Untitled

; App name that shows in every page title
APP_NAME = flipkick.media Ltd - Code
; Change it if you run locally
RUN_USER = git
; Either "dev", "prod" or "test", default is "dev"
RUN_MODE = prod

[repository]
ROOT                                           = /home/git
SCRIPT_TYPE                                    = bash
; Default ANSI charset
ANSI_CHARSET                                   =
; Force every new repository to be private
FORCE_PRIVATE                                  = false
; Default privacy setting when creating a new repository, allowed values: last, private, public. Default is last which means the last setting used.
DEFAULT_PRIVATE                                = last
; Global limit of repositories per user, applied at creation time. -1 means no limit
MAX_CREATION_LIMIT                             = -1
; Mirror sync queue length, increase if mirror syncing starts hanging
MIRROR_QUEUE_LENGTH                            = 1000
; Patch test queue length, increase if pull request patch testing starts hanging
PULL_REQUEST_QUEUE_LENGTH                      = 1000
; Preferred Licenses to place at the top of the List
; The name here must match the filename in conf/license or custom/conf/license
PREFERRED_LICENSES                             = Apache License 2.0,MIT License
; Disable the ability to interact with repositories using the HTTP protocol
DISABLE_HTTP_GIT                               = true
; Value for Access-Control-Allow-Origin header, default is not to present
; WARNING: This maybe harmful to you website if you do not give it a right value.
ACCESS_CONTROL_ALLOW_ORIGIN                    =
; Force ssh:// clone url instead of scp-style uri when default SSH port is used
USE_COMPAT_SSH_URI                             = false
; Close issues as long as a commit on any branch marks it as fixed
DEFAULT_CLOSE_ISSUES_VIA_COMMITS_IN_ANY_BRANCH = false
; Allow users to push local repositories to Gitea and have them automatically created for a user or an org
ENABLE_PUSH_CREATE_USER                        = false
ENABLE_PUSH_CREATE_ORG                         = false
; Comma separated list of globally disabled repo units. Allowed values: repo.issues, repo.ext_issues, repo.pulls, repo.wiki, repo.ext_wiki
DISABLED_REPO_UNITS                            =
; Comma separated list of default repo units. Allowed values: repo.code, repo.releases, repo.issues, repo.pulls, repo.wiki.
; Note: Code and Releases can currently not be deactivated. If you specify default repo units you should still list them for future compatibility.
; External wiki and issue tracker can't be enabled by default as it requires additional settings.
; Disabled repo units will not be added to new repositories regardless if it is in the default list.
DEFAULT_REPO_UNITS                             = repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki
; Prefix archive files by placing them in a directory named after the repository
PREFIX_ARCHIVE_FILES                           = true

[repository.editor]
; List of file extensions for which lines should be wrapped in the CodeMirror editor
; Separate extensions with a comma. To line wrap files without an extension, just put a comma
LINE_WRAP_EXTENSIONS   = .txt,.md,.markdown,.mdown,.mkd,
; Valid file modes that have a preview API associated with them, such as api/v1/markdown
; Separate the values by commas. The preview tab in edit mode won't be displayed if the file extension doesn't match
PREVIEWABLE_FILE_MODES = markdown

[repository.local]
; Path for local repository copy. Defaults to `tmp/local-repo`
LOCAL_COPY_PATH = tmp/local-repo
; Path for local wiki copy. Defaults to `tmp/local-wiki`
LOCAL_WIKI_PATH = tmp/local-wiki

[repository.upload]
; Whether repository file uploads are enabled. Defaults to `true`
ENABLED       = true
; Path for uploads. Defaults to `data/tmp/uploads` (tmp gets deleted on gitea restart)
TEMP_PATH     = data/tmp/uploads
; One or more allowed types, e.g. image/jpeg|image/png. Nothing means any file type
ALLOWED_TYPES =
; Max size of each file in megabytes. Defaults to 3MB
FILE_MAX_SIZE = 3
; Max number of files per upload. Defaults to 5
MAX_FILES     = 5

[repository.pull-request]
; List of prefixes used in Pull Request title to mark them as Work In Progress
WORK_IN_PROGRESS_PREFIXES                     = WIP:,[WIP]
; List of keywords used in Pull Request comments to automatically close a related issue
CLOSE_KEYWORDS                                = close,closes,closed,fix,fixes,fixed,resolve,resolves,resolved
; List of keywords used in Pull Request comments to automatically reopen a related issue
REOPEN_KEYWORDS                               = reopen,reopens,reopened
; In the default merge message for squash commits include at most this many commits
DEFAULT_MERGE_MESSAGE_COMMITS_LIMIT           = 50
; In the default merge message for squash commits limit the size of the commit messages to this
DEFAULT_MERGE_MESSAGE_SIZE                    = 5120
; In the default merge message for squash commits walk all commits to include all authors in the Co-authored-by otherwise just use those in the limited list
DEFAULT_MERGE_MESSAGE_ALL_AUTHORS             = false
; In default merge messages limit the number of approvers listed as Reviewed-by: to this many
DEFAULT_MERGE_MESSAGE_MAX_APPROVERS           = 10
; In default merge messages only include approvers who are official
DEFAULT_MERGE_MESSAGE_OFFICIAL_APPROVERS_ONLY = true

[repository.issue]
; List of reasons why a Pull Request or Issue can be locked
LOCK_REASONS = Too heated,Off-topic,Resolved,Spam

