Commit graph

1085 commits

Author SHA1 Message Date
Giteabot
c1efe5b104
add mfa doc (#26654) (#26674)
Backport #26654 by @lunny

copy and modified from #14572

> Whilst debating enforcing MFA within our team, I realised there isn't
a lot of context to the side effects of enabling it. Most of us use Git
over HTTP and would need to add a token.

I plan to add another PR that adds a sentence to the UI about needing to
generate a token when enabling MFA if HTTP is to be used.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 2f4de240c1)
2023-09-08 08:07:19 +02:00
Giteabot
4e6b43e4bc
Update upgrade documentation to add a check for deprecated configurations (#26451) (#26452)
Backport #26451 by @lunny

fix
https://github.com/go-gitea/gitea/issues/25995#issuecomment-1674096710

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 0f5e07f538)
2023-08-21 07:22:18 +02:00
Giteabot
678c611c3d
[docs] Add missing backtick in quickstart.zh-cn.md (#26349) (#26357)
(cherry picked from commit 9aadc25bc1)
2023-08-21 07:22:17 +02:00
Brian Lachniet
9db27d2602
[docs] Fix Gmail configuration (#26356)
(cherry picked from commit b94370504f)
2023-08-21 07:22:17 +02:00
Giteabot
92589b9b8d
Remove backslashed newlines on markdown (#26344) (#26348)
Backport #26344 by @lunny

Fix https://gitea.com/gitea/gitea-docusaurus/issues/56

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit 0b97463cef)
2023-08-21 07:22:17 +02:00
Giteabot
b97dbf7a9e
Clarify the logger's MODE config option (#26267) (#26281)
Backport #26267 by @wxiaoguang

1. Fix the wrong document (add the missing `MODE=`)
2. Add a more friendly log message to tell users to add `MODE=` in their
config

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit a758337046)
2023-08-21 07:22:16 +02:00
Giteabot
6a15395f19
Update Arch linux URL from community to extra (#26273) (#26276)
Co-authored-by: minijaws <minijaws@gmail.com>
(cherry picked from commit a075285f24)
2023-08-21 07:22:16 +02:00
Giteabot
5a4b19435d
Calculate MAX_WORKERS default value by CPU number (#26177) (#26183)
(cherry picked from commit 892e24aaf1)
2023-07-30 07:46:18 +02:00
Giteabot
31f2ce3998
Update email-setup.en-us.md (#26068) (#26166)
Backport #26068 by @felixvictor

The setting `MAILER_TYPE` is deprecated.
According to the config cheat sheet, it should be `PROTOCOL`.

Co-authored-by: Felix Victor <felix.victor.na@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit 72b55c8094)
2023-07-30 07:43:05 +02:00
Giteabot
df5200e814
Remove "misc" scope check from public API endpoints (#26134) (#26149)
Backport #26134 by @wxiaoguang

Fix #26035

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit a8445e9320)
2023-07-26 13:51:46 +02:00
John Olheiser
b217ce3e9f
Docusaurus-ify 1.20 (#26052)
See https://github.com/go-gitea/gitea/pull/26051

---------

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: JonRB <4564448+eeyrjmr@users.noreply.github.com>
(cherry picked from commit 4033d95dbf)
2023-07-26 13:49:16 +02:00
Giteabot
d9d38b6244
added ssh mirror workaround description (#26096) (#26136)
Backport #26096 by @thigg

related #1635 #18159

This will probably be obsolete at some point, but it should not break
anything and it may help some users

Co-authored-by: thigg <thigg@users.noreply.github.com>
(cherry picked from commit 5992365fc1)
2023-07-26 13:49:15 +02:00
Giteabot
7cc4d211b1
RPM Registry: Show zypper commands for SUSE based distros as well (#25981) (#26020)
Backport #25981 by @asdil12

After RPM is supported with https://github.com/go-gitea/gitea/pull/23380
let's show the user
how to add the repo and install the RPM via all common package managers.

