From 335b18d4c50171ef1e2ee64e81f2a1db5d3de6b2 Mon Sep 17 00:00:00 2001 From: Jason Song Date: Thu, 14 Mar 2024 12:22:10 +0800 Subject: [PATCH 1/4] chore: enable unsafeAllowRunAsRoot by env --- modules/setting/setting.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 6e7ce7e67fd3..34e6a3a3d2cb 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -158,9 +158,14 @@ func loadCommonSettingsFrom(cfg ConfigProvider) error { func loadRunModeFrom(rootCfg ConfigProvider) { rootSec := rootCfg.Section("") RunUser = rootSec.Key("RUN_USER").MustString(user.CurrentUsername()) + // The following is a purposefully undocumented option. Please do not run Gitea as root. It will only cause future headaches. // Please don't use root as a bandaid to "fix" something that is broken, instead the broken thing should instead be fixed properly. unsafeAllowRunAsRoot := ConfigSectionKeyBool(rootSec, "I_AM_BEING_UNSAFE_RUNNING_AS_ROOT") + if !unsafeAllowRunAsRoot && os.Getenv("GITEA_I_AM_BEING_UNSAFE_RUNNING_AS_ROOT") == "true" { + unsafeAllowRunAsRoot = true + } + RunMode = os.Getenv("GITEA_RUN_MODE") if RunMode == "" { RunMode = rootSec.Key("RUN_MODE").MustString("prod") From c6849304da15c6a87a72544c379ac669a59d27ce Mon Sep 17 00:00:00 2001 From: Jason Song Date: Thu, 14 Mar 2024 13:42:36 +0800 Subject: [PATCH 2/4] chore: patch --- modules/setting/setting.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 34e6a3a3d2cb..71228c00ed36 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -8,6 +8,7 @@ import ( "fmt" "os" "runtime" + "strconv" "strings" "time" @@ -162,9 +163,10 @@ func loadRunModeFrom(rootCfg ConfigProvider) { // The following is a purposefully undocumented option. Please do not run Gitea as root. It will only cause future headaches. // Please don't use root as a bandaid to "fix" something that is broken, instead the broken thing should instead be fixed properly. unsafeAllowRunAsRoot := ConfigSectionKeyBool(rootSec, "I_AM_BEING_UNSAFE_RUNNING_AS_ROOT") - if !unsafeAllowRunAsRoot && os.Getenv("GITEA_I_AM_BEING_UNSAFE_RUNNING_AS_ROOT") == "true" { - unsafeAllowRunAsRoot = true - } + unsafeAllowRunAsRoot = unsafeAllowRunAsRoot || func() bool { + v, _ := strconv.ParseBool(os.Getenv("GITEA_I_AM_BEING_UNSAFE_RUNNING_AS_ROOT")) + return v + }() RunMode = os.Getenv("GITEA_RUN_MODE") if RunMode == "" { From 43bb748126155457b7a20ec88bf1f794434f4023 Mon Sep 17 00:00:00 2001 From: Jason Song Date: Thu, 14 Mar 2024 16:03:53 +0800 Subject: [PATCH 3/4] Update modules/setting/setting.go Co-authored-by: wxiaoguang --- modules/setting/setting.go | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 71228c00ed36..9f3a05dd52cb 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -163,11 +163,7 @@ func loadRunModeFrom(rootCfg ConfigProvider) { // The following is a purposefully undocumented option. Please do not run Gitea as root. It will only cause future headaches. // Please don't use root as a bandaid to "fix" something that is broken, instead the broken thing should instead be fixed properly. unsafeAllowRunAsRoot := ConfigSectionKeyBool(rootSec, "I_AM_BEING_UNSAFE_RUNNING_AS_ROOT") - unsafeAllowRunAsRoot = unsafeAllowRunAsRoot || func() bool { - v, _ := strconv.ParseBool(os.Getenv("GITEA_I_AM_BEING_UNSAFE_RUNNING_AS_ROOT")) - return v - }() - + unsafeAllowRunAsRoot = unsafeAllowRunAsRoot || util.OptionalBoolParse(os.Getenv("GITEA_I_AM_BEING_UNSAFE_RUNNING_AS_ROOT")).Value() RunMode = os.Getenv("GITEA_RUN_MODE") if RunMode == "" { RunMode = rootSec.Key("RUN_MODE").MustString("prod") From d1a7b5c09e5294841bacb621edf2bde8ad9d1bfa Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Thu, 14 Mar 2024 16:08:48 +0800 Subject: [PATCH 4/4] Update setting.go --- modules/setting/setting.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 9f3a05dd52cb..13821da44d67 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -8,12 +8,12 @@ import ( "fmt" "os" "runtime" - "strconv" "strings" "time" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/user" + "code.gitea.io/gitea/modules/util" ) // settings