v1.10.4 Changelog (#10294)

* v1.10.4 Changelog

* Add backport identifier for #10261

* Update CHANGELOG.md entry for #9884

* Workaround docker-library/postgres#658

* Update .drone.yml

.bra.toml

@@ -1,19 +0,0 @@
-[run]
-init_cmds = [
-	["make", "build-dev"],
-	["./gogs", "web"]
-]
-watch_all = true
-watch_dirs = [
-	"$WORKDIR/cmd",
-	"$WORKDIR/models",
-	"$WORKDIR/modules",
-	"$WORKDIR/routers"
-]
-watch_exts = [".go"]
-ignore_files = [".+_test.go"]
-build_delay = 1500
-cmds = [
-	["make", "build-dev"], # TAGS=sqlite cert pam tidb
-	["./gogs", "web"]
-]

.changelog.yml

@@ -0,0 +1,44 @@
+repo: go-gitea/gitea
+groups:
+  -
+    name: BREAKING
+    labels:
+      - kind/breaking
+  -
+    name: FEATURE
+    labels:
+      - kind/feature
+  -
+    name: SECURITY
+    labels:
+      - kind/security
+  -
+    name: BUGFIXES
+    labels:
+      - kind/bug
+  -
+    name: ENHANCEMENT
+    labels:
+      - kind/enhancement
+      - kind/refactor
+      - kind/ui
+  -
+    name: TESTING
+    labels:
+      - kind/testing
+  -
+    name: TRANSLATION
+    labels:
+      - kind/translation
+  -
+    name: BUILD
+    labels:
+      - kind/build
+      - kind/lint
+  -
+    name: DOCS
+    labels:
+      - kind/docs
+  -
+    name: MISC
+    default: true

.codebeatignore

@@ -1,7 +0,0 @@
-conf/**
-docker/**
-modules/bindata/**
-packager/**
-public/**
-scripts/**
-templates/**

.codebeatsettings

@@ -1,7 +0,0 @@
-{
-	"GOLANG": {
-		"TOTAL_LOC": [500, 999, 1999, 9999],
-		"TOO_MANY_FUNCTIONS": [50, 99, 199, 999],
-		"TOO_MANY_IVARS": [20, 50, 70, 99]
-	}
-}

.dockerignore

@@ -1,19 +0,0 @@
-.git
-.git/**
-packager
-packager/**
-scripts
-scripts/**
-.github/
-.github/**
-config.codekit
-.dockerignore
-*.yml
-*.md
-.bra.toml
-.editorconfig
-.gitignore
-Dockerfile*
-vendor
-vendor/**
-gogs

.drone.yml

@@ -0,0 +1,781 @@
+---
+kind: pipeline
+name: testing
+
+platform:
+  os: linux
+  arch: amd64
+
+workspace:
+  base: /go
+  path: src/code.gitea.io/gitea
+
+services:
+  - name: mysql
+    pull: default
+    image: mysql:5.7
+    environment:
+      MYSQL_ALLOW_EMPTY_PASSWORD: yes
+      MYSQL_DATABASE: test
+
+  - name: mysql8
+    pull: default
+    image: mysql:8.0
+    environment:
+      MYSQL_ALLOW_EMPTY_PASSWORD: yes
+      MYSQL_DATABASE: testgitea
+
+  - name: pgsql
+    pull: default
+    image: postgres:9.5
+    environment:
+      POSTGRES_DB: test
+      POSTGRES_PASSWORD: postgres
+
+  - name: mssql
+    pull: default
+    image: microsoft/mssql-server-linux:latest
+    environment:
+      ACCEPT_EULA: Y
+      MSSQL_PID: Standard
+      SA_PASSWORD: MwantsaSecurePassword1
+
+  - name: ldap
+    pull: default
+    image: gitea/test-openldap:latest
+
+steps:
+  - name: fetch-tags
+    pull: default
+    image: docker:git
+    commands:
+      - git fetch --tags --force
+    when:
+      event:
+        exclude:
+          - pull_request
+
+  - name: pre-build
+    pull: always
+    image: webhippie/nodejs:latest
+    commands:
+      - make css
+      - make js
+
+  - name: build-without-gcc
+    pull: always
+    image: golang:1.11 # this step is kept as the lowest version of golang that we support
+    environment:
+      GO111MODULE: on
+      GOPROXY: off
+    commands:
+      - go build -mod=vendor -o gitea_no_gcc # test if build succeeds without the sqlite tag
+
+  - name: build-linux-386
+    pull: always
+    image: golang:1.13
+    environment:
+      GO111MODULE: on
+      GOPROXY: off
+      GOOS: linux
+      GOARCH: 386
+    commands:
+      - go build -mod=vendor -o gitea_linux_386 # test if compatible with 32 bit
+
+  - name: build
+    pull: always
+    image: golang:1.13
+    commands:
+      - make clean
+      - make generate
+      - make golangci-lint
+      - make revive
+      - make swagger-check
+      - make swagger-validate
+      - make test-vendor
+      - make build
+    environment:
+      GOPROXY: https://goproxy.cn # proxy.golang.org is blocked in China, this proxy is not
+      GOSUMDB: sum.golang.org
+      TAGS: bindata sqlite sqlite_unlock_notify
+
+  - name: unit-test
+    pull: always
+    image: golang:1.13
+    commands:
+      - make unit-test-coverage
+    environment:
+      GOPROXY: off
+      TAGS: bindata sqlite sqlite_unlock_notify
+    depends_on:
+      - build
+    when:
+      branch:
+        - master
+      event:
+        - push
+        - pull_request
+
+  - name: release-test
+    pull: always
+    image: golang:1.13
+    commands:
+      - make test
+    environment:
+      GOPROXY: off
+      TAGS: bindata sqlite sqlite_unlock_notify
+    depends_on:
+      - build
+    when:
+      branch:
+        - "release/*"
+      event:
+        - push
+        - pull_request
+
+  - name: tag-pre-condition
+    pull: always
+    image: alpine/git
+    commands:
+      - git update-ref refs/heads/tag_test ${DRONE_COMMIT_SHA}
+    depends_on:
+      - build
+    when:
+      event:
+        - tag
+
+  - name: tag-test
+    pull: always
+    image: golang:1.13
+    commands:
+      - make test
+    environment:
+      GOPROXY: off
+      TAGS: bindata
+    depends_on:
+      - tag-pre-condition
+    when:
+      event:
+        - tag
+
+  - name: test-sqlite
+    pull: always
+    image: golang:1.13
+    commands:
+      - "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
+      - apt-get install -y git-lfs
+      - timeout -s ABRT 20m make test-sqlite-migration
+      - timeout -s ABRT 20m make test-sqlite
+    environment:
+      GOPROXY: off
+      TAGS: bindata
+    depends_on:
+      - build
+
+  - name: test-mysql
+    pull: always
+    image: golang:1.13
+    commands:
+      - "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
+      - apt-get install -y git-lfs
+      - make test-mysql-migration
+      - make integration-test-coverage
+    environment:
+      GOPROXY: off
+      TAGS: bindata
+      TEST_LDAP: 1
+    depends_on:
+      - build
+    when:
+      branch:
+        - master
+      event:
+        - push
+        - pull_request
+
+  - name: tag-test-mysql
+    pull: always
+    image: golang:1.13
+    commands:
+      - "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
+      - apt-get install -y git-lfs
+      - timeout -s ABRT 20m make test-mysql-migration
+      - timeout -s ABRT 20m make test-mysql
+    environment:
+      GOPROXY: off
+      TAGS: bindata
+      TEST_LDAP: 1
+    depends_on:
+      - build
+    when:
+      event:
+        - tag
+
+  - name: test-mysql8
+    pull: always
+    image: golang:1.13
+    commands:
+      - "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
+      - apt-get install -y git-lfs
+      - timeout -s ABRT 20m make test-mysql8-migration
+      - timeout -s ABRT 20m make test-mysql8
+    environment:
+      GOPROXY: off
+      TAGS: bindata
+      TEST_LDAP: 1
+    depends_on:
+      - build
+
+  - name: test-pgsql
+    pull: always
+    image: golang:1.13
+    commands:
+      - "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
+      - apt-get install -y git-lfs
+      - timeout -s ABRT 20m make test-pgsql-migration
+      - timeout -s ABRT 20m make test-pgsql
+    environment:
+      GOPROXY: off
+      TAGS: bindata
+      TEST_LDAP: 1
+    depends_on:
+      - build
+
+  - name: test-mssql
+    pull: always
+    image: golang:1.13
+    commands:
+      - "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
+      - apt-get install -y git-lfs
+      - make test-mssql-migration
+      - make test-mssql
+    environment:
+      GOPROXY: off
+      TAGS: bindata
+      TEST_LDAP: 1
+    depends_on:
+      - build
+
+  - name: generate-coverage
+    pull: always
+    image: golang:1.13
+    commands:
+      - make coverage
+    environment:
+      GOPROXY: off
+      TAGS: bindata
+    depends_on:
+      - unit-test
+      - test-mysql
+    when:
+      branch:
+        - master
+      event:
+        - push
+        - pull_request
+
+  - name: coverage
+    pull: always
+    image: robertstettner/drone-codecov
+    settings:
+      files:
+        - coverage.all
+    environment:
+      CODECOV_TOKEN:
+        from_secret: codecov_token
+    depends_on:
+      - generate-coverage
+    when:
+      branch:
+        - master
+      event:
+        - push
+        - pull_request
+
+---
+kind: pipeline
+name: translations
+
+platform:
+  os: linux
+  arch: amd64
+
+workspace:
+  base: /go
+  path: src/code.gitea.io/gitea
+
+trigger:
+  branch:
+    - master
+  event:
+    - push
+
+steps:
+  - name: download
+    pull: always
+    image: jonasfranz/crowdin
+    settings:
+      download: true
+      export_dir: options/locale/
+      ignore_branch: true
+      project_identifier: gitea
+    environment:
+      CROWDIN_KEY:
+        from_secret: crowdin_key
+
+  - name: update
+    pull: default
+    image: alpine:3.10
+    commands:
+      - mv ./options/locale/locale_en-US.ini ./options/
+      - "sed -i -e 's/=\"/=/g' -e 's/\"$$//g' ./options/locale/*.ini"
+      - "sed -i -e 's/\\\\\\\\\"/\"/g' ./options/locale/*.ini"
+      - mv ./options/locale_en-US.ini ./options/locale/
+
+  - name: push
+    pull: always
+    image: appleboy/drone-git-push
+    settings:
+      author_email: "teabot@gitea.io"
+      author_name: GiteaBot
+      commit: true
+      commit_message: "[skip ci] Updated translations via Crowdin"
+      remote: "git@github.com:go-gitea/gitea.git"
+    environment:
+      GIT_PUSH_SSH_KEY:
+        from_secret: git_push_ssh_key
+
+  - name: upload_translations
+    pull: always
+    image: jonasfranz/crowdin
+    settings:
+      files:
+        locale_en-US.ini: options/locale/locale_en-US.ini
+      ignore_branch: true
+      project_identifier: gitea
+    environment:
+      CROWDIN_KEY:
+        from_secret: crowdin_key
+
+---
+kind: pipeline
+name: release-master
+
+platform:
+  os: linux
+  arch: amd64
+
+workspace:
+  base: /go
+  path: src/code.gitea.io/gitea
+
+trigger:
+  branch:
+    - master
+    - "release/*"
+  event:
+    - push
+
+depends_on:
+  - testing
+  - translations
+
+steps:
+  - name: fetch-tags
+    pull: default
+    image: docker:git
+    commands:
+      - git fetch --tags --force
+
+  - name: static
+    pull: always
+    image: techknowlogick/xgo:latest
+    commands:
+      - export PATH=$PATH:$GOPATH/bin
+      - make generate
+      - make release
+    environment:
+      GOPROXY: off
+      TAGS: bindata sqlite sqlite_unlock_notify
+
+  - name: gpg-sign
+    pull: always
+    image: plugins/gpgsign:1
+    settings:
+      detach_sign: true
+      excludes:
+        - "dist/release/*.sha256"
+      files:
+        - "dist/release/*"
+    environment:
+      GPGSIGN_KEY:
+        from_secret: gpgsign_key
+      GPGSIGN_PASSPHRASE:
+        from_secret: gpgsign_passphrase
+    depends_on:
+      - static
+
+  - name: release-branch-release
+    pull: always
+    image: plugins/s3:1
+    settings:
+      acl: public-read
+      bucket: releases
+      endpoint: https://storage.gitea.io
+      path_style: true
+      source: "dist/release/*"
+      strip_prefix: dist/release/
+      target: "/gitea/${DRONE_BRANCH##release/v}"
+    environment:
+      AWS_ACCESS_KEY_ID:
+        from_secret: aws_access_key_id
+      AWS_SECRET_ACCESS_KEY:
+        from_secret: aws_secret_access_key
+    depends_on:
+      - gpg-sign
+    when:
+      branch:
+        - "release/*"
+      event:
+        - push
+
+  - name: release
+    pull: always
+    image: plugins/s3:1
+    settings:
+      acl: public-read
+      bucket: releases
+      endpoint: https://storage.gitea.io
+      path_style: true
+      source: "dist/release/*"
+      strip_prefix: dist/release/
+      target: /gitea/master
+    environment:
+      AWS_ACCESS_KEY_ID:
+        from_secret: aws_access_key_id
+      AWS_SECRET_ACCESS_KEY:
+        from_secret: aws_secret_access_key
+    depends_on:
+      - gpg-sign
+    when:
+      branch:
+        - master
+      event:
+        - push
+
+---
+kind: pipeline
+name: release-version
+
+platform:
+  os: linux
+  arch: amd64
+
+workspace:
+  base: /go
+  path: src/code.gitea.io/gitea
+
+trigger:
+  event:
+    - tag
+
+depends_on:
+  - testing
+
+steps:
+  - name: fetch-tags
+    pull: default
+    image: docker:git
+    commands:
+      - git fetch --tags --force
+
+  - name: static
+    pull: always
+    image: techknowlogick/xgo:latest
+    commands:
+      - export PATH=$PATH:$GOPATH/bin
+      - make generate
+      - make release
+    environment:
+      GOPROXY: off
+      TAGS: bindata sqlite sqlite_unlock_notify
+
+  - name: gpg-sign
+    pull: always
+    image: plugins/gpgsign:1
+    settings:
+      detach_sign: true
+      excludes:
+        - "dist/release/*.sha256"
+      files:
+        - "dist/release/*"
+    environment:
+      GPGSIGN_KEY:
+        from_secret: gpgsign_key
+      GPGSIGN_PASSPHRASE:
+        from_secret: gpgsign_passphrase
+    depends_on:
+      - static
+
+  - name: release
+    pull: always
+    image: plugins/s3:1
+    settings:
+      acl: public-read
+      bucket: releases
+      endpoint: https://storage.gitea.io
+      path_style: true
+      source: "dist/release/*"
+      strip_prefix: dist/release/
+      target: "/gitea/${DRONE_TAG##v}"
+    environment:
+      AWS_ACCESS_KEY_ID:
+        from_secret: aws_access_key_id
+      AWS_SECRET_ACCESS_KEY:
+        from_secret: aws_secret_access_key
+    depends_on:
+      - gpg-sign
+
+  - name: github
+    pull: always
+    image: plugins/github-release:1
+    settings:
+      files:
+        - "dist/release/*"
+    environment:
+      GITHUB_TOKEN:
+        from_secret: github_token
+    depends_on:
+      - gpg-sign
+
+---
+kind: pipeline
+name: docs
+
+platform:
+  os: linux
+  arch: amd64
+
+workspace:
+  base: /go
+  path: src/code.gitea.io/gitea
+
+steps:
+  - name: build-docs
+    pull: always
+    image: webhippie/hugo:latest
+    commands:
+      - cd docs
+      - make trans-copy
+      - make clean
+      - make build
+
+  - name: publish-docs
+    pull: always
+    image: lucap/drone-netlify:latest
+    settings:
+      path: docs/public/
+      site_id: d2260bae-7861-4c02-8646-8f6440b12672
+    environment:
+      NETLIFY_TOKEN:
+        from_secret: netlify_token
+    when:
+      branch:
+        - master
+      event:
+        - push
+
+---
+kind: pipeline
+name: docker-linux-amd64
+
+platform:
+  os: linux
+  arch: amd64
+
+workspace:
+  base: /go
+  path: src/code.gitea.io/gitea
+
+depends_on:
+  - testing
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/tags/**"
+  - "refs/pull/**"
+
+steps:
+  - name: fetch-tags
+    pull: default
+    image: docker:git
+    commands:
+      - git fetch --tags --force
+    when:
+      event:
+        exclude:
+          - pull_request
+
+  - name: dryrun
+    pull: always
+    image: plugins/docker:linux-amd64
+    settings:
+      dry_run: true
+      repo: gitea/gitea
+      tags: linux-amd64
+      build_args:
+        - GOPROXY=off
+    when:
+      event:
+        - pull_request
+
+  - name: publish
+    pull: always
+    image: plugins/docker:linux-amd64
+    settings:
+      auto_tag: true
+      auto_tag_suffix: linux-amd64
+      repo: gitea/gitea
+      build_args:
+        - GOPROXY=off
+      password:
+        from_secret: docker_password
+      username:
+        from_secret: docker_username
+    when:
+      event:
+        exclude:
+        - pull_request
+
+
+
+---
+kind: pipeline
+name: docker-linux-arm64
+
+platform:
+  os: linux
+  arch: arm64
+
+workspace:
+  base: /go
+  path: src/code.gitea.io/gitea
+
+depends_on:
+  - testing
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/tags/**"
+  - "refs/pull/**"
+
+steps:
+  - name: fetch-tags
+    pull: default
+    image: docker:git
+    commands:
+      - git fetch --tags --force
+    when:
+      event:
+        exclude:
+          - pull_request
+
+  - name: dryrun
+    pull: always
+    image: plugins/docker:linux-arm64
+    settings:
+      dry_run: true
+      repo: gitea/gitea
+      tags: linux-arm64
+      build_args:
+        - GOPROXY=off
+    when:
+      event:
+        - pull_request
+
+  - name: publish
+    pull: always
+    image: plugins/docker:linux-arm64
+    settings:
+      auto_tag: true
+      auto_tag_suffix: linux-arm64
+      repo: gitea/gitea
+      build_args:
+        - GOPROXY=off
+      password:
+        from_secret: docker_password
+      username:
+        from_secret: docker_username
+    when:
+      event:
+        exclude:
+        - pull_request
+
+---
+kind: pipeline
+name: docker-manifest
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+  - name: manifest
+    pull: always
+    image: plugins/manifest
+    settings:
+      auto_tag: true
+      ignore_missing: true
+      spec: docker/manifest.tmpl
+      password:
+        from_secret: docker_password
+      username:
+        from_secret: docker_username
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/tags/**"
+
+depends_on:
+  - docker-linux-amd64
+  - docker-linux-arm64
+
+---
+kind: pipeline
+name: notify
+
+platform:
+  os: linux
+  arch: amd64
+
+workspace:
+  base: /go
+  path: src/code.gitea.io/gitea
+
+when:
+  status:
+    - success
+    - failure
+
+depends_on:
+  - testing
+  - translations
+  - release-version
+  - release-master
+  - docker-linux-amd64
+  - docker-linux-arm64
+  - docker-manifest
+  - docs
+
+steps:
+  - name: discord
+    pull: always
+    image: appleboy/drone-discord:1.0.0
+    environment:
+      DISCORD_WEBHOOK_ID:
+        from_secret: discord_webhook_id
+      DISCORD_WEBHOOK_TOKEN:
+        from_secret: discord_webhook_token

.editorconfig

@@ -1,25 +1,30 @@
 # http://editorconfig.org
-
 root = true
 
 [*]
 charset = utf-8
-end_of_line = lf
 insert_final_newline = true
 trim_trailing_whitespace = true
 
 [*.go]
 indent_style = tab
+indent_size = 8
+
+[*.{tmpl,html}]
+indent_style = tab
 indent_size = 4
 
-[*.tmpl]
-indent_style = tab
-indent_size = 2
+[*.less]
+indent_style = space
+indent_size = 4
 
-[*.{less,yml}]
+[*.{yml,json}]
 indent_style = space
 indent_size = 2
 
 [*.js]
 indent_style = space
 indent_size = 4
+
+[Makefile]
+indent_style = tab

.eslintrc

@@ -0,0 +1,27 @@
+root: true
+
+extends:
+  - eslint:recommended
+
+parserOptions:
+  ecmaVersion: 2015
+
+env:
+  browser: true
+  jquery: true
+  es6: true
+
+globals:
+  Clipboard: false
+  CodeMirror: false
+  emojify: false
+  SimpleMDE: false
+  Vue: false
+  Dropzone: false
+  u2fApi: false
+  hljs: false
+
+rules:
+  no-unused-vars: [error, {args: all, argsIgnorePattern: ^_, varsIgnorePattern: ^_, ignoreRestSiblings: true}]
+  prefer-const: [2, {destructuring: all}]
+  no-var: [2]

.gitattributes

@@ -1,11 +1,6 @@
-public/conf/gitignore/* linguist-vendored
-public/conf/license/* linguist-vendored
-public/assets/* linguist-vendored
-public/plugins/* linguist-vendored
-public/plugins/* linguist-vendored
-public/css/themes/* linguist-vendored
-public/css/github.min.css linguist-vendored
-public/css/semantic-2.2.1.min.css linguist-vendored
-public/js/libs/* linguist-vendored
-public/js/jquery-1.11.3.min.js linguist-vendored
-public/js/semantic-2.2.1.min.js linguist-vendored
+conf/* linguist-vendored
+docker/* linguist-vendored
+options/* linguist-vendored
+public/* linguist-vendored
+scripts/* linguist-vendored
+templates/* linguist-vendored

.github/CONTRIBUTING.md

@@ -1,63 +0,0 @@
-# Contributing to Gogs
-
-> This guidelines sheet is forked from [CONTRIBUTING.md](https://github.com/drone/drone/blob/8d9c7cee56d6c2eac81dc156ce27be6716d97e68/CONTRIBUTING.md).
-
-Gogs is not perfect, and it has bugs or incomplete features in rare cases. You're welcome to tell us, or to contribute some code. This document describes details about how can you contribute to Gogs project.
-
-## Contribution guidelines
-
-Depends on the situation, you will:
-
-- Find a bug and create an issue
-- Need more functionality and make a feature request
-- Want to contribute code and open a pull request
-- Run into issue and need help
-
-### Bug Report
-
-If you find something you consider a bug, please create a issue on [GitHub](https://github.com/gogits/gogs/issues). To avoid wasting time and reduce back-and-forth communication with team members, please include at least the following information in a form comfortable for you:
-
-- Bug Description
-- Gogs Version
-- Git Version
-- System Type
-- Error Log
-- Other information
-
-Please take a moment to check that an issue on [GitHub](https://github.com/gogits/gogs/issues) doesn't already exist documenting your bug report or improvement proposal. If it does, it never hurts to add a quick "+1" or "I have this problem too". This will help prioritize the most common problems and requests.
-
-#### Bug Report Example
-
-Gogs crashed when creating a repository with a license, using v0.5.13.0207, SQLite3, Git 1.9.0, Ubuntu 12.04.
-
-Error log:
-
-```
-2014/09/01 07:21:49 [E] nil pointer
-```
-
-### Feature Request
-
-There is no standard form of making a feature request. Just try to describe the feature as clearly as possible, because team members may not have experience with the functionality you're talking about.
-
-### Pull Request
-
-Please read detailed information on [Wiki](https://github.com/gogits/gogs/wiki/Contributing-Code).
-
-### Ask For Help
-
-Before opening an issue, please make sure your problem isn't already addressed on the [Troubleshooting](https://gogs.io/docs/intro/troubleshooting.html) and [FAQs](https://gogs.io/docs/intro/faqs.html) pages.
-
-## Code of conduct
-
-As contributors and maintainers of this project, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.
-
-We are committed to making participation in this project a harassment-free experience for everyone, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, age, or religion.
-
-Examples of unacceptable behavior by participants include the use of sexual language or imagery, derogatory comments or personal attacks, trolling, public or private harassment, insults, or other unprofessional conduct.
-
-Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. Project maintainers who do not follow the Code of Conduct may be removed from the project team.
-
-Instances of abusive, harassing, or otherwise unacceptable behavior can be reported by emailing u@gogs.io
-
-This Code of Conduct is adapted from the [Contributor Covenant](http:contributor-covenant.org), version 1.0.0, available at [http://contributor-covenant.org/version/1/0/0/](http://contributor-covenant.org/version/1/0/0/)

.github/FUNDING.yml

@@ -0,0 +1 @@
+open_collective: gitea

.github/ISSUE_TEMPLATE.md

@@ -1,25 +0,0 @@
-The issue will be closed without any reasons if it does not satisfy any of following requirements:
-
-1. Please speak English, we have forum in [Chinese](https://discuss.gogs.io/c/getting-help/getting-help-chinese).
-2. Please post questions or config/deploy problems on our forum: https://discuss.gogs.io, here are bugs and feature requests only.
-3. Please take a moment to search that an issue doesn't already exist.
-4. Please give all relevant information below for bug reports; incomplete details considered invalid report.
-
-**You MUST delete above content including this line before posting; too lazy to take this action considered invalid report.**
-
-- Gogs version (or commit ref): 
-- Git version: 
-- Operating system: 
-- Database (use `[x]`):
-  - [ ] PostgreSQL
-  - [ ] MySQL
-  - [ ] SQLite
-- Can you reproduce the bug at https://try.gogs.io:
-  - [ ] Yes (provide example URL)
-  - [ ] No
-  - [ ] Not relevant
-- Log gist:
-
-## Description
-
-...

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,9 +0,0 @@
-The pull request will be closed without any reasons if it does not satisfy any of following requirements:
-
-1. Please make sure you are targeting the `develop` branch.
-2. Please read contributing guidelines:
-https://github.com/gogits/gogs/wiki/Contributing-Code
-3. Please describe what your pull request does and which issue you're targeting
-4. ... if it is not related to any particular issues, explain why we should not reject your pull request.
-
-**You MUST delete above content including this line before posting; too lazy to take this action considered invalid pull request.**

.github/issue_template.md

@@ -0,0 +1,33 @@
+<!-- NOTE: If your issue is a security concern, please send an email to security@gitea.io instead of opening a public issue -->
+
+<!--
+    1. Please speak English, this is the language all maintainers can speak and write.
+    2. Please ask questions or configuration/deploy problems on our Discord 
+       server (https://discord.gg/gitea) or forum (https://discourse.gitea.io).
+    3. Please take a moment to check that your issue doesn't already exist.
+    4. Please give all relevant information below for bug reports, because 
+       incomplete details will be handled as an invalid report.
+-->
+
+- Gitea version (or commit ref):
+- Git version:
+- Operating system:
+- Database (use `[x]`):
+  - [ ] PostgreSQL
+  - [ ] MySQL
+  - [ ] MSSQL
+  - [ ] SQLite
+- Can you reproduce the bug at https://try.gitea.io:
+  - [ ] Yes (provide example URL)
+  - [ ] No
+  - [ ] Not relevant
+- Log gist:
+
+## Description
+
+...
+
+
+## Screenshots
+
+<!-- **If this issue involves the Web Interface, please include a screenshot** -->

.github/pull_request_template.md

@@ -0,0 +1,7 @@
+Please check the following:
+
+1. Make sure you are targeting the `master` branch, pull requests on release branches are only allowed for bug fixes.
+2. Read contributing guidelines: https://github.com/go-gitea/gitea/blob/master/CONTRIBUTING.md
+3. Describe what your pull request does and which issue you're targeting (if any)
+
+**You MUST delete the content above including this line before posting, otherwise your pull request will be invalid.**

.github/stale.yml

@@ -0,0 +1,53 @@
+# Configuration for probot-stale - https://github.com/probot/stale
+
+# Number of days of inactivity before an Issue or Pull Request becomes stale
+daysUntilStale: 60
+
+# Number of days of inactivity before an Issue or Pull Request with the stale label is closed.
+# Set to false to disable. If disabled, issues still need to be closed manually, but will remain marked as stale.
+daysUntilClose: 14
+
+# Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable
+exemptLabels:
+  - status/blocked 
+  - kind/security 
+  - lgtm/done
+  - reviewed/confirmed
+  - priority/critical
+  - kind/proposal
+
+# Set to true to ignore issues in a project (defaults to false)
+exemptProjects: false
+
+# Set to true to ignore issues in a milestone (defaults to false)
+exemptMilestones: false
+
+# Label to use when marking as stale
+staleLabel: stale
+
+# Comment to post when marking as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you
+  for your contributions.
+
+# Comment to post when closing a stale Issue or Pull Request.
+closeComment: >
+  This issue has been automatically closed because of inactivity.
+  You can re-open it if needed.
+
+# Limit the number of actions per hour, from 1-30. Default is 30
+limitPerRun: 1
+
+# Optionally, specify configuration settings that are specific to just 'issues' or 'pulls':
+pulls:
+  daysUntilStale: 60
+  daysUntilClose: 60
+  markComment: >
+    This pull request has been automatically marked as stale because it has not had
+    recent activity. It will be closed if no further activity occurs during the next 2 months. Thank you
+    for your contributions.
+  closeComment: >
+    This pull request has been automatically closed because of inactivity.
+    You can re-open it if needed.
+

.gitignore

@@ -1,20 +1,80 @@
-.DS_Store
+# Compiled Object files, Static and Dynamic libs (Shared Objects)
+*.o
+*.a
+*.so
+
+# Folders
+_obj
+_test
+
+# IntelliJ
+.idea
+
+# MS VSCode
+.vscode
+
+# Architecture specific extensions/prefixes
+*.[568vq]
+[568vq].out
+
+*.cgo1.go
+*.cgo2.c
+_cgo_defun.c
+_cgo_gotypes.go
+_cgo_export.*
+
+_testmain.go
+
+*.exe
+*.test
+*.prof
+
+*coverage.out
+coverage.all
+
+/modules/options/bindata.go
+/modules/public/bindata.go
+/modules/templates/bindata.go
+
 *.db
 *.log
-log/
-custom/
-data/
-.vendor/
-.idea/
-*.iml
-public/img/avatar/
-*.exe
-*.exe~
-/gogs
-profile/
-*.pem
-output*
-gogs.sublime-project
-gogs.sublime-workspace
-/release
-vendor
+
+/gitea
+/debug
+/integrations.test
+
+/bin
+/dist
+/custom
+/data
+/indexers
+/log
+/public/img/avatar
+/integrations/gitea-integration-mysql
+/integrations/gitea-integration-mysql8
+/integrations/gitea-integration-pgsql
+/integrations/gitea-integration-sqlite
+/integrations/gitea-integration-mssql
+/integrations/indexers-mysql
+/integrations/indexers-mysql8
+/integrations/indexers-pgsql
+/integrations/indexers-sqlite
+/integrations/indexers-mssql
+/integrations/mysql.ini
+/integrations/mysql8.ini
+/integrations/pgsql.ini
+/integrations/mssql.ini
+/node_modules
+/modules/indexer/issues/indexers
+routers/repo/authorized_keys
+/yarn.lock
+
+# Snapcraft
+snap/.snapcraft/
+parts/
+stage/
+prime/
+*.snap
+*.snap-build
+*_source.tar.bz2
+.DS_Store

.golangci.yml

@@ -0,0 +1,94 @@
+linters:
+  enable:
+    - gosimple
+    - deadcode
+    - typecheck
+    - govet
+    - errcheck
+    - staticcheck
+    - unused
+    - structcheck
+    - varcheck
+    - golint
+    - dupl
+    #- gocyclo # The cyclomatic complexety of a lot of functions is too high, we should refactor those another time.
+    - gofmt
+    - misspell
+    - gocritic
+  enable-all: false
+  disable-all: true
+  fast: false
+
+run:
+  timeout: 3m
+
+linters-settings:
+  gocritic:
+    disabled-checks:
+      - ifElseChain
+      - singleCaseSwitch # Every time this occured in the code, there  was no other way.
+
+issues:
+  exclude-rules:
+    # Exclude some linters from running on tests files.
+    - path: _test\.go
+      linters:
+        - gocyclo
+        - errcheck
+        - dupl
+        - gosec
+        - unparam
+        - staticcheck
+    - path: models/migrations/v
+      linters:
+        - gocyclo
+        - errcheck
+        - dupl
+        - gosec
+    - linters:
+        - dupl
+      text: "webhook"
+    - linters:
+        - gocritic
+      text: "`ID' should not be capitalized"
+    - path: modules/templates/helper.go
+      linters:
+        - gocritic
+    - linters:
+        - unused
+        - deadcode
+      text: "swagger"
+    - path: contrib/pr/checkout.go
+      linters:
+        - errcheck
+    - path: models/issue.go
+      linters:
+        - errcheck
+    - path: models/migrations/
+      linters:
+        - errcheck
+    - path: modules/log/
+      linters:
+        - errcheck
+    - path: routers/routes/routes.go
+      linters:
+        - dupl
+    - path: routers/repo/view.go
+      linters:
+        - dupl
+    - path: models/migrations/
+      linters:
+        - unused
+    - linters:
+        - staticcheck
+      text: "argument x is overwritten before first use"
+    - path: modules/httplib/httplib.go
+      linters:
+        - staticcheck
+    # Enabling this would require refactoring the methods and how they are called.
+    - path: models/issue_comment_list.go
+      linters:
+        - dupl
+    - linters:
+        - misspell
+      text: '`Unknwon` is a misspelling of `Unknown`'

