155 lines
4.6 KiB
INI
155 lines
4.6 KiB
INI
APP_NAME = Local Repo CloudNative zone
|
|
RUN_MODE = prod
|
|
RUN_USER = git
|
|
WORK_PATH = /data/gitea
|
|
|
|
[repository]
|
|
ROOT = /data/git/repositories
|
|
|
|
[repository.local]
|
|
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
|
|
|
|
[repository.upload]
|
|
TEMP_PATH = /data/gitea/uploads
|
|
|
|
[server]
|
|
PROTOCOL = http
|
|
APP_DATA_PATH = /data/gitea
|
|
SSH_DOMAIN = localrepo.cloudnative.zone
|
|
DOMAIN = localrepo.cloudnative.zone
|
|
HTTP_ADDR = 0.0.0.0
|
|
HTTP_PORT = 3000
|
|
ROOT_URL = https://localrepo.cloudnative.zone/
|
|
DISABLE_SSH = false
|
|
LFS_START_SERVER = true
|
|
shFS_MAX_FILE_SIZE = 0
|
|
LFS_LOCK_PAGING_NUM = 50
|
|
; Permission for unix socket
|
|
UNIX_SOCKET_PERMISSION = 666
|
|
START_SSH_SERVER = true
|
|
BUILTIN_SSH_SERVER_USER = git
|
|
; The network interface the builtin SSH server should listen on
|
|
; SSH_LISTEN_HOST =
|
|
; Port number to be exposed in clone URL
|
|
SSH_PORT = 2022
|
|
; The port number the builtin SSH server should listen on
|
|
SSH_LISTEN_PORT = %(SSH_PORT)s
|
|
; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
|
|
; SSH_ROOT_PATH =
|
|
SSH_ROOT_PATH = /data/git/repositories
|
|
; Gitea will create a authorized_keys file by default when it is not using the internal ssh server
|
|
; If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
|
|
SSH_CREATE_AUTHORIZED_KEYS_FILE = false
|
|
; For the built-in SSH server, choose the ciphers to support for SSH connections,
|
|
; for system SSH this setting has no effect
|
|
SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
|
|
; For the built-in SSH server, choose the key exchange algorithms to support for SSH connections
|
|
; for system SSH this setting has no effect
|
|
SSH_SERVER_KEY_EXCHANGES = diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256@libssh.org
|
|
; for system SSH this setting has no effect
|
|
SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1, hmac-sha1-96
|
|
; Directory to create temporary files in when testing public keys using ssh-keygen,
|
|
; default is the system temporary directory.
|
|
; SSH_KEY_TEST_PATH =
|
|
; Path to ssh-keygen, default is 'ssh-keygen' which means the shell is responsible for finding out which one to call.
|
|
SSH_KEYGEN_PATH = ssh-keygen
|
|
; Enable SSH Authorized Key Backup when rewriting all keys, default is true
|
|
SSH_BACKUP_AUTHORIZED_KEYS = true
|
|
; Enable exposure of SSH clone URL to anonymous visitors, default is false
|
|
SSH_EXPOSE_ANONYMOUS = false
|
|
; Indicate whether to check minimum key size with corresponding type
|
|
MINIMUM_KEY_SIZE_CHECK = false
|
|
; Disable CDN even in "prod" mode
|
|
DISABLE_ROUTER_LOG = false
|
|
OFFLINE_MODE = true
|
|
|
|
; Generate steps:
|
|
; $ ./gitea cert -ca=true -duration=8760h0m0s -host=myhost.example.com
|
|
;
|
|
; Or from a .pfx file exported from the Windows certificate store (do
|
|
; not forget to export the private key):
|
|
; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
|
|
; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
|
|
# CERT_FILE = /data/gitea/conf/ssl/fullchain.pem
|
|
# KEY_FILE = /data/gitea/conf/ssl/privkey.pem
|
|
[database]
|
|
PATH = /data/gitea/gitea.db
|
|
DB_TYPE = postgres
|
|
HOST = db:5432
|
|
NAME = gitea
|
|
USER = gitea
|
|
PASSWD = gitea
|
|
LOG_SQL = false
|
|
SCHEMA =
|
|
SSL_MODE = disable
|
|
|
|
[indexer]
|
|
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
|
|
|
|
[session]
|
|
PROVIDER_CONFIG = /data/gitea/sessions
|
|
PROVIDER = file
|
|
|
|
[picture]
|
|
AVATAR_UPLOAD_PATH = /data/gitea/avatars
|
|
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
|
|
|
|
[attachment]
|
|
PATH = /data/gitea/attachments
|
|
|
|
[log]
|
|
MODE = console
|
|
LEVEL = info
|
|
ROOT_PATH = /data/gitea/log
|
|
|
|
[security]
|
|
INSTALL_LOCK = false
|
|
SECRET_KEY =
|
|
REVERSE_PROXY_LIMIT = 1
|
|
REVERSE_PROXY_TRUSTED_PROXIES = *
|
|
PASSWORD_HASH_ALGO = pbkdf2
|
|
|
|
[service]
|
|
DISABLE_REGISTRATION = false
|
|
REQUIRE_SIGNIN_VIEW = false
|
|
REGISTER_EMAIL_CONFIRM = false
|
|
ENABLE_NOTIFY_MAIL = false
|
|
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
|
ENABLE_CAPTCHA = false
|
|
DEFAULT_KEEP_EMAIL_PRIVATE = false
|
|
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
|
|
DEFAULT_ENABLE_TIMETRACKING = true
|
|
NO_REPLY_ADDRESS = noreply.localrepo.cloudnative.zone
|
|
|
|
[lfs]
|
|
PATH = /data/git/lfs
|
|
|
|
[mailer]
|
|
ENABLED = false
|
|
|
|
[openid]
|
|
ENABLE_OPENID_SIGNIN = true
|
|
ENABLE_OPENID_SIGNUP = true
|
|
|
|
[cron.update_checker]
|
|
ENABLED = false
|
|
|
|
[repository.pull-request]
|
|
DEFAULT_MERGE_STYLE = merge
|
|
|
|
[repository.signing]
|
|
DEFAULT_TRUST_MODEL = committer
|
|
|
|
[oauth2]
|
|
|
|
[webhook]
|
|
; Hook task queue length, increase if webhook shooting starts hanging
|
|
QUEUE_LENGTH = 1000
|
|
; Deliver timeout in seconds
|
|
DELIVER_TIMEOUT =
|
|
; Allow insecure certification
|
|
SKIP_TLS_VERIFY = false
|
|
; Number of history information in each page
|
|
PAGING_NUM = 10
|
|
ALLOWED_HOST_LIST = 10.11.1.0/24
|