Version 1.8.4

https://github.com/go-gitea/gitea/pull/2194

CHANGELOG

@@ -1,96 +1,230 @@
-[0.6.10]
-* Works with readonly rootfs
+[0.1.0]
+* Initial package (forked from Gogs app)
 
-[0.6.11]
-* Fix bug where app wouldn't start up
+[0.1.1]
+* Removed reference to Gogs
 
-[0.7.0]
-* Update to latest base image
+[0.1.2]
+* Updated description
 
-[0.7.1]
-* Remove some backward compat code
+[0.1.3]
+* Updated to version 1.1.2
 
-[0.8.0]
-* Use Gogs 0.8.25
-* Support GitHub style Markdown checklist
-* Add more APIs: user followers
-* Support side-by-side diff view
-* Support highlight inline diff
-* Complete [Changelog](https://github.com/gogits/gogs/releases/tag/v0.8.25)
+[1.0.0]
+* Update to version 1.1.3
 
-[0.9.0]
-* Use 'git' instead of 'cloudron' user
+[1.0.1]
+* Update Git to v2.7.4-0ubuntu1.2
+* Fixes critical security issue that allows remote command execution in git
+* https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-1000117.html
 
-[0.10.0]
-* Use Gogs 0.8.43
-* Issue references have bad links behind a reverse proxy sub-path #2229
+[1.0.2]
+* Preserve SECRET_KEY across updates and restarts
 
-[0.11.0]
-* Use Gogs 0.9.0
-* [Changelog](https://github.com/gogits/gogs/releases/tag/v0.9.0)
+[1.0.3]
+* Update to version 1.1.4
 
-[0.12.0]
-* Use Gogs 0.9.13
+[1.1.0]
+* Update to version 1.2.0
+* New logo!
+* SECURITY: Sanitation fix from Gogs (#1461)
+* Status-API
+* Implement GPG api
+* https://github.com/go-gitea/gitea/releases/tag/v1.2.0
 
-[0.12.1]
-* Fix username login
+[1.1.1]
+* Update to version 1.2.1
+* Fix PR, milestone and label functionality if issue unit is disabled (#2710) (#2714)
+* Fix plain readme didn't render correctly on repo home page (#2705) (#2712)
+* Fix so that user can still fork his own repository to his organizations (#2699) (#2707)
+* Fix .netrc authentication (#2700) (#2708)
+* Fix slice out of bounds error in mailer (#2479) (#2696)
 
-[0.12.2]
-* Allow disabling SSH
+[1.1.2]
+* Update to version 1.2.2
+* Add checks for commits with missing author and time (#2771) (#2785)
+* Fix sending mail with a non-latin display name (#2559) (#2783)
+* Sync MaxGitDiffLineCharacters with conf/app.ini (#2779) (#2780)
+* Update vendor git (#2765) (#2772)
+* Fix emojify image URL (#2769) (#2773)
 
-[0.12.3]
-* Fix login via email
+[1.1.3]
+* Update to version 1.2.3
+* Only require one email when validating GPG key (#2266, #2467, #2663) (#2788)
+* Fix order of comments (#2835) (#2839)
 
-[0.12.4]
-* Fix ldap update query
+[1.2.0]
+* Update to version 1.3.0
 
-[0.12.5]
-* Preserve ssh host keys across updates
+[1.3.0]
+* Update to version 1.3.1
+* Add documentationUrl
+* Sanitize logs for mirror sync (#3057, #3082) (#3078)
+* Fix missing branch in release bug (#3108) (#3117)
+* Fix repo indexer and submodule bug (#3107) (#3110)
+* Fix legacy URL redirects (#3100) (#3106)
+* Fix redis session failed (#3086) (#3089)
+* Fix issue list branch link broken (#3061) (#3070)
+* Fix missing password length check when change password (#3039) (#3071)
 
-[0.12.6]
-* Use latest SMTP configuration
+[1.3.1]
+* Update Gitea to 1.3.2
+* Fix run web with -p push failed (#3154) (#3179)
+* Fix source download link when no code unit allowed (#3166) (#3169)
+* Allow adding collaborators with (fullname) (#3103) (#3168)
+* Fix repo links (#3093) (#3163)
+* Fix Uninitialized variable in ParsePatch (#3156) (#3162)
+* Fix migration order v1.3 (#3157)
+* Fix avatar URLs (#3069) (#3143)
 
-[0.12.7]
-* Update base image to 0.8.1
+[1.4.0]
+* Fix email sending (use SMTPS)
 
-[0.13.0]
-* Update Gogs to 0.9.48
-* [Changelog](https://github.com/gogits/gogs/releases/tag/v0.9.48)
+[1.4.1]
+* Update Gitea to 1.3.3
+* Security fixes
+    * Fix escaping changed title in comments (#3530) (#3535)
+    * Escape search query display (#3486) (#3489)
+* Bug fixes
+    * Fix repo-transfer-and-team-repo-count bug (#3241) (#3244)
+    * Open external tracker in blank window, consistently with wiki (#3227) (#3228)
+    * Change SSL Mode from checkbox to string in admin page (#3208) (#3211)
 
-[0.13.1]
-* Update Gogs to 0.9.71
-* [Changelog](https://github.com/gogits/gogs/releases/tag/v0.9.71)
+[1.5.0]
+* Update Gitea to 1.4.0
 
