Compare commits

..

5 Commits

15 changed files with 93 additions and 1943 deletions

File diff suppressed because it is too large Load Diff

View File

@ -1,29 +0,0 @@
#!/bin/sh
set -- $(cat /proc/cmdline)
for opt; do
case "$opt" in
cryptroot=*)
KOPT_cryptroot=${opt#cryptroot=}
continue
;;
cryptdm=*)
KOPT_cryptdm=${opt#cryptdm=}
continue
;;
root=*)
KOPT_root=${opt#root=}
continue
;;
esac
done
while [ ! -b /dev/mapper/${KOPT_cryptdm} ]; do
/sbin/nlplug-findfs -c ${KOPT_cryptroot} -m ${KOPT_cryptdm} ${KOPT_debug_init:+-d} -p /sbin/mdev ${KOPT_root}
sleep 2
done
# Kill all struck nlplug-findfs jobs and dropbear
killall -9 nlplug-findfs
killall -9 dropbear

View File

@ -1,3 +0,0 @@
/usr/sbin/dropbear
/sbin/cryptsetup
/etc/dropbear/*

View File

@ -1,3 +0,0 @@
kernel/crypto/*
kernel/arch/*/crypto/*
kernel/drivers/md/dm-crypt.ko

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,32 +0,0 @@
#!/sbin/openrc-run
supervisor=supervise-daemon
name=gitea
command="/usr/bin/gitea"
command_user="${GITEA_USER:-gitea}"
command_args="web --config '${GITEA_CONF:-/etc/gitea/app.ini}'"
supervise_daemon_args="--env GITEA_WORK_DIR='${GITEA_WORK_DIR:-/var/lib/gitea}' --chdir '${GITEA_WORK_DIR:-/var/lib/gitea}' --stdout '${GITEA_LOG_FILE:-/var/log/gitea/http.log}' --stderr '${GITEA_LOG_FILE:-/var/log/gitea/http.log}'"
pidfile="/run/gitea.pid"
extra_started_commands="reopen_log"
capabilities="^cap_net_bind_service"
depend() {
use logger dns
need net
after firewall mysql postgresql
}
#https://github.com/go-gitea/gitea/issues/17976
#reload() {
# ebegin "Reloading ${RC_SVCNAME}"
# ${supervisor} ${RC_SVCNAME} --signal HUP --pidfile "${pidfile}"
# eend $?
#}
reopen_log() {
ebegin "Reopening logfile for ${RC_SVCNAME}"
${supervisor} ${RC_SVCNAME} --signal USR1 --pidfile "${pidfile}"
eend $?
}
# Taken from https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/community/gitea/gitea.initd

View File

@ -29,49 +29,7 @@ while [ ${#} -gt 0 ]; do
;; # NodeJS Version ;; # NodeJS Version
--static | -s) --static | -s)
BUILD_STATIC=true BUILD_STATIC=true
;; # Also Build Static Assets file ;; # Build as Static Assets file
--type=* )
BUILD_TYPE="${1#*=}"
BUILD_TYPE="${BUILD_TYPE,,}"
case $BUILD_TYPE in
"gitea") BUILD_TYPE="gitea" ;;
"forgejo") BUILD_TYPE="forgejo" ;;
"")
echo "ERROR : --type= is empty!"
exit 1
;;
*)
echo "ERROR : Vaild values for --type are -> gitea, forgejo"
exit 1
;;
esac
;;
--patch=* )
PATCH_FILES="${1#*=}"
case $PATCH_FILES in
"")
echo "ERROR: --patch= is empty!"
exit 1
;;
*)
;;
esac # Add Patches to your Gitea build. Format -> patch1.patch or patch1.patch,https://patch (Absolute path)
;;
--build-arch=* )
BUILD_ARCH="${1#*=}"
case $BUILD_ARCH in
"x86_64") BUILD_ARCH="x86_64" ;;
"aarch64") BUILD_ARCH="aarch64" ;;
"")
echo "ERROR : --build-arch= is empty!"
exit 1
;;
*)
echo "ERROR : Vaild values for --build-arch are -> x86_64, aarch64"
exit 1
;;
esac # Architect for your binary to be build. This is for Cross-compiling etc.
;;
*) *)
;; ;;
esac esac
@ -81,5 +39,4 @@ done
# Known Issues # Known Issues
- For Alpine Linux: to get `npm` installation working, please ensure community package is enable in `/etc/apk/repositories`
- This script required root privileges because of dependencies installation, which is hard to avoid. - This script required root privileges because of dependencies installation, which is hard to avoid.