Co-authored-by: Dominik Heidler <dominik@heidler.eu>
(cherry picked from commit dfd371a363)
2023-07-24 07:59:10 +02:00
Giteabot
9a3778b230
Correctly refer to dev tags as nightly in the docker docs (#26004) (#26019)
Backport #26004 by @jolheiser

As title, `dev` tags are no longer used since we switched to `nightly`

Signed-off-by: jolheiser <john.olheiser@gmail.com>
(cherry picked from commit ac129d4b4c)
2023-07-24 07:59:10 +02:00
Giteabot
f890856cf4
Update path related documents (#25417) (#25982)
Backport #25417 by @wxiaoguang

Update WorkPath/WORK_PATH related documents, remove out-dated
information.

Remove "StaticRootPath" on the admin config display page, because few
end user really need it, it only causes misconfiguration.

![image](https://github.com/go-gitea/gitea/assets/2114189/8095afa4-da76-436b-9e89-2a92c229c01d)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit ee47face12)
2023-07-24 07:58:56 +02:00
Earl Warren
4085181bd9
Revert "Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581) (#25604)"
This reverts commit 24cf06592e.

(cherry picked from commit bf8853299d)
(cherry picked from commit cd1b258e3e)
2023-07-16 23:21:44 +02:00
wxiaoguang
b4460cf541
Make "install page" respect environment config (#25648) (#25799)
Backport #25648

Replace #25580

Fix #19453

The problem was: when users set "GITEA__XXX__YYY" , the "install page"
doesn't respect it.

So, to make the result consistent and avoid surprising end users, now
the "install page" also writes the environment variables to the config
file.

And, to make things clear, there are enough messages on the UI to tell
users what will happen.

There are some necessary/related changes to `environment-to-ini.go`:

* The "--clear" flag is removed and it was incorrectly written there.
The "clear" operation should be done if INSTALL_LOCK=true
* The "--prefix" flag is removed because it's never used, never
documented and it only causes inconsistent behavior.

The only conflict during backport is "ui divider" in
templates/install.tmpl
2023-07-10 11:51:05 +00:00
Giteabot
68a3961bf1
docs: rootless docker ssh's default port is 2222 (#25771) (#25772)
Backport #25771 by @leavesster

---

according `docker/rootless/usr/local/bin/docker-setup.sh` , in rootless
docker setup, ssh port is 2222.
and mysql database case should port same as PostgreSQL port

Co-authored-by: leavesster <11785335+leavesster@users.noreply.github.com>
2023-07-09 15:45:42 +08:00
Giteabot
24cf06592e
Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581) (#25604)
Backport #25581 by @wolfogre

Resolve #24789

## ⚠️ BREAKING ⚠️

Before this, `DEFAULT_ACTIONS_URL` cound be set to any custom URLs like
`https://gitea.com` or `http://your-git-server,https://gitea.com`, and
the default value was `https://gitea.com`.

But now, `DEFAULT_ACTIONS_URL` supports only
`github`(`https://github.com`) or `self`(the root url of current Gitea
instance), and the default value is `github`.

If it has configured with a URL, an error log will be displayed and it
will fallback to `github`.

Actually, what we really want to do is always make it
`https://github.com`, however, this may not be acceptable for some
instances of internal use, so there's extra support for `self`, but no
more, even `https://gitea.com`.

Please note that `uses: https://xxx/yyy/zzz` always works and it does
exactly what it is supposed to do.

Although it's breaking, I belive it should be backported to `v1.20` due
to some security issues.

Follow-up on the runner side:

- https://gitea.com/gitea/act_runner/pulls/262
- https://gitea.com/gitea/act/pulls/70

Co-authored-by: Jason Song <i@wolfogre.com>
2023-06-30 07:53:00 +00:00
Giteabot
12aca3ef20
Add documentation about supported workflow trigger events (#25582) (#25589)
Backport #25582 by @Zettat123

Right now Gitea doesn't support all [Events that trigger
workflows](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows).
This PR lists the supported events to help users write workflow files.

Co-authored-by: Zettat123 <zettat123@gmail.com>
2023-06-29 14:51:46 +02:00
lonix1
5703a0d3e3
Document creating an API key from the CLI (#25504)
Related to https://github.com/go-gitea/gitea/issues/25503

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-06-25 21:33:34 -04:00
Giteabot
6f1c95ec5b
Use the new download domain replace the old (#25405) (#25409)
Backport #25405 by @lunny

As title.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-06-21 03:59:51 +00:00
Giteabot
cc73f6e821
Add Exoscale to installation on cloud provider docs (#25342) (#25346)
Backport #25342 by @pmig

We created a Gitea application for the [Exoscale
Marketplace](https://www.exoscale.com/marketplace/listing/glasskube-gitea/)
for easier installation on the European cloud provider.

