Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unix socket: cannot pull/push over SSH #3741

Closed
2 of 7 tasks
sloonz opened this issue Mar 29, 2018 · 6 comments · Fixed by #3760
Closed
2 of 7 tasks

Unix socket: cannot pull/push over SSH #3741

sloonz opened this issue Mar 29, 2018 · 6 comments · Fixed by #3760
Labels
type/question Issue needs no code to be fixed, only a description on how to fix it yourself.

Comments

@sloonz
Copy link

sloonz commented Mar 29, 2018
edited
Loading

  • Gitea version (or commit ref): 1.4.0
  • Git version: 2.16.3
  • Go version: 1.10
  • Operating system: ArchLinux
  • Database (use [x]):
    • PostgreSQL
    • MySQL
    • MSSQL
    • SQLite
  • Can you reproduce the bug at https://try.gitea.io:
    • Yes (provide example URL)
    • No
    • Not relevant

Description

With the following configuration (actual domain redacted by example.com) in the [server] section:

PROTOCOL                   = unix
HTTP_ADDR                  = /run/nginx/gitea.sock
DOMAIN                     = git.example.com
ROOT_URL                   = https://git.example.com/
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/

Trying to perform a git pull/push via SSH results in an error :

UpdatePublicKey: Post unix:///run/nginx/gitea.sockapi/internal/ssh/1/update: unsupported protocol scheme "unix"

Looks like a regression over #2232, which has been fixed months ago. Adding some good old Printf traces in the code, I can see that req.SetTransport is called in newInternalRequest, but the Dial function that is set up there is never called ; the error is encountered before then. Changing LOCAL_ROOT_URL to http://%(DOMAIN)s/ fixes the issue : both the req.SetTransport and Dial functions are called, and the request is performed on the unix socket (no log in the reverse proxy that’s listening on https://git.example.com/, and adding deny all on the reverse proxy do not prevent SSH pull/push), but that does not looks like to be the intended behavior.
@lafriks
Copy link
Member

lafriks commented Mar 29, 2018
edited
Loading

When using unix sockets you should not set LOCAL_ROOT_URL in app.ini or need to set it to http://unix/

@lafriks lafriks added the type/question Issue needs no code to be fixed, only a description on how to fix it yourself. label Mar 29, 2018
@sloonz
Copy link
Author

sloonz commented Mar 30, 2018

It works fine that way, but that is not what I understand from app.ini.sample:

; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
; In most cases you do not need to change the default value.
; Alter it only if your SSH server node is not the same as HTTP node.
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/

@lafriks
Copy link
Member

lafriks commented Mar 30, 2018
edited
Loading

Yes this description is correct only if using http protocol for gitea listener, description needs to be updated if using other protocols

@Siosm Siosm mentioned this issue Apr 4, 2018
Merged
@silverwind
Copy link
Member

When using unix sockets you should not set LOCAL_ROOT_URL in app.ini or need to set it to http://unix/

Couldn't this be done automatically when listening on a unix socket?

@lafriks
Copy link
Member

lafriks commented May 16, 2018

It is if you have not set LOCAL_ROOT_URL to something in app.ini

@silverwind
Copy link
Member

What I meant is that we could ignore LOCAL_ROOT_URL when PROTOCOL == 'unix', or am I missing something?

lunny pushed a commit that referenced this issue May 22, 2018
@travier @lunny
doc: update LOCAL_ROOT_URL description for PROTOCOL = 'unix' case (#3760
b3a3024 
)

Update the sample configuration and config cheat sheet description for
the LOCAL_ROOT_URL configuration variable to mention the special case
required if PROTOCOL is set to 'unix'.

Fixes #3741.

Signed-off-by: Timothée Ravier <tim@siosm.fr>
@go-gitea go-gitea locked and limited conversation to collaborators Nov 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
type/question Issue needs no code to be fixed, only a description on how to fix it yourself.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Sample config: update LOCAL_ROOT_URL description for PROTOCOL = 'unix' case
3 participants
@silverwind @sloonz @lafriks