;; These values are environment-dependent but form the basis of a lot of values. They will be
;; reported as part of the default configuration when running `gitea help` or on start-up. The order they are emitted there is slightly different but we will list them here in the order they are set-up.
;;
;; - _`AppPath`_: This is the absolute path of the running gitea binary.
;; - _`AppWorkPath`_: This refers to "working path" of the `gitea` binary. It is determined by using the first set thing in the following hierarchy:
;; - The "WORK_PATH" option in "app.ini" file
;; - The `--work-path` flag passed to the binary
;; - The environment variable `$GITEA_WORK_DIR`
;; - A built-in value set at build time (see building from source)
;; - Otherwise it defaults to the directory of the _`AppPath`_
;; - If any of the above are relative paths then they are made absolute against the directory of the _`AppPath`_
;; - _`CustomPath`_: This is the base directory for custom templates and other options. It is determined by using the first set thing in the following hierarchy:
;; - The `--custom-path` flag passed to the binary
;; - The environment variable `$GITEA_CUSTOM`
;; - A built-in value set at build time (see building from source)
;; - Otherwise it defaults to _`AppWorkPath`_`/custom`
;; - If any of the above are relative paths then they are made absolute against the directory of the _`AppWorkPath`_
;; - _`CustomConf`_: This is the path to the `app.ini` file.
;; - The `--config` flag passed to the binary
;; - A built-in value set at build time (see building from source)
;; - Otherwise it defaults to _`CustomPath`_`/conf/app.ini`
;; - If any of the above are relative paths then they are made absolute against the directory of the _`CustomPath`_
;;
;; In addition there is _`StaticRootPath`_ which can be set as a built-in at build time, but will otherwise default to _`AppWorkPath`_
SSL_MODE = {{ forgejo_config_database_ssl_mode | default('false', True) }} ; either "false" (default), "true", or "skip-verify"
CHARSET_COLLATION = {{ forgejo_config_database_charset_collation | default('', True) }} ; Empty as default, Gitea will try to find a case-sensitive collation. Don't change it unless you clearly know what you need.
; Set to false to allow users with git hook privileges to create custom git hooks.
;; Custom git hooks can be used to perform arbitrary code execution on the host operating system.
;; This enables the users to access and modify this config file and the Gitea database and interrupt the Gitea service.
;; By modifying the Gitea database, users can gain Gitea administrator privileges.
;; It also enables them to access other resources available to the user on the operating system that is running the Gitea instance and perform arbitrary actions in the name of the Gitea OS user.
;; WARNING: This maybe harmful to you website or your operating system.
;; WARNING: Setting this to true does not change existing hooks in git repos; adjust it before if necessary.
DISABLE_GIT_HOOKS = true
;; Set to false to allow pushes to gitea repositories despite having an incomplete environment - NOT RECOMMENDED
ONLY_ALLOW_PUSH_IF_GITEA_ENVIRONMENT_SET = true
;;Comma separated list of character classes required to pass minimum complexity.
;;If left empty or no valid values are specified, the default is off (no checking)
;; Path for local repository copy. Defaults to `tmp/local-repo` (content gets deleted on gitea restart)
;LOCAL_COPY_PATH = tmp/local-repo
[repository.upload]
;; Whether repository file uploads are enabled. Defaults to `true`
;ENABLED = true
;; Path for uploads. Defaults to `data/tmp/uploads` (content gets deleted on gitea restart)
;TEMP_PATH = data/tmp/uploads
;; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
;; List of keywords used in Pull Request comments to automatically reopen a related issue
;REOPEN_KEYWORDS = reopen,reopens,reopened
;; Set default merge style for repository creating, valid options: merge, rebase, rebase-merge, squash, fast-forward-only
DEFAULT_MERGE_STYLE = rebase
[repository.release]
;; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
;ALLOWED_TYPES =
DEFAULT_PAGING_NUM = 30
[repository.signing]
;; Signing format that Forgejo should use, openpgp uses GPG and ssh uses OpenSSH.