-[0.13.2]
+[1.5.1]
+* Update Gitea to 1.4.1
+* Add “error” as reserved username (#3882) (#3886)
+* Do not allow inactive users to access repositories using private key (#3887) (#3889)
+* Fix path cleanup in file editor, when initilizing new repository and LFS oids (#3871) (#3873)
+* Remove unnecessary allowed safe HTML (#3778) (#3779)
+* Correctly check http git access rights for reverse proxy authorized users (#3721) (#3743)
+* Fix to use only needed columns from tables to get repository git paths (#3870) (#3883)
+* Fix GPG expire time display when time is zero (#3584) (#3884)
+* Fix to update only issue last update time when adding a comment (#3855) (#3860)
+* Fix repository star count after deleting user (#3781) (#3783)
+* Use the active branch for the code tab (#3720) (#3776)
+* Set default branch name on first push (#3715) (#3723)
+* Show clipboard button if disable HTTP of git protocol (#3773) (#3774)
+
+[1.5.2]
+* Update Gitea to 1.4.2
+* Adjust z-index for floating labels (#3939) (#3950)
+* Add missing token validation on application settings page (#3976) #3978
+* Webhook and hook_task clean up (#4006)
+* Fix webhook bug of response info is not displayed in UI (#4023)
+* Fix writer cannot read bare repo guide (#4033) (#4039)
+* Don't force due date to current time (#3830) (#4057)
+* Fix wiki redirects (#3919) (#4065)
+* Fix attachment ENABLED (#4064) (#4066)
+* Added deletion of an empty line at the end of file (#4054) (#4074)
+* Use ResolveReference instead of path.Join (#4073)
+* Fix #4081 Check for leading / in base before removing it (#4083)
+* Respository's home page not updated after first push (#4075)
+
+[1.5.2-1]
+* Rebuild Gitea package because of https://github.com/go-gitea/gitea/issues/4167
+* Adjust z-index for floating labels (#3939) (#3950)
+* Add missing token validation on application settings page (#3976) #3978
+* Webhook and hook_task clean up (#4006)
+* Fix webhook bug of response info is not displayed in UI (#4023)
+* Fix writer cannot read bare repo guide (#4033) (#4039)
+* Don't force due date to current time (#3830) (#4057)
+* Fix wiki redirects (#3919) (#4065)
+* Fix attachment ENABLED (#4064) (#4066)
+* Added deletion of an empty line at the end of file (#4054) (#4074)
+* Use ResolveReference instead of path.Join (#4073)
+* Fix #4081 Check for leading / in base before removing it (#4083)
+* Respository's home page not updated after first push (#4075)
+
+[1.5.3]
+* Update Gitea to 1.4.3
+* SECURITY
+  * HTML-escape plain-text READMEs (#4192) (#4214)
+  * Fix open redirect vulnerability on login screen (#4312) (#4312)
+* BUGFIXES
+  * Fix broken monitoring page when running processes are shown (#4203) (#4208)
+  * Fix delete comment bug (#4216) (#4228)
+  * Delete reactions added to issues and comments when deleting repository (#4232) (#4237)
+  * Fix wiki URL encoding bug (#4091) (#4254)
+  * Fix code tab link when viewing tags (#3908) (#4263)
+  * Fix webhook type conflation (#4285) (#4285)
+
+[1.5.4]
+* Allow customization using gitea's custom data directory
+
+[1.6.0]
+* Update Gitea to 1.5.0
+* Security
+  * Check that repositories can only be migrated to own user or organizations (#4366) (#4370)
+  * Limit uploaded avatar image-size to 4096px x 3072px by default (#4353)
+  * Do not allow to reuse TOTP passcode (#3878)
+* Features
+  * Add cli commands to regen hooks & keys (#3979)
+  * Add support for FIDO U2F (#3971)
+  * Added user language setting (#3875)
+  * Add topic support (#3711)
+  * Multiple assignees (#3705)
+  * Add protected branch whitelists for merging (#3689)
+  * Global code search support (#3664)
+  * Add label descriptions (#3662)
+  * Add issue search via API (#3612)
+  * Add repository setting to enable/disable health checks (#3607)
+  * Emoji Autocomplete (#3433)
+  * Implements generator cli for secrets (#3531)
+
+[1.6.1]
+* Update Gitea to 1.5.1
+* Security
+  * Don't disclose emails of all users when sending out emails (#4784)
+  * Improve URL validation for external wiki and external issues (#4710) (#4740)
+  * Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) (#4707)
+* Bugfixes
+  * Fix missing release title in webhook (#4783) (#4800)
+  * Make sure to reset commit count in the cache on mirror syncing (#4770)
+  * Fixed bug where team with admin privelege type doesn't get any unit (#4759)
+  * Fix failure on creating pull request with assignees (#4583) (#4727)
+  * Hide org/create menu item in Dashboard if user has no rights (#4678) (#4686)
+
+[1.7.0]
 * Update base image
 
-[0.13.3]
-* Implement public mode
+[1.7.1]
+* Update Gitea to 1.5.2
 
-[0.13.4]
-* Add post install message
+[1.7.2]
+* Update Gitea to 1.5.3
+* Security
+  * Fix remote command execution vulnerability in upstream library (#5177) (#5196)
 
-[0.13.5]
-* Fix post install message
+[1.8.0]
+* Update Gitea to 1.6.0
 
-[0.14.0]
-* Update base image
-* Update Gogs to 0.9.128
+[1.8.1]
+* Update Gitea to 1.6.1
 
-[0.14.1]
-* Update description
+[1.8.2]
+* Update Gitea to 1.6.2
+* SECURITY
+  * Sanitize uploaded file names (#5571) (#5573)
+  * HTMLEncode user added text (#5570) (#5575)
+* BUGFIXES
+  * Fix indexer reindex bug when gitea restart (#5563) (#5564)
+  * Fix bug when a read perm user to edit his issue (#5516) (#5534)
+  * Detect force push failure on deletion of protected branches (#5522) (#5531)
+  * Fix forgot deletion of notification when delete repository (#5506) (#5514)
+  * Fix undeleted content when deleting user (#5429) (#5509)
+  * Fix empty wiki (#5504) (#5508)
 
-[0.15.0]
-* Update to 0.10.18
+[1.8.3]
+* Update Gitea to 1.6.3
+* SECURITY: Prevent DeleteFilePost doing arbitrary deletion (#5631)
+* BUGFIX: Fix wrong text getting saved on editing second comment on an issue (#5608)
 
-[0.16.0]
-* Update Gogs to 0.11
-* Fix issue where custom avatars could not be uploaded
-* Fix issue where web based editing would not work
-
-[0.16.1]
-* Update Gogs to 0.11.4
-
-[0.16.2]
-* Update description
+[1.8.4]
+* Update Gitea to 1.6.4
+* Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685)
+* When redirecting clean the path to avoid redirecting to external site (#5669) (#5703)
+* Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715)
 

CloudronManifest.json

@@ -1,10 +1,10 @@
 {
-  "id": "io.gogs.cloudronapp",
-  "title": "Gogs",
-  "author": "Gogs developers",
+  "id": "io.gitea.cloudronapp",
+  "title": "Gitea",
+  "author": "Gitea developers",
   "description": "file://DESCRIPTION.md",
   "tagline": "A painless self-hosted Git Service",
-  "version": "0.16.2",
+  "version": "1.8.4",
   "healthCheckPath": "/healthcheck",
   "httpPort": 3000,
   "addons": {
@@ -21,16 +21,19 @@
     }
   },
   "manifestVersion": 1,
-  "website": "https://gogs.io",
+  "website": "https://gitea.io",
   "contactEmail": "apps@cloudron.io",
   "icon": "file://logo.png",
   "mediaLinks": [
-    "https://gogs.io/img/screenshots/1.png",
-    "https://gogs.io/img/screenshots/2.png",
-    "https://gogs.io/img/screenshots/4.png",
-    "https://gogs.io/img/screenshots/5.png"
+    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/1.png",
+    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/2.png",
+    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/3.png",
+    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/4.png",
+    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/5.png"
   ],
   "tags": [ "version control", "git", "code hosting", "development" ],
   "changelog": "file://CHANGELOG",
-  "postInstallMessage": "file://POSTINSTALL.md"
+  "postInstallMessage": "file://POSTINSTALL.md",
+  "minBoxVersion": "1.10.0",
+  "documentationUrl": "https://cloudron.io/documentation/apps/gitea/"
 }

DESCRIPTION.md

@@ -1,6 +1,6 @@
-Gogs (Go Git Service) is a painless self-hosted Git service.
+This app packages Gitea <upstream>1.6.4</upstream>
 
-This app packages Gogs <upstream>0.11.4</upstream>
+Gitea is a painless self-hosted Git service. It is similar to GitHub, Bitbucket or Gitlab.
 
