tux/gluebox-ops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fb80dc83eb5bfb143b70b1dd14bbd0bd6d7f8a85
gluebox-ops/80_infrastructure/gitea-access.md

2.3 KiB
Raw Blame History

Gitea Access & Authentication Guide

This document defines the standard for accessing the Gluebox Gitea instance. Following these rules prevents the "uid: 0" (User Not Found) and "SSH Disabled" errors.

1. Primary Access: SSH (Recommended)

This instance runs as the gitea system user. Standard git@ strings will prompt for a password and fail.

  • SSH Username: gitea
  • Host: code.gluebox.com
  • Verification: Run ssh -T gitea@code.gluebox.com from your Mac.
    • Expected Success: "Hi there, [user]! You've successfully authenticated..."
  • Clone Format: 
    git clone gitea@code.gluebox.com:tux/rsvp-system-core.git

2. Fallback Access: HTTPS & API Tokens

Tokens only work correctly when Gitea can resolve its own internal loopback.

  • Auth Header: Authorization: token <YOUR_TOKEN>
  • Validation Test: 
    curl -H "Authorization: token <TOKEN>" [https://code.gluebox.com/api/v1/user](https://code.gluebox.com/api/v1/user)
  • Troubleshooting: If the response returns "uid: 0", the server's LOCAL_ROOT_URL is likely missing or the token was generated before the server was properly configured. Generate a fresh token.

3. Mandatory Server Configuration (app.ini)

The following values in /etc/gitea/app.ini are critical for maintaining access. If the server is moved or reinstalled, these must be verified:

Section Key Value Reason
[server] RUN_USER gitea Matches the Ubuntu system user.
[server] OFFLINE_MODE false Required for internal token verification.
[server] DISABLE_SSH false Enables Gitea's internal SSH engine.
[server] LOCAL_ROOT_URL http://localhost:3000/ Fixes the "uid: 0" API bug.

4. Maintenance & Troubleshooting

Since this instance uses the Internal SSH Server, Gitea manages keys in the database rather than a physical authorized_keys file.

  • Keys not working? Go to Site Admin > Dashboard and run:
    • Resynchronize pre-receive, update and post-receive hooks of all repositories.
  • Auth Prompting for Password? 1. Ensure your Mac's public key is added to User Settings > SSH / GPG Keys. 2. Clear local Mac credential helpers: git config --global --unset credential.helper