;FORMAT = openpgp
;; Sets the default trust model for repositories. Options are: collaborator, committer, collaboratorcommitter
;; Send an email to all admins when a new user signs up to inform the admins about this act. Options: true, false
SEND_NOTIFICATION_EMAIL_ON_NEW_USER = true
[moderation]
;; When true enables moderation capabilities; default is false.
;; If enabled it will be possible for users to report abusive content (new actions are added in the UI and /report_abuse route will be enabled) and a new Moderation section will be added to Admin settings where the reports can be reviewed.
ENABLED = true
[openid]
;; Whether to allow signin in via OpenID
;ENABLE_OPENID_SIGNIN = true
;; Whether to allow registering via OpenID
;; Do not include to rely on rhw DISABLE_REGISTRATION setting
;ENABLE_OPENID_SIGNUP = true
[oauth2_client]
;; Automatically create user accounts for new oauth2 users.
ENABLE_AUTO_REGISTRATION = true
;; The source of the username for new oauth2 accounts:
;; userid = use the userid / sub attribute
;; nickname = use the nickname attribute
;; email = use the username part of the email attribute
;; Note: `nickname` and `email` options will normalize input strings using the following criteria:
;; - diacritics are removed
;; - the characters in the set `['´\x60]` are removed
;; - the characters in the set `[\s~+]` are replaced with `-`
;USERNAME = nickname
;; How to handle if an account / email already exists:
;; If set to `true`, completely ignores server certificate validation errors.
;; This option is unsafe. Consider adding the certificate to the system trust store instead.
FORCE_TRUST_SERVER_CERT = false
;; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
FROM = {{ forgejo_config_mailer_form | default('', True) }}
;; If gitea sends mails on behalf of users, it will just use the name also displayed in the WebUI. If you want e.g. `Mister X (by CodeIt) <gitea@codeit.net>`,
{% raw %}
;; set it to `{{ .DisplayName }} (by {{ .AppName }})`. Available Variables: `.DisplayName`, `.AppName` and `.Domain`.
;FROM_DISPLAY_NAME_FORMAT = {{ .DisplayName }}
{% endraw %}
;; Mailer user name and password, if required by provider.
USER = {{ forgejo_config_mailer_user | default('', True) }}
;; Use PASSWD = `your password` for quoting if you use special characters in the password.
;; For "redis" and "memcache", connection host address
;; redis: `redis://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` (or `redis+cluster://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` for a Redis cluster)
;; memcache: `127.0.0.1:11211`
;; twoqueue: `{"size":50000,"recent_ratio":0.25,"ghost_ratio":0.5}` or `50000`
;; redis: `redis://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` (or `redis+cluster://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` for a Redis cluster)
;; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
PROVIDER_CONFIG = {{ forgejo_config_session_provider_config | default('data/sessions', True) }} ; Relative paths will be made absolute against _`AppWorkPath`_.
;; Session cookie name
COOKIE_NAME = anvil_info
;; SameSite settings. Either "none", "lax", or "strict"
;; Whether issue and pull request attachments are enabled. Defaults to `true`
ENABLED = true
;; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
;; Run check repository statistics task when Gitea starts.
RUN_AT_START = true
;; Notice if not success
NOTICE_ON_SUCCESS = false
SCHEDULE = @midnight
[cron.update_migration_poster_id]
; Update migrated repositories' issues and comments' posterid, it will always attempt synchronization when the instance starts.
