mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-23 06:43:34 +01:00
Avoid polluting the config (#25345)
Caught by #25330 Co-authored-by: Giteabot <teabot@gitea.io>
This commit is contained in:
parent
695f5d170b
commit
a5d0246fff
3 changed files with 15 additions and 13 deletions
|
@ -30,7 +30,7 @@ func loadMirrorFrom(rootCfg ConfigProvider) {
|
||||||
// DEPRECATED should not be removed because users maybe upgrade from lower version to the latest version
|
// DEPRECATED should not be removed because users maybe upgrade from lower version to the latest version
|
||||||
// if these are removed, the warning will not be shown
|
// if these are removed, the warning will not be shown
|
||||||
deprecatedSetting(rootCfg, "repository", "DISABLE_MIRRORS", "mirror", "ENABLED", "v1.19.0")
|
deprecatedSetting(rootCfg, "repository", "DISABLE_MIRRORS", "mirror", "ENABLED", "v1.19.0")
|
||||||
if rootCfg.Section("repository").Key("DISABLE_MIRRORS").MustBool(false) {
|
if ConfigSectionKeyBool(rootCfg.Section("repository"), "DISABLE_MIRRORS") {
|
||||||
Mirror.DisableNewPull = true
|
Mirror.DisableNewPull = true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -120,18 +120,20 @@ func loadOAuth2From(rootCfg ConfigProvider) {
|
||||||
OAuth2.JWTSigningPrivateKeyFile = filepath.Join(AppDataPath, OAuth2.JWTSigningPrivateKeyFile)
|
OAuth2.JWTSigningPrivateKeyFile = filepath.Join(AppDataPath, OAuth2.JWTSigningPrivateKeyFile)
|
||||||
}
|
}
|
||||||
|
|
||||||
key := make([]byte, 32)
|
if InstallLock {
|
||||||
n, err := base64.RawURLEncoding.Decode(key, []byte(OAuth2.JWTSecretBase64))
|
key := make([]byte, 32)
|
||||||
if err != nil || n != 32 {
|
n, err := base64.RawURLEncoding.Decode(key, []byte(OAuth2.JWTSecretBase64))
|
||||||
key, err = generate.NewJwtSecret()
|
if err != nil || n != 32 {
|
||||||
if err != nil {
|
key, err = generate.NewJwtSecret()
|
||||||
log.Fatal("error generating JWT secret: %v", err)
|
if err != nil {
|
||||||
}
|
log.Fatal("error generating JWT secret: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
secretBase64 := base64.RawURLEncoding.EncodeToString(key)
|
secretBase64 := base64.RawURLEncoding.EncodeToString(key)
|
||||||
rootCfg.Section("oauth2").Key("JWT_SECRET").SetValue(secretBase64)
|
rootCfg.Section("oauth2").Key("JWT_SECRET").SetValue(secretBase64)
|
||||||
if err := rootCfg.Save(); err != nil {
|
if err := rootCfg.Save(); err != nil {
|
||||||
log.Fatal("save oauth2.JWT_SECRET failed: %v", err)
|
log.Fatal("save oauth2.JWT_SECRET failed: %v", err)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -262,7 +262,7 @@ func loadRunModeFrom(rootCfg ConfigProvider) {
|
||||||
RunUser = rootSec.Key("RUN_USER").MustString(user.CurrentUsername())
|
RunUser = rootSec.Key("RUN_USER").MustString(user.CurrentUsername())
|
||||||
// The following is a purposefully undocumented option. Please do not run Gitea as root. It will only cause future headaches.
|
// The following is a purposefully undocumented option. Please do not run Gitea as root. It will only cause future headaches.
|
||||||
// Please don't use root as a bandaid to "fix" something that is broken, instead the broken thing should instead be fixed properly.
|
// Please don't use root as a bandaid to "fix" something that is broken, instead the broken thing should instead be fixed properly.
|
||||||
unsafeAllowRunAsRoot := rootSec.Key("I_AM_BEING_UNSAFE_RUNNING_AS_ROOT").MustBool(false)
|
unsafeAllowRunAsRoot := ConfigSectionKeyBool(rootSec, "I_AM_BEING_UNSAFE_RUNNING_AS_ROOT")
|
||||||
RunMode = os.Getenv("GITEA_RUN_MODE")
|
RunMode = os.Getenv("GITEA_RUN_MODE")
|
||||||
if RunMode == "" {
|
if RunMode == "" {
|
||||||
RunMode = rootSec.Key("RUN_MODE").MustString("prod")
|
RunMode = rootSec.Key("RUN_MODE").MustString("prod")
|
||||||
|
|
Loading…
Reference in a new issue