Fix test

CHANGELOG.md

@@ -1649,226 +1649,3 @@
 * Fix basic auth with webauthn (#32531) (#32536)
 * Refactor internal routers (partial backport, auth token const time comparing) (#32473) (#32479)
 
-[1.33.5]
-* Update gitea to 1.22.5
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.22.5)
-* Upgrade crypto library ([#​32791](https://github.com/go-gitea/gitea/issues/32791))
-* Fix delete branch perm checking ([#​32654](https://github.com/go-gitea/gitea/issues/32654)) ([#​32707](https://github.com/go-gitea/gitea/issues/32707))
-* Add standard-compliant route to serve outdated R packages ([#​32783](https://github.com/go-gitea/gitea/issues/32783)) ([#​32789](https://github.com/go-gitea/gitea/issues/32789))
-* Fix internal server error when updating labels without write permission ([#​32776](https://github.com/go-gitea/gitea/issues/32776)) ([#​32785](https://github.com/go-gitea/gitea/issues/32785))
-* Add Swift login endpoint ([#​32693](https://github.com/go-gitea/gitea/issues/32693)) ([#​32701](https://github.com/go-gitea/gitea/issues/32701))
-* Fix fork page branch selection ([#​32711](https://github.com/go-gitea/gitea/issues/32711)) ([#​32725](https://github.com/go-gitea/gitea/issues/32725))
-* Fix word overflow in file search page ([#​32695](https://github.com/go-gitea/gitea/issues/32695)) ([#​32699](https://github.com/go-gitea/gitea/issues/32699))
-* Fix gogit `GetRefCommitID` ([#​32705](https://github.com/go-gitea/gitea/issues/32705)) ([#​32712](https://github.com/go-gitea/gitea/issues/32712))
-* Fix race condition in mermaid observer ([#​32599](https://github.com/go-gitea/gitea/issues/32599)) ([#​32673](https://github.com/go-gitea/gitea/issues/32673))
-* Fixe a keystring misuse and refactor duplicates keystrings ([#​32668](https://github.com/go-gitea/gitea/issues/32668)) ([#​32792](https://github.com/go-gitea/gitea/issues/32792))
-* Bump relative-time-element to v4.4.4 ([#​32739](https://github.com/go-gitea/gitea/issues/32739))
-* Make wiki pages visit fast ([#​32732](https://github.com/go-gitea/gitea/issues/32732)) ([#​32745](https://github.com/go-gitea/gitea/issues/32745))
-* Don't create action when syncing mirror pull refs ([#​32659](https://github.com/go-gitea/gitea/issues/32659)) ([#​32664](https://github.com/go-gitea/gitea/issues/32664))
-
-[1.33.6]
-* Update gitea to 1.22.6
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.22.6)
-* Fix misuse of PublicKeyCallback([#​32810](https://github.com/go-gitea/gitea/issues/32810))
-* Fix lfs migration ([#​32812](https://github.com/go-gitea/gitea/issues/32812)) ([#​32818](https://github.com/go-gitea/gitea/issues/32818))
-* Add missing two sync feed for refs/pull ([#​32815](https://github.com/go-gitea/gitea/issues/32815))
-* Avoid MacOS keychain dialog in integration tests ([#​32813](https://github.com/go-gitea/gitea/issues/32813)) ([#​32816](https://github.com/go-gitea/gitea/issues/32816))
-
-[1.34.0]
-* Update gitea to 1.23.0
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.0)
-* Rename config option `[camo].Allways` to `[camo].Always` ([#​32097](https://github.com/go-gitea/gitea/issues/32097))
-* Remove SHA1 for support for SSH RSA signing ([#​31857](https://github.com/go-gitea/gitea/issues/31857))
-* Use UTC as the default timezone when scheduling Actions cron tasks ([#​31742](https://github.com/go-gitea/gitea/issues/31742))
-* Delete Actions logs older than 1 year by default ([#​31735](https://github.com/go-gitea/gitea/issues/31735))
-* Make OIDC introspection authentication strictly require Client ID and secret ([#​31632](https://github.com/go-gitea/gitea/issues/31632))
-* Include file extension checks in attachment API ([#​32151](https://github.com/go-gitea/gitea/issues/32151))
-
-[1.34.1]
-* Update gitea to 1.23.1
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.1)
-* Move repo size to sidebar ([#​33155](https://github.com/go-gitea/gitea/issues/33155))
-* Fix editor markdown not incrementing in a numbered list ([#​33187](https://github.com/go-gitea/gitea/issues/33187)) [#​33193](https://github.com/go-gitea/gitea/issues/33193)