ENABLED = true
;; Update migrated repositories' issues and comments' posterid when starting server (default true)
RUN_AT_START = true
;; Notice if not success
NOTICE_ON_SUCCESS = false
;; Interval as a duration between each synchronization. (default every 24h)
SCHEDULE = @midnight
[cron.sync_external_users]
ENABLED = true
;; Synchronize external user data when starting server (default false)
RUN_AT_START = false
;; Notice if not success
NOTICE_ON_SUCCESS = false
;; Interval as a duration between each synchronization (default every 24h)
SCHEDULE = @midnight
;; Create new users, update existing user data and disable users that are not in external source anymore (default)
;; or only create new users if UPDATE_EXISTING is set to false
UPDATE_EXISTING = true
[cron.cleanup_actions]
ENABLED = true
RUN_AT_START = true
SCHEDULE = @midnight
[cron.deleted_branches_cleanup]
ENABLED = true
;; Clean-up deleted branches when starting server (default true)
RUN_AT_START = true
;; Notice if not success
NOTICE_ON_SUCCESS = false
;; Interval as a duration between each synchronization (default every 24h)
SCHEDULE = @midnight
;; deleted branches than OLDER_THAN ago are subject to deletion
OLDER_THAN = 72h
[cron.cleanup_hook_task_table]
;; Whether to enable the job
ENABLED = true
;; Whether to always run at start up time (if ENABLED)
RUN_AT_START = false
;; Time interval for job to run
SCHEDULE = @midnight
;; OlderThan or PerWebhook. How the records are removed, either by age (i.e. how long ago hook_task record was delivered) or by the number to keep per webhook (i.e. keep most recent x deliveries per webhook).
CLEANUP_TYPE = OlderThan
;; If CLEANUP_TYPE is set to OlderThan, then any delivered hook_task records older than this expression will be deleted.
OLDER_THAN = 168h
;; If CLEANUP_TYPE is set to PerWebhook, this is number of hook_task records to keep for a webhook (i.e. keep the most recent x deliveries).
NUMBER_TO_KEEP = 10
[cron.cleanup_packages]
;; Whether to enable the job
ENABLED = true
;; Whether to always run at least once at start up time (if ENABLED)
RUN_AT_START = true
;; Whether to emit notice on successful execution too
NOTICE_ON_SUCCESS = false
;; Time interval for job to run
SCHEDULE = @midnight
;; Unreferenced blobs created more than OLDER_THAN ago are subject to deletion
OLDER_THAN = 72h
[cron.delete_inactive_accounts]
ENABLED = false
;RUN_AT_START = false
;NOTICE_ON_SUCCESS = false
;SCHEDULE = @annually
;OLDER_THAN = 168h
[cron.delete_repo_archives]
ENABLED = false
;RUN_AT_START = false
;NOTICE_ON_SUCCESS = false
;SCHEDULE = @annually;
[cron.git_gc_repos]
ENABLED = false
;RUN_AT_START = false
;NOTICE_ON_SUCCESS = false
;SCHEDULE = @every 72h
;TIMEOUT = 60s
;; Arguments for command 'git gc'
;; The default value is same with [git] -> GC_ARGS
;; Garbage collect LFS pointers in repositories (default false)
;RUN_AT_START = false
;; Interval as a duration between each gc run (default every 24h)
;SCHEDULE = @every 24h
;; Only attempt to garbage collect LFSMetaObjects older than this (default 7 days)
;OLDER_THAN = 168h
;; Only attempt to garbage collect LFSMetaObjects that have not been attempted to be garbage collected for this long (default 3 days)
;LAST_UPDATED_MORE_THAN_AGO = 72h
; Minimum number of stale LFSMetaObjects to check per repo. Set to `0` to always check all.
;NUMBER_TO_CHECK_PER_REPO = 100
;Check at least this proportion of LFSMetaObjects per repo. (This may cause all stale LFSMetaObjects to be checked.)
;PROPORTION_TO_CHECK_PER_REPO = 0.6
{% endif %}
[mirror]
;; Enables the mirror functionality. Set to **false** to disable all mirrors. Pre-existing mirrors remain valid but won't be updated; may be converted to regular repo.
