Update gitea to v1.10.0
1.10 introduces a PASSWORD_COMPLEXITY setting with a default value of lower,upper,digit,spec - which requires passwords to have an upper, lower, digit and special character. Our example password does not have this, so set the PASSWORD_COMPLEXITY setting. We could alternately leave it at the default and ensure that our passwords meet the spec. The sshd_config file is templated now, so we can set the listen port via env var. Change-Id: I6e4b595eabb9c6885d78fff1109ea9f602e89ef7
This commit is contained in:
Monty Taylor
parent
9f6df6deaf
commit
b3e5f0cab0
@ -26,7 +26,7 @@ FROM docker.io/library/golang:1.13-buster AS build-env
|
|||||||
|
|
||||||
LABEL maintainer="infra-root@openstack.org"
|
LABEL maintainer="infra-root@openstack.org"
|
||||||
|
|
||||||
ARG GITEA_VERSION="v1.9.6"
|
ARG GITEA_VERSION="v1.10.0"
|
||||||
ENV TAGS "bindata $TAGS"
|
ENV TAGS "bindata $TAGS"
|
||||||
|
|
||||||
#Build deps
|
#Build deps
|
||||||
@ -70,8 +70,6 @@ RUN addgroup --system --gid 1000 git \
|
|||||||
|
|
||||||
# Copy the /etc config files and entrypoint script
|
# Copy the /etc config files and entrypoint script
|
||||||
COPY --from=build-env /go/src/code.gitea.io/gitea/docker/root /
|
COPY --from=build-env /go/src/code.gitea.io/gitea/docker/root /
|
||||||
# Copy our custom sshd_config
|
|
||||||
COPY sshd_config /etc/ssh/sshd_config
|
|
||||||
|
|
||||||
# Copy the app
|
# Copy the app
|
||||||
COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
|
COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
|
||||||
|
|||||||
@ -12,62 +12,60 @@
|
|||||||
<div class="divider"> / </div>
|
<div class="divider"> / </div>
|
||||||
<a href="{{$.RepoLink}}">{{.Name}}</a>
|
<a href="{{$.RepoLink}}">{{.Name}}</a>
|
||||||
{{if .IsArchived}}<i class="archive icon archived-icon"></i>{{end}}
|
{{if .IsArchived}}<i class="archive icon archived-icon"></i>{{end}}
|
||||||
{{if .IsMirror}}<div class="fork-flag">{{$.i18n.Tr "repo.mirror_from"}} <a target="_blank" rel="noopener noreferrer" href="{{$.Mirror.Address}}">{{$.Mirror.Address}}</a></div>{{end}}
|
{{if .IsMirror}}<div class="fork-flag">{{$.i18n.Tr "repo.mirror_from"}} <a target="_blank" rel="noopener noreferrer" href="{{MirrorAddress $.Mirror}}">{{MirrorAddress $.Mirror}}</a></div>{{end}}
|
||||||
{{if .IsFork}}<div class="fork-flag">{{$.i18n.Tr "repo.forked_from"}} <a href="{{.BaseRepo.Link}}">{{SubStr .BaseRepo.RelLink 1 -1}}</a></div>{{end}}
|
{{if .IsFork}}<div class="fork-flag">{{$.i18n.Tr "repo.forked_from"}} <a href="{{.BaseRepo.Link}}">{{SubStr .BaseRepo.RelLink 1 -1}}</a></div>{{end}}
|
||||||
</div>
|
</div>
|
||||||
</div><!-- end grid -->
|
</div><!-- end grid -->
|
||||||
</div><!-- end container -->
|
</div><!-- end container -->
|
||||||
{{end}}
|
{{end}}
|
||||||
{{if not .IsDiffCompare}}
|
<div class="ui tabs container">
|
||||||
<div class="ui tabs container">
|
{{if not .Repository.IsBeingCreated}}
|
||||||
<div class="ui tabular stackable menu navbar">
|
<div class="ui tabular stackable menu navbar">
|
||||||
{{if .Permission.CanRead $.UnitTypeCode}}
|
{{if .Permission.CanRead $.UnitTypeCode}}
|
||||||
<a class="{{if .PageIsViewCode}}active{{end}} item" href="{{.RepoLink}}{{if (ne .BranchName .Repository.DefaultBranch)}}/src/{{.BranchNameSubURL | EscapePound}}{{end}}">
|
<a class="{{if .PageIsViewCode}}active{{end}} item" href="{{.RepoLink}}{{if (ne .BranchName .Repository.DefaultBranch)}}/src/{{.BranchNameSubURL | EscapePound}}{{end}}">
