« Gitea » : différence entre les versions

De Banane Atomic
Aller à la navigationAller à la recherche
Aucun résumé des modifications
 
(17 versions intermédiaires par le même utilisateur non affichées)
Ligne 1 : Ligne 1 :
= Configuration =
* [https://docs.gitea.com/administration/config-cheat-sheet Configuration Cheat Sheet]
* [https://github.com/go-gitea/gitea/blob/main/custom/conf/app.example.ini app.example.ini]
<filebox fn='/etc/gitea/app.ini'>
[repository]
; Disable the ability to interact with repositories using the HTTP protocol
DISABLE_HTTP_GIT = true
[service]
; Disable registration, after which only admin can create accounts for users
DISABLE_REGISTRATION = true
; Enable this to force users to log in to view any page or to use API
REQUIRE_SIGNIN_VIEW = true
[log]
LEVEL = Error
ROOT_PATH = /var/log/gitea
[mailer]
ENABLED      = true
FROM          = gitea@domain.net
PROTOCOL      = smtp
SMTP_ADDR    = localhost
SMTP_PORT    = 25
HELO_HOSTNAME = mail.domain.net  ; in case the hostname is not fully qualified and needed to be
</filebox>
== SSH access ==
# login Gitea with the user you want to grant ssh access
# click on the avatar on the top right → Settings
# on the left select SSH / GPG Keys
# Manage SSH Keys → Add Key
# Add the public ssh key generated on your client {{boxx|~/.ssh/id_rsa.pub}}
Ensure the SSH server is well configured
<filebox fn='/etc/ssh/sshd_config'>
UsePAM yes
AllowUsers gitea
</filebox>
{{info | Gitea does not provide shell access with the gitea user.<br>
So it is not possible to access a shell with a direct ssh connection, which is good regarding security.}}
= Install on Ubuntu =
= Install on Ubuntu =
== [https://docs.gitea.com/installation/database-prep#mysqlmariadb Database Preparation] ==
== [https://docs.gitea.com/installation/database-prep#mysqlmariadb Database Preparation] ==
Ligne 11 : Ligne 54 :
<kode lang='bash'>
<kode lang='bash'>
# create a user to run Gitea
# create a user to run Gitea
sudo adduser --system --group --disabled-password gitea
sudo adduser --system --group --disabled-password --shell /bin/bash gitea


# create required directory structure
# create required directory structure
Ligne 17 : Ligne 60 :
sudo chown -R gitea:gitea /var/lib/gitea/
sudo chown -R gitea:gitea /var/lib/gitea/
sudo chmod -R 750 /var/lib/gitea/
sudo chmod -R 750 /var/lib/gitea/
sudo mkdir /etc/gitea
sudo mkdir /etc/gitea
sudo chown root:gitea /etc/gitea
sudo chown root:gitea /etc/gitea
sudo chmod 770 /etc/gitea
sudo chmod 770 /etc/gitea


sudo mkdir /var/log/gitea
sudo chown gitea:gitea /var/log/gitea
sudo chmod 750 /var/log/gitea
# install the binary
wget https://dl.gitea.com/gitea/1.20.5/gitea-1.20.5-linux-arm64 -O gitea
wget https://dl.gitea.com/gitea/1.20.5/gitea-1.20.5-linux-arm64 -O gitea
sudo mv gitea /usr/local/bin
sudo mv gitea /usr/local/bin
Ligne 39 : Ligne 88 :
[Service]
[Service]
Type=notify
Type=notify
WatchdogSec=30s
User=gitea
User=gitea
Group=gitea
Group=gitea
Ligne 46 : Ligne 96 :
RestartSec=2s
RestartSec=2s
Environment=USER=gitea HOME=/home/gitea GITEA_WORK_DIR=/var/lib/gitea
Environment=USER=gitea HOME=/home/gitea GITEA_WORK_DIR=/var/lib/gitea
WatchdogSec=30s


[Install]
[Install]
Ligne 59 : Ligne 108 :
</kode>
</kode>


{{info | Open {{boxx|<nowiki>http://<server-name>:3000</nowiki>}}}}
* Open {{boxx|<nowiki>http://<server-name>:3000</nowiki>}} to create the configuration file {{boxx|/etc/gitea/app.ini}}
** Change the log path to {{boxx|/var/log/gitea}}
 
