Gitea: Cannot start with a read-only config

Created on 20 Jun 2019  路  7Comments  路  Source: go-gitea/gitea
  • Gitea version (or commit ref): >= 1.8.0
  • Git version:
  • Operating system: 1.8.3 docker image from Docker hub
  • Database (use [x]):

    • [X] PostgreSQL

  • Can you reproduce the bug at https://try.gitea.io:

    • [X] Not relevant

  • Log gist:
2019/06/20 08:30:11 [...s/setting/setting.go:729 NewContext()] [E] Error saving generated JWT Secret to custom config: open /data/gitea/conf/app.ini: read-only file

Description

Running with Docker image < 1.8.0 (for example 1.7.6) does not lead to this error.

Gitea is deployed with official Docker image on our Openshift and app.ini is a config map so it is read-only.

When starting Gitea we have the stacktrace, which refers to https://github.com/go-gitea/gitea/blob/v1.8.3/modules/setting/setting.go#L729

The thing is that our config map contains LFS_START_SERVER = false

So LFS.StartServer (https://github.com/go-gitea/gitea/blob/v1.8.3/modules/setting/setting.go#L664) should be evaluated as false and therefore we should not get the error

Please note that we have also tried to update our app.ini in order to include a LFS_JWT_SECRET (generated in cli) even if LFS_START_SERVER was still false, but it did not work, same error.

We had to rollback to 1.7.6

revieweconfirmed
Source
picture JulianBlin
👀1

Most helpful comment

So looking at the code - the messages that Gitea gives are not clear which setting value is incorrect.

I think we need to change these messages so that they directly reference which key is causing the problem.

picture zeripath on 23 Jun 2019
👍3

All 7 comments

When you enabled OAuth2 provider, it also needs generated the jwt secret.

lunny picture lunny on 20 Jun 2019

We do not use OAuth2 provider. Moreover the error is in an if concerning LFS.StartServer which should be false

Our app.ini is as follow : 

APP_NAME = Gitea
RUN_USER = git
RUN_MODE = prod

[security]
INTERNAL_TOKEN = **edited for confidentiality reason**
INSTALL_LOCK   = true
SECRET_KEY     = **edited for confidentiality reason**

[database]
DB_TYPE  = postgres
HOST     = **edited for confidentiality reason**
NAME     = gitea
USER     = gitea
PASSWD   = **edited for confidentiality reason**
SSL_MODE = disable
LOG_SQL  = false

[repository]
ROOT               = /data/git/repositories
FORCE_PRIVATE      = true
DEFAULT_PRIVATE    = private
MAX_CREATION_LIMIT = 5
USE_COMPAT_SSH_URI = false

[repository.local]
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo

[repository.upload]
TEMP_PATH = /data/gitea/uploads

[ui]
EXPLORE_PAGING_NUM = 20
ISSUE_PAGING_NUM = 10
FEED_MAX_COMMIT_NUM = 5
GRAPH_MAX_COMMIT_NUM = 100
CODE_COMMENT_LINES = 10
THEME_COLOR_META_TAG = `#6cc644`
MAX_DISPLAY_FILE_SIZE = 8388608
SHOW_USER_EMAIL = true
#DEFAULT_THEME = gitea
#THEMES = gitea,arc-green

[ui.admin]
USER_PAGING_NUM = 50
REPO_PAGING_NUM = 50
NOTICE_PAGING_NUM = 25
ORG_PAGING_NUM = 50

[ui.user]
REPO_PAGING_NUM = 25

[server]
APP_DATA_PATH    = /data/gitea
PROTOCOL         = http
SSH_DOMAIN       = **edited for confidentiality reason**
DOMAIN           = **edited for confidentiality reason**
SSH_LISTEN_HOST  = 0.0.0.0
HTTP_PORT        = 3000
SSH_PORT         = 32516
SSH_LISTEN_PORT  = 2222
ROOT_URL         = **edited for confidentiality reason**
DISABLE_SSH      = false
START_SSH_SERVER = true
LFS_START_SERVER = false
LFS_JWT_SECRET   = **edited for confidentiality reason**
OFFLINE_MODE     = true
ENABLE_GZIP      = true
DISABLE_ROUTER_LOG = true
LANDING_PAGE = home

[mailer]
ENABLED = true
HOST    = **edited for confidentiality reason**
FROM    = **edited for confidentiality reason**
SUBJECT = [Gitea]

[service]
REGISTER_EMAIL_CONFIRM            = false
ENABLE_NOTIFY_MAIL                = true
DISABLE_REGISTRATION              = true
ENABLE_CAPTCHA                    = false
REQUIRE_SIGNIN_VIEW               = true
DEFAULT_ALLOW_CREATE_ORGANIZATION = false
DEFAULT_ORG_VISIBILITY            = private
ENABLE_USER_HEATMAP               = true

[picture]
DISABLE_GRAVATAR        = true
ENABLE_FEDERATED_AVATAR = false
AVATAR_UPLOAD_PATH      = /data/gitea/attachments

[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false

[session]
PROVIDER = memory
PROVIDER_CONFIG = /data/gitea/sessions

[log]
MODE      = console
LEVEL     = Info

[indexer]
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
REPO_INDEXER_ENABLED = true
REPO_INDEXER_PATH = /data/gitea/indexers/repos.bleve
UPDATE_BUFFER_LEN = 5
#MAX_FILE_SIZE = 1048576
MAX_FILE_SIZE = 524288

[admin]
DISABLE_REGULAR_ORG_CREATION = true

[cache]
ADAPTER = memory
INTERVAL = 180

[api]
ENABLE_SWAGGER_ENDPOINT = true
JulianBlin picture JulianBlin on 20 Jun 2019

OAuth2 provider is enabled default, you have to disable it.

[oauth2]
ENABLE = false
lunny picture lunny on 20 Jun 2019

So looking at the code - the messages that Gitea gives are not clear which setting value is incorrect.

I think we need to change these messages so that they directly reference which key is causing the problem.

zeripath picture zeripath on 23 Jun 2019
👍3

So looking at the code - the messages that Gitea gives are not clear which setting value is incorrect.

I think we need to change these messages so that they directly reference which key is causing the problem.

For sure it would be a nice idea.
Any plan to add this to a future release ?

JulianBlin picture JulianBlin on 6 Aug 2019

A pr would be welcome

zeripath picture zeripath on 6 Aug 2019

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.

stale[bot] picture stale[bot] on 5 Oct 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

adpande picture adpande  路  3Comments
lunny picture lunny  路  3Comments
thehowl picture thehowl  路  3Comments
lunny picture lunny  路  3Comments
tuxfanou picture tuxfanou  路  3Comments