Gitea as my Private Git Server

Git is a fantastic system for code making, storing and sharing. I need an internal for my K8s cluster and some internal projects and settings. #gitea

Gitea as my Private Git Server
Gitea: Git with a cup of tea - Gitea is a lightweight DevOps platform.

Git is a fantastic system for code making, storing and sharing. There is a GitHub and GitLab but some times you like to do stuff that are really privet and if you are paranoid a naff yo like to self host your own Git Server.

I need it for my K8s cluster and some internal projects and settings.

To self host a Git Server there is choices like Gitea (pronounced Git tea), GitLab, Gogs and BitBucket. GitLab is a resource hog but very good and stable. Gitea is small on resources but there is a power struggle going on between the original author and the rest of the consortium.
Then you need to choose betveen a VM, CT or Docker. They are all good choises.

I decided to go with Githea running on Docker.
That was my choice, but feel free to choose otherwise.

It will be used only internally and it's not open to the net. You might choose to open it to the web, remember the risks and make it safe.
It runs in a small container on AlpineLinux or as in my case it's running on Docker.

The container uses standard settings with a extra 32/64 G disk for the data in /var/lib/gitea. A basic install of Gitea works with a sqlite3 database, it's fine for a HomeLab, but for corporate use its better to use Maria DB.

Gitea will use your local language, but you can change it later to use an other.

Setting up Gitea

  • Do set up an Administrator - it will help one of these days
  • Lock down the use as much as you can

Setup on Alpine and use sqlite3

Setup a CT, disk 8 and a mountpoint 32/64 G and pointing to /var/lib/gitea. Alpine Linux has Gitea in its community repository which follows the latest stable version not the latest. Today its 1.19 and 1.21.

First update apk update && apk upgrade and
add some tools apk add git gitea nano

Setup the user and group

We need a user gitea and a group gitea. Add a gitea user as system user, no password and home dir specified. Then we add the user to the group.

addgroup gitea

Add the group gitea

adduser -S -D -h /etc/gitea gitea

Add the user gitea as system user, no password and home dir /etc/gitea

addgroup gitea gitea

Add user gitea to the gitea group gitea

Initial Start

The initial start creates some needed files

GITEA_WORK_DIR=/var/lib/gitea gitea web --config /etc/gitea/app.ini

Close down Gitea: service gitea stop

Make it start automatically: rc-update add gitea

Start the Gitea: service gitea start

Configure the Gitea Server

In your favorite browser go to the server IP:3000 and setup the Gitea Server.

You need to have registration on to create your user profile and the others can do it to or you do it for them. Later advisable to take it off, so not any random person visiting may create a profile.

A nice feature for corporate use is the use of OpenID and for web use CAPTCHA and argo2 algorithm.

Let's have tea

and invite the rest of the family to be happy coders

Teacup and laptop
Photo by Adeolu Eletu / Unsplash


Gitea on Docker

Its pretty easy to do, open your Portainer and drop the code or create a standard docker-compose.yml file and start it as a daemon.
To use named volumes instead of host volumes, define and use the named volume within the docker-compose.yml configuration. This change will automatically create the required volume. You don't need to worry about permissions with named volumes; Docker will deal with that automatically.

To use Docker-Compose

Note that the volume should be owned by the user/group with the UID/GID specified in the config file. By default Gitea in docker will use uid:1000 gid:1000. If needed you can set ownership on those folders with the command:

mkdir -p gitea/{data,config}
cd gitea
touch docker-compose.yml
sudo chown 1000:1000 config/ data/

The YAML file for Docker Compose and Portainer

version: '3'

volumes:
  gitea-data:
    driver: local
  gitea-config:
    driver: local

services:
  server:
    image: gitea/gitea:latest #1.20.5-rootless
    container_name: gitea
    restart: unless-stopped #always
    volumes:
      - gitea-data:/var/lib/gitea
      - gitea-config:/etc/gitea
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "2222:2222"


# networks the services will use - my local settings
networks:
  kadulla:          #frontend
    external: true
  pihalla:          #backend
    external: true

In my environment it's ease to setup web services with NPM and Authelia. NPM takes care of the Let's Encrypt certificates. Authelia is the first line security guard, meaning internally it can be more relaxed than from the web. See older posts.

Installation on K8s with Helm

Gitea provides a Helm Chart to allow for installation on Kubernetes. Link

helm repo add gitea-charts https://dl.gitea.com/charts/
helm repo update
helm install gitea gitea-charts/gitea

References

Gitea [1] AlpineLinux [2] GitLab [3] Gogs [4] BitBucket [5]


  1. Gitea home page, Compared to Git hosting Comparison, on Docker Hub and Documentation pages also on Wikipedia ↩︎

  2. Alpinelinux home page ↩︎

  3. GitLab home page ↩︎

  4. Gogs home page and on GitHub ↩︎

  5. BitBucket home page and on Wikipedia ↩︎