ENABLED = true
[highlight.mapping]
;; Extension mapping to highlight class
;; e.g. .toml=ini
.mdx=markdown
[other]
;; Show version information about Gitea and Go in the footer
SHOW_FOOTER_VERSION = false
;; Show template execution time in the footer
;SHOW_FOOTER_TEMPLATE_LOAD_TIME = true
;; Show the "powered by" text in the footer
;SHOW_FOOTER_POWERED_BY = true
;; Generate sitemap. Defaults to `true`.
;ENABLE_SITEMAP = true
;; Enable/Disable RSS/Atom feed
;ENABLE_FEED = true
[markup]
;; Set the maximum number of characters in a mermaid source. (Set to -1 to disable limits)
MERMAID_MAX_SOURCE_CHARACTERS = 50000
;; Set the maximum number of lines allowed for a filepreview. (Set to -1 to disable limits; set to 0 to disable the feature)
FILEPREVIEW_MAX_LINES = 50
[markup.sanitizer.1]
;; The following keys can appear once to define a sanitation policy rule.
;; This section can appear multiple times by adding a unique alphanumeric suffix to define multiple rules.
;; List of file extensions that should be rendered by an external command
;FILE_EXTENSIONS = .adoc,.asciidoc
;; External command to render all matching extensions
;RENDER_COMMAND = "asciidoc --out-file=- -"
;; Don't pass the file on STDIN, pass the filename as argument instead.
;IS_INPUT_FILE = false
;; How the content will be rendered.
;; * sanitized: Sanitize the content and render it inside current page, default to only allow a few HTML tags and attributes. Customized sanitizer rules can be defined in [markup.sanitizer.*] .
;; * no-sanitizer: Disable the sanitizer and render the content inside current page. It's **insecure** and may lead to XSS attack if the content contains malicious code.
;; * iframe: Render the content in a separate standalone page and embed it into current page by iframe. The iframe is in sandbox mode with same-origin disabled, and the JS code are safely isolated from parent page.
;RENDER_CONTENT_MODE=sanitized
[metrics]
;; Enables metrics endpoint. True or false; default is false.
ENABLED = false
;; If you want to add authorization, specify a token here
;TOKEN =
;; Enable issue by label metrics; default is false
;ENABLED_ISSUE_BY_LABEL = false
;; Enable issue by repository metrics; default is false
;ENABLED_ISSUE_BY_REPOSITORY = false
[packages]
;; Enable/Disable package registry capabilities
ENABLED = true
[actions]
;; Enable/Disable actions capabilities
ENABLED = true
;; Default address to get action plugins, e.g. the default value means downloading from "https://code.forgejo.org/actions/checkout" for "uses: actions/checkout@v3"
;DEFAULT_ACTIONS_URL = https://code.forgejo.org
;; Logs retention time in days. Old logs will be deleted after this period.
;LOG_RETENTION_DAYS = 365
;; Log compression type, `none` for no compression, `zstd` for zstd compression.
;; Other compression types like `gzip` are NOT supported, since seekable stream is required for log view.
;; It's always recommended to use compression when using local disk as log storage if CPU or memory is not a bottleneck.
;; And for object storage services like S3, which is billed for requests, it would cause extra 2 times of get requests for each log view.
;; But it will save storage space and network bandwidth, so it's still recommended to use compression.
;LOG_COMPRESSION = zstd
;; Default artifact retention time in days. Artifacts could have their own retention periods by setting the `retention-days` option in `actions/upload-artifact` step.
;ARTIFACT_RETENTION_DAYS = 90
;; Timeout to stop the task which have running status, but haven't been updated for a long time
;ZOMBIE_TASK_TIMEOUT = 10m
;; Timeout to stop the tasks which have running status and continuous updates, but don't end for a long time
;ENDLESS_TASK_TIMEOUT = 3h
;; Timeout to cancel the jobs which have waiting status, but haven't been picked by a runner for a long time
;ABANDONED_JOB_TIMEOUT = 24h
;; Strings committers can place inside a commit message or PR title to skip executing the corresponding actions workflow
NaeiKinDus
