I have a windows server with pypiserver running as a schedule task and am accessing it via a reverse proxy.
- My pypi server is running as a scheduled task under user X.
- I have .htpasswd setup.
- The package directory and the pypi server config directory (.htpassed, start.bat, pypiserver.log) and the package directory have both been set to allow full control for user X. I have cert on the URL.
On the client machine:
- I have the .pypirc setup with credentials and pypi url
- I have the cert pem and installed in Trusted Root Certification Authorities\Certificates
- works and get "This is a PyPI compatible package index serving 0 packages."
When I try to upload a new package to the pypi server I am getting "Response from : 403 Forbidden"
twine upload --repository local dist/* --verbose
I see the same in my pypi server logs so it is making it through the reverse proxy.
2025-02-17 16:26:41,516|pypiserver._app|INFO|3888|<LocalRequest: POST http://localhost:8080/>
2025-02-17 16:26:41,516|pypiserver._app|INFO|3888|403 Forbidden
2025-02-17 16:26:41,516|pypiserver.main|INFO|3888|127.0.0.1 - - [17/Feb/2025 16:26:41] "POST / HTTP/1.1" 403 702
Thoughts?
I have a windows server with pypiserver running as a schedule task and am accessing it via a reverse proxy.
- My pypi server is running as a scheduled task under user X.
- I have .htpasswd setup.
- The package directory and the pypi server config directory (.htpassed, start.bat, pypiserver.log) and the package directory have both been set to allow full control for user X. I have cert on the URL.
On the client machine:
- I have the .pypirc setup with credentials and pypi url
- I have the cert pem and installed in Trusted Root Certification Authorities\Certificates
- https://myserver/pypi works and get "This is a PyPI compatible package index serving 0 packages."
When I try to upload a new package to the pypi server I am getting "Response from https://myserver/pypi: 403 Forbidden"
twine upload --repository local dist/* --verbose
I see the same in my pypi server logs so it is making it through the reverse proxy.
2025-02-17 16:26:41,516|pypiserver._app|INFO|3888|<LocalRequest: POST http://localhost:8080/>
2025-02-17 16:26:41,516|pypiserver._app|INFO|3888|403 Forbidden
2025-02-17 16:26:41,516|pypiserver.main|INFO|3888|127.0.0.1 - - [17/Feb/2025 16:26:41] "POST / HTTP/1.1" 403 702
Thoughts?
Share Improve this question asked Feb 18 at 0:29 Gina MaranoGina Marano 1,8035 gold badges23 silver badges47 bronze badges1 Answer
Reset to default 0Ok, the issue appears to be how I was starting the pypi server.
I've gone through many versions of this but in the end the directory name following -P must include .htpassed
pypi-server run -p 8080 d:\pypi_packages d:\pypi_packages -P d:\pypi_server\.htpasswd --log-file d:\pypi_server\pypiserver.log -vvv