223 lines
10 KiB
Markdown
223 lines
10 KiB
Markdown
|
# Gitea
|
|||
|
A beautiful self-hosted non-commercial git server. Small but powerful. A better alternative to the monoliths of Github & Gitlab.
|
|||
|
|
|||
|
- Get set up with [these instructions](https://www.makeuseof.com/install-gitea-raspberry-pi-create-your-own-code-repository/) on hosting a gitea server using a raspberry pi
|
|||
|
|
|||
|
|
|||
|
**Scripting migrations:**
|
|||
|
If you have a lot of repositories to migrate, it may be easier to write a script to migrate them.
|
|||
|
|
|||
|
The easiest way to go about this would be to use the [Gitea API](https://docs.gitea.io/en-us/api-usage) to create a blank repository, and then use the Git command line to clone repositories from your existing service into Gitea:
|
|||
|
|
|||
|
```
|
|||
|
git clone --mirror «url to old repository»
|
|||
|
git remote set-url origin «url to new gitea repository»
|
|||
|
git push --mirror origin
|
|||
|
|
|||
|
```
|
|||
|
|
|||
|
|
|||
|
### Customizing your Gitea:
|
|||
|
---
|
|||
|
- Create a README.md to [your profile](1. https://docs.gitea.com/next/usage/profile-readme)
|
|||
|
- create a git profile called `.profile`
|
|||
|
- then add a single markdown file to the repo
|
|||
|
- this will be displayed on your page
|
|||
|
- To change the front page of the Gitea server, [head here for instructions. ](https://docs.gitea.com/next/administration/customizing-gitea#customizing-gitea-pages)
|
|||
|
- One theme that i like is Cattppuccin! :3 it's really cute. [Example](https://gitea.catppuccin.com/)
|
|||
|
- ![[Pasted image 20230717132307.png]]
|
|||
|
- The entire [config cheat sheet is located here. ](https://docs.gitea.com/next/administration/config-cheat-sheet#ui-ui)
|
|||
|
- The [Awesome Gitea Repo ](https://gitea.com/gitea/awesome-gitea#themes)for more updates
|
|||
|
- For Gitea Pages it is suggested to use [Caddy](https://github.com/42wim/caddy-gitea#gitea-pages-repo) or[ Codeberg Pages ](https://codeberg.org/Codeberg/pages-server)Server
|
|||
|
- Adding Themes to Gitea
|
|||
|
- Full instructions are found [here](https://docs.theme-park.dev/themes/gitea/)
|
|||
|
#### More Appearances:
|
|||
|
For more information, [read here. ](https://blog.inedo.com/self-hosted/gitea/#:~:text=Gitea%20will%20run%20on%20all,client%20tools%20on%20the%20server.)
|
|||
|
- User themes
|
|||
|
- Hotline![img](https://docs.theme-park.dev/site_assets/gitea/hotline.png)
|
|||
|
- HotPink ![img2](https://docs.theme-park.dev/site_assets/gitea/hotpink.png)
|
|||
|
- and more!
|
|||
|
- Dev [Themes Set up instructions](https://docs.theme-park.dev/setup/)
|
|||
|
|
|||
|
|
|||
|
1. Using [Caddy](https://docs.theme-park.dev/setup/#caddy) as a proxy
|
|||
|
|
|||
|
## Installing the Gitea Server
|
|||
|
---
|
|||
|
There are numerous ways you can install Gitea on your machine but don't get overwhelmed by the choices. Just choose what is easiest for you to get started and you can optimize afterwards.
|
|||
|
|
|||
|
For me, since I'm currently on a Macbook it will be easiest to do a MacPorts install but perhaps I'll switch it over to be a Linux install at some point later.
|
|||
|
|
|||
|
1. Go to [MacPorts](https://www.macports.org/install.php#installing), Click your Apple flavor, and download + install the .pkg (no fancy CLI needed for this step!)