[repository.signing]
; GPG key to use to sign commits, Defaults to the default - that is the value of git config --get user.signingkey
; run in the context of the RUN_USER
; Switch to none to stop signing completely
SIGNING_KEY    = default
; If a SIGNING_KEY ID is provided and is not set to default, use the provided Name and Email address as the signer.
; These should match a publicized name and email address for the key. (When SIGNING_KEY is default these are set to
; the results of git config --get user.name and git config --get user.email respectively and can only be overrided
; by setting the SIGNING_KEY ID to the correct ID.)
SIGNING_NAME   =
SIGNING_EMAIL  =
; Determines when gitea should sign the initial commit when creating a repository
; Either:
; - never
; - pubkey: only sign if the user has a pubkey
; - twofa: only sign if the user has logged in with twofa
; - always
; options other than none and always can be combined as comma separated list
INITIAL_COMMIT = always
; Determines when to sign for CRUD actions
; - as above
; - parentsigned: requires that the parent commit is signed.
CRUD_ACTIONS   = pubkey, twofa, parentsigned
; Determines when to sign Wiki commits
; - as above
WIKI           = never
; Determines when to sign on merges
; - basesigned: require that the parent of commit on the base repo is signed.
; - commitssigned: require that all the commits in the head branch are signed.
; - approved: only sign when merging an approved pr to a protected branch
MERGES         = pubkey, twofa, basesigned, commitssigned

[cors]
; More information about CORS can be found here: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#The_HTTP_response_headers
; enable cors headers (disabled by default)
ENABLED           = false
; scheme of allowed requests
SCHEME            = http
; list of requesting domains that are allowed
ALLOW_DOMAIN      = *
; allow subdomains of headers listed above to request
ALLOW_SUBDOMAIN   = false
; list of methods allowed to request
METHODS           = GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS
; max time to cache response
MAX_AGE           = 10m
; allow request with credentials
ALLOW_CREDENTIALS = false

[ui]
; Number of repositories that are displayed on one explore page
EXPLORE_PAGING_NUM      = 20
; Number of issues that are displayed on one page
ISSUE_PAGING_NUM        = 10
; Number of maximum commits displayed in one activity feed
FEED_MAX_COMMIT_NUM     = 5
; Number of maximum commits displayed in commit graph.
GRAPH_MAX_COMMIT_NUM    = 100
; Number of line of codes shown for a code comment
CODE_COMMENT_LINES      = 4
; Value of `theme-color` meta tag, used by Android >= 5.0
; An invalid color like "none" or "disable" will have the default style
; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android
THEME_COLOR_META_TAG    = `#6cc644`
; Max size of files to be displayed (default is 8MiB)
MAX_DISPLAY_FILE_SIZE   = 8388608
; Whether the email of the user should be shown in the Explore Users page
SHOW_USER_EMAIL         = true
; Set the default theme for the Gitea install
DEFAULT_THEME           = gitea
; All available themes. Allow users select personalized themes regardless of the value of `DEFAULT_THEME`.
THEMES                  = gitea,arc-green
; All available reactions. Allow users react with different emoji's
; For the whole list look at https://gitea.com/gitea/gitea.com/issues/8
REACTIONS               = +1, -1, laugh, hooray, confused, heart, rocket, eyes
; Whether the full name of the users should be shown where possible. If the full name isn't set, the username will be used.
DEFAULT_SHOW_FULL_NAME  = false
; Whether to search within description at repository search on explore page.
SEARCH_REPO_DESCRIPTION = true
; Whether to enable a Service Worker to cache frontend assets
USE_SERVICE_WORKER      = true

[ui.admin]
; Number of users that are displayed on one page
USER_PAGING_NUM   = 50
; Number of repos that are displayed on one page
REPO_PAGING_NUM   = 50
; Number of notices that are displayed on one page
NOTICE_PAGING_NUM = 25
; Number of organizations that are displayed on one page
ORG_PAGING_NUM    = 50

[ui.user]
; Number of repos that are displayed on one page
REPO_PAGING_NUM = 15

[ui.meta]
AUTHOR      = Gitea - Git with a cup of tea
DESCRIPTION = Gitea (Git with a cup of tea) is a painless self-hosted Git service written in Go
KEYWORDS    = go,git,self-hosted,gitea

[markdown]
; Enable hard line break extension
ENABLE_HARD_LINE_BREAK = false
; Comma separated list of custom URL-Schemes that are allowed as links when rendering Markdown
; for example git,magnet,ftp (more at https://en.wikipedia.org/wiki/List_of_URI_schemes)
; URLs starting with http and https are always displayed, whatever is put in this entry.
CUSTOM_URL_SCHEMES     =
; List of file extensions that should be rendered/edited as Markdown
; Separate the extensions with a comma. To render files without any extension as markdown, just put a comma
FILE_EXTENSIONS        = .md,.markdown,.mdown,.mkd

