alezmad/nuc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
nuc/.artifacts/2026-02-01_14-30_gitea-coolify-webhook-fix.md
Alejandro Gutiérrez 59944e9144 Add infrastructure setup artifacts (Feb 1-3) 
Session notes covering Gitea-Coolify webhook fixes, NocoDB/Vaultwarden
credentials, Stalwart mail server setup, Snappymail config, WhyRating
databases and email, CloudBeaver deployment, and Turbostarter setup.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-18 15:17:04 +01:00

79 lines
2.7 KiB
Markdown
Raw Permalink Blame History

# Gitea-Coolify Webhook Fix
**Date:** 2026-02-01 14:30
**Context:** Fixing auto-deploy webhooks from Gitea to Coolify
## Problem
Gitea webhooks to Coolify were failing with two different errors:
### Error 1: ALLOWED_HOST_LIST
```
dial tcp 10.0.1.5:8000: webhook can only call allowed HTTP servers
(check your webhook.ALLOWED_HOST_LIST setting), deny 'coolify(10.0.1.5:8000)'
```
### Error 2: Connection Refused
```
dial tcp 10.0.1.5:8000: connection refused
```
## Root Causes
### 1. Gitea Blocks Internal Webhooks by Default
Gitea has a security feature that prevents webhooks to internal/private IP addresses unless explicitly allowed.
**Fix:** Add `[webhook]` section to Gitea's `app.ini`:
```ini
[webhook]
ALLOWED_HOST_LIST = coolify,10.0.1.5,192.168.1.3,localhost,host.docker.internal,external
```
### 2. Wrong Port (Critical Discovery!)
| Port | Usage |
|------|-------|
| **8000** | External Docker port mapping (for browser access from `192.168.1.3:8000`) |
| **8080** | Internal container port (what nginx actually listens on inside the container) |
When Gitea (running in Docker) calls Coolify (also in Docker), it uses the Docker network. From within the network, Coolify's nginx listens on **port 8080**, not 8000.
**Wrong:** `http://coolify:8000/webhooks/...` → Connection refused
**Correct:** `http://coolify:8080/webhooks/...` → HTTP 200 OK
## Solution Applied
1. Added `[webhook]` section to Gitea's app.ini:
```bash
ssh nuc "docker exec gitea-ho0cwgcwos88cwc48g84c0g8 sh -c 'echo \"\" >> /data/gitea/conf/app.ini && echo \"[webhook]\" >> /data/gitea/conf/app.ini && echo \"ALLOWED_HOST_LIST = coolify,10.0.1.5,192.168.1.3,localhost,host.docker.internal,external\" >> /data/gitea/conf/app.ini'"
ssh nuc "docker restart gitea-ho0cwgcwos88cwc48g84c0g8"
```
2. Updated webhook URL from port 8000 to 8080:
```
http://coolify:8080/webhooks/source/gitea/events/manual?uuid=t80w0cw0oooc4g0soswos4so
```
## Verification
- Webhook test delivery returned **HTTP 200**
- Green checkmark in Gitea webhook delivery history
## Key Learnings
1. **Always check internal vs external ports** when Docker containers communicate
2. **Gitea has webhook security** - must explicitly allow internal hosts
3. **The `?uuid=` parameter is required** - without it, Coolify doesn't know which app to deploy
4. **Test deliveries may not trigger actual deployments** but confirm connectivity
## Files Updated
- `docs/gitea-coolify-auto-deploy.md` - All port references updated to 8080
- `CLAUDE.md` - Webhook URL format and checklist added
## Related
- Coolify container: `coolify` (IP: 10.0.1.5 on coolify network)
- Gitea container: `gitea-ho0cwgcwos88cwc48g84c0g8`
- Both must be on the `coolify` Docker network
Reference in New Issue View Git Blame Copy Permalink