-
-[1.34.2]
-* Update gitea to 1.23.3
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.3)
-* Build Gitea with Golang v1.23.6 to fix security bugs
-* Fix a bug caused by status webhook template #33512
-
-[1.34.3]
-* Update gitea to 1.23.4
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.4)
-* Enhance routers for the Actions variable operations (#33547) (#33553)
-* Enhance routers for the Actions runner operations (#33549) (#33555)
-* Fix project issues list and counting (#33594) #33619
-* Add a transaction to pickTask (#33543) (#33563)
-* Fix mirror bug (#33597) (#33607)
-* Use default Git timeout when checking repo health (#33593) (#33598)
-* Fix PR's target branch dropdown (#33589) (#33591)
-* Fix various problems (artifact order, api empty slice, assignee check, fuzzy prompt, mirror proxy, adopt git) (#33569) (#33577)
-* Rework suggestion backend (#33538) (#33546)
-* Fix context usage (#33554) (#33557)
-
-[1.34.4]
-* Update gitea to 1.23.5
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.5)
-* Compile with Go 1.24.1
-* Bump x/oauth2 & x/crypto (#33704) (#33727)
-* Optimize user dashboard loading (#33686) (#33708)
-* Fix navbar dropdown item align (#33782)
-* Fix inconsistent closed issue list icon (#33722) (#33728)
-* Fix for Maven Package Naming Convention Handling (#33678) (#33679)
-* Improve Open-with URL encoding (#33666) (#33680)
-* Deleting repository should unlink all related packages (#33653) (#33673)
-* Fix omitempty bug (#33663) (#33670)
-* Upgrade go-crypto from 1.1.4 to 1.1.6 (#33745) (#33754)
-* Fix OCI image.version annotation for releases to use full semver (#33698) (#33701)
-* Try to fix ACME path when renew (#33668) (#33693)
-* Fix mCaptcha bug (#33659) (#33661)
-* Git graph: don't show detached commits (#33645) (#33650)
-
-[1.35.0]
-* Base image 5
-
-[1.35.1]
-* Fix hard coded mysql hostname
-
-[1.35.2]
-* Update gitea to 1.23.6
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.6)
-* Fix LFS URL (#33840) (#33843)
-* Update jwt and redis packages (#33984) (#33987)
-* Update golang crypto and net (#33989)
-* Drop timeout for requests made to the internal hook api (#33947) (#33970)
-* Fix maven panic when no package exists (#33888) (#33889)
-* Fix markdown render (#33870) (#33875)
-* Fix auto concurrency cancellation skips commit status updates (#33764) (#33849)
-* Fix oauth2 auth (#33961) (#33962)
-
-[1.35.3]
-* Update gitea to 1.23.7
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.7)
-* Compile with Go 1.23.8
-* Add a config option to block "expensive" pages for anonymous users ([#​34024](https://github.com/go-gitea/gitea/issues/34024)) ([#​34071](https://github.com/go-gitea/gitea/issues/34071))
-* Also check default ssh-cert location for host ([#​34099](https://github.com/go-gitea/gitea/issues/34099)) ([#​34100](https://github.com/go-gitea/gitea/issues/34100)) ([#​34116](https://github.com/go-gitea/gitea/issues/34116))
-* Fix discord webhook 400 status code when description limit is exceeded ([#​34084](https://github.com/go-gitea/gitea/issues/34084)) ([#​34124](https://github.com/go-gitea/gitea/issues/34124))
-* Get changed files based on merge base when checking `pull_request` actions trigger ([#​34106](https://github.com/go-gitea/gitea/issues/34106)) ([#​34120](https://github.com/go-gitea/gitea/issues/34120))
-* Fix invalid version in RPM package path ([#​34112](https://github.com/go-gitea/gitea/issues/34112)) ([#​34115](https://github.com/go-gitea/gitea/issues/34115))
-* Return default avatar url when user id is zero rather than updating database ([#​34094](https://github.com/go-gitea/gitea/issues/34094)) ([#​34095](https://github.com/go-gitea/gitea/issues/34095))
-* Add additional ReplaceAll in pathsep to cater for different pathsep ([#​34061](https://github.com/go-gitea/gitea/issues/34061)) ([#​34070](https://github.com/go-gitea/gitea/issues/34070))
-* Try to fix check-attr bug ([#​34029](https://github.com/go-gitea/gitea/issues/34029)) ([#​34033](https://github.com/go-gitea/gitea/issues/34033))
-* Git client will follow 301 but 307 ([#​34005](https://github.com/go-gitea/gitea/issues/34005)) ([#​34010](https://github.com/go-gitea/gitea/issues/34010))
-
-[1.35.4]
-* Update gitea to 1.23.8
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.8)
-* Fix a bug when uploading file via lfs ssh command ([#34408](https://github.com/go-gitea/gitea/issues/34408)) ([#34411](https://github.com/go-gitea/gitea/issues/34411))
-* Update net package ([#34228](https://github.com/go-gitea/gitea/issues/34228)) ([#34232](https://github.com/go-gitea/gitea/issues/34232))
-* Fix releases sidebar navigation link ([#34436](https://github.com/go-gitea/gitea/issues/34436)) [#34439](https://github.com/go-gitea/gitea/issues/34439)
-* Fix bug webhook milestone is not right. ([#34419](https://github.com/go-gitea/gitea/issues/34419)) [#34429](https://github.com/go-gitea/gitea/issues/34429)
-* Fix two missed null value checks on the wiki page. ([#34205](https://github.com/go-gitea/gitea/issues/34205)) ([#34215](https://github.com/go-gitea/gitea/issues/34215))
-* Swift files can be passed either as file or as form value ([#34068](https://github.com/go-gitea/gitea/issues/34068)) ([#34236](https://github.com/go-gitea/gitea/issues/34236))
-* Fix bug when API get pull changed files for deleted head repository ([#34333](https://github.com/go-gitea/gitea/issues/34333)) ([#34368](https://github.com/go-gitea/gitea/issues/34368))
-* Upgrade github v61 -> v71 to fix migrating bug ([#34389](https://github.com/go-gitea/gitea/issues/34389))
-* Fix bug when visiting comparation page ([#34334](https://github.com/go-gitea/gitea/issues/34334)) ([#34364](https://github.com/go-gitea/gitea/issues/34364))
-* Fix wrong review requests when updating the pull request ([#34286](https://github.com/go-gitea/gitea/issues/34286)) ([#34304](https://github.com/go-gitea/gitea/issues/34304))
-
-[1.35.5]
-* Update gitea to 1.23.8
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.8)
-* Fix a bug when uploading file via lfs ssh command ([#34408](https://github.com/go-gitea/gitea/issues/34408)) ([#34411](https://github.com/go-gitea/gitea/issues/34411))
-* Update net package ([#34228](https://github.com/go-gitea/gitea/issues/34228)) ([#34232](https://github.com/go-gitea/gitea/issues/34232))
-* Fix releases sidebar navigation link ([#34436](https://github.com/go-gitea/gitea/issues/34436)) [#34439](https://github.com/go-gitea/gitea/issues/34439)
-* Fix bug webhook milestone is not right. ([#34419](https://github.com/go-gitea/gitea/issues/34419)) [#34429](https://github.com/go-gitea/gitea/issues/34429)
-* Fix two missed null value checks on the wiki page. ([#34205](https://github.com/go-gitea/gitea/issues/34205)) ([#34215](https://github.com/go-gitea/gitea/issues/34215))
-* Swift files can be passed either as file or as form value ([#34068](https://github.com/go-gitea/gitea/issues/34068)) ([#34236](https://github.com/go-gitea/gitea/issues/34236))
-* Fix bug when API get pull changed files for deleted head repository ([#34333](https://github.com/go-gitea/gitea/issues/34333)) ([#34368](https://github.com/go-gitea/gitea/issues/34368))
-* Upgrade github v61 -> v71 to fix migrating bug ([#34389](https://github.com/go-gitea/gitea/issues/34389))
-* Fix bug when visiting comparation page ([#34334](https://github.com/go-gitea/gitea/issues/34334)) ([#34364](https://github.com/go-gitea/gitea/issues/34364))
-* Fix wrong review requests when updating the pull request ([#34286](https://github.com/go-gitea/gitea/issues/34286)) ([#34304](https://github.com/go-gitea/gitea/issues/34304))
-
-[1.36.0]
-* Update gitea to 1.24.0
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.0)
-* Make Gitea always use its internal config, ignore `/etc/gitconfig` ([#33076](https://github.com/go-gitea/gitea/issues/33076))
-* Improve log format ([#33814](https://github.com/go-gitea/gitea/issues/33814))
-* Fix markdown render behaviors ([#34122](https://github.com/go-gitea/gitea/issues/34122))
