Gitea
Gitea is a community managed fork of Gogs, lightweight code hosting solution written in Go and published under the MIT license.
Contents
Installation
Install the giteaAUR or gitea-gitAUR package.
Gitea requires the use of a database backend, the following are supported:
Running
HTTP_ADDR = 0.0.0.0 in /var/lib/gitea/custom/conf/app.ini.Start/enable gitea.service, the webinterface should listen on http://localhost:3000.
When running Gitea for the first time it should redirect to http://localhost:3000/install.
Configuration
/var/lib/gitea/custom/conf/app.ini on first install.The user configuration file should be located at /etc/gitea/app.ini. Do not edit the main configuration file (/var/lib/gitea/conf/app.ini), since this file is included in the binary and will be overwritten on each update. Instead copy (if not exists) /var/lib/gitea/conf/app.ini to /etc/gitea/app.ini.
Gitea application and repository data will be saved into /var/lib/gitea, however it is possible to set custom locations in /etc/gitea/app.ini.
Gitea relies on bash for operations like cloning in ssh; bash should therefore be the shell of the user running gitea.
MariaDB/MySQL
/var/run/mysqld/mysqld.sock as the listen address.The following is an example of setting up MariaDB:
$ mysql -u root -p
mysql> CREATE DATABASE `gitea` DEFAULT CHARACTER SET `utf8mb4` COLLATE `utf8mb4_general_ci`; mysql> CREATE USER `gitea`@'localhost' IDENTIFIED BY 'password'; mysql> GRANT ALL PRIVILEGES ON `gitea`.* TO `gitea`@`localhost`; mysql> \q
Try connecting to the new database with the new user:
$ mysql -u gitea -p -D gitea
Configure MariaDB on first run or by updating app.ini:
/etc/gitea/app.ini
DB_TYPE = mysql HOST = 127.0.0.1:3306 ; or /var/run/mysqld/mysqld.sock NAME = gitea USER = gitea PASSWD = password
Enable SSH Support
- Make sure SSH has been properly configured.
- Create the
giteagroup and user with/home/giteaas home directory:
# groupadd --system gitea # useradd --system -c 'Gitea' -g gitea -m -d /home/gitea -s /bin/bash gitea
- Set correct permissions:
# chown -R gitea:gitea /var/log/gitea # chown -R gitea:gitea /var/lib/gitea
- Update
app.inito the running SSH configuration:
/etc/gitea/app.ini
[server] ; Disable SSH feature when not available DISABLE_SSH = false ; Domain name to be exposed in clone URL SSH_DOMAIN = %(DOMAIN)s ; Port number to be exposed in clone URL SSH_PORT = 22 ; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'. SSH_ROOT_PATH = /home/gitea/.ssh
- Update the SSH configuration with
AuthorizedKeysFile .ssh/authorized_keysandAllowUsers gitea, e.g.:
/etc/ssh/sshd_config
Port 22 AuthorizedKeysFile .ssh/authorized_keys UseDNS no PermitUserEnvironment yes PermitRootLogin no PasswordAuthentication no PermitEmptyPasswords no AllowUsers archie gitea PubkeyAuthentication yes PrintMotd no Subsystem sftp /usr/lib/ssh/sftp-server
- Set correct SSH permissions
-
Restart
gitea.serviceandsshd.service - Generate a SSH key pair on the client (if non exists)
- Copy the contents of the (newly) generated
~/.ssh/id_rsa.pubto Add Key on the Your Settings, SSH Keys on the Gitea webinterface.
You should now be able to use SSH-authentication to manage the repositories, without entering an username/password.
Disable HTTP protocol
By default, the ability to interact with repositories by HTTP protocol is enabled.
You may want to disable HTTP-support if using SSH, by setting DISABLE_HTTP_GIT to true.
Advanced Configuration
See the Gogs FAQ's for more configuration examples.
Configure nginx as reverse proxy
An example of using nginx as reverse proxy including OpenSSL:
/etc/nginx/servers-available/git
# redirect to ssl
server {
listen 80;
listen [::]:80;
server_name git.domain.tld;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name git.domain.tld;
client_max_body_size 50M;
ssl_certificate ssl/cert.crt;
ssl_certificate_key ssl/cert.key;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Update the server section of app.ini:
/var/lib/gitea/custom/conf/app.ini
[server] PROTOCOL = http DOMAIN = git.domain.tld ROOT_URL = https://git.domain.tld/ HTTP_ADDR = 0.0.0.0 HTTP_PORT = 3000
app.ini.Finally update the cookie section - set COOKIE_SECURE to true.