.gopmfile

@@ -1,59 +0,0 @@
-[target]
-path = github.com/gogits/gogs
-
-[deps]
-github.com/bradfitz/gomemcache = commit:fb1f79c
-github.com/urfave/cli = commit:1efa31f
-github.com/go-macaron/binding = commit:9440f33
-github.com/go-macaron/cache = commit:5617353
-github.com/go-macaron/captcha = commit:8aa5919
-github.com/go-macaron/csrf = commit:6a9a7df
-github.com/go-macaron/gzip = commit:cad1c65
-github.com/go-macaron/i18n = commit:ef57533
-github.com/go-macaron/inject = commit:c5ab7bf
-github.com/go-macaron/session = commit:66031fc
-github.com/go-macaron/toolbox = commit:82b5115
-github.com/go-sql-driver/mysql = commit:0b58b37
-github.com/go-xorm/core = commit:5bf745d
-github.com/go-xorm/xorm = commit:c6c7056
-github.com/gogits/chardet = commit:2404f77
-github.com/gogits/cron = commit:7f3990a
-github.com/gogits/git-module = commit:5e0c133
-github.com/gogits/go-gogs-client = commit:c52f7ee
-github.com/issue9/identicon = commit:d36b545
-github.com/jaytaylor/html2text = commit:52d9b78
-github.com/kardianos/minwinsvc = commit:cad6b2b
-github.com/klauspost/compress = commit:14eb9c4
-github.com/klauspost/cpuid = commit:09cded8
-github.com/klauspost/crc32 = commit:19b0b33
-github.com/lib/pq = commit:80f8150
-github.com/mattn/go-sqlite3 = commit:e118d44
-github.com/mcuadros/go-version = commit:d52711f
-github.com/microcosm-cc/bluemonday = commit:9dc1992
-github.com/msteinert/pam = commit:02ccfbf
-github.com/nfnt/resize = commit:891127d
-github.com/russross/blackfriday = commit:93622da
-github.com/satori/go.uuid = commit:0aa62d5
-github.com/sergi/go-diff = commit:ec7fdbb
-github.com/strk/go-libravatar = commit:5eed7bf
-github.com/shurcooL/sanitized_anchor_name = commit:10ef21a
-github.com/Unknwon/cae = commit:7f5e046
-github.com/Unknwon/com = commit:28b053d
-github.com/Unknwon/i18n = commit:39d6f27
-github.com/Unknwon/paginater = commit:7748a72
-golang.org/x/crypto = commit:bc89c49
-golang.org/x/net = commit:57bfaa8
-golang.org/x/sys = commit:a646d33
-golang.org/x/text = commit:2910a50
-gopkg.in/alexcesaro/quotedprintable.v3 = commit:2caba25
-gopkg.in/asn1-ber.v1 = commit:4e86f43
-gopkg.in/bufio.v1 = commit:567b2bf
-gopkg.in/editorconfig/editorconfig-core-go.v1 = commit:a872f05
-gopkg.in/gomail.v2 = commit:81ebce5
-gopkg.in/ini.v1 = commit:cf53f92
-gopkg.in/ldap.v2 = commit:d0a5ced
-gopkg.in/macaron.v1 = commit:7564489
-gopkg.in/redis.v2 = commit:e617904
-
-[res]
-include = public|scripts|templates

.lgtm

@@ -0,0 +1,3 @@
+pattern = "(?)LGTM"
+self_approval_off = true
+ignore_maintainers_file = true

.mailmap

@@ -1,2 +0,0 @@
-Unknwon <u@gogs.io> <joe2010xtmf@163.com>
-Unknwon <u@gogs.io> 无闻 <u@gogs.io>

.npmrc

@@ -0,0 +1 @@
+save-exact=true

.pkgr.yml

@@ -1,27 +0,0 @@
-targets:
-  debian-7: &debian
-    build_dependencies:
-      - libpam0g-dev
-    dependencies:
-      - libpam0g
-      - git
-  debian-8:
-    <<: *debian
-  ubuntu-14.04:
-    <<: *debian
-  ubuntu-12.04:
-    <<: *debian
-  centos-6: &el
-    build_dependencies:
-      - pam-devel
-    dependencies:
-      - pam
-      - git
-  centos-7:
-    <<: *el
-before:
-  - mv packager/Procfile .
-  - mv packager/.godir .
-after:
-  - mv bin/main gogs
-after_install: ./packager/hooks/postinst

.revive.toml

@@ -0,0 +1,25 @@
+ignoreGeneratedHeader = false
+severity = "warning"
+confidence = 0.8
+errorCode = 1
+warningCode = 1
+
+[rule.blank-imports]
+[rule.context-as-argument]
+[rule.context-keys-type]
+[rule.dot-imports]
+[rule.error-return]
+[rule.error-strings]
+[rule.error-naming]
+[rule.exported]
+[rule.if-return]
+[rule.increment-decrement]
+[rule.var-naming]
+[rule.var-declaration]
+[rule.package-comments]
+[rule.range]
+[rule.receiver-naming]
+[rule.time-naming]
+[rule.unexported-return]
+[rule.indent-error-flow]
+[rule.errorf]

.stylelintrc

@@ -0,0 +1,11 @@
+extends: stylelint-config-standard
+
+rules:
+  block-closing-brace-empty-line-before: null
+  color-hex-length: null
+  comment-empty-line-before: null
+  declaration-empty-line-before: null
+  indentation: 4
+  no-descending-specificity: null
+  rule-empty-line-before: null
+  selector-pseudo-element-colon-notation: null

.travis.yml

@@ -1,30 +0,0 @@
-language: go
-
-go:
-  - 1.4
-  - 1.5
-  - 1.6
-  - 1.7
-
-before_install:
-  - sudo apt-get update -qq
-  - sudo apt-get install -y libpam-dev
-  - go get github.com/msteinert/pam 
-
-install:
-  - go get -t -v ./...
-
-script: 
-  - go build -v -tags "pam"
-  - go test -v -cover -race ./...
-
-notifications:
-  email:
-    - u@gogs.io
-  slack: gophercn:o5pSanyTeNhnfYc3QnG0X7Wx
-  webhooks:
-    urls:
-      - https://webhooks.gitter.im/e/b590f8e03882f7aedc3e
-    on_success: change 
-    on_failure: always 
-    on_start: never     

BSDmakefile

@@ -0,0 +1,51 @@
+# GNU makefile proxy script for BSD make
+# Written and maintained by Mahmoud Al-Qudsi <mqudsi@neosmart.net>
+# Copyright NeoSmart Technologies <https://neosmart.net/> 2014-2018
+# Obtain updates from <https://github.com/neosmart/gmake-proxy>
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice, this
+# list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright notice,
+# this list of conditions and the following disclaimer in the documentation
+# and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+JARG =
+GMAKE = "gmake"
+#When gmake is called from another make instance, -w is automatically added
+#which causes extraneous messages about directory changes to be emitted.
+#--no-print-directory silences these messages.
+GARGS = "--no-print-directory"
+
+.if "$(.MAKE.JOBS)" != ""
+JARG = -j$(.MAKE.JOBS)
+.endif
+
+#by default bmake will cd into ./obj first
+.OBJDIR: ./
+
+.PHONY: FRC
+$(.TARGETS): FRC
+	$(GMAKE) $(GARGS) $(.TARGETS:S,.DONE,,) $(JARG)
+
+.DONE .DEFAULT: .SILENT
+	$(GMAKE) $(GARGS) $(.TARGETS:S,.DONE,,) $(JARG)
+
+.ERROR: .SILENT
+	if ! which $(GMAKE) > /dev/null; then \
+		echo "GNU Make is required!"; \
+	fi

CONTRIBUTING.md

@@ -0,0 +1,300 @@
+# Contribution Guidelines
+
+## Table of Contents
+
+- [Contribution Guidelines](#contribution-guidelines)
+  - [Introduction](#introduction)
+  - [Bug reports](#bug-reports)
+  - [Discuss your design](#discuss-your-design)
+  - [Testing redux](#testing-redux)
+  - [Vendoring](#vendoring)
+  - [Translation](#translation)
+  - [Code review](#code-review)
+  - [Styleguide](#styleguide)
+  - [Developer Certificate of Origin (DCO)](#developer-certificate-of-origin-dco)
+  - [Release Cycle](#release-cycle)
+  - [Maintainers](#maintainers)
+  - [Owners](#owners)
+  - [Versions](#versions)
+  - [Releasing Gitea](#releasing-gitea)
+  - [Copyright](#copyright)
+
+## Introduction
+
+This document explains how to contribute changes to the Gitea project.
+It assumes you have followed the
+[installation instructions](https://docs.gitea.io/en-us/).
+Sensitive security-related issues should be reported to
+[security@gitea.io](mailto:security@gitea.io).
+
+For configuring IDE or code editor to develop Gitea see [IDE and code editor configuration](contrib/ide/)
+
+## Bug reports
+
+Please search the issues on the issue tracker with a variety of keywords
+to ensure your bug is not already reported.
+
+If unique, [open an issue](https://github.com/go-gitea/gitea/issues/new)
+and answer the questions so we can understand and reproduce the
+problematic behavior.
+
+To show us that the issue you are having is in Gitea itself, please
+write clear, concise instructions so we can reproduce the behavior—
+even if it seems obvious. The more detailed and specific you are,
+the faster we can fix the issue. Check out [How to Report Bugs
+Effectively](http://www.chiark.greenend.org.uk/~sgtatham/bugs.html).
+
+Please be kind, remember that Gitea comes at no cost to you, and you're
+getting free help.
+
+## Discuss your design
+
+The project welcomes submissions. If you want to change or add something,
+please let everyone know what you're working on—[file an issue](https://github.com/go-gitea/gitea/issues/new)!
+Significant changes must go through the change proposal process
+before they can be accepted. To create a proposal, file an issue with
+your proposed changes documented, and make sure to note in the title
+of the issue that it is a proposal.
+
+This process gives everyone a chance to validate the design, helps
+prevent duplication of effort, and ensures that the idea fits inside
+the goals for the project and tools. It also checks that the design is
+sound before code is written; the code review tool is not the place for
+high-level discussions.
+
+## Testing redux
+
+Before submitting a pull request, run all the tests for the whole tree
+to make sure your changes don't cause regression elsewhere.
+
+Here's how to run the test suite:
+
+- Install the correct version of the drone-cli package.  As of this
+  writing, the correct drone-cli version is
+  [1.1.0](https://docs.drone.io/cli/install/).
+- Ensure you have enough free disk space.  You will need at least
+  15-20 Gb of free disk space to hold all of the containers drone
+  creates (a default AWS or GCE disk size won't work -- see
+  [#6243](https://github.com/go-gitea/gitea/issues/6243)).
+- Change into the base directory of your copy of the gitea repository,
+  and run `drone exec --event pull_request`.
+
+The drone version, command line, and disk requirements do change over
+time (see [#4053](https://github.com/go-gitea/gitea/issues/4053) and
+[#6243](https://github.com/go-gitea/gitea/issues/6243)); if you
+discover any issues, please feel free to send us a pull request to
+update these instructions.
+
+## Vendoring
+
+We keep a cached copy of dependencies within the `vendor/` directory,
+managing updates via [Modules](https://golang.org/cmd/go/#hdr-Module_maintenance).
+
+Pull requests should only include `vendor/` updates if they are part of
+the same change, be it a bugfix or a feature addition.
+
+The `vendor/` update needs to be justified as part of the PR description,
+and must be verified by the reviewers and/or merger to always reference
+an existing upstream commit.
+
+You can find more information on how to get started with it on the [Modules Wiki](https://github.com/golang/go/wiki/Modules).
+
+## Translation
+
+We do all translation work inside [Crowdin](https://crowdin.com/project/gitea).
+The only translation that is maintained in this git repository is
+[`en_US.ini`](https://github.com/go-gitea/gitea/blob/master/options/locale/locale_en-US.ini)
+and is synced regularly to Crowdin. Once a translation has reached
+A SATISFACTORY PERCENTAGE it will be synced back into this repo and
+included in the next released version.
+
+## Building Gitea
+
+Generally, the go build tools are installed as-needed in the `Makefile`.
+An exception are the tools to build the CSS and images.
+
+- To build CSS: Install [Node.js](https://nodejs.org/en/download/package-manager) at version 8.0 or above
+  with `npm` and then run `npm install` and `make css`.
+- To build Images: ImageMagick, inkscape and zopflipng binaries must be
+  available in your `PATH` to run `make generate-images`.
+
+## Code review
+
+Changes to Gitea must be reviewed before they are accepted—no matter who
+makes the change, even if they are an owner or a maintainer. We use GitHub's
+pull request workflow to do that. And, we also use [LGTM](http://lgtm.co)
+to ensure every PR is reviewed by at least 2 maintainers.
+
+Please try to make your pull request easy to review for us. And, please read
+the *[How to get faster PR reviews](https://github.com/kubernetes/community/blob/261cb0fd089b64002c91e8eddceebf032462ccd6/contributors/guide/pull-requests.md#best-practices-for-faster-reviews)* guide;
+it has lots of useful tips for any project you may want to contribute.
+Some of the key points:
+
+* Make small pull requests. The smaller, the faster to review and the
+  more likely it will be merged soon.
+* Don't make changes unrelated to your PR. Maybe there are typos on
+  some comments, maybe refactoring would be welcome on a function... but
+  if that is not related to your PR, please make *another* PR for that.
+* Split big pull requests into multiple small ones. An incremental change
+  will be faster to review than a huge PR.
+
+## Styleguide
+
+For imports you should use the following format (_without_ the comments)
+```go
+import (
+  // stdlib
+  "encoding/json"
+  "fmt"
+
+  // local packages
+  "code.gitea.io/gitea/models"
+  "code.gitea.io/sdk/gitea"
+
+  // external packages
+  "github.com/foo/bar"
+  "gopkg.io/baz.v1"
+)
+```
+
+## Developer Certificate of Origin (DCO)
+
+We consider the act of contributing to the code by submitting a Pull
+Request as the "Sign off" or agreement to the certifications and terms
+of the [DCO](DCO) and [MIT license](LICENSE). No further action is required.
+Additionally you could add a line at the end of your commit message.
+
+```
+Signed-off-by: Joe Smith <joe.smith@email.com>
+```
+
+If you set your `user.name` and `user.email` git configs, you can add the
+line to the end of your commit automatically with `git commit -s`.
+
+We assume in good faith that the information you provide is legally binding.
+
+## Release Cycle
+
+We adopted a release schedule to streamline the process of working
+on, finishing, and issuing releases. The overall goal is to make a
+minor release every two months, which breaks down into one month of
+general development followed by one month of testing and polishing
+known as the release freeze. All the feature pull requests should be
+merged in the first month of one release period. And, during the frozen
+period, a corresponding release branch is open for fixes backported from
+master. Release candidates are made during this period for user testing to
+obtain a final version that is maintained in this branch. A release is
+maintained by issuing patch releases to only correct critical problems
+such as crashes or security issues.
+
+Major release cycles are bimonthly. They always begin on the 25th and end on
+the 24th (i.e., the 25th of December to February 24th).
+
+During a development cycle, we may also publish any necessary minor releases
+for the previous version. For example, if the latest, published release is
+v1.2, then minor changes for the previous release—e.g., v1.1.0 -> v1.1.1—are
+still possible.
+
+## Maintainers
+
+To make sure every PR is checked, we have [team
+maintainers](MAINTAINERS). Every PR **MUST** be reviewed by at least
+two maintainers (or owners) before it can get merged. A maintainer
+should be a contributor of Gitea (or Gogs) and contributed at least
+4 accepted PRs. A contributor should apply as a maintainer in the
+[Discord](https://discord.gg/NsatcWJ) #develop channel. The owners
+or the team maintainers may invite the contributor. A maintainer
+should spend some time on code reviews. If a maintainer has no
+time to do that, they should apply to leave the maintainers team
+and we will give them the honor of being a member of the [advisors
+team](https://github.com/orgs/go-gitea/teams/advisors). Of course, if
+an advisor has time to code review, we will gladly welcome them back
+to the maintainers team. If a maintainer is inactive for more than 3
+months and forgets to leave the maintainers team, the owners may move
+him or her from the maintainers team to the advisors team.
+For security reasons, Maintainers should use 2FA for their accounts and
+if possible provide gpg signed commits.
+https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/
+https://help.github.com/articles/signing-commits-with-gpg/
+
+## Owners
+
+Since Gitea is a pure community organization without any company support,
+to keep the development healthy we will elect three owners every year. All
+contributors may vote to elect up to three candidates, one of which will
+be the main owner, and the other two the assistant owners. When the new
+owners have been elected, the old owners will give up ownership to the
+newly elected owners. If an owner is unable to do so, the other owners
+will assist in ceding ownership to the newly elected owners.
+For security reasons, Owners or any account with write access (like a bot)
+must use 2FA.
+https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/
+
+After the election, the new owners should proactively agree
+with our [CONTRIBUTING](CONTRIBUTING.md) requirements in the
+[Discord](https://discord.gg/NsatcWJ) #general channel. Below are the
+words to speak:
+
+```
+I'm honored to having been elected an owner of Gitea, I agree with
+[CONTRIBUTING](CONTRIBUTING.md). I will spend part of my time on Gitea
+and lead the development of Gitea.
+```
+
+To honor the past owners, here's the history of the owners and the time
+they served:
+
+* 2016-11-04 ~ 2017-12-31
+  * [Lunny Xiao](https://github.com/lunny) <xiaolunwen@gmail.com>
+  * [Thomas Boerger](https://github.com/tboerger) <thomas@webhippie.de>
+  * [Kim Carlbäcker](https://github.com/bkcsoft) <kim.carlbacker@gmail.com>
+
+* 2018-01-01 ~ 2018-12-31
+  * [Lunny Xiao](https://github.com/lunny) <xiaolunwen@gmail.com>
+  * [Lauris Bukšis-Haberkorns](https://github.com/lafriks) <lauris@nix.lv>
+  * [Kim Carlbäcker](https://github.com/bkcsoft) <kim.carlbacker@gmail.com>
+
+* 2019-01-01 ~ 2019-12-31
+  * [Lunny Xiao](https://github.com/lunny) <xiaolunwen@gmail.com>
+  * [Lauris Bukšis-Haberkorns](https://github.com/lafriks) <lauris@nix.lv>
+  * [Matti Ranta](https://github.com/techknowlogick) <matti@mdranta.net>
+
+## Versions
+
+Gitea has the `master` branch as a tip branch and has version branches
+such as `release/v0.9`. `release/v0.9` is a release branch and we will
+tag `v0.9.0` for binary download. If `v0.9.0` has bugs, we will accept
+pull requests on the `release/v0.9` branch and publish a `v0.9.1` tag,
+after bringing the bug fix also to the master branch.
+
+Since the `master` branch is a tip version, if you wish to use Gitea
+in production, please download the latest release tag version. All the
+branches will be protected via GitHub, all the PRs to every branch must
+be reviewed by two maintainers and must pass the automatic tests.
+
+## Releasing Gitea
+
+* Let $vmaj, $vmin and $vpat be Major, Minor and Patch version numbers, $vpat should be rc1, rc2, 0, 1, ...... $vmaj.$vmin will be kept the same as milestones on github or gitea in future.
+* Before releasing, confirm all the version's milestone issues or PRs has been resolved. Then discuss the release on discord channel #maintainers and get agreed with almost all the owners and mergers. Or you can declare the version and if nobody against in about serval hours.
+* If this is a big version first you have to create PR for changelog on branch `master` with PRs with label `changelog` and after it has been merged do following steps:
+  * Create `-dev` tag as `git tag -s -F release.notes v$vmaj.$vmin.0-dev` and push the tag as `git push origin v$vmaj.$vmin.0-dev`.
+  * When CI has finished building tag then you have to create a new branch named `release/v$vmaj.$vmin`
+* If it is bugfix version create PR for changelog on branch `release/v$vmaj.$vmin` and wait till it is reviewed and merged.
+* Add a tag as `git tag -s -F release.notes v$vmaj.$vmin.$`, release.notes file could be a temporary file to only include the changelog this version which you added to `CHANGELOG.md`.
+* And then push the tag as `git push origin v$vmaj.$vmin.$`. Drone CI will automatically created a release and upload all the compiled binary. (But currently it didn't add the release notes automatically. Maybe we should fix that.)
+* If needed send PR for changelog on branch `master`.
+* Send PR to [blog repository](https://github.com/go-gitea/blog) announcing the release.
+
+## Copyright
+
+Code that you contribute should use the standard copyright header:
+
+```
+// Copyright 2019 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+```
+
+Files in the repository contain copyright from the year they are added
+to the year they are last changed. If the copyright author is changed,
+just paste the header below the old one.

DCO

@@ -0,0 +1,36 @@
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+660 York Street, Suite 102,
+San Francisco, CA 94110 USA
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+
+
+Developer's Certificate of Origin 1.1
+
+By making a contribution to this project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the open source license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+    of my knowledge, is covered under an appropriate open source
+    license and I have the right under that license to submit that
+    work with modifications, whether created in whole or in part
+    by me, under the same open source license (unless I am
+    permitted to submit under a different license), as indicated
+    in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including all
+    personal information I submit with it, including my sign-off) is
+    maintained indefinitely and may be redistributed consistent with
+    this project or the open source license(s) involved.

Dockerfile

@@ -1,22 +1,64 @@
-FROM alpine:3.3
-MAINTAINER jp@roemer.im
 
-# Install system utils & Gogs runtime dependencies
-ADD https://github.com/tianon/gosu/releases/download/1.9/gosu-amd64 /usr/sbin/gosu
-RUN chmod +x /usr/sbin/gosu \
- && apk --no-cache --no-progress add ca-certificates bash git linux-pam s6 curl openssh socat tzdata
+###################################
+#Build stage
+FROM golang:1.13-alpine3.10 AS build-env
 
-ENV GOGS_CUSTOM /data/gogs
+ARG GOPROXY
+ENV GOPROXY ${GOPROXY:-direct}
 
-COPY . /app/gogs/
-WORKDIR /app/gogs/
-RUN ./docker/build.sh
+ARG GITEA_VERSION
+ARG TAGS="sqlite sqlite_unlock_notify"
+ENV TAGS "bindata $TAGS"
 
-# Configure LibC Name Service
-COPY docker/nsswitch.conf /etc/nsswitch.conf
+#Build deps
+RUN apk --no-cache add build-base git
+
+#Setup repo
+COPY . ${GOPATH}/src/code.gitea.io/gitea
+WORKDIR ${GOPATH}/src/code.gitea.io/gitea
+
+#Checkout version if set
+RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \
+ && make clean generate build
+
+FROM alpine:3.10
+LABEL maintainer="maintainers@gitea.io"
 
-# Configure Docker Container
-VOLUME ["/data"]
 EXPOSE 22 3000
-ENTRYPOINT ["docker/start.sh"]
-CMD ["/bin/s6-svscan", "/app/gogs/docker/s6/"]
+
+RUN apk --no-cache add \
+    bash \
+    ca-certificates \
+    curl \
+    gettext \
+    git \
+    linux-pam \
+    openssh \
+    s6 \
+    sqlite \
+    su-exec \
+    tzdata
+
+RUN addgroup \
+    -S -g 1000 \
+    git && \
+  adduser \
+    -S -H -D \
+    -h /data/git \
+    -s /bin/bash \
+    -u 1000 \
+    -G git \
+    git && \
+  echo "git:$(dd if=/dev/urandom bs=24 count=1 status=none | base64)" | chpasswd
+
+ENV USER git
+ENV GITEA_CUSTOM /data/gitea
+
+VOLUME ["/data"]
+
+ENTRYPOINT ["/usr/bin/entrypoint"]
+CMD ["/bin/s6-svscan", "/etc/s6"]
+
+COPY docker/root /
+COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
+RUN ln -s /app/gitea/gitea /usr/local/bin/gitea

Dockerfile.rpi

@@ -1,25 +0,0 @@
-FROM hypriot/rpi-alpine-scratch:v3.2
-MAINTAINER jp@roemer.im, raxetul@gmail.com
-
-# Install system utils & Gogs runtime dependencies
-ADD https://github.com/tianon/gosu/releases/download/1.9/gosu-armhf /usr/sbin/gosu
-RUN chmod +x /usr/sbin/gosu \
- && echo "http://dl-4.alpinelinux.org/alpine/v3.3/main/"      | tee /etc/apk/repositories    \
- && echo "http://dl-4.alpinelinux.org/alpine/v3.3/community/" | tee -a /etc/apk/repositories \
- && apk -U --no-progress upgrade && rm -f /var/cache/apk/APKINDEX.* \
- && apk --no-cache --no-progress add ca-certificates bash git linux-pam s6 curl openssh socat tzdata
-
-ENV GOGS_CUSTOM /data/gogs
-
-COPY . /app/gogs/
-WORKDIR /app/gogs/
-RUN ./docker/build.sh
-
-# Configure LibC Name Service
-COPY docker/nsswitch.conf /etc/nsswitch.conf
-
-# Configure Docker Container
-VOLUME ["/data"]
-EXPOSE 22 3000
-ENTRYPOINT ["docker/start.sh"]
-CMD ["/bin/s6-svscan", "/app/gogs/docker/s6/"]

LICENSE

@@ -1,4 +1,5 @@
-Copyright (c) The Gogs Authors
+Copyright (c) 2016 The Gitea Authors
+Copyright (c) 2015 The Gogs Authors
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -16,4 +17,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
+THE SOFTWARE.

MAINTAINERS

@@ -0,0 +1,36 @@
+Alexey Makhov <amakhov@avito.ru> (@makhov)
+Andrey Nering <andrey.nering@gmail.com> (@andreynering)
+Bo-Yi Wu <appleboy.tw@gmail.com> (@appleboy)
+Ethan Koenig <ethantkoenig@gmail.com> (@ethantkoenig)
+Kees de Vries <bouwko@gmail.com> (@Bwko)
+Kim Carlbäcker <kim.carlbacker@gmail.com> (@bkcsoft)
+LefsFlare <nobody@nobody.tld> (@LefsFlarey)
+Lunny Xiao <xiaolunwen@gmail.com> (@lunny)
+Matthias Loibl <mail@matthiasloibl.com> (@metalmatze)
+Morgan Bazalgette <the@howl.moe> (@thehowl)
+Rachid Zarouali <nobody@nobody.tld> (@xinity)
+Rémy Boulanouar <admin@dblk.org> (@DblK)
+Sandro Santilli <strk@kbt.io> (@strk)
+Thibault Meyer <meyer.thibault@gmail.com> (@0xbaadf00d)
+Thomas Boerger <thomas@webhippie.de> (@tboerger)
+Patrick G <geek1011@outlook.com> (@geek1011)
+Antoine Girard <sapk@sapk.fr> (@sapk)
+Lauris Bukšis-Haberkorns <lauris@nix.lv> (@lafriks)
+Jonas Östanbäck <jonas.ostanback@gmail.com> (@cez81)
+David Schneiderbauer <dschneiderbauer@gmail.com> (@daviian)
+Peter Žeby <morlinest@gmail.com> (@morlinest)
+Matti Ranta <matti@mdranta.net> (@techknowlogick)
+Jonas Franz <info@jonasfranz.software> (@jonasfranz)
+Alexey Terentyev <axifnx@gmail.com> (@axifive)
+Lanre Adelowo <yo@lanre.wtf> (@adelowo)
+Konrad Langenberg <k@knt.li> (@kolaente)
+He-Long Zhang <outman99@hotmail.com> (@BetaCat0)
+Andrew Thornton <art27@cantab.net> (@zeripath)
+John Olheiser <john.olheiser@gmail.com> (@jolheiser)
+Richard Mahn <rich.mahn@unfoldingword.org> (@richmahn)
+Mrsdizzie <info@mrsdizzie.com> (@mrsdizzie)
+silverwind <me@silverwind.io> (@silverwind)
+Gary Kim <gary@garykim.dev> (@gary-kim)
+Guillermo Prandi <gitea.maint@mailfilter.com.ar> (@guillep2k)
+Mura Li <typeless@ctli.io> (@typeless)
+6543 <6543@obermui.de> (@6543)

Makefile

@@ -1,74 +1,520 @@
-LDFLAGS += -X "github.com/gogits/gogs/modules/setting.BuildTime=$(shell date -u '+%Y-%m-%d %I:%M:%S %Z')"
-LDFLAGS += -X "github.com/gogits/gogs/modules/setting.BuildGitHash=$(shell git rev-parse HEAD)"
+DIST := dist
+IMPORT := code.gitea.io/gitea
+export GO111MODULE=off
 
-DATA_FILES := $(shell find conf | sed 's/ /\\ /g')
-LESS_FILES := $(wildcard public/less/gogs.less public/less/_*.less)
-GENERATED  := modules/bindata/bindata.go public/css/gogs.css
+GO ?= go
+SED_INPLACE := sed -i
+SHASUM ?= shasum -a 256
 
-TAGS = ""
-BUILD_FLAGS = "-v"
+export PATH := $($(GO) env GOPATH)/bin:$(PATH)
 
-RELEASE_ROOT = "release"
-RELEASE_GOGS = "release/gogs"
-NOW = $(shell date -u '+%Y%m%d%I%M%S')
-GOVET = go tool vet -composites=false -methods=false -structtags=false
+ifeq ($(OS), Windows_NT)
+	EXECUTABLE ?= gitea.exe
+else
+	EXECUTABLE ?= gitea
+	UNAME_S := $(shell uname -s)
+	ifeq ($(UNAME_S),Darwin)
+		SED_INPLACE := sed -i ''
+	endif
+endif
 
-.PHONY: build pack release bindata clean
+BINDATA := modules/{options,public,templates}/bindata.go
+GOFILES := $(shell find . -name "*.go" -type f ! -path "./vendor/*" ! -path "*/bindata.go")
+GOFMT ?= gofmt -s
 
-.IGNORE: public/css/gogs.css
+GOFLAGS := -v
+EXTRA_GOFLAGS ?=
 
+MAKE_VERSION := $(shell make -v | head -n 1)
+
+ifneq ($(DRONE_TAG),)
+	VERSION ?= $(subst v,,$(DRONE_TAG))
+	GITEA_VERSION ?= $(VERSION)
+else
+	ifneq ($(DRONE_BRANCH),)
+		VERSION ?= $(subst release/v,,$(DRONE_BRANCH))
+	else
+		VERSION ?= master
+	endif
+	GITEA_VERSION ?= $(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')
+endif
+
+LDFLAGS := $(LDFLAGS) -X "main.MakeVersion=$(MAKE_VERSION)" -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)"
+
+PACKAGES ?= $(filter-out code.gitea.io/gitea/integrations/migration-test,$(filter-out code.gitea.io/gitea/integrations,$(shell GO111MODULE=on $(GO) list -mod=vendor ./... | grep -v /vendor/)))
+SOURCES ?= $(shell find . -name "*.go" -type f)
+
+TAGS ?=
+
+TMPDIR := $(shell mktemp -d 2>/dev/null || mktemp -d -t 'gitea-temp')
+
+#To update swagger use: GO111MODULE=on go get -u github.com/go-swagger/go-swagger/cmd/swagger@v0.20.1
+SWAGGER := GO111MODULE=on $(GO) run -mod=vendor github.com/go-swagger/go-swagger/cmd/swagger
+SWAGGER_SPEC := templates/swagger/v1_json.tmpl
+SWAGGER_SPEC_S_TMPL := s|"basePath": *"/api/v1"|"basePath": "{{AppSubUrl}}/api/v1"|g
+SWAGGER_SPEC_S_JSON := s|"basePath": *"{{AppSubUrl}}/api/v1"|"basePath": "/api/v1"|g
+SWAGGER_NEWLINE_COMMAND := -e '$$a\'
+
+TEST_MYSQL_HOST ?= mysql:3306
+TEST_MYSQL_DBNAME ?= testgitea
+TEST_MYSQL_USERNAME ?= root
+TEST_MYSQL_PASSWORD ?=
+TEST_MYSQL8_HOST ?= mysql8:3306
+TEST_MYSQL8_DBNAME ?= testgitea
+TEST_MYSQL8_USERNAME ?= root
+TEST_MYSQL8_PASSWORD ?=
+TEST_PGSQL_HOST ?= pgsql:5432
+TEST_PGSQL_DBNAME ?= testgitea
+TEST_PGSQL_USERNAME ?= postgres
+TEST_PGSQL_PASSWORD ?= postgres
+TEST_MSSQL_HOST ?= mssql:1433
+TEST_MSSQL_DBNAME ?= gitea
+TEST_MSSQL_USERNAME ?= sa
+TEST_MSSQL_PASSWORD ?= MwantsaSecurePassword1
+
+# $(call strip-suffix,filename)
+strip-suffix = $(firstword $(subst ., ,$(1)))
+
+.PHONY: all
 all: build
 