The installation is managed via the [Glasskube Kubernetes
Operator](https://github.com/glasskube/operator).

Signed-off-by: Philip Miglinci <pmig@glasskube.eu>
Co-authored-by: Philip Miglinci <p.miglinci@gmail.com>
2023-06-18 15:48:06 +00:00
Giteabot
3a29f6aaff
Add link to support page for commercial support (#25293) (#25297)
Backport #25293 by @techknowlogick

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-06-16 14:26:32 +08:00
Giteabot
99d71b2b65
Docs about how to generate config for act runner with docker and setup it with docker-compose (#25256) (#25296)
Backport #25256 by @thezzisu

In this pull request, the following changes are addressed:

- State user should create `config.yaml` before start container to avoid
errors.
- Provided instructions to deploy runners using docker compose.

Co-authored-by: Zisu Zhang <thezzisu@gmail.com>
2023-06-16 12:09:03 +08:00
Giteabot
21cd5c2f3d
Fix all possible setting error related storages and added some tests (#23911) (#25244)
Backport #23911 by @lunny

Follow up #22405

Fix #20703 

This PR rewrites storage configuration read sequences with some breaks
and tests. It becomes more strict than before and also fixed some
inherit problems.

- Move storage's MinioConfig struct into setting, so after the
configuration loading, the values will be stored into the struct but not
still on some section.
- All storages configurations should be stored on one section,
configuration items cannot be overrided by multiple sections. The
prioioty of configuration is `[attachment]` > `[storage.attachments]` |
`[storage.customized]` > `[storage]` > `default`
- For extra override configuration items, currently are `SERVE_DIRECT`,
`MINIO_BASE_PATH`, `MINIO_BUCKET`, which could be configured in another
section. The prioioty of the override configuration is `[attachment]` >
`[storage.attachments]` > `default`.
- Add more tests for storages configurations.
- Update the storage documentations.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-14 08:36:52 +02:00
Giteabot
0ad5ae0dbf
Improve some documents: release version, logging, NFS lock (#25202) (#25204)
Backport #25202 by @wxiaoguang

Close #23654

Close #24684


@techknowlogick I still think we need to rename
https://dl.gitea.com/gitea/1.20/ to
https://dl.gitea.com/gitea/1.20-nightly/

`/gitea/1.20/` is quite confusing, it needs these words to explain why.
If we call it `1.20-nightly`, the FAQ can be simplified a lot.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-12 23:17:43 +08:00
HesterG
f0c967560a
Change branch name from master to main in some documents' links (#25126) (#25140)
Backport #25126 to 1.20

As title. And needs to backport to 1.19
2023-06-08 09:40:05 +00:00
silverwind
c09f747b51
Enable all webpack sourcemaps in dev build, disable all in prod build (#25089)
- Enable all source maps in dev build
- Disable all source maps in prod build
- Provide `ENABLE_SOURCEMAP` env var to override it.

I think the strange error seen in
https://github.com/go-gitea/gitea/issues/24784 is sourcemap related, so
if we enable/disable them all, it might go away. But it's most
definitely a Safari bug.

With all sourcemaps disabled, binary size goes down by around 1-2 MB,
with all enabled it goes up by around 12MB. If +12MB is acceptable, we
could also always enable them by default as fully source maps do have
some debugging benefits.
2023-06-06 12:57:08 +08:00
techknowlogick
7c778d6b5e
change placeholders in actions docs 2023-06-05 11:32:56 -04:00
techknowlogick
d302a5ee65
change placeholders in actions docs 2023-06-05 11:28:51 -04:00
sillyguodong
1a5f478ae1
Introduce how to configure cache when starting a Runner with Docker (#25077)
If a user starts a runner using a Docker image without making additional
configurations, the [cache action](https://github.com/actions/cache)
will not work properly.
Therefore, add a section in the documentation that explains how to
configure the cache correctly.
2023-06-05 14:12:55 +00:00
Lunny Xiao
d851bd9a6b
improve permission documentation (#23942) 2023-06-05 15:43:17 +08:00
Jack Hay
18de83b2a3
Redesign Scoped Access Tokens (#24767)
## Changes
- Adds the following high level access scopes, each with `read` and
`write` levels:
    - `activitypub`
    - `admin` (hidden if user is not a site admin)
    - `misc`
    - `notification`
    - `organization`
    - `package`
    - `issue`
    - `repository`
    - `user`
- Adds new middleware function `tokenRequiresScopes()` in addition to
`reqToken()`
  -  `tokenRequiresScopes()` is used for each high-level api section
- _if_ a scoped token is present, checks that the required scope is
included based on the section and HTTP method
  - `reqToken()` is used for individual routes
- checks that required authentication is present (but does not check
scope levels as this will already have been handled by
`tokenRequiresScopes()`
- Adds migration to convert old scoped access tokens to the new set of
scopes
- Updates the user interface for scope selection

