krokosik
commented
1 year ago Could you share this approach?
Open lonix1 opened 1 year ago
krokosik
commented
1 year ago Could you share this approach?
lonix1
commented
1 year ago It was a while ago so I don't remember how I did it. But I suppose you'll need to open another port on your server (allow it through your firewall) and update gitea's config file accordingly. I recall there was more to it that that though - it unfortunately wasn't documented properly.
bst27
commented
10 months ago @wkrasnicki I created an example over there: https://gist.github.com/bst27/1b5d43317e50183320e0e094d1e4f7fc
techknowlogick
commented
10 months ago Closing as the docs do have exposing a port for ssh as the first example.
lonix1
commented
10 months ago @techknowlogick @wxiaoguang With respect, this shouldn't be closed. This was a very complex and painful issue.
The problem is the docs promote passthrough and most users will try it and fail miserably, not just because it's hard, but as I recall, because the docs are wrong and because of this issue.
The docs should state that passthrough is an option, but highly recommend not to use it (and use a normal port). And, that should be done only once someone can confirm that passthrough actually works - because it does not.
florianbeisel
commented
8 months ago Adding my two cents here:
Passthrough is indeed a viable option which I use in a rootless docker environment. But the documentation is lacking. I will try to document my steps today(ish) and try to document a working setup.
bst27
commented
8 months ago Adding my two cents here:
Passthrough is indeed a viable option which I use in a rootless docker environment. But the documentation is lacking. I will try to document my steps today(ish) and try to document a working setup.
Maybe you want to have a look at my example setup I shared above:
https://gist.github.com/bst27/1b5d43317e50183320e0e094d1e4f7fc
florianbeisel
commented
8 months ago Maybe you want to have a look at my example setup I shared above:
https://gist.github.com/bst27/1b5d43317e50183320e0e094d1e4f7fc
Sorry for the misunderstanding. I wanted really badly to keep port 22. I already have a working setup with rootless docker and SSH passthrough. I just need to retrace my steps what I did exactly and document it.
In short what I did:
docker.sock to the system groups so we can reference itgit user to said group (in my case its called rootless-docker)/run/user/UIDgit users shellAuthorizedKeysCommand so that we can supply the path to the docker.sockThis is just from the top of my head so caveat emptor
Feature Description
There are many issues with the ssh passthrough/tunnelling approach and docs. I decided to follow the advice of @wxiaoguang to try something simpler: opening another port for gitea's ssh server so tunnelling is unnecessary.
But that approach is not documented at all. I've spent just as long on this problem as on passthrough. I am fairly good at linux and ssh (and comfortable with gitea settings too), so the problem is not me - there are very complex settings for this, and there seem to be some weird corner cases (maybe bugs too), so the average user will struggle.
PLEASE, document this approach, and promote it as the default instead of ssh tunnelling/passthrough. At the very least, can someone post a link to a working example, to save others (and me!) from wasting time on this.
I suggest a good place for this is another section in the "Installation with Docker" page, before the ssh passthrough section.
Screenshots
No response