+include docker/Makefile
+
+.PHONY: clean
+clean:
+	$(GO) clean -i ./...
+	rm -rf $(EXECUTABLE) $(DIST) $(BINDATA) \
+		integrations*.test \
+		integrations/gitea-integration-pgsql/ integrations/gitea-integration-mysql/ integrations/gitea-integration-mysql8/ integrations/gitea-integration-sqlite/ \
+		integrations/gitea-integration-mssql/ integrations/indexers-mysql/ integrations/indexers-mysql8/ integrations/indexers-pgsql integrations/indexers-sqlite \
+		integrations/indexers-mssql integrations/mysql.ini integrations/mysql8.ini integrations/pgsql.ini integrations/mssql.ini
+
+.PHONY: fmt
+fmt:
+	$(GOFMT) -w $(GOFILES)
+
+.PHONY: vet
+vet:
+	$(GO) vet $(PACKAGES)
+
+.PHONY: generate
+generate:
+	GO111MODULE=on $(GO) generate -mod=vendor $(PACKAGES)
+
+.PHONY: generate-swagger
+generate-swagger:
+	$(SWAGGER) generate spec -o './$(SWAGGER_SPEC)'
+	$(SED_INPLACE) '$(SWAGGER_SPEC_S_TMPL)' './$(SWAGGER_SPEC)'
+	$(SED_INPLACE) $(SWAGGER_NEWLINE_COMMAND) './$(SWAGGER_SPEC)'
+
+.PHONY: swagger-check
+swagger-check: generate-swagger
+	@diff=$$(git diff '$(SWAGGER_SPEC)'); \
+	if [ -n "$$diff" ]; then \
+		echo "Please run 'make generate-swagger' and commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi;
+
+.PHONY: swagger-validate
+swagger-validate:
+	$(SED_INPLACE) '$(SWAGGER_SPEC_S_JSON)' './$(SWAGGER_SPEC)'
+	$(SWAGGER) validate './$(SWAGGER_SPEC)'
+	$(SED_INPLACE) '$(SWAGGER_SPEC_S_TMPL)' './$(SWAGGER_SPEC)'
+
+.PHONY: errcheck
+errcheck:
+	@hash errcheck > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u github.com/kisielk/errcheck; \
+	fi
+	errcheck $(PACKAGES)
+
+.PHONY: lint
+lint:
+	@echo 'make lint is depricated. Use "make revive" if you want to use the old lint tool, or "make golangci-lint" to run a complete code check.'
+
+.PHONY: revive
+revive:
+	@hash revive > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u github.com/mgechev/revive; \
+	fi
+	revive -config .revive.toml -exclude=./vendor/... ./... || exit 1
+
+.PHONY: misspell-check
+misspell-check:
+	@hash misspell > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u github.com/client9/misspell/cmd/misspell; \
+	fi
+	misspell -error -i unknwon,destory $(GOFILES)
+
+.PHONY: misspell
+misspell:
+	@hash misspell > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u github.com/client9/misspell/cmd/misspell; \
+	fi
+	misspell -w -i unknwon $(GOFILES)
+
+.PHONY: fmt-check
+fmt-check:
+	# get all go files and run go fmt on them
+	@diff=$$($(GOFMT) -d $(GOFILES)); \
+	if [ -n "$$diff" ]; then \
+		echo "Please run 'make fmt' and commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi;
+
+.PHONY: test
+test:
+	GO111MODULE=on $(GO) test -mod=vendor -tags='sqlite sqlite_unlock_notify' $(PACKAGES)
+
+.PHONY: coverage
+coverage:
+	@hash gocovmerge > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u github.com/wadey/gocovmerge; \
+	fi
+	gocovmerge integration.coverage.out $(shell find . -type f -name "coverage.out") > coverage.all;\
+
+.PHONY: unit-test-coverage
+unit-test-coverage:
+	$(GO) test -tags='sqlite sqlite_unlock_notify' -cover -coverprofile coverage.out $(PACKAGES) && echo "\n==>\033[32m Ok\033[m\n" || exit 1
+
+.PHONY: vendor
+vendor:
+	GO111MODULE=on $(GO) mod tidy && GO111MODULE=on $(GO) mod vendor
+
+.PHONY: test-vendor
+test-vendor: vendor
+	@diff=$$(git diff vendor/); \
+	if [ -n "$$diff" ]; then \
+		echo "Please run 'make vendor' and commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi;
+
+.PHONY: test-sqlite
+test-sqlite: integrations.sqlite.test
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test
+
+.PHONY: test-sqlite\#%
+test-sqlite\#%: integrations.sqlite.test
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test -test.run $*
+
+.PHONY: test-sqlite-migration
+test-sqlite-migration:  migrations.sqlite.test
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./migrations.sqlite.test
+
+generate-ini-mysql:
+	sed -e 's|{{TEST_MYSQL_HOST}}|${TEST_MYSQL_HOST}|g' \
+		-e 's|{{TEST_MYSQL_DBNAME}}|${TEST_MYSQL_DBNAME}|g' \
+		-e 's|{{TEST_MYSQL_USERNAME}}|${TEST_MYSQL_USERNAME}|g' \
+		-e 's|{{TEST_MYSQL_PASSWORD}}|${TEST_MYSQL_PASSWORD}|g' \
+			integrations/mysql.ini.tmpl > integrations/mysql.ini
+
+.PHONY: test-mysql
+test-mysql: integrations.mysql.test generate-ini-mysql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test
+
+.PHONY: test-mysql\#%
+test-mysql\#%: integrations.mysql.test generate-ini-mysql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test -test.run $*
+
+.PHONY: test-mysql-migration
+test-mysql-migration: migrations.mysql.test generate-ini-mysql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./migrations.mysql.test
+
+
+generate-ini-mysql8:
+	sed -e 's|{{TEST_MYSQL8_HOST}}|${TEST_MYSQL8_HOST}|g' \
+		-e 's|{{TEST_MYSQL8_DBNAME}}|${TEST_MYSQL8_DBNAME}|g' \
+		-e 's|{{TEST_MYSQL8_USERNAME}}|${TEST_MYSQL8_USERNAME}|g' \
+		-e 's|{{TEST_MYSQL8_PASSWORD}}|${TEST_MYSQL8_PASSWORD}|g' \
+			integrations/mysql8.ini.tmpl > integrations/mysql8.ini
+
+.PHONY: test-mysql8
+test-mysql8: integrations.mysql8.test generate-ini-mysql8
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql8.ini ./integrations.mysql8.test
+
+.PHONY: test-mysql8\#%
+test-mysql8\#%: integrations.mysql8.test generate-ini-mysql8
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql8.ini ./integrations.mysql8.test -test.run $*
+
+.PHONY: test-mysql8-migration
+test-mysql8-migration: migrations.mysql8.test generate-ini-mysql8
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql8.ini ./migrations.mysql8.test
+
+
+generate-ini-pgsql:
+	sed -e 's|{{TEST_PGSQL_HOST}}|${TEST_PGSQL_HOST}|g' \
+		-e 's|{{TEST_PGSQL_DBNAME}}|${TEST_PGSQL_DBNAME}|g' \
+		-e 's|{{TEST_PGSQL_USERNAME}}|${TEST_PGSQL_USERNAME}|g' \
+		-e 's|{{TEST_PGSQL_PASSWORD}}|${TEST_PGSQL_PASSWORD}|g' \
+			integrations/pgsql.ini.tmpl > integrations/pgsql.ini
+
+.PHONY: test-pgsql
+test-pgsql: integrations.pgsql.test generate-ini-pgsql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test
+
+.PHONY: test-pgsql\#%
+test-pgsql\#%: integrations.pgsql.test generate-ini-pgsql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test -test.run $*
+
+.PHONY: test-pgsql-migration
+test-pgsql-migration: migrations.pgsql.test generate-ini-pgsql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./migrations.pgsql.test
+
+
+generate-ini-mssql:
+	sed -e 's|{{TEST_MSSQL_HOST}}|${TEST_MSSQL_HOST}|g' \
+		-e 's|{{TEST_MSSQL_DBNAME}}|${TEST_MSSQL_DBNAME}|g' \
+		-e 's|{{TEST_MSSQL_USERNAME}}|${TEST_MSSQL_USERNAME}|g' \
+		-e 's|{{TEST_MSSQL_PASSWORD}}|${TEST_MSSQL_PASSWORD}|g' \
+			integrations/mssql.ini.tmpl > integrations/mssql.ini
+
+.PHONY: test-mssql
+test-mssql: integrations.mssql.test generate-ini-mssql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mssql.ini ./integrations.mssql.test
+
+.PHONY: test-mssql\#%
+test-mssql\#%: integrations.mssql.test generate-ini-mssql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mssql.ini ./integrations.mssql.test -test.run $*
+
+.PHONY: test-mssql-migration
+test-mssql-migration: migrations.mssql.test generate-ini-mssql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mssql.ini ./migrations.mssql.test
+
+
+.PHONY: bench-sqlite
+bench-sqlite: integrations.sqlite.test
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
+
+.PHONY: bench-mysql
+bench-mysql: integrations.mysql.test generate-ini-mysql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
+
+.PHONY: bench-mssql
+bench-mssql: integrations.mssql.test generate-ini-mssql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mssql.ini ./integrations.mssql.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
+
+.PHONY: bench-pgsql
+bench-pgsql: integrations.pgsql.test generate-ini-pgsql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
+
+
+.PHONY: integration-test-coverage
+integration-test-coverage: integrations.cover.test generate-ini-mysql
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.cover.test -test.coverprofile=integration.coverage.out
+
+integrations.mysql.test: $(SOURCES)
+	GO111MODULE=on $(GO) test -mod=vendor -c code.gitea.io/gitea/integrations -o integrations.mysql.test
+
+integrations.mysql8.test: $(SOURCES)
+	GO111MODULE=on $(GO) test -mod=vendor -c code.gitea.io/gitea/integrations -o integrations.mysql8.test
+
+integrations.pgsql.test: $(SOURCES)
+	GO111MODULE=on $(GO) test -mod=vendor -c code.gitea.io/gitea/integrations -o integrations.pgsql.test
+
+integrations.mssql.test: $(SOURCES)
+	GO111MODULE=on $(GO) test -mod=vendor -c code.gitea.io/gitea/integrations -o integrations.mssql.test
+
+integrations.sqlite.test: $(SOURCES)
+	GO111MODULE=on $(GO) test -mod=vendor -c code.gitea.io/gitea/integrations -o integrations.sqlite.test -tags 'sqlite sqlite_unlock_notify'
+
+integrations.cover.test: $(SOURCES)
+	GO111MODULE=on $(GO) test -mod=vendor -c code.gitea.io/gitea/integrations -coverpkg $(shell echo $(PACKAGES) | tr ' ' ',') -o integrations.cover.test
+
+.PHONY: migrations.mysql.test
+migrations.mysql.test: $(SOURCES)
+	$(GO) test -c code.gitea.io/gitea/integrations/migration-test -o migrations.mysql.test
+
+.PHONY: migrations.mysql8.test
+migrations.mysql8.test: $(SOURCES)
+	$(GO) test -c code.gitea.io/gitea/integrations/migration-test -o migrations.mysql8.test
+
+.PHONY: migrations.pgsql.test
+migrations.pgsql.test: $(SOURCES)
+	$(GO) test -c code.gitea.io/gitea/integrations/migration-test -o migrations.pgsql.test
+
+.PHONY: migrations.mssql.test
+migrations.mssql.test: $(SOURCES)
+	$(GO) test -c code.gitea.io/gitea/integrations/migration-test -o migrations.mssql.test
+
+.PHONY: migrations.sqlite.test
+migrations.sqlite.test: $(SOURCES)
+	$(GO) test -c code.gitea.io/gitea/integrations/migration-test -o migrations.sqlite.test -tags 'sqlite sqlite_unlock_notify'
+
+.PHONY: check
 check: test
 
-dist: release
+.PHONY: install
+install: $(wildcard *.go)
+	$(GO) install -v -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)'
 
-govet:
-	$(GOVET) gogs.go
-	$(GOVET) models modules routers
+.PHONY: build
+build: $(EXECUTABLE)
 
-build: $(GENERATED)
-	go install $(BUILD_FLAGS) -ldflags '$(LDFLAGS)' -tags '$(TAGS)'
-	cp '$(GOPATH)/bin/gogs' .
+$(EXECUTABLE): $(SOURCES)
+	GO111MODULE=on $(GO) build -mod=vendor $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@
 
-build-dev: $(GENERATED) govet
-	go install $(BUILD_FLAGS) -tags '$(TAGS)'
-	cp '$(GOPATH)/bin/gogs' .
+.PHONY: release
+release: release-dirs release-windows release-linux release-darwin release-copy release-compress release-check
 
-build-dev-race: $(GENERATED) govet
-	go install $(BUILD_FLAGS) -race -tags '$(TAGS)'
-	cp '$(GOPATH)/bin/gogs' .
+.PHONY: release-dirs
+release-dirs:
+	mkdir -p $(DIST)/binaries $(DIST)/release
 
-pack:
-	rm -rf $(RELEASE_GOGS)
-	mkdir -p $(RELEASE_GOGS)
-	cp -r gogs LICENSE README.md README_ZH.md templates public scripts $(RELEASE_GOGS)
-	rm -rf $(RELEASE_GOGS)/public/config.codekit $(RELEASE_GOGS)/public/less
-	cd $(RELEASE_ROOT) && zip -r gogs.$(NOW).zip "gogs"
+.PHONY: release-windows
+release-windows:
+	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u src.techknowlogick.com/xgo; \
+	fi
+	xgo -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'windows/*' -out gitea-$(VERSION) .
+ifeq ($(CI),drone)
+	cp /build/* $(DIST)/binaries
+endif
 
-release: build pack
+.PHONY: release-linux
+release-linux:
+	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u src.techknowlogick.com/xgo; \
+	fi
+	xgo -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'linux/amd64,linux/386,linux/arm-5,linux/arm-6,linux/arm64,linux/mips64le,linux/mips,linux/mipsle' -out gitea-$(VERSION) .
+ifeq ($(CI),drone)
+	cp /build/* $(DIST)/binaries
+endif
 
-bindata: modules/bindata/bindata.go
+.PHONY: release-darwin
+release-darwin:
+	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u src.techknowlogick.com/xgo; \
+	fi
+	xgo -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '$(LDFLAGS)' -targets 'darwin/*' -out gitea-$(VERSION) .
+ifeq ($(CI),drone)
+	cp /build/* $(DIST)/binaries
+endif
 
-modules/bindata/bindata.go: $(DATA_FILES)
-	go-bindata -o=$@ -ignore="\\.DS_Store|README.md|TRANSLATORS" -pkg=bindata conf/...
+.PHONY: release-copy
+release-copy:
+	cd $(DIST); for file in `find /build -type f -name "*"`; do cp $${file} ./release/; done;
 
-less: public/css/gogs.css
+.PHONY: release-check
+release-check:
+	cd $(DIST)/release/; for file in `find . -type f -name "*"`; do echo "checksumming $${file}" && $(SHASUM) `echo $${file} | sed 's/^..//'` > $${file}.sha256; done;
 
-public/css/gogs.css: $(LESS_FILES)
-	lessc $< $@
+.PHONY: release-compress
+release-compress:
+	@hash gxz > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u github.com/ulikunitz/xz/cmd/gxz; \
+	fi
+	cd $(DIST)/release/; for file in `find . -type f -name "*"`; do echo "compressing $${file}" && gxz -k -9 $${file}; done;
 
-clean:
-	go clean -i ./...
+npm-check:
+	@hash npm > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		echo "Please install Node.js 8.x or greater with npm"; \
+		exit 1; \
+	fi;
+	@hash npx > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		echo "Please install Node.js 8.x or greater with npm"; \
+		exit 1; \
+	fi;
 
-clean-mac: clean
-	find . -name ".DS_Store" -print0 | xargs -0 rm
+.PHONY: npm
+npm: npm-check
+	npm install --no-save
 
-test:
-	go test -cover -race ./...
+.PHONY: npm-update
+npm-update: npm-check
+	npx updates -cu
+	rm -rf node_modules package-lock.json
+	npm install --package-lock
 
-fixme:
-	grep -rnw "FIXME" routers models modules
+.PHONY: js
+js: npm
+	npx eslint public/js
 
-todo:
-	grep -rnw "TODO" routers models modules
+.PHONY: css
+css: npm
+	npx stylelint public/less
+	npx lessc --clean-css="--s0 -b" public/less/index.less public/css/index.css
+	$(foreach file, $(filter-out public/less/themes/_base.less, $(wildcard public/less/themes/*)),npx lessc --clean-css="--s0 -b" public/less/themes/$(notdir $(file)) > public/css/theme-$(notdir $(call strip-suffix,$(file))).css;)
+	npx postcss --use autoprefixer --no-map --replace public/css/*
+
+	@diff=$$(git diff public/css/*); \
+	if ([ -n "$$CI" ] && [ -n "$$diff" ]); then \
+		echo "Generated files in public/css have changed, please commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi;
+
+.PHONY: javascripts
+javascripts:
+	echo "'make javascripts' is deprecated, please use 'make js'"
+	$(MAKE) js
+
+.PHONY: stylesheets-check
+stylesheets-check:
+	echo "'make stylesheets-check' is deprecated, please use 'make css'"
+	$(MAKE) css
+
+.PHONY: generate-stylesheets
+generate-stylesheets:
+	echo "'make generate-stylesheets' is deprecated, please use 'make css'"
+	$(MAKE) css
+
+.PHONY: swagger-ui
+swagger-ui:
+	rm -Rf public/vendor/assets/swagger-ui
+	git clone --depth=10 -b v3.13.4 --single-branch https://github.com/swagger-api/swagger-ui.git $(TMPDIR)/swagger-ui
+	mv $(TMPDIR)/swagger-ui/dist public/vendor/assets/swagger-ui
+	rm -Rf $(TMPDIR)/swagger-ui
+	$(SED_INPLACE) "s;http://petstore.swagger.io/v2/swagger.json;../../../swagger.v1.json;g" public/vendor/assets/swagger-ui/index.html
+
+.PHONY: update-translations
+update-translations:
+	mkdir -p ./translations
+	cd ./translations && curl -L https://crowdin.com/download/project/gitea.zip > gitea.zip && unzip gitea.zip
+	rm ./translations/gitea.zip
+	$(SED_INPLACE) -e 's/="/=/g' -e 's/"$$//g' ./translations/*.ini
+	$(SED_INPLACE) -e 's/\\"/"/g' ./translations/*.ini
+	mv ./translations/*.ini ./options/locale/
+	rmdir ./translations
+
+.PHONY: generate-images
+generate-images:
+	mkdir -p $(TMPDIR)/images
+	inkscape -f $(PWD)/assets/logo.svg -w 880 -h 880 -e $(PWD)/public/img/gitea-lg.png
+	inkscape -f $(PWD)/assets/logo.svg -w 512 -h 512 -e $(PWD)/public/img/gitea-512.png
+	inkscape -f $(PWD)/assets/logo.svg -w 192 -h 192 -e $(PWD)/public/img/gitea-192.png
+	inkscape -f $(PWD)/assets/logo.svg -w 120 -h 120 -jC -i layer1 -e $(TMPDIR)/images/sm-1.png
+	inkscape -f $(PWD)/assets/logo.svg -w 120 -h 120 -jC -i layer2 -e $(TMPDIR)/images/sm-2.png
+	composite -compose atop $(TMPDIR)/images/sm-2.png $(TMPDIR)/images/sm-1.png $(PWD)/public/img/gitea-sm.png
+	inkscape -f $(PWD)/assets/logo.svg -w 200 -h 200 -e $(PWD)/public/img/avatar_default.png
+	inkscape -f $(PWD)/assets/logo.svg -w 180 -h 180 -e $(PWD)/public/img/favicon.png
+	inkscape -f $(PWD)/assets/logo.svg -w 128 -h 128 -e $(TMPDIR)/images/128-raw.png
+	inkscape -f $(PWD)/assets/logo.svg -w 64 -h 64 -e $(TMPDIR)/images/64-raw.png
+	inkscape -f $(PWD)/assets/logo.svg -w 32 -h 32 -jC -i layer1 -e $(TMPDIR)/images/32-1.png
+	inkscape -f $(PWD)/assets/logo.svg -w 32 -h 32 -jC -i layer2 -e $(TMPDIR)/images/32-2.png
+	composite -compose atop $(TMPDIR)/images/32-2.png $(TMPDIR)/images/32-1.png $(TMPDIR)/images/32-raw.png
+	inkscape -f $(PWD)/assets/logo.svg -w 16 -h 16 -jC -i layer1 -e $(TMPDIR)/images/16-raw.png
+	zopflipng -m -y $(TMPDIR)/images/128-raw.png $(TMPDIR)/images/128.png
+	zopflipng -m -y $(TMPDIR)/images/64-raw.png $(TMPDIR)/images/64.png
+	zopflipng -m -y $(TMPDIR)/images/32-raw.png $(TMPDIR)/images/32.png
+	zopflipng -m -y $(TMPDIR)/images/16-raw.png $(TMPDIR)/images/16.png
+	rm -f $(TMPDIR)/images/*-*.png
+	convert $(TMPDIR)/images/16.png $(TMPDIR)/images/32.png \
+					$(TMPDIR)/images/64.png $(TMPDIR)/images/128.png \
+					$(PWD)/public/img/favicon.ico
+	rm -rf $(TMPDIR)/images
+	$(foreach file, $(shell find public/img -type f -name '*.png'),zopflipng -m -y $(file) $(file);)
+
+.PHONY: pr
+pr:
+	$(GO) run contrib/pr/checkout.go $(PR)
+
+.PHONY: golangci-lint
+golangci-lint:
+	@hash golangci-lint > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		export BINARY="golangci-lint"; \
+		curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(GOPATH)/bin v1.20.0; \
+	fi
+	golangci-lint run

README.md

@@ -1,138 +1,113 @@
-Gogs - Go Git Service [![Build Status](https://travis-ci.org/gogits/gogs.svg?branch=master)](https://travis-ci.org/gogits/gogs) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/gogs/localized.svg)](https://crowdin.com/project/gogs) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/gogits/gogs?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
-=====================
+[简体中文](https://github.com/go-gitea/gitea/blob/master/README_ZH.md)
 
-![](https://github.com/gogits/gogs/blob/master/public/img/gogs-large-resize.png?raw=true)
+# Gitea - Git with a cup of tea
 
-##### Current tip version: 0.9.99 (see [Releases](https://github.com/gogits/gogs/releases) for binary versions or submit a task on [alpha stage automated binary building system](https://build.gogs.io/))
-
-| Web | UI  | Preview  |
-|:-------------:|:-------:|:-------:|
-|![Dashboard](https://gogs.io/img/screenshots/1.png)|![Repository](https://gogs.io/img/screenshots/2.png)|![Commits History](https://gogs.io/img/screenshots/3.png)|
-|![Profile](https://gogs.io/img/screenshots/4.png)|![Admin Dashboard](https://gogs.io/img/screenshots/5.png)|![Diff](https://gogs.io/img/screenshots/6.png)|
-|![Issues](https://gogs.io/img/screenshots/7.png)|![Releases](https://gogs.io/img/screenshots/8.png)|![Organization](https://gogs.io/img/screenshots/9.png)|
-
-### Important Notes
-
-1. **YOU MUST READ [Contributing Code](https://github.com/gogits/gogs/wiki/Contributing-Code) BEFORE STARTING TO WORK ON A PULL REQUEST**.
-2. Due to testing purpose, data of [try.gogs.io](https://try.gogs.io) was reset in **Jan 28, 2015** and will reset multiple times after. Please do **NOT** put your important data on the site.
-3. The demo site [try.gogs.io](https://try.gogs.io) is running under `develop` branch.
-4. If you think there are vulnerabilities in the project, please talk privately to **u@gogs.io**. Thanks!
-5. If you're interested in using APIs, we have experimental support with [documentation](https://github.com/gogits/go-gogs-client/wiki).
-6. If your team/company is using Gogs and would like to put your logo on [our website](https://gogs.io), contact us by any means.
-
-[简体中文](README_ZH.md)
+[![Build Status](https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg)](https://drone.gitea.io/go-gitea/gitea)
+[![Join the Discord chat at https://discord.gg/NsatcWJ](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/NsatcWJ)
+[![](https://images.microbadger.com/badges/image/gitea/gitea.svg)](https://microbadger.com/images/gitea/gitea "Get your own image badge on microbadger.com")
+[![codecov](https://codecov.io/gh/go-gitea/gitea/branch/master/graph/badge.svg)](https://codecov.io/gh/go-gitea/gitea)
+[![Go Report Card](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea)
+[![GoDoc](https://godoc.org/code.gitea.io/gitea?status.svg)](https://godoc.org/code.gitea.io/gitea)
+[![GitHub release](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest)
+[![Help Contribute to Open Source](https://www.codetriage.com/go-gitea/gitea/badges/users.svg)](https://www.codetriage.com/go-gitea/gitea)
+[![Become a backer/sponsor of gitea](https://opencollective.com/gitea/tiers/backers/badge.svg?label=backers&color=brightgreen)](https://opencollective.com/gitea)
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
+[![Crowdin](https://badges.crowdin.net/gitea/localized.svg)](https://crowdin.com/project/gitea)
 
 ## Purpose
 
-The goal of this project is to make the easiest, fastest, and most painless way of setting up a self-hosted Git service. With Go, this can be done with an independent binary distribution across **ALL platforms** that Go supports, including Linux, Mac OS X, Windows and ARM.
+The goal of this project is to make the easiest, fastest, and most
+painless way of setting up a self-hosted Git service.
+Using Go, this can be done with an independent binary distribution across
+**all platforms** which Go supports, including Linux, macOS, and Windows
+on x86, amd64, ARM and PowerPC architectures.
+Want to try it before doing anything else?
+Do it [with the online demo](https://try.gitea.io/)!
+This project has been
+[forked](https://blog.gitea.io/2016/12/welcome-to-gitea/) from
+[Gogs](https://gogs.io) since 2016.11 but changed a lot.
 
-## Overview
+## Building
 
-- Please see the [Documentation](https://gogs.io/docs/intro) for common usages and change log.
-- See the [Trello Board](https://trello.com/b/uxAoeLUl/gogs-go-git-service) to follow the develop team.
-- Want to try it before doing anything else? Do it [online](https://try.gogs.io/gogs/gogs)!
-- Having trouble? Get help with [Troubleshooting](https://gogs.io/docs/intro/troubleshooting.html) or [User Forum](https://discuss.gogs.io/).
-- Want to help with localization? Check out the [guide](https://gogs.io/docs/features/i18n.html)!
+From the root of the source tree, run:
 
-## Features
+    TAGS="bindata" make generate all
 
-- Activity timeline
-- SSH and HTTP/HTTPS protocols
-- SMTP/LDAP/Reverse proxy authentication
-- Reverse proxy with sub-path
-- Account/Organization/Repository management
-- Add/Remove repository collaborators
-- Repository/Organization webhooks (including Slack)
-- Repository Git hooks/deploy keys
-- Repository issues, pull requests and wiki
-- Migrate and mirror repository and its wiki
-- Web editor for repository files and wiki
-- Gravatar and Federated avatar with custom source
-- Mail service
-- Administration panel
-- Supports MySQL, PostgreSQL, SQLite3 and [TiDB](https://github.com/pingcap/tidb) (experimental)
-- Multi-language support ([19 languages](https://crowdin.com/project/gogs))
+More info: https://docs.gitea.io/en-us/install-from-source/
 
-## System Requirements
+## Using
 
-- A cheap Raspberry Pi is powerful enough for basic functionality.
-- 2 CPU cores and 1GB RAM would be the baseline for teamwork.
+    ./gitea web
 
-## Browser Support
+NOTE: If you're interested in using our APIs, we have experimental
+support with [documentation](https://try.gitea.io/api/swagger).
 
-- Please see [Semantic UI](https://github.com/Semantic-Org/Semantic-UI#browser-support) for specific versions of supported browsers.
-- The official support minimal size  is **1024*768**, UI may still looks right in smaller size but no promises and fixes.
+## Contributing
 
-## Installation
+Expected workflow is: Fork -> Patch -> Push -> Pull Request
 
-Make sure you install the [prerequisites](https://gogs.io/docs/installation) first.
+NOTES:
 
-There are 5 ways to install Gogs:
+1. **YOU MUST READ THE [CONTRIBUTORS GUIDE](CONTRIBUTING.md) BEFORE STARTING TO WORK ON A PULL REQUEST.**
+2. If you have found a vulnerability in the project, please write privately to **security@gitea.io**. Thanks!
 
-- [Install from binary](https://gogs.io/docs/installation/install_from_binary.html)
-- [Install from source](https://gogs.io/docs/installation/install_from_source.html)
-- [Install from packages](https://gogs.io/docs/installation/install_from_packages.html)
-- [Ship with Docker](https://github.com/gogits/gogs/tree/master/docker)
-- [Install with Vagrant](https://github.com/geerlingguy/ansible-vagrant-examples/tree/master/gogs)
+## Further information
 
-### Tutorials
+For more information and instructions about how to install Gitea, please look
+at our [documentation](https://docs.gitea.io/en-us/). If you have questions
+that are not covered by the documentation, you can get in contact with us on
+our [Discord server](https://discord.gg/NsatcWJ),
+or [forum](https://discourse.gitea.io/)!
 
-- [How To Set Up Gogs on Ubuntu 14.04](https://www.digitalocean.com/community/tutorials/how-to-set-up-gogs-on-ubuntu-14-04)
-- [Run your own GitHub-like service with the help of Docker](http://blog.hypriot.com/post/run-your-own-github-like-service-with-docker/)
-- [Dockerized Gogs git server and alpine postgres in 20 minutes or less](http://garthwaite.org/docker-gogs.html)
-- [Host Your Own Private GitHub with Gogs.io](https://eladnava.com/host-your-own-private-github-with-gogs-io/)
-- [使用 Gogs 搭建自己的 Git 服务器](https://mynook.info/blog/post/host-your-own-git-server-using-gogs) (Chinese)
-- [阿里云上 Ubuntu 14.04 64 位安装 Gogs](http://my.oschina.net/luyao/blog/375654) (Chinese)
-- [Installing Gogs on FreeBSD](https://www.codejam.info/2015/03/installing-gogs-on-freebsd.html)
-- [Gogs on Raspberry Pi](http://blog.meinside.pe.kr/Gogs-on-Raspberry-Pi/)
-- [Cloudflare Full SSL with GOGS (Go Git Service) using NGINX](http://www.listekconsulting.com/articles/cloudflare-full-ssl-with-gogs-go-git-service-using-nginx/)
+## Authors
 
-### Screencasts
+* [Maintainers](https://github.com/orgs/go-gitea/people)
+* [Contributors](https://github.com/go-gitea/gitea/graphs/contributors)
+* [Translators](options/locale/TRANSLATORS)
 
-- [How to install Gogs on a Linux Server (DigitalOcean)](https://www.youtube.com/watch?v=deSfX0gqefE)
-- [Instalando Gogs no Ubuntu](https://www.youtube.com/watch?v=4UkHAR1F7ZA) (Português)
+## Backers
 
-### Deploy to Cloud
+Thank you to all our backers! 🙏 [[Become a backer](https://opencollective.com/gitea#backer)]
 
-- [OpenShift](https://github.com/tkisme/gogs-openshift)
-- [Cloudron](https://cloudron.io/appstore.html#io.gogs.cloudronapp)
-- [Scaleway](https://www.scaleway.com/imagehub/gogs/)
-- [Portal](https://portaldemo.xyz/cloud/)
-- [Sandstorm](https://github.com/cem/gogs-sandstorm)
-- [sloppy.io](https://github.com/sloppyio/quickstarters/tree/master/gogs)
-- [YunoHost](https://github.com/mbugeia/gogs_ynh)
-- [DPlatform](https://github.com/j8r/DPlatform)
+<a href="https://opencollective.com/gitea#backers" target="_blank"><img src="https://opencollective.com/gitea/backers.svg?width=890"></a>
 
-## Software and Service Support
+## Sponsors
 
-- [Drone](https://github.com/drone/drone) (CI)
-- [Fabric8](http://fabric8.io/) (DevOps)
-- [Taiga](https://taiga.io/) (Project Management)
-- [Puppet](https://forge.puppetlabs.com/Siteminds/gogs) (IT)
-- [Kanboard](http://kanboard.net/plugin/gogs-webhook) (Project Management)
-- [BearyChat](https://bearychat.com/) (Team Communication)
-- [HiWork](http://www.hiwork.cc/) (Team Communication)
+Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/gitea#sponsor)]
 
-### Product Support
+<a href="https://opencollective.com/gitea/sponsor/0/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/0/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/1/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/1/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/2/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/2/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/3/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/3/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/4/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/4/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/5/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/5/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/6/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/6/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/7/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/7/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/8/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/8/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/9/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/9/avatar.svg"></a>
 
-- [Synology](https://www.synology.com) (Docker)
-- [One Space](http://www.onespace.cc) (App Store)
+## FAQ
 
-## Acknowledgments
+**How do you pronounce Gitea?**
 
-- Router and middleware mechanism of [Macaron](https://github.com/go-macaron/macaron).
-- System Monitor Status is inspired by [GoBlog](https://github.com/fuxiaohei/goblog).
-- Thanks [Rocker](http://weibo.com/rocker1989) for designing Logo.
-- Thanks [Crowdin](https://crowdin.com/project/gogs) for providing open source translation plan.
-- Thanks [DigitalOcean](https://www.digitalocean.com) for hosting home and demo sites.
-- Thanks [KeyCDN](https://www.keycdn.com/) and [QiNiu](http://www.qiniu.com/) for providing CDN service.
+Gitea is pronounced [/ɡɪ’ti:/](https://youtu.be/EM71-2uDAoY) as in "gi-tea" with a hard g.
 
-## Contributors
+**Why is this not hosted on a Gitea instance?**
 
-- Ex-team members [@lunny](https://github.com/lunny), [@fuxiaohei](https://github.com/fuxiaohei) and [@slene](https://github.com/slene).
-- See [contributors page](https://github.com/gogits/gogs/graphs/contributors) for full list of contributors.
-- See [TRANSLATORS](conf/locale/TRANSLATORS) for public list of translators.
+We're [working on it](https://github.com/go-gitea/gitea/issues/1029).
 
