Fix Forgejo SSH passthrough: use -u git and correct app.ini path
docker exec needs -u git to avoid running as root (Forgejo refuses root), and the config path inside the container is /data/gitea/conf/app.ini. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Nelis
parent
c34d2b4849
commit
397d4fcc48
|
|
@ -252,7 +252,7 @@
|
||||||
mode: '0755'
|
mode: '0755'
|
||||||
content: |
|
content: |
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
/usr/bin/docker exec -i --env SSH_ORIGINAL_COMMAND="$SSH_ORIGINAL_COMMAND" forgejo sh "$@"
|
/usr/bin/docker exec -i -u git --env SSH_ORIGINAL_COMMAND="$SSH_ORIGINAL_COMMAND" forgejo sh "$@"
|
||||||
|
|
||||||
- name: Create git user for Forgejo
|
- name: Create git user for Forgejo
|
||||||
ansible.builtin.user:
|
ansible.builtin.user:
|
||||||
|
|
@ -281,7 +281,7 @@
|
||||||
content: |
|
content: |
|
||||||
Match User git
|
Match User git
|
||||||
AuthorizedKeysCommandUser git
|
AuthorizedKeysCommandUser git
|
||||||
AuthorizedKeysCommand /usr/bin/docker exec -i forgejo /usr/local/bin/gitea keys -c /etc/gitea/app.ini -e git -u %u -t %t -k %k
|
AuthorizedKeysCommand /usr/bin/docker exec -i -u git forgejo /usr/local/bin/gitea keys -c /data/gitea/conf/app.ini -e git -u %u -t %t -k %k
|
||||||
notify: restart sshd
|
notify: restart sshd
|
||||||
|
|
||||||
- name: Generate Pangolin secret
|
- name: Generate Pangolin secret
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue