earnest ma's site

Selfhosting Gitea Installation and OAuth2 Settings for Nextcloud and Github

UPDATE: Moved this from previous blog, updated links, and added Nginx config :)



This post will cover my process installing Gitea onto the Vultr VPS I’ve been using for the past months. I also moved the entire setup to another VPS with no issues. Both run Ubuntu 20.04 LTS.

I decided to go with Gitea1 as it was fairly lightweight and had most of the features I wanted/ needed.

I have most of my repositories on this, with mirrors on Github.

Because I already have a site running, I will be reverse proxying Gitea (from port 3000) to a separate subdomain (https://git.earne.link).

Prerequisites.

sudo apt update

sudo apt install nginx mariadb-server
# or sudo apt install apache2 mariadb-server

# secure your installation
sudo mysql_secure_installation

# SSL with Let's Encrypt
sudo apt install certbot python3-certbot-nginx # or python3-certbot-apache

Configure DNS Settings

Set an address record from something like git.example.com to your server’s public IP address.

Configure the Reverse Proxy

Using Nginx

In /etc/nginx/sites-available/gitea.conf

server {
    server_name git.example.com;
        location / {
                        proxy_pass http://localhost:3000;
                }
}

Using Apache

/etc/apache2/sites-available/gitea.conf:

<VirtualHost *:80>
ServerName git.example.com
ProxyPreserveHost On
ProxyRequests off
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
</VirtualHost>

For apache, you also need to enable some modules:

sudo a2enmod proxy proxy_http rewrite
sudo systemctl restart apache2.service

Enable the site

sudo a2ensite gitea

HTTPS

Run certbot, let it redirect automatically from http to https.

Create a user for gitea

sudo adduser --system --shell /bin/bash --gecos 'git' --group --disabled-password --home /home/git git

sudo mkdir /home/git/gitea
cd /home/git/gitea

Download Gitea and the systemd service file

Get the latest download links for Gitea here: https://dl.gitea.io/gitea

sudo wget -O /bin/gitea https://dl.gitea.io/gitea/1.12.5/gitea-1.12.5-linux-amd64

sudo chmod +x /bin/gitea
sudo wget -O gitea.service https://github.com/go-gitea/gitea/raw/master/contrib/systemd/gitea.service

Adjust the systemd service configuration file

Adjust gitea.service to your needs:

Requires=mariadb.service
Type=simple
User=git
Group=git
WorkingDirectory=/home/git/gitea/
ExecStart=/bin/gitea web --config /home/git/gitea/custom/conf/app.ini
Restart=always
Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/home/git/gitea

[Install]
WantedBy=multi-user.target

Configure file/ folder directory and permissions

sudo mkdir -p /home/git/gitea/{custom,data,indexers,public,log}
sudo chmod 750 /home/git/gitea/{custom,data,indexers,public,log}
sudo mkdir /home/git/gitea-repositories
sudo chmod 750 /home/git/gitea-repositories
sudo chown git:git /home/git/gitea -R

Enable Gitea through systemctl

sudo ln -s /home/git/gitea/gitea.service /lib/systemd/system/gitea.service
sudo systemctl daemon-reload
sudo systemctl enable gitea --now && sudo systemctl status gitea

Gitea w/ Mariadb

sudo mariadb
CREATE USER 'gitea' IDENTIFIED BY 'YourPasswordHere';
Query OK, 0 rows affected (0.016 sec)

MariaDB [(none)]> CREATE DATABASE gitea CHARACTER SET 'utf8mb4' COLLATE 'utf8mb4_unicode_ci';
Query OK, 1 row affected (0.009 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON gitea.* TO 'gitea';
Query OK, 0 rows affected (0.002 sec)

MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.004 sec)

MariaDB [(none)]> exit
Bye

Finish Install!

Head to git.example.com/install.

MYSQL, 127.0.0.1:3306 charset uft8mb4

Root URL (change to https://git.example.com/), Domain (git.example.com), configure SSH (you may want to disable it entirely), Port # (3000 is fine as we are reverse proxying it).

Swap File

Didn’t have one, I needed a swap file because performance.

# Checks
free -m
swapon
sudo dd if=/dev/zero of=/swapfile count=1024 bs=1M # A 1GB Swap File (512 mb ram)
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo nvim /etc/fstab

Add this to the end of the file:

/swapfile none swap sw 0 0

Editing the app.ini file (more configuration)

sudo su git
cd ~/gitea/custom/conf
nvim app.ini

https://docs.gitea.io/en-us/config-cheat-sheet/

That’s it!

My Gitea server is now running on https://git.earne.link

Oauth2 Setup

Make signing into Gitea easier.

Nextcloud





URLs to use:

In Nextcloud, the redirection URL is: https://git.example.com/user/oauth2/nextcloud/callback

Github





Callback URL: https://git.example.com/user/oauth2/github/callback


Thank you for reading!


  1. Gitea: https://gitea.io ↩︎

Tags: #gitea #selfhosting

Recent posts from blogs I read Generated by openring

2021-04-19 Emacs news

Upcoming events: Emacs APAC (virtual, in English) https://emacs-apac.gitlab.io/ Sat Apr 24 0130 Vancouver / 0330 Chicago / 0430 Toronto / 0830 GMT / 1030 Berlin / 1400 Kolkata / 1630 Singapore Emacs Berlin (virtual, in English) https://emacs-berlin.org/ Wed Ap…

via Sacha Chua April 19, 2021

Misinformation about Permissions Policy and FLoC

This post was written in a hurry in response to some misinformation about Google’s newest Web antifeature, Federated Learning of Cohorts (FLoC). Google’s FLoC is an attempt to track users even when their browsers (rightly) block third-party cookies. The i…

via Posts on Seirdy's Home April 16, 2021

Modus themes 1.3.0 for GNU Emacs

Information about the latest version of my highly accessible themes for GNU Emacs.

via Protesilaos Stavrou: Master feed with all updates April 17, 2021