Gitea: Difference between revisions
From charlesreid1
| Line 70: | Line 70: | ||
(command sequence - add group, add users to group, change permissions, ls permissions) | (command sequence - add group, add users to group, change permissions, ls permissions) | ||
[[Category:Git]] | |||
[[Category:Programming]] | |||
[[Category:Go]] | |||
Revision as of 16:14, 21 March 2017
What is it?
Gitea is a self-hosted github-like web service, written in Go.
(insert screenshot here)
Main link: https://try.gitea.io/
Github project: https://github.com/go-gitea/gitea
Installing
To install it, you can use the binary.
I kept the gitea directory organized by putting the binary in its own folder, then separating out the certificates (for https/ssl), data (gitea's sqlite database), repositories (data for git repositories), and log (logging for gitea).
/path/to/www/gitea/ +--------- bin/ +--------- certs/ +--------- data/ +--------- repositories/ +--------- log/
To install it, you just navigate to the binary and run
$ ./gitea web
This runs a setup page on port 3000. Alternatively, you can use the admin command line interface to set things up securely, without exposing the (sensitive) setup page to anyone.
That's about it.
Gitea with HTTPS
You can run gitea over HTTPS. The gitea binary can generate self-signed certificates, or you can use an existing HTTPS certificate.
Using existing HTTPS certificate
I needed to have gitea over HTTPS using an existing certificate. I already had an HTTPS certificate, in the form of a private .key and a public .cert, but it was set up to be restricted to root only, and nginx and Apache are perfectly okay running as www-data and not being able to read the private key file (which is only readable by root). We're fine there.
But when I pointed to these files with soft links,
$ ln -fs /sslkeys/key.pem /www/gitea/cert/key.pem $ ln -fs /sslkeys/cert.pem /www/gitea/cert/key.pem
I was having some problems getting gitea to run. Gitea was raising a permissions error:
$ ./gitea web 2017/03/21 15:21:12 [T] Custom path: /www/gitea/bin/custom 2017/03/21 15:21:12 [T] Log path: /www/gitea/log 2017/03/21 15:21:12 [I] Gitea v1.0.1 2017/03/21 15:21:12 [I] Log Mode: File(Info) 2017/03/21 15:21:12 [I] Cache Service Enabled 2017/03/21 15:21:12 [I] Session Service Enabled 2017/03/21 15:21:12 [I] Git Version: 2.5.0 2017/03/21 15:21:12 [I] SQLite3 Supported 2017/03/21 15:21:12 [I] Run Mode: Production 2017/03/21 15:21:12 [I] Listen: https://0.0.0.0:3000 2017/03/21 15:21:12 [....io/gitea/cmd/web.go:632 runWeb()] [E] Fail to start server: open /www/gitea/certs/key.pem: permission denied
The solution was, the user that runs the Gitea web command also has to be able to read the private key file. Can just make the /sslkeys folder and contents group-readable to a new group ssl-group, and add any users that need access to the keys. Then add a git or gitea user, and run everything as the git user.
(command sequence - add group, add users to group, change permissions, ls permissions)