mirror of
https://codeberg.org/Codeberg/pages-server.git
synced 2025-01-18 16:47:54 +00:00
bb7cfbb37c
This can be useful when the pages-server is running behing a proxy, to keep track of the originating ip. Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/394 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: Julien Malka <julien@malka.sh> Co-committed-by: Julien Malka <julien@malka.sh>
214 lines
7 KiB
Go
214 lines
7 KiB
Go
package cli
|
|
|
|
import (
|
|
"github.com/urfave/cli/v2"
|
|
)
|
|
|
|
var (
|
|
CertStorageFlags = []cli.Flag{
|
|
&cli.StringFlag{
|
|
Name: "db-type",
|
|
Usage: "Specify the database driver. Valid options are \"sqlite3\", \"mysql\" and \"postgres\". Read more at https://xorm.io",
|
|
Value: "sqlite3",
|
|
EnvVars: []string{"DB_TYPE"},
|
|
},
|
|
&cli.StringFlag{
|
|
Name: "db-conn",
|
|
Usage: "Specify the database connection. For \"sqlite3\" it's the filepath. Read more at https://go.dev/doc/tutorial/database-access",
|
|
Value: "certs.sqlite",
|
|
EnvVars: []string{"DB_CONN"},
|
|
},
|
|
}
|
|
|
|
ServerFlags = append(CertStorageFlags, []cli.Flag{
|
|
// #############
|
|
// ### Forge ###
|
|
// #############
|
|
// ForgeRoot specifies the root URL of the Forge instance, without a trailing slash.
|
|
&cli.StringFlag{
|
|
Name: "forge-root",
|
|
Aliases: []string{"gitea-root"},
|
|
Usage: "specifies the root URL of the Forgejo/Gitea instance, without a trailing slash.",
|
|
EnvVars: []string{"FORGE_ROOT", "GITEA_ROOT"},
|
|
},
|
|
// ForgeApiToken specifies an api token for the Forge instance
|
|
&cli.StringFlag{
|
|
Name: "forge-api-token",
|
|
Aliases: []string{"gitea-api-token"},
|
|
Usage: "specifies an api token for the Forgejo/Gitea instance",
|
|
EnvVars: []string{"FORGE_API_TOKEN", "GITEA_API_TOKEN"},
|
|
},
|
|
&cli.BoolFlag{
|
|
Name: "enable-lfs-support",
|
|
Usage: "enable lfs support, gitea must be version v1.17.0 or higher",
|
|
EnvVars: []string{"ENABLE_LFS_SUPPORT"},
|
|
Value: false,
|
|
},
|
|
&cli.BoolFlag{
|
|
Name: "enable-symlink-support",
|
|
Usage: "follow symlinks if enabled, gitea must be version v1.18.0 or higher",
|
|
EnvVars: []string{"ENABLE_SYMLINK_SUPPORT"},
|
|
Value: false,
|
|
},
|
|
&cli.StringFlag{
|
|
Name: "default-mime-type",
|
|
Usage: "specifies the default mime type for files that don't have a specific mime type.",
|
|
EnvVars: []string{"DEFAULT_MIME_TYPE"},
|
|
Value: "application/octet-stream",
|
|
},
|
|
&cli.StringSliceFlag{
|
|
Name: "forbidden-mime-types",
|
|
Usage: "specifies the forbidden mime types. Use this flag multiple times for multiple mime types.",
|
|
EnvVars: []string{"FORBIDDEN_MIME_TYPES"},
|
|
},
|
|
|
|
// ###########################
|
|
// ### Page Server Domains ###
|
|
// ###########################
|
|
// MainDomainSuffix specifies the main domain (starting with a dot) for which subdomains shall be served as static
|
|
// pages, or used for comparison in CNAME lookups. Static pages can be accessed through
|
|
// https://{owner}.{MainDomain}[/{repo}], with repo defaulting to "pages".
