Gitea¶
Installation¶
Créer le sous-domaine gitea:¶
Dans Plesk:
Sites Web et Domaines -> Ajouter un sous-domaine:
- Nom du sous-domaine: gitea.maboiteverte.fr
- Racine du document: gitea.maboiteverte.fr
- Cocher Protéger le domaine avec Let's Encrypt
Sites Web et Domaines -> gitea.maboiteverte.fr -> Paramètres d'Apache et de Nginx -> Directives supplémentaires pour HTTPS :
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
AllowEncodedSlashes NoDecode
ServerName gitea.maboiteverte.fr
ProxyPreserveHost On
ProxyRequests off
# Note: no trailing slash after either /git or port
ProxyPass / http://localhost:3000/ nocanon
ProxyPassReverse / http://localhost:3000/
Créer un base MySQL dans le sous-domaine Gitea:¶
bdd: admin_gitea user/pwd: adm_gitea / 2X5$7isg
Régler les variables globales comme suit:¶
- innodb_default_row_format=dynamic
- innodb_file_format=Barracuda
- innodb_large_prefix=1
sinon on obtiendra l'erreur MySql/MariaDB: issue: Error 1709: Index column size too large. The maximum column size is 767 bytes.
Ajouter les fichiers de config MySQL:
$ nano /etc/mysql/mariadb.conf.d/gitea.cnf
[mysqld]
innodb_default_row_format=dynamic
$ nano /etc/mysql/mariadb.conf.d/nextcloud.cnf
[mysqld]
innodb_large_prefix=true
innodb_file_format=barracuda
innodb_file_per_table=1
Sinon en ligne de commande (#root):
SET GLOBAL innodb_default_row_format=dynamic;
Pour voir les variables:
SHOW VARIABLES LIKE 'innodb_%'
Redémarrer MySQL:
$ systemctl restart mariadb
Créer un user git:¶
adduser \
--system \
--shell /bin/bash \
--gecos 'Git Version Control' \
--group \
--disabled-password \
--home /home/git \
git
Télécharger Gitea:¶
VERSION=1.14.4
sudo wget -O /tmp/gitea https://dl.gitea.io/gitea/${VERSION}/gitea-${VERSION}-linux-amd64
et l'installer:¶
$ sudo mv /tmp/gitea /usr/local/bin
$ sudo chmod +x /usr/local/bin/gitea
Créer les répertoires et régler les permissions:¶
$ mkdir -p /var/lib/gitea/{custom,data,log}
$ chown -R git:git /var/lib/gitea/
$ chmod -R 750 /var/lib/gitea/
$ mkdir /etc/gitea
$ chown root:git /etc/gitea
$ chmod 770 /etc/gitea
Créer le service Gitea:¶
$ sudo nano /etc/systemd/system/gitea.service
https://github.com/go-gitea/gitea/blob/master/contrib/systemd/gitea.service
ou télécharger celui de Gitea:
$ sudo wget https://raw.githubusercontent.com/go-gitea/gitea/master/contrib/systemd/gitea.service -P /etc/systemd/system/
Démarrer le service Gitea:¶
$ sudo systemctl daemon-reload
$ sudo systemctl enable --now gitea
Vérifier son état:¶
$ systemctl status gitea.service
● gitea.service - Gitea
Loaded: loaded (/etc/systemd/system/gitea.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2020-05-09 07:20:30 CEST; 3h 7min ago
Main PID: 2394 (gitea)
Tasks: 8 (limit: 1099)
CGroup: /system.slice/gitea.service
└─2394 /usr/local/bin/gitea web -c /etc/gitea/app.ini
Confirmer:
$ gitea --version
Gitea version 1.11.4 built with GNU Make 4.1, go1.13.9 : bindata, sqlite, sqlite_unlock_notify
Ouvrir http://YOUR_DOMAIN_IR_IP:3000 dans le navigateur:¶
Database Settings:¶
- Database Type: MySQL
- Host: 127.0.0.1:3306
- Username: adm_gitea
- Password: xxx
- Database Name: admin_gitea
- utf8_general_ci
Applications General Settings:¶
- Site Title: Enter your organization name.
