Increase default LFS auth timeout from 20m to 24h (#24628)

According to the discussion with DanielGibson, the default "20m" seems
too short. It would make LFS fail if the file is large / network is
slow.

I think relaxing this timeout doesn't have side affect. So change the
default value to 24h, IMO that should be long enough.

## ⚠️ BREAKING

If admins want the previous timeout, they should set the setting
`[server].LFS_HTTP_AUTH_EXPIRY`.
This commit is contained in:
wxiaoguang 2023-05-10 22:23:47 +08:00 committed by GitHub
parent 89eebfae52
commit 54f399c4df
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 3 additions and 3 deletions

View file

@ -303,7 +303,7 @@ RUN_MODE = ; prod
LFS_JWT_SECRET = LFS_JWT_SECRET =
;; ;;
;; LFS authentication validity period (in time.Duration), pushes taking longer than this may fail. ;; LFS authentication validity period (in time.Duration), pushes taking longer than this may fail.
;LFS_HTTP_AUTH_EXPIRY = 20m ;LFS_HTTP_AUTH_EXPIRY = 24h
;; ;;
;; Maximum allowed LFS file size in bytes (Set to 0 for no limit). ;; Maximum allowed LFS file size in bytes (Set to 0 for no limit).
;LFS_MAX_FILE_SIZE = 0 ;LFS_MAX_FILE_SIZE = 0

View file

@ -364,7 +364,7 @@ The following configuration set `Content-Type: application/vnd.android.package-a
- `LFS_START_SERVER`: **false**: Enables Git LFS support. - `LFS_START_SERVER`: **false**: Enables Git LFS support.
- `LFS_CONTENT_PATH`: **%(APP_DATA_PATH)s/lfs**: Default LFS content path. (if it is on local storage.) **DEPRECATED** use settings in `[lfs]`. - `LFS_CONTENT_PATH`: **%(APP_DATA_PATH)s/lfs**: Default LFS content path. (if it is on local storage.) **DEPRECATED** use settings in `[lfs]`.
- `LFS_JWT_SECRET`: **\<empty\>**: LFS authentication secret, change this a unique string. - `LFS_JWT_SECRET`: **\<empty\>**: LFS authentication secret, change this a unique string.
- `LFS_HTTP_AUTH_EXPIRY`: **20m**: LFS authentication validity period in time.Duration, pushes taking longer than this may fail. - `LFS_HTTP_AUTH_EXPIRY`: **24h**: LFS authentication validity period in time.Duration, pushes taking longer than this may fail.
- `LFS_MAX_FILE_SIZE`: **0**: Maximum allowed LFS file size in bytes (Set to 0 for no limit). - `LFS_MAX_FILE_SIZE`: **0**: Maximum allowed LFS file size in bytes (Set to 0 for no limit).
- `LFS_LOCKS_PAGING_NUM`: **50**: Maximum number of LFS Locks returned per page. - `LFS_LOCKS_PAGING_NUM`: **50**: Maximum number of LFS Locks returned per page.

View file

@ -45,7 +45,7 @@ func loadLFSFrom(rootCfg ConfigProvider) {
LFS.LocksPagingNum = 50 LFS.LocksPagingNum = 50
} }
LFS.HTTPAuthExpiry = sec.Key("LFS_HTTP_AUTH_EXPIRY").MustDuration(20 * time.Minute) LFS.HTTPAuthExpiry = sec.Key("LFS_HTTP_AUTH_EXPIRY").MustDuration(24 * time.Hour)
if LFS.StartServer { if LFS.StartServer {
LFS.JWTSecretBytes = make([]byte, 32) LFS.JWTSecretBytes = make([]byte, 32)