thomiceli / opengist Goto Github PK

I am trying to run the Docker container without docker-compose (Using Podman and Quadlet) and while it works fine in general, it does not seem to understand the concatenated (?) ENV variables that are in the docker-compose example.

I tried various standard ways of passing individual ENV variables to the container, but it just doesn't seem to take them.

I am a bit at a loss right now how exactly docker-compose handles these multiple ENV variables or is it some sort of huge single ENV variable of the entire config file?

Would be nice if there was an example how to use it without docker-compose just by passing the normal "-e" docker parameters or maybe it is possible to add a second volume where one can place a config.yml to be loaded automatically by the container?

Thanks!

Hey, nice project!

Just a quick suggestion: add private gists. We've got public and unlisted, but no way to set a gist as truly private.

I don't know if this is related with only one file format or more, I just started using the app (awesome job, btw! 🥰).
When I visualize my shell script, it shows up like this:

(I'm using the ".sh" extension and my indentation is set to 2 spaces. I even tried to update this information but it didn't "save" - I'll open another issue for that later)

But my file is actually formatted like this:

I tried to manually set indentation from 2 to 4 spaces, but it didn't change anything in the visualization.

Out of both privacy and self-sufficiency concerns I would like Gravatar to be optional. I can think of a few alternatives for how to do this:

1. "avatar.enable" config to just outright not render avatars if disabled.
2. "avatar.gravatar" config to return a generic profile.png asset when the avatar url method is called and this option is disabled. (This would be easier from a frontend POV to not have to consider design when no image is rendered.)
3. In combination with the above, allow users to upload their own profile pictures. Fallback to Gravatar if no picture available and Gravatar is enabled in config, otherwise show generic profile.png.
4. In combination with the above, also use the avatar url provided by goth when users use OAuth to sign in. Possibly download the third-party avatar on sign in and host it ourselves, especially for non-selfhosted OAuth providers (Github).
5. One of the above and remove Gravatar completely (this is not a good option as Gravatar still is a great service that I'm sure some users want to use).

I would personally want to see no. 4 in combination with no. 2 and eventually no. 3. I looked at how to implement no. 4 and am not quite sure how it best be done, but storing an oauthAvatarUrl on the user may work, and we just make sure to update this on every session renewal and delete on oauth provider deletion. A problem would arise when changing Gitea url in the config though, if we store the full image url from a previous TLD... Thoughts?

I've never written anything in Go but I can still give it a shot after we discuss that to implement.

First off, great project. I've been looking for something like this for ages and the Gitea OAuth integration is the icing on the cake. I would like to be able to set the settings listed in the Admin area of the application via environment variables.

For example, the Disable signup toggle could be set in a compose file as follows.

OG_DISABLE_SIGNUP: true

discord oauth2 as a provider would be nice

Great work! However, I meet some problems with my private Gitea instance:

• If the first account is logged in with Gitea, It will not be treated as admin account
• Disable-signup also prevents a new Gitea user login (My Gitea instance disabled signup already, so all users from Gitea are verified.)

Suggestions:
Add a new option like gitea_limited, when it's true, all users should be from Gitea, which means sign-up would be disabled and login widget should also not appear, only the "continue with Gitea" button is shown (similar to Drone).

Thanks!

It would be helpful to have an option in the admin settings area that switch off the powered by opengist link to personalize it.

Please add the environment for the timezone.
I think it is set to UTC.

Would you consider integration. It would help not having to have separate users and two different git/ssh services

Any interest in adding support for this to run behind something like traefik or caddy2? Right now no matter what I try I get a 404 found on every request.

If there is a way to change this already someone let me know because I couldn't find it 😅.
Could you add a way to change the base url for reverse proxy purposes? I have a bunch of services routed through nginx on the same port which can be accessed through their own base url (eg http://nginx.local/jellyfin). The only way I have found to do this is to change the application base url (if there is another way, again, someone let me know!)

