Git push failure-[Gogs with htpasswd file (Basic HTTP Authentication)]


#1

I used htpasswd for nginx authorization. Of course, this reversed service is for gogs.

This is simple to authorize user account in a file and easy to add or to delete the user account in htpasswd. It is not needed to implement the other service such as LDAP.:+1::+1::+1::+1::+1::+1::+1::+1:

The web service is well. It has a prompt window as expected. I input the user account and password of htpasswd to go into the web.

When I use git clone, it is also well. I input the user account and password which are the htpasswd. It is done well.:grinning:

But, the problem is on git push. When I execute it, it shows up a message-โ€œfatal: Authentication failed for https://myrepo.com/โ€™โ€.

'". (The credentials of user is from htpasswd file.):grinning: :tired_face:

I donโ€™t know why it happened like this. Due to the matter on authentication, I add a registered gogs credentials of user to htpasswd file. Then, again, I use git push via same credentials as gogs. This is out of my wonder it is able to pass the authentication. :thinking:

RUN_USER = git
RUN_MODE = prod

[database]
DB_TYPE = sqlite3
HOST = 127.0.0.1:3306
NAME = gogs
USER = root
PASSWD =
SSL_MODE = disable
PATH = data/gogs.db

[repository]
ROOT = /home/git/gogs-repositories

[server]
#DOMAIN =
HTTP_PORT = 3000
ROOT_URL = https://myrepo.com/
DISABLE_SSH = true

[service]
REGISTER_EMAIL_CONFIRM = true
ENABLE_NOTIFY_MAIL = true
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
ENABLE_REVERSE_PROXY_AUTO_REGISTERATION = false

[session]
PROVIDER = file

[log]
MODE = file
LEVEL = Info

[security]
INSTALL_LOCK = true
SECRET_KEY = zJP5plo3G8Mj489
REVERSE_PROXY_AUTHENTICATION_USER = X-Forwared-User

server {
    listen 80 default_server;
    server_name myrepo.com;
    return 301 https://$host$request_uri;
}

server {
            listen 443 ssl default_server;
            server_name myrepo.com;
         
            ssl on;
            ssl_certificate /cert/gogo/chain.pem;
            ssl_certificate_key /cert/gogo/key.pem;
            
            ssl_session_timeout 5m;
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
            ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305';
            ssl_prefer_server_ciphers on;
           
            location / {
                auth_basic "Restricted Content";
                auth_basic_user_file /etc/nginx/.htpasswd;
                proxy_pass http://127.0.0.1:3000;
                
           
                client_max_body_size       10m;
                client_body_buffer_size    128k;
                proxy_connect_timeout      90;
                proxy_send_timeout         90;
                proxy_read_timeout         90;             
                proxy_buffer_size          4k;
                proxy_buffers              4 32k;
                proxy_busy_buffers_size    64k;
                proxy_temp_file_write_size 64k;

                proxy_set_header   Host             $http_host;
                proxy_set_header   X-Real-IP        $remote_addr;
                proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
                proxy_max_temp_file_size 0;
            }
        }

I use it on Linux. How to make git clone only on authorization? Once โ€œgit cloneโ€ had been done before. Why does the client need to use โ€œgit pushโ€ with authorization again?

Or, discretely, if the git push authorization is necessary, how to make it same as htpasswd fileโ€™s credentials. For administrator, it is no sense to have the clientโ€™s gogs password to input the htpasswd file.

About the htpasswd, my intention is to regard it as a โ€œspoken tokenโ€ among a small private members. For administrator, it is not a hard way on manipulating.

Maybe there are much better answer about this question. Wish your kind advices for me. Gogs is a good tool.

Happy New Year.

Best regards,