Disclaimer up front: I’m very new to Linux/Ubuntu as a whole and system administration as well only having dabbled with it in my free time so please be patient and thorough with your answers.
I installed Gitea on my Ubuntu 20.04 server with git-lfs.
I have Apache running a reverse proxy to use my subdomain with gitea. I also have it configured for SSH using certbot.
Every time I try to push a large file (~>1Gb) I get an LFS: Client error from HTTP 413.
What I’ve tried so far:
- disable UFW
- Increase all relevant file and file size options in the gitea config
Here is my app.ini:
APP_NAME = Tali Git
RUN_USER = git
RUN_MODE = prod
[security]
INTERNAL_TOKEN = XXXXX
INSTALL_LOCK = true
SECRET_KEY = XXXXXXX
PASSWORD_HASH_ALGO = pbkdf2
[database]
DB_TYPE = sqlite3
HOST = 127.0.0.1:3306
NAME = gitea
USER = gitea
PASSWD =
SCHEMA =
SSL_MODE = disable
CHARSET = utf8
PATH = /var/lib/gitea/data/gitea.db
LOG_SQL = false
[repository]
ROOT = /var/lib/gitea/data/gitea-repositories
[repository.upload]
FILE_MAX_SIZE = 999999999999
MAX_FILES = 999999999999
[server]
SSH_DOMAIN = git.example.com
DOMAIN = git.example.com
HTTP_PORT = 3000
ROOT_URL = https://git.example.com/
DISABLE_SSH = false
SSH_PORT = 22
LFS_START_SERVER = true
LFS_CONTENT_PATH = /var/lib/gitea/data/lfs
LFS_JWT_SECRET = XXXXXXXXXXXX
LFS_MAX_FILE_SIZE = 999999999999999999999999
OFFLINE_MODE = false
LFS_HTTP_AUTH_EXPIRY = 999999m
[mailer]
ENABLED = false
[service]
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
DISABLE_REGISTRATION = true
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
REQUIRE_SIGNIN_VIEW = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.localhost
[picture]
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = true
[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true
[session]
PROVIDER = file
[log]
MODE = console
LEVEL = info
ROOT_PATH = /var/lib/gitea/log
ROUTER = console
[ui]
DEFAULT_THEME = arc-green
THEMES = gitea,arc-green
The apache HTTP proxy:
<VirtualHost *:80>
ServerName git.example.com
ProxyPreserveHost On
ProxyRequests off
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
LimitRequestBody 0
RewriteEngine on
RewriteCond %{SERVER_NAME} =git.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
The apache SSH proxy:
<IfModule mod_ssl.c>
<VirtualHost *:443>
<Directory />
SSLRenegBufferSize 2147483647
</Directory>
ServerName git.example.com
ProxyPreserveHost On
ProxyRequests off
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
SSLCertificateFile /etc/letsencrypt/live/git.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/git.example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
There was nothing that stood out in the Apache access or error log.
The relevant Gitea log with log level trace can be found here: https://pastebin.com/XgbQaZn0
Any tips, ideas or shared experiences would be highly appreciated. I’m at a total loss here.
3
Answers
Okay I figured it out and posting it here for anyone to come across in the future:
I consolidated my apache config into a single file since certbots auto configurator actually creates a dedicated 443 one. My site config file looks like this:
Previously, I ran
certbot certonly
to generate these certificate files that I'm pointing Apache to here.Additionally—and I haven't tested if this actually affects it—this time I used
http://
in thegitea
root URL in itsapp.ini
configuration instead ofhttps://
.Either way, it works!
Have you tried adding
in your git configuration?
Cloudflare will cause HTTP 413 errors when pusing larger files to LFS. Be sure to run Gitea without Cloudflare as a proxy.