|
|||
|
2. Using Homebrew, install Gitea on your laptop!
|
|||
|
3. Now go to Linode to set up your server with Alpine Linux.
|
|||
|
4. Set up steps in this [video](https://www.youtube.com/watch?v=bVB24I7B0JQ) and create a node
|
|||
|
5. SSH into the root IP
|
|||
|
6. Push a test repo and there we have it! You set up your gitea :)
|
|||
|
![[Pasted image 20230626034045.png]]
|
|||
|
|
|||
|
Gitea Server details
|
|||
|
- Site: Shwetha-Base : my self-hosted gitea server
|
|||
|
- Path: /var/lib/gitea/data/gitea-repositories
|
|||
|
- Run as username: msgit
|
|||
|
- Server domain: 172.104.8.87
|
|||
|
- Gitea base url: http://172.104.8.87:3000/
|
|||
|
- log path:/var/lib/gitea/log
|
|||
|
- server port and listening port - 22,3000
|
|||
|
|
|||
|
### Using Gitea Server
|
|||
|
---
|
|||
|
|
|||
|
###### Linode
|
|||
|
To start the server:
|
|||
|
```
|
|||
|
systemctl start gitea.service
|
|||
|
```
|
|||
|
|
|||
|
###### Caddy:
|
|||
|
Using the gitea server with Caddy:
|
|||
|
-->add the following server block to your Caddyfile
|
|||
|
```
|
|||
|
git.example.com {
|
|||
|
reverse_proxy localhost:3000
|
|||
|
}
|
|||
|
```
|
|||
|
|
|||
|
**For Caddy with a subpath**: In case you already have a site, and you want Gitea to share the domain name, you can setup Caddy to serve Gitea under a sub-path by adding the following to your server block in your Caddyfile:
|
|||
|
|
|||
|
```
|
|||
|
git.example.com { route /git/* { uri strip_prefix /git reverse_proxy localhost:3000 }}
|
|||
|
```
|
|||
|
|
|||
|
Then set `[server] ROOT_URL = http://git.example.com/git/` in your configuration.
|
|||
|
|
|||
|
For instructions on syncing your Obsidian vault to your gitea server, head to [Obsidian-git sync tutorial. ](obsidian://open?vault=enter&file=Coding%20Tips%20(Classical)%2FProject%20Vault%2FOn%20Obsidian%2FObsidian-git%20process)
|
|||
|
|
|||
|
|
|||
|
|
|||
|
### More references:
|
|||
|
---
|
|||
|
- Migrate from [github/gitlab to gitea](https://hostedgitea.com/article/how-to-migrate-from-github-to-gitea)
|
|||
|
- Similar to github pages but for [gitea](https://github.com/42wim/caddy-gitea)
|
|||
|
- Gitea for [many user databases](https://www.talkingquickly.co.uk/gitea-sso-with-keycloak-openldap-openid-connect)
|
|||
|
- Gitea is highly customizeable. Here is a key of [all its configs](https://docs.gitea.com/next/administration/config-cheat-sheet)
|
|||
|
- Using gitea with [Jenkins](https://plugins.jenkins.io/gitea/)
|
|||
|
- A self-hosting[ cloud tutorial ](https://spin.atomicobject.com/2022/02/08/git-service-gitea/)
|
|||
|
- You can also run gitea on [cloudron](obsidian://open?vault=Obsidian&file=Cloudron)
|
|||
|
- Installing gitea onto [raspberry pi ](https://www.makeuseof.com/install-gitea-raspberry-pi-create-your-own-code-repository/#:~:text=Using%20Gitea&text=You%20can%20choose%20to%20make,as%20if%20it%20were%20GitHub.)
|
|||
|
- A[ gitpod instance](https://gogitea-gitea-5jiuqihle03.ws-us97.gitpod.io/) of gitea
|
|||
|
- gitpod is just an automated dev environment - think of it as a pre-build
|
|||
|
- Disaster recovery for Gitea - Gitea’s [repository mirroring](https://docs.gitea.io/en-us/repo-mirror/) makes it relatively easy to replicate critical Git repositories so that teams can still work at minimal capacity until the production environment is back up and running.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
---
|
|||
|
|
|||
|
|
|||
|
## Issues ...
|
|||
|
|
|||
|
|
|||
|
---
|
|||
|
|
|||
|
Change password within terminal
|
|||
|
|
|||
|
Change to gitea user:
|
|||
|
```
|
|||
|
su git
|
|||
|
```
|
|||
|
|
|||
|
Update as admin:
|
|||
|
```
|
|||
|
gitea --config /etc/gitea/app.ini admin user change-password -u username -p password
|
|||
|
```
|
|||
|
|
|||
|
via [source](https://forum.gitea.com/t/how-to-change-gitea-admin-password-from-the-command-terminal-line/1930).
|
|||
|
|
|||
|
For further questions --> [visit the forum ](https://forum.gitea.com/)discussion.
|
|||
|
|
|||
|
Further admin commands [found here in the docs.](https://docs.gitea.com/next/administration/command-line)
|
|||
|
|
|||
|
---
|
|||
|
|
|||
|
Extras
|
|||
|
|
|||
|
- Celebrating [free software day ](https://blog.gitea.com/i-love-fs-day/)
|
|||
|
- Add SSL certs here by [watching this youtube video ](https://www.youtube.com/watch?v=qlcVx-k-02E)
|
|||
|
|
|||
|
## Improving Security in Gitea
|
|||
|
|
|||
|
So after about a year of hosting a gitea server..there were a lot of spam accounts that signed on.
