git/gitea-homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bb68b6b9f2159d0b0a9a6976ad977049eecc6086
gitea-homelab/docs/troubleshooting.md
Raghav bb68b6b9f2 Initial commit 
Co-Authored-By: Oz <oz-agent@warp.dev>
2026-04-16 09:04:22 +05:30

61 lines
2.6 KiB
Markdown
Raw Blame History

# Troubleshooting
## 1) Containers fail to start
- Check compose status:
- `docker compose --env-file .env -f docker-compose.yml ps`
- If TLS profile enabled:
- `docker compose --env-file .env -f docker-compose.yml --profile tls ps`
- Inspect logs:
- `docker compose --env-file .env -f docker-compose.yml logs gitea`
- `docker compose --env-file .env -f docker-compose.yml logs postgres`
- `docker compose --env-file .env -f docker-compose.yml --profile tls logs caddy`
## 2) Gitea health endpoint fails
- Local probe:
- `curl -v http://localhost:3000/api/healthz`
- If port changed, use your `GITEA_HTTP_PORT`.
- Confirm mapping:
- `docker compose --env-file .env -f docker-compose.yml ps`
## 3) Database connection errors
- Confirm PostgreSQL health:
- `docker compose --env-file .env -f docker-compose.yml ps postgres`
- Re-check `.env` values:
- `POSTGRES_USER`, `POSTGRES_PASSWORD`, `POSTGRES_DB`
- Look for auth failures in postgres logs.
## 4) Permission issues under `/media/rbhat/DATA/gitea`
- Ensure current user can read/write this path.
- If needed:
- `sudo chown -R rbhat:rbhat /media/rbhat/DATA/gitea`
- `sudo chmod -R u+rwX /media/rbhat/DATA/gitea`
## 5) Firewall blocks access
- Check active rules:
- `sudo ufw status`
- Expected allows:
- `<GITEA_HTTP_PORT>/tcp`
- `<GITEA_SSH_PORT>/tcp`
- `80/tcp` and `443/tcp` if TLS profile is internet-exposed
## 6) TLS cert not issuing
- Ensure `git.bhatfamily.in` resolves publicly to your home WAN IP.
- Ensure inbound TCP 80 and 443 are forwarded to this host.
- Ensure `TLS_EMAIL` is set in `.env`.
- Verify Caddy logs for ACME failures:
- `docker compose --env-file .env -f docker-compose.yml --profile tls logs caddy`
## 7) Port conflicts on 80/443
- Check listeners:
- `ss -tulpen | grep -E '(:80\s|:443\s)'`
- Stop conflicting services or disable TLS profile until resolved.
## 8) DNS resolves but service unreachable
- Verify router forwarding targets correct LAN IP.
- Verify host listening:
- `ss -tulpen | grep -E '3000|2222|80|443'`
- Test from external network (mobile hotspot) to avoid NAT loopback confusion.
## 9) TLS tests fail during propagation
- Strict mode (default) fails until DNS/routing/cert trust is ready:
- `./scripts/test.sh --with-tls`
- Temporary non-blocking mode:
- `./scripts/test.sh --with-tls --allow-pending-external`
## 10) Reset stack while keeping data
- `./scripts/uninstall.sh --with-tls`
- `./scripts/install.sh --with-tls --open-public-web`
## 11) Full clean rebuild
- `./scripts/uninstall.sh --with-tls --purge-data --purge-images --close-public-web --yes`
- Re-run install
Reference in New Issue View Git Blame Copy Permalink