fix: add oauth jwt token
This commit is contained in:
parent
c4e105f786
commit
2a986b38e6
3 changed files with 54 additions and 44 deletions
90
conf/app.ini
90
conf/app.ini
|
@ -5,51 +5,51 @@ RUN_MODE = prod
|
||||||
WORK_PATH = __INSTALL_DIR__
|
WORK_PATH = __INSTALL_DIR__
|
||||||
|
|
||||||
[database]
|
[database]
|
||||||
DB_TYPE = postgres
|
DB_TYPE = postgres
|
||||||
HOST = 127.0.0.1:5432
|
HOST = 127.0.0.1:5432
|
||||||
NAME = __DB_NAME__
|
NAME = __DB_NAME__
|
||||||
USER = __DB_USER__
|
USER = __DB_USER__
|
||||||
PASSWD = __DB_PWD__
|
PASSWD = __DB_PWD__
|
||||||
SSL_MODE = disable
|
SSL_MODE = disable
|
||||||
LOG_SQL = false
|
LOG_SQL = false
|
||||||
|
|
||||||
[repository]
|
[repository]
|
||||||
ROOT = __DATA_DIR__/repositories
|
ROOT = __DATA_DIR__/repositories
|
||||||
FORCE_PRIVATE = false
|
FORCE_PRIVATE = false
|
||||||
|
|
||||||
[server]
|
[server]
|
||||||
DOMAIN = __DOMAIN__
|
DOMAIN = __DOMAIN__
|
||||||
HTTP_PORT = __PORT__
|
HTTP_PORT = __PORT__
|
||||||
HTTP_ADDR = 127.0.0.1
|
HTTP_ADDR = 127.0.0.1
|
||||||
ROOT_URL = https://__DOMAIN____PATH__
|
ROOT_URL = https://__DOMAIN____PATH__
|
||||||
DISABLE_SSH = false
|
DISABLE_SSH = false
|
||||||
SSH_PORT = __SSH_PORT__
|
SSH_PORT = __SSH_PORT__
|
||||||
OFFLINE_MODE = false
|
OFFLINE_MODE = false
|
||||||
APP_DATA_PATH = __DATA_DIR__/data
|
APP_DATA_PATH = __DATA_DIR__/data
|
||||||
LANDING_PAGE = explore
|
LANDING_PAGE = explore
|
||||||
LFS_START_SERVER = true
|
LFS_START_SERVER = true
|
||||||
LFS_JWT_SECRET = __LFS_JWT_SECRET__
|
LFS_JWT_SECRET = __LFS_JWT_SECRET__
|
||||||
LOCAL_ROOT_URL = http://127.0.0.1:__PORT__/
|
LOCAL_ROOT_URL = http://127.0.0.1:__PORT__/
|
||||||
|
|
||||||
[mailer]
|
[mailer]
|
||||||
ENABLED = true
|
ENABLED = true
|
||||||
SMTP_ADDR = localhost
|
SMTP_ADDR = localhost
|
||||||
SMTP_PORT = 25
|
SMTP_PORT = 25
|
||||||
FROM = "Forgejo" <forgejo-noreply@__DOMAIN__>
|
FROM = "Forgejo" <forgejo-noreply@__DOMAIN__>
|
||||||
FORCE_TRUST_SERVER_CERT = true
|
FORCE_TRUST_SERVER_CERT = true
|
||||||
|
|
||||||
[service]
|
[service]
|
||||||
REGISTER_EMAIL_CONFIRM = false
|
REGISTER_EMAIL_CONFIRM = false
|
||||||
ENABLE_NOTIFY_MAIL = true
|
ENABLE_NOTIFY_MAIL = true
|
||||||
DISABLE_REGISTRATION = true
|
DISABLE_REGISTRATION = true
|
||||||
ENABLE_CAPTCHA = false
|
ENABLE_CAPTCHA = false
|
||||||
REQUIRE_SIGNIN_VIEW = false
|
REQUIRE_SIGNIN_VIEW = false
|
||||||
ENABLE_REVERSE_PROXY_AUTHENTICATION = true
|
ENABLE_REVERSE_PROXY_AUTHENTICATION = true
|
||||||
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = true
|
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = true
|
||||||
ENABLE_REVERSE_PROXY_EMAIL = true
|
ENABLE_REVERSE_PROXY_EMAIL = true
|
||||||
|
|
||||||
[picture]
|
[picture]
|
||||||
AVATAR_UPLOAD_PATH = __DATA_DIR__/data/avatars
|
AVATAR_UPLOAD_PATH = __DATA_DIR__/data/avatars
|
||||||
REPOSITORY_AVATAR_UPLOAD_PATH = __DATA_DIR__/data/repo-avatars
|
REPOSITORY_AVATAR_UPLOAD_PATH = __DATA_DIR__/data/repo-avatars
|
||||||
|
|
||||||
[attachment]
|
[attachment]
|
||||||
|
@ -59,29 +59,31 @@ PATH = __DATA_DIR__/attachments
|
||||||
PROVIDER = memory
|
PROVIDER = memory
|
||||||
|
|
||||||
[log]
|
[log]
|
||||||
MODE = file
|
MODE = file
|
