Gitea

Updated 30 September 2020

Gitea

Contents

Introduction

Gitea is an own host service for Git repositories, a fork of Gogs. It is a lightweight system for collaborative development with Git. It is written in Go and needs low resource.

Configuring a LXC container

We recommend installing Gitea in a dedicated container. Please refer to the manual to set it up.

Installing and configuring PostgreSQL

Install and configure PostgreSQL, as explained in the manual. Replace dbtest with gitea and test with the gitea user.

Installing Gitea software

Install Gitea:

emerge -a www-apps/gitea

Gitea configuration

Configure Gitea for gitea.example.org, with IP 1.2.3.4

/etc/gitea/app.ini
...
[server]
; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'.
PROTOCOL = http
DOMAIN = gitea.example.org
ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
; when STATIC_URL_PREFIX is empty it will follow ROOT_URL
STATIC_URL_PREFIX =
; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
HTTP_ADDR = 1.2.3.4
; The port to listen on. Leave empty when using a unix socket.
HTTP_PORT = 80
...
[database]
; Database to use. Either "mysql", "postgres", "mssql" or "sqlite3".
DB_TYPE = postgres
HOST = 127.0.0.1:5432
NAME = gitea
USER = gitea
; Use PASSWD = `your password` for quoting if you use special characters in the password.
PASSWD = `secret`
...
; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
SECRET_KEY = `newsecret`
; The minimum password length for new Users
MIN_PASSWORD_LENGTH = 8

HTTPS configuration

Getting Let's Encrypt certificate

Get the domain certificate for gitea.example.org as described in the manual and put the key and the certificate to /etc/ssl/gitea/key.pem and /etc/ssl/gitea/cert.pem+ respectively.

Specify the HTTPS parameters.

Configure Gitea HTTPS for gitea.example.org.

/etc/gitea/app.ini
...
[server]
PROTOCOL = https
DOMAIN = gitea.example.org
ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
; when STATIC_URL_PREFIX is empty it will follow ROOT_URL
STATIC_URL_PREFIX =
; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
HTTP_ADDR = 1.2.3.4
; The port to listen on. Leave empty when using a unix socket.
HTTP_PORT = 443
; If REDIRECT_OTHER_PORT is true, and PROTOCOL is set to https an http server
; will be started on PORT_TO_REDIRECT and it will redirect plain, non-secure http requests to the main
; ROOT_URL.  Defaults are false for REDIRECT_OTHER_PORT and 80 for
; PORT_TO_REDIRECT.
REDIRECT_OTHER_PORT = true
PORT_TO_REDIRECT = 80

; Generate steps:
; $ ./gitea cert -ca=true -duration=8760h0m0s -host=myhost.example.com
;
; Or from a .pfx file exported from the Windows certificate store (do
; not forget to export the private key):
; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
; Paths are relative to CUSTOM_PATH
CERT_FILE = /etc/ssl/gitea/cert.pem
KEY_FILE = /etc/ssl/gitea/key.pem

Start Gitea

Now start Gitea:

/etc/init.d/gitea start

Add it to autostart:

rc-update add gitea

Open http://gitea.example.org/install in your Web browser and complete your Gitea configuration.

Enabling access to public repositories via the Git protocol

Specify the Gitea repo directory for the Git daemon, /var/lib/gitea/gitea-repositories:

/etc/conf.d/git-dameon
# conf.d file for git-daemon
#
# Please check man 1 git-daemon for more information about the options
# git-daemon accepts. You MUST edit this to include your repositories you wish
# to serve.
#
# Some of the meaningful options are:
#   --syslog      --- Enables syslog logging
#   --verbose     --- Enables verbose logging
#   --export-all  --- Exports all repositories
#   --port=XXXX   --- Starts in port XXXX instead of 9418
#
GITDAEMON_OPTS="--syslog --base-path=/var/lib/gitea/gitea-repositories"

# To run an anonymous git safely, the following user should be able to only
# read your Git repositories. It should not be able to write to anywhere on
# your system, esp. not the repositories.
GIT_USER="git"
GIT_GROUP="git"

Start the Git daemon:

/etc/init.d/gitea start

Add the Git daemon to autostart:

rc-update add gitea

TheGit daemon only exports the repositories marked with git-daemon-export-ok. Gitea creates it automatically for all public repositories.

Warning

Make sure you understand that enabling --export-allwill make all repositories, whether public or private, available via Git.

Installing Memcached

Install Memcached:

emerge -a net-misc/memcached

Tell Memcached to use a loopback interface and set its memory usage limit at 512:

/etc/conf.d/memcached
# memcached config file

MEMCACHED_BINARY="/usr/bin/memcached"

# Specify memory usage in megabytes (do not use letters)
# 64MB is default
MEMUSAGE="512"

# User to run as
MEMCACHED_RUNAS="memcached"

# Specify maximum number of concurrent connections
# 1024 is default
MAXCONN="1024"

# Listen for connections on what address?
# If this is empty, memcached will listen on 0.0.0.0
# be sure you have a firewall in place!
LISTENON="127.0.0.1"

# Listen for connections on what port?
PORT="11211"

Lauch the Memcached service:

/etc/init.d/memcached start

Add Memcached to autostart:

rc-update add memcached

Enable Memcached for Gitea:

/etc/gitea/app.ini
[cache]
; if the cache enabled
ENABLED  = true
; Either "memory", "redis", or "memcache", default is "memory"
ADAPTER  = memcache
; For "memory" only, GC interval in seconds, default is 60
INTERVAL = 60
; For "redis" and "memcache", connection host address
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
; memcache: `127.0.0.1:11211`
HOST = `127.0.0.1:11211`
; Time to keep items in cache if not used, default is 16 hours.
; Setting it to 0 disables caching
ITEM_TTL = 16h

Restart Gitea:

/etc/init.d/gitea restart

Update

Update the gitea package:

emerge -u www-apps/gitea

Restart Gitea:

/etc/init.d/gitea restart