mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-06-27 12:45:32 +02:00
78 lines
3.2 KiB
Django/Jinja
78 lines
3.2 KiB
Django/Jinja
# Configuration
|
|
# @see https://docs.gitea.com/next/administration/config-cheat-sheet#repository-repository
|
|
|
|
USER_UID=1000
|
|
USER_GID=1000
|
|
DB_TYPE=mysql
|
|
DB_HOST={{database_host}}:{{database_port}}
|
|
DB_NAME={{database_name}}
|
|
DB_USER={{database_username}}
|
|
DB_PASSWD={{database_password}}
|
|
SSH_PORT={{ports.public.ssh[application_id]}}
|
|
SSH_LISTEN_PORT=22
|
|
DOMAIN={{domains | get_domain(application_id)}}
|
|
SSH_DOMAIN={{domains | get_domain(application_id)}}
|
|
RUN_MODE="{{ 'dev' if (CYMAIS_ENVIRONMENT | lower) == 'development' else 'prod' }}"
|
|
ROOT_URL="{{ web_protocol }}://{{domains | get_domain(application_id)}}/"
|
|
APP_NAME="{{ applications[application_id].title }}"
|
|
|
|
# Mail Configuration
|
|
# @see https://docs.gitea.com/next/installation/install-with-docker#managing-deployments-with-environment-variables
|
|
# @todo test
|
|
GITEA__mailer__ENABLED=true
|
|
GITEA__mailer__FROM={{ users['no-reply'].email }}
|
|
GITEA__mailer__PROTOCOL=smtps
|
|
GITEA__mailer__SMTP_ADDR={{ system_email.host }}
|
|
GITEA__mailer__SMTP_PORT={{ system_email.port }}
|
|
GITEA__mailer__USER={{ users['no-reply'].email }}
|
|
GITEA__mailer__PASSWD={{ users['no-reply'].mailu_token }}
|
|
|
|
# Allow push creation
|
|
# @see https://github.com/go-gitea/gitea/issues/17619
|
|
GITEA__REPOSITORY__ENABLE_PUSH_CREATE_USER={{ applications[application_id].configuration.repository.enable_push_create_user | lower }}
|
|
GITEA__REPOSITORY__DEFAULT_PRIVATE={{ applications[application_id].configuration.repository.default_private | lower }}
|
|
GITEA__REPOSITORY__DEFAULT_PUSH_CREATE_PRIVATE={{ applications[application_id].configuration.repository.default_push_create_private | lower }}
|
|
|
|
GITEA__security__INSTALL_LOCK=true # Locks the installation page
|
|
|
|
{% if applications | is_feature_enabled('oidc',application_id) %}
|
|
|
|
GITEA__openid__ENABLE_OPENID_SIGNUP=true
|
|
GITEA__openid__ENABLE_OPENID_SIGNUP=true
|
|
|
|
{% endif %}
|
|
|
|
{% if applications | is_feature_enabled('ldap',application_id) %}
|
|
|
|
# ------------------------------------------------
|
|
# LDAP Authentication (via BindDN)
|
|
# ------------------------------------------------
|
|
GITEA__auth__LDAP__ENABLED={{ applications | is_feature_enabled('ldap',application_id) | string | lower }}
|
|
GITEA__auth__LDAP__HOST={{ ldap.server.domain }}
|
|
GITEA__auth__LDAP__PORT={{ ldap.server.port }}
|
|
# security protocol: "", "SSL" or "TLS"
|
|
GITEA__auth__LDAP__SECURITY={{ ldap.server.security | trim or "unencrypted" }}
|
|
GITEA__auth__LDAP__BIND_DN={{ ldap.dn.administrator }}
|
|
GITEA__auth__LDAP__BIND_PASSWORD={{ ldap.bind_credential }}
|
|
GITEA__auth__LDAP__USER_SEARCH_BASE={{ ldap.dn.users }}
|
|
GITEA__auth__LDAP__USER_FILTER={{ ldap.filters.user_filter }}
|
|
# map LDAP attributes to Gitea fields
|
|
GITEA__auth__LDAP__ATTRIBUTE_USERNAME={{ ldap.attributes.user_id }}
|
|
GITEA__auth__LDAP__ATTRIBUTE_FULL_NAME={{ ldap.attributes.name }}
|
|
GITEA__auth__LDAP__ATTRIBUTE_MAIL={{ ldap.attributes.mail }}
|
|
|
|
# ------------------------------------------------
|
|
# Periodic sync for external LDAP users
|
|
# ------------------------------------------------
|
|
GITEA__cron__SYNC_EXTERNAL_USERS_ENABLED=true
|
|
# default: sync daily at midnight
|
|
GITEA__cron__SYNC_EXTERNAL_USERS_CRON=0 0 * * *
|
|
{% endif %}
|
|
|
|
# ------------------------------------------------
|
|
# Disable user self-registration
|
|
# ------------------------------------------------
|
|
# After this only admins can create accounts
|
|
GITEA__service__DISABLE_REGISTRATION=false
|
|
|