-* Add package version api endpoints ([#34173](https://github.com/go-gitea/gitea/issues/34173))
-* Enforce two-factor auth (2FA: TOTP or WebAuthn) ([#34187](https://github.com/go-gitea/gitea/issues/34187))
-* Add fullscreen mode as a more efficient operation way to view projects ([#34081](https://github.com/go-gitea/gitea/issues/34081))
-* Add anonymous access support for private/unlisted repositories ([#34051](https://github.com/go-gitea/gitea/issues/34051))
-* Support public code/issue access for private repositories ([#33127](https://github.com/go-gitea/gitea/issues/33127))
-* Add middleware for request prioritization ([#33951](https://github.com/go-gitea/gitea/issues/33951))
-* Add cli flags LDAP group configuration ([#33933](https://github.com/go-gitea/gitea/issues/33933))
-
-[1.36.1]
-* Update gitea to 1.24.1
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.1)
-* Improve alignment of commit status icon on commit page ([#​34750](https://github.com/go-gitea/gitea/issues/34750)) ([#​34757](https://github.com/go-gitea/gitea/issues/34757))
-* Support title and body query parameters for new MRs ([#​34537](https://github.com/go-gitea/gitea/issues/34537)) ([#​34752](https://github.com/go-gitea/gitea/issues/34752))
-* When using rules to delete packages, remove unclean bugs ([#​34632](https://github.com/go-gitea/gitea/issues/34632)) ([#​34761](https://github.com/go-gitea/gitea/issues/34761))
-* Fix ghost user in feeds when pushing in an actions, it should be gitea-actions ([#​34703](https://github.com/go-gitea/gitea/issues/34703)) ([#​34756](https://github.com/go-gitea/gitea/issues/34756))
-* Prevent double markdown link brackets when pasting URL ([#​34745](https://github.com/go-gitea/gitea/issues/34745)) ([#​34748](https://github.com/go-gitea/gitea/issues/34748))
-* Prevent duplicate form submissions when creating forks ([#​34714](https://github.com/go-gitea/gitea/issues/34714)) ([#​34735](https://github.com/go-gitea/gitea/issues/34735))
-* Fix markdown wrap ([#​34697](https://github.com/go-gitea/gitea/issues/34697)) ([#​34702](https://github.com/go-gitea/gitea/issues/34702))
-* Fix pull requests API convert panic when head repository is deleted. ([#​34685](https://github.com/go-gitea/gitea/issues/34685)) ([#​34687](https://github.com/go-gitea/gitea/issues/34687))
-* Fix commit message rendering and some UI problems ([#​34680](https://github.com/go-gitea/gitea/issues/34680)) ([#​34683](https://github.com/go-gitea/gitea/issues/34683))
-* Fix container range bug ([#​34725](https://github.com/go-gitea/gitea/issues/34725)) ([#​34732](https://github.com/go-gitea/gitea/issues/34732))
-
-[1.36.2]
-* Update gitea to 1.24.2
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.2)
-* Fix container range bug ([#​34795](https://github.com/go-gitea/gitea/issues/34795)) ([#​34796](https://github.com/go-gitea/gitea/issues/34796))
-* Upgrade chi to v5.2.2 ([#​34798](https://github.com/go-gitea/gitea/issues/34798)) ([#​34799](https://github.com/go-gitea/gitea/issues/34799))
-
-[1.36.3]
-* With Cloudron OIDC, disable registration by default on new installation
-* Without Cloudron OIDC, enable registration by default and add checklist item
-
-[1.36.4]
-* Update gitea to 1.24.3
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.3)
-* Fix form property assignment edge case ([#​35073](https://github.com/go-gitea/gitea/issues/35073)) ([#​35078](https://github.com/go-gitea/gitea/issues/35078))
-* Improve submodule relative path handling ([#​35056](https://github.com/go-gitea/gitea/issues/35056)) ([#​35075](https://github.com/go-gitea/gitea/issues/35075))
-* Fix incorrect comment diff hunk parsing, fix github asset ID nil panic ([#​35046](https://github.com/go-gitea/gitea/issues/35046)) ([#​35055](https://github.com/go-gitea/gitea/issues/35055))
-* Fix updating user visibility ([#​35036](https://github.com/go-gitea/gitea/issues/35036)) ([#​35044](https://github.com/go-gitea/gitea/issues/35044))
-* Support base64-encoded agit push options ([#​35037](https://github.com/go-gitea/gitea/issues/35037)) ([#​35041](https://github.com/go-gitea/gitea/issues/35041))
-* Make submodule link work with relative path ([#​35034](https://github.com/go-gitea/gitea/issues/35034)) ([#​35038](https://github.com/go-gitea/gitea/issues/35038))
-* Fix bug when displaying git user avatar in commits list ([#​35006](https://github.com/go-gitea/gitea/issues/35006))
-* Fix API response for swagger spec ([#​35029](https://github.com/go-gitea/gitea/issues/35029))
-* Start automerge check again after the conflict check and the schedule ([#​34988](https://github.com/go-gitea/gitea/issues/34988)) ([#​35002](https://github.com/go-gitea/gitea/issues/35002))
-* Fix the response format for actions/workflows ([#​35009](https://github.com/go-gitea/gitea/issues/35009)) ([#​35016](https://github.com/go-gitea/gitea/issues/35016))
-
-[1.36.5]
-* Update gitea to 1.24.4
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.4)
-* Fix various bugs (1.24) ([#​35186](https://github.com/go-gitea/gitea/issues/35186))
-* Fix migrate input box bug ([#​35166](https://github.com/go-gitea/gitea/issues/35166)) ([#​35171](https://github.com/go-gitea/gitea/issues/35171))
-* Only hide dropzone when no files have been uploaded ([#​35156](https://github.com/go-gitea/gitea/issues/35156)) ([#​35167](https://github.com/go-gitea/gitea/issues/35167))
-* Fix review comment/dimiss comment x reference can be refereced back ([#​35094](https://github.com/go-gitea/gitea/issues/35094)) ([#​35099](https://github.com/go-gitea/gitea/issues/35099))
-* Fix submodule nil check ([#​35096](https://github.com/go-gitea/gitea/issues/35096)) ([#​35098](https://github.com/go-gitea/gitea/issues/35098))
-* Don't use full-file highlight when there is a git diff textconv ([#​35114](https://github.com/go-gitea/gitea/issues/35114)) ([#​35119](https://github.com/go-gitea/gitea/issues/35119))
-* Increase gap on latest commit ([#​35104](https://github.com/go-gitea/gitea/issues/35104)) ([#​35113](https://github.com/go-gitea/gitea/issues/35113))
-
-[1.36.6]
-* Update gitea to 1.24.5
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.5)
-* Fix a bug where lfs gc never worked. (#35198) (#35255)
-* Reload issue when sending webhook to make num comments is right. (#35243) (#35248)
-* Fix bug when review pull request commits (#35192) (#35246)
-
-[1.36.7]
-* Update gitea to 1.24.6
-* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.6)
-* Upgrade xz to v0.5.15 ([#35385](https://github.com/go-gitea/gitea/issues/35385))
-* Fix a compare page 404 bug when the pull request disabled ([#35441](https://github.com/go-gitea/gitea/issues/35441)) ([#35453](https://github.com/go-gitea/gitea/issues/35453))
-* Fix bug when issue disabled, pull request number in the commit message cannot be redirected ([#35420](https://github.com/go-gitea/gitea/issues/35420)) ([#35442](https://github.com/go-gitea/gitea/issues/35442))
-* Add author.name field to Swift Package Registry API response ([#35410](https://github.com/go-gitea/gitea/issues/35410)) ([#35431](https://github.com/go-gitea/gitea/issues/35431))
-* Remove usernames when empty in discord webhook ([#35412](https://github.com/go-gitea/gitea/issues/35412)) ([#35417](https://github.com/go-gitea/gitea/issues/35417))
-* Allow foreachref parser to grow its buffer ([#35365](https://github.com/go-gitea/gitea/issues/35365)) ([#35376](https://github.com/go-gitea/gitea/issues/35376))
-* Allow deleting comment with content via API like web did ([#35346](https://github.com/go-gitea/gitea/issues/35346)) ([#35354](https://github.com/go-gitea/gitea/issues/35354))
-* Fix atom/rss mixed error ([#35345](https://github.com/go-gitea/gitea/issues/35345)) ([#35347](https://github.com/go-gitea/gitea/issues/35347))
-* Fix review request webhook bug ([#35339](https://github.com/go-gitea/gitea/issues/35339))
-* Remove duplicate html IDs ([#35210](https://github.com/go-gitea/gitea/issues/35210)) ([#35325](https://github.com/go-gitea/gitea/issues/35325))
-

