Gitea

This is my notes to setup gitea in my infrastructure.

This article is about few things, so here is the list

• Gitea with Docker Compose.
• Nginx (for HTTPS) with jwilder container.
• Nginx file limit to upload very large files to Git.
• Setup SSH to communicate to the git server and avoir the Self Signed Certificate Error.
• using gitea with postgres

Reasons:

• I want to use git to backup my obsidian notes across my Mac and IPhone (Working Copy App)
• Unity Projects are huge, very huge...
• Mirror Github Repositories (for free)
• Gitea is lightweight and awesome !!

mkdir $HOME/gitea
cd $HOME/gitea
nano docker-compose.yml

version: "3"

networks:
  nginx-proxy:
    external: true
  gitea:
    external: false

services:
  server:
    image: gitea/gitea:1.20.4
    container_name: gitea
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=db:5432
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=giteauser
      - GITEA__database__PASSWD=PUT_YOUR_DB_PASSWORD
      - GITEA__server__LFS_MAX_FILE_SIZE=0
      - GITEA__repository.upload__FILE_MAX_SIZE=1024
      - VIRTUAL_PORT=3000
      - VIRTUAL_HOST=git.webux.lab
      - VIRTUAL_PROTO=http
    restart: always
    networks:
      - gitea
      - nginx-proxy
    volumes:
      - /srv/gitea/data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      # - "3000:3000" # <-- Uncomment if you need direct access
      - "222:22" # <-- Notice the third 2, you need to use 222 from remote machine.
    depends_on:
      - db

  db:
    image: postgres:14
    restart: always
    environment:
      - POSTGRES_USER=giteauser
      - POSTGRES_PASSWORD=PUT_YOUR_DB_PASSWORD
      - POSTGRES_DB=gitea
    networks:
      - gitea
    volumes:
      - /srv/gitea/postgres:/var/lib/postgresql/data

sudo mkdir -p /srv/gitea/data/
docker compose up -d
sudo cat /srv/gitea/data/gitea/conf/app.ini # <- to remove the gitea running configuration

NGINX

mkdir -p $HOME/nginx
nano $HOME/nginx/docker-compose.nginx.yml

version: '3.6'

networks:
  default:
    external:
      name: nginx-proxy

services:
  nginx-proxy:
    image: jwilder/nginx-proxy
    restart: always
    ports:
      - 80:80
      - 443:443
    volumes:
      - /srv/nginx-proxy/ssl:/etc/nginx/certs
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - /srv/nginx-proxy/config/client_max_body_size.conf:/etc/nginx/conf.d/client_max_body_size.conf:ro # <-- Special file to control the file size limit

Upload limit to allow LFS stuff and large files in general

sudo mkdir -p /srv/nginx-proxy/config/
echo "client_max_body_size 10000M;" | sudo tee /srv/nginx-proxy/config/client_max_body_size.conf # <-- adjust the file size for your needs.

cd $HOME/nginx/
docker compose -f docker-compose.nginx.yml -p proxy up -d
# or
docker restart proxy-nginx-proxy-1
# Check the logs to be sure that everything is running properly
docker logs proxy-nginx-proxy-1 -f

Git Commands

Using HTTPS and self signed certificate

git remote set-url origin https://git.webux.lab/tgingras/obsidian.git
# or
git -c http.sslVerify=false clone https://git.webux.lab/tgingras/obsidian.git/

# --- SEE BELOW TO USE SSH instead.---
GIT_SSL_NO_VERIFY=true git push origin main
GIT_SSL_NO_VERIFY=true git pull origin main

SSH (Preferred way)

cd ~/.ssh
ssh-keygen
./gitea

Copy the gitea.pub in your SSH configuration inside gitea. connect using the port 222.

Something like this:

git remote set-url origin ssh://[email protected]:222/tgingras/obsidian.git
git remote set-url origin ssh://[email protected]:222/tgingras/obsidian.git

Edit ~/.ssh/config, to register your new key

Host git.webux.lab
        IdentityFile ~/.ssh/gitea
Host 192.168.1.100
		IdentityFile ~/.ssh/gitea

This method remove the Self Signed Certificate error and it is more secured.

It works also on my IPhone using Working Copy App (awesome app btw, I've been using it for more than a year), you can create an SSH identity and copy the public key as usual.

Conclusion

This setup is also used to sync all my obsidian notes (the reason why I'm using Working Copy) and now I've added My Unity Project in the same repository. I also have configured the clone feature to backup all my github repositories across all my organizations.

This is so far the best setup I tested. Initialy it was running on a raspberry pi.. but it died.

I moved quickly and easily everything to my main machine without any issues.

Sources

• https://stackoverflow.com/questions/47327145/how-can-i-change-the-docker-jwilder-nginx-proxy-upload-limits
• https://github.com/go-gitea/gitea/blob/main/custom/conf/app.example.ini
• https://docs.gitea.com/installation/install-with-docker#customization
• https://stackoverflow.com/questions/11621768/how-can-i-make-git-accept-a-self-signed-certificate
• https://stackoverflow.com/questions/54098939/how-do-you-increase-the-client-max-body-size-in-nginx-conf
• https://repost.aws/knowledge-center/elastic-beanstalk-nginx-configuration#