admin/config: show all server and SSH options

conf/app.ini

@@ -40,32 +40,6 @@ UNIX_SOCKET_PERMISSION = 666
 ; Alter it only if your SSH server node is not the same as HTTP node.
 LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
 
-; Whether to disable SSH access to the application entirely.
-DISABLE_SSH = false
-; The domain name to be exposed in SSH clone URL.
-SSH_DOMAIN = %(DOMAIN)s
-; The port number to be exposed in SSH clone URL.
-SSH_PORT = 22
-; The path of SSH root directory, default is "$HOME/.ssh".
-SSH_ROOT_PATH =
-; The path to ssh-keygen, default is "ssh-keygen" and let shell find out which one to call.
-SSH_KEYGEN_PATH = ssh-keygen
-; The directory to create temporary files when test a public key using ssh-keygen,
-; default is the system temporary directory.
-SSH_KEY_TEST_PATH =
-; Whether to start a builtin SSH server.
-START_SSH_SERVER = false
-; The network interface for builtin SSH server to listen on.
-SSH_LISTEN_HOST = 0.0.0.0
-; The port number for builtin SSH server to listen on.
-SSH_LISTEN_PORT = %(SSH_PORT)s
-; The list of accepted ciphers for connections to builtin SSH server.
-SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
-; Whether to check minimum public key size with corresponding type.
-MINIMUM_KEY_SIZE_CHECK = false
-; Whether to rewrite "~/.ssh/authorized_keys" file at start, ignored when use builtin SSH server.
-REWRITE_AUTHORIZED_KEYS_AT_START = false
-
 ; Whether to disable using CDN for static files regardless.
 OFFLINE_MODE = false
 ; Whether to disable logging in router.
@@ -81,6 +55,32 @@ LOAD_ASSETS_FROM_DISK = false
 ; The landing page URL for anonymous users, can be a link to a external site.
 LANDING_URL = /
 
+; Whether to disable SSH access to the application entirely.
+DISABLE_SSH = false
+; The domain name to be exposed in SSH clone URL.
+SSH_DOMAIN = %(DOMAIN)s
+; The port number to be exposed in SSH clone URL.
+SSH_PORT = 22
+; The path of SSH root directory, default is "$HOME/.ssh".
+SSH_ROOT_PATH =
+; The path to ssh-keygen, default is "ssh-keygen" and let shell find out which one to call.
+SSH_KEYGEN_PATH = ssh-keygen
+; The directory to create temporary files when test a public key using ssh-keygen,
+; default is the system temporary directory.
+SSH_KEY_TEST_PATH =
+; Whether to check minimum public key size with corresponding type.
+MINIMUM_KEY_SIZE_CHECK = false
+; Whether to rewrite "~/.ssh/authorized_keys" file at start, ignored when use builtin SSH server.
+REWRITE_AUTHORIZED_KEYS_AT_START = false
+; Whether to start a builtin SSH server.
+START_SSH_SERVER = false
+; The network interface for builtin SSH server to listen on.
+SSH_LISTEN_HOST = 0.0.0.0
+; The port number for builtin SSH server to listen on.
+SSH_LISTEN_PORT = %(SSH_PORT)s
+; The list of accepted ciphers for connections to builtin SSH server.
+SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
+
 ; Define allowed algorithms and their minimum key length (use -1 to disable a type).
 [ssh.minimum_key_sizes]
 ED25519 = 256

conf/locale/locale_en-US.ini

@@ -1161,30 +1161,45 @@ auths.login_source_exist = Login source '%s' already exists.
 auths.github_api_endpoint = API Endpoint
 