 ### Purpose
 
@@ -20,9 +20,7 @@ The goal of this project is to make the easiest, fastest, and most painless way
 - Gravatar and custom source
 - Mail service
 - Administration panel
-- Supports MySQL, PostgreSQL, SQLite3 and [TiDB](https://github.com/pingcap/tidb) (experimental)
-- Multi-language support ([15 languages](https://crowdin.com/project/gogs))
 
 ### Bug reports
 
-Open bugs on [Github](https://git.cloudron.io/cloudron/gogs-app/issues)
+Open bugs on [Github](https://git.cloudron.io/cloudron/gitea-app/issues)

Dockerfile

@@ -1,37 +1,34 @@
-FROM cloudron/base:0.10.0
+FROM cloudron/base:1.0.0@sha256:147a648a068a2e746644746bbfb42eb7a50d682437cead3c67c933c546357617
 
 RUN apt-get update && \
-    apt-get install -y openssh-server && \
+    apt-get install -y openssh-server git && \
     rm -rf /etc/ssh_host_* && \
     rm -r /var/cache/apt /var/lib/apt/lists
 
 ADD supervisor/ /etc/supervisor/conf.d/
 
-RUN adduser --disabled-login --gecos 'Gogs' git
+RUN adduser --disabled-login --gecos 'Gitea' git
 # by default, git account is created as inactive which prevents login via openssh
 # https://github.com/gitlabhq/gitlabhq/issues/5304
 RUN passwd -d git
 
-RUN mkdir -p /home/git/gogs
-## TODO: use redis as well
-RUN cd /home/git/gogs && \
-    curl -L https://github.com/gogits/gogs/releases/download/v0.11.4/linux_amd64.tar.gz | tar zxvf - --strip-components 1
+RUN mkdir -p /home/git/gitea
+RUN curl -L https://dl.gitea.io/gitea/1.6.4/gitea-1.6.4-linux-amd64 -o /home/git/gitea/gitea \
+    && chmod +x /home/git/gitea/gitea
 
 # setup config paths
 ADD app.ini.template /home/git/app.ini.template
 
 # setup log paths
-RUN mkdir -p /run/gogs && chown -R git:git /run/gogs
-RUN sed -e 's,^logfile=.*$,logfile=/run/gogs/supervisord.log,' -i /etc/supervisor/supervisord.conf
+RUN mkdir -p /run/gitea && chown -R git:git /run/gitea
+RUN sed -e 's,^logfile=.*$,logfile=/run/gitea/supervisord.log,' -i /etc/supervisor/supervisord.conf
 
 RUN ln -s /app/data/ssh /home/git/.ssh
 RUN ln -s /app/data/gitconfig /home/git/.gitconfig
 
 ADD start.sh /home/git/start.sh
 
-# disable pam authentication for sshd
-RUN sed -e 's/UsePAM yes/UsePAM no/' -e 's/UsePrivilegeSeparation yes/UsePrivilegeSeparation no/' -i /etc/ssh/sshd_config
-RUN echo "UseDNS no" >> /etc/ssh/sshd_config
+COPY sshd_config /etc/ssh/sshd_config
 
 CMD [ "/home/git/start.sh" ]
 

POSTINSTALL.md

@@ -1,12 +1,12 @@
 This app integrates with the Cloudron SSO. Admins on Cloudron automatically
-become admins on Gogs.
+become admins on Gitea.
 
 If you want to disable Cloudron SSO, do the following:
 
 * Admin Panel -> Authentication -> 'cloudron' -> Uncheck 'This authentication is activated'
 * Admin Panel -> Users -> Change Authentication Source to 'Local' and also give a password
 
-You can create a `/app/data/app.ini` with any custom configuration. See the 
-[configuration cheat sheet](https://gogs.io/docs/advanced/configuration_cheat_sheet)
+You can edit `/app/data/app.ini` and add any custom configuration. See the 
+[configuration cheat sheet](https://docs.gitea.io/en-us/config-cheat-sheet)
 for more information.
 

README.md

@@ -1,15 +1,15 @@
-# Gogs Cloudron App
+# Gitea Cloudron App
 
-This repository contains the Cloudron app package source for [Gogs](http://gogs.io/).
+This repository contains the Cloudron app package source for [Gitea](http://gitea.io/).
 
 ## Installation
 
-[![Install](https://cloudron.io/img/button.svg)](https://cloudron.io/button.html?app=io.gogs.cloudronapp)
+[![Install](https://cloudron.io/img/button.svg)](https://cloudron.io/button.html?app=io.gitea.cloudronapp)
 
 or using the [Cloudron command line tooling](https://cloudron.io/references/cli.html)
 
 ```
-cloudron install --appstore-id io.gogs.cloudronapp
+cloudron install --appstore-id io.gitea.cloudronapp
 ```
 
 ## Building
@@ -17,7 +17,7 @@ cloudron install --appstore-id io.gogs.cloudronapp
 The app package can be built using the [Cloudron command line tooling](https://cloudron.io/references/cli.html).
 
 ```
-cd gogs-app
+cd gitea-app
 
 cloudron build
 cloudron install
@@ -28,9 +28,9 @@ cloudron install
 The e2e tests are located in the `test/` folder and require [nodejs](http://nodejs.org/). They are creating a fresh build, install the app on your Cloudron, perform tests, backup, restore and test if the repos are still ok. The tests expect port 29418 to be available.
 