[server]
PROTOCOL                        = fcgi+unix
DOMAIN                          = git.flipkick.media
HTTP_ADDR                       = /var/www/git.flipkick.media/services/gitea.sock
UNIX_SOCKET_PERMISSION          = 666
; Domain name to be exposed in clone URL
SSH_DOMAIN                      = git.flipkick.media
ROOT_URL                        = fcgi+unix://git.flipkick.media:3000/
; when STATIC_URL_PREFIX is empty it will follow ROOT_URL
STATIC_URL_PREFIX               =
; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
; If REDIRECT_OTHER_PORT is true, and PROTOCOL is set to https an http server
; will be started on PORT_TO_REDIRECT and it will redirect plain, non-secure http requests to the main
; ROOT_URL.  Defaults are false for REDIRECT_OTHER_PORT and 80 for
; PORT_TO_REDIRECT.
REDIRECT_OTHER_PORT             = false
PORT_TO_REDIRECT                = 80
; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
; In most cases you do not need to change the default value.
; Alter it only if your SSH server node is not the same as HTTP node.
; Do not set this variable if PROTOCOL is set to 'unix'.
LOCAL_ROOT_URL                  = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
; Disable SSH feature when not available
DISABLE_SSH                     = false
; Whether to use the builtin SSH server or not.
START_SSH_SERVER                = false
; Username to use for the builtin SSH server. If blank, then it is the value of RUN_USER.
BUILTIN_SSH_SERVER_USER         =
; The network interface the builtin SSH server should listen on
SSH_LISTEN_HOST                 =
; Port number to be exposed in clone URL
SSH_PORT                        = 22
; The port number the builtin SSH server should listen on
SSH_LISTEN_PORT                 = %(SSH_PORT)s
; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
SSH_ROOT_PATH                   =
; Gitea will create a authorized_keys file by default when it is not using the internal ssh server
; If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
SSH_CREATE_AUTHORIZED_KEYS_FILE = true
; For the built-in SSH server, choose the ciphers to support for SSH connections,
; for system SSH this setting has no effect
SSH_SERVER_CIPHERS              = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
; For the built-in SSH server, choose the key exchange algorithms to support for SSH connections,
; for system SSH this setting has no effect
SSH_SERVER_KEY_EXCHANGES        = diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256@libssh.org
; For the built-in SSH server, choose the MACs to support for SSH connections,
; for system SSH this setting has no effect
SSH_SERVER_MACS                 = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1, hmac-sha1-96
; Directory to create temporary files in when testing public keys using ssh-keygen,
; default is the system temporary directory.
SSH_KEY_TEST_PATH               =
; Path to ssh-keygen, default is 'ssh-keygen' which means the shell is responsible for finding out which one to call.
SSH_KEYGEN_PATH                 = ssh-keygen
; Enable SSH Authorized Key Backup when rewriting all keys, default is true
SSH_BACKUP_AUTHORIZED_KEYS      = true
; Enable exposure of SSH clone URL to anonymous visitors, default is false
SSH_EXPOSE_ANONYMOUS            = false
; Indicate whether to check minimum key size with corresponding type
MINIMUM_KEY_SIZE_CHECK          = false
; Disable CDN even in "prod" mode
OFFLINE_MODE                    = false
DISABLE_ROUTER_LOG              = false
; Generate steps:
; $ ./gitea cert -ca=true -duration=8760h0m0s -host=myhost.example.com
;
; Or from a .pfx file exported from the Windows certificate store (do
; not forget to export the private key):
; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
; Paths are relative to CUSTOM_PATH
CERT_FILE                       = https/cert.pem
KEY_FILE                        = https/key.pem
; Root directory containing templates and static files.
; default is the path where Gitea is executed
STATIC_ROOT_PATH                =
; Default path for App data
APP_DATA_PATH                   = data
; Application level GZIP support
ENABLE_GZIP                     = false
; Application profiling (memory and cpu)
; For "web" command it listens on localhost:6060
; For "serve" command it dumps to disk at PPROF_DATA_PATH as (cpuprofile|memprofile)_<username>_<temporary id>
ENABLE_PPROF                    = false
; PPROF_DATA_PATH, use an absolute path when you start gitea as service
PPROF_DATA_PATH                 = data/tmp/pprof
; Landing page, can be "home", "explore", "organizations" or "login"
; The "login" choice is not a security measure but just a UI flow change, use REQUIRE_SIGNIN_VIEW to force users to log in.
LANDING_PAGE                    = home
; Enables git-lfs support. true or false, default is false.
LFS_START_SERVER                = true
; Where your lfs files reside, default is data/lfs.
LFS_CONTENT_PATH                = /var/lib/gitea/data/lfs
; LFS authentication secret, change this yourself
LFS_JWT_SECRET                  = cTmHc9mlY_iRkg10dm-BJA-h4jPjoUVJZkfI5-ygoUA
; LFS authentication validity period (in time.Duration), pushes taking longer than this may fail.
LFS_HTTP_AUTH_EXPIRY            = 20m
; Maximum allowed LFS file size in bytes (Set to 0 for no limit).
LFS_MAX_FILE_SIZE               = 0
; Maximum number of locks returned per page
LFS_LOCKS_PAGING_NUM            = 50
; Allow graceful restarts using SIGHUP to fork
ALLOW_GRACEFUL_RESTARTS         = true
; After a restart the parent will finish ongoing requests before
; shutting down. Force shutdown if this process takes longer than this delay.
; set to a negative value to disable
GRACEFUL_HAMMER_TIME            = 60s
; Allows the setting of a startup timeout and waithint for Windows as SVC service
; 0 disables this.
STARTUP_TIMEOUT                 = 0
; Static resources, includes resources on custom/, public/ and all uploaded avatars web browser cache time, default is 6h
STATIC_CACHE_TIME               = 6h
HTTP_PORT                       = 3000

; Define allowed algorithms and their minimum key length (use -1 to disable a type)
[ssh.minimum_key_sizes]
ED25519 = 256
ECDSA   = 256
RSA     = 2048
DSA     = 1024