 ## License
 
-This project is under the MIT License. See the [LICENSE](https://github.com/gogits/gogs/blob/master/LICENSE) file for the full license text.
+This project is licensed under the MIT License.
+See the [LICENSE](https://github.com/go-gitea/gitea/blob/master/LICENSE) file
+for the full license text.
+
+## Screenshots
+Looking for an overview of the interface? Check it out!
+
+| | | |
+|:---:|:---:|:---:|
+|![Dashboard](https://image.ibb.co/dms6DG/1.png)|![Repository](https://image.ibb.co/m6MSLw/2.png)|![Commits History](https://image.ibb.co/cjrSLw/3.png)|
+|![Branches](https://image.ibb.co/e6vbDG/4.png)|![Issues](https://image.ibb.co/bJTJSb/5.png)|![Pull Request View](https://image.ibb.co/e02dSb/6.png)|
+|![Releases](https://image.ibb.co/cUzgfw/7.png)|![Activity](https://image.ibb.co/eZgGDG/8.png)|![Wiki](https://image.ibb.co/dYV9YG/9.png)|
+|![Diff](https://image.ibb.co/ewA9YG/10.png)|![Organization](https://image.ibb.co/ceOwDG/11.png)|![Profile](https://image.ibb.co/c44Q7b/12.png)|

README_ZH.md

@@ -1,107 +1,53 @@
-Gogs - Go Git Service [![Build Status](https://travis-ci.org/gogits/gogs.svg?branch=master)](https://travis-ci.org/gogits/gogs)
-=====================
+[English](https://github.com/go-gitea/gitea/blob/master/README.md)
 
-Gogs (Go Git Service) 是一款极易搭建的自助 Git 服务。
+# Gitea - Git with a cup of tea
 
-## 开发目的
+[![Build Status](https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg)](https://drone.gitea.io/go-gitea/gitea)
+[![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/gitea)
+[![](https://images.microbadger.com/badges/image/gitea/gitea.svg)](https://microbadger.com/images/gitea/gitea "Get your own image badge on microbadger.com")
+[![codecov](https://codecov.io/gh/go-gitea/gitea/branch/master/graph/badge.svg)](https://codecov.io/gh/go-gitea/gitea)
+[![Go Report Card](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea)
+[![GoDoc](https://godoc.org/code.gitea.io/gitea?status.svg)](https://godoc.org/code.gitea.io/gitea)
+[![GitHub release](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest)
+[![Become a backer/sponsor of gitea](https://opencollective.com/gitea/tiers/backers/badge.svg?label=backers&color=brightgreen)](https://opencollective.com/gitea)
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
+[![Crowdin](https://badges.crowdin.net/gitea/localized.svg)](https://crowdin.com/project/gitea)
 
-Gogs 的目标是打造一个最简单、最快速和最轻松的方式搭建自助 Git 服务。使用 Go 语言开发使得 Gogs 能够通过独立的二进制分发，并且支持 Go 语言支持的 **所有平台**，包括 Linux、Mac OS X、Windows 以及 ARM 平台。
+## 目标
 
-## 项目概览
+Gitea 的首要目标是创建一个极易安装，运行非常快速，安装和使用体验良好的自建 Git 服务。我们采用 Go 作为后端语言，这使我们只要生成一个可执行程序即可。并且他还支持跨平台，支持 Linux, macOS 和 Windows 以及各种架构，除了 x86，amd64，还包括 ARM 和 PowerPC。
 
-- 有关基本用法和变更日志，请通过 [使用手册](https://gogs.io/docs/intro/) 查看。
-- 您可以到 [Trello Board](https://trello.com/b/uxAoeLUl/gogs-go-git-service) 跟随开发团队的脚步。
-- 想要先睹为快？直接去 [在线体验](https://try.gogs.io/gogs/gogs) 。
-- 使用过程中遇到问题？尝试从 [故障排查](https://gogs.io/docs/intro/troubleshooting.html) 页面或 [用户论坛](https://discuss.gogs.io/) 获取帮助。
-- 希望帮助多国语言界面的翻译吗？请立即访问 [详情页面](https://gogs.io/docs/features/i18n.html)！
+如果您想试用一下，请访问 [在线Demo](https://try.gitea.io/)！
 
-## 功能特性
+## 提示
 
-- 支持活动时间线
-- 支持 SSH 以及 HTTP/HTTPS 协议
-- 支持 SMTP、LDAP 和反向代理的用户认证
-- 支持反向代理子路径
-- 支持用户、组织和仓库管理系统
-- 支持添加和删除仓库协作者
-- 支持仓库和组织级别 Web 钩子（包括 Slack 集成）
-- 支持仓库 Git 钩子和部署密钥
-- 支持仓库工单（Issue）、合并请求（Pull Request）以及 Wiki
-- 支持迁移和镜像仓库以及它的 Wiki
-- 支持在线编辑仓库文件和 Wiki
-- 支持自定义源的 Gravatar 和 Federated Avatar
-- 支持邮件服务
-- 支持后台管理面板
-- 支持 MySQL、PostgreSQL、SQLite3 和 [TiDB](https://github.com/pingcap/tidb)（实验性支持） 数据库
-- 支持多语言本地化（[19 种语言]([more](https://crowdin.com/project/gogs))）
+1. **开始贡献代码之前请确保你已经看过了 [贡献者向导（英文）](CONTRIBUTING.md)**.
+2. 所有的安全问题，请私下发送邮件给 **security@gitea.io**。谢谢！
+3. 如果你要使用API，请参见 [API 文档](https://godoc.org/code.gitea.io/sdk/gitea).
 
-## 系统要求
+## 文档
 
-- 最低的系统硬件要求为一个廉价的树莓派
-- 如果用于团队项目，建议使用 2 核 CPU 及 1GB 内存
+关于如何安装请访问我们的 [文档站](https://docs.gitea.io/zh-cn/)，如果没有找到对应的文档，你也可以通过 [Discord - 英文](https://discord.gg/gitea) 和 QQ群 328432459 来和我们交流。
 
-## 浏览器支持
+## 贡献流程
 
-- 请根据 [Semantic UI](https://github.com/Semantic-Org/Semantic-UI#browser-support) 查看具体支持的浏览器版本。
-- 官方支持的最小 UI 尺寸为 **1024*768**，UI 不一定会在更小尺寸的设备上被破坏，但我们无法保证且不会修复。
+Fork -> Patch -> Push -> Pull Request
 
-## 安装部署
+## 作者
 
-在安装 Gogs 之前，您需要先安装 [基本环境](https://gogs.io/docs/installation)。
-
-然后，您可以通过以下 5 种方式来安装 Gogs：
-
-- [二进制安装](https://gogs.io/docs/installation/install_from_binary.html)
-- [源码安装](https://gogs.io/docs/installation/install_from_source.html)
-- [包管理安装](https://gogs.io/docs/installation/install_from_packages.html)
-- [采用 Docker 部署](https://github.com/gogits/gogs/tree/master/docker)
-- [通过 Vagrant 安装](https://github.com/geerlingguy/ansible-vagrant-examples/tree/master/gogs)
-
-### 使用教程
-
-- [使用 Gogs 搭建自己的 Git 服务器](https://mynook.info/blog/post/host-your-own-git-server-using-gogs)
-- [阿里云上 Ubuntu 14.04 64 位安装 Gogs](http://my.oschina.net/luyao/blog/375654)
-
-### 云端部署
-
-- [OpenShift](https://github.com/tkisme/gogs-openshift)
-- [Cloudron](https://cloudron.io/appstore.html#io.gogs.cloudronapp)
-- [Scaleway](https://www.scaleway.com/imagehub/gogs/)
-- [Portal](https://portaldemo.xyz/cloud/)
-- [Sandstorm](https://github.com/cem/gogs-sandstorm)
-- [sloppy.io](https://github.com/sloppyio/quickstarters/tree/master/gogs)
-- [YunoHost](https://github.com/mbugeia/gogs_ynh)
-- [DPlatform](https://github.com/j8r/DPlatform)
-
-## 软件及服务支持
-
-- [Drone](https://github.com/drone/drone)（CI）
-- [Fabric8](http://fabric8.io/)（DevOps）
-- [Taiga](https://taiga.io/)（项目管理）
-- [Puppet](https://forge.puppetlabs.com/Siteminds/gogs)（IT）
-- [Kanboard](http://kanboard.net/plugin/gogs-webhook)（项目管理）
-- [BearyChat](https://bearychat.com/)（团队交流）
-- [HiWork](http://www.hiwork.cc/)（团队交流）
-
-### 产品支持
-
-- [Synology](https://www.synology.com)（Docker）
-- [One Space](http://www.onespace.cc)（应用商店）
-
-## 特别鸣谢
-
-- 基于 [Macaron](https://github.com/go-macaron/macaron) 的路由与中间件机制。
-- 基于 [GoBlog](https://github.com/fuxiaohei/goblog) 修改的系统监视状态。
-- 感谢 [Rocker](http://weibo.com/rocker1989) 设计的 Logo。
-- 感谢 [Crowdin](https://crowdin.com/project/gogs) 提供免费的开源项目本地化支持。
-- 感谢 [DigitalOcean](https://www.digitalocean.com) 提供主站和体验站点的服务器赞助。
-- 感谢 [KeyCDN](https://www.keycdn.com/) 和 [七牛云存储](http://www.qiniu.com/) 提供 CDN 服务赞助。
-
-## 贡献成员
-
-- 前团队成员 [@lunny](https://github.com/lunny)、[@fuxiaohei](https://github.com/fuxiaohei) 和 [@slene](https://github.com/slene)。
-- 您可以通过查看 [贡献者页面](https://github.com/gogits/gogs/graphs/contributors) 获取完整的贡献者列表。
-- 您可以通过查看 [TRANSLATORS](conf/locale/TRANSLATORS) 文件获取公开的翻译人员列表。
+* [Maintainers](https://github.com/orgs/go-gitea/people)
+* [Contributors](https://github.com/go-gitea/gitea/graphs/contributors)
+* [Translators](options/locale/TRANSLATORS)
 
 ## 授权许可
 
-本项目采用 MIT 开源授权许可证，完整的授权说明已放置在 [LICENSE](https://github.com/gogits/gogs/blob/master/LICENSE) 文件中。
+本项目采用 MIT 开源授权许可证，完整的授权说明已放置在 [LICENSE](https://github.com/go-gitea/gitea/blob/master/LICENSE) 文件中。
+
+## 截图
+
+| | | |
+|:---:|:---:|:---:|
+|![Dashboard](https://image.ibb.co/dms6DG/1.png)|![Repository](https://image.ibb.co/m6MSLw/2.png)|![Commits History](https://image.ibb.co/cjrSLw/3.png)|
+|![Branches](https://image.ibb.co/e6vbDG/4.png)|![Issues](https://image.ibb.co/bJTJSb/5.png)|![Pull Request View](https://image.ibb.co/e02dSb/6.png)|
+|![Releases](https://image.ibb.co/cUzgfw/7.png)|![Activity](https://image.ibb.co/eZgGDG/8.png)|![Wiki](https://image.ibb.co/dYV9YG/9.png)|
+|![Diff](https://image.ibb.co/ewA9YG/10.png)|![Organization](https://image.ibb.co/ceOwDG/11.png)|![Profile](https://image.ibb.co/c44Q7b/12.png)|

assets/logo.svg

@@ -0,0 +1,160 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="512"
+   height="512"
+   viewBox="0 0 135.46667 135.46667"
+   version="1.1"
+   id="svg8"
+   sodipodi:docname="logo.svg"
+   inkscape:version="0.92.1 r15371"
+   inkscape:export-filename=""
+   inkscape:export-xdpi="48.000004"
+   inkscape:export-ydpi="48.000004">
+  <defs
+     id="defs2" />
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="0.70710678"
+     inkscape:cx="418.13805"
+     inkscape:cy="177.57445"
+     inkscape:document-units="mm"
+     inkscape:current-layer="layer2"
+     showgrid="false"
+     units="px"
+     width="256px"
+     showguides="false"
+     inkscape:window-width="1920"
+     inkscape:window-height="1137"
+     inkscape:window-x="1912"
+     inkscape:window-y="-8"
+     inkscape:window-maximized="1"
+     inkscape:pagecheckerboard="false"
+     inkscape:measure-start="283.373,243.952"
+     inkscape:measure-end="290.267,236.527">
+    <sodipodi:guide
+       position="0,0"
+       orientation="0,512"
+       id="guide3699"
+       inkscape:locked="false" />
+    <sodipodi:guide
+       position="135.46667,0"
+       orientation="-512,0"
+       id="guide3701"
+       inkscape:locked="false" />
+    <sodipodi:guide
+       position="135.46667,135.46667"
+       orientation="0,-512"
+       id="guide3703"
+       inkscape:locked="false" />
+    <sodipodi:guide
+       position="0,135.46667"
+       orientation="512,0"
+       id="guide3705"
+       inkscape:locked="false" />
+  </sodipodi:namedview>
+  <metadata
+     id="metadata5">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:label="Layer 1"
+     inkscape:groupmode="layer"
+     id="layer1"
+     transform="translate(0,-161.53334)"
+     style="display:inline">
+    <path
+       style="fill:#609926;fill-opacity:1;stroke:#428f29;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;stroke-miterlimit:4;stroke-dasharray:none"
+       d="m 27.709937,195.15095 c -9.546573,-0.0272 -22.3392732,6.79805 -21.6317552,23.90397 1.105534,26.72889 25.4565952,29.20839 35.1916502,29.42301 1.068023,5.01357 12.521798,22.30563 21.001818,23.21667 h 37.15277 c 22.27763,-1.66785 38.9607,-75.75671 26.59321,-76.03825 -46.781583,2.47691 -49.995146,2.13838 -88.599758,0 -2.495053,-0.0266 -5.972321,-0.49474 -9.707935,-0.5054 z m 2.491319,9.45886 c 1.351378,13.69267 3.555849,21.70359 8.018216,33.94345 -11.382872,-1.50473 -21.069822,-5.22443 -22.851515,-19.10984 -0.950962,-7.4112 2.390428,-15.16769 14.833299,-14.83361 z"
+       id="path3722"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="sscccccsccsc" />
+  </g>
+  <g
+     inkscape:groupmode="layer"
+     id="layer2"
+     inkscape:label="Layer 2"
+     style="display:inline">
+    <rect
+       style="display:inline;fill:#ffffff;fill-opacity:1;stroke:none;stroke-width:0.24757317;stroke-opacity:1"
+       id="rect4599"
+       width="34.762054"
+       height="34.762054"
+       x="87.508659"
+       y="18.291576"
+       transform="rotate(25.914715)"
+       ry="5.4825778" />
+    <path
+       style="display:inline;fill:#ffffff;fill-opacity:1;stroke:none;stroke-width:0.26644793px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       d="m 79.804947,57.359056 3.241146,1.609954 V 35.255731 h -3.262698 z"
+       id="path4525"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="ccccc" />
+  </g>
+  <g
+     inkscape:groupmode="layer"
+     id="layer3"
+     inkscape:label="Layer 3"
+     style="display:inline">
+    <g
+       style="display:inline"
+       id="g4539">
+      <circle
+         transform="rotate(-19.796137)"
+         r="3.4745038"
+         cy="90.077766"
+         cx="49.064713"
+         id="path4606"
+         style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.26458332;stroke-opacity:1" />
+      <circle
+         transform="rotate(-19.796137)"
+         r="3.4745038"
+         cy="102.1049"
+         cx="36.810425"
+         id="path4606-3"
+         style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.26458332;stroke-opacity:1" />
+      <circle
+         transform="rotate(-19.796137)"
+         r="3.4745038"
+         cy="111.43928"
+         cx="46.484283"
+         id="path4606-1"
+         style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.26458332;stroke-opacity:1" />
+      <rect
+         transform="rotate(26.024158)"
+         y="18.061695"
+         x="97.333458"
+         height="27.261492"
+         width="2.6726954"
+         id="rect4629-8"
+         style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.27444693;stroke-opacity:1" />
+      <path
+         sodipodi:nodetypes="cc"
+         inkscape:connector-curvature="0"
+         id="path4514"
+         d="m 76.558096,68.116343 c 12.97589,6.395378 13.012989,4.101862 4.890858,20.907244"
+         style="fill:none;stroke:#609926;stroke-width:2.68000007;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
+    </g>
+  </g>
+</svg>

cmd/admin.go

@@ -1,26 +1,37 @@
 // Copyright 2016 The Gogs Authors. All rights reserved.
+// Copyright 2016 The Gitea Authors. All rights reserved.
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 
 package cmd
 
 import (
+	"errors"
 	"fmt"
+	"os"
+	"text/tabwriter"
+
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/auth/oauth2"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/log"
+	pwd "code.gitea.io/gitea/modules/password"
+	"code.gitea.io/gitea/modules/setting"
 
 	"github.com/urfave/cli"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/setting"
 )
 
 var (
+	// CmdAdmin represents the available admin sub-command.
 	CmdAdmin = cli.Command{
 		Name:  "admin",
-		Usage: "Preform admin operations on command line",
-		Description: `Allow using internal logic of Gogs without hacking into the source code
-to make automatic initialization process more smoothly`,
+		Usage: "Command line interface to perform common administrative operations",
 		Subcommands: []cli.Command{
 			subcmdCreateUser,
+			subcmdChangePassword,
+			subcmdRepoSyncReleases,
+			subcmdRegenerate,
+			subcmdAuth,
 		},
 	}
 
@@ -29,42 +40,520 @@ to make automatic initialization process more smoothly`,
 		Usage:  "Create a new user in database",
 		Action: runCreateUser,
 		Flags: []cli.Flag{
-			stringFlag("name", "", "Username"),
-			stringFlag("password", "", "User password"),
-			stringFlag("email", "", "User email address"),
-			boolFlag("admin", "User is an admin"),
-			stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
+			cli.StringFlag{
+				Name:  "name",
+				Usage: "Username. DEPRECATED: use username instead",
+			},
+			cli.StringFlag{
+				Name:  "username",
+				Usage: "Username",
+			},
+			cli.StringFlag{
+				Name:  "password",
+				Usage: "User password",
+			},
+			cli.StringFlag{
+				Name:  "email",
+				Usage: "User email address",
+			},
+			cli.BoolFlag{
+				Name:  "admin",
+				Usage: "User is an admin",
+			},
+			cli.BoolFlag{
+				Name:  "random-password",
+				Usage: "Generate a random password for the user",
+			},
+			cli.BoolFlag{
+				Name:  "must-change-password",
+				Usage: "Force the user to change his/her password after initial login",
+			},
+			cli.IntFlag{
+				Name:  "random-password-length",
+				Usage: "Length of the random password to be generated",
+				Value: 12,
+			},
+			cli.BoolFlag{
+				Name:  "access-token",
+				Usage: "Generate access token for the user",
+			},
 		},
 	}
+
+	subcmdChangePassword = cli.Command{
+		Name:   "change-password",
+		Usage:  "Change a user's password",
+		Action: runChangePassword,
+		Flags: []cli.Flag{
+			cli.StringFlag{
+				Name:  "username,u",
+				Value: "",
+				Usage: "The user to change password for",
+			},
+			cli.StringFlag{
+				Name:  "password,p",
+				Value: "",
+				Usage: "New password to set for user",
+			},
+		},
+	}
+
+	subcmdRepoSyncReleases = cli.Command{
+		Name:   "repo-sync-releases",
+		Usage:  "Synchronize repository releases with tags",
+		Action: runRepoSyncReleases,
+	}
+
+	subcmdRegenerate = cli.Command{
+		Name:  "regenerate",
+		Usage: "Regenerate specific files",
+		Subcommands: []cli.Command{
+			microcmdRegenHooks,
+			microcmdRegenKeys,
+		},
+	}
+
+	microcmdRegenHooks = cli.Command{
+		Name:   "hooks",
+		Usage:  "Regenerate git-hooks",
+		Action: runRegenerateHooks,
+	}
+
+	microcmdRegenKeys = cli.Command{
+		Name:   "keys",
+		Usage:  "Regenerate authorized_keys file",
+		Action: runRegenerateKeys,
+	}
+
+	subcmdAuth = cli.Command{
+		Name:  "auth",
+		Usage: "Modify external auth providers",
+		Subcommands: []cli.Command{
+			microcmdAuthAddOauth,
+			microcmdAuthUpdateOauth,
+			cmdAuthAddLdapBindDn,
+			cmdAuthUpdateLdapBindDn,
+			cmdAuthAddLdapSimpleAuth,
+			cmdAuthUpdateLdapSimpleAuth,
+			microcmdAuthList,
+			microcmdAuthDelete,
+		},
+	}
+
+	microcmdAuthList = cli.Command{
+		Name:   "list",
+		Usage:  "List auth sources",
+		Action: runListAuth,
+	}
+
+	idFlag = cli.Int64Flag{
+		Name:  "id",
+		Usage: "ID of authentication source",
+	}
+
+	microcmdAuthDelete = cli.Command{
+		Name:   "delete",
+		Usage:  "Delete specific auth source",
+		Action: runDeleteAuth,
+	}
+
+	oauthCLIFlags = []cli.Flag{
+		cli.StringFlag{
+			Name:  "name",
+			Value: "",
+			Usage: "Application Name",
+		},
+		cli.StringFlag{
+			Name:  "provider",
+			Value: "",
+			Usage: "OAuth2 Provider",
+		},
+		cli.StringFlag{
+			Name:  "key",
+			Value: "",
+			Usage: "Client ID (Key)",
+		},
+		cli.StringFlag{
+			Name:  "secret",
+			Value: "",
+			Usage: "Client Secret",
+		},
+		cli.StringFlag{
+			Name:  "auto-discover-url",
+			Value: "",
+			Usage: "OpenID Connect Auto Discovery URL (only required when using OpenID Connect as provider)",
+		},
+		cli.StringFlag{
+			Name:  "use-custom-urls",
+			Value: "false",
+			Usage: "Use custom URLs for GitLab/GitHub OAuth endpoints",
+		},
+		cli.StringFlag{
+			Name:  "custom-auth-url",
+			Value: "",
+			Usage: "Use a custom Authorization URL (option for GitLab/GitHub)",
+		},
+		cli.StringFlag{
+			Name:  "custom-token-url",
+			Value: "",
+			Usage: "Use a custom Token URL (option for GitLab/GitHub)",
+		},
+		cli.StringFlag{
+			Name:  "custom-profile-url",
+			Value: "",
+			Usage: "Use a custom Profile URL (option for GitLab/GitHub)",
+		},
+		cli.StringFlag{
+			Name:  "custom-email-url",
+			Value: "",
+			Usage: "Use a custom Email URL (option for GitHub)",
+		},
+	}
+
+	microcmdAuthUpdateOauth = cli.Command{
+		Name:   "update-oauth",
+		Usage:  "Update existing Oauth authentication source",
+		Action: runUpdateOauth,
+		Flags:  append(oauthCLIFlags[:1], append([]cli.Flag{idFlag}, oauthCLIFlags[1:]...)...),
+	}
+
+	microcmdAuthAddOauth = cli.Command{
+		Name:   "add-oauth",
+		Usage:  "Add new Oauth authentication source",
+		Action: runAddOauth,
+		Flags:  oauthCLIFlags,
+	}
 )
 
+func runChangePassword(c *cli.Context) error {
+	if err := argsSet(c, "username", "password"); err != nil {
+		return err
+	}
+
+	if err := initDB(); err != nil {
+		return err
+	}
+	if !pwd.IsComplexEnough(c.String("password")) {
+		return errors.New("Password does not meet complexity requirements")
+	}
+	uname := c.String("username")
+	user, err := models.GetUserByName(uname)
+	if err != nil {
+		return err
+	}
+	if user.Salt, err = models.GetUserSalt(); err != nil {
+		return err
+	}
+	user.HashPassword(c.String("password"))
+
+	if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil {
+		return err
+	}
+
+	fmt.Printf("%s's password has been successfully updated!\n", user.Name)
+	return nil
+}
+
 func runCreateUser(c *cli.Context) error {
-	if !c.IsSet("name") {
-		return fmt.Errorf("Username is not specified")
-	} else if !c.IsSet("password") {
-		return fmt.Errorf("Password is not specified")
-	} else if !c.IsSet("email") {
-		return fmt.Errorf("Email is not specified")
+	if err := argsSet(c, "email"); err != nil {
+		return err
 	}
 
-	if c.IsSet("config") {
-		setting.CustomConf = c.String("config")
+	if c.IsSet("name") && c.IsSet("username") {
+		return errors.New("Cannot set both --name and --username flags")
+	}
+	if !c.IsSet("name") && !c.IsSet("username") {
+		return errors.New("One of --name or --username flags must be set")
 	}
 
-	setting.NewContext()
-	models.LoadConfigs()
-	models.SetEngine()
+	if c.IsSet("password") && c.IsSet("random-password") {
+		return errors.New("cannot set both -random-password and -password flags")
+	}
 
-	if err := models.CreateUser(&models.User{
-		Name:     c.String("name"),
-		Email:    c.String("email"),
-		Passwd:   c.String("password"),
-		IsActive: true,
-		IsAdmin:  c.Bool("admin"),
-	}); err != nil {
+	var username string
+	if c.IsSet("username") {
+		username = c.String("username")
+	} else {
+		username = c.String("name")
+		fmt.Fprintf(os.Stderr, "--name flag is deprecated. Use --username instead.\n")
+	}
+
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	var password string
+	if c.IsSet("password") {
+		password = c.String("password")
+	} else if c.IsSet("random-password") {
+		var err error
+		password, err = pwd.Generate(c.Int("random-password-length"))
+		if err != nil {
+			return err
+		}
+		fmt.Printf("generated random password is '%s'\n", password)
+	} else {
+		return errors.New("must set either password or random-password flag")
+	}
+
+	// always default to true
+	var changePassword = true
+
+	// If this is the first user being created.
+	// Take it as the admin and don't force a password update.
+	if n := models.CountUsers(); n == 0 {
+		changePassword = false
+	}
+
+	if c.IsSet("must-change-password") {
+		changePassword = c.Bool("must-change-password")
+	}
+
+	u := &models.User{
+		Name:               username,
+		Email:              c.String("email"),
+		Passwd:             password,
+		IsActive:           true,
+		IsAdmin:            c.Bool("admin"),
+		MustChangePassword: changePassword,
+		Theme:              setting.UI.DefaultTheme,
+	}
+
+	if err := models.CreateUser(u); err != nil {
 		return fmt.Errorf("CreateUser: %v", err)
 	}
 
-	fmt.Printf("New user '%s' has been successfully created!\n", c.String("name"))
+	if c.Bool("access-token") {
+		t := &models.AccessToken{
+			Name: "gitea-admin",
+			UID:  u.ID,
+		}
+
+		if err := models.NewAccessToken(t); err != nil {
+			return err
+		}
+
+		fmt.Printf("Access token was successfully created... %s\n", t.Token)
+	}
+
+	fmt.Printf("New user '%s' has been successfully created!\n", username)
 	return nil
 }
+
+func runRepoSyncReleases(c *cli.Context) error {
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	log.Trace("Synchronizing repository releases (this may take a while)")
+	for page := 1; ; page++ {
+		repos, count, err := models.SearchRepositoryByName(&models.SearchRepoOptions{
+			Page:     page,
+			PageSize: models.RepositoryListDefaultPageSize,
+			Private:  true,
+		})
+		if err != nil {
+			return fmt.Errorf("SearchRepositoryByName: %v", err)
+		}
+		if len(repos) == 0 {
+			break
+		}
+		log.Trace("Processing next %d repos of %d", len(repos), count)
+		for _, repo := range repos {
+			log.Trace("Synchronizing repo %s with path %s", repo.FullName(), repo.RepoPath())
+			gitRepo, err := git.OpenRepository(repo.RepoPath())
+			if err != nil {
+				log.Warn("OpenRepository: %v", err)
+				continue
+			}
+
+			oldnum, err := getReleaseCount(repo.ID)
+			if err != nil {
+				log.Warn(" GetReleaseCountByRepoID: %v", err)
+			}
+			log.Trace(" currentNumReleases is %d, running SyncReleasesWithTags", oldnum)
+
+			if err = models.SyncReleasesWithTags(repo, gitRepo); err != nil {
+				log.Warn(" SyncReleasesWithTags: %v", err)
+				gitRepo.Close()
+				continue
+			}
+
+			count, err = getReleaseCount(repo.ID)
+			if err != nil {
+				log.Warn(" GetReleaseCountByRepoID: %v", err)
+				gitRepo.Close()
+				continue
+			}
+
+			log.Trace(" repo %s releases synchronized to tags: from %d to %d",
+				repo.FullName(), oldnum, count)
+			gitRepo.Close()
+		}
+	}
+
+	return nil
+}
+
+func getReleaseCount(id int64) (int64, error) {
+	return models.GetReleaseCountByRepoID(
+		id,
+		models.FindReleasesOptions{
+			IncludeTags: true,
+		},
+	)
+}
+
+func runRegenerateHooks(c *cli.Context) error {
+	if err := initDB(); err != nil {
+		return err
+	}
+	return models.SyncRepositoryHooks()
+}
+
+func runRegenerateKeys(c *cli.Context) error {
+	if err := initDB(); err != nil {
+		return err
+	}
+	return models.RewriteAllPublicKeys()
+}
+
+func parseOAuth2Config(c *cli.Context) *models.OAuth2Config {
+	var customURLMapping *oauth2.CustomURLMapping
+	if c.IsSet("use-custom-urls") {
+		customURLMapping = &oauth2.CustomURLMapping{
+			TokenURL:   c.String("custom-token-url"),
+			AuthURL:    c.String("custom-auth-url"),
+			ProfileURL: c.String("custom-profile-url"),
+			EmailURL:   c.String("custom-email-url"),
+		}
+	} else {
+		customURLMapping = nil
+	}
+	return &models.OAuth2Config{
+		Provider:                      c.String("provider"),
+		ClientID:                      c.String("key"),
+		ClientSecret:                  c.String("secret"),
+		OpenIDConnectAutoDiscoveryURL: c.String("auto-discover-url"),
+		CustomURLMapping:              customURLMapping,
+	}
+}
+
+func runAddOauth(c *cli.Context) error {
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	return models.CreateLoginSource(&models.LoginSource{
+		Type:      models.LoginOAuth2,
+		Name:      c.String("name"),
+		IsActived: true,
+		Cfg:       parseOAuth2Config(c),
+	})
+}
+
+func runUpdateOauth(c *cli.Context) error {
+	if !c.IsSet("id") {
+		return fmt.Errorf("--id flag is missing")
+	}
+
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	source, err := models.GetLoginSourceByID(c.Int64("id"))
+	if err != nil {
+		return err
+	}
+
+	oAuth2Config := source.OAuth2()
+
+	if c.IsSet("name") {
+		source.Name = c.String("name")
+	}
+
+	if c.IsSet("provider") {
+		oAuth2Config.Provider = c.String("provider")
+	}
+
+	if c.IsSet("key") {
+		oAuth2Config.ClientID = c.String("key")
+	}
+
+	if c.IsSet("secret") {
+		oAuth2Config.ClientSecret = c.String("secret")
+	}
+
+	if c.IsSet("auto-discover-url") {
+		oAuth2Config.OpenIDConnectAutoDiscoveryURL = c.String("auto-discover-url")
+	}
+
+	// update custom URL mapping
+	var customURLMapping = &oauth2.CustomURLMapping{}
+
+	if oAuth2Config.CustomURLMapping != nil {
+		customURLMapping.TokenURL = oAuth2Config.CustomURLMapping.TokenURL
+		customURLMapping.AuthURL = oAuth2Config.CustomURLMapping.AuthURL
+		customURLMapping.ProfileURL = oAuth2Config.CustomURLMapping.ProfileURL
+		customURLMapping.EmailURL = oAuth2Config.CustomURLMapping.EmailURL
+	}
+	if c.IsSet("use-custom-urls") && c.IsSet("custom-token-url") {
+		customURLMapping.TokenURL = c.String("custom-token-url")
+	}
+
+	if c.IsSet("use-custom-urls") && c.IsSet("custom-auth-url") {
+		customURLMapping.AuthURL = c.String("custom-auth-url")
+	}
+
+	if c.IsSet("use-custom-urls") && c.IsSet("custom-profile-url") {
+		customURLMapping.ProfileURL = c.String("custom-profile-url")
+	}
+
+	if c.IsSet("use-custom-urls") && c.IsSet("custom-email-url") {
+		customURLMapping.EmailURL = c.String("custom-email-url")
+	}
+
+	oAuth2Config.CustomURLMapping = customURLMapping
+	source.Cfg = oAuth2Config
+
+	return models.UpdateSource(source)
+}
+
+func runListAuth(c *cli.Context) error {
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	loginSources, err := models.LoginSources()
+
+	if err != nil {
+		return err
+	}
+
+	// loop through each source and print
+	w := tabwriter.NewWriter(os.Stdout, 0, 0, 1, ' ', tabwriter.AlignRight)
+	fmt.Fprintf(w, "ID\tName\tType\tEnabled")
+	for _, source := range loginSources {
+		fmt.Fprintf(w, "%d\t%s\t%s\t%t", source.ID, source.Name, models.LoginNames[source.Type], source.IsActived)
+	}
+	w.Flush()
+
+	return nil
+}
+
+func runDeleteAuth(c *cli.Context) error {
+	if !c.IsSet("id") {
+		return fmt.Errorf("--id flag is missing")
+	}
+
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	source, err := models.GetLoginSourceByID(c.Int64("id"))
+	if err != nil {
+		return err
+	}
+
+	return models.DeleteSource(source)
+}