 ```
-cd gogs-app/test
+cd gitea-app/test
 
 npm install
-USERNAME=<cloudron username> PASSWORD=<cloudron password> mocha --bail test.js
+PATH=$PATH:node_modules/.bin USERNAME=<cloudron username> PASSWORD=<cloudron password> mocha --bail test.js
 ```
 

app.ini.template

@@ -1,8 +1,10 @@
-APP_NAME = Gogs: Go Git Service
+APP_NAME = Gitea
 RUN_USER = git
 RUN_MODE = prod
 
+
 [database]
+; those settings are protected and can't be modified
 DB_TYPE = mysql
 HOST = ##MYSQL_HOST:##MYSQL_PORT
 NAME = ##MYSQL_DATABASE
@@ -11,7 +13,9 @@ PASSWD = ##MYSQL_PASSWORD
 SSL_MODE = disable
 PATH =
 
+
 [server]
+; those settings are protected and can't be modified
 PROTOCOL = http
 DOMAIN = ##DOMAIN
 ROOT_URL = https://%(DOMAIN)s/
@@ -20,44 +24,60 @@ HTTP_PORT = 3000
 DISABLE_SSH = ##DISABLE_SSH
 SSH_PORT = ##SSH_PORT
 APP_DATA_PATH = /app/data/appdata
+
 ; Landing page for non-logged users, can be "home" or "explore"
 LANDING_PAGE = explore
 
+
 [repository]
+; this setting is protected and can't be modified
 ROOT = /app/data/repository
+
 SCRIPT_TYPE = bash
 
+
 [repository.upload]
 ENABLED = true
-TEMP_PATH = /run/gogs/tmp/uploads
+
+; this setting is protected and can't be modified
+TEMP_PATH = /run/gitea/tmp/uploads
+
 
 [release.attachment]
 ENABLED = true
 ; APP_DATA_PATH/attachments
 PATH =
 
+
 [mailer]
 ENABLED = true
+
+; those settings are protected and can't be modified
 HOST = ##MAIL_SERVER:##MAIL_PORT
 USER = ##MAIL_SMTP_USERNAME
 PASSWD = ##MAIL_SMTP_PASSWORD
 FROM = ##MAIL_FROM
 SKIP_VERIFY = true
 
+
 [security]
+; those settings are protected and can't be modified
 INSTALL_LOCK = true
 SECRET_KEY = ##SECRET_KEY
 
+
 [service]
 DISABLE_REGISTRATION = false
 SHOW_REGISTRATION_BUTTON = false
 ENABLE_NOTIFY_MAIL = true
 
+
 [log]
-; Either "console", "file", "conn", "smtp" or "database", default is "console"
+; those settings are protected and can't be modified
 MODE = console
 ; used for xorm.log
-ROOT_PATH = /run/gogs
+ROOT_PATH = /run/gitea
+
 
 [picture]
 ; APP_DATA_PATH/avatars
@@ -65,8 +85,13 @@ AVATAR_UPLOAD_PATH =
 GRAVATAR_SOURCE = gravatar
 DISABLE_GRAVATAR = false
 
+
 [attachment]
 ENABLE = true
 ; APP_DATA_PATH/attachments
 PATH =
 
+
+[indexer]
+; this setting is protected and can't be modified
+ISSUE_INDEXER_PATH = /app/data/appdata/indexers/issues.bleve

sshd_config

@@ -0,0 +1,79 @@
+# Package generated configuration file
+# See the sshd_config(5) manpage for details
+
+# What ports, IPs and protocols we listen for
+Port 29418
+# Use these options to restrict which interfaces/protocols sshd will bind to
+ListenAddress 0.0.0.0
+Protocol 2
+# HostKeys for protocol version 2
+HostKey /app/data/sshd/ssh_host_rsa_key
+HostKey /app/data/sshd/ssh_host_dsa_key
+HostKey /app/data/sshd/ssh_host_ecdsa_key
+HostKey /app/data/sshd/ssh_host_ed25519_key
+
+# Logging
+SyslogFacility AUTH
+LogLevel INFO
+
+# Authentication:
+LoginGraceTime 120
+PermitRootLogin prohibit-password
+StrictModes yes
+
+PubkeyAuthentication yes
+#AuthorizedKeysFile	%h/.ssh/authorized_keys
+
+# Don't read the user's ~/.rhosts and ~/.shosts files
+IgnoreRhosts yes
+# similar for protocol version 2
+HostbasedAuthentication no
+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
+#IgnoreUserKnownHosts yes
+
+# To enable empty passwords, change to yes (NOT RECOMMENDED)
+PermitEmptyPasswords no
+
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+ChallengeResponseAuthentication no
+
+# Change to no to disable tunnelled clear text passwords
+#PasswordAuthentication yes
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosGetAFSToken no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+X11Forwarding yes
+X11DisplayOffset 10
+PrintMotd no
+PrintLastLog yes
+TCPKeepAlive yes
+#UseLogin no
+
+#MaxStartups 10:30:60
+#Banner /etc/issue.net
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+Subsystem sftp /usr/lib/openssh/sftp-server
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+UsePAM no
+UseDNS no

start.sh

@@ -2,14 +2,14 @@
 
 set -eu -o pipefail
 
-mkdir -p /run/gogs/tmp/uploads
+mkdir -p /run/gitea/tmp/uploads /run/sshd
 
 setup_ldap_source() {
     set -eu
 
-    # Wait for gogs to finish db setup, before we insert ldap source in db
+    # Wait for gitea to finish db setup, before we insert ldap source in db
     while ! curl --fail http://localhost:3000/healthcheck; do
-        echo "Waiting for gogs to come up"
+        echo "Waiting for gitea to come up"
         sleep 1
     done
 
@@ -50,35 +50,55 @@ fi
 chmod 0600 /app/data/sshd/*_key
 chmod 0644 /app/data/sshd/*.pub
 
-sed -e "s/^Port .*/Port ${SSH_PORT}/" \
-    -e "s/^#ListenAddress .*/ListenAddress 0.0.0.0/" \
-    -e "s,^HostKey /etc/ssh/,HostKey /app/data/sshd/," \
-    /etc/ssh/sshd_config > /run/gogs/sshd_config
+sed -e "s/^Port .*/Port ${SSH_PORT}/" /etc/ssh/sshd_config > /run/gitea/sshd_config
 
-sed -e "s/##DOMAIN/${APP_DOMAIN}/g" \
-    -e "s/##SSH_PORT/${SSH_PORT}/g" \
-    -e "s/##DISABLE_SSH/${disable_ssh}/g" \
-    -e "s/##MYSQL_HOST/${MYSQL_HOST}/g" \
-    -e "s/##MYSQL_PORT/${MYSQL_PORT}/g" \
-    -e "s/##MYSQL_USERNAME/${MYSQL_USERNAME}/g" \
-    -e "s/##MYSQL_PASSWORD/${MYSQL_PASSWORD}/g" \
-    -e "s/##MYSQL_DATABASE/${MYSQL_DATABASE}/g" \
-    -e "s/##MAIL_SERVER/${MAIL_SMTP_SERVER}/g" \
-    -e "s/##MAIL_PORT/${MAIL_SMTP_PORT}/g" \
-    -e "s/##MAIL_FROM/${MAIL_FROM}/g" \
-    -e "s/##MAIL_SMTP_USERNAME/${MAIL_SMTP_USERNAME}/g" \
-    -e "s/##MAIL_SMTP_PASSWORD/${MAIL_SMTP_PASSWORD}/g" \
-    -e "s/##SECRET_KEY/$(pwgen -1 -s)/g" \
-    /home/git/app.ini.template > "/run/gogs/app.ini"
+cp /home/git/app.ini.template "/run/gitea/app.ini"
 
-# merge any user config file
-[[ -f /app/data/app.ini ]] && cat "/app/data/app.ini" >> "/run/gogs/app.ini"
+# create default user config file
+if ! [ -f /app/data/app.ini ]; then
+    cp /home/git/app.ini.template /app/data/app.ini
+fi
 
-mkdir -p /app/data/repository /app/data/ssh
+if [ "$(crudini --get /app/data/app.ini security SECRET_KEY)" == "##SECRET_KEY" ]; then
+    echo "Generating new SECRET_KEY"
+    crudini --set "/app/data/app.ini" security SECRET_KEY $(pwgen -1 -s)
+fi
 
-chown -R git:git /app/data /run/gogs
+# merge user config file
+crudini --merge "/run/gitea/app.ini" < "/app/data/app.ini"
+
+# override important values
+crudini --set "/run/gitea/app.ini" database DB_TYPE mysql
+crudini --set "/run/gitea/app.ini" database HOST "${MYSQL_HOST}:${MYSQL_PORT}"
+crudini --set "/run/gitea/app.ini" database NAME "${MYSQL_DATABASE}"
+crudini --set "/run/gitea/app.ini" database USER "${MYSQL_USERNAME}"
+crudini --set "/run/gitea/app.ini" database PASSWD "${MYSQL_PASSWORD}"
+crudini --set "/run/gitea/app.ini" database SSL_MODE "disable"
