From 550236796985db713613f0db37e325c091b1381a Mon Sep 17 00:00:00 2001 From: Martin Eckardt Date: Sun, 28 Dec 2025 17:01:50 +0100 Subject: [PATCH] Sicherheitskonfiguration: Registrierung und OpenID deaktiviert MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - DISABLE_REGISTRATION = true (keine oeffentliche Registrierung) - ENABLE_CAPTCHA = true (Schutz bei Login) - ENABLE_OPENID_SIGNIN/SIGNUP = false (kein externer Login) - app.ini.template ohne Secrets fuer Dokumentation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- configs/app.ini.template | 107 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 107 insertions(+) create mode 100644 configs/app.ini.template diff --git a/configs/app.ini.template b/configs/app.ini.template new file mode 100644 index 0000000..b36809e --- /dev/null +++ b/configs/app.ini.template @@ -0,0 +1,107 @@ +; Gitea Configuration Template +; WICHTIG: Diese Datei ist ein Template. Die echte app.ini wird beim ersten Start generiert. +; Secrets (JWT_SECRET, INTERNAL_TOKEN, etc.) werden automatisch erstellt. +; +; Pfad auf Server: /opt/docker/gitea/gitea/conf/app.ini + +APP_NAME = Martins GIT +RUN_MODE = prod +RUN_USER = git +WORK_PATH = /data/gitea + +[repository] +ROOT = /data/git/repositories +DEFAULT_BRANCH = main + +[repository.local] +LOCAL_COPY_PATH = /data/gitea/tmp/local-repo + +[repository.upload] +TEMP_PATH = /data/gitea/uploads + +[server] +APP_DATA_PATH = /data/gitea +DOMAIN = eckardt-git.duckdns.org +SSH_DOMAIN = 192.168.178.111 +HTTP_PORT = 3000 +ROOT_URL = https://eckardt-git.duckdns.org/ +DISABLE_SSH = false +SSH_PORT = 2222 +SSH_LISTEN_PORT = 22 +LFS_START_SERVER = true +; LFS_JWT_SECRET = +OFFLINE_MODE = true + +[database] +PATH = /data/gitea/gitea.db +DB_TYPE = sqlite3 +HOST = localhost:3306 +NAME = gitea +USER = root +PASSWD = +LOG_SQL = false +SCHEMA = +SSL_MODE = disable + +[indexer] +ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve + +[session] +PROVIDER_CONFIG = /data/gitea/sessions +PROVIDER = file + +[picture] +AVATAR_UPLOAD_PATH = /data/gitea/avatars +REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars + +[attachment] +PATH = /data/gitea/attachments + +[log] +MODE = console +LEVEL = info +ROOT_PATH = /data/gitea/log + +[security] +INSTALL_LOCK = true +; SECRET_KEY = +REVERSE_PROXY_LIMIT = 1 +REVERSE_PROXY_TRUSTED_PROXIES = * +; INTERNAL_TOKEN = +PASSWORD_HASH_ALGO = pbkdf2 + +[service] +; WICHTIG: Registrierung deaktiviert fuer Sicherheit +DISABLE_REGISTRATION = true +REQUIRE_SIGNIN_VIEW = false +REGISTER_EMAIL_CONFIRM = false +ENABLE_NOTIFY_MAIL = false +ALLOW_ONLY_EXTERNAL_REGISTRATION = false +ENABLE_CAPTCHA = true +DEFAULT_KEEP_EMAIL_PRIVATE = false +DEFAULT_ALLOW_CREATE_ORGANIZATION = true +DEFAULT_ENABLE_TIMETRACKING = true +NO_REPLY_ADDRESS = noreply.eckardt-git.duckdns.org + +[lfs] +PATH = /data/git/lfs + +[mailer] +ENABLED = false + +[openid] +; WICHTIG: OpenID deaktiviert fuer Sicherheit +ENABLE_OPENID_SIGNIN = false +ENABLE_OPENID_SIGNUP = false + +[cron.update_checker] +ENABLED = false + +[repository.pull-request] +DEFAULT_MERGE_STYLE = merge + +[repository.signing] +DEFAULT_TRUST_MODEL = committer + +[oauth2] +; JWT_SECRET =