Release 1.0.2

Preserve SECRET_KEY across restarts

Closes #2

See merge request !5

CHANGELOG

@@ -13,3 +13,10 @@
 [1.0.0]
 * Update to version 1.1.3
 
+[1.0.1]
+* Update Git to v2.7.4-0ubuntu1.2
+* Fixes critical security issue that allows remote command execution in git
+* https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-1000117.html
+
+[1.0.2]
+* Preserve SECRET_KEY across updates and restarts

CloudronManifest.json

@@ -4,7 +4,7 @@
   "author": "Gitea developers",
   "description": "file://DESCRIPTION.md",
   "tagline": "A painless self-hosted Git Service",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "healthCheckPath": "/healthcheck",
   "httpPort": 3000,
   "addons": {

Dockerfile

@@ -3,7 +3,7 @@ FROM cloudron/base:0.10.0
 ENV VERSION 1.1.3
 
 RUN apt-get update && \
-    apt-get install -y openssh-server && \
+    apt-get install -y openssh-server git && \
     rm -rf /etc/ssh_host_* && \
     rm -r /var/cache/apt /var/lib/apt/lists
 

start.sh

@@ -62,6 +62,11 @@ if ! [ -f /app/data/app.ini ]; then
     cp /home/git/app.ini.template /app/data/app.ini
 fi
 
+if [ "$(crudini --get /app/data/app.ini security SECRET_KEY)" == "##SECRET_KEY" ]; then
+    echo "Generating new SECRET_KEY"
+    crudini --set "/app/data/app.ini" security SECRET_KEY $(pwgen -1 -s)
+fi
+
 # merge user config file
 crudini --merge "/run/gitea/app.ini" < "/app/data/app.ini"
 
@@ -87,7 +92,6 @@ crudini --set "/run/gitea/app.ini" mailer USER "${MAIL_SMTP_USERNAME}"
 crudini --set "/run/gitea/app.ini" mailer PASSWD "${MAIL_SMTP_PASSWORD}"
 crudini --set "/run/gitea/app.ini" mailer FROM "${MAIL_FROM}"
 crudini --set "/run/gitea/app.ini" mailer SKIP_VERIFY "true"
-crudini --set "/run/gitea/app.ini" security SECRET_KEY $(pwgen -1 -s)
 crudini --set "/run/gitea/app.ini" security INSTALL_LOCK "true"
 crudini --set "/run/gitea/app.ini" log MODE "console"
 crudini --set "/run/gitea/app.ini" log ROOT_PATH "/run/gitea"