|
|||
|
|
|||
|
Particularly, who the heck is this O/O user?? There seemed to be [many](https://git.agorise.net/O/O) [mirrors](https://gittea.dev/O/O) of the same git user which at this point is clearly an automated bot account. Whatever it was scraping I did not want to support the lack-of-context web scraping and dumping onto my git server.
|
|||
|
|
|||
|
![[Pasted image 20240826213843.png]]
|
|||
|
![[Pasted image 20240826213915.png]]
|
|||
|
|
|||
|
![[Pasted image 20240826211922.png]]
|
|||
|
![[Pasted image 20240826211926.png]]
|
|||
|
![[Pasted image 20240826211949.png]]
|
|||
|
Over 3 pages of spam accounts! How the heck?!
|
|||
|
|
|||
|
So I decide to make sure that the security on my gitea is better. So how do I go about doing this? Google! Go to where you are hosting the server on and continue to log in.
|
|||
|
|
|||
|
1. Logged in as admin and manually purged all the accounts.
|
|||
|
2. I referred to this Gitea thread on spam account prevention which means future accounts should not be able to sign up without going through a CAPTCHA
|
|||
|
|
|||
|
```
|
|||
|
[service]
|
|||
|
ENABLE_CAPTCHA: false: Enable this to use captcha validation for registration.
|
|||
|
CAPTCHA_TYPE: image: [image, recaptcha]
|
|||
|
RECAPTCHA_SECRET: ””: Go to https://www.google.com/recaptcha/admin to get a secret for recaptcha.
|
|||
|
RECAPTCHA_SITEKEY: ””: Go to https://www.google.com/recaptcha/admin to get a sitekey for recaptcha.
|
|||
|
```
|
|||
|
|
|||
|
|
|||
|
3. Implement fail2ban
|
|||
|
4. Further `service` commands are also [listed here](https://docs.gitea.com/next/administration/config-cheat-sheet#service-service).
|
|||
|
5. Change the gitea app.ini file to prevent any users from registering.
|
|||
|
|
|||
|
|
|||
|
```
|
|||
|
2024/08/27 02:06:00 ...eb/routing/logger.go:102:func1() [I] router: completed GET /O/O/commits/commit/7bce1dab984ced815d563901740a5e10>
|
|||
|
|
|||
|
2024/08/27 02:06:01 ...eb/routing/logger.go:102:func1() [I] router: completed GET /O/O/src/commit/84390c13e11287b2eb9396bdf04662b6d16a>
|
|||
|
|
|||
|
2024/08/27 02:06:01 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/src/commit/d50e33e1da2e9bf03dedaf82ae333c>
|
|||
|
|
|||
|
2024/08/27 02:06:01 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/commits/commit/2220849678f7bb46d473733494>
|
|||
|
|
|||
|
2024/08/27 02:06:01 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/commits/commit/51f788270154d8ac141e8d5e4e>
|
|||
|
|
|||
|
2024/08/27 02:06:02 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/rss/commit/739e1ba93f6bca9d2df3f28f3377e7>
|
|||
|
|
|||
|
2024/08/27 02:06:02 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/commits/commit/ac710c7bc43a0d5a0f4269a8a2>
|
|||
|
|
|||
|
2024/08/27 02:06:03 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/Notepad/raw/commit/6181271a30ae50e8fac86d5841>
|
|||
|
|
|||
|
2024/08/27 02:06:03 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/rss/commit/bd97f4e0b49527e3278b7c3ce7e630>
|
|||
|
|
|||
|
2024/08/27 02:06:04 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/src/commit/2220849678f7bb46d4737334945fa1>
|
|||
|
```
|
|||
|
|
|||
|
### to update your gitea site settings:
|
|||
|
1. Go to `/etc/systemd/system/gitea.service`
|
|||
|
2. update the `[Service]` area with all appropriate flags
|
|||
|
|
|||
|
There was a random user name 'O' that logged into my gitea who mirrored its repo https://dagshub.com/O/O and https://git.froggi.es/O/O . We will need to remove this user.
|
|||
|
|
|||
|
1. Sign in as admin in your gitea
|
|||
|
2. Go to site settings
|
|||
|
3. remove the user (oooooooooooooooo@eclipso.email)
|
|||
|
|
|||
|
|
|||
|
To quickly get rid of spam accounts:
|
|||
|
**there is no terminal command as it is not possible to access shell within gitea**
|
|||
|
|
|||
|
1. Go to Site Administration
|
|||
|
2. Click User emails on the left hand side
|
|||
|
3. On the right hand side of each email, press the check mark under 'Activated' to turn all spam accounts to an 'x' mark for unactivated
|
|||
|
4. Click into Dashboard on left hand sidebar
|
|||
|
5. Run the first filter for "Delete all unactivated accounts"
|
|||
|
![[Pasted image 20240831195330.png]]
|
|||
|
|
|||
|
This will purge all unactivated accounts!
|