[Gitea] RewriteAllPublicKeys failed: open /data/.ssh/authorized_keys.tmp: permission denied

Gitea has recently released version 1.20.0, and I endeavored to upgrade my locally-hosted instance from version 1.17.0 to 1.20.0. During this process, I encountered the following error when attempting to execute the docker-compose file:

routers/init.go:60:mustInit() [F] code.gitea.io/gitea/models/asymkey.RewriteAllPublicKeys failed: open /data/git/.ssh/authorized_keys.tmp: permission denied 
Received signal 15; terminating.

This issue is not exclusive to the new version, as some users have reported similar problems when upgrading from older versions, such as 1.17.3 to 1.18.0.

To resolve this error, it is necessary to modify the ownership of the folder /data/git/.ssh to the Gitea user. It is important to note that the path may vary depending on the specific instance.

Take the below compose file as an example.

 1version: "3"
 2
 3networks:
 4  gitea:
 5    external: false
 6
 7services:
 8  server:
 9    image: gitea/gitea:1.18.1
10    container_name: gitea
11    environment:
12      - USER_UID=1000
13      - USER_GID=1000
14      - GITEA__LOG__ROOT_PATH=/data/log
15      - GITEA__LOG__MODE=file
16      - GITEA__LOG__LEVEL=Debug
17    restart: always
18    networks:
19      - gitea
20    volumes:
21      - ./gitea:/data
22      - /etc/timezone:/etc/timezone:ro
23      - /etc/localtime:/etc/localtime:ro
24      - ./.ssh:/data/git/.ssh
25    ports:
26      - "80:80"
27      - "222:22"

Line 24: ./.ssh represents the folder that requires ownership modification. By executing ls -lha on the same path, it is highly probable that the current ownership is root, which is the cause of the error.

Line 21: running ls -lha will display the ownership of the files and folders under ./gitea, which will reveal the target ownership that needs to be assigned to ./.ssh. Assuming the ownership is gitea, execute the command below:

sudo chown -R gitea:gitea ./.ssh

If this post helped you to solve a problem or provided you with new insights, please upvote it and share your experience in the comments below. Your comments can help others who may be facing similar challenges. Thank you!
Buy Me A Coffee
DigitalOcean Referral Badge
Sign up to get $200, 60-day account credit !