<kode lang='bash'>
# once the installation is done, change the access right of the configuration file
sudo chmod 750 /etc/gitea
sudo chmod 640 /etc/gitea/app.ini
</kode>
 
= Errors =
== [https://stackoverflow.com/questions/8170436/git-remote-error-fatal-protocol-error-bad-line-length-character-unab fatal: protocol error: bad line length character] ==
There is a problem on the server running the git-receive-pack process. Run the following command to get the inner error:
<kode lang='bash'>
ssh gitea@[server] git-receive-pack [repo-path]
</kode>
 
== This account is currently not available ==
The user gitea doesn’t have shell.
<kode lang='bash'>
sudo usermod --shell /bin/bash gitea
</kode>

Dernière version du 18 octobre 2023 à 20:08

Configuration

/etc/gitea/app.ini
[repository]
; Disable the ability to interact with repositories using the HTTP protocol
DISABLE_HTTP_GIT = true

[service]
; Disable registration, after which only admin can create accounts for users
DISABLE_REGISTRATION = true
; Enable this to force users to log in to view any page or to use API
REQUIRE_SIGNIN_VIEW = true

[log]
LEVEL = Error
ROOT_PATH = /var/log/gitea

[mailer]
ENABLED       = true
FROM          = gitea@domain.net
PROTOCOL      = smtp
SMTP_ADDR     = localhost
SMTP_PORT     = 25
HELO_HOSTNAME = mail.domain.net  ; in case the hostname is not fully qualified and needed to be

SSH access

  1. login Gitea with the user you want to grant ssh access
  2. click on the avatar on the top right → Settings
  3. on the left select SSH / GPG Keys
  4. Manage SSH Keys → Add Key
  5. Add the public ssh key generated on your client ~/.ssh/id_rsa.pub

Ensure the SSH server is well configured

/etc/ssh/sshd_config
UsePAM yes
AllowUsers gitea
Gitea does not provide shell access with the gitea user.
So it is not possible to access a shell with a direct ssh connection, which is good regarding security.

Install on Ubuntu

Database Preparation

Mariadb.svg
create database gitea character set 'utf8mb4' collate 'utf8mb4_general_ci';
create user 'gitea'@'localhost' identified by '[PWD]';
grant all privileges on gitea.* to 'gitea'@'localhost';
flush privileges;

Installation from binary

Bash.svg
# create a user to run Gitea
sudo adduser --system --group --disabled-password --shell /bin/bash gitea

# create required directory structure
sudo mkdir -p /var/lib/gitea/{custom,data,log}
sudo chown -R gitea:gitea /var/lib/gitea/
sudo chmod -R 750 /var/lib/gitea/

sudo mkdir /etc/gitea
sudo chown root:gitea /etc/gitea
sudo chmod 770 /etc/gitea

sudo mkdir /var/log/gitea
sudo chown gitea:gitea /var/log/gitea
sudo chmod 750 /var/log/gitea

# install the binary
wget https://dl.gitea.com/gitea/1.20.5/gitea-1.20.5-linux-arm64 -O gitea
sudo mv gitea /usr/local/bin
sudo chown root:root /usr/local/bin/gitea
sudo chmod 755 /usr/local/bin/gitea

Run as service

/etc/systemd/system/gitea.service
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target

Wants=mariadb.service
After=mariadb.service

[Service]
Type=notify
WatchdogSec=30s
User=gitea
Group=gitea
WorkingDirectory=/var/lib/gitea/
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
Restart=always
RestartSec=2s
Environment=USER=gitea HOME=/home/gitea GITEA_WORK_DIR=/var/lib/gitea

[Install]
WantedBy=multi-user.target

Create an UFW application

Install

Bash.svg
sc-start gitea
  • Open http://<server-name>:3000 to create the configuration file /etc/gitea/app.ini
    • Change the log path to /var/log/gitea
Bash.svg
# once the installation is done, change the access right of the configuration file
sudo chmod 750 /etc/gitea
sudo chmod 640 /etc/gitea/app.ini

Errors

fatal: protocol error: bad line length character

There is a problem on the server running the git-receive-pack process. Run the following command to get the inner error:

Bash.svg
ssh gitea@[server] git-receive-pack [repo-path]

This account is currently not available

The user gitea doesn’t have shell.

Bash.svg
sudo usermod --shell /bin/bash gitea