diff --git a/docker/conf/gitea/conf.ini.tpl b/docker/conf/gitea/conf.ini.tpl index 10ab711..0c0da9b 100644 --- a/docker/conf/gitea/conf.ini.tpl +++ b/docker/conf/gitea/conf.ini.tpl @@ -19,7 +19,7 @@ TEMP_PATH = /data/gitea/uploads ; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android THEME_COLOR_META_TAG = `#192a56` ; Max size of files to be displayed (defaults is 8MiB) -MAX_DISPLAY_FILE_SIZE = 8388608 +MAX_DISPLAY_FILE_SIZE = 1000000 ; Whether show the user email in the Explore Users page SHOW_USER_EMAIL = false @@ -139,50 +139,33 @@ DISABLE_GIT_HOOKS = true SECRET_KEY = ${secret_key} INTERNAL_TOKEN = ${internal_token} -; [service] -; ; Time limit to confirm account/email registration -; ACTIVE_CODE_LIVE_MINUTES = 180 -; ; Time limit to confirm forgot password reset process -; RESET_PASSWD_CODE_LIVE_MINUTES = 180 -; ; User need to confirm e-mail for registration -; REGISTER_EMAIL_CONFIRM = false -; ; Does not allow register and admin create account only -; DISABLE_REGISTRATION = false -; ; User must sign in to view anything. -; REQUIRE_SIGNIN_VIEW = false -; ; Mail notification -; ENABLE_NOTIFY_MAIL = false +[service] ; ; More detail: https://github.com/gogits/gogs/issues/165 ; ENABLE_REVERSE_PROXY_AUTHENTICATION = false ; ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false + +; ; Time limit to confirm account/email registration +ACTIVE_CODE_LIVE_MINUTES = 15 +; ; Time limit to confirm forgot password reset process +RESET_PASSWD_CODE_LIVE_MINUTES = 30 +REGISTER_EMAIL_CONFIRM = true +ENABLE_NOTIFY_MAIL = true +DISABLE_REGISTRATION = false ; ; Enable captcha validation for registration -; ENABLE_CAPTCHA = true +ENABLE_CAPTCHA = true +; ; User must sign in to view anything. +REQUIRE_SIGNIN_VIEW = false ; ; Default value for KeepEmailPrivate ; ; New user will get the value of this setting copied into their profile -; DEFAULT_KEEP_EMAIL_PRIVATE = false +DEFAULT_KEEP_EMAIL_PRIVATE = false ; ; Default value for AllowCreateOrganization ; ; New user will have rights set to create organizations depending on this setting -; DEFAULT_ALLOW_CREATE_ORGANIZATION = true -; ; Default value for EnableTimetracking -; ; Repositories will use timetracking by default depending on this setting -; DEFAULT_ENABLE_TIMETRACKING = true -; ; Default value for AllowOnlyContributorsToTrackTime -; ; Only users with write permissions could track time if this is true -; DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true +DEFAULT_ALLOW_CREATE_ORGANIZATION = true +DEFAULT_ENABLE_TIMETRACKING = false +DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true ; ; Default value for the domain part of the user's email address in the git log ; ; if he has set KeepEmailPrivate true. The user's email replaced with a ; ; concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS. -; NO_REPLY_ADDRESS = noreply.example.org - -[service] -REGISTER_EMAIL_CONFIRM = false -ENABLE_NOTIFY_MAIL = false -DISABLE_REGISTRATION = false -ENABLE_CAPTCHA = false -REQUIRE_SIGNIN_VIEW = false -DEFAULT_KEEP_EMAIL_PRIVATE = false -DEFAULT_ALLOW_CREATE_ORGANIZATION = true -DEFAULT_ENABLE_TIMETRACKING = true NO_REPLY_ADDRESS = noreply.example.org ENABLE_REVERSE_PROXY_AUTHENTICATION = false ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false @@ -198,7 +181,7 @@ ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false ; PAGING_NUM = 10 [mailer] -ENABLED = false +ENABLED = true ; ; Buffer length of channel, keep it as it is if you don't know what it is. ; SEND_BUFFER_LEN = 100 ; ; Name displayed in mail title @@ -207,7 +190,7 @@ ENABLED = false ; ; Gmail: smtp.gmail.com:587 ; ; QQ: smtp.qq.com:465 ; ; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used. -; HOST = +HOST = smtp.migadu.com:587 ; ; Disable HELO operation when hostname are different. ; DISABLE_HELO = ; ; Custom hostname for HELO operation, default is from system. @@ -219,12 +202,12 @@ ENABLED = false ; CERT_FILE = custom/mailer/cert.pem ; KEY_FILE = custom/mailer/key.pem ; ; Mail from address, RFC 5322. This can be just an email address, or the `"Name" ` format -; FROM = +FROM = git@captnemo.in ; ; Mailer user name and password -; USER = -; PASSWD = +USER = git@captnemo.in +PASSWD = ${smtp_password} ; ; Send mails as plain text -; SEND_AS_PLAIN_TEXT = false +SEND_AS_PLAIN_TEXT = true ; ; Enable sendmail (override SMTP) ; USE_SENDMAIL = false ; ; Specify an alternative sendmail binary @@ -245,7 +228,7 @@ ENABLED = false ; ; Setting it to 0 disables caching ; ITEM_TTL = 16h -; [session] +[session] ; ; Either "memory", "file", or "redis", default is "memory" ; PROVIDER = memory ; ; Provider config options @@ -255,15 +238,15 @@ ENABLED = false ; ; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table` ; PROVIDER_CONFIG = data/sessions ; ; Session cookie name -; COOKIE_NAME = i_like_gitea +COOKIE_NAME = i_like_gitea ; ; If you use session in https only, default is false -; COOKIE_SECURE = false +COOKIE_SECURE = true ; ; Enable set cookie, default is true -; ENABLE_SET_COOKIE = true +ENABLE_SET_COOKIE = true ; ; Session GC time interval in seconds, default is 86400 (1 day) ; GC_INTERVAL_TIME = 86400 ; ; Session life time in seconds, default is 86400 (1 day) -; SESSION_LIFE_TIME = 86400 +SESSION_LIFE_TIME = 2592000 ; [picture] ; AVATAR_UPLOAD_PATH = data/avatars @@ -283,7 +266,7 @@ ENABLED = false ; ; Path for attachments. Defaults to `data/attachments` ; PATH = data/attachments ; ; One or more allowed types, e.g. image/jpeg|image/png -; ALLOWED_TYPES = image/jpeg|image/png|application/zip|application/gzip +ALLOWED_TYPES = image/jpeg|image/png|application/zip|application/gzip|application/pdf|text/csv ; ; Max size of each file. Defaults to 32MB ; MAX_SIZE = 4 ; ; Max number of files per upload. Defaults to 10 @@ -303,7 +286,7 @@ ENABLED = false ; ; Buffer length of channel, keep it as it is if you don't know what it is. ; BUFFER_LEN = 10000 ; ; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace" -; LEVEL = Trace +LEVEL = Info ; ; For "console" mode only ; [log.console] @@ -356,15 +339,15 @@ ENABLED = false ; ; Based on xorm, e.g.: root:root@localhost/gitea?charset=utf8 ; CONN = -; [cron] -; ; Enable running cron tasks periodically. -; ENABLED = true +[cron] +; Enable running cron tasks periodically. +ENABLED = true ; ; Run cron tasks when Gitea starts. -; RUN_AT_START = false +RUN_AT_START = false ; ; Update mirrors -; [cron.update_mirrors] -; SCHEDULE = @every 10m +[cron.update_mirrors] +SCHEDULE = @every 3h ; ; Repository health check ; [cron.repo_health_check] @@ -466,7 +449,7 @@ MAX_RESPONSE_ITEMS = 100 [other] SHOW_FOOTER_BRANDING = false ; Show version