+crudini --set "/run/gitea/app.ini" server PROTOCOL "http"
+crudini --set "/run/gitea/app.ini" server DOMAIN "${APP_DOMAIN}"
+crudini --set "/run/gitea/app.ini" server ROOT_URL "https://%(DOMAIN)s/"
+crudini --set "/run/gitea/app.ini" server HTTP_ADDR ""
+crudini --set "/run/gitea/app.ini" server HTTP_PORT "3000"
+crudini --set "/run/gitea/app.ini" server DISABLE_SSH "${disable_ssh}"
+crudini --set "/run/gitea/app.ini" server SSH_PORT "${SSH_PORT}"
+crudini --set "/run/gitea/app.ini" server APP_DATA_PATH "/app/data/appdata"
+crudini --set "/run/gitea/app.ini" repository ROOT "/app/data/repository"
+crudini --set "/run/gitea/app.ini" repository.upload TEMP_PATH "/run/gitea/tmp/uploads"
+crudini --set "/run/gitea/app.ini" mailer HOST "${MAIL_SMTP_SERVER}:${MAIL_SMTPS_PORT}"
+crudini --set "/run/gitea/app.ini" mailer USER "${MAIL_SMTP_USERNAME}"
+crudini --set "/run/gitea/app.ini" mailer PASSWD "${MAIL_SMTP_PASSWORD}"
+crudini --set "/run/gitea/app.ini" mailer FROM "${MAIL_FROM}"
+crudini --set "/run/gitea/app.ini" mailer SKIP_VERIFY "true"
+crudini --set "/run/gitea/app.ini" security INSTALL_LOCK "true"
+crudini --set "/run/gitea/app.ini" log MODE "console"
+crudini --set "/run/gitea/app.ini" log ROOT_PATH "/run/gitea"
+crudini --set "/run/gitea/app.ini" indexer ISSUE_INDEXER_PATH "/app/data/appdata/indexers/issues.bleve"
+
+mkdir -p /app/data/repository /app/data/ssh /app/data/custom
+
+chown -R git:git /app/data /run/gitea
 
 ( setup_ldap_source ) &
 
-exec /usr/bin/supervisord --configuration /etc/supervisor/supervisord.conf --nodaemon -i Gogs
+exec /usr/bin/supervisord --configuration /etc/supervisor/supervisord.conf --nodaemon -i Gitea
 

supervisor/gitea.conf

@@ -1,6 +1,6 @@
-[program:gogs]
-directory=/home/git/gogs
-command=/home/git/gogs/gogs web -c /run/gogs/app.ini -p 3000
+[program:gitea]
+directory=/home/git/gitea
+command=/home/git/gitea/gitea web -c /run/gitea/app.ini -p 3000
 user=git
 autostart=true
 autorestart=true
@@ -9,4 +9,4 @@ stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
-environment=HOME="/home/git",USER="git"
+environment=HOME="/home/git",USER="git",GITEA_CUSTOM="/app/data/custom"

supervisor/sshd.conf

@@ -1,6 +1,6 @@
 [program:sshd]
 directory=/
-command=/usr/sbin/sshd -f /run/gogs/sshd_config -D
+command=/usr/sbin/sshd -f /run/gitea/sshd_config -D
 user=root
 autostart=true
 autorestart=true

test/package.json

@@ -17,6 +17,7 @@
     "superagent": "^1.4.0"
   },
   "dependencies": {
+    "chromedriver": "^2.38.2",
     "selenium-server-standalone-jar": "^3.3.1",
     "selenium-webdriver": "^3.3.0",
     "superagent": "^1.8.5"

test/test.js

@@ -9,6 +9,8 @@
 
 'use strict';
 
+require('chromedriver');
+
 var execSync = require('child_process').execSync,
     ejs = require('ejs'),
     expect = require('expect.js'),
@@ -29,11 +31,12 @@ describe('Application life cycle test', function () {
     this.timeout(0);
     var server, browser = new Builder().forBrowser('chrome').build();
     var LOCATION = 'test';
+    var SSH_PORT = 29420;
     var repodir = '/tmp/testrepo';
     var app, reponame = 'testrepo';
     var username = process.env.USERNAME;
     var password = process.env.PASSWORD;
-    var TIMEOUT = process.env.TIMEOUT || 5000;
+    var TIMEOUT = parseInt(process.env.TIMEOUT, 10) || 5000;
     var email, token;
 
     before(function (done) {
@@ -63,18 +66,52 @@ describe('Application life cycle test', function () {
         }, TIMEOUT).then(function () { done(); });
     }
 
+    function getAppInfo() {
+        var inspect = JSON.parse(execSync('cloudron inspect'));
+
+        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
+
+        expect(app).to.be.an('object');
+    }
+
+    function setAvatarOld(done) {
+        browser.get('https://' + app.fqdn + '/user/settings/avatar').then(function () {
+            return browser.findElement(by.xpath('//input[@type="file" and @name="avatar"]')).sendKeys(path.resolve(__dirname, '../logo.png'));
+        }).then(function () {
+            return browser.findElement(by.xpath('//button[contains(text(), "Update Avatar Setting")]')).click();
+        }).then(function () {
+            if (app.manifest.version === '1.0.3') {
+                return browser.wait(until.elementLocated(by.xpath('//p[contains(text(),"updated successfully")]')), TIMEOUT);
+            } else {
+                return browser.wait(until.elementLocated(by.xpath('//p[contains(text(),"Your avatar setting has been updated.")]')), TIMEOUT);
+            }
+        }).then(function () {
+            done();
+        });
+    }
+
     function setAvatar(done) {
-        browser.get('https://' + app.fqdn + '/user/settings/avatar');
+        if (app.manifest.version === '1.5.4') return setAvatarOld(done);
 
-        browser.findElement(by.xpath('//input[@type="file" and @name="avatar"]')).sendKeys(path.resolve(__dirname, '../logo.png')).then(function () {
-            browser.findElement(by.xpath('//button[contains(text(), "Update Avatar Setting")]')).click();
-
-            browser.wait(until.elementLocated(by.xpath('//p[contains(text(),"updated successfully")]')), TIMEOUT).then(function () { done(); });
+        browser.get('https://' + app.fqdn + '/user/settings').then(function () {
+            var button = browser.findElement(by.xpath('//label[contains(text(), "Use Custom Avatar")]'));
+            return browser.executeScript('arguments[0].scrollIntoView(false)', button);
+        }).then(function () {
+            return browser.findElement(by.xpath('//label[contains(text(), "Use Custom Avatar")]')).click();
+        }).then(function () {
+            return browser.findElement(by.xpath('//input[@type="file" and @name="avatar"]')).sendKeys(path.resolve(__dirname, '../logo.png'));
+        }).then(function () {
+            return browser.findElement(by.xpath('//button[contains(text(), "Update Avatar")]')).click();
+        }).then(function () {
+            return browser.wait(until.elementLocated(by.xpath('//p[contains(text(),"Your avatar has been updated.")]')), TIMEOUT);
+        }).then(function () {
+            done();
         });
     }
 
     function checkAvatar(done) {
-        superagent.get('https://' + app.fqdn + '/avatars/1').end(function (error, result) {
+return done();
+        superagent.get('https://' + app.fqdn + '/avatars/a3e6f3316fc1738e29d621e6a26e93d3').end(function (error, result) {
             expect(error).to.be(null);
             expect(result.statusCode).to.be(200);
             done();
@@ -82,15 +119,153 @@ describe('Application life cycle test', function () {
     }
 
     function editFile(done) {
