LFS Pure SSH implementation uses ROOT_URL instead of LOCAL_ROOT_URL #33839
Comments
|
I don't know why people insist to play with In short: forget it, it is not for end users. |
TBH, The "peculiar network configuration" should be fixed or use some workaround to make |
I'm not insisting on playing with it, I'm merely pointing out that there is an inconsistency in how the LOCAL_ROOT_URL for all the requests where it constructs the request URL itself, but Download (via gitea/modules/lfstransfer/backend/backend.go Line 182 in 7290bfa batch request has returned, which uses ROOT_URL.
This means that this code will break in any configuration where there is a meaningful distinction between
I could work around the network issue but my main motivation for wanting to use the SSH LFS transport is avoiding having to expose the HTTP LFS endpoint publicly in the first place, so this wouldn't help. |
As a further note: I'm actually not trying to change it from its default value. The default value would be correct but the LFS |
|
Thank you for the clarification. I see your point, it makes sense. Let's see how to convert the "public action.Href" to an internal URL ........ |
|
I proposed a PR ( Fix LFS URL #33840 ) and updated the tests. Does it look good to you? |
Backport #33840 by wxiaoguang Fix #33839 --------- Co-authored-by: wxiaoguang <[email protected]>
Fix go-gitea#33839 (cherry picked from commit c102492)
|
I've rebuilt 1.23.5 with this patch on top and tested it in my setup and can confirm that it works, thanks! |
|
Thank you very much for the report! The investigation is really helpful. |
Description
When using the LFS Pure SSH protocol, the
"download"links in thebatchresponses are generated usingsetting.AppURL(akaROOT_URL). While this makes sense for the classic hybrid transport mode where the LFS client needs to connect to the externally facing API URLs to download objects, in the SSH protocol case, subsequent LFSdownloadrequests are being originated from the SSH server node.This causes a number of problems:
LOCAL_ROOT_URL, which can bypass a reverse proxy in front if Gitea.ROOT_URLmight not be even accessible from the SSH server node, which will cause obscure failures when cloning a repository (LFS: got status 500 when fetching OID)Gitea Version
1.23.5
Can you reproduce the bug on the Gitea demo site?
No
Log Gist
No response
Screenshots
No response
Git Version
No response
Operating System
No response
How are you running Gitea?
Self-hosted setup running behind a HTTPS reverse proxy and using OpenSSH for SSH. Both SSH, the reverse proxy and Gitea are running on the same machine, but because of some unrelated peculiar network configuration, the external URL (
ROOT_URL) is not accessible locally.Database
SQLite
The text was updated successfully, but these errors were encountered: