github-starred/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-05-23 15:57:22 -05:00
Code Issues 2.6k Packages Projects Releases 100 Wiki Activity

[Bug] Gitea fails to start due to invalid ACME_DIRECTORY configuration causing certificate issuance failure #14292

New Issue
Closed
opened 2025-11-02 11:08:51 -06:00 by GiteaMirror · 5 comments
GiteaMirror commented 2025-11-02 11:08:51 -06:00
Owner
Copy Link

Originally created by @KaidRommel on GitHub (Mar 23, 2025).

Description

Gitea fails to start when attempting to automatically obtain HTTPS certificates via ACME (Let's Encrypt). The error logs indicate an invalid ACME_DIRECTORY configuration, leading to incorrect file paths and HTTP request failures.

Image

version: "3"

networks:
  gitea:
    external: false

services:
  server:
    image: docker.gitea.com/gitea:1.23.5
    container_name: gitea
    environment:
      - USER_UID=1003
      - USER_GID=1003
    restart: always
    networks:
      - gitea
    volumes:
      - ./gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
      - /home/git/.ssh/:/data/git/.ssh
    ports:
      - "443:3000"
      - "80:3080"
      - "222:22"
      - "127.0.0.1:2222:22"

[server]
APP_DATA_PATH = /data/gitea
DOMAIN = git.myhostname.com
SSH_DOMAIN = git.myhostname.com
ENABLE_ACME = true
ACME_ACCEPTTOS = true
ACME_DIRECTORY = https
ACME_EMAIL = mymail@mail.com
PROTOCOL  = https
HTTP_PORT = 3000
ROOT_URL = https://git.myhostname.com/
REDIRECT_OTHER_PORT = true
PORT_TO_REDIRECT = 3080
DISABLE_SSH = false
SSH_PORT = 22
SSH_LISTEN_PORT = 22
LFS_START_SERVER = true
LFS_JWT_SECRET = ********
OFFLINE_MODE = true

Gitea Version

1.23.5

Can you reproduce the bug on the Gitea demo site?

Yes

Log Gist

https://gist.github.com/KaidRommel/2ac31fd904b05879a8d116240f9efebf

Screenshots

No response

Git Version

No response

Operating System

docker.gitea.com/gitea:1.23.5

How are you running Gitea?

docker

Database

SQLite

Originally created by @KaidRommel on GitHub (Mar 23, 2025). ### Description Gitea fails to start when attempting to automatically obtain HTTPS certificates via ACME (Let's Encrypt). The error logs indicate an invalid ACME_DIRECTORY configuration, leading to incorrect file paths and HTTP request failures. ![Image](https://github.com/user-attachments/assets/25f1320a-d969-4c53-8bc6-2bc12e7eac83) ```yaml version: "3" networks: gitea: external: false services: server: image: docker.gitea.com/gitea:1.23.5 container_name: gitea environment: - USER_UID=1003 - USER_GID=1003 restart: always networks: - gitea volumes: - ./gitea:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro - /home/git/.ssh/:/data/git/.ssh ports: - "443:3000" - "80:3080" - "222:22" - "127.0.0.1:2222:22" ``` ```ini [server] APP_DATA_PATH = /data/gitea DOMAIN = git.myhostname.com SSH_DOMAIN = git.myhostname.com ENABLE_ACME = true ACME_ACCEPTTOS = true ACME_DIRECTORY = https ACME_EMAIL = mymail@mail.com PROTOCOL = https HTTP_PORT = 3000 ROOT_URL = https://git.myhostname.com/ REDIRECT_OTHER_PORT = true PORT_TO_REDIRECT = 3080 DISABLE_SSH = false SSH_PORT = 22 SSH_LISTEN_PORT = 22 LFS_START_SERVER = true LFS_JWT_SECRET = ******** OFFLINE_MODE = true ``` ### Gitea Version 1.23.5 ### Can you reproduce the bug on the Gitea demo site? Yes ### Log Gist https://gist.github.com/KaidRommel/2ac31fd904b05879a8d116240f9efebf ### Screenshots _No response_ ### Git Version _No response_ ### Operating System docker.gitea.com/gitea:1.23.5 ### How are you running Gitea? docker ### Database SQLite
GiteaMirror added the issue/needs-feedback label 2025-11-02 11:08:51 -06:00
GiteaMirror commented 2025-11-02 11:08:52 -06:00
Author
Owner
Copy Link

