« Gitea » : différence entre les versions

De Banane Atomic
Aller à la navigationAller à la recherche
 
(8 versions intermédiaires par le même utilisateur non affichées)
Ligne 1 : Ligne 1 :
= Configuration =
= Configuration =
* [https://docs.gitea.com/administration/config-cheat-sheet Configuration Cheat Sheet]
* [https://github.com/go-gitea/gitea/blob/main/custom/conf/app.example.ini app.example.ini]
<filebox fn='/etc/gitea/app.ini'>
[repository]
; Disable the ability to interact with repositories using the HTTP protocol
DISABLE_HTTP_GIT = true
[service]
; Disable registration, after which only admin can create accounts for users
DISABLE_REGISTRATION = true
; Enable this to force users to log in to view any page or to use API
REQUIRE_SIGNIN_VIEW = true
[log]
LEVEL = Error
ROOT_PATH = /var/log/gitea
[mailer]
ENABLED      = true
FROM          = gitea@domain.net
PROTOCOL      = smtp
SMTP_ADDR    = localhost
SMTP_PORT    = 25
HELO_HOSTNAME = mail.domain.net  ; in case the hostname is not fully qualified and needed to be
</filebox>
== SSH access ==
== SSH access ==
# login Gitea with the user you want to grant ssh access
# login Gitea with the user you want to grant ssh access
Ligne 12 : Ligne 38 :
AllowUsers gitea
AllowUsers gitea
</filebox>
</filebox>
{{info | Gitea does not provide shell access with the gitea user.<br>
So it is not possible to access a shell with a direct ssh connection, which is good regarding security.}}


= Install on Ubuntu =
= Install on Ubuntu =
Ligne 81 : Ligne 110 :
* Open {{boxx|<nowiki>http://<server-name>:3000</nowiki>}} to create the configuration file {{boxx|/etc/gitea/app.ini}}
* Open {{boxx|<nowiki>http://<server-name>:3000</nowiki>}} to create the configuration file {{boxx|/etc/gitea/app.ini}}
** Change the log path to {{boxx|/var/log/gitea}}
** Change the log path to {{boxx|/var/log/gitea}}
<kode lang='bash'>
# once the installation is done, change the access right of the configuration file
sudo chmod 750 /etc/gitea
sudo chmod 640 /etc/gitea/app.ini
</kode>


= Errors =
= Errors =

Dernière version du 18 octobre 2023 à 20:08

Configuration

/etc/gitea/app.ini
[repository]
; Disable the ability to interact with repositories using the HTTP protocol
DISABLE_HTTP_GIT = true

[service]
; Disable registration, after which only admin can create accounts for users
DISABLE_REGISTRATION = true
; Enable this to force users to log in to view any page or to use API
REQUIRE_SIGNIN_VIEW = true

[log]
LEVEL = Error
ROOT_PATH = /var/log/gitea

[mailer]
ENABLED       = true
FROM          = gitea@domain.net
PROTOCOL      = smtp
SMTP_ADDR     = localhost
SMTP_PORT     = 25
HELO_HOSTNAME = mail.domain.net  ; in case the hostname is not fully qualified and needed to be

SSH access

  1. login Gitea with the user you want to grant ssh access
  2. click on the avatar on the top right → Settings
  3. on the left select SSH / GPG Keys
  4. Manage SSH Keys → Add Key
  5. Add the public ssh key generated on your client ~/.ssh/id_rsa.pub

Ensure the SSH server is well configured

/etc/ssh/sshd_config
UsePAM yes
AllowUsers gitea
Gitea does not provide shell access with the gitea user.
So it is not possible to access a shell with a direct ssh connection, which is good regarding security.

Install on Ubuntu

Database Preparation

Mariadb.svg
create database gitea character set 'utf8mb4' collate 'utf8mb4_general_ci';
create user 'gitea'@'localhost' identified by '[PWD]';
grant all privileges on gitea.* to 'gitea'@'localhost';
flush privileges;

Installation from binary

Bash.svg
# create a user to run Gitea
sudo adduser --system --group --disabled-password --shell /bin/bash gitea

# create required directory structure
sudo mkdir -p /var/lib/gitea/{custom,data,log}
sudo chown -R gitea:gitea /var/lib/gitea/
sudo chmod -R 750 /var/lib/gitea/

sudo mkdir /etc/gitea
sudo chown root:gitea /etc/gitea
sudo chmod 770 /etc/gitea

sudo mkdir /var/log/gitea
sudo chown gitea:gitea /var/log/gitea
sudo chmod 750 /var/log/gitea

# install the binary
wget https://dl.gitea.com/gitea/1.20.5/gitea-1.20.5-linux-arm64 -O gitea
sudo mv gitea /usr/local/bin
sudo chown root:root /usr/local/bin/gitea
sudo chmod 755 /usr/local/bin/gitea

Run as service

/etc/systemd/system/gitea.service
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target

Wants=mariadb.service
After=mariadb.service

[Service]
Type=notify
WatchdogSec=30s
User=gitea
Group=gitea
WorkingDirectory=/var/lib/gitea/
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
Restart=always
RestartSec=2s
Environment=USER=gitea HOME=/home/gitea GITEA_WORK_DIR=/var/lib/gitea

[Install]
WantedBy=multi-user.target

Create an UFW application

Install

Bash.svg
sc-start gitea
  • Open http://<server-name>:3000 to create the configuration file /etc/gitea/app.ini
    • Change the log path to /var/log/gitea
Bash.svg
# once the installation is done, change the access right of the configuration file
sudo chmod 750 /etc/gitea
sudo chmod 640 /etc/gitea/app.ini

Errors

fatal: protocol error: bad line length character

There is a problem on the server running the git-receive-pack process. Run the following command to get the inner error:

Bash.svg
ssh gitea@[server] git-receive-pack [repo-path]

This account is currently not available

The user gitea doesn’t have shell.

Bash.svg
sudo usermod --shell /bin/bash gitea