Commit graph

1,112 commits

Author SHA1 Message Date
zeripath
fcb535c5c3
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.

## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
    - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
    - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
    - [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
    - app.ini configuration done
    - [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation

I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 14:42:42 +01:00
8ctopus
8f0e63c80a Doc added how to setup email (#8520) 2019-10-16 12:34:20 +01:00
guillep2k
31655aabfc Fix password complexity regex for special characters (on master) (#8525)
* Fix extra space

* Fix regular expression

* Fix error template name

* Simplify check code, fix default values, add test

* Fix router tests

* Fix fmt

* Fix setting and lint

* Move cleaning up code to test, improve comments

* Tidy up variable declaration
2019-10-16 11:09:58 +08:00
zeripath
167e8f18da
Restore Graceful Restarting & Socket Activation (#7274)
* Prevent deadlock in indexer initialisation during graceful restart

* Move from gracehttp to our own service to add graceful ssh

* Add timeout for start of indexers and make hammer time configurable

* Fix issue with re-initialization in indexer during tests

* move the code to detect use of closed to graceful

* Handle logs gracefully - add a pid suffix just before restart

* Move to using a cond and a holder for indexers

* use time.Since

* Add some comments and attribution

* update modules.txt

* Use zero to disable timeout

* Move RestartProcess to its own file

* Add cleanup routine
2019-10-15 14:39:51 +01:00
6543
d7d348ea86 [UI] Pull Request Download diff Button (#8470)
* Add Diff Download to Compare List

* Add&Change Text for Diff Options

* move button to seperate template

* add drop down menue with options

* Update: Compare

update Gogs, BitBucket, RhodeCode and remove gitea issue link

Co-Authored-By: Lauris BH <lauris@nix.lv>

* remove last things from TESTing
2019-10-15 13:44:36 +03:00
Benson Muite
ebe8ff782f Update config-cheat-sheet.en-us.md (#8497)
* Update config-cheat-sheet.en-us.md

Add more information on configuring URI hyperlink rendering for Markdown.

* Update config-cheat-sheet.en-us.md

Update description as suggested by @guillep2k

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
2019-10-15 03:39:55 +01:00
Lunny Xiao
0be992a1e2 Make static resouces web browser cache time customized on app.ini (#8442)
* make static resouces web browser cache time customized on app.ini

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: zeripath <art27@cantab.net>

* Update custom/conf/app.ini.sample

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>

* fix docs
2019-10-14 23:05:57 +01:00
Maxim Tkachenko
db657192d0 Password Complexity Checks (#6230)
Add password complexity checks. The default settings require a lowercase, uppercase, number and a special character within passwords.

Co-Authored-By: T-M-A <maxim.tkachenko@gmail.com>
Co-Authored-By: Lanre Adelowo <adelowomailbox@gmail.com>
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-10-14 16:24:26 +01:00
Lunny Xiao
e3e44a59d0 Update migrated repositories' issues/comments/prs poster id if user has a github external user saved (#7751)
* update migrated issues/comments when login as github

* add get userid when migrating or login with github oauth2

* fix lint

* add migrations for repository service type

* fix build

* remove unnecessary dependencies on migrations

* add cron task to update migrations poster ids and fix posterid when migrating

* fix lint

* fix lint

* improve code

* fix lint

* improve code

* replace releases publish id to actual author id

* fix import

* fix bug

* fix lint

* fix rawdata definition

* fix some bugs

* fix error message
2019-10-14 09:10:42 +03:00
Benson Muite
6e3f51098b Update seek-help.zh-cn.md (#8488)
Update link to Mandarin help forum
2019-10-13 22:36:09 +01:00
Benson Muite
ba716705b5 Update seek-help.en-us.md (#8487)
Update link to Mandarin help
2019-10-13 21:07:30 +01:00
Lunny Xiao
f2a3abc683
Move migrating repository from frontend to backend (#6200)
* move migrating to backend