||||||
LEVEL = Info
|
LEVEL = Info
|
||||||
ROOT_PATH = /var/log/__APP__
|
ROOT_PATH = /var/log/__APP__
|
||||||
|
logger.access.MODE =
|
||||||
logger.access.MODE =
|
logger.router.MODE = router
|
||||||
logger.router.MODE = router
|
logger.xorm.MODE = xorm
|
||||||
logger.xorm.MODE = xorm
|
|
||||||
|
|
||||||
[log.file]
|
[log.file]
|
||||||
FILE_NAME = forgejo.log
|
FILE_NAME = forgejo.log
|
||||||
|
|
||||||
[log.router]
|
[log.router]
|
||||||
FILE_NAME = router.log
|
FILE_NAME = router.log
|
||||||
LEVEL = Warn
|
LEVEL = Warn
|
||||||
|
|
||||||
[log.xorm]
|
[log.xorm]
|
||||||
FILE_NAME = xorm.log
|
FILE_NAME = xorm.log
|
||||||
LEVEL = Warn
|
LEVEL = Warn
|
||||||
|
|
||||||
[security]
|
[security]
|
||||||
INSTALL_LOCK = true
|
INSTALL_LOCK = true
|
||||||
SECRET_KEY = __SECRET_KEY__
|
SECRET_KEY = __SECRET_KEY__
|
||||||
REVERSE_PROXY_AUTHENTICATION_USER = REMOTE-USER
|
REVERSE_PROXY_AUTHENTICATION_USER = REMOTE-USER
|
||||||
REVERSE_PROXY_AUTHENTICATION_EMAIL = EMAIL
|
REVERSE_PROXY_AUTHENTICATION_EMAIL = EMAIL
|
||||||
REVERSE_PROXY_TRUSTED_PROXIES = 127.0.0.0/8,::1/128
|
REVERSE_PROXY_TRUSTED_PROXIES = 127.0.0.0/8,::1/128
|
||||||
INTERNAL_TOKEN = __INTERNAL_TOKEN__
|
INTERNAL_TOKEN = __INTERNAL_TOKEN__
|
||||||
|
|
||||||
|
[oauth2]
|
||||||
|
JWT_SECRET = __OAUTH2_JWT_SECRET__
|
||||||
|
|
|
@ -29,9 +29,11 @@ chown -R $app:$app "$install_dir/custom"
|
||||||
secret_key=$($install_dir/forgejo generate secret SECRET_KEY)
|
secret_key=$($install_dir/forgejo generate secret SECRET_KEY)
|
||||||
lfs_jwt_secret=$($install_dir/forgejo generate secret JWT_SECRET)
|
lfs_jwt_secret=$($install_dir/forgejo generate secret JWT_SECRET)
|
||||||
internal_token=$($install_dir/forgejo generate secret INTERNAL_TOKEN)
|
internal_token=$($install_dir/forgejo generate secret INTERNAL_TOKEN)
|
||||||
|
oauth2_jwt_secret=$($install_dir/forgejo generate secret JWT_SECRET)
|
||||||
ynh_app_setting_set --app=$app --key=secret_key --value=$secret_key
|
ynh_app_setting_set --app=$app --key=secret_key --value=$secret_key
|
||||||
ynh_app_setting_set --app=$app --key=lfs_jwt_secret --value=$lfs_jwt_secret
|
ynh_app_setting_set --app=$app --key=lfs_jwt_secret --value=$lfs_jwt_secret
|
||||||
ynh_app_setting_set --app=$app --key=internal_token --value=$internal_token
|
ynh_app_setting_set --app=$app --key=internal_token --value=$internal_token
|
||||||
|
ynh_app_setting_set --app=$app --key=oauth2_jwt_secret --value=$oauth2_jwt_secret
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# ADD A CONFIGURATION
|
# ADD A CONFIGURATION
|
||||||
|
|
|
@ -80,6 +80,12 @@ if [ -z ${internal_token:-} ]; then
|
||||||
ynh_app_setting_set --app=$app --key=internal_token --value=$internal_token
|
ynh_app_setting_set --app=$app --key=internal_token --value=$internal_token
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# If oauth2_jwt_secret doesn't exist, create it
|
||||||
|
if [ -z ${oauth2_jwt_secret:-} ]; then
|
||||||
|
oauth2_jwt_secret=$($install_dir/forgejo generate secret JWT_SECRET)
|
||||||
|
ynh_app_setting_set --app=$app --key=oauth2_jwt_secret --value=$oauth2_jwt_secret
|
||||||
|
fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
Loading…
Reference in a new issue