Horacio Duran
822e42dbb8
This template allows deploying a forgejo en either Scaleway or Hetzner (untested) without much knowledge about them. It DOES require knowledge about Terragrunt and ansible. A wizard of sorts is provided but it will not guarantee success without some knowledge about the underlying technology.
219 lines
4.7 KiB
Django/Jinja
219 lines
4.7 KiB
Django/Jinja
; Forgejo Configuration File
|
|
; Generated by Ansible
|
|
|
|
APP_NAME = Forgejo: {{ forgejo_domain }}
|
|
RUN_MODE = prod
|
|
RUN_USER = {{ forgejo_user }}
|
|
WORK_PATH = /data/gitea
|
|
|
|
[repository]
|
|
ROOT = /data/git/repositories
|
|
SCRIPT_TYPE = bash
|
|
DEFAULT_BRANCH = main
|
|
DEFAULT_PRIVATE = last
|
|
MAX_CREATION_LIMIT = -1
|
|
ENABLE_PUSH_CREATE_USER = true
|
|
ENABLE_PUSH_CREATE_ORG = true
|
|
DISABLE_HTTP_GIT = {{ forgejo_disable_http_git | lower }}
|
|
|
|
[repository.local]
|
|
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
|
|
|
|
[repository.upload]
|
|
ENABLED = true
|
|
TEMP_PATH = /data/gitea/uploads
|
|
FILE_MAX_SIZE = 100
|
|
MAX_FILES = 10
|
|
|
|
[lfs]
|
|
ENABLED = {{ forgejo_enable_lfs | lower }}
|
|
PATH = /data/lfs
|
|
MAX_FILE_SIZE = {{ forgejo_lfs_max_file_size }}
|
|
|
|
[server]
|
|
; Forgejo listens on HTTP internally; Caddy handles TLS termination
|
|
PROTOCOL = http
|
|
DOMAIN = {{ forgejo_domain }}
|
|
ROOT_URL = {{ forgejo_protocol }}://{{ forgejo_domain }}/
|
|
HTTP_ADDR = 0.0.0.0
|
|
HTTP_PORT = 3000
|
|
DISABLE_SSH = false
|
|
SSH_DOMAIN = {{ forgejo_domain }}
|
|
SSH_PORT = {{ forgejo_ssh_port }}
|
|
SSH_LISTEN_PORT = 22
|
|
OFFLINE_MODE = false
|
|
APP_DATA_PATH = /data/gitea
|
|
LANDING_PAGE = explore
|
|
LFS_START_SERVER = {{ forgejo_enable_lfs | lower }}
|
|
|
|
[database]
|
|
DB_TYPE = {{ forgejo_db_type }}
|
|
; Use host.docker.internal to reach host PostgreSQL from container
|
|
HOST = host.docker.internal:{{ forgejo_db_port }}
|
|
NAME = {{ forgejo_db_name }}
|
|
USER = {{ forgejo_db_user }}
|
|
PASSWD = {{ forgejo_db_password }}
|
|
SCHEMA =
|
|
SSL_MODE = disable
|
|
CHARSET = utf8mb4
|
|
LOG_SQL = false
|
|
MAX_IDLE_CONNS = 30
|
|
MAX_OPEN_CONNS = 100
|
|
CONN_MAX_LIFETIME = 3600
|
|
|
|
[security]
|
|
INSTALL_LOCK = true
|
|
SECRET_KEY = {{ vault_forgejo_secret_key | default('') }}
|
|
INTERNAL_TOKEN = {{ vault_forgejo_internal_token | default('') }}
|
|
PASSWORD_COMPLEXITY = lower,upper,digit,spec
|
|
MIN_PASSWORD_LENGTH = 10
|
|
PASSWORD_HASH_ALGO = argon2
|
|
|
|
[service]
|
|
DISABLE_REGISTRATION = {{ forgejo_disable_registration | lower }}
|
|
REQUIRE_SIGNIN_VIEW = {{ forgejo_require_signin_view | lower }}
|
|
REGISTER_EMAIL_CONFIRM = {{ forgejo_enable_email | lower }}
|
|
ENABLE_NOTIFY_MAIL = {{ forgejo_enable_email | lower }}
|
|
DEFAULT_KEEP_EMAIL_PRIVATE = true
|
|
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
|
|
DEFAULT_ORG_VISIBILITY = private
|
|
ENABLE_CAPTCHA = true
|
|
ENABLE_TIMETRACKING = true
|
|
DEFAULT_ENABLE_TIMETRACKING = true
|
|
ENABLE_USER_HEATMAP = true
|
|
|
|
[service.explore]
|
|
