Skip to content

LoginGraceTime on second push #34179

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
TobiZog opened this issue Apr 11, 2025 · 2 comments
Open

LoginGraceTime on second push #34179

TobiZog opened this issue Apr 11, 2025 · 2 comments
Labels
issue/not-a-bug The reported issue is the intended behavior or the problem is not inside Gitea

Comments

@TobiZog
Copy link

TobiZog commented Apr 11, 2025

Description

If I pushed something to my Gitea instance, everything works fine. But the second, third, ... push will be rejected sometimes. The server shows these logs:

2025-04-11T10:22:29.612108921Z Timeout before authentication for connection from 172.18.0.8 to 172.18.0.4, pid = 4246
2025-04-11T10:22:39.011155983Z drop connection #1 from [172.18.0.8]:52934 on [172.18.0.4]:22 penalty: exceeded LoginGraceTime
2025-04-11T10:22:42.360812378Z drop connection #1 from [172.18.0.8]:52936 on [172.18.0.4]:22 penalty: exceeded LoginGraceTime
2025-04-11T10:23:00.528575636Z drop connection #1 from [172.18.0.8]:52938 on [172.18.0.4]:22 penalty: exceeded LoginGraceTime
2025-04-11T10:24:24.805145353Z Timeout before authentication for connection from 172.18.0.8 to 172.18.0.4, pid = 4247
2025-04-11T10:24:32.999645959Z drop connection #1 from [172.18.0.8]:52942 on [172.18.0.4]:22 penalty: exceeded LoginGraceTime
2025-04-11T10:25:48.791944890Z drop connection #1 from [172.18.0.8]:52944 on [172.18.0.4]:22 penalty: exceeded LoginGraceTime
2025-04-11T10:26:20.688798443Z Timeout before authentication for connection from 172.18.0.8 to 172.18.0.4, pid = 4249
2025-04-11T10:27:33.213804692Z drop connection #1 from [172.18.0.8]:52948 on [172.18.0.4]:22 penalty: exceeded LoginGraceTime
2025-04-11T10:28:15.095043988Z Timeout before authentication for connection from 172.18.0.8 to 172.18.0.4, pid = 4250
2025-04-11T10:29:13.283563979Z drop connection #1 from [172.18.0.8]:52952 on [172.18.0.4]:22 penalty: exceeded LoginGraceTime
2025-04-11T10:30:12.126807386Z Timeout before authentication for connection from 172.18.0.8 to 172.18.0.4, pid = 4251
2025-04-11T10:30:51.105629466Z drop connection #0 from [172.18.0.8]:52954 on [172.18.0.4]:22 penalty: exceeded LoginGraceTime
2025-04-11T10:30:53.483504451Z drop connection #0 from [172.18.0.8]:52956 on [172.18.0.4]:22 penalty: exceeded LoginGraceTime
2025-04-11T10:30:57.298266364Z drop connection #0 from [172.18.0.8]:52958 on [172.18.0.4]:22 penalty: exceeded LoginGraceTime
2025-04-11T10:31:05.665168030Z drop connection #0 from [172.18.0.8]:52960 on [172.18.0.4]:22 penalty: exceeded LoginGraceTime

Sometimes it helps to close the bash and reopens it. Sometimes it helps to wait for a couple of minutes until the next push. Always a system restart helps. But only for one push. The next pushes shows the same result.

Git-Log on client:

2025-04-11 12:37:10.438 [info] > git push origin main:main [94ms]
2025-04-11 12:37:10.438 [info] Connection closed by 161.xxx.xxx.xxx port 22
fatal: Could not read from remote repository.

Please make sure you have the correct access rights and the repository exists.

Gitea Version

1.23.7

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

2.47.2

Operating System

Ubuntu 22.04.3 LTS

How are you running Gitea?

Running Gitea on my self hosted V-Server. OS is Ubuntu 22.04.3 LTS with kernel 5.15.0-25-generic. I'm using traefik as reverse proxy. My docker-compose file:

version: "3"

services:
  server:
    image: gitea/gitea:latest
    container_name: gitea-app
    environment:
      - USER_UID=1000
      - USER_GID=1000
    restart: always
    networks:
      - default
      - proxy
    volumes:
      - gitea-data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    labels:
      # Frontend
      - "traefik.enable=true"
      - "traefik.http.routers.gitea.entrypoints=https"
      - "traefik.http.routers.gitea.rule=Host(`gitea.${TLD}`)"
      - "traefik.http.routers.gitea.tls=true"
      - "traefik.http.routers.gitea.tls.certresolver=http"
      - "traefik.http.routers.gitea.middlewares=default@file"
      - "traefik.http.routers.gitea.service=gitea"
      - "traefik.http.services.gitea.loadbalancer.server.port=3000"
      - "traefik.docker.network=proxy"
      
      # SSH
      - "traefik.tcp.routers.gitea-ssh.entrypoints=git-ssh"
      - "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
      - "traefik.tcp.routers.gitea-ssh.service=gitea-ssh"
      - "traefik.tcp.services.gitea-ssh.loadbalancer.server.port=22"

  maria-db:
    image: mariadb
    container_name: gitea-db
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: ${POSTGRES_PASSWD}
      MYSQL_USER: gitea
      MYSQL_DATABASE: gitea
      MYSQL_PASSWORD: ${POSTGRES_PASSWD}
    volumes:
      - mariadb-data:/var/lib/mysql
    expose:
      - 8080

networks:
  gitea:
    external: false
  proxy:
    external: true

volumes:
  gitea-data:
    name: gitea-data
  mariadb-data:
    name: gitea-database

Database

MySQL/MariaDB
@lunny lunny added issue/not-a-bug The reported issue is the intended behavior or the problem is not inside Gitea and removed type/bug labels Apr 11, 2025
@lunny
Copy link
Member

lunny commented Apr 11, 2025

Looks like a configuration problem.

@TobiZog
Copy link
Author

TobiZog commented Apr 12, 2025

But what kind of error? What should I try? Or do you need more information?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
issue/not-a-bug The reported issue is the intended behavior or the problem is not inside Gitea
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lunny @TobiZog