srngh
commented
5 months ago Have you tried adding the admin pub key without quotation marks to config.yaml ?
That's what eventually worked for me.
Like so:
initial_admin_keys:
- ssh-ed25519 AAAAC....Open 3sky opened 5 months ago
srngh
commented
5 months ago Have you tried adding the admin pub key without quotation marks to config.yaml ?
That's what eventually worked for me.
Like so:
initial_admin_keys:
- ssh-ed25519 AAAAC....
3sky
commented
5 months ago initial_admin_keys: - ssh-ed25519 AAAAC....
Still the same,
$ ssh 192.168.0.33 -p 23231 -i ~/.ssh/id_ed25519_local info
Error: user not foundCan you please share your config.yml?
srngh
commented
5 months ago I left pretty much everything default:
# Soft Serve Server configurations
# The name of the server.
# This is the name that will be displayed in the UI.
name: "Soft Serve"
# Logging configuration.
log:
# Log format to use. Valid values are "json", "logfmt", and "text".
format: "text"
# Time format for the log "timestamp" field.
# Should be described in Golang's time format.
time_format: "2006-01-02 15:04:05"
# Path to the log file. Leave empty to write to stderr.
#path: ""
# The SSH server configuration.
ssh:
# The address on which the SSH server will listen.
listen_addr: ":23231"
# The public URL of the SSH server.
# This is the address that will be used to clone repositories.
public_url: "ssh://localhost:23231"
# The path to the SSH server's private key.
key_path: ssh/soft_serve_host_ed25519
# The path to the server's client private key. This key will be used to
# authenticate the server to make git requests to ssh remotes.
client_key_path: ssh/soft_serve_client_ed25519
# The maximum number of seconds a connection can take.
# A value of 0 means no timeout.
max_timeout: 0
# The number of seconds a connection can be idle before it is closed.
# A value of 0 means no timeout.
idle_timeout: 600
# The Git daemon configuration.
git:
# The address on which the Git daemon will listen.
listen_addr: ":9418"
# The public URL of the Git daemon server.
# This is the address that will be used to clone repositories.
public_url: "git://localhost"
# The maximum number of seconds a connection can take.
# A value of 0 means no timeout.
max_timeout: 0
# The number of seconds a connection can be idle before it is closed.
idle_timeout: 3
# The maximum number of concurrent connections.
max_connections: 32
# The HTTP server configuration.
http:
# The address on which the HTTP server will listen.
listen_addr: ":23232"
# The path to the TLS private key.
tls_key_path:
# The path to the TLS certificate.
tls_cert_path:
# The public URL of the HTTP server.
# This is the address that will be used to clone repositories.
# Make sure to use https:// if you are using TLS.
public_url: "http://localhost:23232"
# The stats server configuration.
stats:
# The address on which the stats server will listen.
listen_addr: "localhost:23233"
# The database configuration.
db:
# The database driver to use.
# Valid values are "sqlite" and "postgres".
driver: "sqlite"
# The database data source name.
# This is driver specific and can be a file path or connection string.
# Make sure foreign key support is enabled when using SQLite.
data_source: "soft-serve.db?_pragma=busy_timeout(5000)&_pragma=foreign_keys(1)"
# data_source: "postgres://postgres@localhost:5432/soft_serve?sslmode=disable"
# Git LFS configuration.
lfs:
# Enable Git LFS.
enabled: true
# Enable Git SSH transfer.
ssh_enabled: false
# Cron job configuration
jobs:
mirror_pull: "@every 10m"
# Additional admin keys.
initial_admin_keys:
- ssh-ed25519 AAAAC3N...My ssh config, for testing the connection
❯ cat .ssh/config
Host soft
HostName localhost
Port 23231
IdentityFile ~/.ssh/id_ed25519
❯ ssh soft info
Username: admin
Admin: true
Public keys:
ssh-ed25519 AAAAC3N...I didn't set the SOFT_SERVE_INITIAL_ADMIN_KEYS environment variable, perhaps try unsetting it.
Also, in my config.yaml I didn't set the comment after my public key ("local" in your config).
Hope this helps.
aymanbagabas
commented
5 months ago Could you try a new fresh install? Backup the data directory and run Soft Serve with your key in the SOFT_SERVE_INITIAL_ADMIN_KEYS environment variable
SOFT_SERVE_INITIAL_ADMIN_KEYS=ssh-ed25519 AAAAC3N... soft serveThanks @srngh and @aymanbagabas. Maybe there is some issue related with fact, that I'm using remote machine. I will try to install it locally.
betapictoris
commented
4 months ago Just wanted to chip in and say that I was having the same issue, but it seems to be that I initially started the server without providing admin keys. A fresh install solved the issue.