[database]
; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
DB_TYPE             = sqlite3
; Use PASSWD = `your password` for quoting if you use special characters in the password.
PASSWD              =
; For Postgres, schema to use if different from "public". The schema must exist beforehand,
; the user must have creation privileges on it, and the user search path must be set
; to the look into the schema first. e.g.:ALTER USER user SET SEARCH_PATH = schema_name,"$user",public;
SCHEMA              =
; For Postgres, either "disable" (default), "require", or "verify-full"
; For MySQL, either "false" (default), "true", or "skip-verify"
SSL_MODE            = disable
; For MySQL only, either "utf8" or "utf8mb4", default is "utf8".
; NOTICE: for "utf8mb4" you must use MySQL InnoDB > 5.6. Gitea is unable to check this.
CHARSET             = utf8
; For "sqlite3" and "tidb", use an absolute path when you start gitea as service
PATH                = /var/www/git.flipkick.media/data/gitea.db
; For "sqlite3" only. Query timeout
SQLITE_TIMEOUT      = 500
; For iterate buffer, default is 50
ITERATE_BUFFER_SIZE = 50
; Show the database generated SQL
LOG_SQL             = true
; Maximum number of DB Connect retries
DB_RETRIES          = 10
; Backoff time per DB retry (time.Duration)
DB_RETRY_BACKOFF    = 3s
; Max idle database connections on connnection pool, default is 2
MAX_IDLE_CONNS      = 2
; Database connection max life time, default is 0 or 3s mysql (See #6804 & #7071 for reasoning)
CONN_MAX_LIFETIME   = 3s
; Database maximum number of open connections, default is 0 meaning no maximum
MAX_OPEN_CONNS      = 0
HOST                = 127.0.0.1:3306
NAME                = gitea
USER                = gitea

[indexer]
; Issue indexer type, currently support: bleve, db or elasticsearch, default is bleve
ISSUE_INDEXER_TYPE               = bleve
; Issue indexer connection string, available when ISSUE_INDEXER_TYPE is elasticsearch
ISSUE_INDEXER_CONN_STR           = http://elastic:changeme@localhost:9200
; Issue indexer name, available when ISSUE_INDEXER_TYPE is elasticsearch
ISSUE_INDEXER_NAME               = gitea_issues
; Issue indexer storage path, available when ISSUE_INDEXER_TYPE is bleve
ISSUE_INDEXER_PATH               = indexers/issues.bleve
; Issue indexer queue, currently support: channel, levelqueue or redis, default is levelqueue
ISSUE_INDEXER_QUEUE_TYPE         = levelqueue
; When ISSUE_INDEXER_QUEUE_TYPE is levelqueue, this will be the queue will be saved path,
; default is indexers/issues.queue
ISSUE_INDEXER_QUEUE_DIR          = indexers/issues.queue
; When `ISSUE_INDEXER_QUEUE_TYPE` is `redis`, this will store the redis connection string.
ISSUE_INDEXER_QUEUE_CONN_STR     = addrs=127.0.0.1:6379 db=0
; Batch queue number, default is 20
ISSUE_INDEXER_QUEUE_BATCH_NUMBER = 20
; Timeout the indexer if it takes longer than this to start.
; Set to zero to disable timeout.
STARTUP_TIMEOUT                  = 30s
; repo indexer by default disabled, since it uses a lot of disk space
REPO_INDEXER_ENABLED             = false
REPO_INDEXER_PATH                = indexers/repos.bleve
UPDATE_BUFFER_LEN                = 20
MAX_FILE_SIZE                    = 1048576
; A comma separated list of glob patterns (see https://github.com/gobwas/glob) to include
; in the index; default is empty
REPO_INDEXER_INCLUDE             =
; A comma separated list of glob patterns to exclude from the index; ; default is empty
REPO_INDEXER_EXCLUDE             =

[queue]
; Specific queues can be individually configured with [queue.name]. [queue] provides defaults
;
; General queue queue type, currently support: persistable-channel, channel, level, redis, dummy
; default to persistable-channel
TYPE              = persistable-channel
; data-dir for storing persistable queues and level queues, individual queues will be named by their type
DATADIR           = queues/
; Default queue length before a channel queue will block
LENGTH            = 20
; Batch size to send for batched queues
BATCH_LENGTH      = 20
; Connection string for redis queues this will store the redis connection string.
CONN_STR          = addrs=127.0.0.1:6379 db=0
; Provide the suffix of the default redis queue name - specific queues can be overriden within in their [queue.name] sections.
QUEUE_NAME        = _queue
; If the queue cannot be created at startup - level queues may need a timeout at startup - wrap the queue:
WRAP_IF_NECESSARY = true
; Attempt to create the wrapped queue at max
MAX_ATTEMPTS      = 10
; Timeout queue creation
TIMEOUT           = 15m30s
; Create a pool with this many workers
WORKERS           = 1
; Dynamically scale the worker pool to at this many workers
MAX_WORKERS       = 10
; Add boost workers when the queue blocks for BLOCK_TIMEOUT
BLOCK_TIMEOUT     = 1s
; Remove the boost workers after BOOST_TIMEOUT
BOOST_TIMEOUT     = 5m
; During a boost add BOOST_WORKERS
BOOST_WORKERS     = 5

[admin]
; Disallow regular (non-admin) users from creating organizations.
DISABLE_REGULAR_ORG_CREATION = false
; Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled
DEFAULT_EMAIL_NOTIFICATIONS  = enabled

[security]
; Whether the installer is disabled
INSTALL_LOCK                             = true
; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
# @FDEWREWR&*(
SECRET_KEY                               = CshVBrRiepuzusoqgNu4oMtO3eEs6q28eQMxFwG7fd98shMMWyD5PJSYlCeR0RWk
; How long to remember that a user is logged in before requiring relogin (in days)
LOGIN_REMEMBER_DAYS                      = 7
COOKIE_USERNAME                          = gitea_awesome
COOKIE_REMEMBER_NAME                     = gitea_incredible
; Reverse proxy authentication header name of user name
REVERSE_PROXY_AUTHENTICATION_USER        = X-WEBAUTH-USER
REVERSE_PROXY_AUTHENTICATION_EMAIL       = X-WEBAUTH-EMAIL
; The minimum password length for new Users
MIN_PASSWORD_LENGTH                      = 6
; Set to true to allow users to import local server paths
IMPORT_LOCAL_PATHS                       = false
; Set to true to prevent all users (including admin) from creating custom git hooks
DISABLE_GIT_HOOKS                        = false
; Set to false to allow pushes to gitea repositories despite having an incomplete environment - NOT RECOMMENDED
ONLY_ALLOW_PUSH_IF_GITEA_ENVIRONMENT_SET = true
; Comma separated list of character classes required to pass minimum complexity.
; If left empty or no valid values are specified, the default values ("lower,upper,digit,spec") will be used.
; Use "off" to disable checking.
PASSWORD_COMPLEXITY                      = lower,upper,digit,spec
; Password Hash algorithm, either "pbkdf2", "argon2", "scrypt" or "bcrypt"
PASSWORD_HASH_ALGO                       = pbkdf2
; Set false to allow JavaScript to read CSRF cookie
CSRF_COOKIE_HTTP_ONLY                    = true
INTERNAL_TOKEN                           = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1ODU0OTUxNzh9.4c7V1bt9dDt4MsNZjyFWT1obpO0O9IRJTEZadW04vr4

[openid]
;
; OpenID is an open, standard and decentralized authentication protocol.
; Your identity is the address of a webpage you provide, which describes
; how to prove you are in control of that page.
;
; For more info: https://en.wikipedia.org/wiki/OpenID
;
; Current implementation supports OpenID-2.0
;
; Tested to work providers at the time of writing:
; - Any GNUSocial node (your.hostname.tld/username)
; - Any SimpleID provider (http://simpleid.koinic.net)
; - http://openid.org.cn/
; - openid.stackexchange.com
; - login.launchpad.net
; - <username>.livejournal.com
;
; Whether to allow signin in via OpenID
ENABLE_OPENID_SIGNIN = true
; Whether to allow registering via OpenID
; Do not include to rely on rhw DISABLE_REGISTRATION setting
; ENABLE_OPENID_SIGNUP = true
; Allowed URI patterns (POSIX regexp).
; Space separated.
; Only these would be allowed if non-blank.
; Example value: trusted.domain.org trusted.domain.net
WHITELISTED_URIS     =
; Forbidden URI patterns (POSIX regexp).
; Space separated.
; Only used if WHITELISTED_URIS is blank.
; Example value: loadaverage.org/badguy stackexchange.com/.*spammer
BLACKLISTED_URIS     =
ENABLE_OPENID_SIGNUP = true

[service]
; Time limit to confirm account/email registration
ACTIVE_CODE_LIVE_MINUTES                      = 180
; Time limit to perform the reset of a forgotten password
RESET_PASSWD_CODE_LIVE_MINUTES                = 180
; Whether a new user needs to confirm their email when registering.
REGISTER_EMAIL_CONFIRM                        = false
; List of domain names that are allowed to be used to register on a Gitea instance
; gitea.io,example.com
EMAIL_DOMAIN_WHITELIST                        =
; Disallow registration, only allow admins to create accounts.
DISABLE_REGISTRATION                          = false
; Allow registration only using third-party services, it works only when DISABLE_REGISTRATION is false
ALLOW_ONLY_EXTERNAL_REGISTRATION              = false
; User must sign in to view anything.
REQUIRE_SIGNIN_VIEW                           = false
; Mail notification
ENABLE_NOTIFY_MAIL                            = false
; This setting enables gitea to be signed in with HTTP BASIC Authentication using the user's password
; If you set this to false you will not be able to access the tokens endpoints on the API with your password
; Please note that setting this to false will not disable OAuth Basic or Basic authentication using a token
ENABLE_BASIC_AUTHENTICATION                   = true
; More detail: https://github.com/gogits/gogs/issues/165
ENABLE_REVERSE_PROXY_AUTHENTICATION           = true
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION        = false
ENABLE_REVERSE_PROXY_EMAIL                    = false
; Enable captcha validation for registration
ENABLE_CAPTCHA                                = true
; Type of captcha you want to use. Options: image, recaptcha
CAPTCHA_TYPE                                  = image
; Enable recaptcha to use Google's recaptcha service
; Go to https://www.google.com/recaptcha/admin to sign up for a key
RECAPTCHA_SECRET                              =
RECAPTCHA_SITEKEY                             =
; Change this to use recaptcha.net or other recaptcha service
RECAPTCHA_URL                                 = https://www.google.com/recaptcha/
; Default value for KeepEmailPrivate
; Each new user will get the value of this setting copied into their profile
DEFAULT_KEEP_EMAIL_PRIVATE                    = false
; Default value for AllowCreateOrganization
; Every new user will have rights set to create organizations depending on this setting
DEFAULT_ALLOW_CREATE_ORGANIZATION             = true
; Either "public", "limited" or "private", default is "public"
; Limited is for signed user only
; Private is only for member of the organization
; Public is for everyone
DEFAULT_ORG_VISIBILITY                        = public
; Default value for DefaultOrgMemberVisible
; True will make the membership of the users visible when added to the organisation
DEFAULT_ORG_MEMBER_VISIBLE                    = false
; Default value for EnableDependencies
; Repositories will use dependencies by default depending on this setting
DEFAULT_ENABLE_DEPENDENCIES                   = true
; Dependencies can be added from any repository where the user is granted access or only from the current repository depending on this setting.
ALLOW_CROSS_REPOSITORY_DEPENDENCIES           = true
; Enable heatmap on users profiles.
ENABLE_USER_HEATMAP                           = true
; Enable Timetracking
ENABLE_TIMETRACKING                           = true
; Default value for EnableTimetracking
; Repositories will use timetracking by default depending on this setting
DEFAULT_ENABLE_TIMETRACKING                   = true
; Default value for AllowOnlyContributorsToTrackTime
; Only users with write permissions can track time if this is true
DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true
; Default value for the domain part of the user's email address in the git log
; if he has set KeepEmailPrivate to true. The user's email will be replaced with a
; concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.
NO_REPLY_ADDRESS                              = noreply.%(DOMAIN)s
; Show Registration button
SHOW_REGISTRATION_BUTTON                      = true
; Show milestones dashboard page - a view of all the user's milestones
SHOW_MILESTONES_DASHBOARD_PAGE                = true
; Default value for AutoWatchNewRepos
; When adding a repo to a team or creating a new repo all team members will watch the
; repo automatically if enabled
AUTO_WATCH_NEW_REPOS                          = true
; Default value for AutoWatchOnChanges
; Make the user watch a repository When they commit for the first time
AUTO_WATCH_ON_CHANGES                         = false

