mohamad24xx/ob-vaults
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
ob-vaults/Phoenix/Programing/Server/gitea setup.md
mohamad24xx f3a0bdd5fb add gitea config and ssh note
2022-08-05 18:31:06 +04:30

140 lines
3.3 KiB
Markdown
Raw Blame History

## Gitea docker setup with ssh
#### Check if Git is installed
Check that Git is installed on the server. If it is not, install it first. Gitea requires Git version >= 2.0.
```bash
git --version
```
#### Create a user to run Gitea
```shell
adduser \
--system \
--shell /bin/bash \
--gecos 'Git Version Control' \
--group \
--disabled-password \
--home /home/git \
git
```
#### Change pass word for git user
```shell
passwd username
```
#### Make user git sudoers
```shell
sudo usermod -aG wheel test-user
```
#### Find UID
```bash
id -u <username>
```
or for current user
```bash
echo $UID
```
change uid and gid in next step for user git
#### make folder for gitea and cd in it
```shell
mkdir gitea
cd gitea
touch docker-compose.yml
```
#### docker compose yml config
use any editor to change docker-compose.yml with config
```yml
version: "3"
networks:
gitea:
external: false
services:
server:
image: gitea/gitea:1.16.9
container_name: gitea
environment:
- USER_UID=112 #change uid with one from last step
- USER_GID=112 #change gid with one from last step
- GITEA__database__DB_TYPE=postgres
- GITEA__database__HOST=db:5432
- GITEA__database__NAME=gitea
- GITEA__database__USER=gitea
- GITEA__database__PASSWD=gitea
restart: always
networks:
- gitea
volumes:
- ./gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- /home/git/.ssh/:/data/git/.ssh # add this for ssh support
ports:
- "3000:3000"
- "127.0.0.1:2222:22" #ssh port to 2222 for gitea
depends_on:
- db
db:
image: postgres:14
restart: always
environment:
- POSTGRES_USER=gitea
- POSTGRES_PASSWORD=gitea
- POSTGRES_DB=gitea
networks:
- gitea
volumes:
- ./postgres:/var/lib/postgresql/data
```
#### seting up and down with docker compose
```bash
docker compose up -d
docker compose down
```
#### Give permission to user its home dir
this command is needed when cant use ssh-keygen for another user but root
```bash
chown -R git: /home/git/
```
#### Login as git user
```shell
su - username
```
#### Make ssh key pair
```bash
sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"
```
#### set right permission for ssh authorized_keys
```bash
sudo -u git cat /home/git/.ssh/id_rsa.pub | sudo -u git tee -a /home/git/.ssh/authorized_keys
sudo -u git chmod 600 /home/git/.ssh/authorized_keys
```
Important: The pubkey from the `git` user needs to be added “as is” while all other pubkeys added via the Gitea web interface will be prefixed with `command="/usr [...]`.
`/home/git/.ssh/authorized_keys` should then look somewhat like
```bash
# SSH pubkey from git user
ssh-rsa <Gitea Host Key>
# other keys from users most likely there is none
command="/usr/local/bin/gitea --config=/data/gitea/conf/app.ini serv key-1",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty <user pubkey>
```
#### Exit from git user and run needed command
first exit from user git
```shell
exit
```
and then run
```bash
cat <<"EOF" | sudo tee /usr/local/bin/gitea
#!/bin/sh
ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
EOF
sudo chmod +x /usr/local/bin/gitea
```
#### remove git user from sudo
```shell
sudo deluser username sudo
```
Reference in a new issue View git blame Copy permalink