system-config/playbooks/roles/gitea/templates/app.ini.j2

APP_NAME = OpenDev: Free Software Needs Free Tools
RUN_MODE = prod
RUN_USER = git

[server]
APP_DATA_PATH    = /data/gitea
SSH_DOMAIN       = localhost
PROTOCOL         = https
HTTP_PORT        = 3000
ROOT_URL         = https://opendev.org/
DISABLE_SSH      = false
SSH_PORT         = 22
LFS_CONTENT_PATH = /data/git/lfs
DOMAIN           = localhost
LFS_START_SERVER = true
LFS_JWT_SECRET   = {{ gitea_lfs_jwt_secret }}
OFFLINE_MODE     = false
CERT_FILE        = /certs/cert.pem
KEY_FILE         = /certs/key.pem
REDIRECT_OTHER_PORT = true
PORT_TO_REDIRECT = 3080

[database]
DB_TYPE  = mysql
HOST     = localhost:3306
NAME     = gitea
USER     = {{ gitea_db_username }}
PASSWD   = {{ gitea_db_password }}
SSL_MODE = disable
LOG_SQL  = false

[repository]
ROOT = /data/git/repositories
DISABLED_REPO_UNITS = repo.issues,repo.pulls,repo.wiki,repo.projects,repo.actions
DISABLE_STARS = true
DISABLE_MIGRATIONS = true

[git]
; Implemented in 1.16 but broke older git clients. Now expected to work
; but we keep explicit config in place should it need to be toggled back
; to true again.
DISABLE_PARTIAL_CLONE = false

[federation]
ENABLED = false

[packages]
ENABLED = false

[indexer]
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
REPO_INDEXER_ENABLED = true
STARTUP_TIMEOUT = 300s

[session]
PROVIDER_CONFIG = /data/gitea/sessions
PROVIDER        = file

[picture]
AVATAR_UPLOAD_PATH = /data/gitea/avatars
DISABLE_GRAVATAR   = true

[attachment]
PATH = /data/gitea/attachments

[log]
ROOT_PATH = /logs
LEVEL     = Info
STACKTRACE_LEVEL = Error
ENABLE_ACCESS_LOG = true

[security]
INSTALL_LOCK   = true
SECRET_KEY     = {{ gitea_secret_key }}
INTERNAL_TOKEN = {{ gitea_internal_token }}
PASSWORD_COMPLEXITY = lower,upper,digit

[service]
DISABLE_REGISTRATION              = true
SHOW_REGISTRATION_BUTTON          = false
REQUIRE_SIGNIN_VIEW               = false
REGISTER_EMAIL_CONFIRM            = false
ENABLE_NOTIFY_MAIL                = false
ALLOW_ONLY_EXTERNAL_REGISTRATION  = false
ENABLE_CAPTCHA                    = false
DEFAULT_KEEP_EMAIL_PRIVATE        = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
ENABLE_TIMETRACKING               = false
DEFAULT_ENABLE_TIMETRACKING       = false
NO_REPLY_ADDRESS                  = noreply.example.org

[mailer]
ENABLED = false

[oauth2]
ENABLE = false

[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false

[markup.pandoc]
ENABLED = true
; List of file extensions that should be rendered by an external command
FILE_EXTENSIONS = .rst
; External command to render all matching extensions
RENDER_COMMAND = "/usr/bin/pandoc -f rst"
; Input is not a standard input but a file
IS_INPUT_FILE = false

[ui]
THEME_COLOR_META_TAG = `#ee265e`

[actions]
ENABLED = false