REQUIRE_SIGNIN_VIEW = {{ forgejo_require_signin_view | lower }}
|
|
DISABLE_USERS_PAGE = false
|
|
|
|
{% if forgejo_enable_email %}
|
|
[mailer]
|
|
ENABLED = true
|
|
SMTP_ADDR = {{ forgejo_email_host }}
|
|
SMTP_PORT = {{ forgejo_email_port }}
|
|
FROM = {{ forgejo_email_from }}
|
|
USER = {{ forgejo_email_user }}
|
|
PASSWD = {{ forgejo_email_password }}
|
|
SUBJECT_PREFIX = [{{ forgejo_domain }}]
|
|
MAILER_TYPE = smtp
|
|
IS_TLS_ENABLED = true
|
|
{% endif %}
|
|
|
|
[session]
|
|
PROVIDER = file
|
|
PROVIDER_CONFIG = /data/gitea/sessions
|
|
COOKIE_SECURE = {{ (forgejo_protocol == 'https') | lower }}
|
|
COOKIE_NAME = i_like_forgejo
|
|
COOKIE_DOMAIN = {{ forgejo_domain }}
|
|
GC_INTERVAL_TIME = 86400
|
|
SESSION_LIFE_TIME = 86400
|
|
|
|
[picture]
|
|
DISABLE_GRAVATAR = {{ forgejo_disable_gravatar | lower }}
|
|
ENABLE_FEDERATED_AVATAR = false
|
|
|
|
[attachment]
|
|
ENABLED = true
|
|
PATH = /data/attachments
|
|
MAX_SIZE = 100
|
|
MAX_FILES = 10
|
|
|
|
[time]
|
|
DEFAULT_UI_LOCATION = UTC
|
|
|
|
[log]
|
|
MODE = console, file
|
|
LEVEL = {{ forgejo_log_level }}
|
|
ROOT_PATH = /data/gitea/log
|
|
ENABLE_XORM_LOG = false
|
|
|
|
[log.console]
|
|
LEVEL = {{ forgejo_log_level }}
|
|
COLORIZE = false
|
|
|
|
[log.file]
|
|
LEVEL = {{ forgejo_log_level }}
|
|
FILE_NAME = forgejo.log
|
|
MAX_SIZE_SHIFT = 28
|
|
DAILY_ROTATE = true
|
|
MAX_DAYS = 7
|
|
|
|
[git]
|
|
MAX_GIT_DIFF_LINES = 1000
|
|
MAX_GIT_DIFF_LINE_CHARACTERS = 5000
|
|
MAX_GIT_DIFF_FILES = 100
|
|
GC_ARGS =
|
|
|
|
[git.timeout]
|
|
DEFAULT = 360
|
|
MIGRATE = 600
|
|
MIRROR = 300
|
|
CLONE = 300
|
|
PULL = 300
|
|
GC = 60
|
|
|
|
{% if forgejo_enable_2fa %}
|
|
[two_factor]
|
|
ENABLED = true
|
|
{% endif %}
|
|
|
|
[openid]
|
|
ENABLE_OPENID_SIGNIN = false
|
|
ENABLE_OPENID_SIGNUP = false
|
|
|
|
[cron]
|
|
ENABLED = true
|
|
RUN_AT_START = false
|
|
|
|
[cron.update_mirrors]
|
|
SCHEDULE = @every 10m
|
|
|
|
[cron.repo_health_check]
|
|
SCHEDULE = @every 24h
|
|
TIMEOUT = 60s
|
|
|
|
[cron.check_repo_stats]
|
|
SCHEDULE = @every 24h
|
|
|
|
[cron.cleanup_hook_task_table]
|
|
SCHEDULE = @every 24h
|
|
CLEANUP_TYPE = OlderThan
|
|
OLDER_THAN = 168h
|
|
|
|
[cron.update_migration_poster_id]
|
|
SCHEDULE = @every 24h
|
|
|
|
[cron.sync_external_users]
|
|
SCHEDULE = @every 24h
|
|
UPDATE_EXISTING = true
|
|
|
|
[api]
|
|
ENABLE_SWAGGER = false
|
|
MAX_RESPONSE_ITEMS = 50
|
|
DEFAULT_PAGING_NUM = 30
|
|
DEFAULT_GIT_TREES_PER_PAGE = 1000
|
|
DEFAULT_MAX_BLOB_SIZE = 10485760
|
|
|
|
[oauth2]
|
|
ENABLED = true
|
|
JWT_SECRET = {{ vault_forgejo_jwt_secret | default('') }}
|
|
|
|
[webhook]
|
|
QUEUE_LENGTH = 1000
|
|
DELIVER_TIMEOUT = 15
|
|
SKIP_TLS_VERIFY = false
|
|
PAGING_NUM = 10
|
|
|
|
[metrics]
|
|
ENABLED = {{ forgejo_enable_prometheus | lower }}
|
|
TOKEN = {{ vault_forgejo_metrics_token | default('') }}
|
|
|
|
[task]
|
|
QUEUE_TYPE = channel
|
|
QUEUE_LENGTH = 10000
|
|
QUEUE_CONN_STR =
|
|
QUEUE_BATCH_NUMBER = 20
|
|
|
|
[indexer]
|
|
ISSUE_INDEXER_TYPE = db
|
|
REPO_INDEXER_ENABLED = true
|