cmd/admin_auth_ldap.go

@@ -0,0 +1,366 @@
+// Copyright 2019 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"fmt"
+	"strings"
+
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/auth/ldap"
+
+	"github.com/urfave/cli"
+)
+
+type (
+	authService struct {
+		initDB             func() error
+		createLoginSource  func(loginSource *models.LoginSource) error
+		updateLoginSource  func(loginSource *models.LoginSource) error
+		getLoginSourceByID func(id int64) (*models.LoginSource, error)
+	}
+)
+
+var (
+	commonLdapCLIFlags = []cli.Flag{
+		cli.StringFlag{
+			Name:  "name",
+			Usage: "Authentication name.",
+		},
+		cli.BoolFlag{
+			Name:  "not-active",
+			Usage: "Deactivate the authentication source.",
+		},
+		cli.StringFlag{
+			Name:  "security-protocol",
+			Usage: "Security protocol name.",
+		},
+		cli.BoolFlag{
+			Name:  "skip-tls-verify",
+			Usage: "Disable TLS verification.",
+		},
+		cli.StringFlag{
+			Name:  "host",
+			Usage: "The address where the LDAP server can be reached.",
+		},
+		cli.IntFlag{
+			Name:  "port",
+			Usage: "The port to use when connecting to the LDAP server.",
+		},
+		cli.StringFlag{
+			Name:  "user-search-base",
+			Usage: "The LDAP base at which user accounts will be searched for.",
+		},
+		cli.StringFlag{
+			Name:  "user-filter",
+			Usage: "An LDAP filter declaring how to find the user record that is attempting to authenticate.",
+		},
+		cli.StringFlag{
+			Name:  "admin-filter",
+			Usage: "An LDAP filter specifying if a user should be given administrator privileges.",
+		},
+		cli.BoolFlag{
+			Name:  "allow-deactivate-all",
+			Usage: "Allow empty search results to deactivate all users.",
+		},
+		cli.StringFlag{
+			Name:  "username-attribute",
+			Usage: "The attribute of the user’s LDAP record containing the user name.",
+		},
+		cli.StringFlag{
+			Name:  "firstname-attribute",
+			Usage: "The attribute of the user’s LDAP record containing the user’s first name.",
+		},
+		cli.StringFlag{
+			Name:  "surname-attribute",
+			Usage: "The attribute of the user’s LDAP record containing the user’s surname.",
+		},
+		cli.StringFlag{
+			Name:  "email-attribute",
+			Usage: "The attribute of the user’s LDAP record containing the user’s email address.",
+		},
+		cli.StringFlag{
+			Name:  "public-ssh-key-attribute",
+			Usage: "The attribute of the user’s LDAP record containing the user’s public ssh key.",
+		},
+	}
+
+	ldapBindDnCLIFlags = append(commonLdapCLIFlags,
+		cli.StringFlag{
+			Name:  "bind-dn",
+			Usage: "The DN to bind to the LDAP server with when searching for the user.",
+		},
+		cli.StringFlag{
+			Name:  "bind-password",
+			Usage: "The password for the Bind DN, if any.",
+		},
+		cli.BoolFlag{
+			Name:  "attributes-in-bind",
+			Usage: "Fetch attributes in bind DN context.",
+		},
+		cli.BoolFlag{
+			Name:  "synchronize-users",
+			Usage: "Enable user synchronization.",
+		},
+		cli.UintFlag{
+			Name:  "page-size",
+			Usage: "Search page size.",
+		})
+
+	ldapSimpleAuthCLIFlags = append(commonLdapCLIFlags,
+		cli.StringFlag{
+			Name:  "user-dn",
+			Usage: "The user’s DN.",
+		})
+
+	cmdAuthAddLdapBindDn = cli.Command{
+		Name:  "add-ldap",
+		Usage: "Add new LDAP (via Bind DN) authentication source",
+		Action: func(c *cli.Context) error {
+			return newAuthService().addLdapBindDn(c)
+		},
+		Flags: ldapBindDnCLIFlags,
+	}
+
+	cmdAuthUpdateLdapBindDn = cli.Command{
+		Name:  "update-ldap",
+		Usage: "Update existing LDAP (via Bind DN) authentication source",
+		Action: func(c *cli.Context) error {
+			return newAuthService().updateLdapBindDn(c)
+		},
+		Flags: append([]cli.Flag{idFlag}, ldapBindDnCLIFlags...),
+	}
+
+	cmdAuthAddLdapSimpleAuth = cli.Command{
+		Name:  "add-ldap-simple",
+		Usage: "Add new LDAP (simple auth) authentication source",
+		Action: func(c *cli.Context) error {
+			return newAuthService().addLdapSimpleAuth(c)
+		},
+		Flags: ldapSimpleAuthCLIFlags,
+	}
+
+	cmdAuthUpdateLdapSimpleAuth = cli.Command{
+		Name:  "update-ldap-simple",
+		Usage: "Update existing LDAP (simple auth) authentication source",
+		Action: func(c *cli.Context) error {
+			return newAuthService().updateLdapSimpleAuth(c)
+		},
+		Flags: append([]cli.Flag{idFlag}, ldapSimpleAuthCLIFlags...),
+	}
+)
+
+// newAuthService creates a service with default functions.
+func newAuthService() *authService {
+	return &authService{
+		initDB:             initDB,
+		createLoginSource:  models.CreateLoginSource,
+		updateLoginSource:  models.UpdateSource,
+		getLoginSourceByID: models.GetLoginSourceByID,
+	}
+}
+
+// parseLoginSource assigns values on loginSource according to command line flags.
+func parseLoginSource(c *cli.Context, loginSource *models.LoginSource) {
+	if c.IsSet("name") {
+		loginSource.Name = c.String("name")
+	}
+	if c.IsSet("not-active") {
+		loginSource.IsActived = !c.Bool("not-active")
+	}
+	if c.IsSet("synchronize-users") {
+		loginSource.IsSyncEnabled = c.Bool("synchronize-users")
+	}
+}
+
+// parseLdapConfig assigns values on config according to command line flags.
+func parseLdapConfig(c *cli.Context, config *models.LDAPConfig) error {
+	if c.IsSet("name") {
+		config.Source.Name = c.String("name")
+	}
+	if c.IsSet("host") {
+		config.Source.Host = c.String("host")
+	}
+	if c.IsSet("port") {
+		config.Source.Port = c.Int("port")
+	}
+	if c.IsSet("security-protocol") {
+		p, ok := findLdapSecurityProtocolByName(c.String("security-protocol"))
+		if !ok {
+			return fmt.Errorf("Unknown security protocol name: %s", c.String("security-protocol"))
+		}
+		config.Source.SecurityProtocol = p
+	}
+	if c.IsSet("skip-tls-verify") {
+		config.Source.SkipVerify = c.Bool("skip-tls-verify")
+	}
+	if c.IsSet("bind-dn") {
+		config.Source.BindDN = c.String("bind-dn")
+	}
+	if c.IsSet("user-dn") {
+		config.Source.UserDN = c.String("user-dn")
+	}
+	if c.IsSet("bind-password") {
+		config.Source.BindPassword = c.String("bind-password")
+	}
+	if c.IsSet("user-search-base") {
+		config.Source.UserBase = c.String("user-search-base")
+	}
+	if c.IsSet("username-attribute") {
+		config.Source.AttributeUsername = c.String("username-attribute")
+	}
+	if c.IsSet("firstname-attribute") {
+		config.Source.AttributeName = c.String("firstname-attribute")
+	}
+	if c.IsSet("surname-attribute") {
+		config.Source.AttributeSurname = c.String("surname-attribute")
+	}
+	if c.IsSet("email-attribute") {
+		config.Source.AttributeMail = c.String("email-attribute")
+	}
+	if c.IsSet("attributes-in-bind") {
+		config.Source.AttributesInBind = c.Bool("attributes-in-bind")
+	}
+	if c.IsSet("public-ssh-key-attribute") {
+		config.Source.AttributeSSHPublicKey = c.String("public-ssh-key-attribute")
+	}
+	if c.IsSet("page-size") {
+		config.Source.SearchPageSize = uint32(c.Uint("page-size"))
+	}
+	if c.IsSet("user-filter") {
+		config.Source.Filter = c.String("user-filter")
+	}
+	if c.IsSet("admin-filter") {
+		config.Source.AdminFilter = c.String("admin-filter")
+	}
+	if c.IsSet("allow-deactivate-all") {
+		config.Source.AllowDeactivateAll = c.Bool("allow-deactivate-all")
+	}
+	return nil
+}
+
+// findLdapSecurityProtocolByName finds security protocol by its name ignoring case.
+// It returns the value of the security protocol and if it was found.
+func findLdapSecurityProtocolByName(name string) (ldap.SecurityProtocol, bool) {
+	for i, n := range models.SecurityProtocolNames {
+		if strings.EqualFold(name, n) {
+			return i, true
+		}
+	}
+	return 0, false
+}
+
+// getLoginSource gets the login source by its id defined in the command line flags.
+// It returns an error if the id is not set, does not match any source or if the source is not of expected type.
+func (a *authService) getLoginSource(c *cli.Context, loginType models.LoginType) (*models.LoginSource, error) {
+	if err := argsSet(c, "id"); err != nil {
+		return nil, err
+	}
+
+	loginSource, err := a.getLoginSourceByID(c.Int64("id"))
+	if err != nil {
+		return nil, err
+	}
+
+	if loginSource.Type != loginType {
+		return nil, fmt.Errorf("Invalid authentication type. expected: %s, actual: %s", models.LoginNames[loginType], models.LoginNames[loginSource.Type])
+	}
+
+	return loginSource, nil
+}
+
+// addLdapBindDn adds a new LDAP via Bind DN authentication source.
+func (a *authService) addLdapBindDn(c *cli.Context) error {
+	if err := argsSet(c, "name", "security-protocol", "host", "port", "user-search-base", "user-filter", "email-attribute"); err != nil {
+		return err
+	}
+
+	if err := a.initDB(); err != nil {
+		return err
+	}
+
+	loginSource := &models.LoginSource{
+		Type:      models.LoginLDAP,
+		IsActived: true, // active by default
+		Cfg: &models.LDAPConfig{
+			Source: &ldap.Source{
+				Enabled: true, // always true
+			},
+		},
+	}
+
+	parseLoginSource(c, loginSource)
+	if err := parseLdapConfig(c, loginSource.LDAP()); err != nil {
+		return err
+	}
+
+	return a.createLoginSource(loginSource)
+}
+
+// updateLdapBindDn updates a new LDAP via Bind DN authentication source.
+func (a *authService) updateLdapBindDn(c *cli.Context) error {
+	if err := a.initDB(); err != nil {
+		return err
+	}
+
+	loginSource, err := a.getLoginSource(c, models.LoginLDAP)
+	if err != nil {
+		return err
+	}
+
+	parseLoginSource(c, loginSource)
+	if err := parseLdapConfig(c, loginSource.LDAP()); err != nil {
+		return err
+	}
+
+	return a.updateLoginSource(loginSource)
+}
+
+// addLdapSimpleAuth adds a new LDAP (simple auth) authentication source.
+func (a *authService) addLdapSimpleAuth(c *cli.Context) error {
+	if err := argsSet(c, "name", "security-protocol", "host", "port", "user-dn", "user-filter", "email-attribute"); err != nil {
+		return err
+	}
+
+	if err := a.initDB(); err != nil {
+		return err
+	}
+
+	loginSource := &models.LoginSource{
+		Type:      models.LoginDLDAP,
+		IsActived: true, // active by default
+		Cfg: &models.LDAPConfig{
+			Source: &ldap.Source{
+				Enabled: true, // always true
+			},
+		},
+	}
+
+	parseLoginSource(c, loginSource)
+	if err := parseLdapConfig(c, loginSource.LDAP()); err != nil {
+		return err
+	}
+
+	return a.createLoginSource(loginSource)
+}
+
+// updateLdapBindDn updates a new LDAP (simple auth) authentication source.
+func (a *authService) updateLdapSimpleAuth(c *cli.Context) error {
+	if err := a.initDB(); err != nil {
+		return err
+	}
+
+	loginSource, err := a.getLoginSource(c, models.LoginDLDAP)
+	if err != nil {
+		return err
+	}
+
+	parseLoginSource(c, loginSource)
+	if err := parseLdapConfig(c, loginSource.LDAP()); err != nil {
+		return err
+	}
+
+	return a.updateLoginSource(loginSource)
+}

cmd/cert.go

@@ -1,7 +1,6 @@
-// +build cert
-
 // Copyright 2009 The Go Authors. All rights reserved.
 // Copyright 2014 The Gogs Authors. All rights reserved.
+// Copyright 2016 The Gitea Authors. All rights reserved.
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 
@@ -25,19 +24,43 @@ import (
 	"github.com/urfave/cli"
 )
 
+// CmdCert represents the available cert sub-command.
 var CmdCert = cli.Command{
 	Name:  "cert",
 	Usage: "Generate self-signed certificate",
-	Description: `Generate a self-signed X.509 certificate for a TLS server. 
+	Description: `Generate a self-signed X.509 certificate for a TLS server.
 Outputs to 'cert.pem' and 'key.pem' and will overwrite existing files.`,
 	Action: runCert,
 	Flags: []cli.Flag{
-		stringFlag("host", "", "Comma-separated hostnames and IPs to generate a certificate for"),
-		stringFlag("ecdsa-curve", "", "ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521"),
-		intFlag("rsa-bits", 2048, "Size of RSA key to generate. Ignored if --ecdsa-curve is set"),
-		stringFlag("start-date", "", "Creation date formatted as Jan 1 15:04:05 2011"),
-		durationFlag("duration", 365*24*time.Hour, "Duration that certificate is valid for"),
-		boolFlag("ca", "whether this cert should be its own Certificate Authority"),
+		cli.StringFlag{
+			Name:  "host",
+			Value: "",
+			Usage: "Comma-separated hostnames and IPs to generate a certificate for",
+		},
+		cli.StringFlag{
+			Name:  "ecdsa-curve",
+			Value: "",
+			Usage: "ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521",
+		},
+		cli.IntFlag{
+			Name:  "rsa-bits",
+			Value: 2048,
+			Usage: "Size of RSA key to generate. Ignored if --ecdsa-curve is set",
+		},
+		cli.StringFlag{
+			Name:  "start-date",
+			Value: "",
+			Usage: "Creation date formatted as Jan 1 15:04:05 2011",
+		},
+		cli.DurationFlag{
+			Name:  "duration",
+			Value: 365 * 24 * time.Hour,
+			Usage: "Duration that certificate is valid for",
+		},
+		cli.BoolFlag{
+			Name:  "ca",
+			Usage: "whether this cert should be its own Certificate Authority",
+		},
 	},
 }
 
@@ -59,7 +82,7 @@ func pemBlockForKey(priv interface{}) *pem.Block {
 	case *ecdsa.PrivateKey:
 		b, err := x509.MarshalECPrivateKey(k)
 		if err != nil {
-			log.Fatalf("Unable to marshal ECDSA private key: %v\n", err)
+			log.Fatalf("Unable to marshal ECDSA private key: %v", err)
 		}
 		return &pem.Block{Type: "EC PRIVATE KEY", Bytes: b}
 	default:
@@ -67,16 +90,16 @@ func pemBlockForKey(priv interface{}) *pem.Block {
 	}
 }
 
-func runCert(ctx *cli.Context) error {
-	if len(ctx.String("host")) == 0 {
-		log.Fatal("Missing required --host parameter")
+func runCert(c *cli.Context) error {
+	if err := argsSet(c, "host"); err != nil {
+		return err
 	}
 
 	var priv interface{}
 	var err error
-	switch ctx.String("ecdsa-curve") {
+	switch c.String("ecdsa-curve") {
 	case "":
-		priv, err = rsa.GenerateKey(rand.Reader, ctx.Int("rsa-bits"))
+		priv, err = rsa.GenerateKey(rand.Reader, c.Int("rsa-bits"))
 	case "P224":
 		priv, err = ecdsa.GenerateKey(elliptic.P224(), rand.Reader)
 	case "P256":
@@ -86,35 +109,35 @@ func runCert(ctx *cli.Context) error {
 	case "P521":
 		priv, err = ecdsa.GenerateKey(elliptic.P521(), rand.Reader)
 	default:
-		log.Fatalf("Unrecognized elliptic curve: %q", ctx.String("ecdsa-curve"))
+		log.Fatalf("Unrecognized elliptic curve: %q", c.String("ecdsa-curve"))
 	}
 	if err != nil {
-		log.Fatalf("Failed to generate private key: %s", err)
+		log.Fatalf("Failed to generate private key: %v", err)
 	}
 
 	var notBefore time.Time
-	if len(ctx.String("start-date")) == 0 {
-		notBefore = time.Now()
-	} else {
-		notBefore, err = time.Parse("Jan 2 15:04:05 2006", ctx.String("start-date"))
+	if startDate := c.String("start-date"); startDate != "" {
+		notBefore, err = time.Parse("Jan 2 15:04:05 2006", startDate)
 		if err != nil {
-			log.Fatalf("Failed to parse creation date: %s", err)
+			log.Fatalf("Failed to parse creation date: %v", err)
 		}
+	} else {
+		notBefore = time.Now()
 	}
 
-	notAfter := notBefore.Add(ctx.Duration("duration"))
+	notAfter := notBefore.Add(c.Duration("duration"))
 
 	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
 	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
 	if err != nil {
-		log.Fatalf("Failed to generate serial number: %s", err)
+		log.Fatalf("Failed to generate serial number: %v", err)
 	}
 
 	template := x509.Certificate{
 		SerialNumber: serialNumber,
 		Subject: pkix.Name{
 			Organization: []string{"Acme Co"},
-			CommonName:   "Gogs",
+			CommonName:   "Gitea",
 		},
 		NotBefore: notBefore,
 		NotAfter:  notAfter,
@@ -124,7 +147,7 @@ func runCert(ctx *cli.Context) error {
 		BasicConstraintsValid: true,
 	}
 
-	hosts := strings.Split(ctx.String("host"), ",")
+	hosts := strings.Split(c.String("host"), ",")
 	for _, h := range hosts {
 		if ip := net.ParseIP(h); ip != nil {
 			template.IPAddresses = append(template.IPAddresses, ip)
@@ -133,31 +156,42 @@ func runCert(ctx *cli.Context) error {
 		}
 	}
 
-	if ctx.Bool("ca") {
+	if c.Bool("ca") {
 		template.IsCA = true
 		template.KeyUsage |= x509.KeyUsageCertSign
 	}
 
 	derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, publicKey(priv), priv)
 	if err != nil {
-		log.Fatalf("Failed to create certificate: %s", err)
+		log.Fatalf("Failed to create certificate: %v", err)
 	}
 
 	certOut, err := os.Create("cert.pem")
 	if err != nil {
-		log.Fatalf("Failed to open cert.pem for writing: %s", err)
+		log.Fatalf("Failed to open cert.pem for writing: %v", err)
+	}
+	err = pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
+	if err != nil {
+		log.Fatalf("Failed to encode certificate: %v", err)
+	}
+	err = certOut.Close()
+	if err != nil {
+		log.Fatalf("Failed to write cert: %v", err)
 	}
-	pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
-	certOut.Close()
 	log.Println("Written cert.pem")
 
 	keyOut, err := os.OpenFile("key.pem", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
 	if err != nil {
-		log.Fatalf("Failed to open key.pem for writing: %v\n", err)
+		log.Fatalf("Failed to open key.pem for writing: %v", err)
+	}
+	err = pem.Encode(keyOut, pemBlockForKey(priv))
+	if err != nil {
+		log.Fatalf("Failed to encode key: %v", err)
+	}
+	err = keyOut.Close()
+	if err != nil {
+		log.Fatalf("Failed to write key: %v", err)
 	}
-	pem.Encode(keyOut, pemBlockForKey(priv))
-	keyOut.Close()
 	log.Println("Written key.pem")
-
 	return nil
 }

cmd/cert_stub.go

@@ -1,28 +0,0 @@
-// +build !cert
-
-// Copyright 2009 The Go Authors. All rights reserved.
-// Copyright 2014 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-package cmd
-
-import (
-	"fmt"
-	"os"
-
-	"github.com/urfave/cli"
-)
-
-var CmdCert = cli.Command{
-	Name:        "cert",
-	Usage:       "Generate self-signed certificate",
-	Description: `Please use build tags "cert" to rebuild Gogs in order to have this ability`,
-	Action:      runCert,
-}
-
-func runCert(ctx *cli.Context) error {
-	fmt.Println("Command cert not available, please use build tags 'cert' to rebuild.")
-	os.Exit(1)
-
-	return nil
-}

cmd/cmd.go

@@ -1,42 +1,48 @@
-// Copyright 2015 The Gogs Authors. All rights reserved.
+// Copyright 2018 The Gitea Authors. All rights reserved.
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 
+// Package cmd provides subcommands to the gitea binary - such as "web" or
+// "admin".
 package cmd
 
 import (
-	"time"
+	"errors"
+	"fmt"
+
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 
 	"github.com/urfave/cli"
 )
 
-func stringFlag(name, value, usage string) cli.StringFlag {
-	return cli.StringFlag{
-		Name:  name,
-		Value: value,
-		Usage: usage,
+// argsSet checks that all the required arguments are set. args is a list of
+// arguments that must be set in the passed Context.
+func argsSet(c *cli.Context, args ...string) error {
+	for _, a := range args {
+		if !c.IsSet(a) {
+			return errors.New(a + " is not set")
+		}
+
+		if util.IsEmptyString(a) {
+			return errors.New(a + " is required")
+		}
 	}
+	return nil
 }
 
-func boolFlag(name, usage string) cli.BoolFlag {
-	return cli.BoolFlag{
-		Name:  name,
-		Usage: usage,
-	}
+func initDB() error {
+	return initDBDisableConsole(false)
 }
 
-func intFlag(name string, value int, usage string) cli.IntFlag {
-	return cli.IntFlag{
-		Name:  name,
-		Value: value,
-		Usage: usage,
-	}
-}
+func initDBDisableConsole(disableConsole bool) error {
+	setting.NewContext()
+	setting.InitDBConfig()
 
-func durationFlag(name string, value time.Duration, usage string) cli.DurationFlag {
-	return cli.DurationFlag{
-		Name:  name,
-		Value: value,
-		Usage: usage,
+	setting.NewXORMLogService(disableConsole)
+	if err := models.SetEngine(); err != nil {
+		return fmt.Errorf("models.SetEngine: %v", err)
 	}
+	return nil
 }

cmd/convert.go

@@ -0,0 +1,49 @@
+// Copyright 2019 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"fmt"
+
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+
+	"github.com/urfave/cli"
+)
+
+// CmdConvert represents the available convert sub-command.
+var CmdConvert = cli.Command{
+	Name:        "convert",
+	Usage:       "Convert the database",
+	Description: "A command to convert an existing MySQL database from utf8 to utf8mb4",
+	Action:      runConvert,
+}
+
+func runConvert(ctx *cli.Context) error {
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	log.Trace("AppPath: %s", setting.AppPath)
+	log.Trace("AppWorkPath: %s", setting.AppWorkPath)
+	log.Trace("Custom path: %s", setting.CustomPath)
+	log.Trace("Log path: %s", setting.LogRootPath)
+	setting.InitDBConfig()
+
+	if !setting.Database.UseMySQL {
+		fmt.Println("This command can only be used with a MySQL database")
+		return nil
+	}
+
+	if err := models.ConvertUtf8ToUtf8mb4(); err != nil {
+		log.Fatal("Failed to convert database from utf8 to utf8mb4: %v", err)
+		return err
+	}
+
+	fmt.Println("Converted successfully, please confirm your database's character set is now utf8mb4")
+
+	return nil
+}

cmd/dump.go

@@ -1,4 +1,5 @@
 // Copyright 2014 The Gogs Authors. All rights reserved.
+// Copyright 2016 The Gitea Authors. All rights reserved.
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 
@@ -6,103 +7,202 @@ package cmd
 
 import (
 	"fmt"
+	"io/ioutil"
 	"log"
 	"os"
 	"path"
+	"path/filepath"
 	"time"
 
-	"io/ioutil"
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/Unknwon/cae/zip"
+	"github.com/unknwon/cae/zip"
+	"github.com/unknwon/com"
 	"github.com/urfave/cli"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/setting"
 )
 
+// CmdDump represents the available dump sub-command.
 var CmdDump = cli.Command{
 	Name:  "dump",
-	Usage: "Dump Gogs files and database",
+	Usage: "Dump Gitea files and database",
 	Description: `Dump compresses all related files and database into zip file.
-It can be used for backup and capture Gogs server image to send to maintainer`,
+It can be used for backup and capture Gitea server image to send to maintainer`,
 	Action: runDump,
 	Flags: []cli.Flag{
-		stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
-		boolFlag("verbose, v", "Show process details"),
-		stringFlag("tempdir, t", os.TempDir(), "Temporary dir path"),
+		cli.StringFlag{
+			Name:  "file, f",
+			Value: fmt.Sprintf("gitea-dump-%d.zip", time.Now().Unix()),
+			Usage: "Name of the dump file which will be created.",
+		},
+		cli.BoolFlag{
+			Name:  "verbose, V",
+			Usage: "Show process details",
+		},
+		cli.StringFlag{
+			Name:  "tempdir, t",
+			Value: os.TempDir(),
+			Usage: "Temporary dir path",
+		},
+		cli.StringFlag{
+			Name:  "database, d",
+			Usage: "Specify the database SQL syntax",
+		},
+		cli.BoolFlag{
+			Name:  "skip-repository, R",
+			Usage: "Skip the repository dumping",
+		},
 	},
 }
 
 func runDump(ctx *cli.Context) error {
-	if ctx.IsSet("config") {
-		setting.CustomConf = ctx.String("config")
-	}
 	setting.NewContext()
-	models.LoadConfigs()
-	models.SetEngine()
+	setting.NewServices() // cannot access session settings otherwise
+
+	err := models.SetEngine()
+	if err != nil {
+		return err
+	}
 
 	tmpDir := ctx.String("tempdir")
 	if _, err := os.Stat(tmpDir); os.IsNotExist(err) {
 		log.Fatalf("Path does not exist: %s", tmpDir)
 	}
-	TmpWorkDir, err := ioutil.TempDir(tmpDir, "gogs-dump-")
+	tmpWorkDir, err := ioutil.TempDir(tmpDir, "gitea-dump-")
 	if err != nil {
-		log.Fatalf("Fail to create tmp work directory: %v", err)
+		log.Fatalf("Failed to create tmp work directory: %v", err)
 	}
-	log.Printf("Creating tmp work dir: %s", TmpWorkDir)
+	log.Printf("Creating tmp work dir: %s", tmpWorkDir)
 
-	reposDump := path.Join(TmpWorkDir, "gogs-repo.zip")
-	dbDump := path.Join(TmpWorkDir, "gogs-db.sql")
-
-	log.Printf("Dumping local repositories...%s", setting.RepoRootPath)
-	zip.Verbose = ctx.Bool("verbose")
-	if err := zip.PackTo(setting.RepoRootPath, reposDump, true); err != nil {
-		log.Fatalf("Fail to dump local repositories: %v", err)
+	// work-around #1103
+	if os.Getenv("TMPDIR") == "" {
+		os.Setenv("TMPDIR", tmpWorkDir)
 	}
 
-	log.Printf("Dumping database...")
-	if err := models.DumpDatabase(dbDump); err != nil {
-		log.Fatalf("Fail to dump database: %v", err)
-	}
+	dbDump := path.Join(tmpWorkDir, "gitea-db.sql")
 
-	fileName := fmt.Sprintf("gogs-dump-%d.zip", time.Now().Unix())
+	fileName := ctx.String("file")
 	log.Printf("Packing dump files...")
 	z, err := zip.Create(fileName)
 	if err != nil {
-		os.Remove(fileName)
-		log.Fatalf("Fail to create %s: %v", fileName, err)
+		log.Fatalf("Failed to create %s: %v", fileName, err)
+	}
+	zip.Verbose = ctx.Bool("verbose")
+
+	if ctx.IsSet("skip-repository") {
+		log.Printf("Skip dumping local repositories")
+	} else {
+		log.Printf("Dumping local repositories...%s", setting.RepoRootPath)
+		reposDump := path.Join(tmpWorkDir, "gitea-repo.zip")
+		if err := zip.PackTo(setting.RepoRootPath, reposDump, true); err != nil {
+			log.Fatalf("Failed to dump local repositories: %v", err)
+		}
+		if err := z.AddFile("gitea-repo.zip", reposDump); err != nil {
+			log.Fatalf("Failed to include gitea-repo.zip: %v", err)
+		}
 	}
 
-	if err := z.AddFile("gogs-repo.zip", reposDump); err != nil {
-		log.Fatalf("Fail to include gogs-repo.zip: %v", err)
+	targetDBType := ctx.String("database")
+	if len(targetDBType) > 0 && targetDBType != setting.Database.Type {
+		log.Printf("Dumping database %s => %s...", setting.Database.Type, targetDBType)
+	} else {
+		log.Printf("Dumping database...")
 	}
-	if err := z.AddFile("gogs-db.sql", dbDump); err != nil {
-		log.Fatalf("Fail to include gogs-db.sql: %v", err)
+
+	if err := models.DumpDatabase(dbDump, targetDBType); err != nil {
+		log.Fatalf("Failed to dump database: %v", err)
 	}
+
+	if err := z.AddFile("gitea-db.sql", dbDump); err != nil {
+		log.Fatalf("Failed to include gitea-db.sql: %v", err)
+	}
+
+	if len(setting.CustomConf) > 0 {
+		log.Printf("Adding custom configuration file from %s", setting.CustomConf)
+		if err := z.AddFile("app.ini", setting.CustomConf); err != nil {
+			log.Fatalf("Failed to include specified app.ini: %v", err)
+		}
+	}
+
 	customDir, err := os.Stat(setting.CustomPath)
 	if err == nil && customDir.IsDir() {
 		if err := z.AddDir("custom", setting.CustomPath); err != nil {
-			log.Fatalf("Fail to include custom: %v", err)
+			log.Fatalf("Failed to include custom: %v", err)
 		}
 	} else {
 		log.Printf("Custom dir %s doesn't exist, skipped", setting.CustomPath)
 	}
-	if err := z.AddDir("log", setting.LogRootPath); err != nil {
-		log.Fatalf("Fail to include log: %v", err)
+
+	if com.IsExist(setting.AppDataPath) {
+		log.Printf("Packing data directory...%s", setting.AppDataPath)
+
+		var sessionAbsPath string
+		if setting.SessionConfig.Provider == "file" {
+			sessionAbsPath = setting.SessionConfig.ProviderConfig
+		}
+		if err := zipAddDirectoryExclude(z, "data", setting.AppDataPath, sessionAbsPath); err != nil {
+			log.Fatalf("Failed to include data directory: %v", err)
+		}
 	}
-	// FIXME: SSH key file.
+
+	if com.IsExist(setting.LogRootPath) {
+		if err := z.AddDir("log", setting.LogRootPath); err != nil {
+			log.Fatalf("Failed to include log: %v", err)
+		}
+	}
+
 	if err = z.Close(); err != nil {
-		os.Remove(fileName)
-		log.Fatalf("Fail to save %s: %v", fileName, err)
+		_ = os.Remove(fileName)
+		log.Fatalf("Failed to save %s: %v", fileName, err)
 	}
 
 	if err := os.Chmod(fileName, 0600); err != nil {
 		log.Printf("Can't change file access permissions mask to 0600: %v", err)
 	}
 
