coop-cloud/gitea
coop-cloud
/
gitea
4
1
Fork 4
Code Issues 4 Pull Requests 1 Releases Wiki Activity

Unable to use ssh #25

New Issue
Closed
opened 2021-12-30 18:55:55 +00:00 by aileoia · 4 comments
aileoia commented 2021-12-30 18:55:55 +00:00
Contributor
Copy Link

After my fresh deployement of gitea and creating my first admin user, I tried to create my first repository and push something to it. But it didnt work :-P

It might have something to do with ports, I'm not sure how non http traffic gets forwarded by traeffik...

But symptoms first:

on my first deployment, with my first user, after adding my ssh publickey, it tells me

kex_exchange_identification: read: Connection reset by peer
Connection reset by xxxxxxxxxx port 2222
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

The first lines seem to indicate that there is no ssh server listening to port 2222, which is the default in gitea's config.

In fact, simply running ssh -T git@<myowngitea> returns

kex_exchange_identification: read: Connection reset by peer
Connection reset by xxxxxxxx port 2222

I would prefer to get something similar to this:

$ ssh -T git@git.coopcloud.tech -p 2222
Hi there, aileoia! You've successfully authenticated with the key named XXXXX, but Gitea does not provide shell access.
If this is unexpected, please log in with password and setup Gitea under another user.

Should the host port 2222 (or whatever is configured) be forwarded in the compose file?

After my fresh deployement of gitea and creating my first admin user, I tried to create my first repository and push something to it. But it didnt work :-P It might have something to do with ports, I'm not sure how non http traffic gets forwarded by traeffik... But symptoms first: on my first deployment, with my first user, after adding my ssh publickey, it tells me ``` kex_exchange_identification: read: Connection reset by peer Connection reset by xxxxxxxxxx port 2222 fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. ``` The first lines seem to indicate that there is no ssh server listening to port 2222, which is the default in gitea's config. In fact, simply running `ssh -T git@<myowngitea>` returns ``` kex_exchange_identification: read: Connection reset by peer Connection reset by xxxxxxxx port 2222 ``` I would prefer to get something similar to this: ``` $ ssh -T git@git.coopcloud.tech -p 2222 Hi there, aileoia! You've successfully authenticated with the key named XXXXX, but Gitea does not provide shell access. If this is unexpected, please log in with password and setup Gitea under another user. ``` Should the host port 2222 (or whatever is configured) be forwarded in the compose file?
❤️ 1
decentral1se commented 2021-12-30 19:08:12 +00:00
Owner
Copy Link

Hey @aileoia sorry for leaving a lot of things incredibly undocumented 🙈 (this is becoming our main priority in the new year I think). This is most likely due to missing configuration on the Traefik side. Here is how you can set it up.

In your traefik config env config, add the following:

GITEA_SSH_ENABLED=1
COMPOSE_FILE="compose.yml:compose.gitea.yml"

This triggers the following config to be included:

https://git.coopcloud.tech/coop-cloud/traefik/src/branch/master/compose.gitea.yml

You'll need to undeploy and redeploy traefik.

Then ensure that you have GITEA_SSH_PORT=2222 in your Gitea config and you should have access. Let us know how it goes :) A handy way to test if you have access open is just run telnet mygitea.com 2222 and see if it can connect.

Hey @aileoia sorry for leaving a lot of things incredibly undocumented 🙈 (this is becoming our main priority in the new year I think). This is most likely due to missing configuration on the Traefik side. Here is how you can set it up. In your traefik config env config, add the following: ``` GITEA_SSH_ENABLED=1 COMPOSE_FILE="compose.yml:compose.gitea.yml" ``` This triggers the following config to be included: > https://git.coopcloud.tech/coop-cloud/traefik/src/branch/master/compose.gitea.yml You'll need to undeploy and redeploy traefik. Then ensure that you have `GITEA_SSH_PORT=2222` in your Gitea config and you should have access. Let us know how it goes :) A handy way to test if you have access open is just run `telnet mygitea.com 2222` and see if it can connect.
❤️ 1 🎉 1
3wordchant commented 2021-12-30 20:56:57 +00:00
Owner
Copy Link

Thank you @aileoia for the detailed report and @decentral1se for the righteous advice.

A handy way to test if you have access open is just run telnet mygitea.com 2222 and see if it can connect.

I'll just sprinkle one more suggestion on here:

➜ nmap git.autonomic.zone -p 2222
Starting Nmap 7.91 ( https://nmap.org ) at 2021-12-30 22:53 SAST
Nmap scan report for git.autonomic.zone (116.203.211.204)
Host is up (0.20s latency).
rDNS record for 116.203.211.204: mail.autonomic.zone

PORT     STATE SERVICE
2222/tcp open  EtherNetIP-1

Nmap done: 1 IP address (1 host up) scanned in 2.00 seconds
Thank you @aileoia for the detailed report and @decentral1se for the righteous advice. > A handy way to test if you have access open is just run telnet mygitea.com 2222 and see if it can connect. I'll just sprinkle one more suggestion on here: ``` ➜ nmap git.autonomic.zone -p 2222 Starting Nmap 7.91 ( https://nmap.org ) at 2021-12-30 22:53 SAST Nmap scan report for git.autonomic.zone (116.203.211.204) Host is up (0.20s latency). rDNS record for 116.203.211.204: mail.autonomic.zone PORT STATE SERVICE 2222/tcp open EtherNetIP-1 Nmap done: 1 IP address (1 host up) scanned in 2.00 seconds ```
🚀 1
aileoia commented 2021-12-31 12:30:11 +00:00
Author
Contributor
Copy Link

Hey @decentral1se , thank you so much, that did work ideed!
(I had seen these lines while configuring traefik, but I had forgot about it...)
Should I make a PR to add this to the README?

Hey @decentral1se , thank you so much, that did work ideed! (I had seen these lines while configuring traefik, but I had forgot about it...) Should I make a PR to add this to the README?
❤️ 1
decentral1se commented 2021-12-31 15:30:26 +00:00
Owner
Copy Link

975fc775c1

🔥

https://git.coopcloud.tech/coop-cloud/gitea/commit/975fc775c1131a29cde68d52006f9a8cf3bb02c4 🔥
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
backup-label
indexer
cr_landing_page
add_forgejo
postgres-db
cors-headers
renovate/master-docker-gitea-gitea-1.x
2.7.0+1.21.11-rootless
2.6.2+1.21.10-rootless
2.6.1+1.21.10-rootless
2.6.0+1.21.5-rootless
2.5.2+1.21.5-rootless
2.5.1+1.21.4-rootless
2.5.0+1.21.1-rootless
2.4.0+1.21.0-rootless
2.3.3+1.20.5-rootless
2.3.1+1.20.1-rootless
2.3.2+1.20.3-rootless
2.1.2+1.19.3-rootless
1.3.1+1.17.3-rootless
2.3.0+1.20.1-rootless
2.2.0+1.19.3-rootless
2.1.0+1.18.5-rootless
2.0.1+1.18.2-rootless
2.0.0+1.18.0-rootless
1.3.0+1.17.2-rootless
1.2.1+1.16.8-rootless
1.2.0+1.16.3-rootless
1.1.3+1.15.10-rootless
1.1.2+1.15.6-rootless
1.1.1+1.15.3-rootless
1.1.0+1.15.0-rootless
1.0.0+1.14.5-rootless
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
3 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coop-cloud/gitea#25
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?