Merge branch 'renovate/codeberg.org-forgejo-forgejo-14.x' into sutty

Merge branch 'renovate/codeberg.org-forgejo-forgejo-14.x' of ssh://git.coopcloud.tech:2222/coop-cloud/forgejo into renovate/codeberg.org-forgejo-forgejo-14.x
chore(deps): update codeberg.org/forgejo/forgejo docker tag to v14
2026-01-17 20:51:49 -03:00 · 2026-01-17 20:51:36 -03:00 · 2026-01-17 07:25:46 +00:00 · 2026-01-16 15:52:47 -03:00 · 2026-01-16 15:52:38 -03:00 · 2026-01-16 15:38:43 -03:00
10 changed files with 7 additions and 98 deletions
--- a/.env.sample
+++ b/.env.sample
@ -56,25 +56,6 @@ SECRET_DB_ROOT_PASSWORD_VERSION=v1
 SECRET_JWT_SECRET_VERSION=v1 # length=43
 SECRET_SECRET_KEY_VERSION=v1 # length=64

-# Change to "minio" an configure to enable S3 storage
-# https://forgejo.org/docs/latest/admin/setup/storage/
-GITEA_STORAGE_TYPE=local
-# MINIO_ENDPOINT=
-# MINIO_ACCESS_KEY_ID=
-# SECRET_MINIO_SECRET_ACCESS_KEY_VERSION=v1
-# MINIO_BUCKET=
-# MINIO_BUCKET_LOOKUP=auto
-# MINIO_LOCATION=garage
-# MINIO_CHECKSUM_ALGORITHM=default
-# COMPOSE_FILE="$COMPOSE_FILE:compose.s3.yml"
-
-# Instance Commit Signing
-# https://forgejo.org/docs/latest/admin/advanced/signing/
-# COMPOSE_FILE="$COMPOSE_FILE:compose.signing.yml"
-# GITEA_SIGNING_ENABLED=1
-# SECRET_SIGNING_PUBLIC_KEY_VERSION=v1
-# SECRET_SIGNING_PRIVATE_KEY_VERSION=v1
-
 # SMTP Mailer
 # COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
 # GITEA_SMTP_MAILER_ENABLED=1
--- a/README.md
+++ b/README.md
@ -66,16 +66,3 @@ Note that gitea should be configured to listen to port 2222, i.e. `GITEA_SSH_POR
 Uncomment the Anubis compose file from the `.env` file and re-deploy the
 app.  Don't forget to actually [enable Anubis on the Traefik app
 too](https://recipes.coopcloud.tech/traefik)!
-
-## [Instance Commit Signing](https://forgejo.org/docs/latest/admin/advanced/signing/)
-
-To allow Forgejo to sign commits, uncomment the corresponding
-configuration block, and then generate and insert the SSH keys:
-
-```sh
-abra app config git.example.coop
-ssh-keygen -t ed25519
-app app secret insert git.example.coop signing_public_key v1 -f ~/.ssh/id_ed25519.pub
-app app secret insert git.example.coop signing_private_key v1 -f ~/.ssh/id_ed25519
-app app deploy git.example.coop
-```
--- a/abra.sh
+++ b/abra.sh
@ -1,5 +1,5 @@
 export APP_INI_VERSION=v25
-export DOCKER_SETUP_SH_VERSION=v2
+export DOCKER_SETUP_SH_VERSION=v1
 export PG_BACKUP_VERSION=v1

 abra_backup_app() {
--- a/app.ini.tmpl
+++ b/app.ini.tmpl
@ -16,21 +16,6 @@ PATH = {{ env "GITEA_PATH" }}
 DISABLE_GRAVATAR = {{ env "GITEA_DISABLE_GRAVATAR" }}
 ENABLE_FEDERATED_AVATAR = {{ env "GITEA_ENABLE_FEDERATED_AVATAR" }}

-[storage]
-STORAGE_TYPE = {{ env "GITEA_STORAGE_TYPE" }}
-{{ if eq (env "GITEA_STORAGE_TYPE") "minio" }}
-SERVE_DIRECT = false
-MINIO_ENDPOINT = {{ env "MINIO_ENDPOINT" }}
-MINIO_ACCESS_KEY_ID = {{ env "MINIO_ACCESS_KEY_ID" }}
-MINIO_SECRET_ACCESS_KEY = {{ secret "minio_secret_access_key" }}
-MINIO_BUCKET = {{ env "MINIO_BUCKET" }}
-MINIO_BUCKET_LOOKUP = {{ env "MINIO_BUCKET_LOOKUP" }}
-MINIO_LOCATION = {{ env "MINIO_LOCATION" }}
-MINIO_USE_SSL = true
-MINIO_INSECURE_SKIP_VERIFY = false
-MINIO_CHECKSUM_ALGORITHM = {{ env "MINIO_CHECKSUM_ALGORITHM" }}
-{{ end }}
-
 [service]
 ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ env "GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION" }}
 ALLOW_ONLY_INTERNAL_REGISTRATION = {{ env "GITEA_ALLOW_ONLY_INTERNAL_REGISTRATION" }}
@ -62,18 +47,6 @@ ALLOWED_TYPES = {{ env "GITEA_REPO_UPLOAD_ALLOWED_TYPES" }}
 FILE_MAX_SIZE = {{ env "GITEA_REPO_UPLOAD_MAX_SIZE" }}
 MAX_FILES = {{ env "GITEA_REPO_UPLOAD_MAX_FILES" }}

