orion/srv
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: server can be re-scaffolded without invalidating sessions, don't leak secrets

Browse Source
This commit is contained in:
Orion Kindel 2023-05-21 12:58:26 -05:00
parent 4e7c9aaf8a
commit ae4ef7d1f6
Signed by untrusted user who does not match committer: orion
GPG Key ID: 6D4165AE4C928719
3 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1 +1,2 @@
src/gitea-app.ini
ext

1
src/012-system-users-gitea.sh
View File

@ -37,6 +37,7 @@ mv /tmp/git/config /home/git/
cp ./gitea-docker-compose.yml /home/git/docker-compose.yml
cp ./gitea-app.ini /home/git/config/app.ini
sed -i "s/\\\${{TIMESTAMP}}/$(date +%s)/g" /home/git/config/app.ini
touch /home/git/runner-config.yml
touch /home/git/.env.runner

7
src/gitea-app.ini → src/gitea-app.ini.sample
View File

@ -13,7 +13,7 @@ SSH_PORT = 22
SSH_LISTEN_PORT = 22
LFS_START_SERVER = true
ROOT_URL = https://git.orionkindel.com/
LFS_JWT_SECRET = UsqQwv84asJvQbpkp0gILFIQnuX7-dBvWG_Y3-hRr7w
LFS_JWT_SECRET = ; <snip>
OFFLINE_MODE = false
[database]
@ -32,8 +32,7 @@ CHARSET = utf8
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
[session]
PROVIDER_CONFIG = /data/gitea/sessions
PROVIDER = file
PROVIDER = db
[picture]
AVATAR_UPLOAD_PATH = /data/gitea/avatars
@ -53,7 +52,7 @@ INSTALL_LOCK = true
SECRET_KEY =
REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_TRUSTED_PROXIES = *
INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2ODQ0Njk4MTJ9.0PBZpL59ML5l-IKkIY6Vos9Sjyp6_pqxz-decLdY8cs
INTERNAL_TOKEN = ; <snip>
PASSWORD_HASH_ALGO = pbkdf2
[service]