I spent a day connecting to the Docker container over SSH from the VPS 🥺

Thu, Mar 13, 2025

To manage version control for my blog posts, I wanted to enable Git over SSH in the directory where I store them, making version control easier to handle.

In the end, I spent a day troubleshooting an issue caused by a misconfiguration in the VPS that prevented me from connecting to the Docker Container hosting Gitea.

My initial configuration

I generated ssh-key then placed it in the .ssh/ directory in the VPS.

Also I edit ./ssh/config like following.

Host git.msano.ovh
    HostName git.msano.ovh
    User <my Gitea's user name>
    Port <my VPS's port number>
    IdentityFile ~/.ssh/id_ed25519_git

I will show you my docker-compose.yaml for the Docker Container of Gitea.

services:
  server:
    image: gitea/gitea:latest
    container_name: gitea
    environment:
      - USER_UID=1000
      - USER_GID=1000
    restart: always
    networks:
      - reverseproxy-nw
    volumes:
      - /home/ubuntu/apps/gitea/data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro

networks:
  reverseproxy-nw:
    external: true

I excuted ssh -T git@git.msano.ovh but the connection was refused.

ssh: connect to host git.msano.ovh port <my VPS's port number>: Connection refused

What was my fault

1. I should have specified a port for the Docker Container. I failed because no port was available for connection.

2. I should have configured a port in ./ssh/config, not for the VPS, but for the Docker container.

3. The username of Gitea is written in app.ini as “git”.

The correct configuration

docker-compose.yaml of the Docker Container

services:
  server:
    image: gitea/gitea:latest
    container_name: gitea
    environment:
      - USER_UID=1000
      - USER_GID=1000
    restart: always
    networks:
      - reverseproxy-nw
    volumes:
      - /home/ubuntu/apps/gitea/data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "<port number>:22" 
      # Port 22 is reserved for SSH connections.

networks:
  reverseproxy-nw:
    external: true

.ssh/config

Host git.msano.ovh
    HostName git.msano.ovh
    User git
    Port <port number>
    IdentityFile ~/.ssh/id_ed25519_git

Addition

I prefer to hide the port of the Docker Container for security reasons.

So, I ended up using an HTTPS connection instead of SSH, which meant I didn’t need to configure SSH at all !!