|
|
&cli.StringFlag{
|
|
Name: "pages-domain",
|
|
Usage: "specifies the main domain (starting with a dot) for which subdomains shall be served as static pages",
|
|
EnvVars: []string{"PAGES_DOMAIN"},
|
|
},
|
|
// RawDomain specifies the domain from which raw repository content shall be served in the following format:
|
|
// https://{RawDomain}/{owner}/{repo}[/{branch|tag|commit}/{version}]/{filepath...}
|
|
// (set to []byte(nil) to disable raw content hosting)
|
|
&cli.StringFlag{
|
|
Name: "raw-domain",
|
|
Usage: "specifies the domain from which raw repository content shall be served, not set disable raw content hosting",
|
|
EnvVars: []string{"RAW_DOMAIN"},
|
|
},
|
|
|
|
// #########################
|
|
// ### Page Server Setup ###
|
|
// #########################
|
|
&cli.StringFlag{
|
|
Name: "host",
|
|
Usage: "specifies host of listening address",
|
|
EnvVars: []string{"HOST"},
|
|
Value: "[::]",
|
|
},
|
|
&cli.UintFlag{
|
|
Name: "port",
|
|
Usage: "specifies the https port to listen to ssl requests",
|
|
EnvVars: []string{"PORT", "HTTPS_PORT"},
|
|
Value: 443,
|
|
},
|
|
&cli.UintFlag{
|
|
Name: "http-port",
|
|
Usage: "specifies the http port, you also have to enable http server via ENABLE_HTTP_SERVER=true",
|
|
EnvVars: []string{"HTTP_PORT"},
|
|
Value: 80,
|
|
},
|
|
&cli.BoolFlag{
|
|
Name: "enable-http-server",
|
|
Usage: "start a http server to redirect to https and respond to http acme challenges",
|
|
EnvVars: []string{"ENABLE_HTTP_SERVER"},
|
|
Value: false,
|
|
},
|
|
&cli.BoolFlag{
|
|
Name: "use-proxy-protocol",
|
|
Usage: "use the proxy protocol",
|
|
EnvVars: []string{"USE_PROXY_PROTOCOL"},
|
|
Value: false,
|
|
},
|
|
|
|
// Default branches to fetch assets from
|
|
&cli.StringSliceFlag{
|
|
Name: "pages-branch",
|
|
Usage: "define a branch to fetch assets from. Use this flag multiple times for multiple branches.",
|
|
EnvVars: []string{"PAGES_BRANCHES"},
|
|
Value: cli.NewStringSlice("pages"),
|
|
},
|
|
|
|
&cli.StringSliceFlag{
|
|
Name: "allowed-cors-domains",
|
|
Usage: "specify allowed CORS domains. Use this flag multiple times for multiple domains.",
|
|
EnvVars: []string{"ALLOWED_CORS_DOMAINS"},
|
|
},
|
|
&cli.StringSliceFlag{
|
|
Name: "blacklisted-paths",
|
|
Usage: "return an error on these url paths.Use this flag multiple times for multiple paths.",
|
|
EnvVars: []string{"BLACKLISTED_PATHS"},
|
|
},
|
|
|
|
&cli.StringFlag{
|
|
Name: "log-level",
|
|
Value: "warn",
|
|
Usage: "specify at which log level should be logged. Possible options: info, warn, error, fatal",
|
|
EnvVars: []string{"LOG_LEVEL"},
|
|
},
|
|
&cli.StringFlag{
|
|
Name: "config-file",
|
|
Usage: "specify the location of the config file",
|
|
Aliases: []string{"config"},
|
|
EnvVars: []string{"CONFIG_FILE"},
|
|
},
|
|
|
|
&cli.BoolFlag{
|
|
Name: "enable-profiling",
|
|
Usage: "enables the go http profiling endpoints",
|
|
EnvVars: []string{"ENABLE_PROFILING"},
|
|
},
|
|
&cli.StringFlag{
|
|
Name: "profiling-address",
|
|
Usage: "specify ip address and port the profiling server should listen on",
|
|
EnvVars: []string{"PROFILING_ADDRESS"},
|
|
Value: "localhost:9999",
|
|
},
|
|
|
|
// ############################
|
|
// ### ACME Client Settings ###
|
|
// ############################
|
|
&cli.StringFlag{
|
|
Name: "acme-api-endpoint",
|
|
EnvVars: []string{"ACME_API"},
|
|
Value: "https://acme-v02.api.letsencrypt.org/directory",
|
|
},
|
|
&cli.StringFlag{
|
|
Name: "acme-email",
|
|
EnvVars: []string{"ACME_EMAIL"},
|
|
Value: "noreply@example.email",
|
|
},
|
|
&cli.BoolFlag{
|
|
Name: "acme-use-rate-limits",
|
|
// TODO: Usage
|
|
EnvVars: []string{"ACME_USE_RATE_LIMITS"},
|
|
Value: true,
|
|
},
|
|
&cli.BoolFlag{
|
|
Name: "acme-accept-terms",
|
|
Usage: "To accept the ACME ToS",
|
|
EnvVars: []string{"ACME_ACCEPT_TERMS"},
|
|
},
|
|
&cli.StringFlag{
|
|
Name: "acme-eab-kid",
|
|
Usage: "Register the current account to the ACME server with external binding.",
|
|
EnvVars: []string{"ACME_EAB_KID"},
|
|
},
|
|
&cli.StringFlag{
|
|
Name: "acme-eab-hmac",
|
|
Usage: "Register the current account to the ACME server with external binding.",
|
|
EnvVars: []string{"ACME_EAB_HMAC"},
|
|
},
|
|
&cli.StringFlag{
|
|
Name: "dns-provider",
|
|
Usage: "Use DNS-Challenge for main domain. Read more at: https://go-acme.github.io/lego/dns/",
|
|
EnvVars: []string{"DNS_PROVIDER"},
|
|
},
|
|
&cli.BoolFlag{
|
|
Name: "no-dns-01",
|
|
Usage: "Always use individual certificates instead of a DNS-01 wild card certificate",
|
|
EnvVars: []string{"NO_DNS_01"},
|
|
},
|
|
&cli.StringFlag{
|
|
Name: "acme-account-config",
|
|
Usage: "json file of acme account",
|
|
Value: "acme-account.json",
|
|
EnvVars: []string{"ACME_ACCOUNT_CONFIG"},
|
|
},
|
|
}...)
|
|
)
|