-	log.Printf("Removing tmp work dir: %s", TmpWorkDir)
-	os.RemoveAll(TmpWorkDir)
+	log.Printf("Removing tmp work dir: %s", tmpWorkDir)
+
+	if err := os.RemoveAll(tmpWorkDir); err != nil {
+		log.Fatalf("Failed to remove %s: %v", tmpWorkDir, err)
+	}
 	log.Printf("Finish dumping in file %s", fileName)
 
 	return nil
 }
+
+// zipAddDirectoryExclude zips absPath to specified zipPath inside z excluding excludeAbsPath
+func zipAddDirectoryExclude(zip *zip.ZipArchive, zipPath, absPath string, excludeAbsPath string) error {
+	absPath, err := filepath.Abs(absPath)
+	if err != nil {
+		return err
+	}
+	dir, err := os.Open(absPath)
+	if err != nil {
+		return err
+	}
+	defer dir.Close()
+
+	zip.AddEmptyDir(zipPath)
+
+	files, err := dir.Readdir(0)
+	if err != nil {
+		return err
+	}
+	for _, file := range files {
+		currentAbsPath := path.Join(absPath, file.Name())
+		currentZipPath := path.Join(zipPath, file.Name())
+		if file.IsDir() {
+			if currentAbsPath != excludeAbsPath {
+				if err = zipAddDirectoryExclude(zip, currentZipPath, currentAbsPath, excludeAbsPath); err != nil {
+					return err
+				}
+			}
+
+		} else {
+			if err = zip.AddFile(currentZipPath, currentAbsPath); err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}

cmd/generate.go

@@ -0,0 +1,84 @@
+// Copyright 2016 The Gogs Authors. All rights reserved.
+// Copyright 2016 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"fmt"
+
+	"code.gitea.io/gitea/modules/generate"
+
+	"github.com/urfave/cli"
+)
+
+var (
+	// CmdGenerate represents the available generate sub-command.
+	CmdGenerate = cli.Command{
+		Name:  "generate",
+		Usage: "Command line interface for running generators",
+		Subcommands: []cli.Command{
+			subcmdSecret,
+		},
+	}
+
+	subcmdSecret = cli.Command{
+		Name:  "secret",
+		Usage: "Generate a secret token",
+		Subcommands: []cli.Command{
+			microcmdGenerateInternalToken,
+			microcmdGenerateLfsJwtSecret,
+			microcmdGenerateSecretKey,
+		},
+	}
+
+	microcmdGenerateInternalToken = cli.Command{
+		Name:   "INTERNAL_TOKEN",
+		Usage:  "Generate a new INTERNAL_TOKEN",
+		Action: runGenerateInternalToken,
+	}
+
+	microcmdGenerateLfsJwtSecret = cli.Command{
+		Name:    "JWT_SECRET",
+		Aliases: []string{"LFS_JWT_SECRET"},
+		Usage:   "Generate a new JWT_SECRET",
+		Action:  runGenerateLfsJwtSecret,
+	}
+
+	microcmdGenerateSecretKey = cli.Command{
+		Name:   "SECRET_KEY",
+		Usage:  "Generate a new SECRET_KEY",
+		Action: runGenerateSecretKey,
+	}
+)
+
+func runGenerateInternalToken(c *cli.Context) error {
+	internalToken, err := generate.NewInternalToken()
+	if err != nil {
+		return err
+	}
+
+	fmt.Printf("%s\n", internalToken)
+	return nil
+}
+
+func runGenerateLfsJwtSecret(c *cli.Context) error {
+	JWTSecretBase64, err := generate.NewJwtSecret()
+	if err != nil {
+		return err
+	}
+
+	fmt.Printf("%s\n", JWTSecretBase64)
+	return nil
+}
+
+func runGenerateSecretKey(c *cli.Context) error {
+	secretKey, err := generate.NewSecretKey()
+	if err != nil {
+		return err
+	}
+
+	fmt.Printf("%s\n", secretKey)
+	return nil
+}

cmd/hook.go

@@ -0,0 +1,186 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"net/http"
+	"os"
+	"strconv"
+	"strings"
+
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/private"
+
+	"github.com/urfave/cli"
+)
+
+var (
+	// CmdHook represents the available hooks sub-command.
+	CmdHook = cli.Command{
+		Name:        "hook",
+		Usage:       "Delegate commands to corresponding Git hooks",
+		Description: "This should only be called by Git",
+		Subcommands: []cli.Command{
+			subcmdHookPreReceive,
+			subcmdHookUpdate,
+			subcmdHookPostReceive,
+		},
+	}
+
+	subcmdHookPreReceive = cli.Command{
+		Name:        "pre-receive",
+		Usage:       "Delegate pre-receive Git hook",
+		Description: "This command should only be called by Git",
+		Action:      runHookPreReceive,
+	}
+	subcmdHookUpdate = cli.Command{
+		Name:        "update",
+		Usage:       "Delegate update Git hook",
+		Description: "This command should only be called by Git",
+		Action:      runHookUpdate,
+	}
+	subcmdHookPostReceive = cli.Command{
+		Name:        "post-receive",
+		Usage:       "Delegate post-receive Git hook",
+		Description: "This command should only be called by Git",
+		Action:      runHookPostReceive,
+	}
+)
+
+func runHookPreReceive(c *cli.Context) error {
+	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
+		return nil
+	}
+
+	setup("hooks/pre-receive.log")
+
+	// the environment setted on serv command
+	isWiki := (os.Getenv(models.EnvRepoIsWiki) == "true")
+	username := os.Getenv(models.EnvRepoUsername)
+	reponame := os.Getenv(models.EnvRepoName)
+	userID, _ := strconv.ParseInt(os.Getenv(models.EnvPusherID), 10, 64)
+	prID, _ := strconv.ParseInt(os.Getenv(models.ProtectedBranchPRID), 10, 64)
+
+	buf := bytes.NewBuffer(nil)
+	scanner := bufio.NewScanner(os.Stdin)
+	for scanner.Scan() {
+		buf.Write(scanner.Bytes())
+		buf.WriteByte('\n')
+
+		// TODO: support news feeds for wiki
+		if isWiki {
+			continue
+		}
+
+		fields := bytes.Fields(scanner.Bytes())
+		if len(fields) != 3 {
+			continue
+		}
+
+		oldCommitID := string(fields[0])
+		newCommitID := string(fields[1])
+		refFullName := string(fields[2])
+
+		// If the ref is a branch, check if it's protected
+		if strings.HasPrefix(refFullName, git.BranchPrefix) {
+			statusCode, msg := private.HookPreReceive(username, reponame, private.HookOptions{
+				OldCommitID:                     oldCommitID,
+				NewCommitID:                     newCommitID,
+				RefFullName:                     refFullName,
+				UserID:                          userID,
+				GitAlternativeObjectDirectories: os.Getenv(private.GitAlternativeObjectDirectories),
+				GitObjectDirectory:              os.Getenv(private.GitObjectDirectory),
+				GitQuarantinePath:               os.Getenv(private.GitQuarantinePath),
+				ProtectedBranchID:               prID,
+			})
+			switch statusCode {
+			case http.StatusInternalServerError:
+				fail("Internal Server Error", msg)
+			case http.StatusForbidden:
+				fail(msg, "")
+			}
+		}
+	}
+
+	return nil
+}
+
+func runHookUpdate(c *cli.Context) error {
+	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
+		return nil
+	}
+
+	setup("hooks/update.log")
+
+	return nil
+}
+
+func runHookPostReceive(c *cli.Context) error {
+	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
+		return nil
+	}
+
+	setup("hooks/post-receive.log")
+
+	// the environment setted on serv command
+	repoUser := os.Getenv(models.EnvRepoUsername)
+	isWiki := (os.Getenv(models.EnvRepoIsWiki) == "true")
+	repoName := os.Getenv(models.EnvRepoName)
+	pusherID, _ := strconv.ParseInt(os.Getenv(models.EnvPusherID), 10, 64)
+	pusherName := os.Getenv(models.EnvPusherName)
+
+	buf := bytes.NewBuffer(nil)
+	scanner := bufio.NewScanner(os.Stdin)
+	for scanner.Scan() {
+		buf.Write(scanner.Bytes())
+		buf.WriteByte('\n')
+
+		// TODO: support news feeds for wiki
+		if isWiki {
+			continue
+		}
+
+		fields := bytes.Fields(scanner.Bytes())
+		if len(fields) != 3 {
+			continue
+		}
+
+		oldCommitID := string(fields[0])
+		newCommitID := string(fields[1])
+		refFullName := string(fields[2])
+
+		res, err := private.HookPostReceive(repoUser, repoName, private.HookOptions{
+			OldCommitID: oldCommitID,
+			NewCommitID: newCommitID,
+			RefFullName: refFullName,
+			UserID:      pusherID,
+			UserName:    pusherName,
+		})
+
+		if res == nil {
+			fail("Internal Server Error", err)
+		}
+
+		if res["message"] == false {
+			continue
+		}
+
+		fmt.Fprintln(os.Stderr, "")
+		if res["create"] == true {
+			fmt.Fprintf(os.Stderr, "Create a new pull request for '%s':\n", res["branch"])
+			fmt.Fprintf(os.Stderr, "  %s\n", res["url"])
+		} else {
+			fmt.Fprint(os.Stderr, "Visit the existing pull request:\n")
+			fmt.Fprintf(os.Stderr, "  %s\n", res["url"])
+		}
+		fmt.Fprintln(os.Stderr, "")
+	}
+
+	return nil
+}

cmd/keys.go

@@ -0,0 +1,75 @@
+// Copyright 2018 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"errors"
+	"fmt"
+	"strings"
+
+	"code.gitea.io/gitea/models"
+
+	"github.com/urfave/cli"
+)
+
+// CmdKeys represents the available keys sub-command
+var CmdKeys = cli.Command{
+	Name:   "keys",
+	Usage:  "This command queries the Gitea database to get the authorized command for a given ssh key fingerprint",
+	Action: runKeys,
+	Flags: []cli.Flag{
+		cli.StringFlag{
+			Name:  "expected, e",
+			Value: "git",
+			Usage: "Expected user for whom provide key commands",
+		},
+		cli.StringFlag{
+			Name:  "username, u",
+			Value: "",
+			Usage: "Username trying to log in by SSH",
+		},
+		cli.StringFlag{
+			Name:  "type, t",
+			Value: "",
+			Usage: "Type of the SSH key provided to the SSH Server (requires content to be provided too)",
+		},
+		cli.StringFlag{
+			Name:  "content, k",
+			Value: "",
+			Usage: "Base64 encoded content of the SSH key provided to the SSH Server (requires type to be provided too)",
+		},
+	},
+}
+
+func runKeys(c *cli.Context) error {
+	if !c.IsSet("username") {
+		return errors.New("No username provided")
+	}
+	// Check username matches the expected username
+	if strings.TrimSpace(c.String("username")) != strings.TrimSpace(c.String("expected")) {
+		return nil
+	}
+
+	content := ""
+
+	if c.IsSet("type") && c.IsSet("content") {
+		content = fmt.Sprintf("%s %s", strings.TrimSpace(c.String("type")), strings.TrimSpace(c.String("content")))
+	}
+
+	if content == "" {
+		return errors.New("No key type and content provided")
+	}
+
+	if err := initDBDisableConsole(true); err != nil {
+		return err
+	}
+
+	publicKey, err := models.SearchPublicKeyByContent(content)
+	if err != nil {
+		return err
+	}
+	fmt.Println(publicKey.AuthorizedString())
+	return nil
+}

cmd/migrate.go

@@ -0,0 +1,41 @@
+// Copyright 2018 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/models/migrations"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+
+	"github.com/urfave/cli"
+)
+
+// CmdMigrate represents the available migrate sub-command.
+var CmdMigrate = cli.Command{
+	Name:        "migrate",
+	Usage:       "Migrate the database",
+	Description: "This is a command for migrating the database, so that you can run gitea admin create-user before starting the server.",
+	Action:      runMigrate,
+}
+
+func runMigrate(ctx *cli.Context) error {
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	log.Trace("AppPath: %s", setting.AppPath)
+	log.Trace("AppWorkPath: %s", setting.AppWorkPath)
+	log.Trace("Custom path: %s", setting.CustomPath)
+	log.Trace("Log path: %s", setting.LogRootPath)
+	setting.InitDBConfig()
+
+	if err := models.NewEngine(migrations.Migrate); err != nil {
+		log.Fatal("Failed to initialize ORM engine: %v", err)
+		return err
+	}
+
+	return nil
+}

cmd/serv.go

@@ -0,0 +1,258 @@
+// Copyright 2014 The Gogs Authors. All rights reserved.
+// Copyright 2016 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"net/url"
+	"os"
+	"os/exec"
+	"strconv"
+	"strings"
+	"time"
+
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/pprof"
+	"code.gitea.io/gitea/modules/private"
+	"code.gitea.io/gitea/modules/setting"
+
+	"github.com/dgrijalva/jwt-go"
+	"github.com/unknwon/com"
+	"github.com/urfave/cli"
+)
+
+const (
+	lfsAuthenticateVerb = "git-lfs-authenticate"
+)
+
+// CmdServ represents the available serv sub-command.
+var CmdServ = cli.Command{
+	Name:        "serv",
+	Usage:       "This command should only be called by SSH shell",
+	Description: `Serv provide access auth for repositories`,
+	Action:      runServ,
+	Flags: []cli.Flag{
+		cli.BoolFlag{
+			Name: "enable-pprof",
+		},
+	},
+}
+
+func setup(logPath string) {
+	_ = log.DelLogger("console")
+	setting.NewContext()
+}
+
+func parseCmd(cmd string) (string, string) {
+	ss := strings.SplitN(cmd, " ", 2)
+	if len(ss) != 2 {
+		return "", ""
+	}
+	return ss[0], strings.Replace(ss[1], "'/", "'", 1)
+}
+
+var (
+	allowedCommands = map[string]models.AccessMode{
+		"git-upload-pack":    models.AccessModeRead,
+		"git-upload-archive": models.AccessModeRead,
+		"git-receive-pack":   models.AccessModeWrite,
+		lfsAuthenticateVerb:  models.AccessModeNone,
+	}
+)
+
+func fail(userMessage, logMessage string, args ...interface{}) {
+	fmt.Fprintln(os.Stderr, "Gitea:", userMessage)
+
+	if len(logMessage) > 0 {
+		if !setting.ProdMode {
+			fmt.Fprintf(os.Stderr, logMessage+"\n", args...)
+		}
+	}
+
+	os.Exit(1)
+}
+
+func runServ(c *cli.Context) error {
+	// FIXME: This needs to internationalised
+	setup("serv.log")
+
+	if setting.SSH.Disabled {
+		println("Gitea: SSH has been disabled")
+		return nil
+	}
+
+	if len(c.Args()) < 1 {
+		if err := cli.ShowSubcommandHelp(c); err != nil {
+			fmt.Printf("error showing subcommand help: %v\n", err)
+		}
+		return nil
+	}
+
+	keys := strings.Split(c.Args()[0], "-")
+	if len(keys) != 2 || keys[0] != "key" {
+		fail("Key ID format error", "Invalid key argument: %s", c.Args()[0])
+	}
+	keyID := com.StrTo(keys[1]).MustInt64()
+
+	cmd := os.Getenv("SSH_ORIGINAL_COMMAND")
+	if len(cmd) == 0 {
+		key, user, err := private.ServNoCommand(keyID)
+		if err != nil {
+			fail("Internal error", "Failed to check provided key: %v", err)
+		}
+		if key.Type == models.KeyTypeDeploy {
+			println("Hi there! You've successfully authenticated with the deploy key named " + key.Name + ", but Gitea does not provide shell access.")
+		} else {
+			println("Hi there, " + user.Name + "! You've successfully authenticated with the key named " + key.Name + ", but Gitea does not provide shell access.")
+		}
+		println("If this is unexpected, please log in with password and setup Gitea under another user.")
+		return nil
+	}
+
+	verb, args := parseCmd(cmd)
+
+	var lfsVerb string
+	if verb == lfsAuthenticateVerb {
+		if !setting.LFS.StartServer {
+			fail("Unknown git command", "LFS authentication request over SSH denied, LFS support is disabled")
+		}
+
+		argsSplit := strings.Split(args, " ")
+		if len(argsSplit) >= 2 {
+			args = strings.TrimSpace(argsSplit[0])
+			lfsVerb = strings.TrimSpace(argsSplit[1])
+		}
+	}
+
+	repoPath := strings.ToLower(strings.Trim(args, "'"))
+	rr := strings.SplitN(repoPath, "/", 2)
+	if len(rr) != 2 {
+		fail("Invalid repository path", "Invalid repository path: %v", args)
+	}
+
+	username := strings.ToLower(rr[0])
+	reponame := strings.ToLower(strings.TrimSuffix(rr[1], ".git"))
+
+	if setting.EnablePprof || c.Bool("enable-pprof") {
+		if err := os.MkdirAll(setting.PprofDataPath, os.ModePerm); err != nil {
+			fail("Error while trying to create PPROF_DATA_PATH", "Error while trying to create PPROF_DATA_PATH: %v", err)
+		}
+
+		stopCPUProfiler, err := pprof.DumpCPUProfileForUsername(setting.PprofDataPath, username)
+		if err != nil {
+			fail("Internal Server Error", "Unable to start CPU profile: %v", err)
+		}
+		defer func() {
+			stopCPUProfiler()
+			err := pprof.DumpMemProfileForUsername(setting.PprofDataPath, username)
+			if err != nil {
+				fail("Internal Server Error", "Unable to dump Mem Profile: %v", err)
+			}
+		}()
+	}
+
+	requestedMode, has := allowedCommands[verb]
+	if !has {
+		fail("Unknown git command", "Unknown git command %s", verb)
+	}
+
+	if verb == lfsAuthenticateVerb {
+		if lfsVerb == "upload" {
+			requestedMode = models.AccessModeWrite
+		} else if lfsVerb == "download" {
+			requestedMode = models.AccessModeRead
+		} else {
+			fail("Unknown LFS verb", "Unknown lfs verb %s", lfsVerb)
+		}
+	}
+
+	results, err := private.ServCommand(keyID, username, reponame, requestedMode, verb, lfsVerb)
+	if err != nil {
+		if private.IsErrServCommand(err) {
+			errServCommand := err.(private.ErrServCommand)
+			if errServCommand.StatusCode != http.StatusInternalServerError {
+				fail("Unauthorized", "%s", errServCommand.Error())
+			} else {
+				fail("Internal Server Error", "%s", errServCommand.Error())
+			}
+		}
+		fail("Internal Server Error", "%s", err.Error())
+	}
+	os.Setenv(models.EnvRepoIsWiki, strconv.FormatBool(results.IsWiki))
+	os.Setenv(models.EnvRepoName, results.RepoName)
+	os.Setenv(models.EnvRepoUsername, results.OwnerName)
+	os.Setenv(models.EnvPusherName, results.UserName)
+	os.Setenv(models.EnvPusherID, strconv.FormatInt(results.UserID, 10))
+	os.Setenv(models.ProtectedBranchRepoID, strconv.FormatInt(results.RepoID, 10))
+	os.Setenv(models.ProtectedBranchPRID, fmt.Sprintf("%d", 0))
+
+	//LFS token authentication
+	if verb == lfsAuthenticateVerb {
+		url := fmt.Sprintf("%s%s/%s.git/info/lfs", setting.AppURL, url.PathEscape(results.OwnerName), url.PathEscape(results.RepoName))
+
+		now := time.Now()
+		claims := jwt.MapClaims{
+			"repo": results.RepoID,
+			"op":   lfsVerb,
+			"exp":  now.Add(setting.LFS.HTTPAuthExpiry).Unix(),
+			"nbf":  now.Unix(),
+			"user": results.UserID,
+		}
+		token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+
+		// Sign and get the complete encoded token as a string using the secret
+		tokenString, err := token.SignedString(setting.LFS.JWTSecretBytes)
+		if err != nil {
+			fail("Internal error", "Failed to sign JWT token: %v", err)
+		}
+
+		tokenAuthentication := &models.LFSTokenResponse{
+			Header: make(map[string]string),
+			Href:   url,
+		}
+		tokenAuthentication.Header["Authorization"] = fmt.Sprintf("Bearer %s", tokenString)
+
+		enc := json.NewEncoder(os.Stdout)
+		err = enc.Encode(tokenAuthentication)
+		if err != nil {
+			fail("Internal error", "Failed to encode LFS json response: %v", err)
+		}
+		return nil
+	}
+
+	// Special handle for Windows.
+	if setting.IsWindows {
+		verb = strings.Replace(verb, "-", " ", 1)
+	}
+
+	var gitcmd *exec.Cmd
+	verbs := strings.Split(verb, " ")
+	if len(verbs) == 2 {
+		gitcmd = exec.Command(verbs[0], verbs[1], repoPath)
+	} else {
+		gitcmd = exec.Command(verb, repoPath)
+	}
+
+	gitcmd.Dir = setting.RepoRootPath
+	gitcmd.Stdout = os.Stdout
+	gitcmd.Stdin = os.Stdin
+	gitcmd.Stderr = os.Stderr
+	if err = gitcmd.Run(); err != nil {
+		fail("Internal error", "Failed to execute git command: %v", err)
+	}
+
+	// Update user key activity.
+	if results.KeyID > 0 {
+		if err = private.UpdatePublicKeyInRepo(results.KeyID, results.RepoID); err != nil {
+			fail("Internal error", "UpdatePublicKeyInRepo: %v", err)
+		}
+	}
+
+	return nil
+}

cmd/serve.go

@@ -1,296 +0,0 @@
-// Copyright 2014 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package cmd
-
-import (
-	"crypto/tls"
-	"fmt"
-	"os"
-	"os/exec"
-	"path/filepath"
-	"strings"
-	"time"
-
-	"github.com/Unknwon/com"
-	git "github.com/gogits/git-module"
-	gouuid "github.com/satori/go.uuid"
-	"github.com/urfave/cli"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/base"
-	"github.com/gogits/gogs/modules/httplib"
-	"github.com/gogits/gogs/modules/log"
-	"github.com/gogits/gogs/modules/setting"
-)
-
-const (
-	_ACCESS_DENIED_MESSAGE = "Repository does not exist or you do not have access"
-)
-
-var CmdServ = cli.Command{
-	Name:        "serv",
-	Usage:       "This command should only be called by SSH shell",
-	Description: `Serv provide access auth for repositories`,
-	Action:      runServ,
-	Flags: []cli.Flag{
-		stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
-	},
-}
-
-func setup(logPath string) {
-	setting.NewContext()
-	log.NewGitLogger(filepath.Join(setting.LogRootPath, logPath))
-
-	models.LoadConfigs()
-
-	if setting.UseSQLite3 || setting.UseTiDB {
-		workDir, _ := setting.WorkDir()
-		os.Chdir(workDir)
-	}
-
-	models.SetEngine()
-}
-
-func parseCmd(cmd string) (string, string) {
-	ss := strings.SplitN(cmd, " ", 2)
-	if len(ss) != 2 {
-		return "", ""
-	}
-	return ss[0], strings.Replace(ss[1], "'/", "'", 1)
-}
-
-var (
-	allowedCommands = map[string]models.AccessMode{
-		"git-upload-pack":    models.ACCESS_MODE_READ,
-		"git-upload-archive": models.ACCESS_MODE_READ,
-		"git-receive-pack":   models.ACCESS_MODE_WRITE,
-	}
-)
-
-func fail(userMessage, logMessage string, args ...interface{}) {
-	fmt.Fprintln(os.Stderr, "Gogs:", userMessage)
-
-	if len(logMessage) > 0 {
-		if !setting.ProdMode {
-			fmt.Fprintf(os.Stderr, logMessage+"\n", args...)
-		}
-		log.GitLogger.Fatal(3, logMessage, args...)
-		return
-	}
-
-	log.GitLogger.Close()
-	os.Exit(1)
-}
-
-func handleUpdateTask(uuid string, user, repoUser *models.User, reponame string, isWiki bool) {
-	task, err := models.GetUpdateTaskByUUID(uuid)
-	if err != nil {
-		if models.IsErrUpdateTaskNotExist(err) {
-			log.GitLogger.Trace("No update task is presented: %s", uuid)
-			return
-		}
-		log.GitLogger.Fatal(2, "GetUpdateTaskByUUID: %v", err)
-	} else if err = models.DeleteUpdateTaskByUUID(uuid); err != nil {
-		log.GitLogger.Fatal(2, "DeleteUpdateTaskByUUID: %v", err)
-	}
-
-	if isWiki {
-		return
-	}
-
-	if err = models.PushUpdate(models.PushUpdateOptions{
-		RefFullName:  task.RefName,
-		OldCommitID:  task.OldCommitID,
-		NewCommitID:  task.NewCommitID,
-		PusherID:     user.ID,
-		PusherName:   user.Name,
-		RepoUserName: repoUser.Name,
-		RepoName:     reponame,
-	}); err != nil {
-		log.GitLogger.Error(2, "Update: %v", err)
-	}
-
-	// Ask for running deliver hook and test pull request tasks.
-	reqURL := setting.LocalURL + repoUser.Name + "/" + reponame + "/tasks/trigger?branch=" +
-		strings.TrimPrefix(task.RefName, git.BRANCH_PREFIX) + "&secret=" + base.EncodeMD5(repoUser.Salt) + "&pusher=" + com.ToStr(user.ID)
-	log.GitLogger.Trace("Trigger task: %s", reqURL)
-
-	resp, err := httplib.Head(reqURL).SetTLSClientConfig(&tls.Config{
-		InsecureSkipVerify: true,
-	}).Response()
-	if err == nil {
-		resp.Body.Close()
-		if resp.StatusCode/100 != 2 {
-			log.GitLogger.Error(2, "Fail to trigger task: not 2xx response code")
-		}
-	} else {
-		log.GitLogger.Error(2, "Fail to trigger task: %v", err)
-	}
-}
-
-func runServ(c *cli.Context) error {
-	if c.IsSet("config") {
-		setting.CustomConf = c.String("config")
-	}
-
-	setup("serv.log")
-
-	if setting.SSH.Disabled {
-		println("Gogs: SSH has been disabled")
-		return nil
-	}
-
-	if len(c.Args()) < 1 {
-		fail("Not enough arguments", "Not enough arguments")
-	}
-
-	cmd := os.Getenv("SSH_ORIGINAL_COMMAND")
-	if len(cmd) == 0 {
-		println("Hi there, You've successfully authenticated, but Gogs does not provide shell access.")
-		println("If this is unexpected, please log in with password and setup Gogs under another user.")
-		return nil
-	}
-
-	verb, args := parseCmd(cmd)
-	repoPath := strings.ToLower(strings.Trim(args, "'"))
-	rr := strings.SplitN(repoPath, "/", 2)
-	if len(rr) != 2 {
-		fail("Invalid repository path", "Invalid repository path: %v", args)
-	}
-	username := strings.ToLower(rr[0])
-	reponame := strings.ToLower(strings.TrimSuffix(rr[1], ".git"))
-
-	isWiki := false
-	if strings.HasSuffix(reponame, ".wiki") {
-		isWiki = true
-		reponame = reponame[:len(reponame)-5]
-	}
-
-	repoUser, err := models.GetUserByName(username)
-	if err != nil {
-		if models.IsErrUserNotExist(err) {
-			fail("Repository owner does not exist", "Unregistered owner: %s", username)
-		}
-		fail("Internal error", "Failed to get repository owner (%s): %v", username, err)
-	}
-
-	repo, err := models.GetRepositoryByName(repoUser.ID, reponame)
-	if err != nil {
-		if models.IsErrRepoNotExist(err) {
-			fail(_ACCESS_DENIED_MESSAGE, "Repository does not exist: %s/%s", repoUser.Name, reponame)
-		}
-		fail("Internal error", "Failed to get repository: %v", err)
-	}
-
-	requestedMode, has := allowedCommands[verb]
-	if !has {
-		fail("Unknown git command", "Unknown git command %s", verb)
-	}
-
-	// Prohibit push to mirror repositories.
-	if requestedMode > models.ACCESS_MODE_READ && repo.IsMirror {
-		fail("mirror repository is read-only", "")
-	}
-
-	// Allow anonymous clone for public repositories.
-	var (
-		keyID int64
-		user  *models.User
-	)
-	if requestedMode == models.ACCESS_MODE_WRITE || repo.IsPrivate {
-		keys := strings.Split(c.Args()[0], "-")
-		if len(keys) != 2 {
-			fail("Key ID format error", "Invalid key argument: %s", c.Args()[0])
-		}
-
-		key, err := models.GetPublicKeyByID(com.StrTo(keys[1]).MustInt64())
-		if err != nil {
-			fail("Invalid key ID", "Invalid key ID[%s]: %v", c.Args()[0], err)
-		}
-		keyID = key.ID
-
-		// Check deploy key or user key.
-		if key.Type == models.KEY_TYPE_DEPLOY {
-			if key.Mode < requestedMode {
-				fail("Key permission denied", "Cannot push with deployment key: %d", key.ID)
-			}
-			// Check if this deploy key belongs to current repository.
-			if !models.HasDeployKey(key.ID, repo.ID) {
-				fail("Key access denied", "Deploy key access denied: [key_id: %d, repo_id: %d]", key.ID, repo.ID)
-			}
-
-			// Update deploy key activity.
-			deployKey, err := models.GetDeployKeyByRepo(key.ID, repo.ID)
-			if err != nil {
-				fail("Internal error", "GetDeployKey: %v", err)
-			}
-
-			deployKey.Updated = time.Now()
-			if err = models.UpdateDeployKey(deployKey); err != nil {
-				fail("Internal error", "UpdateDeployKey: %v", err)
-			}
-		} else {
-			user, err = models.GetUserByKeyID(key.ID)
-			if err != nil {
-				fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err)
-			}
-
-			mode, err := models.AccessLevel(user, repo)
-			if err != nil {
-				fail("Internal error", "Fail to check access: %v", err)
-			} else if mode < requestedMode {
-				clientMessage := _ACCESS_DENIED_MESSAGE
-				if mode >= models.ACCESS_MODE_READ {
-					clientMessage = "You do not have sufficient authorization for this action"
-				}
-				fail(clientMessage,
-					"User %s does not have level %v access to repository %s",
-					user.Name, requestedMode, repoPath)
-			}
-		}
-	}
-
-	uuid := gouuid.NewV4().String()
-	os.Setenv("uuid", uuid)
-
-	// Special handle for Windows.
-	if setting.IsWindows {
-		verb = strings.Replace(verb, "-", " ", 1)
-	}
-
-	var gitcmd *exec.Cmd
-	verbs := strings.Split(verb, " ")
-	if len(verbs) == 2 {
-		gitcmd = exec.Command(verbs[0], verbs[1], repoPath)
-	} else {
-		gitcmd = exec.Command(verb, repoPath)
-	}
-	gitcmd.Dir = setting.RepoRootPath
-	gitcmd.Stdout = os.Stdout
-	gitcmd.Stdin = os.Stdin
-	gitcmd.Stderr = os.Stderr
-	if err = gitcmd.Run(); err != nil {
-		fail("Internal error", "Failed to execute git command: %v", err)
-	}
-
-	if requestedMode == models.ACCESS_MODE_WRITE {
-		handleUpdateTask(uuid, user, repoUser, reponame, isWiki)
-	}
-
-	// Update user key activity.
-	if keyID > 0 {
-		key, err := models.GetPublicKeyByID(keyID)
-		if err != nil {
-			fail("Internal error", "GetPublicKeyById: %v", err)
-		}
-
-		key.Updated = time.Now()
-		if err = models.UpdatePublicKey(key); err != nil {
-			fail("Internal error", "UpdatePublicKey: %v", err)
-		}
-	}
-
-	return nil
-}

cmd/update.go

@@ -1,58 +0,0 @@
-// Copyright 2014 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package cmd
-
-import (
-	"os"
-
-	"github.com/urfave/cli"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/log"
-	"github.com/gogits/gogs/modules/setting"
-)
-
-var CmdUpdate = cli.Command{
-	Name:        "update",
-	Usage:       "This command should only be called by Git hook",
-	Description: `Update get pushed info and insert into database`,
-	Action:      runUpdate,
-	Flags: []cli.Flag{
-		stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
-	},
-}
-
-func runUpdate(c *cli.Context) error {
-	if c.IsSet("config") {
-		setting.CustomConf = c.String("config")
-	}
-
-	setup("update.log")
-
-	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
-		log.GitLogger.Trace("SSH_ORIGINAL_COMMAND is empty")
-		return nil
-	}
-
-	args := c.Args()
-	if len(args) != 3 {
-		log.GitLogger.Fatal(2, "Arguments received are not equal to three")
-	} else if len(args[0]) == 0 {
-		log.GitLogger.Fatal(2, "First argument 'refName' is empty, shouldn't use")
-	}
-
-	task := models.UpdateTask{
-		UUID:        os.Getenv("uuid"),
-		RefName:     args[0],
-		OldCommitID: args[1],
-		NewCommitID: args[2],
-	}
-
-	if err := models.AddUpdateTask(&task); err != nil {
-		log.GitLogger.Fatal(2, "AddUpdateTask: %v", err)
-	}
-
-	return nil
-}

cmd/web.go

@@ -5,655 +5,193 @@
 package cmd
 
 import (
-	"crypto/tls"
 	"fmt"
-	"io/ioutil"
 	"net"
 	"net/http"
 	"net/http/fcgi"
+	_ "net/http/pprof" // Used for debugging if enabled and a web server is running
 	"os"
-	"path"
 	"strings"
 
-	"github.com/go-macaron/binding"
-	"github.com/go-macaron/cache"
-	"github.com/go-macaron/captcha"
-	"github.com/go-macaron/csrf"
-	"github.com/go-macaron/gzip"
-	"github.com/go-macaron/i18n"
-	"github.com/go-macaron/session"
-	"github.com/go-macaron/toolbox"
-	"github.com/go-xorm/xorm"
-	"github.com/mcuadros/go-version"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/routers"
+	"code.gitea.io/gitea/routers/routes"
+
+	context2 "github.com/gorilla/context"
+	"github.com/unknwon/com"
 	"github.com/urfave/cli"
-	"gopkg.in/ini.v1"
-	"gopkg.in/macaron.v1"
-
-	"github.com/gogits/git-module"
-	"github.com/gogits/go-gogs-client"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/auth"
-	"github.com/gogits/gogs/modules/bindata"
-	"github.com/gogits/gogs/modules/context"
-	"github.com/gogits/gogs/modules/log"
-	"github.com/gogits/gogs/modules/setting"
-	"github.com/gogits/gogs/modules/template"
-	"github.com/gogits/gogs/routers"
-	"github.com/gogits/gogs/routers/admin"
-	apiv1 "github.com/gogits/gogs/routers/api/v1"
-	"github.com/gogits/gogs/routers/dev"
-	"github.com/gogits/gogs/routers/org"
-	"github.com/gogits/gogs/routers/repo"
-	"github.com/gogits/gogs/routers/user"
+	"golang.org/x/crypto/acme/autocert"
+	ini "gopkg.in/ini.v1"
 )
 
+// CmdWeb represents the available web sub-command.
 var CmdWeb = cli.Command{
 	Name:  "web",
-	Usage: "Start Gogs web server",
-	Description: `Gogs web server is the only thing you need to run,
+	Usage: "Start Gitea web server",
+	Description: `Gitea web server is the only thing you need to run,
 and it takes care of all the other things for you`,
 	Action: runWeb,
 	Flags: []cli.Flag{
-		stringFlag("port, p", "3000", "Temporary port number to prevent conflict"),
-		stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
+		cli.StringFlag{
+			Name:  "port, p",
+			Value: "3000",
+			Usage: "Temporary port number to prevent conflict",
+		},
+		cli.StringFlag{
+			Name:  "pid, P",
+			Value: "/var/run/gitea.pid",
+			Usage: "Custom pid file path",
+		},
 	},
 }
 
-type VerChecker struct {
-	ImportPath string
-	Version    func() string
-	Expected   string
-}
+func runHTTPRedirector() {
+	source := fmt.Sprintf("%s:%s", setting.HTTPAddr, setting.PortToRedirect)
+	dest := strings.TrimSuffix(setting.AppURL, "/")
+	log.Info("Redirecting: %s to %s", source, dest)
+
+	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		target := dest + r.URL.Path
+		if len(r.URL.RawQuery) > 0 {
+			target += "?" + r.URL.RawQuery
+		}
+		http.Redirect(w, r, target, http.StatusTemporaryRedirect)
+	})
+
+	var err = runHTTP(source, context2.ClearHandler(handler))
 
-// checkVersion checks if binary matches the version of templates files.
-func checkVersion() {
-	// Templates.
-	data, err := ioutil.ReadFile(setting.StaticRootPath + "/templates/.VERSION")
 	if err != nil {
-		log.Fatal(4, "Fail to read 'templates/.VERSION': %v", err)
-	}
-	tplVer := string(data)
-	if tplVer != setting.AppVer {
-		if version.Compare(tplVer, setting.AppVer, ">") {
-			log.Fatal(4, "Binary version is lower than template file version, did you forget to recompile Gogs?")
-		} else {
-			log.Fatal(4, "Binary version is higher than template file version, did you forget to update template files?")
-		}
-	}
-
-	// Check dependency version.
-	checkers := []VerChecker{
-		{"github.com/go-xorm/xorm", func() string { return xorm.Version }, "0.5.5"},
-		{"github.com/go-macaron/binding", binding.Version, "0.3.2"},
-		{"github.com/go-macaron/cache", cache.Version, "0.1.2"},
-		{"github.com/go-macaron/csrf", csrf.Version, "0.1.0"},
-		{"github.com/go-macaron/i18n", i18n.Version, "0.3.0"},
-		{"github.com/go-macaron/session", session.Version, "0.1.6"},
-		{"github.com/go-macaron/toolbox", toolbox.Version, "0.1.0"},
-		{"gopkg.in/ini.v1", ini.Version, "1.8.4"},
-		{"gopkg.in/macaron.v1", macaron.Version, "1.1.7"},
-		{"github.com/gogits/git-module", git.Version, "0.4.1"},
-		{"github.com/gogits/go-gogs-client", gogs.Version, "0.12.1"},
-	}
-	for _, c := range checkers {
-		if !version.Compare(c.Version(), c.Expected, ">=") {
-			log.Fatal(4, `Dependency outdated!
-Package '%s' current version (%s) is below requirement (%s), 
-please use following command to update this package and recompile Gogs:
-go get -u %[1]s`, c.ImportPath, c.Version(), c.Expected)
-		}
+		log.Fatal("Failed to start port redirection: %v", err)
 	}
 }
 