This is what my nginx config looks like for my reverse proxy, and this directs to 127.0.0.1:6157/opengist which gives a 404 error.

https://github.com/thomiceli/opengist/blob/master/internal/web/auth.go#L272

Otherwise you can end up with e.g.

external-url: 'https://gist.example.com/'

Gitea: "invalid callback url https://gist.example.com//oauth/gitea/callback"

Hi there. As the title says i'm trying to make it works with a reverse proxy using lighttpd. I've tried with this configuration:

$HTTP["url"] =~ "^/opengist($|/)" {
  proxy.server = ( "" => ( (
    "host" => "127.0.0.1",
    "port" => 6157
  ) ) ),
  proxy.forwarded = ( "for" => 1,
                      "host" => 1,
                      "by" => 1
  ),
  proxy.header = (
      "map-urlpath" => (
         "/opengist/"  => "/",
         "/opengist" => ""
       )
  )
}

and i can reach the homepage but it cannot access all the other resources becouse it wants files from host/assets.

Any help? Thank you!

It would be good to retain the status of a gist when it is edited.

If a gist with the status of "Unlisted" is edited its status is reset to public. Currently (with image revision add02994428, 2023-06-25T09:48:26.123Z) one needs to Edit it again to click the Make Unlisted button.

It would be nice to have the option to only support OAuth (e.g: Only login via Gitea).

love the app, but if I could possibly request one feature that I would love to see.

Github gist's have the ability to add .JSON at the end of a gist URL, and you'll get a json formatted version which shows the creation date, the body, author, etc.

Would there be any possible way we could get this added to the TODO list? As an example, I took a random gist URL from someone.
You can view the gist via https://gist.github.com/lbialy/44e627ff17034b1fb53b6a75f35ed9ac

However, if you go to https://gist.github.com/lbialy/44e627ff17034b1fb53b6a75f35ed9ac.json, you can view various pieces of info about the gist, but in json format. It would help with pulling gists from 3rd party programs immensely.

The cool part of the json is that it includes a div value, which is premade HTML to show the gist in a github styled box. Then I can pull that .json URL from other programs and it will integrate the code box and contents inside my program.

And then there's a stylesheet value which leads to something like https://github.githubassets.com/assets/gist-embed-3c6bff8100e5.css

With a 3rd party program, I can use javascript to include that CSS file from the JSON, and then pull the contents of div and display the gist box anywhere I use the javascript.

make sure commands within "internal/git/commands.go" are escape / sanitize in any case ... dont trust calls from other modules, they could miss something

The header part is enlarged before rendering the page I intended to go to. (ex. from home to settings page)

I slowered the throttling then disabled it just in case you want to replicate

FYI,

Version of NPM packages are equivalent to package.json

This is a great project! I've really been looking for a true self-hosted gist alternative.

I see you have search planned as an upcoming feature. Without knowing how this will be implemented, and also knowing that github's gists don't support tagging, would a tagging feature / search by tags be a possibility in the future?

Hello! I was looking (while logged in) to see if there was an option to change the user password. I logged out, looking to see if there was a reset link / feature, and didn't have any luck with either.

Is there a way to reset a user password from the command line? (either by manual editing, or by running a command inside the container).

Thank you!

Thank you for the awesome project!!.

I was actually looking for GitHub gist alternatives for some time.
It would be wonderful if Opengist supports OIDC for SSO.

Currently there's no syntax highlighting for .bat files. Is it possible to add support for it?

can be closed

Great job you did!
It would be nice if you could still offer the connection to a database such as PostgreSQL and MariaDB.

Have you planned something like this, or is there an interest in expanding the database?

Please go on, it's a great project!

Hey there, I am using this in a single user mode, and I typically create my single user account names as "admin". This won't let me create admin. Is that because it already exists? If so, I didn't see the password in the readme?

Thanks!

Is it possible to translate opengist?
It would be enough, with a language file what can be edited
I would like to translate it into German.

It would be nice if this opportunity is created.

Hey,

There are cases when opengist account is linked only to GitHub/Gitea. If you unlink it, access to this account will be lost. I think it's a good idea to add option to disable unlinking accounts.

If a use isn't logged in, can he be redirected to the "all" page? Right now, it dumps them on the login page.

Hello :D
It would be great to have the ability to customize the UID and GID via ENV.

