mar
/
sysadmin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
How to set up/manage services on a computer
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
179 KiB
 
Tree: 3b75c73b9d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3b75c73b9d'
${ noResults }
sysadmin/gitea/Build.md

5.2 KiB
Raw Blame History

medusa gitea install

config container

mounts

add user:

usr=git
uid=60000
addgroup --gid ${uid:?} ${usr:?}
adduser --uid ${uid:?} --ingroup ${usr:?} ${usr:?} --disabled-password --gecos "Gitea Server" --shell /usr/sbin/nologin

create directory to be mounted:

mkdir /srv/gitea
chown git:git /srv/gitea

exit and add mount to container:

exit
cd /srv/lxd/mount/
mkdir -p gitea/{database,repos,lfs}
chown -R lxdfiles:lxdfiles gitea
lxc config device add gitea files disk source=/srv/lxd/mount/gitea path=/srv/gitea
lxc config set gitea raw.idmap 'both 60000 60000'
lxc restart gitea
lxc exec gitea bash

postgresql

apt install postgresql postgresql-doc

log in to postgres user and make same config changes as for nextcloud:

su - postgres

/etc/postgresql/10/main/pg_hba.conf:

# Database administrative login by Unix domain socket
local   all             postgres                                peer

# Allow connection to Unix domain socket without authentication
local   all             gtadmin                                 trust

create SQL role:

psql
CREATE USER gtadmin;
CREATE DATABASE gitea WITH OWNER gtadmin TEMPLATE template0 ENCODING UTF8 LC_COLLATE 'en_US.UTF-8' LC_CTYPE 'en_US.UTF-8';
\q
exit

install gitea

download binary:

wget gitea https://dl.gitea.io/gitea/1.11.4/gitea-1.11.4-linux-amd64
wget gitea https://dl.gitea.io/gitea/1.11.4/gitea-1.11.4-linux-amd64.asc
gpg --keyserver pgp.mit.edu --recv 7C9E68152594688862D62AF62D9AE806EC1592E2
gpg --verify gitea-1.11.4-linux-amd64.asc gitea-1.11.4-linux-amd64

create required directories:

mkdir -p /var/lib/gitea/{custom,data,log}
chown -R git:git /var/lib/gitea/
chmod -R 750 /var/lib/gitea/
mkdir /etc/gitea

move to bin dir:

mv gitea-1.11.4-linux-amd64 /usr/local/bin/gitea
chmod +x /usr/local/bin/gitea

configure gitea

make /etc/gitea/app.ini config file:

APP_NAME = Gitea: Git with a cup of tea
RUN_USER = git
RUN_MODE = prod

[oauth2]
JWT_SECRET = ${jwt_secret_1:?}

[security]
INTERNAL_TOKEN = ${internal_token:?}
INSTALL_LOCK   = true
SECRET_KEY     = ${secret_key:?}

[database]
DB_TYPE  = postgres
HOST     = /var/run/postgresql
NAME     = gitea
USER     = gtadmin
PASSWD   =
SSL_MODE = disable
CHARSET  = utf8
PATH     = /var/lib/gitea/data/gitea.db

[repository]
ROOT = /srv/gitea/repos

[server]
SSH_DOMAIN       = localhost
DOMAIN           = localhost
HTTP_PORT        = 3000
ROOT_URL         = http://medusa.casa.alemor.org/git/
DISABLE_SSH      = true
LFS_START_SERVER = true
LFS_CONTENT_PATH = /srv/gitea/lfs
LFS_JWT_SECRET   = ${jwt_secret_2:?}
OFFLINE_MODE     = true

[mailer]
ENABLED = false

[service]
REGISTER_EMAIL_CONFIRM            = false
ENABLE_NOTIFY_MAIL                = false
DISABLE_REGISTRATION              = true
ALLOW_ONLY_EXTERNAL_REGISTRATION  = false
ENABLE_CAPTCHA                    = false
REQUIRE_SIGNIN_VIEW               = false
DEFAULT_KEEP_EMAIL_PRIVATE        = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = false
DEFAULT_ENABLE_TIMETRACKING       = true
NO_REPLY_ADDRESS                  = noreply.localhost

[picture]
DISABLE_GRAVATAR        = true
ENABLE_FEDERATED_AVATAR = false

[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = false

[session]
PROVIDER = file

[log]
MODE      = file
LEVEL     = info
ROOT_PATH = /var/lib/gitea/log

where:

  • JWT secrets are generated by gitea generate secret JWT_SECRET
  • internal tokens are generated by gitea generate secret INTERNAL_TOKEN
  • secret keys are generated by gitea generate secret SECRET_KEY

create service

create the file /etc/systemd/system/gitea.service:

[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
Requires=postgresql.service

[Service]
# Modify these two values and uncomment them if you have
# repos with lots of files and get an HTTP error 500 because
# of that
###
#LimitMEMLOCK=infinity
#LimitNOFILE=65535
RestartSec=2s
Type=simple
User=git
Group=git
WorkingDirectory=/var/lib/gitea/
# If using Unix socket: tells systemd to create the /run/gitea folder, which will contain the gitea.sock file
# (manually creating /run/gitea doesn't work, because it would not persist across reboots)
#RuntimeDirectory=gitea
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
Restart=always
Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
# If you want to bind Gitea to a port below 1024, uncomment
# the two values below, or use socket activation to pass Gitea its ports as above
###
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
#AmbientCapabilities=CAP_NET_BIND_SERVICE
###

[Install]
WantedBy=multi-user.target

run webinstall

enable and start the service

systemctl enable gitea
systemctl start gitea

make haproxy conf

<frontend>
        # Send to gitea if location /gitea/
        http-request redirect location /git/ if { path /git }
        use_backend gitea if { path_beg /git/ }

backend gitea
        mode http
        # WARNING: due to limitations in the config parser, the characters ")","]", or "," are not allowed in any regular expression
        http-request set-path "%[path,regsub(^/git/,/)]"
        server gt-1 gitea.lxd:3000

make dbdump script

same as for nextcloud

put in git's cron:

crontab -u git -e