|
||||||
<i class="octicon octicon-code"></i> {{.i18n.Tr "repo.code"}}
|
<i class="octicon octicon-code"></i> {{.i18n.Tr "repo.code"}}
|
||||||
</a>
|
</a>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
||||||
{{if .Permission.CanRead $.UnitTypeIssues}}
|
{{if .Permission.CanRead $.UnitTypeIssues}}
|
||||||
<a class="{{if .PageIsIssueList}}active{{end}} item" href="{{.RepoLink}}/issues">
|
<a class="{{if .PageIsIssueList}}active{{end}} item" href="{{.RepoLink}}/issues">
|
||||||
<i class="octicon octicon-issue-opened"></i> {{.i18n.Tr "repo.issues"}} <span class="ui {{if not .Repository.NumOpenIssues}}gray{{else}}blue{{end}} small label">{{.Repository.NumOpenIssues}}</span>
|
<i class="octicon octicon-issue-opened"></i> {{.i18n.Tr "repo.issues"}} <span class="ui {{if not .Repository.NumOpenIssues}}gray{{else}}blue{{end}} small label">{{.Repository.NumOpenIssues}}</span>
|
||||||
</a>
|
</a>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
||||||
{{if .Permission.CanRead $.UnitTypeExternalTracker}}
|
{{if .Permission.CanRead $.UnitTypeExternalTracker}}
|
||||||
<a class="{{if .PageIsIssueList}}active{{end}} item" href="{{.RepoExternalIssuesLink}}" target="_blank" rel="noopener noreferrer">
|
<a class="{{if .PageIsIssueList}}active{{end}} item" href="{{.RepoExternalIssuesLink}}" target="_blank" rel="noopener noreferrer">
|
||||||
<i class="octicon octicon-link-external"></i> {{.i18n.Tr "repo.issues"}}
|
<i class="octicon octicon-link-external"></i> {{.i18n.Tr "repo.issues"}} </span>
|
||||||
</a>
|
</a>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
||||||
{{if and .Repository.CanEnablePulls (.Permission.CanRead $.UnitTypePullRequests)}}
|
{{if and .Repository.CanEnablePulls (.Permission.CanRead $.UnitTypePullRequests)}}
|
||||||
<a class="{{if .PageIsPullList}}active{{end}} item" href="{{.RepoLink}}/pulls">
|
<a class="{{if .PageIsPullList}}active{{end}} item" href="{{.RepoLink}}/pulls">
|
||||||
<i class="octicon octicon-git-pull-request"></i> {{.i18n.Tr "repo.pulls"}} <span class="ui {{if not .Repository.NumOpenPulls}}gray{{else}}blue{{end}} small label">{{.Repository.NumOpenPulls}}</span>
|
<i class="octicon octicon-git-pull-request"></i> {{.i18n.Tr "repo.pulls"}} <span class="ui {{if not .Repository.NumOpenPulls}}gray{{else}}blue{{end}} small label">{{.Repository.NumOpenPulls}}</span>
|
||||||
</a>
|
</a>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
||||||
<a class="item" href="https://review.opendev.org/#/q/status:open+project:{{.Owner.Name}}/{{.Repository.Name}}">
|
<a class="item" href="https://review.opendev.org/#/q/status:open+project:{{.Owner.Name}}/{{.Repository.Name}}">
|
||||||
<i class="octicon octicon-git-pull-request"></i> Proposed changes
|
<i class="octicon octicon-git-pull-request"></i> Proposed changes
|
||||||
</a>
|
</a>
|
||||||
|
|
||||||
{{if or (.Permission.CanRead $.UnitTypeWiki) (.Permission.CanRead $.UnitTypeExternalWiki)}}
|
{{if or (.Permission.CanRead $.UnitTypeWiki) (.Permission.CanRead $.UnitTypeExternalWiki)}}
|
||||||
<a class="{{if .PageIsWiki}}active{{end}} item" href="{{.RepoLink}}/wiki" {{if (.Permission.CanRead $.UnitTypeExternalWiki)}} target="_blank" rel="noopener noreferrer" {{end}}>
|
<a class="{{if .PageIsWiki}}active{{end}} item" href="{{.RepoLink}}/wiki" {{if (.Permission.CanRead $.UnitTypeExternalWiki)}} target="_blank" rel="noopener noreferrer" {{end}}>
