|
|
@@ -419,35 +419,6 @@ function install_gogs {
|
|
419
|
419
|
exit 72528
|
|
420
|
420
|
fi
|
|
421
|
421
|
|
|
422
|
|
- if ! grep -q $"Gogs admin user password" /home/${MY_USERNAME}/README; then
|
|
423
|
|
- echo '' >> /home/${MY_USERNAME}/README
|
|
424
|
|
- echo '' >> /home/${MY_USERNAME}/README
|
|
425
|
|
- echo 'Gogs' >> /home/${MY_USERNAME}/README
|
|
426
|
|
- echo '====' >> /home/${MY_USERNAME}/README
|
|
427
|
|
- echo $'Install Steps For First-time Run:' >> /home/${MY_USERNAME}/README
|
|
428
|
|
- echo $'Leave email service settings empty' >> /home/${MY_USERNAME}/README
|
|
429
|
|
- echo $'Check "Enable Register Confirmation"' >> /home/${MY_USERNAME}/README
|
|
430
|
|
- echo $'Check "Enable Mail Notification"' >> /home/${MY_USERNAME}/README
|
|
431
|
|
- echo '' >> /home/${MY_USERNAME}/README
|
|
432
|
|
- echo $'If you want to disable new account registrations then append the following:' >> /home/${MY_USERNAME}/README
|
|
433
|
|
- echo ' [service]' >> /home/${MY_USERNAME}/README
|
|
434
|
|
- echo ' DISABLE_REGISTRATION = true' >> /home/${MY_USERNAME}/README
|
|
435
|
|
- echo $'Then restart with:' >> /home/${MY_USERNAME}/README
|
|
436
|
|
- echo ' systemctl restart gogs' >> /home/${MY_USERNAME}/README
|
|
437
|
|
- echo '' >> /home/${MY_USERNAME}/README
|
|
438
|
|
- echo $"Note that there's a usability/security trade-off made here." >> /home/${MY_USERNAME}/README
|
|
439
|
|
- echo $"In order to allow git clone via http we don't redirect everything" >> /home/${MY_USERNAME}/README
|
|
440
|
|
- echo $'over https. Instead only critical things such as user login,' >> /home/${MY_USERNAME}/README
|
|
441
|
|
- echo $'settings and admin are encrypted.' >> /home/${MY_USERNAME}/README
|
|
442
|
|
- echo $'There are also potential security issues with cloning/pulling/pushing' >> /home/${MY_USERNAME}/README
|
|
443
|
|
- echo $'code over http, since a determined adversary could inject malware' >> /home/${MY_USERNAME}/README
|
|
444
|
|
- echo $'into the stream as it passes, so beware.' >> /home/${MY_USERNAME}/README
|
|
445
|
|
- echo $'If you have a bought domain and a non-self signed cert then you' >> /home/${MY_USERNAME}/README
|
|
446
|
|
- echo $"should change /etc/nginx/sites-available/${GIT_DOMAIN_NAME} to redirect everything over https." >> /home/${MY_USERNAME}/README
|
|
447
|
|
- chown ${MY_USERNAME}:${MY_USERNAME} /home/${MY_USERNAME}/README
|
|
448
|
|
- chmod 600 /home/${MY_USERNAME}/README
|
|
449
|
|
- fi
|
|
450
|
|
-
|
|
451
|
422
|
function_check initialise_database
|
|
452
|
423
|
initialise_database gogs /home/${GOGS_USERNAME}/scripts/mysql.sql
|
|
453
|
424
|
|
Bob Mottram
8 年之前