Gitea

From charlesreid1

What is it?

Gitea is a self-hosted github-like web service, written in Go.

(insert screenshot here)

Main link: https://try.gitea.io/

Github project: https://github.com/go-gitea/gitea


Installing

To install it, you can use the binary.

I kept the gitea directory organized by putting the binary in its own folder, then separating out the certificates (for https/ssl), data (gitea's sqlite database), repositories (data for git repositories), and log (logging for gitea). 

/path/to/www/gitea/
+--------- bin/
+--------- certs/
+--------- data/
+--------- repositories/
+--------- log/

To install it, you just navigate to the binary and run 

$ ./gitea web

This runs a setup page on port 3000. Alternatively, you can use the admin command line interface to set things up securely, without exposing the (sensitive) setup page to anyone.

That's about it.

Gitea with HTTPS

You can run gitea over HTTPS. The gitea binary can generate self-signed certificates, or you can use an existing HTTPS certificate.

Using existing HTTPS certificate

I needed to have gitea over HTTPS using an existing certificate. I already had an HTTPS certificate, in the form of a private .key and a public .cert, but it was set up to be restricted to root only, and nginx and Apache are perfectly okay running as www-data and not being able to read the private key file (which is only readable by root). We're fine there.

But when I pointed to these files with soft links, 

$ ln -fs /sslkeys/key.pem /www/gitea/cert/key.pem
$ ln -fs /sslkeys/cert.pem /www/gitea/cert/key.pem

I was having some problems getting gitea to run. Gitea was raising a permissions error: 

$ ./gitea web
2017/03/21 15:21:12 [T] Custom path: /www/gitea/bin/custom
2017/03/21 15:21:12 [T] Log path: /www/gitea/log
2017/03/21 15:21:12 [I] Gitea v1.0.1
2017/03/21 15:21:12 [I] Log Mode: File(Info)
2017/03/21 15:21:12 [I] Cache Service Enabled
2017/03/21 15:21:12 [I] Session Service Enabled
2017/03/21 15:21:12 [I] Git Version: 2.5.0
2017/03/21 15:21:12 [I] SQLite3 Supported
2017/03/21 15:21:12 [I] Run Mode: Production
2017/03/21 15:21:12 [I] Listen: https://0.0.0.0:3000
2017/03/21 15:21:12 [....io/gitea/cmd/web.go:632 runWeb()] [E] Fail to start server: open /www/gitea/certs/key.pem: permission denied

The solution was, the user that runs the Gitea web command also has to be able to read the private key file. Can just make the /sslkeys folder and contents group-readable to a new group ssl-group, and add any users that need access to the keys. Then add a git or gitea user, and run everything as the git user.

(command sequence - add group, add users to group, change permissions, ls permissions)

Retrieved from "https://charlesreid1.com/w/index.php?title=Gitea&oldid=15242"