* add loading image when migrating and fix tests

* fix format

* fix lint

* add redis task queue support and improve docs

* add redis vendor

* fix vet

* add database migrations and fix app.ini sample

* add comments for task section on app.ini.sample

* Update models/migrations/v84.go

Co-Authored-By: lunny <xiaolunwen@gmail.com>

* Update models/repo.go

Co-Authored-By: lunny <xiaolunwen@gmail.com>

* move migrating to backend

* add loading image when migrating and fix tests

* fix fmt

* add redis task queue support and improve docs

* fix fixtures

* fix fixtures

* fix duplicate function on index.js

* fix tests

* rename repository statuses

* check if repository is being create when SSH request

* fix lint

* fix template

* some improvements

* fix template

* unified migrate options

* fix lint

* fix loading page

* refactor

* When gitea restart, don't restart the running tasks because we may have servel gitea instances, that may break the migration

* fix js

* Update models/repo.go

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* fix tests

* rename ErrTaskIsNotExist to ErrTaskDoesNotExist

* delete release after add one on tests to make it run happy

* fix tests

* fix tests

* improve codes

* fix lint

* fix lint

* fix migrations
2019-10-13 21:23:14 +08:00
pseudocoder
eac5a8be75 DOCS: add mention of swagger api reference (#8452)
It's(swagger api link) mentioned vaguely in the FAQ but IMHO missing from API usage page.
2019-10-10 08:42:01 -04:00
8ctopus
628f9da0de Doc recommend to use reverse proxy if Apache/nginx is also running on… (#8384)
* Doc recommend to use reverse proxy if Apache/nginx is also running on server

* Update docs/content/doc/usage/https-support.md

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>
2019-10-10 00:11:25 +01:00
8ctopus
e270896a83 Doc updated list of supported webhooks and added example (#8388)
* Doc updated list of supported webhooks and added example

* Replaced webhook password verification by signature verification
2019-10-09 23:33:03 +01:00
8ctopus
93e2ce699b Doc added instructions for Git LFS support (#8391) 2019-10-06 12:38:09 +08:00
8ctopus
8a828500e6 Doc config file should not be readable by others as it contains sensitive info (#8385) 2019-10-05 17:16:30 +03:00
Km
de8a0a3938 Add buildbot CI (#8378)
Buildbot can work with Gitea
2019-10-04 19:30:05 +02:00
8ctopus
6ea77523bb Cleanup https support code snippet (#8370) 2019-10-04 08:54:05 +08:00
helix84
cd1c960a2a typo fix (#8345) 2019-10-02 02:25:32 +03:00
David Svantesson
223b9d9a64 Add 'make revive' to instructions for checking code (#8314)
* Add 'make revive' to instructions for checking code

This is performed on drone, hacking instructions should contain the same to avoid unnecessary PR builds.

* lint is deprecated. Denote revive +vet as code analysis in continuous text.
2019-09-29 23:36:52 +03:00
Bill Wenrich
41dcdbf500 [docs] Docker build - ZeroMQ dependency for Jupyter (#8262)
* doc py3-zmq - ZeroMQ bindings for jupyter

#7970 https://github.com/go-gitea/gitea/issues/7970

* rebase Dockerfile to 1.9.x for jupyter

* [docs] external-renderers.en-us.md - use templated variable for version

Co-Authored-By: techknowlogick <matti@mdranta.net>
2019-09-26 09:04:53 +02:00
David Svantesson
b19db40eab Update hacking-on-gitea.en-us.md (#8275)
Fix spelling of misspell in command to validate swagger.
2019-09-24 14:29:11 -04:00
John Olheiser
73f7e82024 Remove unnecessary backslash (#8249) 2019-09-20 13:06:17 -04:00
Lunny Xiao
3c0e6d1126 update cache item_ttl docs (#8222) 2019-09-18 10:50:45 +03:00
Mikaela Suomalainen
0f08855785 faq: mention EMAIL_DOMAIN_WHITELIST on allowing email domains (#8198)
* faq: mention EMAIL_DOMAIN_WHITELIST on allowing email domains

Signed-off-by: Mikaela Suomalainen <mikaela+git@mikaela.info>

* faq: separate openid from allow/block email domain

Signed-off-by: Mikaela Suomalainen <mikaela+git@mikaela.info>

* faq: update ToC

Signed-off-by: Mikaela Suomalainen <mikaela+git@mikaela.info>

* Update docs/content/doc/help/faq.en-us.md

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>

* Update docs/content/doc/help/faq.en-us.md

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>
2019-09-17 14:24:39 +08:00
W Anders
8b54b58bc5 Include git-hook regeneration in restore documentation (#8181)
* Added admin cmd ref to backup-restore guide

* Clarified reason for command execution

* Include directive for where command should be executed from

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Be direct in consequences

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
2019-09-15 10:37:09 +08:00
guillep2k
1ad6d7d32f Git min requirements (#8177)
* Add minimum git requirements.

