
Description
Gitea Version
1.12.0
Git Version
2.24.1
Operating System
Debian (Docker)
How are you running Gitea?
We are using the official Docker image.
Database
PostgreSQL
Can you reproduce the bug on the Gitea demo site?
Yes
Log Gist
No response
Description
Hello,
When an user adds their SSH key to their profile, Gitea regenerates the authorized_keys
file and renames the previous one as authorized_keys_TIMESTAMP.gitea_bak
.
In Docker, this folder is located by default in /data/git/.ssh
.
According to Gitea's dashboard, we currently have 17 500 users, with 26 400 public keys and 616 800 repositories.
Here's how it started:
bash-5.0# pwd
/data/git/.ssh
bash-5.0# ls -alh | head
total 1003G
drwx------ 2 git git 11.6M Sep 22 09:16 .
drwxr-xr-x 4 git git 4.0K Jun 28 07:06 ..
-rw------- 1 git git 14.2M Sep 22 09:16 authorized_keys
-rw------- 1 git git 3.2K Jan 23 2020 authorized_keys_1579798826.gitea_bak
-rw------- 1 git git 3.2K Jan 23 2020 authorized_keys_1579798873.gitea_bak
-rw------- 1 git git 3.2K Jan 23 2020 authorized_keys_1579798917.gitea_bak
-rw------- 1 git git 33.7K Jan 23 2020 authorized_keys_1579799227.gitea_bak
-rw------- 1 git git 33.7K Jan 23 2020 authorized_keys_1579799244.gitea_bak
-rw------- 1 git git 34.7K Jan 23 2020 authorized_keys_1579799314.gitea_bak
Here's how it's going:
bash-5.0# ls -alh | tail
-rw------- 1 git git 14.2M Sep 22 08:47 authorized_keys_1632300479.gitea_bak
-rw------- 1 git git 14.2M Sep 22 08:48 authorized_keys_1632300618.gitea_bak
-rw------- 1 git git 14.2M Sep 22 08:55 authorized_keys_1632300964.gitea_bak
-rw------- 1 git git 14.2M Sep 22 08:56 authorized_keys_1632301093.gitea_bak
-rw------- 1 git git 14.2M Sep 22 08:58 authorized_keys_1632301095.gitea_bak
-rw------- 1 git git 14.2M Sep 22 09:09 authorized_keys_1632301830.gitea_bak
-rw------- 1 git git 14.2M Sep 22 09:12 authorized_keys_1632301972.gitea_bak
-rw------- 1 git git 14.2M Sep 22 09:12 authorized_keys_1632301976.gitea_bak
-rw------- 1 git git 14.2M Sep 22 09:16 authorized_keys_1632302204.gitea_bak
-rw------- 1 git git 25 Jan 22 2020 environment
The size of the authorized_keys backups has reached 1 To:
bash-5.0# du -h -d 1 .
1002.7G .
Can Gitea somehow cleanup its backups on a regular basis, while keeping the last X backups (e.g.: 50) ?
We have the opportunity to test Gitea in a large-scale organization, and up until now we're satisfied with it, it's very performant even though we have a lot of users:
NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
gitea_server_1 29.85% 775.7MiB / 7.791GiB 9.72% 639GB / 75GB 104TB / 549GB 51
I believe it only needs some minor adjustments to be scalable without issues, and this authorized_keys backup issue is one of those.
Do you think this issue can be fixed in Gitea ?
Thanks!
Screenshots
No response
Activity
lunny commentedon Sep 22, 2021
Maybe we should only keep last x backups.
mattrpav commentedon Jan 25, 2023
Suggest having config option similar to CI jobs that provides good flexibility for small installations and large:
mattrpav commentedon Feb 19, 2023
Note to users: if you experience slow startup times in Kubernetes, this could be the cause. Add a task to delete the '/data/git/.ssh/authorized_keys_*.gitea_bak' files periodically.
mattrpav commentedon May 11, 2023
@lunny any update on a fix approach for this one?
lunny commentedon May 12, 2023
Maybe we should have a cron job to do that. A PR is needed and it should not be very difficult.
mattrpav commentedon May 12, 2023
Curiously, why are the backups made? We have a custom task that cleans out 30-50 around every 5 minutes or so.
lonix1 commentedon Jun 21, 2023
workaround for now:
Set SSH_AUTHORIZED_KEYS_BACKUP to false (#25412)