### User interface example
<img width="903" alt="Screen Shot 2023-05-31 at 1 56 55 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/654766ec-2143-4f59-9037-3b51600e32f3">
<img width="917" alt="Screen Shot 2023-05-31 at 1 56 43 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/1ad64081-012c-4a73-b393-66b30352654c">

## tokenRequiresScopes  Design Decision
- `tokenRequiresScopes()` was added to more reliably cover api routes.
For an incoming request, this function uses the given scope category
(say `AccessTokenScopeCategoryOrganization`) and the HTTP method (say
`DELETE`) and verifies that any scoped tokens in use include
`delete:organization`.
- `reqToken()` is used to enforce auth for individual routes that
require it. If a scoped token is not present for a request,
`tokenRequiresScopes()` will not return an error

## TODO
- [x] Alphabetize scope categories
- [x] Change 'public repos only' to a radio button (private vs public).
Also expand this to organizations
- [X] Disable token creation if no scopes selected. Alternatively, show
warning
- [x] `reqToken()` is missing from many `POST/DELETE` routes in the api.
`tokenRequiresScopes()` only checks that a given token has the correct
scope, `reqToken()` must be used to check that a token (or some other
auth) is present.
   -  _This should be addressed in this PR_
- [x] The migration should be reviewed very carefully in order to
minimize access changes to existing user tokens.
   - _This should be addressed in this PR_
- [x] Link to api to swagger documentation, clarify what
read/write/delete levels correspond to
- [x] Review cases where more than one scope is needed as this directly
deviates from the api definition.
   - _This should be addressed in this PR_
   - For example: 
   ```go
	m.Group("/users/{username}/orgs", func() {
		m.Get("", reqToken(), org.ListUserOrgs)
		m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser,
auth_model.AccessTokenScopeCategoryOrganization),
context_service.UserAssignmentAPI())
   ```

## Future improvements
- [ ] Add required scopes to swagger documentation
- [ ] Redesign `reqToken()` to be opt-out rather than opt-in
- [ ] Subdivide scopes like `repository`
- [ ] Once a token is created, if it has no scopes, we should display
text instead of an empty bullet point
- [ ] If the 'public repos only' option is selected, should read
categories be selected by default

Closes #24501
Closes #24799

Co-authored-by: Jonathan Tran <jon@allspice.io>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2023-06-04 20:57:16 +02:00
Denys Konovalov
7d855efb1f
Allow for PKCE flow without client secret + add docs (#25033)
The PKCE flow according to [RFC
7636](https://datatracker.ietf.org/doc/html/rfc7636) allows for secure
authorization without the requirement to provide a client secret for the
OAuth app.

It is implemented in Gitea since #5378 (v1.8.0), however without being
able to omit client secret.
Since #21316 Gitea supports setting client type at OAuth app
registration.

As public clients are already forced to use PKCE since #21316, in this
PR the client secret check is being skipped if a public client is
detected. As Gitea seems to implement PKCE authorization correctly
according to the spec, this would allow for PKCE flow without providing
a client secret.

Also add some docs for it, please check language as I'm not a native
English speaker.