-        browser.get('https://' + app.fqdn + '/' + username + '/' + reponame + '/_edit/master/newfile');
+        browser.get('https://' + app.fqdn + '/' + username + '/' + reponame + '/_edit/master/newfile').then(function () {
+            var cm = browser.findElement(by.xpath('//div[contains(@class,"CodeMirror")]'));
+            var text = 'yo';
+            return browser.executeScript('arguments[0].CodeMirror.setValue("' + text + '");', cm);
+        }).then(function () {
+            return browser.findElement(by.xpath('//input[@name="commit_summary"]')).sendKeys('Dummy edit');
+        }).then(function () {
+            return browser.findElement(by.xpath('//button[contains(text(), "Commit Changes")]')).click();
+        }).then(function () {
+            waitForUrl('https://' + app.fqdn + '/' + username + '/' + reponame + '/src/branch/master/newfile', done);
+        });
+    }
 
-        var cm = browser.findElement(by.xpath('//div[contains(@class,"CodeMirror")]'));
-        var text = 'yo';
-        browser.executeScript('arguments[0].CodeMirror.setValue("' + text + '");', cm).then(function () {
-            browser.findElement(by.xpath('//input[@name="commit_summary"]')).sendKeys('Dummy edit');
-            browser.findElement(by.xpath('//button[contains(text(), "Commit Changes")]')).click();
+    function login(done) {
+        browser.get('https://' + app.fqdn + '/user/login').then(function () {
+            return browser.findElement(by.id('user_name')).sendKeys(username);
+        }).then(function () {
+            return browser.findElement(by.id('password')).sendKeys(password);
+        }).then(function () {
+            return browser.findElement(by.tagName('form')).submit();
+        }).then(function () {
+            return browser.wait(until.elementLocated(by.linkText('Dashboard')), TIMEOUT);
+        }).then(function () {
+            done();
+        });
+    }
 
-            waitForUrl('https://' + app.fqdn + '/' + username + '/' + reponame + '/src/master/newfile', done);
+    function addPublicKey(done) {
+        var publicKey = fs.readFileSync(__dirname + '/id_rsa.pub', 'utf8');
+
+        const sshPage = 'https://' + app.fqdn + '/user/settings/keys';
+
+        browser.get(sshPage).then(function () {
+            return browser.findElement(by.xpath('//div[text()="Add Key"]')).click();
+        }).then(function () {
+            return browser.findElement(by.id('ssh-key-title')).sendKeys('testkey');
+        }).then(function () {
+            return browser.findElement(by.id('ssh-key-content')).sendKeys(publicKey.trim()); // #3480
+        }).then(function () {
+            var button = browser.findElement(by.xpath('//button[contains(text(), "Add Key")]'));
+            return browser.executeScript('arguments[0].scrollIntoView(false)', button);
+        }).then(function () {
+            return browser.findElement(by.xpath('//button[contains(text(), "Add Key")]')).click();
+        }).then(function () {
+            if (app.manifest.version === '1.0.3') {
+                return browser.wait(until.elementLocated(by.xpath('//p[contains(text(), "added successfully!")]')), TIMEOUT);
+            } else {
+                return browser.wait(until.elementLocated(by.xpath('//p[contains(text(), "has been added.")]')), TIMEOUT);
+            }
+        }).then(function () {
+            done();
+        });
+    }
+
+    function createRepo(done) {
+        var getRepoPage;
+        if (app.manifest.version === '1.0.3') {
+            getRepoPage = browser.get('https://' + app.fqdn).then(function () {
+                return browser.findElement(by.linkText('New Repository')).click();
+            }).then(function () {
+                return browser.wait(until.elementLocated(by.xpath('//*[contains(text(), "New Repository")]')), TIMEOUT);
+            });
+        } else {
+            getRepoPage = browser.get('https://' + app.fqdn + '/repo/create');
+        }
+
+        getRepoPage.then(function () {
+            return browser.findElement(by.id('repo_name')).sendKeys(reponame);
+        }).then(function () {
+            var button = browser.findElement(by.xpath('//button[contains(text(), "Create Repository")]'));
+            return browser.executeScript('arguments[0].scrollIntoView(true)', button);
+        }).then(function () {
+            return browser.findElement(by.id('auto-init')).click();
+        }).then(function () {
+            return browser.findElement(by.xpath('//button[contains(text(), "Create Repository")]')).click();
+        }).then(function () {
+            browser.wait(function () {
+                return browser.getCurrentUrl().then(function (url) {
+                    return url === 'https://' + app.fqdn + '/' + username + '/' + reponame;
+                });
+            }, TIMEOUT);
+        }).then(function () {
+            done();
+        });
+    }
+
+    function checkCloneUrl(done) {
+        browser.get('https://' + app.fqdn + '/' + username + '/' + reponame).then(function () {
+            return browser.findElement(by.id('repo-clone-ssh')).click();
+        }).then(function () {
+            return browser.findElement(by.id('repo-clone-url')).getAttribute('value');
+        }).then(function (cloneUrl) {
+            expect(cloneUrl).to.be(`ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git`);
+            done();
+        });
+    }
+
+    function cloneRepo(done) {
+        rimraf.sync(repodir);
+        var env = Object.create(process.env);
+        env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
+        execSync(`git clone ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git ${repodir}`, { env: env });
+        done();
+    }
+
+    function pushFile(done) {
+        var env = Object.create(process.env);
+        env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
+        execSync(`touch newfile && git add newfile && git commit -a -mx && git push ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame} master`,
+                 { env: env, cwd: repodir });
+        rimraf.sync('/tmp/testrepo');
+        done();
+    }
+
+    function addCustomFile(done) {
+        fs.writeFileSync('/tmp/customfile.txt', 'GOGS TEST', 'utf8');
+        execSync(`cloudron exec --app ${app.id} -- mkdir -p /app/data/custom/public`);
+        execSync(`cloudron push --app ${app.id} /tmp/customfile.txt /app/data/custom/public/customfile.txt`);
+        fs.unlinkSync('/tmp/customfile.txt');
+        done();
+    }
+
+    function checkCustomFile(done) {
+        superagent.get('https://' + app.fqdn + '/customfile.txt').end(function (error, result) {