-{{ if eq (env "GITEA_SIGNING_ENABLED") "1" }}
-[repository.signing]
-FORMAT = ssh
-SIGNING_KEY = /var/lib/gitea/signing_key.pub
-SIGNING_NAME = {{ env "GITEA_APP_NAME" }}
-SIGNING_EMAIL = {{ env "GITEA_MAILER_FROM" }}
-INITIAL_COMMIT = always
-WIKI = always
-CRUD_ACTIONS = always
-MERGES = always
-{{ end }}
-
 [ui]
 SHOW_USER_EMAIL = {{ env "GITEA_SHOW_USER_EMAIL" }}

@ -138,4 +111,3 @@ MODE=console
 LEVEL=WARN
 STACKTRACE_LEVEL=None
 ENABLE_XORM_LOG=false
-
--- a/compose.s3.yml
+++ b/compose.s3.yml
@ -1,10 +0,0 @@
---
-version: "3.8"
-services:
-  app:
-    secrets:
-      - minio_secret_access_key
-secrets:
-  minio_secret_access_key:
-    name: ${STACK_NAME}_minio_secret_access_key_${SECRET_MINIO_SECRET_ACCESS_KEY_VERSION}
-    external: true
--- a/compose.signing.yml
+++ b/compose.signing.yml
@ -1,14 +0,0 @@
-version: '3.8'
-
-services:
-  app:
-    secrets:
-    - signing_public_key
-    - signing_private_key
-secrets:
-  signing_public_key:
-    name: ${STACK_NAME}_signing_public_key_${SECRET_SIGNING_PUBLIC_KEY_VERSION}
-    external: true
-  signing_private_key:
-    name: ${STACK_NAME}_signing_private_key_${SECRET_SIGNING_PRIVATE_KEY_VERSION}
-    external: true
--- a/compose.yml
+++ b/compose.yml
@ -3,10 +3,10 @@ version: "3.8"

 services:
  app:
-    image: codeberg.org/forgejo/forgejo:15.0.2-rootless
+    image: codeberg.org/forgejo/forgejo:14.0.1-rootless
    configs:
      - source: app_ini
-        target: /var/lib/gitea/custom/conf/app.ini
+        target: /etc/gitea/app.ini
      - source: docker_setup_sh
        target: /usr/local/bin/docker-setup.sh
        mode: 0555
@ -59,6 +59,7 @@ services:
      - GITEA_MAX_CREATION_LIMIT=${GITEA_MAX_CREATION_LIMIT:--1}
    volumes:
      - data:/var/lib/gitea
+      - config:/etc/gitea
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    networks:
@ -90,7 +91,7 @@ services:
        - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolalloworiginlist=https://${GITEA_CORS_ALLOW_DOMAIN}"
        - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolmaxage=100"
        - "traefik.http.middlewares.${STACK_NAME}_cors.headers.addvaryheader=true"
-        - coop-cloud.${STACK_NAME}.version=5.3.1+15.0.2-rootless
+        - coop-cloud.${STACK_NAME}.version=5.0.3+13.0.4-rootless


 networks:
@ -124,3 +125,4 @@ secrets:

 volumes:
  data:
+  config:
--- a/docker-setup.sh.tmpl
+++ b/docker-setup.sh.tmpl
@ -13,10 +13,3 @@ mkdir -p ${GITEA_CUSTOM} && chmod 0500 ${GITEA_CUSTOM}
 # Prepare temp folder
 mkdir -p ${GITEA_TEMP} && chmod 0700 ${GITEA_TEMP}
 if [ ! -w ${GITEA_TEMP} ]; then echo "${GITEA_TEMP} is not writable"; exit 1; fi
-
-if [ -e /run/secrets/signing_public_key ] ; then
-  cat /run/secrets/signing_public_key > /var/lib/gitea/signing_key.pub
-  cat /run/secrets/signing_private_key > /var/lib/gitea/signing_key
-
-  chmod 600 /var/lib/gitea/signing_key*
-fi
--- a/release/5.1.0+14.0.1-rootless
+++ b/release/5.1.0+14.0.1-rootless
@ -1 +0,0 @@
-https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/14.0.0.md https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/14.0.1.md
--- a/renovate.json
+++ b/renovate.json
@ -4,7 +4,6 @@
    "config:recommended"
  ],
  "reviewers": [
-    "fauno",
-    "p4u1"
+    "team:forgejo-maintainers"
  ]
 }
Author	SHA1	Message	Date
f	05f5bcbf09	Merge branch 'renovate/codeberg.org-forgejo-forgejo-14.x' into sutty	2026-01-17 20:51:49 -03:00
f	84cf9024eb	Merge branch 'renovate/codeberg.org-forgejo-forgejo-14.x' of ssh://git.coopcloud.tech:2222/coop-cloud/forgejo into renovate/codeberg.org-forgejo-forgejo-14.x	2026-01-17 20:51:36 -03:00
Renovate Bot	dba55ce581	chore(deps): update codeberg.org/forgejo/forgejo docker tag to v14	2026-01-17 07:25:46 +00:00
f	faa1835e06	fix: abra.sh	2026-01-16 15:52:47 -03:00
f	4888a452cd	Merge branch 'internal-registration' into sutty	2026-01-16 15:52:38 -03:00
f	d621069451	Merge branch 'renovate/codeberg.org-forgejo-forgejo-14.x' into sutty	2026-01-16 15:38:43 -03:00
f	f91807efda	Merge branch 'main' of https://git.coopcloud.tech/coop-cloud/forgejo into sutty	2026-01-16 15:38:13 -03:00
Renovate Bot	3c45decd7a	chore(deps): update codeberg.org/forgejo/forgejo docker tag to v14	2026-01-15 14:00:42 +00:00
				`@ -1 +0,0 @@`
				`https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/14.0.0.md https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/14.0.1.md`