[webhook]
; Hook task queue length, increase if webhook shooting starts hanging
QUEUE_LENGTH    = 1000
; Deliver timeout in seconds
DELIVER_TIMEOUT = 5
; Allow insecure certification
SKIP_TLS_VERIFY = false
; Number of history information in each page
PAGING_NUM      = 10
; Proxy server URL, support http://, https//, socks://, blank will follow environment http_proxy/https_proxy
PROXY_URL       =
; Comma separated list of host names requiring proxy. Glob patterns (*) are accepted; use ** to match all hosts.
PROXY_HOSTS     =

[mailer]
ENABLED            = false
; Buffer length of channel, keep it as it is if you don't know what it is.
SEND_BUFFER_LEN    = 100
; Prefix displayed before subject in mail
SUBJECT_PREFIX     =
; Mail server
; Gmail: smtp.gmail.com:587
; QQ: smtp.qq.com:465
; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
HOST               =
; Disable HELO operation when hostnames are different.
DISABLE_HELO       =
; Custom hostname for HELO operation, if no value is provided, one is retrieved from system.
HELO_HOSTNAME      =
; Do not verify the certificate of the server. Only use this for self-signed certificates
SKIP_VERIFY        =
; Use client certificate
USE_CERTIFICATE    = false
CERT_FILE          = custom/mailer/cert.pem
KEY_FILE           = custom/mailer/key.pem
; Should SMTP connection use TLS
IS_TLS_ENABLED     = false
; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
FROM               =
; Mailer user name and password
USER               =
; Use PASSWD = `your password` for quoting if you use special characters in the password.
PASSWD             =
; Send mails as plain text
SEND_AS_PLAIN_TEXT = false
; Set Mailer Type (either SMTP, sendmail or dummy to just send to the log)
MAILER_TYPE        = smtp
; Specify an alternative sendmail binary
SENDMAIL_PATH      = sendmail
; Specify any extra sendmail arguments
SENDMAIL_ARGS      =

[cache]
; if the cache enabled
ENABLED  = true
; Either "memory", "redis", or "memcache", default is "memory"
ADAPTER  = memory
; For "memory" only, GC interval in seconds, default is 60
INTERVAL = 60
; For "redis" and "memcache", connection host address
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; memcache: `127.0.0.1:11211`
HOST     =
; Time to keep items in cache if not used, default is 16 hours.
; Setting it to 0 disables caching
ITEM_TTL = 16h

; Last commit cache
[cache.last_commit]
; if the cache enabled
ENABLED       = true
; Time to keep items in cache if not used, default is 8760 hours.
; Setting it to 0 disables caching
ITEM_TTL      = 8760h
; Only enable the cache when repository's commits count great than
COMMITS_COUNT = 1000

[session]
; Either "memory", "file", or "redis", default is "memory"
PROVIDER          = file
; Provider config options
; memory: doesn't have any config yet
; file: session file path, e.g. `data/sessions`
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
PROVIDER_CONFIG   = data/sessions
; Session cookie name
COOKIE_NAME       = i_like_gitea
; If you use session in https only, default is false
COOKIE_SECURE     = false
; Enable set cookie, default is true
ENABLE_SET_COOKIE = true
; Session GC time interval in seconds, default is 86400 (1 day)
GC_INTERVAL_TIME  = 86400
; Session life time in seconds, default is 86400 (1 day)
SESSION_LIFE_TIME = 86400