-// newMacaron initializes Macaron instance.
-func newMacaron() *macaron.Macaron {
-	m := macaron.New()
-	if !setting.DisableRouterLog {
-		m.Use(macaron.Logger())
+func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler) error {
+	certManager := autocert.Manager{
+		Prompt:     autocert.AcceptTOS,
+		HostPolicy: autocert.HostWhitelist(domain),
+		Cache:      autocert.DirCache(directory),
+		Email:      email,
 	}
-	m.Use(macaron.Recovery())
-	if setting.EnableGzip {
-		m.Use(gzip.Gziper())
+	go func() {
+		log.Info("Running Let's Encrypt handler on %s", setting.HTTPAddr+":"+setting.PortToRedirect)
+		var err = http.ListenAndServe(setting.HTTPAddr+":"+setting.PortToRedirect, certManager.HTTPHandler(http.HandlerFunc(runLetsEncryptFallbackHandler))) // all traffic coming into HTTP will be redirect to HTTPS automatically (LE HTTP-01 validation happens here)
+		if err != nil {
+			log.Fatal("Failed to start the Let's Encrypt handler on port %s: %v", setting.PortToRedirect, err)
+		}
+	}()
+	server := &http.Server{
+		Addr:      listenAddr,
+		Handler:   m,
+		TLSConfig: certManager.TLSConfig(),
 	}
-	if setting.Protocol == setting.FCGI {
-		m.SetURLPrefix(setting.AppSubUrl)
-	}
-	m.Use(macaron.Static(
-		path.Join(setting.StaticRootPath, "public"),
-		macaron.StaticOptions{
-			SkipLogging: setting.DisableRouterLog,
-		},
-	))
-	m.Use(macaron.Static(
-		setting.AvatarUploadPath,
-		macaron.StaticOptions{
-			Prefix:      "avatars",
-			SkipLogging: setting.DisableRouterLog,
-		},
-	))
+	return server.ListenAndServeTLS("", "")
+}
 
-	funcMap := template.NewFuncMap()
-	m.Use(macaron.Renderer(macaron.RenderOptions{
-		Directory:         path.Join(setting.StaticRootPath, "templates"),
-		AppendDirectories: []string{path.Join(setting.CustomPath, "templates")},
-		Funcs:             funcMap,
-		IndentJSON:        macaron.Env != macaron.PROD,
-	}))
-	models.InitMailRender(path.Join(setting.StaticRootPath, "templates/mail"),
-		path.Join(setting.CustomPath, "templates/mail"), funcMap)
-
-	localeNames, err := bindata.AssetDir("conf/locale")
-	if err != nil {
-		log.Fatal(4, "Fail to list locale files: %v", err)
+func runLetsEncryptFallbackHandler(w http.ResponseWriter, r *http.Request) {
+	if r.Method != "GET" && r.Method != "HEAD" {
+		http.Error(w, "Use HTTPS", http.StatusBadRequest)
+		return
 	}
-	localFiles := make(map[string][]byte)
-	for _, name := range localeNames {
-		localFiles[name] = bindata.MustAsset("conf/locale/" + name)
-	}
-	m.Use(i18n.I18n(i18n.Options{
-		SubURL:          setting.AppSubUrl,
-		Files:           localFiles,
-		CustomDirectory: path.Join(setting.CustomPath, "conf/locale"),
-		Langs:           setting.Langs,
-		Names:           setting.Names,
-		DefaultLang:     "en-US",
-		Redirect:        true,
-	}))
-	m.Use(cache.Cacher(cache.Options{
-		Adapter:       setting.CacheAdapter,
-		AdapterConfig: setting.CacheConn,
-		Interval:      setting.CacheInterval,
-	}))
-	m.Use(captcha.Captchaer(captcha.Options{
-		SubURL: setting.AppSubUrl,
-	}))
-	m.Use(session.Sessioner(setting.SessionConfig))
-	m.Use(csrf.Csrfer(csrf.Options{
-		Secret:     setting.SecretKey,
-		Cookie:     setting.CSRFCookieName,
-		SetCookie:  true,
-		Header:     "X-Csrf-Token",
-		CookiePath: setting.AppSubUrl,
-	}))
-	m.Use(toolbox.Toolboxer(m, toolbox.Options{
-		HealthCheckFuncs: []*toolbox.HealthCheckFuncDesc{
-			&toolbox.HealthCheckFuncDesc{
-				Desc: "Database connection",
-				Func: models.Ping,
-			},
-		},
-	}))
-	m.Use(context.Contexter())
-	return m
+	// Remove the trailing slash at the end of setting.AppURL, the request
+	// URI always contains a leading slash, which would result in a double
+	// slash
+	target := strings.TrimRight(setting.AppURL, "/") + r.URL.RequestURI()
+	http.Redirect(w, r, target, http.StatusFound)
 }
 
 func runWeb(ctx *cli.Context) error {
-	if ctx.IsSet("config") {
-		setting.CustomConf = ctx.String("config")
+	if ctx.IsSet("pid") {
+		setting.CustomPID = ctx.String("pid")
 	}
+
 	routers.GlobalInit()
-	checkVersion()
 
-	m := newMacaron()
-
-	reqSignIn := context.Toggle(&context.ToggleOptions{SignInRequired: true})
-	ignSignIn := context.Toggle(&context.ToggleOptions{SignInRequired: setting.Service.RequireSignInView})
-	ignSignInAndCsrf := context.Toggle(&context.ToggleOptions{DisableCSRF: true})
-	reqSignOut := context.Toggle(&context.ToggleOptions{SignOutRequired: true})
-
-	bindIgnErr := binding.BindIgnErr
-
-	// FIXME: not all routes need go through same middlewares.
-	// Especially some AJAX requests, we can reduce middleware number to improve performance.
-	// Routers.
-	m.Get("/", ignSignIn, routers.Home)
-	m.Group("/explore", func() {
-		m.Get("", func(ctx *context.Context) {
-			ctx.Redirect(setting.AppSubUrl + "/explore/repos")
-		})
-		m.Get("/repos", routers.ExploreRepos)
-		m.Get("/users", routers.ExploreUsers)
-		m.Get("/organizations", routers.ExploreOrganizations)
-	}, ignSignIn)
-	m.Combo("/install", routers.InstallInit).Get(routers.Install).
-		Post(bindIgnErr(auth.InstallForm{}), routers.InstallPost)
-	m.Get("/^:type(issues|pulls)$", reqSignIn, user.Issues)
-
-	// ***** START: User *****
-	m.Group("/user", func() {
-		m.Get("/login", user.SignIn)
-		m.Post("/login", bindIgnErr(auth.SignInForm{}), user.SignInPost)
-		m.Get("/sign_up", user.SignUp)
-		m.Post("/sign_up", bindIgnErr(auth.RegisterForm{}), user.SignUpPost)
-		m.Get("/reset_password", user.ResetPasswd)
-		m.Post("/reset_password", user.ResetPasswdPost)
-	}, reqSignOut)
-
-	m.Group("/user/settings", func() {
-		m.Get("", user.Settings)
-		m.Post("", bindIgnErr(auth.UpdateProfileForm{}), user.SettingsPost)
-		m.Combo("/avatar").Get(user.SettingsAvatar).
-			Post(binding.MultipartForm(auth.AvatarForm{}), user.SettingsAvatarPost)
-		m.Post("/avatar/delete", user.SettingsDeleteAvatar)
-		m.Combo("/email").Get(user.SettingsEmails).
-			Post(bindIgnErr(auth.AddEmailForm{}), user.SettingsEmailPost)
-		m.Post("/email/delete", user.DeleteEmail)
-		m.Get("/password", user.SettingsPassword)
-		m.Post("/password", bindIgnErr(auth.ChangePasswordForm{}), user.SettingsPasswordPost)
-		m.Combo("/ssh").Get(user.SettingsSSHKeys).
-			Post(bindIgnErr(auth.AddSSHKeyForm{}), user.SettingsSSHKeysPost)
-		m.Post("/ssh/delete", user.DeleteSSHKey)
-		m.Combo("/applications").Get(user.SettingsApplications).
-			Post(bindIgnErr(auth.NewAccessTokenForm{}), user.SettingsApplicationsPost)
-		m.Post("/applications/delete", user.SettingsDeleteApplication)
-		m.Route("/delete", "GET,POST", user.SettingsDelete)
-	}, reqSignIn, func(ctx *context.Context) {
-		ctx.Data["PageIsUserSettings"] = true
-	})
-
-	m.Group("/user", func() {
-		// r.Get("/feeds", binding.Bind(auth.FeedsForm{}), user.Feeds)
-		m.Any("/activate", user.Activate)
-		m.Any("/activate_email", user.ActivateEmail)
-		m.Get("/email2user", user.Email2User)
-		m.Get("/forget_password", user.ForgotPasswd)
-		m.Post("/forget_password", user.ForgotPasswdPost)
-		m.Get("/logout", user.SignOut)
-	})
-	// ***** END: User *****
-
-	adminReq := context.Toggle(&context.ToggleOptions{SignInRequired: true, AdminRequired: true})
-
-	// ***** START: Admin *****
-	m.Group("/admin", func() {
-		m.Get("", adminReq, admin.Dashboard)
-		m.Get("/config", admin.Config)
-		m.Post("/config/test_mail", admin.SendTestMail)
-		m.Get("/monitor", admin.Monitor)
-
-		m.Group("/users", func() {
-			m.Get("", admin.Users)
-			m.Combo("/new").Get(admin.NewUser).Post(bindIgnErr(auth.AdminCrateUserForm{}), admin.NewUserPost)
-			m.Combo("/:userid").Get(admin.EditUser).Post(bindIgnErr(auth.AdminEditUserForm{}), admin.EditUserPost)
-			m.Post("/:userid/delete", admin.DeleteUser)
-		})
-
-		m.Group("/orgs", func() {
-			m.Get("", admin.Organizations)
-		})
-
-		m.Group("/repos", func() {
-			m.Get("", admin.Repos)
-			m.Post("/delete", admin.DeleteRepo)
-		})
-
-		m.Group("/auths", func() {
-			m.Get("", admin.Authentications)
-			m.Combo("/new").Get(admin.NewAuthSource).Post(bindIgnErr(auth.AuthenticationForm{}), admin.NewAuthSourcePost)
-			m.Combo("/:authid").Get(admin.EditAuthSource).
-				Post(bindIgnErr(auth.AuthenticationForm{}), admin.EditAuthSourcePost)
-			m.Post("/:authid/delete", admin.DeleteAuthSource)
-		})
-
-		m.Group("/notices", func() {
-			m.Get("", admin.Notices)
-			m.Post("/delete", admin.DeleteNotices)
-			m.Get("/empty", admin.EmptyNotices)
-		})
-	}, adminReq)
-	// ***** END: Admin *****
-
-	m.Group("", func() {
-		m.Group("/:username", func() {
-			m.Get("", user.Profile)
-			m.Get("/followers", user.Followers)
-			m.Get("/following", user.Following)
-			m.Get("/stars", user.Stars)
-		})
-
-		m.Get("/attachments/:uuid", func(ctx *context.Context) {
-			attach, err := models.GetAttachmentByUUID(ctx.Params(":uuid"))
-			if err != nil {
-				if models.IsErrAttachmentNotExist(err) {
-					ctx.Error(404)
-				} else {
-					ctx.Handle(500, "GetAttachmentByUUID", err)
-				}
-				return
-			}
-
-			fr, err := os.Open(attach.LocalPath())
-			if err != nil {
-				ctx.Handle(500, "Open", err)
-				return
-			}
-			defer fr.Close()
-
-			ctx.Header().Set("Cache-Control", "public,max-age=86400")
-			ctx.Header().Set("Content-Disposition", fmt.Sprintf(`inline; filename="%s"`, attach.Name))
-			// Fix #312. Attachments with , in their name are not handled correctly by Google Chrome.
-			// We must put the name in " manually.
-			if err = repo.ServeData(ctx, "\""+attach.Name+"\"", fr); err != nil {
-				ctx.Handle(500, "ServeData", err)
-				return
-			}
-		})
-		m.Post("/issues/attachments", repo.UploadIssueAttachment)
-	}, ignSignIn)
-
-	m.Group("/:username", func() {
-		m.Get("/action/:action", user.Action)
-	}, reqSignIn)
-
-	if macaron.Env == macaron.DEV {
-		m.Get("/template/*", dev.TemplatePreview)
-	}
-
-	reqRepoAdmin := context.RequireRepoAdmin()
-	reqRepoWriter := context.RequireRepoWriter()
-
-	// ***** START: Organization *****
-	m.Group("/org", func() {
-		m.Get("/create", org.Create)
-		m.Post("/create", bindIgnErr(auth.CreateOrgForm{}), org.CreatePost)
-
-		m.Group("/:org", func() {
-			m.Get("/dashboard", user.Dashboard)
-			m.Get("/^:type(issues|pulls)$", user.Issues)
-			m.Get("/members", org.Members)
-			m.Get("/members/action/:action", org.MembersAction)
-
-			m.Get("/teams", org.Teams)
-		}, context.OrgAssignment(true))
-
-		m.Group("/:org", func() {
-			m.Get("/teams/:team", org.TeamMembers)
-			m.Get("/teams/:team/repositories", org.TeamRepositories)
-			m.Route("/teams/:team/action/:action", "GET,POST", org.TeamsAction)
-			m.Route("/teams/:team/action/repo/:action", "GET,POST", org.TeamsRepoAction)
-		}, context.OrgAssignment(true, false, true))
-
-		m.Group("/:org", func() {
-			m.Get("/teams/new", org.NewTeam)
-			m.Post("/teams/new", bindIgnErr(auth.CreateTeamForm{}), org.NewTeamPost)
-			m.Get("/teams/:team/edit", org.EditTeam)
-			m.Post("/teams/:team/edit", bindIgnErr(auth.CreateTeamForm{}), org.EditTeamPost)
-			m.Post("/teams/:team/delete", org.DeleteTeam)
-
-			m.Group("/settings", func() {
-				m.Combo("").Get(org.Settings).
-					Post(bindIgnErr(auth.UpdateOrgSettingForm{}), org.SettingsPost)
-				m.Post("/avatar", binding.MultipartForm(auth.AvatarForm{}), org.SettingsAvatar)
-				m.Post("/avatar/delete", org.SettingsDeleteAvatar)
-
-				m.Group("/hooks", func() {
-					m.Get("", org.Webhooks)
-					m.Post("/delete", org.DeleteWebhook)
-					m.Get("/:type/new", repo.WebhooksNew)
-					m.Post("/gogs/new", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksNewPost)
-					m.Post("/slack/new", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksNewPost)
-					m.Get("/:id", repo.WebHooksEdit)
-					m.Post("/gogs/:id", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost)
-					m.Post("/slack/:id", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost)
-				})
-
-				m.Route("/delete", "GET,POST", org.SettingsDelete)
-			})
-
-			m.Route("/invitations/new", "GET,POST", org.Invitation)
-		}, context.OrgAssignment(true, true))
-	}, reqSignIn)
-	// ***** END: Organization *****
-
-	// ***** START: Repository *****
-	m.Group("/repo", func() {
-		m.Get("/create", repo.Create)
-		m.Post("/create", bindIgnErr(auth.CreateRepoForm{}), repo.CreatePost)
-		m.Get("/migrate", repo.Migrate)
-		m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), repo.MigratePost)
-		m.Combo("/fork/:repoid").Get(repo.Fork).
-			Post(bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost)
-	}, reqSignIn)
-
-	m.Group("/:username/:reponame", func() {
-		m.Group("/settings", func() {
-			m.Combo("").Get(repo.Settings).
-				Post(bindIgnErr(auth.RepoSettingForm{}), repo.SettingsPost)
-			m.Group("/collaboration", func() {
-				m.Combo("").Get(repo.Collaboration).Post(repo.CollaborationPost)
-				m.Post("/access_mode", repo.ChangeCollaborationAccessMode)
-				m.Post("/delete", repo.DeleteCollaboration)
-			})
-
-			m.Group("/hooks", func() {
-				m.Get("", repo.Webhooks)
-				m.Post("/delete", repo.DeleteWebhook)
-				m.Get("/:type/new", repo.WebhooksNew)
-				m.Post("/gogs/new", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksNewPost)
-				m.Post("/slack/new", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksNewPost)
-				m.Get("/:id", repo.WebHooksEdit)
-				m.Post("/:id/test", repo.TestWebhook)
-				m.Post("/gogs/:id", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost)
-				m.Post("/slack/:id", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost)
-
-				m.Group("/git", func() {
-					m.Get("", repo.GitHooks)
-					m.Combo("/:name").Get(repo.GitHooksEdit).
-						Post(repo.GitHooksEditPost)
-				}, context.GitHookService())
-			})
-
-			m.Group("/keys", func() {
-				m.Combo("").Get(repo.DeployKeys).
-					Post(bindIgnErr(auth.AddSSHKeyForm{}), repo.DeployKeysPost)
-				m.Post("/delete", repo.DeleteDeployKey)
-			})
-
-		}, func(ctx *context.Context) {
-			ctx.Data["PageIsSettings"] = true
-		})
-	}, reqSignIn, context.RepoAssignment(), reqRepoAdmin, context.RepoRef())
-
-	m.Get("/:username/:reponame/action/:action", reqSignIn, context.RepoAssignment(), repo.Action)
-	m.Group("/:username/:reponame", func() {
-		// FIXME: should use different URLs but mostly same logic for comments of issue and pull reuqest.
-		// So they can apply their own enable/disable logic on routers.
-		m.Group("/issues", func() {
-			m.Combo("/new", repo.MustEnableIssues).Get(context.RepoRef(), repo.NewIssue).
-				Post(bindIgnErr(auth.CreateIssueForm{}), repo.NewIssuePost)
-
-			m.Group("/:index", func() {
-				m.Post("/label", repo.UpdateIssueLabel)
-				m.Post("/milestone", repo.UpdateIssueMilestone)
-				m.Post("/assignee", repo.UpdateIssueAssignee)
-			}, reqRepoWriter)
-
-			m.Group("/:index", func() {
-				m.Post("/title", repo.UpdateIssueTitle)
-				m.Post("/content", repo.UpdateIssueContent)
-				m.Combo("/comments").Post(bindIgnErr(auth.CreateCommentForm{}), repo.NewComment)
-			})
-		})
-		m.Group("/comments/:id", func() {
-			m.Post("", repo.UpdateCommentContent)
-			m.Post("/delete", repo.DeleteComment)
-		})
-		m.Group("/labels", func() {
-			m.Post("/new", bindIgnErr(auth.CreateLabelForm{}), repo.NewLabel)
-			m.Post("/edit", bindIgnErr(auth.CreateLabelForm{}), repo.UpdateLabel)
-			m.Post("/delete", repo.DeleteLabel)
-			m.Post("/initialize", bindIgnErr(auth.InitializeLabelsForm{}), repo.InitializeLabels)
-		}, reqRepoWriter, context.RepoRef())
-		m.Group("/milestones", func() {
-			m.Combo("/new").Get(repo.NewMilestone).
-				Post(bindIgnErr(auth.CreateMilestoneForm{}), repo.NewMilestonePost)
-			m.Get("/:id/edit", repo.EditMilestone)
-			m.Post("/:id/edit", bindIgnErr(auth.CreateMilestoneForm{}), repo.EditMilestonePost)
-			m.Get("/:id/:action", repo.ChangeMilestonStatus)
-			m.Post("/delete", repo.DeleteMilestone)
-		}, reqRepoWriter, context.RepoRef())
-
-		m.Group("/releases", func() {
-			m.Get("/new", repo.NewRelease)
-			m.Post("/new", bindIgnErr(auth.NewReleaseForm{}), repo.NewReleasePost)
-			m.Post("/delete", repo.DeleteRelease)
-		}, reqRepoWriter, context.RepoRef())
-
-		m.Group("/releases", func() {
-			m.Get("/edit/*", repo.EditRelease)
-			m.Post("/edit/*", bindIgnErr(auth.EditReleaseForm{}), repo.EditReleasePost)
-		}, reqRepoWriter, func(ctx *context.Context) {
-			var err error
-			ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetBranchCommit(ctx.Repo.Repository.DefaultBranch)
-			if err != nil {
-				ctx.Handle(500, "GetBranchCommit", err)
-				return
-			}
-			ctx.Repo.CommitsCount, err = ctx.Repo.Commit.CommitsCount()
-			if err != nil {
-				ctx.Handle(500, "CommitsCount", err)
-				return
-			}
-			ctx.Data["CommitsCount"] = ctx.Repo.CommitsCount
-		})
-
-		m.Combo("/compare/*", repo.MustAllowPulls).Get(repo.CompareAndPullRequest).
-			Post(bindIgnErr(auth.CreateIssueForm{}), repo.CompareAndPullRequestPost)
-
-		m.Group("", func() {
-			m.Combo("/_edit/*").Get(repo.EditFile).
-				Post(bindIgnErr(auth.EditRepoFileForm{}), repo.EditFilePost)
-			m.Combo("/_new/*").Get(repo.NewFile).
-				Post(bindIgnErr(auth.EditRepoFileForm{}), repo.NewFilePost)
-			m.Post("/_preview/*", bindIgnErr(auth.EditPreviewDiffForm{}), repo.DiffPreviewPost)
-			m.Combo("/_delete/*").Get(repo.DeleteFile).
-				Post(bindIgnErr(auth.DeleteRepoFileForm{}), repo.DeleteFilePost)
-
-			m.Group("", func() {
-				m.Combo("/_upload/*").Get(repo.UploadFile).
-					Post(bindIgnErr(auth.UploadRepoFileForm{}), repo.UploadFilePost)
-				m.Post("/upload-file", repo.UploadFileToServer)
-				m.Post("/upload-remove", bindIgnErr(auth.RemoveUploadFileForm{}), repo.RemoveUploadFileFromServer)
-			}, func(ctx *context.Context) {
-				if !setting.Repository.Upload.Enabled {
-					ctx.Handle(404, "", nil)
-					return
-				}
-			})
-		}, reqRepoWriter, context.RepoRef(), func(ctx *context.Context) {
-			if !ctx.Repo.Repository.CanEnableEditor() || ctx.Repo.IsViewCommit {
-				ctx.Handle(404, "", nil)
-				return
-			}
-		})
-	}, reqSignIn, context.RepoAssignment(), repo.MustBeNotBare)
-
-	m.Group("/:username/:reponame", func() {
-		m.Group("", func() {
-			m.Get("/releases", repo.Releases)
-			m.Get("/^:type(issues|pulls)$", repo.RetrieveLabels, repo.Issues)
-			m.Get("/^:type(issues|pulls)$/:index", repo.ViewIssue)
-			m.Get("/labels/", repo.RetrieveLabels, repo.Labels)
-			m.Get("/milestones", repo.Milestones)
-		}, context.RepoRef())
-
-		// m.Get("/branches", repo.Branches)
-
-		m.Group("/wiki", func() {
-			m.Get("/?:page", repo.Wiki)
-			m.Get("/_pages", repo.WikiPages)
-
-			m.Group("", func() {
-				m.Combo("/_new").Get(repo.NewWiki).
-					Post(bindIgnErr(auth.NewWikiForm{}), repo.NewWikiPost)
-				m.Combo("/:page/_edit").Get(repo.EditWiki).
-					Post(bindIgnErr(auth.NewWikiForm{}), repo.EditWikiPost)
-				m.Post("/:page/delete", repo.DeleteWikiPagePost)
-			}, reqSignIn, reqRepoWriter)
-		}, repo.MustEnableWiki, context.RepoRef())
-
-		m.Get("/archive/*", repo.Download)
-
-		m.Group("/pulls/:index", func() {
-			m.Get("/commits", context.RepoRef(), repo.ViewPullCommits)
-			m.Get("/files", context.RepoRef(), repo.ViewPullFiles)
-			m.Post("/merge", reqRepoWriter, repo.MergePullRequest)
-		}, repo.MustAllowPulls)
-
-		m.Group("", func() {
-			m.Get("/src/*", repo.Home)
-			m.Get("/raw/*", repo.SingleDownload)
-			m.Get("/commits/*", repo.RefCommits)
-			m.Get("/commit/:sha([a-z0-9]{7,40})$", repo.Diff)
-			m.Get("/forks", repo.Forks)
-		}, context.RepoRef())
-		m.Get("/commit/:sha([a-z0-9]{7,40})\\.:ext(patch|diff)", repo.RawDiff)
-
-		m.Get("/compare/:before([a-z0-9]{7,40})\\.\\.\\.:after([a-z0-9]{7,40})", repo.CompareDiff)
-	}, ignSignIn, context.RepoAssignment(), repo.MustBeNotBare)
-	m.Group("/:username/:reponame", func() {
-		m.Get("/stars", repo.Stars)
-		m.Get("/watchers", repo.Watchers)
-	}, ignSignIn, context.RepoAssignment(), context.RepoRef())
-
-	m.Group("/:username", func() {
-		m.Group("/:reponame", func() {
-			m.Get("", repo.Home)
-			m.Get("\\.git$", repo.Home)
-		}, ignSignIn, context.RepoAssignment(true), context.RepoRef())
-
-		m.Group("/:reponame", func() {
-			m.Any("/*", ignSignInAndCsrf, repo.HTTP)
-			m.Head("/tasks/trigger", repo.TriggerTask)
-		})
-	})
-	// ***** END: Repository *****
-
-	m.Group("/api", func() {
-		apiv1.RegisterRoutes(m)
-	}, ignSignIn)
-
-	// robots.txt
-	m.Get("/robots.txt", func(ctx *context.Context) {
-		if setting.HasRobotsTxt {
-			ctx.ServeFileContent(path.Join(setting.CustomPath, "robots.txt"))
-		} else {
-			ctx.Error(404)
-		}
-	})
-
-	// Not found handler.
-	m.NotFound(routers.NotFound)
+	m := routes.NewMacaron()
+	routes.RegisterRoutes(m)
 
 	// Flag for port number in case first time run conflict.
 	if ctx.IsSet("port") {
-		setting.AppUrl = strings.Replace(setting.AppUrl, setting.HTTPPort, ctx.String("port"), 1)
+		setting.AppURL = strings.Replace(setting.AppURL, setting.HTTPPort, ctx.String("port"), 1)
 		setting.HTTPPort = ctx.String("port")
+
+		switch setting.Protocol {
+		case setting.UnixSocket:
+		case setting.FCGI:
+		default:
+			// Save LOCAL_ROOT_URL if port changed
+			cfg := ini.Empty()
+			if com.IsFile(setting.CustomConf) {
+				// Keeps custom settings if there is already something.
+				if err := cfg.Append(setting.CustomConf); err != nil {
+					return fmt.Errorf("Failed to load custom conf '%s': %v", setting.CustomConf, err)
+				}
+			}
+
+			defaultLocalURL := string(setting.Protocol) + "://"
+			if setting.HTTPAddr == "0.0.0.0" {
+				defaultLocalURL += "localhost"
+			} else {
+				defaultLocalURL += setting.HTTPAddr
+			}
+			defaultLocalURL += ":" + setting.HTTPPort + "/"
+
+			cfg.Section("server").Key("LOCAL_ROOT_URL").SetValue(defaultLocalURL)
+
+			if err := cfg.SaveTo(setting.CustomConf); err != nil {
+				return fmt.Errorf("Error saving generated JWT Secret to custom config: %v", err)
+			}
+		}
 	}
 
-	var listenAddr string
-	if setting.Protocol == setting.UNIX_SOCKET {
-		listenAddr = fmt.Sprintf("%s", setting.HTTPAddr)
-	} else {
-		listenAddr = fmt.Sprintf("%s:%s", setting.HTTPAddr, setting.HTTPPort)
+	listenAddr := setting.HTTPAddr
+	if setting.Protocol != setting.UnixSocket {
+		listenAddr += ":" + setting.HTTPPort
+	}
+	log.Info("Listen: %v://%s%s", setting.Protocol, listenAddr, setting.AppSubURL)
+
+	if setting.LFS.StartServer {
+		log.Info("LFS server enabled")
+	}
+
+	if setting.EnablePprof {
+		go func() {
+			log.Info("Starting pprof server on localhost:6060")
+			log.Info("%v", http.ListenAndServe("localhost:6060", nil))
+		}()
 	}
-	log.Info("Listen: %v://%s%s", setting.Protocol, listenAddr, setting.AppSubUrl)
 
 	var err error
 	switch setting.Protocol {
 	case setting.HTTP:
-		err = http.ListenAndServe(listenAddr, m)
+		err = runHTTP(listenAddr, context2.ClearHandler(m))
 	case setting.HTTPS:
-		server := &http.Server{Addr: listenAddr, TLSConfig: &tls.Config{MinVersion: tls.VersionTLS10}, Handler: m}
-		err = server.ListenAndServeTLS(setting.CertFile, setting.KeyFile)
+		if setting.EnableLetsEncrypt {
+			err = runLetsEncrypt(listenAddr, setting.Domain, setting.LetsEncryptDirectory, setting.LetsEncryptEmail, context2.ClearHandler(m))
+			break
+		}
+		if setting.RedirectOtherPort {
+			go runHTTPRedirector()
+		}
+		err = runHTTPS(listenAddr, setting.CertFile, setting.KeyFile, context2.ClearHandler(m))
 	case setting.FCGI:
-		err = fcgi.Serve(nil, m)
-	case setting.UNIX_SOCKET:
-		os.Remove(listenAddr)
-
+		var listener net.Listener
+		listener, err = net.Listen("tcp", listenAddr)
+		if err != nil {
+			log.Fatal("Failed to bind %s: %v", listenAddr, err)
+		}
+		defer func() {
+			if err := listener.Close(); err != nil {
+				log.Fatal("Failed to stop server: %v", err)
+			}
+		}()
+		err = fcgi.Serve(listener, context2.ClearHandler(m))
+	case setting.UnixSocket:
+		if err := os.Remove(listenAddr); err != nil && !os.IsNotExist(err) {
+			log.Fatal("Failed to remove unix socket directory %s: %v", listenAddr, err)
+		}
 		var listener *net.UnixListener
-		listener, err = net.ListenUnix("unix", &net.UnixAddr{listenAddr, "unix"})
+		listener, err = net.ListenUnix("unix", &net.UnixAddr{Name: listenAddr, Net: "unix"})
 		if err != nil {
 			break // Handle error after switch
 		}
@@ -661,15 +199,15 @@ func runWeb(ctx *cli.Context) error {
 		// FIXME: add proper implementation of signal capture on all protocols
 		// execute this on SIGTERM or SIGINT: listener.Close()
 		if err = os.Chmod(listenAddr, os.FileMode(setting.UnixSocketPermission)); err != nil {
-			log.Fatal(4, "Failed to set permission of unix socket: %v", err)
+			log.Fatal("Failed to set permission of unix socket: %v", err)
 		}
-		err = http.Serve(listener, m)
+		err = http.Serve(listener, context2.ClearHandler(m))
 	default:
-		log.Fatal(4, "Invalid protocol: %s", setting.Protocol)
+		log.Fatal("Invalid protocol: %s", setting.Protocol)
 	}
 
 	if err != nil {
-		log.Fatal(4, "Fail to start server: %v", err)
+		log.Fatal("Failed to start server: %v", err)
 	}
 
 	return nil

cmd/web_graceful.go

@@ -0,0 +1,45 @@
+// +build !windows
+
+// Copyright 2016 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"crypto/tls"
+	"net/http"
+
+	"code.gitea.io/gitea/modules/log"
+
+	"github.com/facebookgo/grace/gracehttp"
+)
+
+func runHTTP(listenAddr string, m http.Handler) error {
+	return gracehttp.Serve(&http.Server{
+		Addr:    listenAddr,
+		Handler: m,
+	})
+}
+
+func runHTTPS(listenAddr, certFile, keyFile string, m http.Handler) error {
+	config := &tls.Config{
+		MinVersion: tls.VersionTLS10,
+	}
+	if config.NextProtos == nil {
+		config.NextProtos = []string{"http/1.1"}
+	}
+
+	config.Certificates = make([]tls.Certificate, 1)
+	var err error
+	config.Certificates[0], err = tls.LoadX509KeyPair(certFile, keyFile)
+	if err != nil {
+		log.Fatal("Failed to load https cert file %s: %v", listenAddr, err)
+	}
+
+	return gracehttp.Serve(&http.Server{
+		Addr:      listenAddr,
+		Handler:   m,
+		TLSConfig: config,
+	})
+}

cmd/web_windows.go

@@ -0,0 +1,19 @@
+// +build windows
+
+// Copyright 2016 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"net/http"
+)
+
+func runHTTP(listenAddr string, m http.Handler) error {
+	return http.ListenAndServe(listenAddr, m)
+}
+
+func runHTTPS(listenAddr, certFile, keyFile string, m http.Handler) error {
+	return http.ListenAndServeTLS(listenAddr, certFile, keyFile, m)
+}

conf/README.md

@@ -1,3 +0,0 @@
-Execute following command in ROOT directory when anything is changed:
-
-$ make bindata

