SSH not disabled after installation using docker #7802

New Issue

GiteaMirror · 2025-11-02T07:36:55-06:00

GiteaMirror commented

2025-11-02 07:36:55 -06:00

Originally created by @stnwtr on GitHub (Sep 4, 2021).

General

Gitea version: gitea/gitea:1.15.0
Operating system: Debian 10 (buster)
Running: On docker 20.10.7 using compose 1.29.2
Database: Postgres 13.4
Reproduce on try.gitea.io: No because the bug occurs while installing
Logs: No useful logs for this bug

Description

If the environment variable DISABLE_SSH is set to true, SSH will still be active after first startup (after installation). This only happens if the ssh_port on the installation page (form) is still 22 and not cleared. The web-form basically overrides the initial env-var state.

Steps to reproduce

Create a docker-compose setup and set the environment variable GITEA__server__SSH_PORT to false. (Example is provided here)
Run docker-compose up -d to start the server
Do not change anything and click the installation button at the end of the page. (You can create an admin user and skip the next step.)
Create a new user (which will become an admin) and go to the admin settings.
Tadaa you can see, that SSH is enabled.

"Quick-Fix": After restarting all container (docker-compose restart) SSH is disabled.

Fix

In the file install.go there is a little mistake because the env-variables are not taken in consideration:

if form.SSHPort == 0 {
	cfg.Section("server").Key("DISABLE_SSH").SetValue("true")
} else {
	cfg.Section("server").Key("DISABLE_SSH").SetValue("false")
	cfg.Section("server").Key("SSH_PORT").SetValue(fmt.Sprint(form.SSHPort))
}

The first line in the else-block enables SSH but does not check if it is disabled in the env-vars. I suggest to just the line which enables the SSH server.

Sadly I am way too inexperienced developing with go so I cannot create a pull reqeust on my own .. :c

Originally created by @stnwtr on GitHub (Sep 4, 2021). ## General Gitea version: gitea/gitea:1.15.0 Operating system: Debian 10 (buster) Running: On docker 20.10.7 using compose 1.29.2 Database: Postgres 13.4 Reproduce on try.gitea.io: No because the bug occurs while installing Logs: No useful logs for this bug ## Description If the environment variable `DISABLE_SSH` is set to `true`, SSH will still be active after first startup (after installation). This only happens if the `ssh_port` on the installation page (form) is still `22` and not cleared. The web-form basically overrides the initial env-var state. ## Steps to reproduce 1. Create a docker-compose setup and set the environment variable `GITEA__server__SSH_PORT` to `false`. (Example is provided [here](https://gist.github.com/stnwtr/4a28efc796455e4238cd0a03e184ed4e)) 2. Run `docker-compose up -d` to start the server 3. Do not change anything and click the installation button at the end of the page. (You can create an admin user and skip the next step.) 4. Create a new user (which will become an admin) and go to the admin settings. Tadaa you can see, that SSH is enabled. "Quick-Fix": After restarting all container (`docker-compose restart`) SSH is disabled. ## Fix In the file `install.go` there is a little mistake because the env-variables are not taken in consideration: ```golang if form.SSHPort == 0 { cfg.Section("server").Key("DISABLE_SSH").SetValue("true") } else { cfg.Section("server").Key("DISABLE_SSH").SetValue("false") cfg.Section("server").Key("SSH_PORT").SetValue(fmt.Sprint(form.SSHPort)) } ``` The first line in the `else`-block enables SSH but does not check if it is disabled in the env-vars. I suggest to just the line which enables the SSH server. Sadly I am way too inexperienced developing with go so I cannot create a pull reqeust on my own .. :c

GiteaMirror added the type/bug issue/needs-feedback labels 2025-11-02 07:36:55 -06:00

GiteaMirror closed this issue

2025-11-02 07:36:55 -06:00

GiteaMirror commented

2025-11-02 07:36:56 -06:00

@lunny commented on GitHub (Mar 25, 2024):

Is this still a problem?

@lunny commented on GitHub (Mar 25, 2024): Is this still a problem?

GiteaMirror commented

2025-11-02 07:36:56 -06:00

@GiteaBot commented on GitHub (Apr 24, 2024):

We close issues that need feedback from the author if there were no new comments for a month. 🍵

@GiteaBot commented on GitHub (Apr 24, 2024): We close issues that need feedback from the author if there were no new comments for a month. :tea:

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/gitea#7802