diff --git a/www/forgejo/Makefile b/www/forgejo/Makefile index ffc9ae4c1ee5..a54af4448ce2 100644 --- a/www/forgejo/Makefile +++ b/www/forgejo/Makefile @@ -1,90 +1,89 @@ PORTNAME= forgejo DISTVERSIONPREFIX= v -DISTVERSION= 11.0.1 -PORTREVISION= 1 +DISTVERSION= 11.0.2 CATEGORIES= www MASTER_SITES= https://codeberg.org/forgejo/forgejo/releases/download/${DISTVERSIONPREFIX}${DISTVERSION}/ DISTNAME= forgejo-src-${DISTVERSION} MAINTAINER= stb@lassitu.de COMMENT= Compact self-hosted Git service WWW= https://forgejo.org/ LICENSE= MIT LICENSE_FILE= ${WRKSRC}/LICENSE RUN_DEPENDS= git:devel/git USES= cpe gmake go:no_targets USE_RC_SUBR= forgejo CONFLICTS_INSTALL= forgejo[0-79]* EXTRACT_AFTER_ARGS= --strip-components 1 SUB_FILES= app.ini.sample pkg-message SUB_LIST= GITUSER=${USERS} NO_WRKSUBDIR= yes USERS= git GROUPS= git PORTDATA= * OPTIONS_DEFINE= BINDATA GIT_LFS PAM SQLITE OPTIONS_DEFAULT= BINDATA GIT_LFS PAM SQLITE OPTIONS_SUB= yes BINDATA_DESC= Build a single monolithic binary, with all assets included GIT_LFS_DESC= Support for Git Large File Storage (LFS) PAM_DESC= Enable support for PAM BINDATA_VARS= GO_TAGS+=bindata GIT_LFS_RUN_DEPENDS= git-lfs:devel/git-lfs PAM_VARS= GO_TAGS+=pam SQLITE_VARS= GO_TAGS+="sqlite sqlite_unlock_notify" .include .if ${OPSYS} == FreeBSD DAEMONARGS= -S -l \$${forgejo_facility} -s \$${forgejo_priority} -T \ \$${name} .else DAEMONARGS= -f .endif SUB_LIST+= DAEMONARGS="${DAEMONARGS}" SSP_UNSAFE= true -LDFLAGS+= "'-X "code.gitea.io/gitea/modules/setting.CustomPath=${PREFIX}/etc/forgejo"'" -LDFLAGS+= "'-X "code.gitea.io/gitea/modules/setting.AppWorkPath=${PREFIX}/share/forgejo"'" +LDFLAGS+= "'-X "forgejo.org/modules/setting.CustomPath=${PREFIX}/etc/forgejo"'" \ + "'-X "forgejo.org/modules/setting.AppWorkPath=${PREFIX}/share/forgejo"'" MAKE_ARGS= GOPATH=${WRKDIR} \ TAGS="${GO_TAGS}" \ GOFLAGS="-buildvcs=false" ALL_TARGET= backend MAKE_JOBS_UNSAFE= yes post-patch: ${ECHO_CMD} ${DISTVERSION} >${WRKSRC}/VERSION # Too lazy to figure out why go install won't work. do-install: # Go binary is statically linked and cannot be stripped, so use # INSTALL_SCRIPT. ${INSTALL_SCRIPT} ${WRKSRC}/gitea \ ${STAGEDIR}${PREFIX}/sbin/forgejo @${MKDIR} ${STAGEDIR}${ETCDIR}/conf ${INSTALL_DATA} ${WRKDIR}/app.ini.sample \ ${STAGEDIR}${ETCDIR}/conf/app.ini.sample ${INSTALL_DATA} ${WRKSRC}/custom/conf/app.example.ini \ ${STAGEDIR}${ETCDIR}/conf/app.ini.defaults ${MKDIR} ${STAGEDIR}${DATADIR} ${MKDIR} ${STAGEDIR}/var/db/forgejo/data ${MKDIR} ${STAGEDIR}/var/db/forgejo/forgejo-repositories ${MKDIR} ${STAGEDIR}/var/log/forgejo do-install-BINDATA-off: cd ${WRKSRC} && \ ${COPYTREE_SHARE} "options public templates" ${STAGEDIR}${DATADIR} .include diff --git a/www/forgejo/distinfo b/www/forgejo/distinfo index 0e31c7002884..bc1a84164f32 100644 --- a/www/forgejo/distinfo +++ b/www/forgejo/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1746741570 -SHA256 (forgejo-src-11.0.1.tar.gz) = b8ae645099821e978d096888d17d7e969b05b2b7576ae1d0f4850238305fedd6 -SIZE (forgejo-src-11.0.1.tar.gz) = 55352620 +TIMESTAMP = 1750496838 +SHA256 (forgejo-src-11.0.2.tar.gz) = de6646704769ae69e80feeb8aef0ae6fffad84602fc2d003a49c903e36f9d06d +SIZE (forgejo-src-11.0.2.tar.gz) = 55477978 diff --git a/www/forgejo/files/app.ini.sample.in b/www/forgejo/files/app.ini.sample.in index d625a9ebabab..b54e756578be 100644 --- a/www/forgejo/files/app.ini.sample.in +++ b/www/forgejo/files/app.ini.sample.in @@ -1,93 +1,94 @@ # # Sample Configuration for Forgejo using SQLite # # For information on the available settings, consult the online # documentation, or see the accompanying file app.ini.defaults, which # contains the settings incorporated into the forgejo binary. # # This sample configuration runs Forgejo with a local database. Before # running this configuration, make sure to change the INTERNAL_TOKEN, # JWT_SECRET, and SECRET_KEY variables. SECRET_KEY is a password of your # choosing, INTERNAL_TOKEN is a 64-byte random number in BASE64 encoding, # JWT_SECRET is a 32-byte random number in BASE64 encoding. # -# You can generate the token using for example: -# openssl rand -base64 64 +# You can generate appropriate values using: +# gitea generate secret [INTERNAL_TOKEN|JWT_SECRET|LFS_JWT_SECRET|SECRET_KEY] +# and then copy that output to the appropriate place in this file. # # You can let Forgejo add these to the config for you; you need to make # app.ini writeable by the git user. # # There are no pre-configured users; the first user to register becomes an # admin. In this sample configuration, the HTTP server only listens on # localhost. # # If you'd rather use the web-based installer, remove this conf/app.ini file # and make %%PREFIX%%/etc/forgejo/conf writeable to the git user. APP_NAME = Forgejo: A self-hosted lightweight software forge RUN_MODE = prod RUN_USER = %%GITUSER%% [database] DB_TYPE = sqlite3 HOST = 127.0.0.1:3306 NAME = forgejo PASSWD = PATH = /var/db/forgejo/forgejo.db SSL_MODE = disable USER = root [indexer] ISSUE_INDEXER_PATH = /var/db/forgejo/indexers/issues.bleve [log] LEVEL = Info MODE = file ROOT_PATH = /var/log/forgejo [mailer] ENABLED = false [oauth2] JWT_SECRET = CHANGE_ME [picture] AVATAR_UPLOAD_PATH = /var/db/forgejo/data/avatars DISABLE_GRAVATAR = true ENABLE_FEDERATED_AVATAR = false [repository] ROOT = /var/db/forgejo/forgejo-repositories # Forgejo's default is 'bash', so if you have bash installed, you can comment # this out. SCRIPT_TYPE = sh [repository.upload] TEMP_PATH = /var/db/forgejo/data/tmp/uploads [security] INSTALL_LOCK = true INTERNAL_TOKEN = CHANGE_ME SECRET_KEY = CHANGE_ME [session] PROVIDER = file PROVIDER_CONFIG = /var/db/forgejo/data/sessions [server] APP_DATA_PATH = /var/db/forgejo/data DISABLE_SSH = false DOMAIN = localhost HTTP_ADDR = 127.0.0.1 HTTP_PORT = 3000 OFFLINE_MODE = false ROOT_URL = http://localhost:3000/ SSH_DOMAIN = %(DOMAIN)s SSH_PORT = 22 [service] DISABLE_REGISTRATION = false ENABLE_CAPTCHA = true ENABLE_NOTIFY_MAIL = false REGISTER_EMAIL_CONFIRM = false REQUIRE_SIGNIN_VIEW = false diff --git a/www/forgejo/files/forgejo.in b/www/forgejo/files/forgejo.in index 2879239c7d68..026fed82b0b2 100644 --- a/www/forgejo/files/forgejo.in +++ b/www/forgejo/files/forgejo.in @@ -1,65 +1,66 @@ #!/bin/sh # PROVIDE: forgejo # REQUIRE: NETWORKING SYSLOG # KEYWORD: shutdown # # Add the following lines to /etc/rc.conf to enable forgejo: # #forgejo_enable="YES" . /etc/rc.subr name="forgejo" rcvar="forgejo_enable" load_rc_config $name : ${forgejo_user:="%%GITUSER%%"} : ${forgejo_enable:="NO"} : ${forgejo_configcheck_enable:="YES"} : ${forgejo_facility:="daemon"} : ${forgejo_priority:="info"} : ${forgejo_shared:="%%PREFIX%%/share/${name}"} : ${forgejo_custom:="%%PREFIX%%/etc/${name}"} command="%%PREFIX%%/sbin/${name} web" procname="%%PREFIX%%/sbin/${name}" githome="$(eval echo ~${forgejo_user})" pidfile="/var/run/${name}.pid" start_cmd="${name}_start" start_precmd="${name}_prestart" forgejo_start() { for d in /var/db/forgejo /var/log/forgejo; do if [ ! -e "$d" ]; then mkdir "$d" chown ${forgejo_user} "$d" fi done /usr/sbin/daemon %%DAEMONARGS%% \ -u ${forgejo_user} -p ${pidfile} \ /usr/bin/env -i \ "FORGEJO_WORK_DIR=${forgejo_shared}" \ "FORGEJO_CUSTOM=${forgejo_custom}" \ "HOME=${githome}" \ "PATH=%%PREFIX%%/bin:${PATH}" \ "USER=${forgejo_user}" \ $command } forgejo_prestart() { if checkyesno forgejo_configcheck_enable; then - if su -m ${forgejo_user} -c "%%PREFIX%%/sbin/${name} doctor check >/dev/null"; then + if su -m ${forgejo_user} -c "FORGEJO_CUSTOM=${forgejo_custom} \ + %%PREFIX%%/sbin/${name} doctor check >/dev/null"; then else echo "cannot start ${name} because of configuration errors. Run" >&2 echo " su -m git -c '${name} doctor check'" >&2 echo "for further details" return 1 fi fi } run_rc_command "$1" diff --git a/www/forgejo/files/patch-pam b/www/forgejo/files/patch-pam deleted file mode 100644 index 78e5366e887b..000000000000 --- a/www/forgejo/files/patch-pam +++ /dev/null @@ -1,115 +0,0 @@ ---- vendor/github.com/msteinert/pam/v2/errors.go.orig 2025-05-02 07:02:58 UTC -+++ vendor/github.com/msteinert/pam/v2/errors.go -@@ -77,15 +77,6 @@ const ( - ErrAuthtokExpired Error = C.PAM_AUTHTOK_EXPIRED - // ErrModuleUnknown indicates a module is not known. - ErrModuleUnknown Error = C.PAM_MODULE_UNKNOWN -- // ErrBadItem indicates a bad item passed to pam_*_item(). -- ErrBadItem Error = C.PAM_BAD_ITEM -- // ErrConvAgain indicates a conversation function is event driven and data -- // is not available yet. -- ErrConvAgain Error = C.PAM_CONV_AGAIN -- // ErrIncomplete indicates to please call this function again to complete -- // authentication stack. Before calling again, verify that conversation -- // is completed. -- ErrIncomplete Error = C.PAM_INCOMPLETE - ) - - // Error returns the error message for the given status. ---- vendor/github.com/msteinert/pam/v2/errors_linux.go.orig 1970-01-01 00:00:00 UTC -+++ vendor/github.com/msteinert/pam/v2/errors_linux.go -@@ -0,0 +1,21 @@ -+//go:build linux -+ -+package pam -+ -+/* -+#include -+*/ -+import "C" -+ -+// Pam Return types -+const ( -+ // ErrBadItem indicates a bad item passed to pam_*_item(). -+ ErrBadItem Error = C.PAM_BAD_ITEM -+ // ErrConvAgain indicates a conversation function is event driven and data -+ // is not available yet. -+ ErrConvAgain Error = C.PAM_CONV_AGAIN -+ // ErrIncomplete indicates to please call this function again to complete -+ // authentication stack. Before calling again, verify that conversation -+ // is completed. -+ ErrIncomplete Error = C.PAM_INCOMPLETE -+) ---- vendor/github.com/msteinert/pam/v2/transaction.c.orig 2025-05-02 07:02:58 UTC -+++ vendor/github.com/msteinert/pam/v2/transaction.c -@@ -47,15 +47,30 @@ void init_pam_conv(struct pam_conv *conv, uintptr_t ap - conv->appdata_ptr = (void *)appdata; - } - -+#ifdef OPENPAM -+int pam_start_confdir(const char *service_name, const char *user, const struct pam_conv *pam_conversation, -+ const char *confdir, pam_handle_t **pamh) -+{ -+ if (pamh != NULL) -+ *pamh = NULL; -+ -+ return PAM_SYSTEM_ERR; -+} -+#else - // pam_start_confdir is a recent PAM api to declare a confdir (mostly for - // tests) weaken the linking dependency to detect if it’s present. - int pam_start_confdir(const char *service_name, const char *user, const struct pam_conv *pam_conversation, - const char *confdir, pam_handle_t **pamh) __attribute__((weak)); -+#endif - - int check_pam_start_confdir(void) - { -+#ifdef OPENPAM -+ return 1; -+#else - if (pam_start_confdir == NULL) - return 1; - - return 0; -+#endif - } ---- vendor/github.com/msteinert/pam/v2/transaction.go.orig 2025-05-02 07:02:58 UTC -+++ vendor/github.com/msteinert/pam/v2/transaction.go -@@ -257,14 +257,6 @@ const ( - Ruser Item = C.PAM_RUSER - // UserPrompt is the string use to prompt for a username. - UserPrompt Item = C.PAM_USER_PROMPT -- // FailDelay is the app supplied function to override failure delays. -- FailDelay Item = C.PAM_FAIL_DELAY -- // Xdisplay is the X display name -- Xdisplay Item = C.PAM_XDISPLAY -- // Xauthdata is the X server authentication data. -- Xauthdata Item = C.PAM_XAUTHDATA -- // AuthtokType is the type for pam_get_authtok -- AuthtokType Item = C.PAM_AUTHTOK_TYPE - ) - - // SetItem sets a PAM information item. ---- vendor/github.com/msteinert/pam/v2/transaction_linux.go.orig 1970-01-01 00:00:00 UTC -+++ vendor/github.com/msteinert/pam/v2/transaction_linux.go -@@ -0,0 +1,20 @@ -+//go:build linux -+ -+package pam -+ -+/* -+#include -+*/ -+import "C" -+ -+// PAM Item types. -+const ( -+ // FailDelay is the app supplied function to override failure delays. -+ FailDelay Item = C.PAM_FAIL_DELAY -+ // Xdisplay is the X display name -+ Xdisplay Item = C.PAM_XDISPLAY -+ // Xauthdata is the X server authentication data. -+ Xauthdata Item = C.PAM_XAUTHDATA -+ // AuthtokType is the type for pam_get_authtok -+ AuthtokType Item = C.PAM_AUTHTOK_TYPE -+)