conf/app.ini

@@ -1,434 +0,0 @@
-# NEVER EVER MODIFY THIS FILE
-# PLEASE MAKE CHANGES ON CORRESPONDING CUSTOM CONFIG FILE
-
-; App name that shows on every page title
-APP_NAME = Gogs: Go Git Service
-; Change it if you run locally
-RUN_USER = git
-; Either "dev", "prod" or "test", default is "dev"
-RUN_MODE = dev
-
-[repository]
-ROOT =
-SCRIPT_TYPE = bash
-; Default ANSI charset
-ANSI_CHARSET =
-; Force every new repository to be private
-FORCE_PRIVATE = false
-; Global maximum creation limit of repository per user, -1 means no limit
-MAX_CREATION_LIMIT = -1
-; Mirror sync queue length, increase if mirror syncing starts hanging
-MIRROR_QUEUE_LENGTH = 1000
-; Patch test queue length, increase if pull request patch testing starts hanging
-PULL_REQUEST_QUEUE_LENGTH = 1000
-; Preferred Licenses to place at the top of the List
-; Name must match file name in conf/license or custom/conf/license
-PREFERRED_LICENSES = Apache License 2.0,MIT License
-
-[repository.editor]
-; List of file extensions that should have line wraps in the CodeMirror editor
-; Separate extensions with a comma. To line wrap files w/o extension, just put a comma
-LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd,
-; Valid file modes that have a preview API associated with them, such as api/v1/markdown
-; Separate values by commas. Preview tab in edit mode won't show if the file extension doesn't match
-PREVIEWABLE_FILE_MODES = markdown
-
-[repository.upload]
-; Whether repository file uploads are enabled. Defaults to `true`
-ENABLED = true
-; Path for uploads. Defaults to `data/tmp/uploads` (tmp gets deleted on gogs restart)
-TEMP_PATH = data/tmp/uploads
-; One or more allowed types, e.g. image/jpeg|image/png. Nothing means any file type
-ALLOWED_TYPES =
-; Max size of each file in MB. Defaults to 3MB
-FILE_MAX_SIZE = 3
-; Max number of files per upload. Defaults to 5
-MAX_FILES = 5
-
-[ui]
-; Number of repositories that are showed in one explore page
-EXPLORE_PAGING_NUM = 20
-; Number of issues that are showed in one page
-ISSUE_PAGING_NUM = 10
-; Number of maximum commits showed in one activity feed
-FEED_MAX_COMMIT_NUM = 5
-; Value of `theme-color` meta tag, used by Android >= 5.0
-; An invalid color like "none" or "disable" will have the default style
-; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android
-THEME_COLOR_META_TAG = `#ff5343`
-; Max size of files to be displayed (defaults is 8MiB)
-MAX_DISPLAY_FILE_SIZE = 8388608
-
-[ui.admin]
-; Number of users that are showed in one page
-USER_PAGING_NUM = 50
-; Number of repos that are showed in one page
-REPO_PAGING_NUM = 50
-; Number of notices that are showed in one page
-NOTICE_PAGING_NUM = 25
-; Number of organization that are showed in one page
-ORG_PAGING_NUM = 50
-
-[ui.user]
-; Number of repos that are showed in one page
-REPO_PAGING_NUM = 15
-
-[markdown]
-; Enable hard line break extension
-ENABLE_HARD_LINE_BREAK = false
-; List of custom URL-Schemes that are allowed as links when rendering Markdown
-; for example git,magnet
-CUSTOM_URL_SCHEMES =
-; List of file extensions that should be rendered/edited as Markdown
-; Separate extensions with a comma. To render files w/o extension as markdown, just put a comma
-FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd
-
-[server]
-PROTOCOL = http
-DOMAIN = localhost
-ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
-HTTP_ADDR = 0.0.0.0
-HTTP_PORT = 3000
-; Permission for unix socket
-UNIX_SOCKET_PERMISSION = 666
-; Local (DMZ) URL for Gogs workers (such as SSH update) accessing web service.
-; In most cases you do not need to change the default value.
-; Alter it only if your SSH server node is not the same as HTTP node.
-LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
-; Disable SSH feature when not available
-DISABLE_SSH = false
-; Whether use builtin SSH server or not.
-START_SSH_SERVER = false
-; Domain name to be exposed in clone URL
-SSH_DOMAIN = %(DOMAIN)s
-; Port number to be exposed in clone URL
-SSH_PORT = 22
-; Port number builtin SSH server listens on
-SSH_LISTEN_PORT = %(SSH_PORT)s
-; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
-SSH_ROOT_PATH =
-; Directory to create temporary files when test publick key using ssh-keygen,
-; default is system temporary directory.
-SSH_KEY_TEST_PATH =
-; Path to ssh-keygen, default is 'ssh-keygen' and let shell find out which one to call.
-SSH_KEYGEN_PATH = ssh-keygen
-; Indicate whether to check minimum key size with corresponding type
-MINIMUM_KEY_SIZE_CHECK = false
-; Disable CDN even in "prod" mode
-OFFLINE_MODE = false
-DISABLE_ROUTER_LOG = false
-; Generate steps:
-; $ ./gogs cert -ca=true -duration=8760h0m0s -host=myhost.example.com
-;
-; Or from a .pfx file exported from the Windows certificate store (do
-; not forget to export the private key):
-; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
-; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
-CERT_FILE = custom/https/cert.pem
-KEY_FILE = custom/https/key.pem
-; Upper level of template and static file path
-; default is the path where Gogs is executed
-STATIC_ROOT_PATH =
-; Default path for App data
-APP_DATA_PATH = data
-; Application level GZIP support
-ENABLE_GZIP = false
-; Landing page for non-logged users, can be "home" or "explore"
-LANDING_PAGE = home
-
-; Define allowed algorithms and their minimum key length (use -1 to disable a type)
-[ssh.minimum_key_sizes]
-ED25519 = 256
-ECDSA   = 256
-RSA     = 2048
-DSA     = 1024
-
-[database]
-; Either "mysql", "postgres" or "sqlite3", it's your choice
-DB_TYPE = mysql
-HOST = 127.0.0.1:3306
-NAME = gogs
-USER = root
-PASSWD =
-; For "postgres" only, either "disable", "require" or "verify-full"
-SSL_MODE = disable
-; For "sqlite3" and "tidb", use absolute path when you start as service
-PATH = data/gogs.db
-
-[admin]
-
-[security]
-INSTALL_LOCK = false
-; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
-SECRET_KEY = !#@FDEWREWR&*(
-; Auto-login remember days
-LOGIN_REMEMBER_DAYS = 7
-COOKIE_USERNAME = gogs_awesome
-COOKIE_REMEMBER_NAME = gogs_incredible
-; Reverse proxy authentication header name of user name
-REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
-
-[service]
-ACTIVE_CODE_LIVE_MINUTES = 180
-RESET_PASSWD_CODE_LIVE_MINUTES = 180
-; User need to confirm e-mail for registration
-REGISTER_EMAIL_CONFIRM = false
-; Does not allow register and admin create account only
-DISABLE_REGISTRATION = false
-; User must sign in to view anything.
-REQUIRE_SIGNIN_VIEW = false
-; Mail notification
-ENABLE_NOTIFY_MAIL = false
-; More detail: https://github.com/gogits/gogs/issues/165
-ENABLE_REVERSE_PROXY_AUTHENTICATION = false
-ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
-; Enable captcha validation for registration
-ENABLE_CAPTCHA = true
-
-[webhook]
-; Hook task queue length, increase if webhook shooting starts hanging
-QUEUE_LENGTH = 1000
-; Deliver timeout in seconds
-DELIVER_TIMEOUT = 5
-; Allow insecure certification
-SKIP_TLS_VERIFY = false
-; Number of history information in each page
-PAGING_NUM = 10
-
-[mailer]
-ENABLED = false
-; Buffer length of channel, keep it as it is if you don't know what it is.
-SEND_BUFFER_LEN = 100
-; Name displayed in mail title
-SUBJECT = %(APP_NAME)s
-; Mail server
-; Gmail: smtp.gmail.com:587
-; QQ: smtp.qq.com:465
-; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
-HOST =
-; Disable HELO operation when hostname are different.
-DISABLE_HELO =
-; Custom hostname for HELO operation, default is from system.
-HELO_HOSTNAME =
-; Do not verify the certificate of the server. Only use this for self-signed certificates
-SKIP_VERIFY =
-; Use client certificate
-USE_CERTIFICATE = false
-CERT_FILE = custom/mailer/cert.pem
-KEY_FILE = custom/mailer/key.pem
-; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
-FROM =
-; Mailer user name and password
-USER =
-PASSWD =
-; Use text/html as alternative format of content
-ENABLE_HTML_ALTERNATIVE = false
-
-[cache]
-; Either "memory", "redis", or "memcache", default is "memory"
-ADAPTER = memory
-; For "memory" only, GC interval in seconds, default is 60
-INTERVAL = 60
-; For "redis" and "memcache", connection host address
-; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
-; memcache: `127.0.0.1:11211`
-HOST =
-
-[session]
-; Either "memory", "file", or "redis", default is "memory"
-PROVIDER = memory
-; Provider config options
-; memory: not have any config yet
-; file: session file path, e.g. `data/sessions`
-; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
-; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
-PROVIDER_CONFIG = data/sessions
-; Session cookie name
-COOKIE_NAME = i_like_gogits
-; If you use session in https only, default is false
-COOKIE_SECURE = false
-; Enable set cookie, default is true
-ENABLE_SET_COOKIE = true
-; Session GC time interval, default is 86400
-GC_INTERVAL_TIME = 86400
-; Session life time, default is 86400
-SESSION_LIFE_TIME = 86400
-
-[picture]
-AVATAR_UPLOAD_PATH = data/avatars
-; Chinese users can choose "duoshuo"
-; or a custom avatar source, like: http://cn.gravatar.com/avatar/
-GRAVATAR_SOURCE = gravatar
-; This value will be forced to be true in offline mode.
-DISABLE_GRAVATAR = false
-; Federated avatar lookup uses DNS to discover avatar associated
-; with emails, see https://www.libravatar.org
-; This value will be forced to be false in offline mode or Gravatar is disbaled.
-ENABLE_FEDERATED_AVATAR = false
-
-[attachment]
-; Whether attachments are enabled. Defaults to `true`
-ENABLE = true
-; Path for attachments. Defaults to `data/attachments`
-PATH = data/attachments
-; One or more allowed types, e.g. image/jpeg|image/png
-ALLOWED_TYPES = image/jpeg|image/png
-; Max size of each file. Defaults to 32MB
-MAX_SIZE = 4
-; Max number of files per upload. Defaults to 10
-MAX_FILES = 5
-
-[time]
-; Specifies the format for fully outputed dates. Defaults to RFC1123
-; Special supported values are ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano
-; For more information about the format see http://golang.org/pkg/time/#pkg-constants
-FORMAT =
-
-[log]
-ROOT_PATH =
-; Either "console", "file", "conn", "smtp" or "database", default is "console"
-; Use comma to separate multiple modes, e.g. "console, file"
-MODE = console
-; Buffer length of channel, keep it as it is if you don't know what it is.
-BUFFER_LEN = 10000
-; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
-LEVEL = Trace
-
-; For "console" mode only
-[log.console]
-LEVEL =
-
-; For "file" mode only
-[log.file]
-LEVEL =
-; This enables automated log rotate(switch of following options), default is true
-LOG_ROTATE = true
-; Max line number of single file, default is 1000000
-MAX_LINES = 1000000
-; Max size shift of single file, default is 28 means 1 << 28, 256MB
-MAX_SIZE_SHIFT = 28
-; Segment log daily, default is true
-DAILY_ROTATE = true
-; Expired days of log file(delete after max days), default is 7
-MAX_DAYS = 7
-
-; For "conn" mode only
-[log.conn]
-LEVEL =
-; Reconnect host for every single message, default is false
-RECONNECT_ON_MSG = false
-; Try to reconnect when connection is lost, default is false
-RECONNECT = false
-; Either "tcp", "unix" or "udp", default is "tcp"
-PROTOCOL = tcp
-; Host address
-ADDR =
-
-; For "smtp" mode only
-[log.smtp]
-LEVEL =
-; Name displayed in mail title, default is "Diagnostic message from server"
-SUBJECT = Diagnostic message from server
-; Mail server
-HOST =
-; Mailer user name and password
-USER =
-PASSWD =
-; Receivers, can be one or more, e.g. ["1@example.com","2@example.com"]
-RECEIVERS =
-
-; For "database" mode only
-[log.database]
-LEVEL =
-; Either "mysql" or "postgres"
-DRIVER =
-; Based on xorm, e.g.: root:root@localhost/gogs?charset=utf8
-CONN =
-
-[cron]
-; Enable running cron tasks periodically.
-ENABLED = true
-; Run cron tasks when Gogs starts.
-RUN_AT_START = false
-
-; Update mirrors
-[cron.update_mirrors]
-SCHEDULE = @every 10m
-
-; Repository health check
-[cron.repo_health_check]
-SCHEDULE = @every 24h
-TIMEOUT = 60s
-; Arguments for command 'git fsck', e.g. "--unreachable --tags"
-; see more on http://git-scm.com/docs/git-fsck/1.7.5
-ARGS =
-
-; Check repository statistics
-[cron.check_repo_stats]
-RUN_AT_START = true
-SCHEDULE = @every 24h
-
-[git]
-; Disables highlight of added and removed changes
-DISABLE_DIFF_HIGHLIGHT = false
-; Max number of lines allowed of a single file in diff view
-MAX_GIT_DIFF_LINES = 1000
-; Max number of characters of a line allowed in diff view
-MAX_GIT_DIFF_LINE_CHARACTERS = 500
-; Max number of files shown in diff view
-MAX_GIT_DIFF_FILES = 100
-; Arguments for command 'git gc', e.g. "--aggressive --auto"
-; see more on http://git-scm.com/docs/git-gc/1.7.5
-GC_ARGS =
-
-; Operation timeout in seconds
-[git.timeout]
-MIGRATE = 600
-MIRROR = 300
-CLONE = 300
-PULL = 300
-GC = 60
-
-[mirror]
-; Default interval in hours between each check
-DEFAULT_INTERVAL = 8
-
-[api]
-; Max number of items will response in a page
-MAX_RESPONSE_ITEMS = 50
-
-[i18n]
-LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP
-NAMES = English,简体中文,繁體中文（香港）,繁體中文（台湾）,Deutsch,Français,Nederlands,Latviešu,Русский,日本語,Español,Português do Brasil,Polski,български,Italiano,Suomalainen,Türkçe,čeština,Српски
-
-; Used for datetimepicker
-[i18n.datelang]
-en-US = en
-zh-CN = zh
-zh-HK = zh-TW
-zh-TW = zh-TW
-de-DE = de
-fr-FR = fr
-nl-NL = nl
-lv-LV = lv
-ru-RU = ru
-ja-JP = ja
-es-ES = es
-pt-BR = pt-BR
-pl-PL = pl
-bg-BG = bg
-it-IT = it
-fi-FI = fi
-tr-TR = tr
-cs-CZ = cs-CZ
-
-; Extension mapping to highlight class
-; e.g. .toml=ini
-[highlight.mapping]
-
-[other]
-SHOW_FOOTER_BRANDING = false
-; Show version information about Gogs and Go in the footer
-SHOW_FOOTER_VERSION = true
-; Show time of template execution in the footer
-SHOW_FOOTER_TEMPLATE_LOAD_TIME = true

conf/gitignore/Android

@@ -1,32 +0,0 @@
-# Built application files
-*.apk
-*.ap_
-
-# Files for the Dalvik VM
-*.dex
-
-# Java class files
-*.class
-
-# Generated files
-bin/
-gen/
-
-# Gradle files
-.gradle/
-build/
-
-# Local configuration file (sdk path, etc)
-local.properties
-
-# Proguard folder generated by Eclipse
-proguard/
-
-# Log Files
-*.log
-
-# Android Studio Navigation editor temp files
-.navigation/
-
-# Android Studio captures folder
-captures/

conf/gitignore/Autotools

@@ -1,14 +0,0 @@
-# http://www.gnu.org/software/automake
-
-Makefile.in
-
-# http://www.gnu.org/software/autoconf
-
-/autom4te.cache
-/aclocal.m4
-/compile
-/configure
-/depcomp
-/install-sh
-/missing
-/stamp-h1

conf/gitignore/C

@@ -1,32 +0,0 @@
-# Object files
-*.o
-*.ko
-*.obj
-*.elf
-
-# Precompiled Headers
-*.gch
-*.pch
-
-# Libraries
-*.lib
-*.a
-*.la
-*.lo
-
-# Shared objects (inc. Windows DLLs)
-*.dll
-*.so
-*.so.*
-*.dylib
-
-# Executables
-*.exe
-*.out
-*.app
-*.i*86
-*.x86_64
-*.hex
-
-# Debug files
-*.dSYM/

conf/gitignore/C Sharp

@@ -1,108 +0,0 @@
-# Build Folders (you can keep bin if you'd like, to store dlls and pdbs)
-[Bb]in/
-[Oo]bj/
-
-# mstest test results
-TestResults
-
-## Ignore Visual Studio temporary files, build results, and
-## files generated by popular Visual Studio add-ons.
-
-# User-specific files
-*.suo
-*.user
-*.sln.docstates
-
-# Build results
-[Dd]ebug/
-[Rr]elease/
-x64/
-*_i.c
-*_p.c
-*.ilk
-*.meta
-*.obj
-*.pch
-*.pdb
-*.pgc
-*.pgd
-*.rsp
-*.sbr
-*.tlb
-*.tli
-*.tlh
-*.tmp
-*.log
-*.vspscc
-*.vssscc
-.builds
-
-# Visual C++ cache files
-ipch/
-*.aps
-*.ncb
-*.opensdf
-*.sdf
-
-# Visual Studio profiler
-*.psess
-*.vsp
-*.vspx
-
-# Guidance Automation Toolkit
-*.gpState
-
-# ReSharper is a .NET coding add-in
-_ReSharper*
-
-# NCrunch
-*.ncrunch*
-.*crunch*.local.xml
-
-# Installshield output folder
-[Ee]xpress
-
-# DocProject is a documentation generator add-in
-DocProject/buildhelp/
-DocProject/Help/*.HxT
-DocProject/Help/*.HxC
-DocProject/Help/*.hhc
-DocProject/Help/*.hhk
-DocProject/Help/*.hhp
-DocProject/Help/Html2
-DocProject/Help/html
-
-# Click-Once directory
-publish
-
-# Publish Web Output
-*.Publish.xml
-
-# NuGet Packages Directory
-packages
-
-# Windows Azure Build Output
-csx
-*.build.csdef
-
-# Windows Store app package directory
-AppPackages/
-
-# Others
-[Bb]in
-[Oo]bj
-sql
-TestResults
-[Tt]est[Rr]esult*
-*.Cache
-ClientBin
-[Ss]tyle[Cc]op.*
-~$*
-*.dbmdl
-Generated_Code #added for RIA/Silverlight projects
-
-# Backup & report files from converting an old project file to a newer
-# Visual Studio version. Backup files are not needed, because we have git ;-)
-_UpgradeReport_Files/
-Backup*/
-UpgradeLog*.XML

conf/gitignore/CMake

@@ -1,6 +0,0 @@
-CMakeCache.txt
-CMakeFiles
-CMakeScripts
-Makefile
-cmake_install.cmake
-install_manifest.txt

conf/gitignore/CakePHP

@@ -1,13 +0,0 @@
-# CakePHP 3
-
-/vendor/*
-/config/app.php
-/tmp/*
-/logs/*
-
-# CakePHP 2
-
-/app/tmp/*
-/app/Config/core.php
-/app/Config/database.php
-/vendors/*

conf/gitignore/CodeIgniter

@@ -1,6 +0,0 @@
-*/config/development
-*/logs/log-*.php
-!*/logs/index.html
-*/cache/*
-!*/cache/index.html
-!*/cache/.htaccess

conf/gitignore/CommonLisp

@@ -1,3 +0,0 @@
-*.FASL
-*.fasl
-*.lisp-temp

conf/gitignore/Composer

@@ -1,6 +0,0 @@
-composer.phar
-vendor/
-
-# Commit your application's lock file http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file
-# You may choose to ignore a library lock file http://getcomposer.org/doc/02-libraries.md#lock-file
-# composer.lock

conf/gitignore/Coq

@@ -1,3 +0,0 @@
-*.vo
-*.glob
-*.v.d

conf/gitignore/CraftCMS

@@ -1,3 +0,0 @@
-# Craft Storage (cache) [http://buildwithcraft.com/help/craft-storage-gitignore]
-/craft/storage/*
-!/craft/storage/logo/*

conf/gitignore/Dart

@@ -1,15 +0,0 @@
-# Don’t commit the following directories created by pub.
-.buildlog
-.pub/
-build/
-packages
-.packages
-
-# Or the files created by dart2js.
-*.dart.js
-*.js_
-*.js.deps
-*.js.map
-
-# Include when developing application packages.
-pubspec.lock

conf/gitignore/Dreamweaver

@@ -1,3 +0,0 @@
-# DW Dreamweaver added files
-_notes
-dwsync.xml

conf/gitignore/Eclipse

@@ -1,39 +0,0 @@
-*.pydevproject
-.metadata
-.gradle
-bin/
-tmp/
-*.tmp
-*.bak
-*.swp
-*~.nib
-local.properties
-.settings/
-.loadpath
-
-# Eclipse Core
-.project
-
-# External tool builders
-.externalToolBuilders/
-
-# Locally stored "Eclipse launch configurations"
-*.launch
-
-# CDT-specific
-.cproject
-
-# JDT-specific (Eclipse Java Development Tools)
-.classpath
-
-# Java annotation processor (APT)
-.factorypath
-
-# PDT-specific
-.buildpath
-
-# sbteclipse plugin
-.target
-
-# TeXlipse plugin
-.texlipse

conf/gitignore/EiffelStudio

@@ -1,2 +0,0 @@
-# The compilation directoy
-EIFGENs

conf/gitignore/Elisp

@@ -1,5 +0,0 @@
-# Compiled
-*.elc
-
-# Packaging
-.cask

conf/gitignore/Elixir

@@ -1,4 +0,0 @@
-/_build
-/deps
-erl_crash.dump
-*.ez

conf/gitignore/Emacs

@@ -1,32 +0,0 @@
-# -*- mode: gitignore; -*-
-*~
-\#*\#
-/.emacs.desktop
-/.emacs.desktop.lock
-*.elc
-auto-save-list
-tramp
-.\#*
-
-# Org-mode
-.org-id-locations
-*_archive
-
-# flymake-mode
-*_flymake.*
-
-# eshell files
-/eshell/history
-/eshell/lastdir
-
-# elpa packages
-/elpa/
-
-# reftex files
-*.rel
-
-# AUCTeX auto folder
-/auto/
-
-# cask packages
-.cask/

conf/gitignore/ExtJs

@@ -1,4 +0,0 @@
-.architect
-bootstrap.json
-build/
-ext/

conf/gitignore/FuelPHP

@@ -1,2 +0,0 @@
-fuel/app/logs/*/*/*
-fuel/app/cache/*/*

conf/gitignore/Gradle

@@ -1,8 +0,0 @@
-.gradle
-build/
-
-# Ignore Gradle GUI config
-gradle-app.setting
-
-# Avoid ignoring Gradle wrapper jar file (.jar files are usually ignored)
-!gradle-wrapper.jar

conf/gitignore/Haskell

@@ -1,16 +0,0 @@
-dist
-cabal-dev
-*.o
-*.hi
-*.chi
-*.chs.h
-*.dyn_o
-*.dyn_hi
-.hpc
-.hsenv
-.cabal-sandbox/
-cabal.sandbox.config
-*.prof
-*.aux
-*.hp
-.stack-work/

conf/gitignore/IPythonNotebook

@@ -1,2 +0,0 @@
-# Temporary data
-.ipynb_checkpoints/

conf/gitignore/Java

@@ -1,12 +0,0 @@
-*.class
-
-# Mobile Tools for Java (J2ME)
-.mtj.tmp/
-
-# Package Files #
-*.jar
-*.war
-*.ear
-
-# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
-hs_err_pid*

conf/gitignore/Jekyll

@@ -1,3 +0,0 @@
-_site/
-.sass-cache/
-.jekyll-metadata

conf/gitignore/JetBrains

@@ -1,46 +0,0 @@
-# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio
-
-*.iml
-
-## Directory-based project format:
-.idea/
-# if you remove the above rule, at least ignore the following:
-
-# User-specific stuff:
-# .idea/workspace.xml
-# .idea/tasks.xml
-# .idea/dictionaries
-
-# Sensitive or high-churn files:
-# .idea/dataSources.ids
-# .idea/dataSources.xml
-# .idea/sqlDataSources.xml
-# .idea/dynamic.xml
-# .idea/uiDesigner.xml
-
-# Gradle:
-# .idea/gradle.xml
-# .idea/libraries
-
-# Mongo Explorer plugin:
-# .idea/mongoSettings.xml
-
-## File-based project format:
-*.ipr
-*.iws
-
-## Plugin-specific files:
-
-# IntelliJ
-/out/
-
-# mpeltonen/sbt-idea plugin
-.idea_modules/
-
-# JIRA plugin
-atlassian-ide-plugin.xml
-
-# Crashlytics plugin (for Android Studio and IntelliJ)
-com_crashlytics_export_strings.xml
-crashlytics.properties
-crashlytics-build.properties

conf/gitignore/KiCAD

@@ -1,13 +0,0 @@
-# For PCBs designed using KiCAD: http://www.kicad-pcb.org/
-
-# Temporary files
-*.000
-*.bak
-*.bck
-*.kicad_pcb-bak
-
-# Netlist files (exported from Eeschema)
-*.net
-
-# Autorouter files (exported from Pcbnew)
-.dsn

conf/gitignore/Laravel

@@ -1,4 +0,0 @@
-/bootstrap/compiled.php
-.env.*.php
-.env.php
-.env

conf/gitignore/Linux

@@ -1,7 +0,0 @@
-*~
-
-# KDE directory preferences
-.directory
-
-# Linux trash folder which might appear on any partition or disk
-.Trash-*

conf/gitignore/Magento

@@ -1,126 +0,0 @@
-.htaccess.sample
-.modgit/
-.modman/
-app/code/community/Phoenix/
-app/code/community/Cm/
-app/code/core/
-app/design/adminhtml/default/default/
-app/design/frontend/base/
-app/design/frontend/rwd/
-app/design/frontend/default/blank/
-app/design/frontend/default/default/
-app/design/frontend/default/iphone/
-app/design/frontend/default/modern/
-app/design/frontend/enterprise/default
-app/design/install/
-app/etc/modules/Enterprise_*
-app/etc/modules/Mage_All.xml
-app/etc/modules/Mage_Api.xml
-app/etc/modules/Mage_Api2.xml
-app/etc/modules/Mage_Authorizenet.xml
-app/etc/modules/Mage_Bundle.xml
-app/etc/modules/Mage_Captcha.xml
-app/etc/modules/Mage_Centinel.xml
-app/etc/modules/Mage_Compiler.xml
-app/etc/modules/Mage_ConfigurableSwatches.xml
-app/etc/modules/Mage_Connect.xml
-app/etc/modules/Mage_CurrencySymbol.xml
-app/etc/modules/Mage_Downloadable.xml
-app/etc/modules/Mage_ImportExport.xml
-app/etc/modules/Mage_LoadTest.xml
-app/etc/modules/Mage_Oauth.xml
-app/etc/modules/Mage_PageCache.xml
-app/etc/modules/Mage_Persistent.xml
-app/etc/modules/Mage_Weee.xml
-app/etc/modules/Mage_Widget.xml
-app/etc/modules/Mage_XmlConnect.xml
-app/etc/modules/Phoenix_Moneybookers.xml
-app/etc/modules/Cm_RedisSession.xml
-app/etc/applied.patches.list
-app/etc/config.xml
-app/etc/enterprise.xml
-app/etc/local.xml.additional
-app/etc/local.xml.template
-app/etc/local.xml
-app/.htaccess
-app/locale/
-app/Mage.php
-/cron.php
-cron.sh
-downloader/
-errors/
-favicon.ico
-/get.php
-includes/
-/index.php
-index.php.sample
-/install.php
-js/blank.html
-js/calendar/
-js/enterprise/
-js/extjs/
-js/firebug/
-js/flash/
-js/index.php
-js/jscolor/
-js/lib/
-js/mage/
-js/prototype/
-js/scriptaculous/
-js/spacer.gif
-js/tiny_mce/
-js/varien/
-lib/3Dsecure/
-lib/Apache/
-lib/flex/
-lib/googlecheckout/
-lib/.htaccess
-lib/LinLibertineFont/
-lib/Mage/
-lib/PEAR/
-lib/Pelago/
-lib/phpseclib/
-lib/Varien/
-lib/Zend/
-lib/Cm/
-lib/Credis/
-lib/Magento/
-LICENSE_AFL.txt
-LICENSE.html
-LICENSE.txt
-LICENSE_EE*
-/mage
-media/customer/
-media/dhl/
-media/downloadable/
-media/.htaccess
-media/import/
-media/xmlconnect/
-media/catalog/product/cache/
-media/catalog/product/placeholder/default/
-/api.php
-nbproject/
-pear
-pear/
-php.ini.sample
-pkginfo/
-RELEASE_NOTES.txt
-shell/abstract.php
-shell/compiler.php
-shell/indexer.php
-shell/log.php
-sitemap.xml
-skin/adminhtml/default/default/
-skin/adminhtml/default/enterprise
-skin/frontend/base/
-skin/frontend/rwd/
-skin/frontend/default/blank/
-skin/frontend/default/blue/
-skin/frontend/default/default/
-skin/frontend/default/french/
-skin/frontend/default/german/
-skin/frontend/default/iphone/
-skin/frontend/default/modern/
-skin/frontend/enterprise
-skin/install/
-var/

conf/gitignore/Matlab

@@ -1,16 +0,0 @@
-##---------------------------------------------------
-## Remove autosaves generated by the Matlab editor
-## We have git for backups!
-##---------------------------------------------------
-
-# Windows default autosave extension
-*.asv
-
-# OSX / *nix default autosave extension
-*.m~
-
-# Compiled MEX binaries (all platforms)
-*.mex*
-
-# Simulink Code Generation
-slprj/

conf/gitignore/MicrosoftOffice

@@ -1,10 +0,0 @@
-*.tmp
-
-# Word temporary
-~$*.doc*
-
-# Excel temporary
-~$*.xls*
-
-# Excel Backup File
-*.xlk

conf/gitignore/Nanoc

@@ -1,10 +0,0 @@
-# For projects using nanoc (http://nanoc.ws/)
-
-# Default location for output, needs to match output_dir's value found in config.yaml
-output/
-
-# Temporary file directory
-tmp/
-
-# Crash Log
-crash.log

conf/gitignore/NetBeans

@@ -1,8 +0,0 @@
-nbproject/private/
-build/
-nbbuild/
-dist/
-nbdist/
-nbactions.xml
-nb-configuration.xml
-.nb-gradle/

conf/gitignore/Node

@@ -1,28 +0,0 @@
-# Logs
-logs
-*.log
-npm-debug.log*
-
-# Runtime data
-pids
-*.pid
-*.seed
-
-# Directory for instrumented libs generated by jscoverage/JSCover
-lib-cov
-
-# Coverage directory used by tools like istanbul
-coverage
-
-# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
-.grunt
-
-# node-waf configuration
-.lock-wscript
-
-# Compiled binary addons (http://nodejs.org/api/addons.html)
-build/Release
-
-# Dependency directory
-# https://docs.npmjs.com/misc/faq#should-i-check-my-node-modules-folder-into-git
-node_modules

conf/gitignore/OSX

@@ -1,24 +0,0 @@
-.DS_Store
-.AppleDouble
-.LSOverride
-
-# Icon must end with two \r
-Icon
-
-
-# Thumbnails
-._*
-
-# Files that might appear in the root of a volume
-.DocumentRevisions-V100
-.fseventsd
-.Spotlight-V100
-.TemporaryItems
-.Trashes
-.VolumeIcon.icns
-
-# Directories potentially created on remote AFP share
-.AppleDB
-.AppleDesktop
-Network Trash Folder
-Temporary Items

conf/gitignore/Objective-C

@@ -1,43 +0,0 @@
-# Xcode
-#
-# gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore
-
-## Build generated
-build/
-DerivedData
-
-## Various settings
-*.pbxuser
-!default.pbxuser
-*.mode1v3
-!default.mode1v3
-*.mode2v3
-!default.mode2v3
-*.perspectivev3
-!default.perspectivev3
-xcuserdata
-
-## Other
-*.xccheckout
-*.moved-aside
-*.xcuserstate
-*.xcscmblueprint
-
-## Obj-C/Swift specific
-*.hmap
-*.ipa
-
-# CocoaPods
-#
-# We recommend against adding the Pods directory to your .gitignore. However
-# you should judge for yourself, the pros and cons are mentioned at:
-# http://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control
-#
-#Pods/
-
-# Carthage
-#
-# Add this line if you want to avoid checking in source code from Carthage dependencies.
-# Carthage/Checkouts
-
-Carthage/Build

conf/gitignore/OpenCart

@@ -1,11 +0,0 @@
-.htaccess
-/config.php
-admin/config.php
-
-!index.html
-
-download/
-image/data/
-image/cache/
-system/cache/
-system/logs/

conf/gitignore/Perl

@@ -1,20 +0,0 @@
-/blib/
-/.build/
-_build/
-cover_db/
-inc/
-Build
-!Build/
-Build.bat
-.last_cover_stats
-/Makefile
-/Makefile.old
-/MANIFEST.bak
-/META.yml
-/META.json
-/MYMETA.*
-nytprof.out
-/pm_to_blib
-*.o
-*.bs
-/_eumm/

conf/gitignore/Prestashop

@@ -1,25 +0,0 @@
-# Private files
-# The following files contain your database credentials and other personal data.
-
-config/settings.*.php
-
-# Cache, temp and generated files
-# The following files are generated by PrestaShop.
-
-admin-dev/autoupgrade/
-cache/
-config/xml/*.xml
-log/
-*sitemap.xml
-themes/*/cache/
-modules/*/config*.xml
-
-# Site content
-# The following folders contain product images, virtual products, CSV's, etc.
-
-admin-dev/backups/
-admin-dev/export/
-admin-dev/import/
-download/
-img/
-upload/

conf/gitignore/Processing

@@ -1,7 +0,0 @@
-.DS_Store
-applet
-application.linux32
-application.linux64
-application.windows32
-application.windows64
-application.macosx

conf/gitignore/Python

@@ -1,58 +0,0 @@
-# Byte-compiled / optimized / DLL files
-__pycache__/
-*.py[cod]
-*$py.class
-
-# C extensions
-*.so
-
-# Distribution / packaging
-.Python
-env/
-build/
-develop-eggs/
-dist/
-downloads/
-eggs/
-.eggs/
-lib/
-lib64/
-parts/
-sdist/
-var/
-*.egg-info/
-.installed.cfg
-*.egg
-
-# PyInstaller
-#  Usually these files are written by a python script from a template
-#  before PyInstaller builds the exe, so as to inject date/other infos into it.
-*.manifest
-*.spec
-
-# Installer logs
-pip-log.txt
-pip-delete-this-directory.txt
-
-# Unit test / coverage reports
-htmlcov/
-.tox/
-.coverage
-.coverage.*
-.cache
-nosetests.xml
-coverage.xml
-*,cover
-
-# Translations
-*.mo
-*.pot
-
-# Django stuff:
-*.log
-
-# Sphinx documentation
-docs/_build/
-
-# PyBuilder
-target/