I am making an issue in case you are interested, but also in case anyone else is interested.

I have changes in a branch that use the non-CGO version of SQLite, which just makes cross-compilation a bit easier at the cost of some performance (whether it is significant or not may be subjective).

At least for me it's worth it to not have to deal with CGO. If you use docker it's probably a mostly moot point, so YMMV.

If you are interested and/or want to allow both, that could potentially also work with some build tag tricks.

would be nice is local login could be disabled, right now, i use a nginx rewrite for this but yeah

I tried updating my gist's wrap and indent options but these options are not persisted. Could see it through the request:

Hello! Just a minor suggestion.

It would be nice to be able to leave a single comment / notes on each gist, for things like implementation notes.

Thanks for a great project!

It would be great to have a search button to find the gist when there are many.

This is a follow up on #8 , so that it's recorded separately. Taking all the gists private, essentially.

I recognize that there is currently an 'unlisted' option, but it would be nice to be able to have a configuration that would make the whole system private. So that if you were not authenticated, it would just display a page that said something like "Please log in to view gists" or something along those lines. Or maybe just show a log in screen right off the bat, and not allow any viewership until they have their own user to log in.

Fits nicely together with the configuration to disable registration, so that you can have a completely private gist system.

Thanks!

Consider prefixing the env vars CONFIG (and DEV) with OG_ to avoid collisions.

I'd be happy to submit a small PR if you agree.

Task is a Make alternative written in Go, which makes it a lot easier to install in non-Unix platforms such as Windows.

I propose the creation of a Taskfile which would allow users to execute the installation commands without the need for Make.

I can create a PR for this later today :)

Hi,

The project is fantastic. I have seen the integration with Oauth gitea and Github, but would be possible also to integrate it with LDAP ?

Thank you

Allow specifying default/initial username in configuration with a password or forced password creation on the first login with that user. This will avoid people from having to start the app with disable-signup: false, create the user then stop the container to set disable-signup: true.

Being security conscious when I read a config and they have the option available to disable registration, I'm going to disable it until I'm done evaluating the software and that's what I did... until I realized I myself need to sign up for it 😂

It's not a big deal, but I could see someone going through the above, and then forgetting to set disable-signup: true because they forget or are excited to try out the software, and in turn opens an attack vector because registrations are open.

WAL mode is a lot faster especially on CoW filesystems like btrfs or zfs, see:

https://wiki.tnonline.net/w/Blog/SQLite_Performance_on_Btrfs

It is also pretty much the standard for modern SQLite use.

Would be nice if this was enabled by default (currently it isn't).

docker-compose.yml

version: "3"

networks:
  gitea:
    name: gitea
    external: false

services:
  gitea:
    image: gitea/gitea:1.19.3
    container_name: gitea
    restart: always
    volumes:
      - gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - 3999:3000
    networks:
      - gitea
  opengist:
    image: ghcr.io/thomiceli/opengist
    container_name: opengist
    restart: unless-stopped
    entrypoint: ["./opengist", "--config","/config/config.yml"]
    ports:
      - 6157:6157 # HTTP port
    volumes:
      - opengist:/config
volumes:
  gitea:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: ./data/gitea
  opengist:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: ./data/opengist

setting wih config but oauth response

Error 400
Bad Request
Cannot complete user auth

Hello,

It would be fantastic if OpenGist would support mermaid.js diagrams.

No need for issue

It would be interesting to be able to put your own logo in the top left corner instead of the default one.

First and foremost: Thanks for making a great tool!

It would be nice if I didn't have to mess with the config.yml every time I wanted to turn on/off user registration. It would be great if there was another setting to take the whole of the gist system private (or rather, "authenticated only").

Hi @thomiceli, I love opengist! However, I have some issues:

• Markdown code tag will show HTML entities

cat /dev/null > /etc/profile.d/linux-login.sh && touch ~/.hushlogin

Expected result: The code will display correctly, same as on GitHub

• With Unlisted gists, after I save changes, they are automatically published

Expected result: With Unlisted gists, saving changes will not automatically publish them.

Thanks ❤️