information about Gitea and Go in the footer -SHOW_FOOTER_VERSION = false +SHOW_FOOTER_VERSION = true ; Show time of template execution in the footer SHOW_FOOTER_TEMPLATE_LOAD_TIME = false diff --git a/docker/conf/traefik.toml b/docker/conf/traefik.toml index a016f92..a89a0ac 100644 --- a/docker/conf/traefik.toml +++ b/docker/conf/traefik.toml @@ -28,6 +28,7 @@ defaultEntryPoints = ["http", "https"] # This is currently not exposed # Since I can't apply a authentication # on this yet + [backends.elibsrv] [backends.elibsrv.servers.default] url = "http://elibsrv.captnemo.in:90" @@ -65,7 +66,7 @@ email = "acme@captnemo.in" storage = "/acme/acme.json" entryPoint = "https" dnsProvider = "cloudflare" -onHostRule = true +onHostRule = false onDemand = false acmelogging = true @@ -104,6 +105,5 @@ sans = [ "tatooine.bb8.fun", "traefik.bb8.fun", "transmission.bb8.fun", - # "transmission.in.bb8.fun", "wiki.bb8.fun" ] diff --git a/docker/data.tf b/docker/data.tf index 9834faf..f8d0500 100644 --- a/docker/data.tf +++ b/docker/data.tf @@ -28,7 +28,7 @@ data "docker_registry_image" "traefik" { # https://github.com/go-gitea/gitea/releases data "docker_registry_image" "gitea" { - name = "gitea/gitea:1.3.2" + name = "gitea/gitea:1.4" } data "docker_registry_image" "sickrage" { diff --git a/docker/gitea.tf b/docker/gitea.tf index 21779e4..e1df694 100644 --- a/docker/gitea.tf +++ b/docker/gitea.tf @@ -12,7 +12,6 @@ resource docker_container "gitea" { "traefik.frontend.headers.SSLTemporaryRedirect" = "true" "traefik.frontend.headers.STSIncludeSubdomains" = "false" "traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}" - "traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}" } ports { @@ -52,17 +51,19 @@ resource docker_container "gitea" { content = "${file("${path.module}/conf/humans.txt")}" file = "/data/gitea/public/humans.txt" } + # Extra Links in header - # TODO: Doesn't work upload { content = "${file("${path.module}/conf/gitea/extra_links.tmpl")}" file = "/data/gitea/templates/custom/extra_links.tmpl" } + # This is the main configuration file upload { content = "${data.template_file.gitea-config-file.rendered}" file = "/data/gitea/conf/app.ini" } + memory = 256 restart = "unless-stopped" destroy_grace_seconds = 10 @@ -75,5 +76,6 @@ data "template_file" "gitea-config-file" { vars { secret_key = "${var.gitea-secret-key}" internal_token = "${var.gitea-internal-token}" + smtp_password = "${var.gitea-smtp-password}" } } diff --git a/docker/variables.tf b/docker/variables.tf index 5ab0cd9..f6dbf5f 100644 --- a/docker/variables.tf +++ b/docker/variables.tf @@ -56,3 +56,4 @@ variable "ips" { variable "gitea-secret-key" {} variable "gitea-internal-token" {} +variable "gitea-smtp-password" {} diff --git a/main.tf b/main.tf index 318b7a7..da7a452 100644 --- a/main.tf +++ b/main.tf @@ -25,6 +25,7 @@ module "docker" { domain = "bb8.fun" gitea-secret-key = "${var.gitea-secret-key}" gitea-internal-token = "${var.gitea-internal-token}" + gitea-smtp-password = "${var.gitea-smtp-password}" } module "radicale" { diff --git a/variables.tf b/variables.tf index 7def103..996621f 100644 --- a/variables.tf +++ b/variables.tf @@ -43,3 +43,4 @@ variable "gf-security-admin-password" { variable "gitea-secret-key" {} variable "gitea-internal-token" {} +variable "gitea-smtp-password" {}