020-12-24 00:39:54 +05:30
} ,
} ,
} )
if err != nil {
log . Error ( "unable to marshal manifest JSON. Error: %v" , err )
return make ( [ ] byte , 0 )
}
2020-12-22 16:43:50 +05:30
2020-12-24 00:39:54 +05:30
return bytes
2020-12-22 16:43:50 +05:30
}
2021-05-30 00:14:14 +05:30
// CreateOrAppendToCustomConf creates or updates the custom config.
// Use the callback to set individual values.
2022-10-01 22:56:33 +05:30
func CreateOrAppendToCustomConf ( purpose string , callback func ( cfg * ini . File ) ) {
if CustomConf == "" {
log . Error ( "Custom config path must not be empty" )
return
}
2021-05-30 00:14:14 +05:30
cfg := ini . Empty ( )
isFile , err := util . IsFile ( CustomConf )
if err != nil {
log . Error ( "Unable to check if %s is a file. Error: %v" , CustomConf , err )
}
if isFile {
if err := cfg . Append ( CustomConf ) ; err != nil {
log . Error ( "failed to load custom conf %s: %v" , CustomConf , err )
return
}
}
callback ( cfg )
if err := os . MkdirAll ( filepath . Dir ( CustomConf ) , os . ModePerm ) ; err != nil {
log . Fatal ( "failed to create '%s': %v" , CustomConf , err )
return
}
if err := cfg . SaveTo ( CustomConf ) ; err != nil {
log . Fatal ( "error saving to custom config: %v" , err )
}
2022-10-01 22:56:33 +05:30
log . Info ( "Settings for %s saved to: %q" , purpose , CustomConf )
2021-06-27 15:37:36 +05:30
// Change permissions to be more restrictive
fi , err := os . Stat ( CustomConf )
if err != nil {
log . Error ( "Failed to determine current conf file permissions: %v" , err )
return
}
if fi . Mode ( ) . Perm ( ) > 0 o600 {
if err = os . Chmod ( CustomConf , 0 o600 ) ; err != nil {
log . Warn ( "Failed changing conf file permissions to -rw-------. Consider changing them manually." )
}
}
2021-05-30 00:14:14 +05:30
}
2016-11-27 15:44:25 +05:30
// NewServices initializes the services
2014-05-26 05:41:25 +05:30
func NewServices ( ) {
2019-08-24 14:54:45 +05:30
InitDBConfig ( )
2014-04-10 23:50:58 +05:30
newService ( )
2021-04-14 17:32:12 +05:30
newOAuth2Client ( )
2019-04-07 05:55:14 +05:30
NewLogServices ( false )
2014-04-10 23:50:58 +05:30
newCacheService ( )
newSessionService ( )
2019-05-13 21:08:53 +05:30
newCORSService ( )
2014-04-10 23:50:58 +05:30
newMailService ( )
newRegisterMailService ( )
newNotifyMailService ( )
2021-08-18 18:40:39 +05:30
newProxyService ( )
2014-06-08 14:15:34 +05:30
newWebhookService ( )
2019-11-16 14:00:06 +05:30
newMigrationsService ( )
2019-02-19 20:09:39 +05:30
newIndexerService ( )
2019-10-13 18:53:14 +05:30
newTaskService ( )
2020-01-07 16:53:09 +05:30
NewQueueService ( )
2020-08-17 08:37:38 +05:30
newProject ( )
2021-05-11 02:08:08 +05:30
newMimeTypeMap ( )
2021-09-28 05:08:06 +05:30
newFederationService ( )
2014-04-10 23:50:58 +05:30
}
2021-06-17 05:02:57 +05:30
// NewServicesForInstall initializes the services for install
func NewServicesForInstall ( ) {
newService ( )
newMailService ( )
}