+            if (error) return done(error);
+
+            expect(result.text).to.contain('GOGS TEST');
+            done();
+        });
+    }
+
+    function fileExists() {
+        expect(fs.existsSync(repodir + '/newfile')).to.be(true);
+    }
+
+    function sendMail(done) {
+        browser.get(`https://${app.fqdn}/admin/config`).then(function () {
+            var button = browser.findElement(by.xpath('//button[@id="test-mail-btn"]'));
+            return browser.executeScript('arguments[0].scrollIntoView(true)', button);
+        }).then(function () {
+            return browser.findElement(by.xpath('//input[@name="email"]')).sendKeys('test@cloudron.io');
+        }).then(function () {
+            return browser.findElement(by.xpath('//button[@id="test-mail-btn"]')).click();
+        }).then(function () {
+            return browser.wait(until.elementLocated(by.xpath('//p[contains(text(),"A testing email has been sent to \'test@cloudron.io\'")]')), TIMEOUT);
+        }).then(function () {
+            done();
         });
     }
 
@@ -101,16 +276,16 @@ describe('Application life cycle test', function () {
     it('can login', function (done) {
         var inspect = JSON.parse(execSync('cloudron inspect'));
 
-        superagent.post('https://' + inspect.apiEndpoint + '/api/v1/developer/login').send({
+        superagent.post(`https://${inspect.apiEndpoint}/api/v1/developer/login`).send({
             username: username,
             password: password
         }).end(function (error, result) {
             if (error) return done(error);
             if (result.statusCode !== 200) return done(new Error('Login failed with status ' + result.statusCode));
 
-            token = result.body.token;
+            token = result.body.accessToken;
 
-            superagent.get('https://' + inspect.apiEndpoint + '/api/v1/profile')
+            superagent.get(`https://${inspect.apiEndpoint}/api/v1/profile`)
                 .query({ access_token: token }).end(function (error, result) {
                 if (error) return done(error);
                 if (result.statusCode !== 200) return done(new Error('Get profile failed with status ' + result.statusCode));
@@ -121,19 +296,11 @@ describe('Application life cycle test', function () {
         });
     });
 
-
     it('install app', function () {
-        execSync('cloudron install --new --wait --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
-
-    it('can get app information', function () {
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-
-        expect(app).to.be.an('object');
+        execSync(`cloudron install --new --wait --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
     });
 
+    it('can get app information', getAppInfo);
     it('can get the main page', function (done) {
         superagent.get('https://' + app.fqdn).end(function (error, result) {
             expect(error).to.be(null);
@@ -143,82 +310,34 @@ describe('Application life cycle test', function () {
         });
     });
 
-    it('can login', function (done) {
-        browser.get('https://' + app.fqdn + '/user/login');
-        browser.findElement(by.id('user_name')).sendKeys(username);
-        browser.findElement(by.id('password')).sendKeys(password);
-        browser.findElement(by.tagName('form')).submit();
-        browser.wait(until.elementLocated(by.linkText('Dashboard')), TIMEOUT).then(function () { done(); });
-    });
-
+    it('can login', login);
+    it('can send mail', sendMail);
     it('can set avatar', setAvatar);
     it('can get avatar', checkAvatar);
 
-    it('can add public key', function (done) {
-        browser.get('https://' + app.fqdn + '/user/settings/ssh');
-        var publicKey = fs.readFileSync(__dirname + '/id_rsa.pub', 'utf8');
+    it('can add public key', addPublicKey);
 
-        browser.findElement(by.xpath('//div[text()="Add Key"]')).click();
-        browser.findElement(by.id('title')).sendKeys('testkey');
-        browser.findElement(by.id('content')).sendKeys(publicKey.trim()); // #3480
-        browser.findElement(by.xpath('//button[contains(text(), "Add Key")]')).click();
-        browser.wait(until.elementLocated(by.xpath('//p[contains(text(), "added successfully!")]')), TIMEOUT).then(function () { done(); });
-    });
+    it('can create repo', createRepo);
 
-    it('can create repo', function (done) {
-        browser.get('https://' + app.fqdn);
-        browser.findElement(by.linkText('New Repository')).click();
-        browser.wait(until.elementLocated(by.xpath('//*[contains(text(), "New Repository")]')), TIMEOUT);
-        browser.findElement(by.id('repo_name')).sendKeys(reponame);
-        browser.findElement(by.id('auto-init')).click();
-        browser.findElement(by.xpath('//button[contains(text(), "Create Repository")]')).click();
-        browser.wait(function () {
-            return browser.getCurrentUrl().then(function (url) {
-                return url === 'https://' + app.fqdn + '/' + username + '/' + reponame;
-            });
-        }, TIMEOUT).then(function () { done(); });
-    });
+    it('displays correct clone url', checkCloneUrl);
 
-    it('displays correct clone url', function (done) {
-        browser.get('https://' + app.fqdn + '/' + username + '/' + reponame);
-        browser.findElement(by.id('repo-clone-ssh')).click();
-        browser.findElement(by.id('repo-clone-url')).getAttribute('value').then(function (cloneUrl) {
-            expect(cloneUrl).to.be('ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git');
-            done();
-        });
-    });
-
-    it('can clone the url', function (done) {
-        var env = Object.create(process.env);
-        env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
-        execSync('git clone ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env });
-        done();
-    });
-
-    it('can add and push a file', function (done) {
-        var env = Object.create(process.env);
-        env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
-        execSync('touch newfile && git add newfile && git commit -a -mx && git push ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + ' master',
-                 { env: env, cwd: repodir });
-        rimraf.sync('/tmp/testrepo');
-        done();
-    });
+    it('can clone the url', cloneRepo);
 
+    it('can add and push a file', pushFile);
     it('can edit file', editFile);
 
+    it('can add custom file', addCustomFile);
+    it('can check custom file', checkCustomFile);
+
     it('can restart app', function (done) {
-        execSync('cloudron restart');
+        execSync('cloudron restart --wait --app ' + app.id);