@wxiaoguang commented on GitHub (Mar 23, 2025):

It should have been fixed in 1.23-nightly (will be 1.23.6)

@wxiaoguang commented on GitHub (Mar 23, 2025): It should have been fixed in 1.23-nightly (will be 1.23.6) * https://dl.gitea.com/gitea/1.23-nightly/ * https://hub.docker.com/r/gitea/gitea/tags?name=1.23-nightly
GiteaMirror commented 2025-11-02 11:08:52 -06:00
Author
Owner
Copy Link

@KaidRommel commented on GitHub (Mar 23, 2025):

It should have been fixed in 1.23-nightly (will be 1.23.6)

@wxiaoguang Thank you for your timely help! After switching to the 1.23-nightly version, the ACME certificate acquisition process can correctly recognize the ACME_CA_URL, but there is still an issue with ACME directory. Below is the key portion of the current error log:

1.7427377084394832e+09  info    creating new account because no account for configured email is known to us     {"email": "mymail@mail.com", "ca": "https://acme-v02.api.letsencrypt.org/directory", "error": "open https/acme/acme-v02.api.letsencrypt.org-directory/users/mymail@mail.com/mymail.json: no such file or directory"}
1.742737708439539e+09   info    ACME account has empty status; registering account with ACME server     {"contact": ["mailto:mymail@mail.com"], "location": ""}
@KaidRommel commented on GitHub (Mar 23, 2025): > It should have been fixed in 1.23-nightly (will be 1.23.6) > > * https://dl.gitea.com/gitea/1.23-nightly/ > * https://hub.docker.com/r/gitea/gitea/tags?name=1.23-nightly @wxiaoguang Thank you for your timely help! After switching to the 1.23-nightly version, the ACME certificate acquisition process can correctly recognize the `ACME_CA_URL`, but there is still an issue with ACME directory. Below is the key portion of the current error log: ``` 1.7427377084394832e+09 info creating new account because no account for configured email is known to us {"email": "mymail@mail.com", "ca": "https://acme-v02.api.letsencrypt.org/directory", "error": "open https/acme/acme-v02.api.letsencrypt.org-directory/users/mymail@mail.com/mymail.json: no such file or directory"} 1.742737708439539e+09 info ACME account has empty status; registering account with ACME server {"contact": ["mailto:mymail@mail.com"], "location": ""} ```
GiteaMirror commented 2025-11-02 11:08:53 -06:00
Author
Owner
Copy Link

@wxiaoguang commented on GitHub (Mar 23, 2025):

Could you remove your "https" directory and retry?

@wxiaoguang commented on GitHub (Mar 23, 2025): Could you remove your "https" directory and retry?
GiteaMirror commented 2025-11-02 11:08:53 -06:00
Author
Owner
Copy Link

@KaidRommel commented on GitHub (Mar 23, 2025):

Could you remove your "https" directory and retry?

The HTTPS directory has not been created yet.

e890821f6d1c:/data# ls
cert.pem  git       gitea     key.pem   ssh

e890821f6d1c:/data/gitea# ls
actions_artifacts  avatars            home               log                repo-archive       tmp
actions_log        conf               indexers           packages           repo-avatars
attachments        gitea.db           jwt                queues             sessions
@KaidRommel commented on GitHub (Mar 23, 2025): > Could you remove your "https" directory and retry? The HTTPS directory has not been created yet. ``` e890821f6d1c:/data# ls cert.pem git gitea key.pem ssh ``` ``` e890821f6d1c:/data/gitea# ls actions_artifacts avatars home log repo-archive tmp actions_log conf indexers packages repo-avatars attachments gitea.db jwt queues sessions ```
GiteaMirror commented 2025-11-02 11:08:53 -06:00
Author
Owner
Copy Link

@wxiaoguang commented on GitHub (Mar 23, 2025):

IIRC it is in the /app/gitea directory (well, another legacy problem which hasn't been fixed yet)

-> ACME default storage not using work-path setting #26590

@wxiaoguang commented on GitHub (Mar 23, 2025): IIRC it is in the `/app/gitea` directory (well, another legacy problem which hasn't been fixed yet) -> ACME default storage not using work-path setting #26590
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
Mirrored from GitHub Pull Request
 reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
No Label issue/needs-feedback
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#14292
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?