 config.not_set = (not set)
-config.server_config = Server Configuration
-config.app_name = Application Name
-config.app_url = Application URL
-config.domain = Domain
-config.offline_mode = Offline Mode
-config.disable_router_log = Disable Router Log
-config.run_user = Run User
-config.run_mode = Run Mode
+config.server_config = Server configuration
+config.brand_name = Brand name
+config.run_user = Run user
+config.run_mode = Run mode
+config.server.external_url = External URL
+config.server.domain = Domain
+config.server.protocol = Protocol
+config.server.http_addr = HTTP address
+config.server.http_port = HTTP port
+config.server.cert_file = Certificate file
+config.server.key_file = Key file
+config.server.tls_min_version = Minimum TLS version
+config.server.unix_socket_permission = Unix socket permission
+config.server.local_root_url = Local root URL
+config.server.offline_mode = Offline mode
+config.server.disable_router_log = Disable router log
+config.server.enable_gzip = Enable Gzip
+config.server.app_data_path = Application data path
+config.server.load_assets_from_disk = Load assets from disk
+config.server.landing_url = Landing URL
+
+config.ssh_config = SSH configuration
+config.ssh.enabled = Enabled
+config.ssh.domain = Exposed domain
+config.ssh.port = Exposed port
+config.ssh.root_path = Root path
+config.ssh.keygen_path = Keygen path
+config.ssh.key_test_path = Key test path
+config.ssh.minimum_key_size_check = Minimum key size check
+config.ssh.minimum_key_sizes = Minimum key sizes
+config.ssh.rewrite_authorized_keys_at_start = Rewrite "authorized_keys" at start
+config.ssh.start_builtin_server = Start builtin server
+config.ssh.listen_host = Listen host
+config.ssh.listen_port = Listen port
+config.ssh.server_ciphers = Server ciphers
+
 config.log_file_root_path = Log File Root Path
 config.reverse_auth_user = Reverse Authentication User
 
-config.ssh_config = SSH Configuration
-config.ssh_enabled = Enabled
-config.ssh_start_builtin_server = Start Builtin Server
-config.ssh_domain = Domain
-config.ssh_port = Port
-config.ssh_listen_port = Listen Port
-config.ssh_root_path = Root Path
-config.ssh_rewrite_authorized_keys_at_start = Rewrite authorized_keys At Start
-config.ssh_key_test_path = Key Test Path
-config.ssh_keygen_path = Keygen ('ssh-keygen') Path
-config.ssh_minimum_key_size_check = Minimum Key Size Check
-config.ssh_minimum_key_sizes = Minimum Key Sizes
-
 config.repo_config = Repository Configuration
 config.repo_root_path = Repository Root Path
 config.script_type = Script Type

internal/conf/conf.go

@@ -122,6 +122,10 @@ func Init(customConf string) error {
 	}
 	Server.UnixSocketMode = os.FileMode(unixSocketMode)
 
+	if !filepath.IsAbs(Server.AppDataPath) {
+		Server.AppDataPath = filepath.Join(WorkDir(), Server.AppDataPath)
+	}
+
 	// ************************
 	// ----- SSH settings -----
 	// ************************
@@ -131,10 +135,10 @@ func Init(customConf string) error {
 	}
 
 	if !SSH.Disabled {
-		if !SSH.StartBuiltinServer {
-			SSH.RootPath = filepath.Join(HomeDir(), ".ssh")
-			SSH.KeyTestPath = os.TempDir()
+		SSH.RootPath = filepath.Join(HomeDir(), ".ssh")
+		SSH.KeyTestPath = os.TempDir()
 
+		if !SSH.StartBuiltinServer {
 			if err := os.MkdirAll(SSH.RootPath, 0700); err != nil {
 				return errors.Wrap(err, "create SSH root directory")
 			} else if err = os.MkdirAll(SSH.KeyTestPath, 0644); err != nil {

internal/conf/static.go

@@ -23,6 +23,8 @@ var (
 // CustomConf returns the absolute path of custom configuration file that is used.
 var CustomConf string
 
+// ⚠️ WARNING: After changing the following section, do not forget to update template of
+// "/admin/config" page as well.
 var (
 	// Application settings
 	App struct {
@@ -73,19 +75,20 @@ var (
 
