🚀 New Features
Custom CA Certificate Support
Added comprehensive support for custom Certificate Authority (CA) certificates, enabling Gitea Mirror to work seamlessly with self-signed certificates or private CAs.
Two Flexible Options:
- Individual CA Certificates: Place
.crtfiles in thecertsdirectory - System CA Bundle: Mount your existing system CA bundle directly
Key Improvements:
- ✅ Automatic detection and configuration of custom CA certificates
- ✅ Support for multiple CA certificates (automatically combined into a bundle)
- ✅ Compatible with both individual certificates and system CA bundles
- ✅ Enhanced documentation with clear setup instructions
- ✅ Added
ca-certificatespackage to Docker image for better SSL/TLS support
📝 Configuration
Option 1: Individual Certificates
volumes:
- ./certs:/app/certs:roOption 2: System CA Bundle
volumes:
- /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro📚 Documentation
- Created dedicated CA certificates guide in
certs/README.md - Updated docker-compose examples with both mounting options
- Added system CA bundle locations for various operating systems
🔧 Technical Details
- Updated
docker-entrypoint.shto handle CA certificate detection and configuration - Enhanced Docker image with
ca-certificatespackage - Added
.gitignorerules to prevent accidental certificate commits - Created symbolic link from docs to maintain documentation structure
🔒 Security
- Certificates are mounted read-only for security
- Clear warnings about
NODE_TLS_REJECT_UNAUTHORIZEDfor testing only - Proper file permissions maintained for non-root container user
For detailed setup instructions, see the CA Certificates Guide.