earnest ma's site

Selfhosting Gitea Installation and OAuth2 Settings for Nextcloud and Github

UPDATE: Moved this from previous blog, updated links, and added Nginx config :)



This post will cover my process installing Gitea onto the Vultr VPS I’ve been using for the past months. I also moved the entire setup to another VPS with no issues. Both run Ubuntu 20.04 LTS.

I decided to go with Gitea1 as it was fairly lightweight and had most of the features I wanted/ needed.

I have most of my repositories on this, with mirrors on Github.

Because I already have a site running, I will be reverse proxying Gitea (from port 3000) to a separate subdomain (https://git.earne.link).

Prerequisites.

sudo apt update

sudo apt install nginx mariadb-server
# or sudo apt install apache2 mariadb-server

# secure your installation
sudo mysql_secure_installation

# SSL with Let's Encrypt
sudo apt install certbot python3-certbot-nginx # or python3-certbot-apache

Configure DNS Settings

Set an address record from something like git.example.com to your server’s public IP address.

Configure the Reverse Proxy

Using Nginx

In /etc/nginx/sites-available/gitea.conf

server {
    server_name git.example.com;
        location / {
                        proxy_pass http://localhost:3000;
                }
}

Using Apache

/etc/apache2/sites-available/gitea.conf:

<VirtualHost *:80>
ServerName git.example.com
ProxyPreserveHost On
ProxyRequests off
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
</VirtualHost>

For apache, you also need to enable some modules:

sudo a2enmod proxy proxy_http rewrite
sudo systemctl restart apache2.service

Enable the site

sudo a2ensite gitea

HTTPS

Run certbot, let it redirect automatically from http to https.

Create a user for gitea

sudo adduser --system --shell /bin/bash --gecos 'git' --group --disabled-password --home /home/git git

sudo mkdir /home/git/gitea
cd /home/git/gitea

Download Gitea and the systemd service file

Get the latest download links for Gitea here: https://dl.gitea.io/gitea

sudo wget -O /bin/gitea https://dl.gitea.io/gitea/1.12.5/gitea-1.12.5-linux-amd64

sudo chmod +x /bin/gitea
sudo wget -O gitea.service https://github.com/go-gitea/gitea/raw/master/contrib/systemd/gitea.service

Adjust the systemd service configuration file

Adjust gitea.service to your needs:

Requires=mariadb.service
Type=simple
User=git
Group=git
WorkingDirectory=/home/git/gitea/
ExecStart=/bin/gitea web --config /home/git/gitea/custom/conf/app.ini
Restart=always
Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/home/git/gitea

[Install]
WantedBy=multi-user.target

Configure file/ folder directory and permissions

sudo mkdir -p /home/git/gitea/{custom,data,indexers,public,log}
sudo chmod 750 /home/git/gitea/{custom,data,indexers,public,log}
sudo mkdir /home/git/gitea-repositories
sudo chmod 750 /home/git/gitea-repositories
sudo chown git:git /home/git/gitea -R

Enable Gitea through systemctl

sudo ln -s /home/git/gitea/gitea.service /lib/systemd/system/gitea.service
sudo systemctl daemon-reload
sudo systemctl enable gitea --now && sudo systemctl status gitea

Gitea w/ Mariadb

sudo mariadb
CREATE USER 'gitea' IDENTIFIED BY 'YourPasswordHere';
Query OK, 0 rows affected (0.016 sec)

MariaDB [(none)]> CREATE DATABASE gitea CHARACTER SET 'utf8mb4' COLLATE 'utf8mb4_unicode_ci';
Query OK, 1 row affected (0.009 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON gitea.* TO 'gitea';
Query OK, 0 rows affected (0.002 sec)

MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.004 sec)

MariaDB [(none)]> exit
Bye

Finish Install!

Head to git.example.com/install.

MYSQL, 127.0.0.1:3306 charset uft8mb4

Root URL (change to https://git.example.com/), Domain (git.example.com), configure SSH (you may want to disable it entirely), Port # (3000 is fine as we are reverse proxying it).

Swap File

Didn’t have one, I needed a swap file because performance.

# Checks
free -m
swapon
sudo dd if=/dev/zero of=/swapfile count=1024 bs=1M # A 1GB Swap File (512 mb ram)
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo nvim /etc/fstab

Add this to the end of the file:

/swapfile none swap sw 0 0

Editing the app.ini file (more configuration)

sudo su git
cd ~/gitea/custom/conf
nvim app.ini

https://docs.gitea.io/en-us/config-cheat-sheet/

That’s it!

My Gitea server is now running on https://git.earne.link

Oauth2 Setup

Make signing into Gitea easier.

Nextcloud





URLs to use:

In Nextcloud, the redirection URL is: https://git.example.com/user/oauth2/nextcloud/callback

Github





Callback URL: https://git.example.com/user/oauth2/github/callback


Thank you for reading!


  1. Gitea: https://gitea.io ↩︎

Tags: #gitea #selfhosting

Recent posts from blogs I read Generated by openring

Weekly review: Week ending February 19, 2021

I got captions to flow from my phone to Node to Emacs to OBS to Twitch. There’s some delay, but it’s a good starting point that might come in handy for live captioning my own stuff. I added autocategorization to Emacs News. I tried out pretty-hydra. I wro…

via sacha chua :: living an awesome life February 21, 2021

A great alternative is rarely fatter than what it aims to replace

This is not always true, but in my experience, it tends to hold up. We often build or evaluate tools which aim to replace something kludgy^Wvenerable. Common examples include shells, programming languages, system utilities, and so on. Rust, Zig, etc, are tak…

via Drew DeVault's blog February 21, 2021

Back Home

I was busy sanding down the planks all evening last Sunday in that unbearable cold in the garage and just nearly got done when it started snowing. My wife had been lamenting all week about the snow in Dallas and naturally this made her happy. That happine…

via simbly.me February 20, 2021