* Added comments about git lfs and commit-graph

* Fix capitalization
2019-09-14 09:24:26 +03:00
techknowlogick
cff0787759
update docs to latest version (#8164) 2019-09-12 13:23:39 -04:00
Johan Van de Wauw
336cb24bfd Fix downloads url (#8153)
The link without slash is not working
2019-09-11 17:10:49 -04:00
guillep2k
72f6d5c882 Restrict repository indexing by glob match (#7767)
* Restrict repository indexing by file extension

* Use REPO_EXTENSIONS_LIST_INCLUDE instead of REPO_EXTENSIONS_LIST_EXCLUDE and have a more flexible extension pattern

* Corrected to pass lint gosimple

* Add wildcard support to REPO_INDEXER_EXTENSIONS

* This reverts commit 72a650c8e42f4abf59d5df7cd5dc27b451494cc6.

* Add wildcard support to REPO_INDEXER_EXTENSIONS (no make vendor)

* Simplify isIndexable() for better clarity

* Add gobwas/glob to vendors

* manually set appengine new release

* Implement better REPO_INDEXER_INCLUDE and REPO_INDEXER_EXCLUDE

* Add unit and integration tests

* Update app.ini.sample and reword config-cheat-sheet

* Add doc page and correct app.ini.sample

* Some polish on the doc

* Simplify code as suggested by @lafriks
2019-09-11 20:26:28 +03:00
techknowlogick
3fd0eec900
Update third-party-tools.en-us.md (#8148) 2019-09-11 00:16:11 -04:00
Feodor Fitsner
79c8bc0e51 Added AppVeyor to the list of CI/CD working with Gitea (#8104) 2019-09-05 22:48:35 +02:00
nu_no
5fcef38f7f Fix broken link (#8091) 2019-09-05 00:31:43 +02:00
Km
18896d8df1 Propose some references about ci/cd solutions compatibles with gitea (#7996)
* Propose some references about ci/cd solutions compatibles with gitea

* No note about theirs integration level, only a starting point.

* Update docs/content/doc/advanced/ci-cd.en-us.md

Improve text

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Improve link to CI solutions

Update docs/content/doc/advanced/ci-cd.en-us.md

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Update docs/content/doc/advanced/ci-cd.en-us.md

Typo in name :/

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>

* Remove redundant empty line

* Invite user to consult new CI/CD page

* Link target CI tools

* Jenkins and its plugin

* Update docs/content/doc/advanced/third-party-tools.en-us.md

Simplify link CI/CD

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>

* Update docs/content/doc/advanced/ci-cd.en-us.md

Typo

Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>

* Provide gitea documentation about drone usage

    Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com>

* Update docs/content/doc/advanced/ci-cd.en-us.md

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Apply suggestions from code review

Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-08-29 17:30:12 -04:00
Gary Kim
f1c414882c Add Ability for User to Customize Email Notification Frequency (#7813)
* Add Backend Logic for Toggling Email Notification

This commit adds the backend logic for
allowing users to enable or disable email
notifications. The implementation ensures
that only issue notification emails get disabled
and important emails are still sent regardless
of the setting.

The UI to toggle this setting has not yet been
implemented.

* Add UI and complete user email notification enable

This commit completes the functionality to allow
users to disable their own email notifications.

