Three related bugs surfaced by the Gitea Setup wizard:
1. checkStatus probed /api/v1/version unauthenticated, which returns 403
under REQUIRE_SIGNIN_VIEW=true (Gitea's default). Result: giteaOnline
and installComplete always read false on any REQUIRE_SIGNIN_VIEW=true
install, producing a green "Setup Complete" banner over two red-X
foundational rows.
Fix: use /api/healthz (public, exempt from sign-in requirement).
Bonus: split installComplete from giteaOnline — online now honestly
means "process responding", installComplete means "admin user exists"
(verified either by DB flag or by Basic Auth probe on /user). Status
code is now logged on healthz failure for debuggability.
2. docs-history.service.ts read the API token from env only, bypassing
the DB. After the setup wizard wrote the token to siteSettings,
docs-history still saw env.GITEA_API_TOKEN empty and silently did
nothing. Same file also had a second /api/v1/version bug in
isAvailable().
Fix: route token lookup through giteaClient.getConfig() (DB-first,
env fallback — same pattern as the rest of the codebase). Switch
isAvailable() to /api/healthz.
3. UI banner confidently claimed "Gitea is not running" on any
non-200 response, including the 403 case above. Misleading, and
dangerous to point users at `docker compose up -d gitea` when the
container is already running.
Fix: softer "not reachable" copy that points users at the API log
for the actual status code.
Bunker Admin
bunker-admin
aba935c8ac