Gitea as my Private Git Server
Git is a fantastic system for code making, storing and sharing. I need an internal for my K8s cluster and some internal projects and settings. #gitea
Git is a fantastic system for code making, storing and sharing. There is a GitHub and GitLab but some times you like to do stuff that are really privet and if you are paranoid a naff yo like to self host your own Git Server.
I need it for my K8s cluster and some internal projects and settings.
To self host a Git Server there is choices like Gitea (pronounced Git tea), GitLab, Gogs and BitBucket. GitLab is a resource hog but very good and stable. Gitea is small on resources but there is a power struggle going on between the original author and the rest of the consortium.
Then you need to choose betveen a VM, CT or Docker. They are all good choises.
I decided to go with Githea running on Docker.
That was my choice, but feel free to choose otherwise.
It will be used only internally and it's not open to the net. You might choose to open it to the web, remember the risks and make it safe.
It runs in a small container on AlpineLinux or as in my case it's running on Docker.
The container uses standard settings with a extra 32/64 G disk for the data in /var/lib/gitea
. A basic install of Gitea works with a sqlite3 database, it's fine for a HomeLab, but for corporate use its better to use Maria DB.
Gitea will use your local language, but you can change it later to use an other.
Setting up Gitea
- Do set up an Administrator - it will help one of these days
- Lock down the use as much as you can
Setup on Alpine and use sqlite3
Setup a CT, disk 8 and a mountpoint 32/64 G and pointing to /var/lib/gitea
. Alpine Linux has Gitea in its community repository which follows the latest stable version not the latest. Today its 1.19 and 1.21.
First update apk update && apk upgrade
and
add some tools apk add git gitea nano
Setup the user and group
We need a user gitea and a group gitea. Add a gitea user as system user, no password and home dir specified. Then we add the user to the group.
Initial Start
The initial start creates some needed files
GITEA_WORK_DIR=/var/lib/gitea gitea web --config /etc/gitea/app.ini
Close down Gitea: service gitea stop
Make it start automatically: rc-update add gitea
Start the Gitea: service gitea start
Configure the Gitea Server
In your favorite browser go to the server IP:3000 and setup the Gitea Server.
You need to have registration on to create your user profile and the others can do it to or you do it for them. Later advisable to take it off, so not any random person visiting may create a profile.
A nice feature for corporate use is the use of OpenID and for web use CAPTCHA and argo2 algorithm.
Let's have tea
and invite the rest of the family to be happy coders
Gitea on Docker
Its pretty easy to do, open your Portainer and drop the code or create a standard docker-compose.yml file and start it as a daemon.
To use named volumes instead of host volumes, define and use the named volume within the docker-compose.yml
configuration. This change will automatically create the required volume. You don't need to worry about permissions with named volumes; Docker will deal with that automatically.
To use Docker-Compose
Note that the volume should be owned by the user/group with the UID/GID specified in the config file. By default Gitea in docker will use uid:1000 gid:1000. If needed you can set ownership on those folders with the command:
mkdir -p gitea/{data,config}
cd gitea
touch docker-compose.yml
sudo chown 1000:1000 config/ data/
The YAML file for Docker Compose and Portainer
version: '3'
volumes:
gitea-data:
driver: local
gitea-config:
driver: local
services:
server:
image: gitea/gitea:latest #1.20.5-rootless
container_name: gitea
restart: unless-stopped #always
volumes:
- gitea-data:/var/lib/gitea
- gitea-config:/etc/gitea
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "2222:2222"
# networks the services will use - my local settings
networks:
kadulla: #frontend
external: true
pihalla: #backend
external: true
In my environment it's ease to setup web services with NPM and Authelia. NPM takes care of the Let's Encrypt certificates. Authelia is the first line security guard, meaning internally it can be more relaxed than from the web. See older posts.
Installation on K8s with Helm
Gitea provides a Helm Chart to allow for installation on Kubernetes. Link
helm repo add gitea-charts https://dl.gitea.com/charts/
helm repo update
helm install gitea gitea-charts/gitea
References
Gitea [1] AlpineLinux [2] GitLab [3] Gogs [4] BitBucket [5]