- Repository Root Path: Leave the default /home/git/gitea-repositories.
- Git LFS Root Path: Leave the default /var/lib/gitea/data/lfs.
- Run As Username: git
- SSH Server Domain: gitea.maboiteverte.fr
- SSH Port: 22, change it if SSH is listening on other Port
- Gitea HTTP Listen Port: 3000
- Gitea Base URL: https://gitea.maboiteverte.fr
- Log Path: Leave the default /var/lib/gitea/log
Server and other services settings:¶
cocher:
- Disable Self-registration
- Enable Require Sign in to view pages
Admin Account Settings:¶
on crée un compte administrateur pour Gitea.
Sécuriser le fichier de config:¶
$ sudo chmod 750 /etc/gitea
$ sudo chmod 640 /etc/gitea/app.ini
Configurer les notifications emails:
$sudo nano /etc/gitea/app.ini
# Ajouter:
[mailer]
ENABLED = true
HOST = ssl0.ovh.net:465
FROM = bruno@clicclac.info
USER = bruno@clicclac.info
PASSWD = xxx
Fichier de config app.ini:¶
APP_NAME = Gitea: Git with a cup of tea
RUN_USER = git
RUN_MODE = prod
[oauth2]
JWT_SECRET = pR6yqgc-yBWVDDH83xZknCKmm6OkOYe1-lQF6w4QZCM
[security]
INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1ODkwMzkxMDF9.0ndONUH1YHloYbEJjuMEuOfvmHaQ86xigzQWv8E0BZY
INSTALL_LOCK = true
SECRET_KEY = vD6g09GpvXk0iuM6U1uwcFc2fm5xykkLvYmib88Er7OZOwlSMdp1MjrmNkot6KZz
[database]
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = admin_gitea
USER = adm_gitea
PASSWD = 2X5$7isg
SSL_MODE = disable
CHARSET = utf8mb4
PATH = /var/lib/gitea/data/gitea.db
[repository]
ROOT = /home/git/gitea-repositories
[server]
SSH_DOMAIN = gitea.maboiteverte.fr
DOMAIN = gitea.maboiteverte.fr
HTTP_PORT = 3000
ROOT_URL = https://gitea.maboiteverte.fr:3000/
DISABLE_SSH = false
SSH_PORT = 22
LFS_START_SERVER = true
LFS_CONTENT_PATH = /var/lib/gitea/data/lfs
LFS_JWT_SECRET = it_832yGFx-X9yLKg2otEiG7qyNa12p3C7S8VZbRVeM
OFFLINE_MODE = false
[mailer]
ENABLED = true
HOST = ssl0.ovh.net:465
FROM = bruno@clicclac.info
USER = bruno@clicclac.info
PASSWD = dt7ek7wA6
[service]
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
DISABLE_REGISTRATION = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
REQUIRE_SIGNIN_VIEW = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.maboiteberte.fr
[picture]
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = true
[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true
[session]
PROVIDER = file
[log]
MODE = file
LEVEL = info
ROOT_PATH = /var/lib/gitea/log
Redémarrer Gitea:
$ sudo systemctl restart gitea
Mettre à jour Gitea:¶
Arrêter le service:
$ sudo systemctl stop gitea
Télécharger la dernière version:
VERSION=<THE_LATEST_GITEA_VERSION>
wget -O /tmp/gitea https://dl.gitea.io/gitea/${VERSION}/gitea-${VERSION}-linux-amd64
sudo mv /tmp/gitea /usr/local/bin
sudo chmod +x /usr/local/bin/gitea
Redémarrer le service:
$ sudo systemctl restart gitea
Configurer SSL pour le sous-domaine pour Gitea:
Avoir un sous-domaine pour Gitea https://gitea.maboiteverte.fr
DOMAIN=gitea.maboiteverte.fr
[server]
PROTOCOL=https
ENABLE_LETSENCRYPT=true
LETSENCRYPT_ACCEPTTOS=true
LETSENCRYPT_DIRECTORY=https