Closes #17107
Closes #25047
2023-06-03 05:59:28 +02:00
kodermho
7fca4056c4
Fix link to customizing-gitea (#25056)
The link to customizing-gitea in the label documentation is broken. This
PR should adjust the relative path to fix the link
2023-06-03 04:27:40 +02:00
sillyguodong
3a6a6342ea
Add chinese documentations for cran package registry (#25012)
As title.
2023-05-31 14:14:31 +08:00
silverwind
50bd7d0b24
Remove the service worker (#25010)
It's been disabled by default since 1.17
(https://github.com/go-gitea/gitea/pull/18914), and it never really
delivered any benefit except being another cache layer that has its own
unsolved invalidation issues. HTTP cache works, we don't need two cache
layers at the browser for assets.

## ⚠️ BREAKING

You can remove the config `[ui].USE_SERVICE_WORKER` from your `app.ini`
now.
2023-05-31 02:07:04 +00:00
John Olheiser
3dd3b1b456
Fix markdown link to awesome gitea (#25009)
Fixes the markdown link and uses title case like the other
translations.
2023-05-30 13:10:51 -05:00
JakobDev
1b115296d3
Followup to pinned Issues (#24945)
This addressees some things from #24406 that came up after the PR was
merged. Mostly from @delvh.

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: delvh <dev.lh@web.de>
2023-05-30 15:26:51 +00:00
Lunny Xiao
e64c2faf85
Remove unnecessary content on docs (#24976) 2023-05-30 09:30:56 +08:00
HesterG
0018b0a15e
Unify doc links to use paths relative to doc folder (#24979)
Changes:

1. Use uniform links types relative to doc folder (start with `doc/`)
2. According to [docusaurus
links](https://docusaurus.io/docs/markdown-features/links), if `<a>` is
used, the `href` is resolved as URL location, but not file location. So
need to use `[text]({{< relref "path" >}})` instead.
2023-05-29 13:27:16 +00:00
epk
355a078192
Update from-binary.en-us.md (#24975)
Fixed link to the creating a systemd service in Ubuntu document.
2023-05-29 15:46:38 +08:00
silverwind
c7612d178c
Remove meta tags theme-color and default-theme (#24960)
As discussed in
https://github.com/go-gitea/gitea/pull/24953#issuecomment-1565630156.

## ⚠️ BREAKING ⚠️

1. The `ui.THEME_COLOR_META_TAG` setting has been removed. If you still
need to set the `theme-color` meta tag, add it via
`$GITEA_CUSTOM/templates/custom/header.tmpl` instead.

2. The non-standard `default-theme` meta-tag added in
https://github.com/go-gitea/gitea/pull/13809 has been removed. Third
party code that needs to obtain the currently loaded theme should use
the `theme-<name>` class on the `<html>` node instead, which reflect the
currently active theme.
2023-05-28 22:33:17 +00:00
Jon Keim
1fa50f323a
simple docs fixes: 'pull request' page (en-us & zh-tw) link path to 'issue-pull-request-templates' (#24961)
Co-authored-by: silverwind <me@silverwind.io>
2023-05-28 10:47:05 +02:00
techknowlogick
fe67390da5
Remove reference to caddy v1 in docs (#24962)
caddy v1 is loong eol. v2 should be used.
2023-05-28 08:39:16 +00:00
wxiaoguang
2f149c5c9d
Use [git.config] for reflog cleaning up (#24958)
Follow
https://github.com/go-gitea/gitea/pull/24860#discussion_r1200589651

Use `[git.config]` for reflog cleaning up, the new options are more
flexible.

*
https://git-scm.com/docs/git-config#Documentation/git-config.txt-corelogAllRefUpdates
*
https://git-scm.com/docs/git-config#Documentation/git-config.txt-gcreflogExpire

## ⚠️ BREAKING

The section `[git.reflog]` is now obsolete and its keys have been moved
to the following replacements:
- `[git.reflog].ENABLED` → `[git.config].core.logAllRefUpdates`
- `[git.reflog].EXPIRATION` → `[git.config].gc.reflogExpire`
2023-05-28 01:07:14 +00:00
谈笑风生间
d6cbf7f315
docs: remove an extraneous whitespace (#24949) 2023-05-26 14:16:48 -04:00
Lunny Xiao
694f70b57e
Fix documentation ref (#24934)
Fix documentation ref
2023-05-26 00:19:13 +08:00
HesterG
aa2b317e08
Add Chinese docs for help, contribution and development (#24925) 2023-05-25 16:01:01 +00:00