fix: add oauth jwt token

This commit is contained in:
Emmanuel Averty 2023-08-08 22:54:06 +02:00 committed by grosmanal
parent c4e105f786
commit 2a986b38e6
3 changed files with 54 additions and 44 deletions

View file

@ -5,51 +5,51 @@ RUN_MODE = prod
WORK_PATH = __INSTALL_DIR__ WORK_PATH = __INSTALL_DIR__
[database] [database]
DB_TYPE = postgres DB_TYPE = postgres
HOST = 127.0.0.1:5432 HOST = 127.0.0.1:5432
NAME = __DB_NAME__ NAME = __DB_NAME__
USER = __DB_USER__ USER = __DB_USER__
PASSWD = __DB_PWD__ PASSWD = __DB_PWD__
SSL_MODE = disable SSL_MODE = disable
LOG_SQL = false LOG_SQL = false
[repository] [repository]
ROOT = __DATA_DIR__/repositories ROOT = __DATA_DIR__/repositories
FORCE_PRIVATE = false FORCE_PRIVATE = false
[server] [server]
DOMAIN = __DOMAIN__ DOMAIN = __DOMAIN__
HTTP_PORT = __PORT__ HTTP_PORT = __PORT__
HTTP_ADDR = 127.0.0.1 HTTP_ADDR = 127.0.0.1
ROOT_URL = https://__DOMAIN____PATH__ ROOT_URL = https://__DOMAIN____PATH__
DISABLE_SSH = false DISABLE_SSH = false
SSH_PORT = __SSH_PORT__ SSH_PORT = __SSH_PORT__
OFFLINE_MODE = false OFFLINE_MODE = false
APP_DATA_PATH = __DATA_DIR__/data APP_DATA_PATH = __DATA_DIR__/data
LANDING_PAGE = explore LANDING_PAGE = explore
LFS_START_SERVER = true LFS_START_SERVER = true
LFS_JWT_SECRET = __LFS_JWT_SECRET__ LFS_JWT_SECRET = __LFS_JWT_SECRET__
LOCAL_ROOT_URL = http://127.0.0.1:__PORT__/ LOCAL_ROOT_URL = http://127.0.0.1:__PORT__/
[mailer] [mailer]
ENABLED = true ENABLED = true
SMTP_ADDR = localhost SMTP_ADDR = localhost
SMTP_PORT = 25 SMTP_PORT = 25
FROM = "Forgejo" <forgejo-noreply@__DOMAIN__> FROM = "Forgejo" <forgejo-noreply@__DOMAIN__>
FORCE_TRUST_SERVER_CERT = true FORCE_TRUST_SERVER_CERT = true
[service] [service]
REGISTER_EMAIL_CONFIRM = false REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = true ENABLE_NOTIFY_MAIL = true
DISABLE_REGISTRATION = true DISABLE_REGISTRATION = true
ENABLE_CAPTCHA = false ENABLE_CAPTCHA = false
REQUIRE_SIGNIN_VIEW = false REQUIRE_SIGNIN_VIEW = false
ENABLE_REVERSE_PROXY_AUTHENTICATION = true ENABLE_REVERSE_PROXY_AUTHENTICATION = true
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = true ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = true
ENABLE_REVERSE_PROXY_EMAIL = true ENABLE_REVERSE_PROXY_EMAIL = true
[picture] [picture]
AVATAR_UPLOAD_PATH = __DATA_DIR__/data/avatars AVATAR_UPLOAD_PATH = __DATA_DIR__/data/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = __DATA_DIR__/data/repo-avatars REPOSITORY_AVATAR_UPLOAD_PATH = __DATA_DIR__/data/repo-avatars
[attachment] [attachment]
@ -59,29 +59,31 @@ PATH = __DATA_DIR__/attachments
PROVIDER = memory PROVIDER = memory
[log] [log]
MODE = file MODE = file
LEVEL = Info LEVEL = Info
ROOT_PATH = /var/log/__APP__ ROOT_PATH = /var/log/__APP__
logger.access.MODE =
logger.access.MODE = logger.router.MODE = router
logger.router.MODE = router logger.xorm.MODE = xorm
logger.xorm.MODE = xorm
[log.file] [log.file]
FILE_NAME = forgejo.log FILE_NAME = forgejo.log
[log.router] [log.router]
FILE_NAME = router.log FILE_NAME = router.log
LEVEL = Warn LEVEL = Warn
[log.xorm] [log.xorm]
FILE_NAME = xorm.log FILE_NAME = xorm.log
LEVEL = Warn LEVEL = Warn
[security] [security]
INSTALL_LOCK = true INSTALL_LOCK = true
SECRET_KEY = __SECRET_KEY__ SECRET_KEY = __SECRET_KEY__
REVERSE_PROXY_AUTHENTICATION_USER = REMOTE-USER REVERSE_PROXY_AUTHENTICATION_USER = REMOTE-USER
REVERSE_PROXY_AUTHENTICATION_EMAIL = EMAIL REVERSE_PROXY_AUTHENTICATION_EMAIL = EMAIL
REVERSE_PROXY_TRUSTED_PROXIES = 127.0.0.0/8,::1/128 REVERSE_PROXY_TRUSTED_PROXIES = 127.0.0.0/8,::1/128
INTERNAL_TOKEN = __INTERNAL_TOKEN__ INTERNAL_TOKEN = __INTERNAL_TOKEN__
[oauth2]
JWT_SECRET = __OAUTH2_JWT_SECRET__

View file

@ -29,9 +29,11 @@ chown -R $app:$app "$install_dir/custom"
secret_key=$($install_dir/forgejo generate secret SECRET_KEY) secret_key=$($install_dir/forgejo generate secret SECRET_KEY)
lfs_jwt_secret=$($install_dir/forgejo generate secret JWT_SECRET) lfs_jwt_secret=$($install_dir/forgejo generate secret JWT_SECRET)
internal_token=$($install_dir/forgejo generate secret INTERNAL_TOKEN) internal_token=$($install_dir/forgejo generate secret INTERNAL_TOKEN)
oauth2_jwt_secret=$($install_dir/forgejo generate secret JWT_SECRET)
ynh_app_setting_set --app=$app --key=secret_key --value=$secret_key ynh_app_setting_set --app=$app --key=secret_key --value=$secret_key
ynh_app_setting_set --app=$app --key=lfs_jwt_secret --value=$lfs_jwt_secret ynh_app_setting_set --app=$app --key=lfs_jwt_secret --value=$lfs_jwt_secret
ynh_app_setting_set --app=$app --key=internal_token --value=$internal_token ynh_app_setting_set --app=$app --key=internal_token --value=$internal_token
ynh_app_setting_set --app=$app --key=oauth2_jwt_secret --value=$oauth2_jwt_secret
#================================================= #=================================================
# ADD A CONFIGURATION # ADD A CONFIGURATION

View file

@ -80,6 +80,12 @@ if [ -z ${internal_token:-} ]; then
ynh_app_setting_set --app=$app --key=internal_token --value=$internal_token ynh_app_setting_set --app=$app --key=internal_token --value=$internal_token
fi fi
# If oauth2_jwt_secret doesn't exist, create it
if [ -z ${oauth2_jwt_secret:-} ]; then
oauth2_jwt_secret=$($install_dir/forgejo generate secret JWT_SECRET)
ynh_app_setting_set --app=$app --key=oauth2_jwt_secret --value=$oauth2_jwt_secret
fi
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================