jcgruenhage/void-packages
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

gitea: update to 1.6.2 ; fixes CVE

Browse source 
Closes: #6570 [via git-merge-pr]
This commit is contained in:
Nathan Owens 2019-01-03 19:43:30 -06:00 committed by Michael Aldridge
parent 106ebe1685
commit a94c9cfc31
2 changed files with 19 additions and 114 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

112
srcpkgs/gitea/patches/daemon_config.patch
View file

@ -1,112 +0,0 @@
--- custom/conf/app.ini.sample.orig 2018-08-12 00:05:18.826497786 -0700
+++ custom/conf/app.ini.sample 2018-08-12 00:09:09.836302324 -0700
@@ -7,12 +7,12 @@
; App name that shows in every page title
APP_NAME = Gitea: Git with a cup of tea
; Change it if you run locally
-RUN_USER = git
+RUN_USER = _gitea
; Either "dev", "prod" or "test", default is "dev"
-RUN_MODE = dev
+RUN_MODE = prod
[repository]
-ROOT =
+ROOT = /var/lib/gitea/repositories
SCRIPT_TYPE = bash
; Default ANSI charset
ANSI_CHARSET =
@@ -44,15 +44,15 @@
[repository.local]
; Path for local repository copy. Defaults to `tmp/local-repo`
-LOCAL_COPY_PATH = tmp/local-repo
+LOCAL_COPY_PATH = /var/lib/gitea/tmp/local-repo
; Path for local wiki copy. Defaults to `tmp/local-wiki`
-LOCAL_WIKI_PATH = tmp/local-wiki
+LOCAL_WIKI_PATH = /var/lib/gitea/tmp/local-wiki
[repository.upload]
; Whether repository file uploads are enabled. Defaults to `true`
ENABLED = true
; Path for uploads. Defaults to `data/tmp/uploads` (tmp gets deleted on gitea restart)
-TEMP_PATH = data/tmp/uploads
+TEMP_PATH = /var/lib/gitea/tmp/uploads
; One or more allowed types, e.g. image/jpeg|image/png. Nothing means any file type
ALLOWED_TYPES =
; Max size of each file in megabytes. Defaults to 3MB
@@ -120,7 +120,7 @@
REDIRECT_OTHER_PORT = false
PORT_TO_REDIRECT = 80
; Permission for unix socket
-UNIX_SOCKET_PERMISSION = 666
+UNIX_SOCKET_PERMISSION = 660
; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
; In most cases you do not need to change the default value.
; Alter it only if your SSH server node is not the same as HTTP node.
@@ -186,7 +186,7 @@
; Enables git-lfs support. true or false, default is false.
LFS_START_SERVER = false
; Where your lfs files reside, default is data/lfs.
-LFS_CONTENT_PATH = data/lfs
+LFS_CONTENT_PATH = /var/lib/gitea/lfs
; LFS authentication secret, change this yourself
LFS_JWT_SECRET =
; LFS authentication validity period (in time.Duration), pushes taking longer than this may fail.
@@ -201,7 +201,7 @@
[database]
; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
-DB_TYPE = mysql
+DB_TYPE = sqlite3
HOST = 127.0.0.1:3306
NAME = gitea
USER = root
@@ -210,7 +210,7 @@
; For "postgres" only, either "disable", "require" or "verify-full"
SSL_MODE = disable
; For "sqlite3" and "tidb", use absolute path when you start gitea as service
-PATH = data/gitea.db
+PATH = /var/lib/gitea/data/gitea.db
; For "sqlite3" only. Query timeout
SQLITE_TIMEOUT = 500
; For iterate buffer, default is 50
@@ -219,10 +219,10 @@
LOG_SQL = true
[indexer]
-ISSUE_INDEXER_PATH = indexers/issues.bleve
+ISSUE_INDEXER_PATH = /var/lib/gitea/indexers/issues.bleve
; repo indexer by default disabled, since it uses a lot of disk space
REPO_INDEXER_ENABLED = false
-REPO_INDEXER_PATH = indexers/repos.bleve
+REPO_INDEXER_PATH = /var/lib/gitea/indexers/repos.bleve
UPDATE_BUFFER_LEN = 20
MAX_FILE_SIZE = 1048576
@@ -401,7 +401,7 @@
SESSION_LIFE_TIME = 86400
[picture]
-AVATAR_UPLOAD_PATH = data/avatars
+AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars
; Max Width and Height of uploaded avatars. This is to limit the amount of RAM
; used when resizing the image.
AVATAR_MAX_WIDTH = 4096
@@ -435,14 +435,14 @@
FORMAT =
[log]
-ROOT_PATH =
+ROOT_PATH = /var/log/gitea/
; Either "console", "file", "conn", "smtp" or "database", default is "console"
; Use comma to separate multiple modes, e.g. "console, file"
MODE = console
; Buffer length of the channel, keep it as it is if you don't know what it is.
BUFFER_LEN = 10000
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
-LEVEL = Trace
+LEVEL = Info
; For "console" mode only
[log.console]

21
srcpkgs/gitea/template
View file

@ -1,6 +1,6 @@
# Template file for 'gitea' # Template file for 'gitea'
pkgname=gitea pkgname=gitea
version=1.5.3 version=1.6.2
revision=1 revision=1
build_style=go build_style=go
go_import_path=code.gitea.io/gitea go_import_path=code.gitea.io/gitea
@ -30,7 +30,7 @@ license="MIT"
homepage="https://gitea.io" homepage="https://gitea.io"
changelog="https://github.com/go-gitea/gitea/blob/master/CHANGELOG.md" changelog="https://github.com/go-gitea/gitea/blob/master/CHANGELOG.md"
distfiles="https://github.com/go-gitea/gitea/archive/v${version}.tar.gz" distfiles="https://github.com/go-gitea/gitea/archive/v${version}.tar.gz"
checksum=3a94982d1fa0549e26e2c86f859bc09dda480a98a6b07ce5682257f3ce7de188 checksum=a6d726769f8f7a732dd83f15ad167d1930367c2678a9c590bd00e9aac3bc645b
system_accounts="_gitea" system_accounts="_gitea"
_gitea_homedir="/var/lib/gitea" _gitea_homedir="/var/lib/gitea"
@ -45,6 +45,23 @@ pre_build() {
cd $wrksrc cd $wrksrc
} }
pre_install() {
sed -i \
'/RUN_USER/s:git:_gitea:
s:666:660:
/RUN_MODE/s:dev:prod:
/DB_TYPE/s:mysql:sqlite3:
s:ROOT =:& /var/lib/gitea/repositories:
s:tmp/local-repo:/var/lib/gitea/&:
s:tmp/local-wiki:/var/lib/gitea/&:
/TEMP_PATH/s:data/tmp/uploads:/var/lib/gitea/tmp/uploads:
/LFS_CONTENT/s:data/lfs:/var/lib/gitea/lfs:
s:data/gitea.db:/var/lib/gitea/&:
s:indexers/issues.bleve:/var/lib/gitea/&:
s:data/avatars:/var/lib/gitea/&:
s:ROOT_PATH =:& /var/log/gitea:' custom/conf/app.ini.sample
}
post_install() { post_install() {
vlicense LICENSE vlicense LICENSE
vsv gitea vsv gitea