|
||||||
<i class="octicon octicon-book"></i> {{.i18n.Tr "repo.wiki"}}
|
<i class="octicon octicon-book"></i> {{.i18n.Tr "repo.wiki"}}
|
||||||
</a>
|
</a>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
||||||
{{template "custom/extra_tabs" .}}
|
{{template "custom/extra_tabs" .}}
|
||||||
|
|
||||||
{{if .Permission.IsAdmin}}
|
{{if .Permission.IsAdmin}}
|
||||||
<div class="right menu">
|
<div class="right menu">
|
||||||
<a class="{{if .PageIsSettings}}active{{end}} item" href="{{.RepoLink}}/settings">
|
<a class="{{if .PageIsSettings}}active{{end}} item" href="{{.RepoLink}}/settings">
|
||||||
<i class="octicon octicon-tools"></i> {{.i18n.Tr "repo.settings"}}
|
<i class="octicon octicon-tools"></i> {{.i18n.Tr "repo.settings"}}
|
||||||
</a>
|
</a>
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
</div>
|
</div>
|
||||||
</div>
|
{{end}}
|
||||||
<div class="ui tabs divider"></div>
|
</div>
|
||||||
{{else}}
|
<div class="ui tabs divider"></div>
|
||||||
<div class="ui divider"></div>
|
|
||||||
{{end}}
|
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@ -1,33 +0,0 @@
|
|||||||
Port 222
|
|
||||||
Protocol 2
|
|
||||||
|
|
||||||
AddressFamily any
|
|
||||||
ListenAddress 0.0.0.0
|
|
||||||
ListenAddress ::
|
|
||||||
|
|
||||||
LogLevel INFO
|
|
||||||
|
|
||||||
HostKey /data/ssh/ssh_host_ed25519_key
|
|
||||||
HostKey /data/ssh/ssh_host_rsa_key
|
|
||||||
HostKey /data/ssh/ssh_host_dsa_key
|
|
||||||
HostKey /data/ssh/ssh_host_ecdsa_key
|
|
||||||
|
|
||||||
AuthorizedKeysFile .ssh/authorized_keys
|
|
||||||
|
|
||||||
UseDNS no
|
|
||||||
AllowAgentForwarding no
|
|
||||||
AllowTcpForwarding no
|
|
||||||
PrintMotd no
|
|
||||||
|
|
||||||
PermitUserEnvironment yes
|
|
||||||
PermitRootLogin no
|
|
||||||
ChallengeResponseAuthentication no
|
|
||||||
PasswordAuthentication no
|
|
||||||
PermitEmptyPasswords no
|
|
||||||
|
|
||||||
AllowUsers git
|
|
||||||
|
|
||||||
Banner none
|
|
||||||
Subsystem sftp /usr/lib/ssh/sftp-server
|
|
||||||
|
|
||||||
AcceptEnv GIT_PROTOCOL
|
|
||||||
@ -86,6 +86,7 @@
|
|||||||
email: "gerrit@review.opendev.org"
|
email: "gerrit@review.opendev.org"
|
||||||
full_name: Gerrit
|
full_name: Gerrit
|
||||||
login_name: gerrit
|
login_name: gerrit
|
||||||
|
must_change_password: false
|
||||||
password: "{{ gitea_gerrit_password }}"
|
password: "{{ gitea_gerrit_password }}"
|
||||||
send_notify: false
|
send_notify: false
|
||||||
source_id: 0
|
source_id: 0
|
||||||
|
|||||||
@ -56,6 +56,7 @@ LEVEL = Info
|
|||||||
INSTALL_LOCK = true
|
INSTALL_LOCK = true
|
||||||
SECRET_KEY = {{ gitea_secret_key }}
|
SECRET_KEY = {{ gitea_secret_key }}
|
||||||
INTERNAL_TOKEN = {{ gitea_internal_token }}
|
INTERNAL_TOKEN = {{ gitea_internal_token }}
|
||||||
|
PASSWORD_COMPLEXITY = lower,upper,digit
|
||||||
|
|
||||||
[service]
|
[service]
|
||||||
DISABLE_REGISTRATION = true
|
DISABLE_REGISTRATION = true
|
||||||
|
|||||||
@ -35,6 +35,8 @@ services:
|
|||||||
gitea-ssh:
|
gitea-ssh:
|
||||||
depends_on:
|
depends_on:
|
||||||
- mariadb
|
- mariadb
|
||||||
|
environment:
|
||||||
|
- SSH_LISTEN_PORT=222
|
||||||
image: opendevorg/gitea-openssh
|
image: opendevorg/gitea-openssh
|
||||||
network_mode: host
|
network_mode: host
|
||||||
restart: always
|
restart: always
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user