CloudronManifest.json

@@ -4,8 +4,8 @@
   "author": "Gitea developers",
   "description": "file://DESCRIPTION.md",
   "tagline": "A painless self-hosted Git Service",
-  "version": "1.36.7",
-  "upstreamVersion": "1.24.6",
+  "version": "1.33.4",
+  "upstreamVersion": "1.22.4",
   "healthCheckPath": "/explore",
   "httpPort": 3000,
   "memoryLimit": 536870912,
@@ -52,13 +52,9 @@
   "checklist": {
     "change-default-password": {
       "message": "Change the default admin password"
-    },
-    "disable-registration": {
-      "message": "Disable registration, if required, to prevent misuse",
-      "sso": false
     }
   },
   "minBoxVersion": "8.1.0",
   "forumUrl": "https://forum.cloudron.io/category/19/gitea",
-  "documentationUrl": "https://docs.cloudron.io/packages/gitea/"
+  "documentationUrl": "https://docs.cloudron.io/apps/gitea/"
 }

Dockerfile

@@ -1,27 +1,28 @@
-FROM cloudron/base:5.0.0@sha256:04fd70dbd8ad6149c19de39e35718e024417c3e01dc9c6637eaf4a41ec4e596c
+FROM cloudron/base:4.2.0@sha256:46da2fffb36353ef714f97ae8e962bd2c212ca091108d768ba473078319a47f4
 
 RUN apt-get update && \
-    apt-get install -y openssh-server git asciidoctor pandoc pipx && \
+    apt-get install -y openssh-server git asciidoctor pandoc && \
     rm -rf /etc/ssh_host_* && \
     rm -r /var/cache/apt /var/lib/apt/lists
-
-# pipx --global does not work, not sure why
-RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install jupyter docutils --include-deps
+RUN pip3 install jupyter
 
 ADD supervisor/ /etc/supervisor/conf.d/
 
-RUN useradd --comment "Gogs" --create-home --shell /bin/bash git
-RUN passwd -d git # by default, git account is created as inactive which prevents login via openssh. this disables password for account
+RUN adduser --disabled-login --gecos 'Gitea' git
+# by default, git account is created as inactive which prevents login via openssh
+# https://github.com/gitlabhq/gitlabhq/issues/5304
+RUN passwd -d git
+
+RUN mkdir -p /home/git/gitea
 WORKDIR /home/git
 
 # for autosign feature
 ENV GNUPGHOME="/app/data/gnupg"
 
 # renovate: datasource=github-releases depName=go-gitea/gitea versioning=semver extractVersion=^v(?<version>.+)$
-ARG GITEA_VERSION=1.24.6
+ARG GITEA_VERSION=1.22.4
 
-RUN mkdir -p /home/git/gitea && \
-    curl -L https://github.com/go-gitea/gitea/releases/download/v${GITEA_VERSION}/gitea-${GITEA_VERSION}-linux-amd64 -o /home/git/gitea/gitea \
+RUN curl -L https://dl.gitea.io/gitea/${GITEA_VERSION}/gitea-${GITEA_VERSION}-linux-amd64 -o /home/git/gitea/gitea \
     && chmod +x /home/git/gitea/gitea
 
 # setup config paths
@@ -31,10 +32,10 @@ ADD app.ini.template /home/git/app.ini.template
 RUN mkdir -p /run/gitea && chown -R git:git /run/gitea
 RUN sed -e 's,^logfile=.*$,logfile=/run/gitea/supervisord.log,' -i /etc/supervisor/supervisord.conf
 
-RUN ln -s /app/data/ssh /home/git/.ssh && \
-    ln -s /app/data/gitconfig /home/git/.gitconfig
+RUN ln -s /app/data/ssh /home/git/.ssh
+RUN ln -s /app/data/gitconfig /home/git/.gitconfig
 
-COPY start.sh /home/git/
+ADD start.sh /home/git/start.sh
 
 COPY sshd_config /etc/ssh/sshd_config
 

POSTINSTALL.md

@@ -6,4 +6,3 @@ This app is pre-setup with an admin account. The initial credentials are:
 <sso>
 Use the `Local` authentication source for logging in as admin.
 </sso>
-

app.ini.template

@@ -75,7 +75,7 @@ REVERSE_PROXY_LIMIT = 1
 REVERSE_PROXY_TRUSTED_PROXIES = *
 
 [service]
-DISABLE_REGISTRATION = true
+DISABLE_REGISTRATION = false
 SHOW_REGISTRATION_BUTTON = false
 ENABLE_NOTIFY_MAIL = true
 

sshd_config

@@ -1,37 +1,80 @@
-Port 29418
+# Package generated configuration file
+# See the sshd_config(5) manpage for details
 
-AddressFamily any
+# What ports, IPs and protocols we listen for
+Port 29418
+# Use these options to restrict which interfaces/protocols sshd will bind to
 ListenAddress 0.0.0.0
 ListenAddress ::
-
+Protocol 2
+# HostKeys for protocol version 2
 HostKey /app/data/sshd/ssh_host_rsa_key
+HostKey /app/data/sshd/ssh_host_dsa_key
 HostKey /app/data/sshd/ssh_host_ecdsa_key
 HostKey /app/data/sshd/ssh_host_ed25519_key
 
+# Logging
+SyslogFacility AUTH
 LogLevel INFO
 
-# no reverse DNS lookup
-UseDNS no
-UsePAM no
-AllowAgentForwarding no
-AllowTcpForwarding no
-PrintMotd no
-PrintLastLog no
-
+# Authentication:
 LoginGraceTime 120
+PermitRootLogin prohibit-password
 StrictModes yes
+
 PubkeyAuthentication yes
-PermitUserEnvironment yes
-PermitRootLogin no
-ChallengeResponseAuthentication no
-PasswordAuthentication no
-PermitEmptyPasswords no
+#AuthorizedKeysFile	%h/.ssh/authorized_keys
+
+# Don't read the user's ~/.rhosts and ~/.shosts files
+IgnoreRhosts yes
+# similar for protocol version 2
 HostbasedAuthentication no
+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
+#IgnoreUserKnownHosts yes
 
