2021-08-13 10:15:41 +00:00
# Gitea Registration Proxy
2022-03-10 00:01:47 +00:00
Gitea servers have been targeted by a click farm employing human users to create accounts on any server with open registration. These accounts post SEO spam links on thier profiles and sometimes even create repositories.
2022-03-09 23:55:13 +00:00
2022-03-10 00:01:47 +00:00
![a screenshot of two spam accounts, "HarryStylesMerch" and "MacMillerMerchStore" ](spam1.png )
2022-03-09 23:55:13 +00:00
2022-03-10 00:01:47 +00:00
To combat spam, you can integrate this application with your gitea deployment.
2022-03-09 23:55:13 +00:00
2022-03-10 00:01:47 +00:00
On registration, users are challenged to enter an invite token before they will be allowed to create an account.
2022-03-09 23:55:13 +00:00
2022-03-10 00:01:47 +00:00
![a screenshot of the gitea new account registration form, including an "Invite Code" field at the end ](screenshot.png )
2022-03-09 23:55:13 +00:00
2022-03-10 00:01:47 +00:00
## Installation
2022-03-09 23:55:13 +00:00
2021-08-13 10:15:41 +00:00
2022-03-10 00:01:47 +00:00
This application only supports the `/user/sign_up` endpoint.
2021-08-13 10:15:41 +00:00
2022-03-10 00:01:47 +00:00
Therefore you must configure some sort of front-end reverse proxy server like nginx in order to use it, it can't be used as a front-end for gitea on its own.
2022-03-09 23:55:13 +00:00
- Come up with your own invite token
- It must be a string only containing alphanumeric characters and underscores
- Configure it by setting the `REGPROXY_INVITECODE` environment variable
- Configure this software by setting the `REGPROXY_GITEA` environment variable
- `REGPROXY_GITEA` should be your gitea server's http host and port (not https or a url)
2021-08-13 10:15:41 +00:00
- Run this software
2021-08-13 19:29:33 +00:00
- Tell Nginx to proxy the /user/sign_up path on the gitea domain to hit this software instead of gitea
2021-08-13 10:15:41 +00:00
```nginx
location /user/sign_up {
2021-08-13 19:29:33 +00:00
proxy_pass http://localhost:8080; # gitea registration proxy port
2021-08-13 10:15:41 +00:00
}
```
- ???
- Profit!?!? (without spam)