Categories
Linux Uncategorized

Lost Gitea Local Admin Password?

There are various possible ways you can lose access to your Gitea instance. In particular, if you are getting user accounts via LDAP, you should always have a key to get back in: a “local” admin.

In case you haven’t got one (totally not like I did definitely only once 🤫), deleted it or lost its password, here’s the procedure in to variants: running on plain Linux, and running within Docker.

Plain Linux

List the available (local) user accounts (you may need to run this with sudo):

$ gitea admin user list

ID   Username     Email             IsActive IsAdmin
1    user1        me@home.earth     true     false

You may not get a single user listed here. In order to add a local administrator, do this

$ sudo gitea admin user create --username local_admin --email admins@email.earth --admin --random-password

generated random password is 'IzgvOwv1M9EG'
New user 'local_admin' has been successfully created!

$ sudo gitea admin user list

ID   Username     Email                 IsActive IsAdmin
1    unpriv_local bowfingermail@gmx.net true     true
3    local_admin  admins@email.earth    true     true

Especially on shared machines, I’d strongly recommend not setting a password via the command line. It’ll stick in bash_history and may be visible in the process list. Hence the --random-password option here. Use the generated password upon first login in the browser.

Docker Container

In order to get to the “plain Linux” field, you simply run a bash in the Gitea Docker container.

What’s the container’s name? Get it via docker container ls -a. Let’s say it’s called gitea. To start bash in that container, do

user1@linux:$ docker exec -it gitea /bin/bash

Now, you basically do the same thing as in the section above.

docker # gitea admin user list

ID   Username     Email             IsActive IsAdmin
1    user1        me@home.earth     true     false

docker # gitea admin user create --username local_admin --email admins@email.earth --admin --random-password

generated random password is 'ikV6xzPTiH7B'
New user 'local_admin' has been successfully created!

docker # gitea admin user list

ID   Username     Email                 IsActive IsAdmin
1    unpriv_local bowfingermail@gmx.net true     true
3    local_admin  admins@email.earth    true     true

Conclusion (and Other Platforms)

The Plain Linux approach works equally well on other platforms. I hope this helps.

Categories
Hardware Linux

SATA/Soft-RAID Cards that work

A while ago, I wanted to add more space to my MD+LVM2 array on a Linux machine (Ubuntu 20.04 at the moment).
The setup used MD to make a RAID1 of two HDDs and knowing that I would eventually like to add more storage later, I put LVM2 on top.

A Card That Doesn’t Work

The moment came but I realised my mainboard did not have enough SATA ports. So, after some research, I bought a HighPoint Rocket 640L PICe SATA host adapter which comes with a Marvell 88SE92xx series chip (88SE9230 in my case).

Tl;dr: Don’t.

It took me half a day of research to figure out that (as of September 2021 and Linux kernel 5.4, but I tried 5.14 too) it would not show disks at all if IOMMU was activated. Also, it did not like stand-by/hibernation: HDD 4 would spin up fine on boot, but would not show up after a stand-by rendering the RAID incomplete, and the LVM volume in read-only mode. Which is a nice safeguard, thanks LVM-developers! But still annoying as such of course.

A Card That Does Work

So, I did more research and found the Delock 5x SATA PCIe x4 Card featuring a JMicron Technology chip (with an ID [197b:0585]). And guess what:

  • All disks come back after stand-by/hibernation
  • IOMMU and virtualisation can be switched on, no problem
  • It even has one more port than the HighPoint card

Disclaimer: All this may change in the future. I have no idea if this is a driver problem or a problem with the chip. But I though it might save some of you time.

Conclusion

Don’t use Marvell 88SE92xx series, at least in a Linux system. Full stop.