LETSENCRYPT_EMAIL=bruno@clicclac.info
cd /etc/gitea
mkdir keys
chown root:git keys/
root@localhost:/opt/psa/var/modules/letsencrypt/etc/live/gitea.maboiteverte.fr# cp privkey.pem /etc/gitea/keys/privkey.pem
root@localhost:/opt/psa/var/modules/letsencrypt/etc/live/gitea.maboiteverte.fr# cp fullchain.pem /etc/gitea/keys/fullchain.pem
chown -R root:git /etc/gitea/keys
Certifcats pour le domaine gitea.maboiteverte.fr
/opt/psa/var/modules/sslit/etc/live/gitea.maboiteverte.fr/cert.pem
/opt/psa/var/modules/sslit/etc/live/gitea.maboiteverte.fr/chain.pem
/opt/psa/var/modules/sslit/etc/live/gitea.maboiteverte.fr/fullchain.pem
/opt/psa/var/modules/sslit/etc/live/gitea.maboiteverte.fr/privkey.pem
/opt/psa/var/modules/letsencrypt/etc/live/gitea.maboiteverte.fr/cert.pem
/opt/psa/var/modules/letsencrypt/etc/live/gitea.maboiteverte.fr/chain.pem
/opt/psa/var/modules/letsencrypt/etc/live/gitea.maboiteverte.fr/fullchain.pem
/opt/psa/var/modules/letsencrypt/etc/live/gitea.maboiteverte.fr/privkey.pem
This directory contains your keys and certificates.
privkey.pem : the private key for your certificate.
fullchain.pem: the certificate file used in most server software.
chain.pem : used for OCSP stapling in Nginx >=1.3.7.
cert.pem : will break many server configurations, and should not be used without reading further documentation (see link below).
We recommend not moving these files. For more information, see the Certbot User Guide at https://certbot.eff.org/docs/using.html#where-are-my-certificates .
A ajouter à l'app.ini
SSLCertificateFile /opt/psa/var/modules/letsencrypt/etc/live/gitea.maboiteverte.fr/cert.pem
SSLCertificateKeyFile /opt/psa/var/modules/letsencrypt/etc/live/gitea.maboiteverte.fr/privkey.pem
SSLCertificateChainFile /opt/psa/var/modules/letsencrypt/etc/live/gitea.maboiteverte.fr/chain.pem
# /opt/psa/var/modules/letsencrypt/etc/live/gitea.maboiteverte.fr/fullchain.pem
Dépots¶
#ssh: git@gitea.maboiteverte.fr:bruno/yuzu-child_mbv.git
#https: https://gitea.maboiteverte.fr:3000/bruno/yuzu-child_mbv.git
git remote add gitea https://gitea.maboiteverte.fr:3000/bruno/yuzu-child_mbv.git
git remote add gitea git@gitea.maboiteverte.fr:bruno/yuzu-child_mbv.git
git push -u gitea master
Sécuriser Gitea:¶
sudo chmod 750 /etc/gitea
sudo chmod 640 /etc/gitea/app.ini
Empêcher l'indexation des pages de Gitea:¶
root@localhost:/etc/gitea# mkdir custom
root@localhost:/etc/gitea# cd custom/
root@localhost:/etc/gitea/custom# nano robots.txt
# Ajouter les deux lignes suivantes pour interdire l'indexation des pages du site :
User-agent: *
Disallow: /
root@localhost:/etc/gitea/custom# cd ..
root@localhost:/etc/gitea# chown -R root:git custom/
sudo service gitea restart
Une fois les utilisateurs ajoutés, désactiver le formulaire d'inscription pour minimiser les tentatives de spam.¶
sudo nano /etc/gitea/app.ini
# Passer false à true pour désactiver l'inscription.
DISABLE_REGISTRATION = true
Push and create¶
Il est possible de pousser et créer un dépôt, même si celui-ci n'existe pas encore sur Gitea (ssh obligatoire).
