« Gitea » : différence entre les versions

De Banane Atomic
Aller à la navigationAller à la recherche
Ligne 4 : Ligne 4 :
<filebox fn='/etc/gitea/app.ini'>
<filebox fn='/etc/gitea/app.ini'>
[repository]
[repository]
;; Disable the ability to interact with repositories using the HTTP protocol
; Disable the ability to interact with repositories using the HTTP protocol
DISABLE_HTTP_GIT = true
DISABLE_HTTP_GIT = true


[service]
[service]
; Disable registration, after which only admin can create accounts for users
DISABLE_REGISTRATION = true
DISABLE_REGISTRATION = true
; Enable this to force users to log in to view any page or to use API
REQUIRE_SIGNIN_VIEW = true
REQUIRE_SIGNIN_VIEW = true



Version du 16 octobre 2023 à 20:42

Configuration

/etc/gitea/app.ini
[repository]
; Disable the ability to interact with repositories using the HTTP protocol
DISABLE_HTTP_GIT = true

[service]
; Disable registration, after which only admin can create accounts for users
DISABLE_REGISTRATION = true
; Enable this to force users to log in to view any page or to use API
REQUIRE_SIGNIN_VIEW = true

[log]
LEVEL = Error
ROOT_PATH = /var/log/gitea

SSH access

  1. login Gitea with the user you want to grant ssh access
  2. click on the avatar on the top right → Settings
  3. on the left select SSH / GPG Keys
  4. Manage SSH Keys → Add Key
  5. Add the public ssh key generated on your client ~/.ssh/id_rsa.pub

Ensure the SSH server is well configured

/etc/ssh/sshd_config
UsePAM yes
AllowUsers gitea
Gitea does not provide shell access with the gitea user.
So it is not possible to access a shell with a direct ssh connection, which is good regarding security.

Install on Ubuntu

Database Preparation

Mariadb.svg
create database gitea character set 'utf8mb4' collate 'utf8mb4_general_ci';
create user 'gitea'@'localhost' identified by '[PWD]';
grant all privileges on gitea.* to 'gitea'@'localhost';
flush privileges;

Installation from binary

Bash.svg
# create a user to run Gitea
sudo adduser --system --group --disabled-password --shell /bin/bash gitea

# create required directory structure
sudo mkdir -p /var/lib/gitea/{custom,data,log}
sudo chown -R gitea:gitea /var/lib/gitea/
sudo chmod -R 750 /var/lib/gitea/

sudo mkdir /etc/gitea
sudo chown root:gitea /etc/gitea
sudo chmod 770 /etc/gitea

sudo mkdir /var/log/gitea
sudo chown gitea:gitea /var/log/gitea
sudo chmod 750 /var/log/gitea

# install the binary
wget https://dl.gitea.com/gitea/1.20.5/gitea-1.20.5-linux-arm64 -O gitea
sudo mv gitea /usr/local/bin
sudo chown root:root /usr/local/bin/gitea
sudo chmod 755 /usr/local/bin/gitea

Run as service

/etc/systemd/system/gitea.service
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target

Wants=mariadb.service
After=mariadb.service

[Service]
Type=notify
WatchdogSec=30s
User=gitea
Group=gitea
WorkingDirectory=/var/lib/gitea/
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
Restart=always
RestartSec=2s
Environment=USER=gitea HOME=/home/gitea GITEA_WORK_DIR=/var/lib/gitea

[Install]
WantedBy=multi-user.target

Create an UFW application

Install

Bash.svg
sc-start gitea
  • Open http://<server-name>:3000 to create the configuration file /etc/gitea/app.ini
    • Change the log path to /var/log/gitea
Bash.svg
# once the installation is done, change the access right of the configuration file
sudo chmod 750 /etc/gitea
sudo chmod 640 /etc/gitea/app.ini

Errors

fatal: protocol error: bad line length character

There is a problem on the server running the git-receive-pack process. Run the following command to get the inner error:

Bash.svg
ssh gitea@[server] git-receive-pack [repo-path]

This account is currently not available

The user gitea doesn’t have shell.

Bash.svg
sudo usermod --shell /bin/bash gitea