Freyja's Blog

Ha!

a discovery of sorts

Ha!

I’ve tracked down an issue that plagued my gitea config and made me go nuts for a week. Turns out that for some reason, full end-to-end https on gitea breaks ssh pushing? I’ve abandoned this prospect for now, instead opting to just use TLS termination at https://gitea.raer.me/ and forwarding to http on the private network. That’s fine for my purposes. Its not ideal. But its fine.

What truly matters here, is that I’ve got my gitea deployment off of the virtual machine it was running on. And, the database connection is now encrypted (and enforced) with tls. So there’s that. See, before, I was running a virtual machine on my truenas scale server that had a bunch of rootless docker instances running things. this was far. Too. Complex. It didn’t even solve anything practically, either. It forced me to do networking where I didn’t need to.

Instead, gitea and its mysql server run directly on the k3s implementation on my truenas scale server. This is ideal, as it allows me easier control over the files. It allows me to do zfs snapshots of the db and the gitea server. It removes the need for the scheduled daily downtime while a script archived and stored the whole thing on another server. At least, that’s the idea. It also removes the overhead of the whole server, and streamlines things somewhat.

Anyway, this has been an entry in the ol blog. Over and out

ps: did I mention I didn’t have to nuke the whole thing and start from scratch like I thought I might? That’s a big bonus!

EDIT 2024-01-17 11:29

This was copied from its original HTML version. See below:

<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Ha!</title>
</head>

<body>
    <nav>
        <a href="/index.html">Index</a>
        <a href="/about.html">About</a>
        <a href="/contact.html">Contact</a>
    </nav>
    <hr>
    <!-- CONTENT GOES HERE -->
        <h1>Ha!</h1>
        <p>I've tracked down an issue that plagued my gitea config and made me go nuts for a week. Turns out that for some
            reason, full end-to-end https on gitea breaks ssh pushing? I've abandoned this prospect for now, instead opting to
            just use TLS termination at https://gitea.raer.me/ and forwarding to http on the private network. That's fine for my
            purposes. Its not ideal. But its fine.</p>
        <p>What truly matters here, is that I've got my gitea deployment off of the virtual machine it was running on. And, the
            database connection is now encrypted (and enforced) with tls. So there's that. See, before, I was running a virtual
            machine on my truenas scale server that had a bunch of rootless docker instances running things. this was far. Too.
            Complex. It didn't even solve anything practically, either. It forced me to do networking where I didn't need to.
        </p>
        <p>Instead, gitea and its mysql server run directly on the k3s implementation on my truenas scale server. This is ideal,
            as it allows me easier control over the files. It allows me to do zfs snapshots of the db and the gitea server. It
            removes the need for the scheduled daily downtime while a script archived and stored the whole thing on another
            server. At least, that's the idea. It also removes the overhead of the whole server, and streamlines things
            somewhat.</p>
        <p>Anyway, this has been an entry in the ol blog. Over and out.</p>
        <p>ps: did I mention I didn't have to nuke the whole thing and start from scratch like I thought I might? That's a big
            bonus!</p>
        <p>- Freyja</p>


    <!-- END CONTENT -->

    <hr>
    <footer>
        <p>Published: 3rd July, 2023 @ 3:36pm PDT</p>
    </footer>
</body>

</html>