Hello,
I’ve browsed around a lot, but cant find a solution to a problem that i am facing.
I have a self hosted Gitea instance running on a k3s cluster.
My problem is that I am able to clone,push and pretty much everything to repos without absolutely any authentication.
I am not using SSH.
Configs: (that I think may be relevant)
[repository]
FORCE_PRIVATE = true
DEFAULT_PRIVATE = private
DISABLE_HTTP_GIT = false
[service]
DISABLE_REGISTRATION = true
REQUIRE_SIGNIN_VIEW = true
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
ENABLE_REVERSE_PROXY_AUTHENTICATION_API = false
I believe my expectation is kinda self explanatory… i don’t want everyone to just clone,push commits and etc. to my repos and do whatever they want.
Am I missing something?
The Gitea instance is publicly facing over https if that matters…