-AllowUsers git
+# To enable empty passwords, change to yes (NOT RECOMMENDED)
+PermitEmptyPasswords no
 
-Banner none
-Subsystem sftp /usr/lib/ssh/sftp-server
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+ChallengeResponseAuthentication no
 
-AcceptEnv GIT_PROTOCOL LANG LC_*
+# Change to no to disable tunnelled clear text passwords
+#PasswordAuthentication yes
 
+# Kerberos options
+#KerberosAuthentication no
+#KerberosGetAFSToken no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+X11Forwarding yes
+X11DisplayOffset 10
+PrintMotd no
+PrintLastLog yes
+TCPKeepAlive yes
+#UseLogin no
+
+#MaxStartups 10:30:60
+#Banner /etc/issue.net
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+Subsystem sftp /usr/lib/openssh/sftp-server
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+UsePAM no
+UseDNS no

start.sh

@@ -4,15 +4,14 @@ set -eu -o pipefail
 
 mkdir -p /run/gitea/tmp/uploads /run/sshd /run/gitea/sessions
 
-# CLOUDRON_OIDC_PROVIDER_NAME not supported as it will be used in rest route!
 setup_oidc_source() {
     set -eu
 
     echo "==> Setup OIDC source"
 
     now=$(date +%s)
-    mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h"${CLOUDRON_MYSQL_HOST}" -P"${CLOUDRON_MYSQL_PORT}" --database="${CLOUDRON_MYSQL_DATABASE}" -e \
-        "REPLACE INTO login_source (id, type, name, is_active, cfg, created_unix, updated_unix) VALUES (1,6,'cloudron', 1,'{\"Provider\":\"openidConnect\",\"ClientID\":\"${CLOUDRON_OIDC_CLIENT_ID}\",\"ClientSecret\":\"${CLOUDRON_OIDC_CLIENT_SECRET}\",\"OpenIDConnectAutoDiscoveryURL\":\"${CLOUDRON_OIDC_ISSUER}/.well-known/openid-configuration\",\"CustomURLMapping\":null,\"IconURL\":\"\",\"Scopes\":[\"openid email profile\"],\"RequiredClaimName\":\"\",\"RequiredClaimValue\":\"\",\"GroupClaimName\":\"\",\"AdminGroup\":\"\",\"GroupTeamMap\":\"\",\"GroupTeamMapRemoval\":false,\"RestrictedGroup\":\"\"}','${now}','${now}')"
+    mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" -e \
+        "REPLACE INTO login_source (id, type, name, is_active, cfg, created_unix, updated_unix) VALUES (1,6,'${CLOUDRON_OIDC_PROVIDER_NAME:-Cloudron}', 1,'{\"Provider\":\"openidConnect\",\"ClientID\":\"${CLOUDRON_OIDC_CLIENT_ID}\",\"ClientSecret\":\"${CLOUDRON_OIDC_CLIENT_SECRET}\",\"OpenIDConnectAutoDiscoveryURL\":\"${CLOUDRON_OIDC_ISSUER}/.well-known/openid-configuration\",\"CustomURLMapping\":null,\"IconURL\":\"\",\"Scopes\":[\"openid email profile\"],\"RequiredClaimName\":\"\",\"RequiredClaimValue\":\"\",\"GroupClaimName\":\"\",\"AdminGroup\":\"\",\"GroupTeamMap\":\"\",\"GroupTeamMapRemoval\":false,\"RestrictedGroup\":\"\"}','${now}','${now}')"
 }
 
 setup_root_user() {
@@ -41,7 +40,7 @@ setup_auth() {
         setup_oidc_source
     fi
 
-    user_count=$(mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h"${CLOUDRON_MYSQL_HOST}" -P"${CLOUDRON_MYSQL_PORT}" --database="${CLOUDRON_MYSQL_DATABASE}" -N -B -e "SELECT count(*) FROM user")
+    user_count=$(mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" -N -B -e "SELECT count(*) FROM user")
     # be careful, not to create root user for existing LDAP based installs
     if [[ "${user_count}" == "0" ]]; then
         echo "==> Setting up root user for first run"
@@ -78,11 +77,6 @@ if [[ ! -f /app/data/app.ini ]]; then
 
     echo "==> Generating new SECRET_KEY"
     crudini --set "/app/data/app.ini" security SECRET_KEY $(pwgen -1 -s)
-
-    if [[ -z "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
-        crudini --set "/app/data/app.ini" service DISABLE_REGISTRATION false
-        crudini --set "/app/data/app.ini" service SHOW_REGISTRATION_BUTTON true
-    fi
 fi
 
