--- custom/conf/app.ini.sample.orig 2018-03-29 22:07:58.349893121 +0200 +++ custom/conf/app.ini.sample 2018-03-29 22:14:52.677957272 +0200 @@ -5,12 +5,12 @@ ; App name that shows on every page title APP_NAME = Gitea: Git with a cup of tea ; Change it if you run locally -RUN_USER = git +RUN_USER = _gitea ; Either "dev", "prod" or "test", default is "dev" -RUN_MODE = dev +RUN_MODE = prod [repository] -ROOT = +ROOT = /var/lib/gitea/repositories SCRIPT_TYPE = bash ; Default ANSI charset ANSI_CHARSET = @@ -42,15 +42,15 @@ [repository.local] ; Path for local repository copy. Defaults to `tmp/local-repo` -LOCAL_COPY_PATH = tmp/local-repo +LOCAL_COPY_PATH = /var/lib/gitea/tmp/local-repo ; Path for local wiki copy. Defaults to `tmp/local-wiki` -LOCAL_WIKI_PATH = tmp/local-wiki +LOCAL_WIKI_PATH = /var/lib/gitea/tmp/local-wiki [repository.upload] ; Whether repository file uploads are enabled. Defaults to `true` ENABLED = true ; Path for uploads. Defaults to `data/tmp/uploads` (tmp gets deleted on gitea restart) -TEMP_PATH = data/tmp/uploads +TEMP_PATH = /var/lib/gitea/data/tmp/uploads ; One or more allowed types, e.g. image/jpeg|image/png. Nothing means any file type ALLOWED_TYPES = ; Max size of each file in MB. Defaults to 3MB @@ -118,7 +118,7 @@ REDIRECT_OTHER_PORT = false PORT_TO_REDIRECT = 80 ; Permission for unix socket -UNIX_SOCKET_PERMISSION = 666 +UNIX_SOCKET_PERMISSION = 660 ; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service. ; In most cases you do not need to change the default value. ; Alter it only if your SSH server node is not the same as HTTP node. @@ -134,7 +134,7 @@ ; Network interface builtin SSH server listens on SSH_LISTEN_HOST = ; Port number to be exposed in clone URL -SSH_PORT = 22 +SSH_PORT = 2222 ; Port number builtin SSH server listens on SSH_LISTEN_PORT = %(SSH_PORT)s ; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'. @@ -160,7 +160,7 @@ ; Indicate whether to check minimum key size with corresponding type MINIMUM_KEY_SIZE_CHECK = false ; Disable CDN even in "prod" mode -OFFLINE_MODE = false +OFFLINE_MODE = true DISABLE_ROUTER_LOG = false ; Generate steps: ; $ ./gitea cert -ca=true -duration=8760h0m0s -host=myhost.example.com @@ -169,13 +169,13 @@ ; not forget to export the private key): ; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys ; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes -CERT_FILE = custom/https/cert.pem -KEY_FILE = custom/https/key.pem +CERT_FILE = /var/lib/gitea/custom/https/cert.pem +KEY_FILE = /var/lib/gitea/custom/https/key.pem ; Upper level of template and static file path ; default is the path where Gitea is executed STATIC_ROOT_PATH = ; Default path for App data -APP_DATA_PATH = data +APP_DATA_PATH = /var/lib/gitea/data ; Application level GZIP support ENABLE_GZIP = false ; Landing page, can be "home", "explore", or "organizations" @@ -183,7 +183,7 @@ ; Enables git-lfs support. true or false, default is false. LFS_START_SERVER = false ; Where your lfs files put on, default is data/lfs. -LFS_CONTENT_PATH = data/lfs +LFS_CONTENT_PATH = /var/lib/gitea/data/lfs ; LFS authentication secret, changed this to yourself. LFS_JWT_SECRET = @@ -196,7 +196,7 @@ [database] ; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice -DB_TYPE = mysql +DB_TYPE = sqlite3 HOST = 127.0.0.1:3306 NAME = gitea USER = root @@ -205,17 +205,17 @@ ; For "postgres" only, either "disable", "require" or "verify-full" SSL_MODE = disable ; For "sqlite3" and "tidb", use absolute path when you start as service -PATH = data/gitea.db +PATH = /var/lib/gitea/data/gitea.db ; For "sqlite3" only. Query timeout SQLITE_TIMEOUT = 500 ; For iterate buffer, default is 50 ITERATE_BUFFER_SIZE = 50 [indexer] -ISSUE_INDEXER_PATH = indexers/issues.bleve +ISSUE_INDEXER_PATH = /var/lib/gitea/indexers/issues.bleve ; repo indexer by default disabled, since it uses a lot of disk space REPO_INDEXER_ENABLED = false -REPO_INDEXER_PATH = indexers/repos.bleve +REPO_INDEXER_PATH = /var/lib/gitea/indexers/repos.bleve UPDATE_BUFFER_LEN = 20 MAX_FILE_SIZE = 1048576 @@ -227,7 +227,7 @@ ; Whether the installer is disabled INSTALL_LOCK = false ; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!! -SECRET_KEY = !#@FDEWREWR&*( +SECRET_KEY = ; Auto-login remember days LOGIN_REMEMBER_DAYS = 7 COOKIE_USERNAME = gitea_awesome @@ -339,8 +339,8 @@ SKIP_VERIFY = ; Use client certificate USE_CERTIFICATE = false -CERT_FILE = custom/mailer/cert.pem -KEY_FILE = custom/mailer/key.pem +CERT_FILE = /var/lib/gitea/custom/mailer/cert.pem +KEY_FILE = /var/lib/gitea/custom/mailer/key.pem ; Mail from address, RFC 5322. This can be just an email address, or the `"Name" ` format FROM = ; Mailer user name and password @@ -371,13 +371,13 @@ [session] ; Either "memory", "file", or "redis", default is "memory" -PROVIDER = memory +PROVIDER = file ; Provider config options ; memory: not have any config yet ; file: session file path, e.g. `data/sessions` ; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180 ; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table` -PROVIDER_CONFIG = data/sessions +PROVIDER_CONFIG = /var/lib/gitea/data/sessions ; Session cookie name COOKIE_NAME = i_like_gitea ; If you use session in https only, default is false @@ -390,12 +390,12 @@ SESSION_LIFE_TIME = 86400 [picture] -AVATAR_UPLOAD_PATH = data/avatars +AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars ; Chinese users can choose "duoshuo" ; or a custom avatar source, like: http://cn.gravatar.com/avatar/ GRAVATAR_SOURCE = gravatar ; This value will be forced to be true in offline mode. -DISABLE_GRAVATAR = false +DISABLE_GRAVATAR = true ; Federated avatar lookup uses DNS to discover avatar associated ; with emails, see https://www.libravatar.org ; This value will be forced to be false in offline mode or Gravatar is disabled. @@ -405,7 +405,7 @@ ; Whether attachments are enabled. Defaults to `true` ENABLE = true ; Path for attachments. Defaults to `data/attachments` -PATH = data/attachments +PATH = /var/lib/gitea/data/attachments ; One or more allowed types, e.g. image/jpeg|image/png ALLOWED_TYPES = image/jpeg|image/png|application/zip|application/gzip ; Max size of each file. Defaults to 32MB @@ -420,10 +420,10 @@ FORMAT = [log] -ROOT_PATH = +ROOT_PATH = /var/log/gitea ; Either "console", "file", "conn", "smtp" or "database", default is "console" ; Use comma to separate multiple modes, e.g. "console, file" -MODE = console +MODE = file ; Buffer length of channel, keep it as it is if you don't know what it is. BUFFER_LEN = 10000 ; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace" @@ -435,7 +435,7 @@ ; For "file" mode only [log.file] -LEVEL = +LEVEL = Info ; This enables automated log rotate(switch of following options), default is true LOG_ROTATE = true ; Max line number of single file, default is 1000000