 	// SSH settings
 	SSH struct {
-		Disabled                     bool           `ini:"DISABLE_SSH"`
-		Domain                       string         `ini:"SSH_DOMAIN"`
-		Port                         int            `ini:"SSH_PORT"`
-		RootPath                     string         `ini:"SSH_ROOT_PATH"`
-		KeygenPath                   string         `ini:"SSH_KEYGEN_PATH"`
-		KeyTestPath                  string         `ini:"SSH_KEY_TEST_PATH"`
-		StartBuiltinServer           bool           `ini:"START_SSH_SERVER"`
-		ListenHost                   string         `ini:"SSH_LISTEN_HOST"`
-		ListenPort                   int            `ini:"SSH_LISTEN_PORT"`
-		ServerCiphers                []string       `ini:"SSH_SERVER_CIPHERS"`
-		MinimumKeySizeCheck          bool           `ini:"MINIMUM_KEY_SIZE_CHECK"`
+		Disabled                     bool   `ini:"DISABLE_SSH"`
+		Domain                       string `ini:"SSH_DOMAIN"`
+		Port                         int    `ini:"SSH_PORT"`
+		RootPath                     string `ini:"SSH_ROOT_PATH"`
+		KeygenPath                   string `ini:"SSH_KEYGEN_PATH"`
+		KeyTestPath                  string `ini:"SSH_KEY_TEST_PATH"`
+		MinimumKeySizeCheck          bool
 		MinimumKeySizes              map[string]int `ini:"-"` // Load from [ssh.minimum_key_sizes]
-		RewriteAuthorizedKeysAtStart bool           `ini:"REWRITE_AUTHORIZED_KEYS_AT_START"`
+		RewriteAuthorizedKeysAtStart bool
+
+		StartBuiltinServer bool     `ini:"START_SSH_SERVER"`
+		ListenHost         string   `ini:"SSH_LISTEN_HOST"`
+		ListenPort         int      `ini:"SSH_LISTEN_PORT"`
+		ServerCiphers      []string `ini:"SSH_SERVER_CIPHERS"`
 	}
 )
 

internal/route/admin/admin.go

@@ -12,7 +12,6 @@ import (
 
 	"github.com/json-iterator/go"
 	"github.com/unknwon/com"
-	"gopkg.in/macaron.v1"
 
 	"gogs.io/gogs/internal/conf"
 	"gogs.io/gogs/internal/context"
@@ -193,21 +192,17 @@ func SendTestMail(c *context.Context) {
 }
 
 func Config(c *context.Context) {
-	c.Data["Title"] = c.Tr("admin.config")
-	c.Data["PageIsAdmin"] = true
-	c.Data["PageIsAdminConfig"] = true
+	c.Title("admin.config")
+	c.PageIs("Admin")
+	c.PageIs("AdminConfig")
+
+	c.Data["App"] = conf.App
+	c.Data["Server"] = conf.Server
+	c.Data["SSH"] = conf.SSH
 
-	c.Data["AppURL"] = conf.Server.ExternalURL
-	c.Data["Domain"] = conf.Server.Domain
-	c.Data["OfflineMode"] = conf.Server.OfflineMode
-	c.Data["DisableRouterLog"] = conf.Server.DisableRouterLog
-	c.Data["RunUser"] = conf.App.RunUser
-	c.Data["RunMode"] = strings.Title(macaron.Env)
 	c.Data["LogRootPath"] = conf.LogRootPath
 	c.Data["ReverseProxyAuthUser"] = conf.ReverseProxyAuthUser
 
-	c.Data["SSH"] = conf.SSH
-
 	c.Data["RepoRootPath"] = conf.RepoRootPath
 	c.Data["ScriptType"] = conf.ScriptType
 	c.Data["Repository"] = conf.Repository

templates/admin/config.tmpl

@@ -10,23 +10,56 @@
 				</h4>
 				<div class="ui attached table segment">
 					<dl class="dl-horizontal admin-dl-horizontal">
-						<dt>{{.i18n.Tr "admin.config.app_name"}}</dt>
-						<dd>{{AppName}}</dd>
-						<dt>{{.i18n.Tr "admin.config.app_url"}}</dt>
-						<dd>{{.AppURL}}</dd>
-						<dt>{{.i18n.Tr "admin.config.domain"}}</dt>
-						<dd>{{.Domain}}</dd>
-						<dt>{{.i18n.Tr "admin.config.offline_mode"}}</dt>
-						<dd><i class="fa fa{{if .OfflineMode}}-check{{end}}-square-o"></i></dd>
-						<dt>{{.i18n.Tr "admin.config.disable_router_log"}}</dt>
-						<dd><i class="fa fa{{if .DisableRouterLog}}-check{{end}}-square-o"></i></dd>
+						<dt>{{.i18n.Tr "admin.config.brand_name"}}</dt>
+						<dd>{{.App.BrandName}}</dd>
+						<dt>{{.i18n.Tr "admin.config.run_user"}}</dt>
+						<dd>{{.App.RunUser}}</dd>
+						<dt>{{.i18n.Tr "admin.config.run_mode"}}</dt>
+						<dd>{{.App.RunMode}}</dd>
 
 						<div class="ui divider"></div>
 
-						<dt>{{.i18n.Tr "admin.config.run_user"}}</dt>
-						<dd>{{.RunUser}}</dd>
-						<dt>{{.i18n.Tr "admin.config.run_mode"}}</dt>
-						<dd>{{.RunMode}}</dd>
+						<dt>{{.i18n.Tr "admin.config.server.external_url"}}</dt>
+						<dd>{{.Server.ExternalURL}}</dd>
+						<dt>{{.i18n.Tr "admin.config.server.domain"}}</dt>
+						<dd>{{.Server.Domain}}</dd>
+						<dt>{{.i18n.Tr "admin.config.server.protocol"}}</dt>
+						<dd>{{.Server.Protocol}}</dd>
+						<dt>{{.i18n.Tr "admin.config.server.http_addr"}}</dt>
+						<dd>{{.Server.HTTPAddr}}</dd>
+						<dt>{{.i18n.Tr "admin.config.server.http_port"}}</dt>
+						<dd>{{.Server.HTTPPort}}</dd>
+						<dt>{{.i18n.Tr "admin.config.server.cert_file"}}</dt>
+						<dd><code>{{.Server.CertFile}}</code></dd>
+						<dt>{{.i18n.Tr "admin.config.server.key_file"}}</dt>
+						<dd><code>{{.Server.KeyFile}}</code></dd>
+						<dt>{{.i18n.Tr "admin.config.server.tls_min_version"}}</dt>
+						<dd>{{.Server.TLSMinVersion}}</dd>
+						<dt>{{.i18n.Tr "admin.config.server.unix_socket_permission"}}</dt>
+						<dd><code>{{.Server.UnixSocketPermission}}</code></dd>
+						<dt>{{.i18n.Tr "admin.config.server.local_root_url"}}</dt>
+						<dd>{{.Server.LocalRootURL}}</dd>
+
+						<div class="ui divider"></div>
+
+						<dt>{{.i18n.Tr "admin.config.server.offline_mode"}}</dt>
+						<dd><i class="fa fa{{if .Server.OfflineMode}}-check{{end}}-square-o"></i></dd>
+						<dt>{{.i18n.Tr "admin.config.server.disable_router_log"}}</dt>
+						<dd><i class="fa fa{{if .Server.DisableRouterLog}}-check{{end}}-square-o"></i></dd>
+						<dt>{{.i18n.Tr "admin.config.server.enable_gzip"}}</dt>
+						<dd><i class="fa fa{{if .Server.EnableGzip}}-check{{end}}-square-o"></i></dd>
+
+						<div class="ui divider"></div>
+
+						<dt>{{.i18n.Tr "admin.config.server.app_data_path"}}</dt>
+						<dd><code>{{.Server.AppDataPath}}</code></dd>
+						<dt>{{.i18n.Tr "admin.config.server.load_assets_from_disk"}}</dt>
+						<dd><i class="fa fa{{if .Server.LoadAssetsFromDisk}}-check{{end}}-square-o"></i></dd>
+
+						<div class="ui divider"></div>
+
+						<dt>{{.i18n.Tr "admin.config.server.landing_url"}}</dt>
+						<dd><code>{{.Server.LandingURL}}</code></dd>
 
