diff --git a/pages/02.linux/21.gitea/default.en.md b/pages/02.linux/21.gitea/default.en.md index c7577bf..b680676 100644 --- a/pages/02.linux/21.gitea/default.en.md +++ b/pages/02.linux/21.gitea/default.en.md @@ -10,28 +10,61 @@ Create a gitea user `# mkdir /etc/gitea` `# chown git:git -R /etc/gitea` +Create the .ssh directory for the git user +`$ sudo -u git mkdir -p /home/git/.ssh` + Get the user id of git with `id git` -## Installation -Use podman to run the container -`apt install podman` +## Podman +### Network and Pod +`# podman network create net_gitea` +`# podman pod create --name pod_gitea --network net_gitea -p 127.0.0.1:5432:5432 -p 3000:3000 -p 127.0.0.1:2222:22` + +#### Port Mappings +``` +5432 (localhost): Postgres Database +3000: Gitea WebUI +2222 (localhost): Gitea SSH +``` + +### Database +``` +# podman run --name giteadb \ + -e PGDATA=/var/lib/postgresql/data/pgdata \ + -e POSTGRES_USER=gitea \ + -e POSTGRES_PASSWORD=gitea \ + -e POSTGRES_DB=gitea \ + -v /mnt/postgres:/var/lib/postgresql/data \ + --pod pod_gitea \ + -d docker.io/postgres +``` + +## Application ``` -podman run --name gitea -p 3000:3000 \ - -p 127.0.0.1:2222:22 \ - -e USER_UID=1002 \ - -e USER_GID=1002 \ - -v /etc/gitea:/data \ +# podman run --name gitea \ + -e USER_UID=(uid) \ + -e USER_GID=(gid) \ + -e GITEA__database__DB_TYPE=postgres \ + -e GITEA__database__HOST=giteadb:5432 \ + -e GITEA__database__NAME=gitea \ + -e GITEA__database__USER=gitea \ + -e GITEA__database__PASSWD=gitea \ + -v /mnt/gitea:/data \ -v /home/git/.ssh/:/data/git/.ssh \ -v /etc/timezone:/etc/timezone:ro \ -v /etc/localtime:/etc/localtime:ro \ - --restart unless-stopped \ + --pod pod_gitea \ -d docker.io/gitea/gitea:latest ``` +**NOTE:** gitea's /data directory must not contain permissions too open. Otherwise the SSH redirection set up below will fail. +`0750` for directories and `0640` has been shown to work + The next few lines are used to set up ssh-redirection to gitea if it is used to clone a repo. > See also the [official documentation](https://docs.gitea.io/en-us/install-with-docker/#sshing-shim-with-authorized_keys) +Create SSH Keys for gitea `$ sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"` `$ sudo -u git cat /home/git/.ssh/id_rsa.pub | sudo -u git tee -a /home/git/.ssh/authorized_keys` `$ sudo -u git chmod 600 /home/git/.ssh/authorized_keys` @@ -42,7 +75,8 @@ $ cat <<"EOF" | sudo tee /usr/local/bin/gitea ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@" EOF ``` -`$ sudo chmod +x /usr/local/bin/gitea` + +`# chmod +x /usr/local/bin/gitea` We've now finished setting up the ssh-redirection. After that, connect to the Server on port 3000 to finish the installation