[picture]
AVATAR_UPLOAD_PATH               = data/avatars
REPOSITORY_AVATAR_UPLOAD_PATH    = data/repo-avatars
; How Gitea deals with missing repository avatars
; none = no avatar will be displayed; random = random avatar will be displayed; image = default image will be used
REPOSITORY_AVATAR_FALLBACK       = none
REPOSITORY_AVATAR_FALLBACK_IMAGE = /img/repo_default.png
; Max Width and Height of uploaded avatars.
; This is to limit the amount of RAM used when resizing the image.
AVATAR_MAX_WIDTH                 = 4096
AVATAR_MAX_HEIGHT                = 3072
; Maximum alloved file size for uploaded avatars.
; This is to limit the amount of RAM used when resizing the image.
AVATAR_MAX_FILE_SIZE             = 1048576
; Chinese users can choose "duoshuo"
; or a custom avatar source, like: http://cn.gravatar.com/avatar/
GRAVATAR_SOURCE                  = gravatar
; This value will always be true in offline mode.
DISABLE_GRAVATAR                 = false
; Federated avatar lookup uses DNS to discover avatar associated
; with emails, see https://www.libravatar.org
; This value will always be false in offline mode or when Gravatar is disabled.
ENABLE_FEDERATED_AVATAR          = true

[attachment]
; Whether attachments are enabled. Defaults to `true`
ENABLED       = true
; Path for attachments. Defaults to `data/attachments`
PATH          = data/attachments
; One or more allowed types, e.g. image/jpeg|image/png
ALLOWED_TYPES = image/jpeg|image/png|application/zip|application/gzip
; Max size of each file. Defaults to 4MB
MAX_SIZE      = 4
; Max number of files per upload. Defaults to 5
MAX_FILES     = 5

[time]
; Specifies the format for fully outputted dates. Defaults to RFC1123
; Special supported values are ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano
; For more information about the format see http://golang.org/pkg/time/#pkg-constants
FORMAT              =
; Location the UI time display i.e. Asia/Shanghai
; Empty means server's location setting
DEFAULT_UI_LOCATION =

[log]
ROOT_PATH            = /var/www/git.flipkick.media/logs
; Either "console", "file", "conn", "smtp" or "database", default is "console"
; Use comma to separate multiple modes, e.g. "console, file"
MODE                 = file
; Buffer length of the channel, keep it as it is if you don't know what it is.
BUFFER_LEN           = 10000
REDIRECT_MACARON_LOG = false
MACARON              = file
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Info"
ROUTER_LOG_LEVEL     = Debug
ROUTER               = file
ENABLE_ACCESS_LOG    = file
ACCESS_LOG_TEMPLATE  = {{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}"
ACCESS               = file
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
LEVEL                = Debug
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "None"
STACKTRACE_LEVEL     = Debug

; Generic log modes
[log.x]
FLAGS      = stdflags
EXPRESSION =
PREFIX     =
COLORIZE   = false

; For "console" mode only
[log.console]
LEVEL  =
STDERR = false

; For "file" mode only
[log.file]
LEVEL             = Debug
; Set the file_name for the logger. If this is a relative path this
; will be relative to ROOT_PATH
FILE_NAME         = service-gitea.log
; This enables automated log rotate(switch of following options), default is true
LOG_ROTATE        = true
; Max number of lines in a single file, default is 1000000
MAX_LINES         = 1000000
; Max size shift of a single file, default is 28 means 1 << 28, 256MB
MAX_SIZE_SHIFT    = 28
; Segment log daily, default is true
DAILY_ROTATE      = true
; delete the log file after n days, default is 7
MAX_DAYS          = 7
; compress logs with gzip
COMPRESS          = true
; compression level see godoc for compress/gzip
COMPRESSION_LEVEL = 0

; For "conn" mode only
[log.conn]
LEVEL            = Debug
; Reconnect host for every single message, default is false
RECONNECT_ON_MSG = false
; Try to reconnect when connection is lost, default is false
RECONNECT        = false
; Either "tcp", "unix" or "udp", default is "tcp"
PROTOCOL         = tcp
; Host address
ADDR             =

; For "smtp" mode only
[log.smtp]
LEVEL     =
; Name displayed in mail title, default is "Diagnostic message from server"
SUBJECT   = Diagnostic message from server
; Mail server
HOST      =
; Mailer user name and password
USER      =
; Use PASSWD = `your password` for quoting if you use special characters in the password.
PASSWD    =
; Receivers, can be one or more, e.g. 1@example.com,2@example.com
RECEIVERS =

[cron]
; Enable running cron tasks periodically.
ENABLED      = true
; Run cron tasks when Gitea starts.
RUN_AT_START = false

; Update mirrors
[cron.update_mirrors]
SCHEDULE = @every 10m

; Repository health check
[cron.repo_health_check]
SCHEDULE = @every 24h
TIMEOUT  = 60s
; Arguments for command 'git fsck', e.g. "--unreachable --tags"
; see more on http://git-scm.com/docs/git-fsck
ARGS     =

; Check repository statistics
[cron.check_repo_stats]
RUN_AT_START = true
SCHEDULE     = @every 24h

; Clean up old repository archives
[cron.archive_cleanup]
; Whether to enable the job
ENABLED      = true
; Whether to always run at least once at start up time (if ENABLED)
RUN_AT_START = true
; Time interval for job to run
SCHEDULE     = @every 24h
; Archives created more than OLDER_THAN ago are subject to deletion
OLDER_THAN   = 24h

; Synchronize external user data (only LDAP user synchronization is supported)
[cron.sync_external_users]
; Synchronize external user data when starting server (default false)
RUN_AT_START    = false
; Interval as a duration between each synchronization (default every 24h)
SCHEDULE        = @every 24h
; Create new users, update existing user data and disable users that are not in external source anymore (default)
; or only create new users if UPDATE_EXISTING is set to false
UPDATE_EXISTING = true