 						<div class="ui divider"></div>
 
@@ -42,34 +75,36 @@
 				</h4>
 				<div class="ui attached table segment">
 					<dl class="dl-horizontal admin-dl-horizontal">
-						<dt>{{.i18n.Tr "admin.config.ssh_enabled"}}</dt>
+						<dt>{{.i18n.Tr "admin.config.ssh.enabled"}}</dt>
 						<dd><i class="fa fa{{if not .SSH.Disabled}}-check{{end}}-square-o"></i></dd>
 						{{if not .SSH.Disabled}}
-							<dt>{{.i18n.Tr "admin.config.ssh_start_builtin_server"}}</dt>
-							<dd><i class="fa fa{{if .SSH.StartBuiltinServer}}-check{{end}}-square-o"></i></dd>
-							<dt>{{.i18n.Tr "admin.config.ssh_domain"}}</dt>
+							<dt>{{.i18n.Tr "admin.config.ssh.domain"}}</dt>
 							<dd>{{.SSH.Domain}}</dd>
-							<dt>{{.i18n.Tr "admin.config.ssh_port"}}</dt>
+							<dt>{{.i18n.Tr "admin.config.ssh.port"}}</dt>
 							<dd>{{.SSH.Port}}</dd>
-							<dt>{{.i18n.Tr "admin.config.ssh_listen_port"}}</dt>
-							<dd>{{.SSH.ListenPort}}</dd>
+							<dt>{{.i18n.Tr "admin.config.ssh.root_path"}}</dt>
+							<dd><code>{{.SSH.RootPath}}</code></dd>
+							<dt>{{.i18n.Tr "admin.config.ssh.keygen_path"}}</dt>
+							<dd><code>{{.SSH.KeygenPath}}</code></dd>
+							<dt>{{.i18n.Tr "admin.config.ssh.key_test_path"}}</dt>
+							<dd><code>{{.SSH.KeyTestPath}}</code></dd>
+							<dt>{{.i18n.Tr "admin.config.ssh.minimum_key_size_check"}}</dt>
+							<dd><i class="fa fa{{if .SSH.MinimumKeySizeCheck}}-check{{end}}-square-o"></i></dd>
+							<dt>{{.i18n.Tr "admin.config.ssh.minimum_key_sizes"}}</dt>
+							<dd><code>{{.SSH.MinimumKeySizes}}</code></dd>
+							<dt>{{.i18n.Tr "admin.config.ssh.rewrite_authorized_keys_at_start"}}</dt>
+							<dd><i class="fa fa{{if .SSH.RewriteAuthorizedKeysAtStart}}-check{{end}}-square-o"></i></dd>
 
-							{{if not .SSH.StartBuiltinServer}}
-								<dt>{{.i18n.Tr "admin.config.ssh_root_path"}}</dt>
-								<dd>{{.SSH.RootPath}}</dd>
-								<dt>{{.i18n.Tr "admin.config.ssh_rewrite_authorized_keys_at_start"}}</dt>
-								<dd><i class="fa fa{{if .SSH.RewriteAuthorizedKeysAtStart}}-check{{end}}-square-o"></i></dd>
-								<dt>{{.i18n.Tr "admin.config.ssh_key_test_path"}}</dt>
-								<dd>{{.SSH.KeyTestPath}}</dd>
-								<dt>{{.i18n.Tr "admin.config.ssh_keygen_path"}}</dt>
-								<dd>{{.SSH.KeygenPath}}</dd>
-								<dt>{{.i18n.Tr "admin.config.ssh_minimum_key_size_check"}}</dt>
-								<dd><i class="fa fa{{if .SSH.MinimumKeySizeCheck}}-check{{end}}-square-o"></i></dd>
-								{{if .SSH.MinimumKeySizeCheck}}
-								<dt>{{.i18n.Tr "admin.config.ssh_minimum_key_sizes"}}</dt>
-								<dd>{{.SSH.MinimumKeySizes}}</dd>
-								{{end}}
-							{{end}}
+							<div class="ui divider"></div>
+
+							<dt>{{.i18n.Tr "admin.config.ssh.start_builtin_server"}}</dt>
+							<dd><i class="fa fa{{if .SSH.StartBuiltinServer}}-check{{end}}-square-o"></i></dd>
+							<dt>{{.i18n.Tr "admin.config.ssh.listen_host"}}</dt>
+							<dd>{{.SSH.ListenHost}}</dd>
+							<dt>{{.i18n.Tr "admin.config.ssh.listen_port"}}</dt>
+							<dd>{{.SSH.ListenPort}}</dd>
+							<dt>{{.i18n.Tr "admin.config.ssh.server_ciphers"}}</dt>
+							<dd><code>{{.SSH.ServerCiphers}}</code></dd>
 						{{end}}
 					</dl>
 				</div>