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add Third Option for Only Email on Mention

Signed-off-by: Gary Kim <gary@garykim.dev>

* Readd NOT NULL to new preference string

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add Tests and Rewrite Comment

Signed-off-by: Gary Kim <gary@garykim.dev>

* Allow admin to set default email frequency

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add new config option to docs

Signed-off-by: Gary Kim <gary@garykim.dev>

* Fix a few mistakes

Signed-off-by: Gary Kim <gary@garykim.dev>

* Only update required columns

Signed-off-by: Gary Kim <gary@garykim.dev>

* Simplify an error check

Signed-off-by: Gary Kim <gary@garykim.dev>

* Make email_notification_preference column in DB be VARCHAR(20)

Signed-off-by: Gary Kim <gary@garykim.dev>

* Handle errors

Signed-off-by: Gary Kim <gary@garykim.dev>

* Update models/migrations/v93.go

Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-08-29 17:05:42 +03:00
David Svantesson
c9546d4cdd Include description in repository search. (#7942)
* Add description in repository search.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Refactor SearchRepositoryByName with a general function SearchRepository

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Allow to specify if description shall be included in API repo search.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add new app.ini setting for whether to search within repo description.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Search keyword in description (if setting enabled) on:
 - Explore page
 - Organization profile page
 - User profile page
 - Admin repo page

Do not search keyword in description on:
 - Any non-keyword search (not relevant)
 - Incremental search (uses API)

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Put parameters related to keyword directly after it

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add test cases for including (and not including) repository description in search.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Rename test function from TestSearchRepositoryByName to TestSearchRepository.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Make setting SEARCH_REPO_DESCRIPTION default to true

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
2019-08-25 20:06:36 +03:00
guillep2k
e3115cc019 Add support for DEFAULT_ORG_MEMBER_VISIBLE (#7669)
* Add support for DEFAULT_ORG_MEMBER_VISIBLE

* Correct formatting

* Improved description in cheat sheet.

* Add test for DefaultOrgMemberVisible

* Remove dead code
2019-08-24 15:28:59 +03:00
Lunny Xiao
f83db078f0 Move database settings from models to setting (#7806)
* move database settings from models to setting

* update docs

* fix checkout pr

* fix tests

* fix lint

* remove unsupported tidb options

* correct wrong variable name

* remove tidb totally
2019-08-24 11:24:45 +02:00
leigh capili
70d2244e49 Support SSH_LISTEN_PORT env var in docker app.ini template (#7829)
Signed-off-by: leigh capili <leigh@null.net>
2019-08-24 01:44:24 +02:00
John Olheiser
4ea9a377db Add config option and shortcode for Gitea version (#7940)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-08-23 09:55:06 +08:00
Lunny Xiao
85202d4784
Display ui time with customize time location (#7792)
* display ui time with customize time location

* fix lint

* rename UILocation to DefaultUILocation

* move time related functions to modules/timeutil

* fix tests

* fix tests

* fix build

* fix swagger
2019-08-15 22:46:21 +08:00
Antoine GIRARD
46d6b92ad0 Import topics during migration (#7851)
* add GetTopics interface

* CreateTopics

* remove un-needed comment
2019-08-14 14:16:12 +08:00
Antoine GIRARD
9692ebcc54 add details for db socket listening (#7830) 2019-08-12 17:52:11 -04:00
Mason
c534b7e211 Add SSH_LISTEN_HOST to the config cheatsheet (#7793)
This was missing before, and this commit adds it with the correct
default value and description
2019-08-08 18:40:31 +03:00
guillep2k
3b97b9efbf Correct formatting of bullet list (#7794) 2019-08-08 07:47:57 +03:00
mrsdizzie
700cd346fa Fix regression in reverse proxy documentation (#7634)
From Apache: AllowEncodedSlashes not allowed in <Proxy> context

Move this out of <Proxy> block

Fixes #7632
2019-07-26 18:09:12 -04:00
Gary Kim
cc384d767e Specify using AllowEncodedSlashes and nocanon for httpd (#7540)
When using wiki page names that include a slash
behind a Apache HTTPD reverse proxy,
AllowEncodedSlashes NoDecode
and appending nocanon to the ProxyPass
directive is required. This commit adds that
information to the documentation.

Signed-off-by: Gary Kim <gary@garykim.dev>
2019-07-20 21:44:53 +03:00
6543
97078d1bdf Add Issue link to feature compare "reject unsigned" (#7465)
* add issue "Reject unsigned commits" #7455 to docu

* change issue to orig one
2019-07-14 21:58:58 +08:00
Tamal Saha
2102f9d92d Support setting cookie domain (#6288)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-07-12 09:57:31 -04:00