Binding gitea to the localhost address for tunneling?

Asked Dec 29 '19 at 23:59

Active Jun 23 '20 at 09:55

Viewed 1,344 times

1

I've found some configuration which appears to indicate the port the gitea binds to, see below:

I changed the actual address of the machine to 127.0.0.1 (the loopback) thinking that I would be able to make gitea accessible only by tunneling into the device with SSH, but when I restart the service I can still access it via the device's ip on port 3000.

Shouldn't changing the ROOT_URL and HTTP_PORT cause it to be bound to the loopback address, requiring me to do port forwarding through my SSH client to reach port http://127.0.0.1:3000?

P.S. If you feel this question does not belong on Stack Exchange, go ahead and send it over to another site that is more well suited to it; but I would think that gitea isn't used too much by people other than programmers, which is why I posted it here.

asked Dec 29 '19 at 23:59

leeand00

25,510
39
140
297

I like how you censured the private IP address 192.168.x.x ^^ – Adrian Maire Nov 05 '22 at 22:57

2 Answers2

2

To double-check that Gitea is actually listening only on the loopback interface, check the output of

netstat -tulpn | grep 3000

which should appear as 127.0.0.1:3000 (in the 3rd column). Any other binding would indicate that your changes to the config haven't affected the service, and that it's still binding to other interfaces.

answered Dec 30 '19 at 00:19

Michael Jarrett

425
3
10

It looks like it's trying to use IPv6....binding to any and all addresses `::` – leeand00 Dec 30 '19 at 00:22
3

Had to use the `HTTP_ADDR` configuration directive it seems... – leeand00 Dec 30 '19 at 00:28

1

Just repeating what @leeand00 says: gitea's config lists HTTP_ADDR as the relevant setting. https://docs.gitea.io/en-us/config-cheat-sheet/

Afterwards, netstat -tulpn | grep 3000 is certainly a good check to see if everything is right :)

answered Jun 23 '20 at 09:55

radiospiel

2,450
21
28