How to authenticate to Foregjo over https?

Koantig · July 5, 2023, 5:14pm

My YunoHost server

Hardware: Raspberry Pi at home
YunoHost version: 11.1.21.4 (stable)
I have access to my server : Through SSH | through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no
Forgejo 1.19.3-0~ynh2

Description of my issue

I created an empty repo on Forgejo (after giving up on gitea) and want to push my existing local repo to it. I’m prompted for my password but I’m denied.

koantig@myComputer:~/programming/myCode$ git push -u forgejo master
Username for 'https://mydomain.com': koantig
Password for 'https://koantig@mydomain.com': 
remote: Verify
fatal: Authentication failed for 'https://mydomain.com/forgejo/social/myCode.git/'

I do have my proper email now on Forgejo (instead of the cryptic local email) but I’m still not a Foregjo admin.

Forgejo is public, the organisation (social) is of public. Username and password as used for the yunohost portal.

Any idea?

Koantig · July 6, 2023, 9:29am

Interesting: I can’t log in directly into https://mydomain.com/forgejo with my yunohost username and password. I have to go through the SSO to get in.
I’ve checked and /etc/yunohost/apps/forgejo/conf/app.ini does have the changes described here

Surely there’s a way to make it work?

Koantig · July 7, 2023, 9:38am

I understand there’s some work being done about the admin issue, which is great.

But for now, I’m just wanting to push, pull, clone over https with my yunohost account and I can’t even log in without going through the portal.

rodinux · July 7, 2023, 3:28pm

Hello,
I have also migrate from gitea to forgejo.
I use a ssh key (added on my profile) to use git commands. I haven’t trouble to clone pul push…

For the role admin I have to do something special. First, delete my first user connected by Yunohost LDAP (and the repos if this user have some).

edit the /var/www/forgejo/custom/conf/app.ini like this

[service]
REGISTER_EMAIL_CONFIRM                 = true
ENABLE_NOTIFY_MAIL                     = true
DISABLE_REGISTRATION                   = false
ENABLE_CAPTCHA                         = false
REQUIRE_SIGNIN_VIEW                    = true
ENABLE_REVERSE_PROXY_AUTHENTICATION    = false
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = true
ENABLE_REVERSE_PROXY_EMAIL             = true

then yunohost service restart forgejo

Then go to the site forgejo.domain.tld without be connected to yunohost and create a user with the yunohost mail user and same password.

This user have now access to the admin of forgejo.
Then I edit one more time the file /var/www/forgejo/custom/conf/app.ini with this

[service]
REGISTER_EMAIL_CONFIRM                 = true
ENABLE_NOTIFY_MAIL                     = true
DISABLE_REGISTRATION                   = true
ENABLE_CAPTCHA                         = false
REQUIRE_SIGNIN_VIEW                    = false
ENABLE_REVERSE_PROXY_AUTHENTICATION    = false
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
ENABLE_REVERSE_PROXY_EMAIL             = true

yunohost service restart forgejo

Now I can’t use one more time the sso LDAP Yunohost to log in forgejo (without password from portal) and still have admin access, the Yunohost user also are logged by Yunohost LDAP…

Koantig · July 7, 2023, 9:18pm

Thank you for the reply. I’ll do the same and use ssh, that one works.

I think I’ll wait for the fixes for the admin access, unless I need it.

system · July 22, 2023, 9:19pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.