mohamad24xx/ob-vaults
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
ob-vaults/Phoenix/Programing/Server/gitea setup.md
mohamad24xx f3a0bdd5fb add gitea config and ssh note
2022-08-05 18:31:06 +04:30

3.3 KiB
Raw Blame History

Gitea docker setup with ssh

Check if Git is installed

Check that Git is installed on the server. If it is not, install it first. Gitea requires Git version >= 2.0.

git --version

Create a user to run Gitea

adduser \
   --system \
   --shell /bin/bash \
   --gecos 'Git Version Control' \
   --group \
   --disabled-password \
   --home /home/git \
   git

Change pass word for git user

passwd username

Make user git sudoers

sudo usermod -aG wheel test-user

Find UID

id -u <username>

or for current user

 echo $UID

change uid and gid in next step for user git

make folder for gitea and cd in it

mkdir gitea
cd gitea
touch docker-compose.yml

docker compose yml config

use any editor to change docker-compose.yml with config

version: "3"

networks:
  gitea:
    external: false

services:
  server:
    image: gitea/gitea:1.16.9
    container_name: gitea
    environment:
      - USER_UID=112 #change uid with one from last step
      - USER_GID=112 #change gid with one from last step
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=db:5432
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=gitea
      - GITEA__database__PASSWD=gitea
    restart: always
    networks:
      - gitea
    volumes:
      - ./gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
      - /home/git/.ssh/:/data/git/.ssh # add this for ssh support
    ports:
      - "3000:3000"
      - "127.0.0.1:2222:22" #ssh port to 2222 for gitea
    depends_on:
      - db

  db:
    image: postgres:14
    restart: always
    environment:
      - POSTGRES_USER=gitea
      - POSTGRES_PASSWORD=gitea
      - POSTGRES_DB=gitea
    networks:
      - gitea
    volumes:
      - ./postgres:/var/lib/postgresql/data

seting up and down with docker compose

docker compose up -d
docker compose down

Give permission to user its home dir

this command is needed when cant use ssh-keygen for another user but root

chown -R git: /home/git/

Login as git user

su - username

Make ssh key pair

sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"

set right permission for ssh authorized_keys

sudo -u git cat /home/git/.ssh/id_rsa.pub | sudo -u git tee -a /home/git/.ssh/authorized_keys
sudo -u git chmod 600 /home/git/.ssh/authorized_keys

Important: The pubkey from the git user needs to be added “as is” while all other pubkeys added via the Gitea web interface will be prefixed with command="/usr [...].

/home/git/.ssh/authorized_keys should then look somewhat like

# SSH pubkey from git user
ssh-rsa <Gitea Host Key>

# other keys from users most likely there is none
command="/usr/local/bin/gitea --config=/data/gitea/conf/app.ini serv key-1",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty <user pubkey>

Exit from git user and run needed command

first exit from user git

exit

and then run

cat <<"EOF" | sudo tee /usr/local/bin/gitea
#!/bin/sh
ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
EOF
sudo chmod +x /usr/local/bin/gitea

remove git user from sudo

sudo deluser username sudo