Restoring a backup: login source already exists [name: OpenLDAP] #9775

New Issue

GiteaMirror · 2025-11-02T08:49:15-06:00

GiteaMirror commented

2025-11-02 08:49:15 -06:00

Originally created by @devent on GitHub (Nov 3, 2022).

Description

I try to restore Gitea on a new server. I copied Gitea files and db dump to new server. Trying to start Gitea fails with the log message:

Admin account 'xxx' already exist. Running update to sync password...
2022/11/03 17:38:19 ...orm@v1.2.5/engine.go:1139:Get() [I] [SQL] SELECT "id", "lower_name", "name", "full_name", "email", "keep_email_private", "email_notifications_preference", "passwd", "passwd_hash_algo", "must_change_password", "login_type", "login_source", "login_name", "type", "location", "website", "rands", "salt", "language", "description", "created_unix", "updated_unix", "last_login_unix", "last_repo_visibility", "max_repo_creation", "is_active", "is_admin", "is_restricted", "allow_git_hook", "allow_import_local", "allow_create_organization", "prohibit_login", "avatar", "avatar_email", "use_custom_avatar", "num_followers", "num_following", "num_stars", "num_repos", "num_teams", "num_members", "visibility", "repo_admin_change_team_access", "diff_view_style", "theme", "keep_activity_private" FROM "user" WHERE "lower_name"=$1 LIMIT 1 [ahdiqu6b] - 9.829027ms
xxx's password has been successfully updated!
...password sync done.
No ldap configuration found with name 'OpenLDAP'. Installing it now...
2022/11/03 17:38:20 ...d/admin_auth_ldap.go:135:func1() [I] [SQL] SELECT "id", "type", "name", "is_active", "is_sync_enabled", "cfg", "created_unix", "updated_unix" FROM "login_source" WHERE (name=$1) LIMIT 1 [OpenLDAP] - 10.152211ms
2022/11/03 17:38:20 main.go:117:main() [F] Failed to run app with [/usr/local/bin/gitea -c /data/gitea/conf/app.ini admin auth add-ldap --admin-filter (&(objectClass=inetOrgPerson)(memberOf=cn=Administrators,ou=Group,dc=muellerpublic,dc=de)) --bind-dn CN=admin,dc=muellerpublic,dc=de --bind-password xxx --email-attribute mail --host openldap.kube-ldap.svc.cluster.local --name OpenLDAP --port 1389 --public-ssh-key-attribute publicSSHKey --security-protocol unencrypted --user-filter (&(objectClass=inetOrgPerson)(memberOf=cn=Gitea,ou=Group,dc=muellerpublic,dc=de)(uid=%s)) --user-search-base ou=People,dc=muellerpublic,dc=de --username-attribute CN]: login source already exists [name: OpenLDAP]

Gitea Version

1.16.3

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

No response

Operating System

No response

How are you running Gitea?

Kubernetes 1.25

Database

PostgreSQL

Originally created by @devent on GitHub (Nov 3, 2022). ### Description I try to restore Gitea on a new server. I copied Gitea files and db dump to new server. Trying to start Gitea fails with the log message: ``` Admin account 'xxx' already exist. Running update to sync password... 2022/11/03 17:38:19 ...orm@v1.2.5/engine.go:1139:Get() [I] [SQL] SELECT "id", "lower_name", "name", "full_name", "email", "keep_email_private", "email_notifications_preference", "passwd", "passwd_hash_algo", "must_change_password", "login_type", "login_source", "login_name", "type", "location", "website", "rands", "salt", "language", "description", "created_unix", "updated_unix", "last_login_unix", "last_repo_visibility", "max_repo_creation", "is_active", "is_admin", "is_restricted", "allow_git_hook", "allow_import_local", "allow_create_organization", "prohibit_login", "avatar", "avatar_email", "use_custom_avatar", "num_followers", "num_following", "num_stars", "num_repos", "num_teams", "num_members", "visibility", "repo_admin_change_team_access", "diff_view_style", "theme", "keep_activity_private" FROM "user" WHERE "lower_name"=$1 LIMIT 1 [ahdiqu6b] - 9.829027ms xxx's password has been successfully updated! ...password sync done. No ldap configuration found with name 'OpenLDAP'. Installing it now... 2022/11/03 17:38:20 ...d/admin_auth_ldap.go:135:func1() [I] [SQL] SELECT "id", "type", "name", "is_active", "is_sync_enabled", "cfg", "created_unix", "updated_unix" FROM "login_source" WHERE (name=$1) LIMIT 1 [OpenLDAP] - 10.152211ms 2022/11/03 17:38:20 main.go:117:main() [F] Failed to run app with [/usr/local/bin/gitea -c /data/gitea/conf/app.ini admin auth add-ldap --admin-filter (&(objectClass=inetOrgPerson)(memberOf=cn=Administrators,ou=Group,dc=muellerpublic,dc=de)) --bind-dn CN=admin,dc=muellerpublic,dc=de --bind-password xxx --email-attribute mail --host openldap.kube-ldap.svc.cluster.local --name OpenLDAP --port 1389 --public-ssh-key-attribute publicSSHKey --security-protocol unencrypted --user-filter (&(objectClass=inetOrgPerson)(memberOf=cn=Gitea,ou=Group,dc=muellerpublic,dc=de)(uid=%s)) --user-search-base ou=People,dc=muellerpublic,dc=de --username-attribute CN]: login source already exists [name: OpenLDAP] ``` ### Gitea Version 1.16.3 ### Can you reproduce the bug on the Gitea demo site? No ### Log Gist _No response_ ### Screenshots _No response_ ### Git Version _No response_ ### Operating System _No response_ ### How are you running Gitea? Kubernetes 1.25 ### Database PostgreSQL

