Notepad/enter/Coding Tips (Classical)/Terminal Tips/System Client/Servers/Databases/Repos/Gitea.md

10 KiB
Raw Blame History

Gitea

A beautiful self-hosted non-commercial git server. Small but powerful. A better alternative to the monoliths of Github & Gitlab.

Scripting migrations: If you have a lot of repositories to migrate, it may be easier to write a script to migrate them.

The easiest way to go about this would be to use the Gitea API to create a blank repository, and then use the Git command line to clone repositories from your existing service into Gitea:

git clone --mirror «url to old repository»  
git remote set-url origin «url to new gitea repository»  
git push --mirror origin

Customizing your Gitea:


More Appearances:

For more information, read here. - User themes - Hotlineimg - HotPink img2 - and more!

  1. Using Caddy as a proxy

Installing the Gitea Server


There are numerous ways you can install Gitea on your machine but don't get overwhelmed by the choices. Just choose what is easiest for you to get started and you can optimize afterwards.

For me, since I'm currently on a Macbook it will be easiest to do a MacPorts install but perhaps I'll switch it over to be a Linux install at some point later.

  1. Go to MacPorts, Click your Apple flavor, and download + install the .pkg (no fancy CLI needed for this step!)
  2. Using Homebrew, install Gitea on your laptop!
  3. Now go to Linode to set up your server with Alpine Linux.
  4. Set up steps in this video and create a node
  5. SSH into the root IP
  6. Push a test repo and there we have it! You set up your gitea :) !Pasted image 20230626034045.png

Gitea Server details

  • Site: Shwetha-Base : my self-hosted gitea server
  • Path: /var/lib/gitea/data/gitea-repositories
  • Run as username: msgit
  • Server domain: 172.104.8.87
  • Gitea base url: http://172.104.8.87:3000/
  • log path:/var/lib/gitea/log
  • server port and listening port - 22,3000

Using Gitea Server


Linode

To start the server:

systemctl start gitea.service 
Caddy:

Using the gitea server with Caddy: -->add the following server block to your Caddyfile

git.example.com {  
reverse_proxy localhost:3000  
}

For Caddy with a subpath: In case you already have a site, and you want Gitea to share the domain name, you can setup Caddy to serve Gitea under a sub-path by adding the following to your server block in your Caddyfile:

git.example.com {    route /git/* {        uri strip_prefix /git        reverse_proxy localhost:3000    }}

Then set [server] ROOT_URL = http://git.example.com/git/ in your configuration.

For instructions on syncing your Obsidian vault to your gitea server, head to Obsidian-git sync tutorial.

More references:



Issues ...


Change password within terminal

Change to gitea user:

su git

Update as admin:

gitea --config /etc/gitea/app.ini admin user change-password -u username -p password

via source.

For further questions --> visit the forum discussion.

Further admin commands found here in the docs.


Extras

Improving Security in Gitea

So after about a year of hosting a gitea server..there were a lot of spam accounts that signed on.

Particularly, who the heck is this O/O user?? There seemed to be many mirrors of the same git user which at this point is clearly an automated bot account. Whatever it was scraping I did not want to support the lack-of-context web scraping and dumping onto my git server.

!Pasted image 20240826213843.png !Pasted image 20240826213915.png

!Pasted image 20240826211922.png !Pasted image 20240826211926.png !Pasted image 20240826211949.png Over 3 pages of spam accounts! How the heck?!

So I decide to make sure that the security on my gitea is better. So how do I go about doing this? Google! Go to where you are hosting the server on and continue to log in.

  1. Logged in as admin and manually purged all the accounts.
  2. I referred to this Gitea thread on spam account prevention which means future accounts should not be able to sign up without going through a CAPTCHA
[service]
ENABLE_CAPTCHA: false: Enable this to use captcha validation for registration.
CAPTCHA_TYPE: image: [image, recaptcha]
RECAPTCHA_SECRET: ””: Go to https://www.google.com/recaptcha/admin to get a secret for recaptcha.
RECAPTCHA_SITEKEY: ””: Go to https://www.google.com/recaptcha/admin to get a sitekey for recaptcha.
  1. Implement fail2ban
  2. Further service commands are also listed here.
  3. Change the gitea app.ini file to prevent any users from registering.
2024/08/27 02:06:00 ...eb/routing/logger.go:102:func1() [I] router: completed GET /O/O/commits/commit/7bce1dab984ced815d563901740a5e10>

2024/08/27 02:06:01 ...eb/routing/logger.go:102:func1() [I] router: completed GET /O/O/src/commit/84390c13e11287b2eb9396bdf04662b6d16a>

2024/08/27 02:06:01 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/src/commit/d50e33e1da2e9bf03dedaf82ae333c>

2024/08/27 02:06:01 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/commits/commit/2220849678f7bb46d473733494>

2024/08/27 02:06:01 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/commits/commit/51f788270154d8ac141e8d5e4e>

2024/08/27 02:06:02 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/rss/commit/739e1ba93f6bca9d2df3f28f3377e7>

2024/08/27 02:06:02 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/commits/commit/ac710c7bc43a0d5a0f4269a8a2>

2024/08/27 02:06:03 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/Notepad/raw/commit/6181271a30ae50e8fac86d5841>

2024/08/27 02:06:03 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/rss/commit/bd97f4e0b49527e3278b7c3ce7e630>

2024/08/27 02:06:04 ...eb/routing/logger.go:102:func1() [I] router: completed GET /shway/DSA/src/commit/2220849678f7bb46d4737334945fa1>

to update your gitea site settings:

  1. Go to /etc/systemd/system/gitea.service
  2. update the [Service] area with all appropriate flags

There was a random user name 'O' that logged into my gitea who mirrored its repo https://dagshub.com/O/O and https://git.froggi.es/O/O . We will need to remove this user.

  1. Sign in as admin in your gitea
  2. Go to site settings
  3. remove the user (oooooooooooooooo@eclipso.email)

To quickly get rid of spam accounts: there is no terminal command as it is not possible to access shell within gitea

  1. Go to Site Administration
  2. Click User emails on the left hand side
  3. On the right hand side of each email, press the check mark under 'Activated' to turn all spam accounts to an 'x' mark for unactivated
  4. Click into Dashboard on left hand sidebar
  5. Run the first filter for "Delete all unactivated accounts" !Pasted image 20240831195330.png

This will purge all unactivated accounts!