Releases: NovichekLIS/Gitea-onlyoffice
Release list
v1.1.1 - Host-loopback container deployment fix
Summary
Patch release for container deployments where Gitea listens only on the Docker host loopback interface.
Fixed
- Added
compose.host-network.example.ymlfor host-loopback Gitea deployments. - Made the Gunicorn bind address configurable with
GUNICORN_BIND. - Corrected Docker installation guidance:
host.docker.internalworks only when Gitea listens on an address reachable from Docker bridge networking, not when Gitea is bound only to host127.0.0.1.
Validation
Full integration smoke was run on a Debian test server with existing Gitea, ONLYOFFICE Document Server, Nginx, and systemd:
- container build and host-network run with
GUNICORN_BIND=127.0.0.1:5005 /healthzdirect and through Nginx- ONLYOFFICE
api.jsreachability - Gitea file page hook delivery
- folder ZIP through the bridge
- Gitea OAuth edit flow
- file proxy download
- read-only view mode
- simulated ONLYOFFICE force-save callback and Gitea save-back commit
- cleanup of temporary test user/repo/container/volume/image and restoration of the original systemd bridge
Security Notes
No deployment secrets are included. Keep .env.docker private and keep /data private. Use one bridge replica unless you add shared state and sticky routing.
v1.1.0 - Container deployment support
Summary
This release adds bridge-only container deployment support for the Gitea ONLYOFFICE Bridge.
Added
- Dockerfile for running the Flask bridge with Gunicorn as a non-root user.
- Docker Compose example with persistent
/datavolume for bridge SQLite state. .env.docker.examplefor container deployments.- Nginx snippet for routing Gitea bridge paths to the container.
- English Docker installation, upgrade, rollback, and troubleshooting guide.
- Container packaging tests and validation notes.
Validation
- Local unit tests:
python -m unittest discover -s tests. - Local compile check:
python -m py_compile gitea_onlyoffice_bridge.py. - Hygiene scan for private IPs, local paths, credentials, logs, caches, and database files.
- Docker host smoke:
docker compose config,docker build,docker run,/healthz, DockerHEALTHCHECK=healthy, cleanup verified.
Security Notes
The image contains no deployment secrets. Configure OAuth, bridge secret, and optional ONLYOFFICE JWT secret through .env.docker or your container runtime secret mechanism. Keep /data private and run one bridge replica unless you add shared state and sticky routing.
Gitea ONLYOFFICE Bridge v1.0.0
Gitea ONLYOFFICE Bridge v1.0.0
Initial public release of the Gitea ONLYOFFICE Bridge.
Highlights
- Flask/Gunicorn bridge for opening Gitea repository files in ONLYOFFICE.
- Gitea OAuth login and permission checks for edit/save flows.
- ONLYOFFICE file proxy and callback endpoints with save-back commits.
- Inline Gitea preview integration through custom templates and
oo-gitea.js. - Folder ZIP download helper for repository directories.
- Debian/Ubuntu systemd and Nginx deployment templates.
- English installation, security, rollback, and troubleshooting documentation.
Security Notes
- No production secrets, private hostnames, internal IPs, logs, backups, or server-specific paths are included.
- Deployments must generate their own OAuth client secret, bridge secret, Flask session secret, and optional ONLYOFFICE JWT secret.
- Review
SECURITY.mdand.env.examplebefore deployment.
Validation
- Python compile/import checks passed.
- Unit tests passed for path normalization, file classification, JWT handling, health routes, signature handling, and conflict-copy behavior.
- Dependency check and public-package secret hygiene scans passed.
- Validated on an existing Debian/Ubuntu-style systemd + Nginx + Gitea + ONLYOFFICE stack: health endpoint, Gitea template/asset loading, inline view page generation, unauthenticated edit redirect, and folder ZIP download.