Quba1
commented
4 months ago Just wanted to chip in and say that I was having the same issue, but it seems to be that I initially started the server without providing admin keys. A fresh install solved the issue.
That was the issue for me as well. Fresh install with specifying admin keys before first start solved the problem.
oznogon
commented
3 months ago Any idea why this is? What does the first run with the env variable do that manually setting initial_admin_keys doesn't?
For installs via package managers (in my case yum/dnf), does that mean adding the key to SOFT_SERVE_INITIAL_ADMIN_KEYS in /etc/soft-serve.conf prior to first starting the server via systemd? (If so, this doesn't work for me on Fedora 40.)
EDIT: to expand,
| Method | Expectation | Got admin? | Met expectation? |
|---|---|---|---|
Clean install of the Fedora/RH package via dnf, systemctl start soft-serve, no changes from defaults in /etc/soft-serve.conf or /var/lib/soft-serve/config.yaml |
no pubkeys set so no admin access | no | :white_check_mark: YES |
Clean install of the Fedora/RH package via dnf, adding my pubkey to initial_public_keys in /var/lib/soft-serve/config.yaml, then systemctl start soft-serve |
pubkey set, but it's unclear what initial_public_keys actually does |
no | :question: unclear |
Clean install of the Fedora/RH package via dnf, adding my pubkey to SOFT_SERVE_INITIAL_ADMIN_KEYS in /etc/soft-serve.conf |
pubkey set as environment variable before first launch, so assuming /etc/soft-serve.conf does what it says it does in its comments: admin access |
no | :x: NO |
Clean install of the Fedora/RH package via dnf, running SOFT_SERVE_INITIAL_ADMIN_KEYS=ssh-ed25519... soft serve without manually changing either config file |
pubkey set as environment variable before first launch, so admin access | YES | :white_check_mark: YES |
Clean install of the Fedora/RH package via dnf, running SOFT_SERVE_INITIAL_ADMIN_KEYS=ssh-ed25519... systemd start soft-serve without manually changing either config file |
passing env to the systemctl command is an impenetrable concept to me so either it works, doesn't, or explodes and kills me |
YES | :question: unclear |
Previously installed package; after starting the server with ...INITIAL_ADMIN_KEYS provided on its first launch, I then stop it, start it again, and then try connecting again with the same client and pubkey |
since it worked with admin access on the first launch, I expect admin access | no | :x: NO |
Previously installed package; after starting the server WITHOUT providing ...INITIAL_ADMIN_KEYS on its first launch, I then stop it, start it again as as SOFT_SERVE_INITIAL_ADMIN_KEYS=ssh-ed25519... soft serve, and then try connecting again with the same client and pubkey |
since the pubkey wasn't provided on first launch, I don't expect admin access | YES | :x: NO |
Previously installed package; after starting the server WITHOUT providing ...INITIAL_ADMIN_KEYS on its first launch, I then launched it again as SOFT_SERVE_INITIAL_ADMIN_KEYS=ssh-ed25519... systemctl start soft-serve, and then try connecting again with the same client and pubkey |
consumed by black hole | YES | :x: NO |
Workaround: adding export SOFT_SERVE_INITIAL_ADMIN_KEYS=ssh-ed25519... to my shell config "works" in the sense that I can then get admin access when running either as soft serve or systemctl start soft-serve , but I don't know why and it sounds like by design this shouldn't be necessary.
Notably, when launching the server via systemd start soft-serve and via soft serve, ssh client connections report a different host key from the Soft Serve server. No idea why.
oznogon
commented
3 months ago Removed the package, /var/lib/soft-serve, and the soft-serve user, removed the exported envvars, then installed Soft Serve with go install instead of the package manager. Everything now works as expected:
soft serve for the first time with SOFT_SERVE_INITIAL_ADMIN_KEYS=ssh-ed25519...soft serve without the environment variable:shrug: Not sure what's going on with the packaged version.
Elerin
commented
2 days ago I think I found the issue (or an issue), at least as far as running it as a systemd unit goes:
The default packaged /etc/soft-serve.conf lists:
SOFT_SERVE_INITIAL_ADMIN_KEY
instead of the expected:
SOFT_SERVE_INITIAL_ADMIN_KEYS
Most people just uncomment the existing line in /etc/soft-serve.conf and append their pubkey. I know I did.
After making the change and resetting everything soft-serve works as expected.
Describe the bug I just unable to use ssh-keypair for my installation.
To Reproduce Steps to reproduce the behavior:
I'm using docker-compose on my NAS.
Adding
SOFT_SERVE_INITIAL_ADMIN_KEYSas env as above, or I'm trying to use in config.yaml:Then after container restart i'm trying to ssh my instance:
With regular ssh:
Expected behavior
Ability to operate with my instance as admin user, not sure if documentation if out-dated, or I missing something important here.
Environment (please complete the following information):