IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an email to s dot adaszewski at gmail dot com. User accounts are meant only to report issues and/or generate pull requests. This is a purpose-specific Git hosting for ADARED projects. Thank you for your understanding!
Browse Source

Disable Swagger and non-GET API as well.

master
parent
commit
23f5766a09
2 changed files with 10 additions and 3 deletions
  1. +1
    -0
      example/gitea-custom/Fockerfile
  2. +9
    -3
      example/gitea-disable/files/nginx.conf

+ 1
- 0
example/gitea-custom/Fockerfile View File

@@ -14,6 +14,7 @@ steps:
export GITEA_CONF=/usr/local/etc/gitea/conf/app.ini && \
export GITEA_TMPL_BASE=/usr/local/share/gitea/templates/base && \
export SECRET_CONF=/tmp/secrets.ini && \
crudini --set --inplace $GITEA_CONF api ENABLE_SWAGGER false && \
crudini --set --inplace $GITEA_CONF server DISABLE_SSH true && \
crudini --set --inplace $GITEA_CONF service DEFAULT_ALLOW_CREATE_ORGANIZATION false && \
crudini --set --inplace $GITEA_CONF service DEFAULT_KEEP_EMAIL_PRIVATE true && \


+ 9
- 3
example/gitea-disable/files/nginx.conf View File

@@ -14,6 +14,9 @@ http {
location / {
error_page 403 /403.html;
if ($uri ~ ^/api) {
set $test "api";
}
rewrite ^/admin1/ $uri break;
if ($uri ~ ^/([^/]*)/([^/]*)/(wiki|releases|issues)) {
return 403;
@@ -22,10 +25,13 @@ http {
if ($uri ~ ^/([^/]*)/([^/]*)/settings) {
set $test "settings";
}
if ($request_method = "POST") {
set $test "${test}_post";
if ($request_method != "GET") {
set $test "${test}_not-get";
}
if ($test = "settings_not-get") {
return 403;
}
if ($test = "settings_post") {
if ($test = "api_not-get") {
return 403;
}


Loading…
Cancel
Save