Disable Swagger and non-GET API as well.

example/gitea-custom/Fockerfile

@@ -14,6 +14,7 @@ steps:
       export GITEA_CONF=/usr/local/etc/gitea/conf/app.ini && \
       export GITEA_TMPL_BASE=/usr/local/share/gitea/templates/base && \
       export SECRET_CONF=/tmp/secrets.ini && \
+      crudini --set --inplace $GITEA_CONF api ENABLE_SWAGGER false && \
       crudini --set --inplace $GITEA_CONF server DISABLE_SSH true && \
       crudini --set --inplace $GITEA_CONF service DEFAULT_ALLOW_CREATE_ORGANIZATION false && \
       crudini --set --inplace $GITEA_CONF service DEFAULT_KEEP_EMAIL_PRIVATE true && \

example/gitea-disable/files/nginx.conf

@@ -14,6 +14,9 @@ http {
     location / {
       error_page 403 /403.html;
 
+      if ($uri ~ ^/api) {
+        set $test "api";
+      }
       rewrite ^/admin1/ $uri break;
       if ($uri ~ ^/([^/]*)/([^/]*)/(wiki|releases|issues)) {
         return 403;
@@ -22,10 +25,13 @@ http {
       if ($uri ~ ^/([^/]*)/([^/]*)/settings) {
         set $test "settings";
       }
-      if ($request_method = "POST") {
-        set $test "${test}_post";
+      if ($request_method != "GET") {
+        set $test "${test}_not-get";
+      }
+      if ($test = "settings_not-get") {
+        return 403;
       }
-      if ($test = "settings_post") {
+      if ($test = "api_not-get") {
         return 403;
       }