GiteaMirror added the issue/needs-feedback type/bug labels 2025-11-02 08:49:15 -06:00

GiteaMirror closed this issue

2025-11-02 08:49:15 -06:00

GiteaMirror commented

2025-11-02 08:49:16 -06:00

@techknowlogick commented on GitHub (Nov 4, 2022):

Hi,
Thank you for this report. To confirm you made the dump using the binary using something like gitea dump, or did you use pg_dump to dump the database? Also as you are running on k8s, are you using the helm chart because it looks like the error might be caused by some magic that the helm chart tries to do? If yes, I'm assuming you added the ldap config to your helm values (please let me know if this assumption is correct).
(and a general note, I do recommend updating to the latest stable version, 1.17.3 at time of writing, as well as the latest stable version of the helm chart if you are indeed using it)

@techknowlogick commented on GitHub (Nov 4, 2022): Hi, Thank you for this report. To confirm you made the dump using the binary using something like `gitea dump`, or did you use pg_dump to dump the database? Also as you are running on k8s, are you using the helm chart because it looks like the error might be caused by some magic that the helm chart tries to do? If yes, I'm assuming you added the ldap config to your helm values (please let me know if this assumption is correct). (and a general note, I do recommend updating to the latest stable version, 1.17.3 at time of writing, as well as the latest stable version of the helm chart if you are indeed using it)

GiteaMirror commented

2025-11-02 08:49:16 -06:00

@justusbunsi commented on GitHub (Jan 14, 2023):

The log is from the Helm Chart. I recognize the output from the init container.

A known root cause is a change of the encryption related keys inside the app.ini. This happened with Helm Chart version prior to 5.0.0.

I copied Gitea files and db dump to new server.

@devent What version of the Helm Chart do you use? If you are using the Chart prior to 5.0.0 you are most likely affected by recreated encryption keys. Do you still have the original app.ini file from the old environment? If so please compare values for [security].SECRET_KEY, [security].INTERNAL_TOKEN and [oauth2].JWT_SECRET with the current app.ini on the new environment.

@justusbunsi commented on GitHub (Jan 14, 2023): The log is from the Helm Chart. I recognize the output from the [init container](https://gitea.com/gitea/helm-chart/src/commit/8b6a00603adc1012e5345c2baa1e6f4c3d6066f6/templates/gitea/init.yaml#L77). A known root cause is a change of the encryption related keys inside the `app.ini`. This happened with Helm Chart version prior to 5.0.0. > I copied Gitea files and db dump to new server. @devent What version of the Helm Chart do you use? If you are using the Chart prior to [5.0.0](https://gitea.com/gitea/helm-chart/releases/tag/v5.0.0) you are most likely affected by recreated encryption keys. Do you still have the original app.ini file from the old environment? If so please compare values for `[security].SECRET_KEY`, `[security].INTERNAL_TOKEN` and `[oauth2].JWT_SECRET` with the current app.ini on the new environment.

GiteaMirror commented

2025-11-02 08:49:16 -06:00

@GiteaBot commented on GitHub (Sep 8, 2023):

We close issues that need feedback from the author if there were no new comments for a month. 🍵

@GiteaBot commented on GitHub (Sep 8, 2023): We close issues that need feedback from the author if there were no new comments for a month. :tea:

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/gitea#9775