Gitea Git-LFS HTTP 413 Error when pushing large files

Question

Disclaimer up front: I'm very new to Linux/Ubuntu as a whole and system administration as well only having dabbled with it in my free time so please be patient and thorough with your answers.

I installed Gitea on my Ubuntu 20.04 server with git-lfs. I have Apache running a reverse proxy to use my subdomain with gitea. I also have it configured for SSH using certbot.

Every time I try to push a large file (~>1Gb) I get an LFS: Client error from HTTP 413.

What I've tried so far:

disable UFW
Increase all relevant file and file size options in the gitea config

Here is my app.ini:

APP_NAME = Tali Git
RUN_USER = git
RUN_MODE = prod

[security]
INTERNAL_TOKEN     = XXXXX
INSTALL_LOCK       = true
SECRET_KEY         = XXXXXXX
PASSWORD_HASH_ALGO = pbkdf2

[database]
DB_TYPE  = sqlite3
HOST     = 127.0.0.1:3306
NAME     = gitea
USER     = gitea
PASSWD   = 
SCHEMA   = 
SSL_MODE = disable
CHARSET  = utf8
PATH     = /var/lib/gitea/data/gitea.db
LOG_SQL  = false

[repository]
ROOT = /var/lib/gitea/data/gitea-repositories

[repository.upload]
FILE_MAX_SIZE = 999999999999
MAX_FILES = 999999999999

[server]
SSH_DOMAIN       = git.example.com
DOMAIN           = git.example.com
HTTP_PORT        = 3000
ROOT_URL         = https://git.example.com/
DISABLE_SSH      = false
SSH_PORT         = 22
LFS_START_SERVER = true
LFS_CONTENT_PATH = /var/lib/gitea/data/lfs
LFS_JWT_SECRET   = XXXXXXXXXXXX
LFS_MAX_FILE_SIZE = 999999999999999999999999
OFFLINE_MODE     = false
LFS_HTTP_AUTH_EXPIRY = 999999m

[mailer]
ENABLED = false

[service]
REGISTER_EMAIL_CONFIRM            = false
ENABLE_NOTIFY_MAIL                = false
DISABLE_REGISTRATION              = true
ALLOW_ONLY_EXTERNAL_REGISTRATION  = false
ENABLE_CAPTCHA                    = false
REQUIRE_SIGNIN_VIEW               = false
DEFAULT_KEEP_EMAIL_PRIVATE        = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING       = true
NO_REPLY_ADDRESS                  = noreply.localhost

[picture]
DISABLE_GRAVATAR        = false
ENABLE_FEDERATED_AVATAR = true

[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true

[session]
PROVIDER = file

[log]
MODE      = console
LEVEL     = info
ROOT_PATH = /var/lib/gitea/log
ROUTER    = console

[ui]
DEFAULT_THEME = arc-green
THEMES = gitea,arc-green

The apache HTTP proxy:

<VirtualHost *:80>
    ServerName git.example.com
    ProxyPreserveHost On
    ProxyRequests off
    ProxyPass / http://localhost:3000/
    ProxyPassReverse / http://localhost:3000/
LimitRequestBody 0
RewriteEngine on
RewriteCond %{SERVER_NAME} =git.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

The apache SSH proxy:

<IfModule mod_ssl.c>
<VirtualHost *:443>
<Directory />
    SSLRenegBufferSize 2147483647
</Directory>
    ServerName git.example.com
    ProxyPreserveHost On
    ProxyRequests off
    ProxyPass / http://localhost:3000/
    ProxyPassReverse / http://localhost:3000/

SSLCertificateFile /etc/letsencrypt/live/git.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/git.example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

There was nothing that stood out in the Apache access or error log.

The relevant Gitea log with log level trace can be found here: https://pastebin.com/XgbQaZn0

Any tips, ideas or shared experiences would be highly appreciated. I'm at a total loss here.

So I installed gogs just to see what would happen and I'm getting the same problem there. So it has to be something in front of it. — Tali, Nov 09 '21 at 16:54

freedev · Answer 1 · 2022-12-21T12:24:33.540

6

Have you tried adding

git config http.version HTTP/1.1

in your git configuration?

edited Dec 21 '22 at 12:24

answered Mar 14 '22 at 21:39

freedev

25,946
8
108
125

score 1 · Answer 2 · edited Nov 10 '21 at 00:05

Okay I figured it out and posting it here for anyone to come across in the future:

I consolidated my apache config into a single file since certbots auto configurator actually creates a dedicated 443 one. My site config file looks like this:

<VirtualHost *:80>

               ServerName git.example.com
               ServerAdmin admin@example.com

               ProxyPass / http://localhost:3000/
               ProxyPassReverse / http://localhost:3000/
</VirtualHost>
 
<VirtualHost *:443>

               ServerName git.example.com
               ServerAdmin admin@example.com

               SSLEngine on
               SSLCertificateFile /etc/letsencrypt/live/git.example.com/cert.pem
               SSLCertificateKeyFile /etc/letsencrypt/live/git.example.com/privkey.pem
               SSLCertificateChainFile /etc/letsencrypt/live/git.example.com/fullchain.pem

               ProxyPass / http://localhost:3000/
               ProxyPassReverse / http://localhost:3000/
</VirtualHost>

Previously, I ran certbot certonly to generate these certificate files that I'm pointing Apache to here.

Additionally—and I haven't tested if this actually affects it—this time I used http:// in the gitea root URL in its app.ini configuration instead of https://.

Either way, it works!

I might want to add that cloudflare's proxy also seems to interfere somewhat so it's worth disabling that too. — Tali, Nov 17 '21 at 17:09

score 1 · Answer 3 · answered Mar 31 '22 at 12:30

1

Cloudflare will cause HTTP 413 errors when pusing larger files to LFS. Be sure to run Gitea without Cloudflare as a proxy.

LFS: Client error: https://example.com/user/test.git/... from HTTP 413

answered Mar 31 '22 at 12:30

Cwista

361
1
11

1

This was my problem. Simply not running cloudflare as a proxy isn't really a solution however. – Lachee Nov 23 '22 at 01:59

Gitea Git-LFS HTTP 413 Error when pushing large files

3 Answers3