# On ajoute le dépôt distant (creator-child_mbv.git) qui n'existe pas encore:
git remote add gitea git@gitea.maboiteverte.fr:bruno/creator-child_mbv.git
# Push to create n'est pas permis pour les organisations
# On pousse le dépot local
git push -u gitea master
Enumerating objects: 236, done.
Counting objects: 100% (236/236), done.
Delta compression using up to 8 threads
Compressing objects: 100% (232/232), done.
Writing objects: 100% (236/236), 670.57 KiB | 6.77 MiB/s, done.
Total 236 (delta 85), reused 0 (delta 0), pack-reused 0
remote: Resolving deltas: 100% (85/85), done.
remote: . Processing 1 references
remote: Processed 1 references in total
To gitea.maboiteverte.fr:bruno/creator-child_mbv.git
* [new branch] master -> master
Branch 'master' set up to track remote branch 'master' from 'gitea'.
# Le dépôt distant creator-child_mbv.git a bien été crée.
Backup / Restore¶
Backup:¶
su git
/usr/local/bin/gitea dump -c /etc/gitea/app.ini
# Crée une archive dans le home de git:
/home/git/gitea-dump-1589130582.zip
Restore:¶
https://docs.gitea.io/en-us/backup-and-restore/#restore-command-restore
Transférér un dépot vers une organisation:¶
Dépot -> paramètres -> Zone de danger -> Changer de propriétaire
Personnaliser:¶
https://docs.gitea.io/en-us/customizing-gitea/
Ajouter un lien dans la barre de navigation:¶
# Ajouter un fichier extra_links.tmpl
$ nano /var/lib/gitea/custom/templates/custom/extra_links.tmpl
<a class="item" href="https://maboiteverte.fr">maboiteverte.fr</a>
# Redémarrer Gitea
$ sudo service gitea restart
Ajouter un lien dans la barre de navigation inférieure:¶
# Ajouter un fichier extra_links_footer.tmpl
$ nano /var/lib/gitea/custom/templates/custom/extra_links_footer.tmpl
<a class="item" href="{{AppSubUrl}}/privacy.html">Privacy Policy</a>
$ cd /var/lib/gitea/custom/public
privacy.html
# Redémarrer Gitea
$ sudo service gitea restart
Gitea Doctor¶
https://blog.gitea.io/2022/06/a-gentle-introduction-to-the-gitea-doctor/
Liens¶
https://wiki.visionduweb.fr/index.php?title=Installer_un_serveur_Git_avec_Gitea#Copier_les_certificats_SSL_de_Let.27s_Encrypt_vers_le_r.C3.A9pertoire_keys_cr.C3.A9.C3.A9_pour_Gitea https://charlesreid1.github.io/setting-up-a-self-hosted-github-clone-with-gitea.html https://www.howtoforge.com/tutorial/how-to-install-gitea-with-https-on-debian-10/ https://clouding.io/hc/en-us/articles/360011461459-How-to-Install-Gitea-Git-Service-on-Ubuntu-18-04 https://linuxize.com/post/how-to-install-gitea-on-ubuntu-18-04/ https://computingforgeeks.com/how-to-install-gitea-git-service-on-ubuntu/ https://golb.hplar.ch/2018/06/self-hosted-git-server.html
https://mike42.me/blog/2019-05-how-to-integrate-gitea-and-jenkins https://wiki.evolix.org/HowtoGitea
Webhook
https://blog.samuel.domains/blog/tutorials/static-websites-automatic-deployment-with-gitea-an-example-with-jekyllhttps://support.gitkraken.com/integrations/authentication/ https://organicdesign.nz/Gitea