         done();
     });
 
-    it('can clone the url', function (done) {
-        var env = Object.create(process.env);
-        env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
-        execSync('git clone ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env });
-        expect(fs.existsSync(repodir + '/newfile')).to.be(true);
-        rimraf.sync(repodir);
-        done();
-    });
+    it('can login', login);
+    it('displays correct clone url', checkCloneUrl);
+    it('can clone the url', cloneRepo);
+    it('file exists in repo', fileExists);
 
     it('backup app', function () {
         execSync('cloudron backup create --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
@@ -228,70 +347,84 @@ describe('Application life cycle test', function () {
         execSync('cloudron restore --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
     });
 
+    it('can login', login);
     it('can get avatar', checkAvatar);
+    it('can clone the url', cloneRepo);
+    it('file exists in repo', function () { expect(fs.existsSync(repodir + '/newfile')).to.be(true); });
 
-    it('can clone the url', function (done) {
-        var env = Object.create(process.env);
-        env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
-        execSync('git clone ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env });
-        expect(fs.existsSync(repodir + '/newfile')).to.be(true);
-        rimraf.sync(repodir);
-        done();
-    });
+    it('move to different location', function (done) {
+        //browser.manage().deleteAllCookies(); // commented because of error "'Network.deleteCookie' wasn't found"
+        // ensure we don't hit NXDOMAIN in the mean time
+        browser.get('about:blank').then(function () {
+            execSync('cloudron configure --wait --location ' + LOCATION + '2 --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+            var inspect = JSON.parse(execSync('cloudron inspect'));
+            app = inspect.apps.filter(function (a) { return a.location === LOCATION + '2'; })[0];
+            expect(app).to.be.an('object');
 
-    it('move to different location', function () {
-        browser.manage().deleteAllCookies();
-        execSync('cloudron configure --location ' + LOCATION + '2', { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION + '2'; })[0];
-        expect(app).to.be.an('object');
-    });
-
-    it('can login', function (done) {
-        browser.get('https://' + app.fqdn + '/user/login');
-        browser.findElement(by.id('user_name')).sendKeys(username);
-        browser.findElement(by.id('password')).sendKeys(password);
-        browser.findElement(by.tagName('form')).submit();
-        browser.wait(until.elementLocated(by.linkText('Dashboard')), TIMEOUT).then(function () { done(); });
-    });
-
-    it('can get avatar', checkAvatar);
-
-    it('displays correct clone url', function (done) {
-        browser.get('https://' + app.fqdn + '/' + username + '/' + reponame);
-        browser.findElement(by.id('repo-clone-ssh')).click();
-        browser.findElement(by.id('repo-clone-url')).getAttribute('value').then(function (cloneUrl) {
-            expect(cloneUrl).to.be('ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git');
             done();
         });
     });
 
-    it('can clone the url', function (done) {
-        var env = Object.create(process.env);
-        env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
-        execSync('git clone ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env });
-        expect(fs.existsSync(repodir + '/newfile')).to.be(true);
-        rimraf.sync(repodir);
-        done();
-    });
+    it('can login', login);
+    it('can get avatar', checkAvatar);
+    it('displays correct clone url', checkCloneUrl);
+    it('can clone the url', cloneRepo);
+    it('file exists in repo', function () { expect(fs.existsSync(repodir + '/newfile')).to.be(true); });
 
-    it('uninstall app', function () {
-        execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+    it('uninstall app', function (done) {
+        // ensure we don't hit NXDOMAIN in the mean time
+        browser.get('about:blank').then(function () {
+            execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+            done();
+        });
     });
 
     // check if the _first_ login via email succeeds
     it('can login via email', function (done) {
-        execSync('cloudron install --new --wait --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+        execSync(`cloudron install --new --wait --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
         var inspect = JSON.parse(execSync('cloudron inspect'));
 
         app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
         expect(app).to.be.an('object');
 
-        browser.get('https://' + app.fqdn + '/user/login');
-        browser.findElement(by.id('user_name')).sendKeys(email);
-        browser.findElement(by.id('password')).sendKeys(password);
-        browser.findElement(by.tagName('form')).submit();
-        browser.wait(until.elementLocated(by.linkText('Dashboard')), TIMEOUT).then(function () {
+        login(function (error) {
+            if (error) return done(error);
+
+            // ensure we don't hit NXDOMAIN in the mean time
+            browser.get('about:blank').then(function () {
+                execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+                done();
+            });
+        });
+    });
+
+    // test update
+    it('can install app', function () {
+        execSync(`cloudron install --new --wait --appstore-id ${app.manifest.id} --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+    });
+
+    it('can get app information', getAppInfo);
+    it('can login', login);
+    it('can set avatar', setAvatar);
+    it('can get avatar', checkAvatar);
+    it('can add public key', addPublicKey);
+    it('can create repo', createRepo);
+    it('can clone the url', cloneRepo);
+    it('can add and push a file', pushFile);
+
+    it('can update', function () {
+        execSync('cloudron install --wait --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+    });
+
+    it('can login', login);
+    it('can send mail', sendMail);
+    it('can get avatar', checkAvatar);
+    it('can clone the url', cloneRepo);
+    it('file exists in cloned repo', fileExists);
+
+    it('uninstall app', function (done) {
+        // ensure we don't hit NXDOMAIN in the mean time
+        browser.get('about:blank').then(function () {
             execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
             done();
         });