brandon/oam
1
0
Fork 0
mirror of https://gitea.com/mcereda/oam.git synced 2026-02-09 05:44:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
7e865c89e75061b8299d8c0b99bdd22c99c2b58a
oam/knowledge base/gitea.md
Michele Cereda 6975f415b3 chore(kb/gitea): add https and lfs configuration sections
2024-05-11 12:16:07 +02:00

3.2 KiB
Raw Blame History

Gitea

  1. Installation
  2. Configuration
    1. LFS
    2. HTTPS certificates
    3. Set up HTTP redirection
  3. Further readings
    1. Sources

Installation

Docker compose file.

The git user has UID and GID set to 1000 by default.
Change those in the compose file or whatever.

One can optionally define the administrative user during the initial setup.
If no administrative user is defined in that moment, the first registered user becomes the administrator.

Configuration

Refer the Configuration cheat sheet.

LFS

Enable the built-in LFS support by updating the app.ini configuration file:

[server]
LFS_START_SERVER = true

[lfs]
PATH = /home/gitea/data/lfs  # defaults to {{data}}/lfs

HTTPS certificates

Refer HTTPS setup to encrypt connections to Gitea.

If the certificate is signed by a third party certificate authority (i.e. not self-signed), then cert.pem should contain the certificate chain.
The server certificate must be the first entry in cert.pem, followed by the intermediaries in order (if any).
The root certificate does not have to be included as the connecting client must already have it in order to establish any trust relationship.

The file path in the configuration is relative to the GITEA_CUSTOM environment variable when it is a relative path.

Self-signed certificate

  1. Generate a self signed certificate:

    gitea cert --host 'git.host.fqdn'
docker compose exec server gitea cert --host 'git.host.fqdn'

  2. Change the app.ini configuration file:

    [server]
PROTOCOL  = https
ROOT_URL  = https://git.host.fqdn:3000/
HTTP_PORT = 3000
CERT_FILE = /path/to/cert.pem
KEY_FILE  = /path/to/key.pem
ACME certificate

Defaults to using Let's Encrypt.

Change the app.ini configuration file:

[server]
PROTOCOL=https
DOMAIN=git.example.com
ENABLE_ACME=true
ACME_ACCEPTTOS=true
ACME_DIRECTORY=https
ACME_EMAIL=email@example.com  # can be omitted here and provided manually at first run, after which it is cached

Set up HTTP redirection

Gitea server is able to listen on one single port. Enable the HTTP redirection service to redirect HTTP requests to the HTTPS port:

[server]
REDIRECT_OTHER_PORT = true
PORT_TO_REDIRECT = 3080  # http port to be redirected to https

When using Docker, make sure this port is published.

Further readings

Alternatives:

Sources