 # merge user config file

test/package.json

@@ -9,10 +9,10 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^140.0.1",
+    "chromedriver": "^131.0.1",
     "expect.js": "^0.3.1",
-    "mocha": "^11.7.2",
-    "selenium-webdriver": "^4.35.0",
-    "superagent": "^10.2.3"
+    "mocha": "^10.8.2",
+    "selenium-webdriver": "^4.27.0",
+    "superagent": "^10.1.1"
   }
 }

test/test.js

@@ -112,14 +112,13 @@ describe('Application life cycle test', function () {
         await browser.get(`https://${app.fqdn}/user/login`);
         await browser.sleep(2000);
 
-
-        await browser.findElement(By.xpath('//a[contains(@class, "openidConnect") and contains(., "Sign in with cloudron")]')).click();
+        await browser.findElement(By.xpath('//a[contains(@href, "/user/oauth2/Cloudron")]')).click();
         await browser.sleep(2000);
 
         if (!alreadyAuthenticated) {
-            await waitForElement(By.id('inputUsername'));
-            await browser.findElement(By.id('inputUsername')).sendKeys(username);
-            await browser.findElement(By.id('inputPassword')).sendKeys(password);
+            await waitForElement(By.xpath('//input[@name="username"]'));
+            await browser.findElement(By.xpath('//input[@name="username"]')).sendKeys(username);
+            await browser.findElement(By.xpath('//input[@name="password"]')).sendKeys(password);
             await browser.sleep(2000);
             await browser.findElement(By.id('loginSubmitButton')).click();
             await browser.sleep(2000);
@@ -170,6 +169,14 @@ describe('Application life cycle test', function () {
         }, TIMEOUT);
     }
 
+    async function checkCloneUrl() {
+        await browser.get('https://' + app.fqdn + '/' + username + '/' + reponame);
+        await browser.findElement(By.id('repo-clone-ssh')).click();
+
+        var cloneUrl = await browser.findElement(By.id('repo-clone-url')).getAttribute('value');
+        expect(cloneUrl).to.be(`ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git`);
+    }
+
     function cloneRepo() {
         fs.rmSync(repodir, { recursive: true, force: true });
         var env = Object.create(process.env);
@@ -190,13 +197,13 @@ describe('Application life cycle test', function () {
     }
 
     async function sendMail() {
-        await browser.get(`https://${app.fqdn}/-/admin/config`);
-        await browser.sleep(3000);
-        const button = await browser.findElement(By.xpath('//button[contains(., "Send")]'));
+        await browser.get(`https://${app.fqdn}/admin/config`);
+
+        var button = await browser.findElement(By.xpath('//button[contains(text(), "Send")]'));
         await browser.executeScript('arguments[0].scrollIntoView(true)', button);
         await browser.findElement(By.xpath('//input[@name="email"]')).sendKeys('test@cloudron.io');
-        await browser.findElement(By.xpath('//button[contains(., "Send")]')).click();
-        await browser.wait(until.elementLocated(By.xpath('//p[contains(., "A testing email has been sent")]')), TIMEOUT);
+        await browser.findElement(By.xpath('//button[contains(text(), "Send")]')).click();
+        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(), "A testing email has been sent")]')), TIMEOUT);
     }
 
     xit('build app', function () { execSync('cloudron build', EXEC_ARGS); });
@@ -216,6 +223,8 @@ describe('Application life cycle test', function () {
 
     it('can create repo', createRepo);
 
+    it('displays correct clone url', checkCloneUrl);
+
     it('can clone the url', cloneRepo);
 
     it('can add and push a file', pushFile);
@@ -223,6 +232,7 @@ describe('Application life cycle test', function () {
     it('can restart app', function () { execSync('cloudron restart  --app ' + app.id); });
 
     xit('can login', loginOIDC.bind(null, username, password)); // no need to relogin since session persists
+    it('displays correct clone url', checkCloneUrl);
     it('can clone the url', cloneRepo);
     it('file exists in repo', fileExists);
 
@@ -245,6 +255,7 @@ describe('Application life cycle test', function () {
 
     it('can login', loginOIDC.bind(null, username, password));
     it('can get avatar', checkAvatar);
+    it('displays correct clone url', checkCloneUrl);
     it('can clone the url', cloneRepo);
     it('file exists in repo', function () { expect(fs.existsSync(repodir + '/newfile')).to.be(true); });