Gitea

installlation des paquets essentiels

apt -y install git vim bash-completion sudo wget

Création de l’utilisateur

sudo adduser \
   --system \
   --shell /bin/bash \
   --gecos 'Git Version Control' \
   --group \
   --disabled-password \
   --home /home/git \
   git

Préparation de la base

sudo apt -y install mariadb-server
sudo mysql_secure_installation
sudo mysql -u root -p
CREATE DATABASE gitea;
GRANT ALL PRIVILEGES ON gitea.* TO 'gitea'@'localhost' IDENTIFIED BY "StrongP@ssword";
FLUSH PRIVILEGES;
QUIT;

Installation du paquet gitea

Initialiser la version

export VER=1.12.5
wget https://github.com/go-gitea/gitea/releases/download/v${VER}/gitea-${VER}-linux-amd64
chmod +x gitea-${VER}-linux-amd64
sudo mv gitea-${VER}-linux-amd64 /usr/local/bin/gitea

Configuration de systemD

sudo mkdir -p /etc/gitea /var/lib/gitea/{custom,data,indexers,public,log}
sudo chown git:git /var/lib/gitea/{data,indexers,log}
sudo chmod 750 /var/lib/gitea/{data,indexers,log}
sudo chown root:git /etc/gitea
sudo chmod 770 /etc/gitea

puis l’unité systemD :

cat << EOF > /etc/systemd/system/gitea.service
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
After=mysql.service

[Service]
LimitMEMLOCK=infinity
LimitNOFILE=65535
RestartSec=2s
Type=simple
User=git
Group=git
WorkingDirectory=/var/lib/gitea/
ExecStart=/usr/local/bin/gitea web -c /etc/gitea/app.ini
Restart=always
Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea

[Install]
WantedBy=multi-user.target
EOF

On prend compte les changements et on démarre le service

sudo systemctl daemon-reload
sudo systemctl enable --now gitea

Par défaut gitea écoute sur le port 3000

NGINX reverse proxy

server {
    listen      80;
    server_name URL;
    return 301  URL$request_uri;
}

server {
    listen      443 ssl http2;
    server_name URL;

    # Let's Encrypt:
    ssl_certificate     /etc/letsencrypt/live/URL/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/URL/privkey.pem;

    # Add common Conf:
    include /etc/nginx/RVPRX_common.conf;

    # LOGS
    gzip on;
    access_log /var/log/nginx/URL_access.log;
    error_log  /var/log/nginx/URL_error.log;

    location / {
        proxy_pass http://IP:PORT;
   }
}

NGINX reverse proxy with sub path

server {
    listen      80;
    server_name URL;
    return 301  URL$request_uri;
}

server {
    listen      443 ssl http2;
    server_name URL;

    # Let's Encrypt:
    ssl_certificate     /etc/letsencrypt/live/URL/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/URL/privkey.pem;

    # Add common Conf:
    include /etc/nginx/RVPRX_common.conf;

    # LOGS
    gzip on;
    access_log /var/log/nginx/URL_access.log;
    error_log  /var/log/nginx/URL_error.log;

    location /git/ { # Note: Trailing slash
        proxy_pass http://IP:PORT/; # Note: Trailing slash
   }
}

Terminer l’installation

  • se rendre sur https://URL:PORT/install