; Update migrated repositories' issues and comments' posterid, it will always attempt synchronization when the instance starts.
[cron.update_migration_post_id]
; Interval as a duration between each synchronization. (default every 24h)
SCHEDULE = @every 24h

[git]
; The path of git executable. If empty, Gitea searches through the PATH environment.
PATH                          =
; Disables highlight of added and removed changes
DISABLE_DIFF_HIGHLIGHT        = false
; Max number of lines allowed in a single file in diff view
MAX_GIT_DIFF_LINES            = 1000
; Max number of allowed characters in a line in diff view
MAX_GIT_DIFF_LINE_CHARACTERS  = 5000
; Max number of files shown in diff view
MAX_GIT_DIFF_FILES            = 100
; Arguments for command 'git gc', e.g. "--aggressive --auto"
; see more on http://git-scm.com/docs/git-gc/
GC_ARGS                       =
; If use git wire protocol version 2 when git version >= 2.18, default is true, set to false when you always want git wire protocol version 1
ENABLE_AUTO_GIT_WIRE_PROTOCOL = true
; Respond to pushes to a non-default branch with a URL for creating a Pull Request (if the repository has them enabled)
PULL_REQUEST_PUSH_MESSAGE     = true

; Operation timeout in seconds
[git.timeout]
DEFAULT = 360
MIGRATE = 600
MIRROR  = 300
CLONE   = 300
PULL    = 300
GC      = 60

[mirror]
; Default interval as a duration between each check
DEFAULT_INTERVAL = 8h
; Min interval as a duration must be > 1m
MIN_INTERVAL     = 10m

[api]
; Enables Swagger. True or false; default is true.
ENABLE_SWAGGER             = true
; Max number of items in a page
MAX_RESPONSE_ITEMS         = 50
; Default paging number of api
DEFAULT_PAGING_NUM         = 30
; Default and maximum number of items per page for git trees api
DEFAULT_GIT_TREES_PER_PAGE = 1000
; Default size of a blob returned by the blobs API (default is 10MiB)
DEFAULT_MAX_BLOB_SIZE      = 10485760

[oauth2]
; Enables OAuth2 provider
ENABLE                        = true
; Lifetime of an OAuth2 access token in seconds
ACCESS_TOKEN_EXPIRATION_TIME  = 3600
; Lifetime of an OAuth2 access token in hours
REFRESH_TOKEN_EXPIRATION_TIME = 730
; Check if refresh token got already used
INVALIDATE_REFRESH_TOKENS     = false
; OAuth2 authentication secret for access and refresh tokens, change this to a unique string.
JWT_SECRET                    = Bk0yK7Y9g_p56v86KaHqjSbxvNvu3SbKoOdOt2ZcXvU

[i18n]
LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR
NAMES = English,简体中文,繁體中文（香港）,繁體中文（台灣）,Deutsch,français,Nederlands,latviešu,русский,Українська,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어

; Used for datetimepicker
[i18n.datelang]
en-US = en
zh-CN = zh
zh-HK = zh-HK
zh-TW = zh-TW
de-DE = de
fr-FR = fr
nl-NL = nl
lv-LV = lv
ru-RU = ru
uk-UA = uk
ja-JP = ja
es-ES = es
pt-BR = pt-BR
pl-PL = pl
bg-BG = bg
it-IT = it
fi-FI = fi
tr-TR = tr
cs-CZ = cs-CZ
sr-SP = sr
sv-SE = sv
ko-KR = ko

[U2F]

; NOTE: THE DEFAULT VALUES HERE WILL NEED TO BE CHANGED
; Two Factor authentication with security keys
; https://developers.yubico.com/U2F/App_ID.html
; APP_ID = http://localhost:3000/
; Comma seperated list of trusted facets
; TRUSTED_FACETS = http://localhost:3000/
; Extension mapping to highlight class
; e.g. .toml=ini
[highlight.mapping]

[other]
SHOW_FOOTER_BRANDING           = false
; Show version information about Gitea and Go in the footer
SHOW_FOOTER_VERSION            = true
; Show template execution time in the footer
SHOW_FOOTER_TEMPLATE_LOAD_TIME = true

[markup.sanitizer]

; The following keys can be used multiple times to define sanitation policy rules.
; ELEMENT = span
; ALLOW_ATTR = class
; REGEXP = ^(info|warning|error)$
[markup.asciidoc]
ENABLED         = false
; List of file extensions that should be rendered by an external command
FILE_EXTENSIONS = .adoc,.asciidoc
; External command to render all matching extensions
RENDER_COMMAND  = asciidoc --out-file=- -
; Don't pass the file on STDIN, pass the filename as argument instead.
IS_INPUT_FILE   = false

[metrics]
; Enables metrics endpoint. True or false; default is false.
ENABLED = false
; If you want to add authorization, specify a token here
TOKEN   =

[task]
; Task queue type, could be `channel` or `redis`.
QUEUE_TYPE     = channel
; Task queue length, available only when `QUEUE_TYPE` is `channel`.
QUEUE_LENGTH   = 1000
; Task queue connection string, available only when `QUEUE_TYPE` is `redis`.
; If there is a password of redis, use `addrs=127.0.0.1:6379 password=123 db=0`.
QUEUE_CONN_STR = addrs=127.0.0.1:6379 db=0

[migrations]
; Max attempts per http/https request on migrations.
MAX_ATTEMPTS  = 3
; Backoff time per http/https request retry (seconds)
RETRY_BACKOFF = 3