Gitea On OpenBSD: Using Official Package

nabbisen

nabbisen

Posted on December 26, 2018

Gitea On OpenBSD: Using Official Package

Overview

"Git with a cup of tea" 🍵
Gitea is self-hosted Git service, lightweight code hosting solution, written in Go.
It is a community managed fork of Gogs and well-maintained nowadays.

OpenBSD provides the Gitea package (I really appreciate it!) which is very useful to save time : )
This post will show you how to install it and set it up.

Environment

  • OS: OpenBSD 6.4 amd64
  • Database: MariaDB 10.0
  • Web Server: OpenBSD httpd
  • Git Service: Gitea 1.5.0
✿ ✿ ✿

Installation

#1. Preparing Database

Gitea supports various databases such as MariaDB, PostgreSQL, SQLite3 and TiDB.

In case of MariaDB:

$ mysql -u root -p
Enter fullscreen mode Exit fullscreen mode

Create database/user:

CREATE DATABASE %db-name% DEFAULT CHARACTER SET `utf8mb4` COLLATE `utf8mb4_unicode_ci`;
GRANT ALL PRIVILEGES ON %db-name%.* TO %db-user% IDENTIFIED BY '%db-pass%';
FLUSH PRIVILEGES;
Enter fullscreen mode Exit fullscreen mode

#2. Installing Package

Just using pkg_add brings us to the gate instantly:

# pkg_add gitea
quirks-3.16 signed on 2018-10-12T15:26:25Z
gitea-1.5.0p0: ok
The following new rcscripts were installed: /etc/rc.d/gitea
See rcctl(8) for details.
New and changed readme(s):
        /usr/local/share/doc/pkg-readmes/gitea
Enter fullscreen mode Exit fullscreen mode

Besides, the instructions in /usr/local/share/doc/pkg-readmes/gitea is clear and helpful.

# (note) GITEA_CUSTOM

Gitea's custom/conf isn't used this time, because /etc/rc.d/gitea is as follows:

#!/bin/ksh
#
# $OpenBSD: gitea.rc,v 1.4 2018/01/11 19:27:11 rpe Exp $

daemon="/usr/local/sbin/gitea"
daemon_user="_gitea"
daemon_flags="web"

. /etc/rc.d/rc.subr

rc_bg=YES
rc_reload=NO

rc_start() {
        ${rcexec} "env HOME=/var/gitea USER=${daemon_user} \
                GITEA_WORK_DIR=/usr/local/share/gitea \
                GITEA_CUSTOM=/etc/gitea \
                ${daemon} ${daemon_flags}"
}

rc_cmd $1
Enter fullscreen mode Exit fullscreen mode

GITEA_CUSTOM is defined as /etc/gitea.


#3. Setting Up Gitea

Every step is about editing /etc/gitea/conf/app.ini.

Server

Go to [server] section, and change the settings as follows.

From:

; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'.
PROTOCOL = http
DOMAIN = localhost
ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
HTTP_ADDR = 0.0.0.0
HTTP_PORT = 3000
...
; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
; In most cases you do not need to change the default value.
; Alter it only if your SSH server node is not the same as HTTP node.
; Do not set this variable if PROTOCOL is set to 'unix'.
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
Enter fullscreen mode Exit fullscreen mode

To:

; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'.
PROTOCOL = fcgi
DOMAIN = %your-domain%
ROOT_URL = https://%your-domain%
; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
HTTP_ADDR = 127.0.0.1
HTTP_PORT = 10787
...
; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
; In most cases you do not need to change the default value.
; Alter it only if your SSH server node is not the same as HTTP node.
; Do not set this variable if PROTOCOL is set to 'unix'.
LOCAL_ROOT_URL = https://%your-domain%/
Enter fullscreen mode Exit fullscreen mode

Run User (Optional)

There is RUN_USER definition at the top of the file.

; This file lists the default values used by Gitea
; Copy required sections to your own app.ini (default is custom/conf/app.ini)
; and modify as needed.
; see https://docs.gitea.io/en-us/config-cheat-sheet/ for additional documentation.
; App name that shows in every page title
APP_NAME = Gitea: Git with a cup of tea
; Change it if you run locally
RUN_USER = _gitea
; Either "dev", "prod" or "test", default is "dev"
RUN_MODE = prod
Enter fullscreen mode Exit fullscreen mode

Repository (Optional)

If you want to have multiple services with different directories for the repositories in the future, go to [repository] section, and change the settings as follows.
This is for the purpose of letting the directory unique.

From:

ROOT = /var/gitea/gitea-repositories
Enter fullscreen mode Exit fullscreen mode

To:

ROOT = /var/www/%documen-root%/gitea/gitea-repositories
Enter fullscreen mode Exit fullscreen mode

Then prepare the directory for RUN_USER:

# mkdir /var/www/%document-root%/gitea/gitea-repositories
# chown _gitea:_gitea /var/www/%document-root%/gitea/gitea-repositories
Enter fullscreen mode Exit fullscreen mode

Database (Optional)

If you use another database instead of SQLite3, go to [database] section, and change the settings as follows.

From:

; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
DB_TYPE = sqlite3
Enter fullscreen mode Exit fullscreen mode

To:

; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
DB_TYPE = mysql
Enter fullscreen mode Exit fullscreen mode

Well, other settings don't have to be editted, because they will be asked in the web installer later.

Suppressing U2F (Temporarily?)

According to the Github issue (and it actually happened to me!), U2F causes a critical error around a Segfault (SIGSEGV) on starting.
Therefore, we have to suppress it.

Go to [U2F] section, and comment out all of the settings as follows.

From:

[U2F]
; Two Factor authentication with security keys
; https://developers.yubico.com/U2F/App_ID.html
APP_ID         = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
; Comma seperated list of truisted facets
TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
Enter fullscreen mode Exit fullscreen mode

To:

[U2F]
;; Two Factor authentication with security keys
;; https://developers.yubico.com/U2F/App_ID.html
;APP_ID         = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
;; Comma seperated list of truisted facets
;TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
Enter fullscreen mode Exit fullscreen mode

Activating/Starting Daemon

Now Gitea is ready!

# rcctl enable gitea
# rcctl start gitea
Enter fullscreen mode Exit fullscreen mode

Well, if something goes wrong here, using -d option would be helpful for debugging rcctl:


#4. Configure httpd

First of all, get the certification for HTTPS connection, because the passwords will be asked in the web installer later:

Then edit /etc/httpd.conf:

server "%your-domain%" {
        listen on $ext_addr port 80
        block return 301 "https://$SERVER_NAME$REQUEST_URI"
}
server "%your-domain%" {
        listen on $ext_addr tls port 443
        tls {
                certificate     "/etc/letsencrypt/live/%your-domain%/fullchain.pem"
                key             "/etc/letsencrypt/live/%your-domain%/privkey.pem"
        }
        connection { max requests 500, timeout 3600 }
        location "/*" {
                # before 6.7:
                #fastcgi socket ":10787"
                # as of 6.8 and greater:
                fastcgi socket tcp 127.0.0.1 10787
        }
}
Enter fullscreen mode Exit fullscreen mode

Restart the daemon:

# rcctl restart httpd
Enter fullscreen mode Exit fullscreen mode

#5. Initialization Via Web Installer

The goal is almost there!
Let's access the website with web browser and go to /install.
Following the web installer brings us the goal gently:

web installer

I'm happy if you enjoy code hosting with Gitea : )

✿ ✿ ✿

Happy serving 🌿

💖 💪 🙅 🚩
nabbisen
nabbisen

Posted on December 26, 2018

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related