View File

@ -1,82 +0,0 @@
#!/bin/bash
# Veracrypt Cryptsetup script.
#
# Mount Veracrypt drive using cryptsetup
# Currently, only working as promting script, CLI style is not Yet supported.
mount(){
${SUDOERS} cryptsetup --type tcrypt --veracrypt open /dev/$drive $container_name
if [ -e "/dev/mapper/$container_name" ]; then
${SUDOERS} mkdir -p "/mnt/$container_name"
printf "Directory /mnt/%s created.\n" $container_name
else
printf "Device /dev/mapper/%s does not exist.\n" $container_name
exit 1
fi
${SUDOERS} mount ${MOUNT_PARAMETERS[@]} /dev/mapper/$container_name /mnt/$container_name
}
unmount(){
${SUDOERS} umount /mnt/$container_name
if [ -e "/dev/mapper/$container_name" ]; then
DIRECTORY_CLEANUP=true
else
printf "Device /dev/mapper/%s does not exist.\n" $container_name
exit 1
fi
${SUDOERS} cryptsetup close /dev/mapper/$container_name
if [[ "$DIRECTORY_CLEANUP" == true ]]; then
${SUDOERS} rmdir /mnt/$container_name
fi
}
prompting() {
MODE=$1
printf "Available Disks:\n%s\n\nChoose: " "$DISKS"
read drive
printf "\nSelect Container Name: "
read container_name
case $MODE in
"mount") mount_permission_prompt && mount;;
"unmount") unmount;;
esac
}
mount_permission_prompt() {
printf "Currently the Mount Parameters is hardcoded, so you have not much choice!\n"
printf "Mounting with '-o umask=000' (Y/n)? "
read mount_permission
case $mount_permission in
"Y"|"y") MOUNT_PARAMETERS+="-o umask=000" ;;
"N"|"n") ;;
*) mount_permission_prompt ;;
esac
}
if sudo --validate; then
SUDOERS=sudo
else
SUDOERS=""
fi
DISKS=$(lsblk -n -o NAME,SIZE,TYPE)
MOUNT_PARAMETERS=()
printf "NOTICE! This script is intended to work with Veracrypt drives in linux only!\n"
printf "Mode: mount/unmount -> "
read MODE
MODE="${MODE,,}"
case $MODE in
"mount") prompting "mount";;
"unmount"|"umount") prompting "unmount";;
esac

View File

@ -1,7 +0,0 @@
# Gitea Patches
`gitea-v1.22.3-activitypub.patch` Security/Privacy improvement for Gitea and Forgejo(the patch is focused on Gitea but should've work on forgejo too!). Return a fake 404 Page when user visiblity is either "private" or "limited"
`gitea-v1.22.3-no-contributorStats.patch` Gitea's Activity: "Recent Commit" "Code Frequency" "Contributors" is a resource-intensive tasks. This could turn small device into flames! This patch is remove 'ContributorStats'.
`gitea-v1.22.3-no-contributorStats-all.patch` same as above, But this patch also remove paths from web.go and templates

View File

@ -1,27 +0,0 @@
diff --git a/routers/api/v1/activitypub/person.go b/routers/api/v1/activitypub/person.go
index 995a148f0b..10043fcbe1 100644
--- a/routers/api/v1/activitypub/person.go
+++ b/routers/api/v1/activitypub/person.go
@@ -8,6 +8,7 @@ import (
"net/http"
"strings"
+ user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/activitypub"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
@@ -36,6 +37,14 @@ func Person(ctx *context.APIContext) {
// TODO: the setting.AppURL during the test doesn't follow the definition: "It always has a '/' suffix"
link := fmt.Sprintf("%s/api/v1/activitypub/user-id/%d", strings.TrimSuffix(setting.AppURL, "/"), ctx.ContextUser.ID)
+
+ // Fake 404 Error when user visiblity is private/limited
+ if ctx.ContextUser.Visibility.IsPrivate() || ctx.ContextUser.Visibility.IsLimited() {
+ // ctx.Error(status, title, obj)
+ ctx.Error(http.StatusNotFound, "", user_model.ErrUserNotExist{UID: ctx.ContextUser.ID}.Error())
+ return
+ }
+
person := ap.PersonNew(ap.IRI(link))
person.Name = ap.NaturalLanguageValuesNew()

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff