Commit graph

6 commits

Author SHA1 Message Date
Mathieu Fenniak
81a5b0d840 fix: remove default 'REVERSE_PROXY_TRUSTED_PROXIES = *' from docker config (#12782)
Forgejo's docker containers had `REVERSE_PROXY_TRUSTED_PROXIES = *` configured in them by default.  In the event that the Forgejo sysadmin set the docker environment variable `FORGEJO__service__ENABLE_REVERSE_PROXY_AUTHENTICATION` to the value `true`, *and* an unauthorized user could access Forgejo without traversing a reverse proxy performing authentication, then an unauthorized user could use the `X-WebAuth-User` HTTP header to impersonate any user.  While this is an unlikely set of configuration settings, it seems more prudent for the Forgejo to require a sysadmin to choose an appropriate value for `REVERSE_PROXY_TRUSTED_PROXIES`.  Even in a containerized environment, this value can be used safely and set to reasonable values if firewall-level networking is in use (eg. using [Docker with iptables](https://docs.docker.com/engine/network/firewall-iptables/)), which is the common default for docker systems in 2026.

The intent of this PR is to change the default in Forgejo 16, and to mark it as a breaking change for highlighting in the release notes.  The risk of misconfiguration is not high enough to backport this breaking change to earlier Forgejo releases.

If a sysadmin wants to use the previous configuration, they can set the environment variable `FORGEJO__service__REVERSE_PROXY_TRUSTED_PROXIES` to the value `*`, but it would be recommended that they revise the setting to a narrower set of trusted IPs that they expect reverse proxy connections from.  See the [`[security]`](https://forgejo.org/docs/latest/admin/config-cheat-sheet/#security-security) config block for more information.

## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. All work and communication must conform to Forgejo's [AI Agreement](https://codeberg.org/forgejo/governance/src/branch/main/AIAgreement.md). There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [x] This change will be noticed by a Forgejo user or admin (feature, bug fix, performance, etc.). I suggest to include a release note for this change.
- [ ] This change is not visible to a Forgejo user or admin (refactor, dependency upgrade, etc.). I think there is no need to add a release note for this change.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/12782
Reviewed-by: Andreas Ahlenstorf <aahlenst@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2026-05-28 13:52:03 +02:00
Melroy van den Berg
fd29071e57
Rootless Docker - Mistake with the repo-avatars parent folder name (#22637)
There was a mistake when choosing the structure for the repo avatars parent folder and it added a spurious /gitea.

The `data` directory should contain folders like:

  - `attachments/`
  - `avatars/`
  - `log/`
  - `repo-avatars/`
2023-01-31 22:42:48 +00:00
Gusted
5e5740af69
Switch to non-deprecation setting (#18358)
* Switch to non-deprecation setting
  (Avoid by-default: "Deprecated fallback `[server]` `LFS_CONTENT_PATH` present. Use `[lfs]` `PATH` instead. This fallback will be removed in v1.18.0")

* Update all references
2022-01-23 20:02:29 +01:00
Lauris BH
044cd4d016
Add reverse proxy configuration support for remote IP address (#14959)
* Add reverse proxy configuration support for remote IP address validation

* Trust all IP addresses in containerized environments by default

* Use single option to specify networks and proxy IP addresses. By default trust all loopback IPs

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-16 00:27:28 +02:00
Antoine GIRARD
563165abe4
Remove specific indexer path (#13388)
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-01 18:34:38 -05:00
Antoine GIRARD
fe458ce877
docker: rootless image (#10154)
* docker: rootless image

* improve docs + remove check for write perm on custom

* add more info on ssh passtrough

* Add comment for internal ssh server in container config
2020-10-31 20:58:22 -04:00