Gitea On OpenBSD: Using Official Package
nabbisen
Posted on December 26, 2018
Overview
"Git with a cup of tea" 🍵
Gitea is self-hosted Git service, lightweight code hosting solution, written in Go.
It is a community managed fork of Gogs and well-maintained nowadays.
OpenBSD provides the Gitea package (I really appreciate it!) which is very useful to save time : )
This post will show you how to install it and set it up.
Environment
Installation
#1. Preparing Database
Gitea supports various databases such as MariaDB, PostgreSQL, SQLite3 and TiDB.
In case of MariaDB:
$ mysql -u root -p
Create database/user:
CREATE DATABASE %db-name% DEFAULT CHARACTER SET `utf8mb4` COLLATE `utf8mb4_unicode_ci`;
GRANT ALL PRIVILEGES ON %db-name%.* TO %db-user% IDENTIFIED BY '%db-pass%';
FLUSH PRIVILEGES;
#2. Installing Package
Just using pkg_add
brings us to the gate instantly:
# pkg_add gitea
quirks-3.16 signed on 2018-10-12T15:26:25Z
gitea-1.5.0p0: ok
The following new rcscripts were installed: /etc/rc.d/gitea
See rcctl(8) for details.
New and changed readme(s):
/usr/local/share/doc/pkg-readmes/gitea
Besides, the instructions in /usr/local/share/doc/pkg-readmes/gitea
is clear and helpful.
# (note) GITEA_CUSTOM
Gitea's custom/conf
isn't used this time, because /etc/rc.d/gitea
is as follows:
#!/bin/ksh
#
# $OpenBSD: gitea.rc,v 1.4 2018/01/11 19:27:11 rpe Exp $
daemon="/usr/local/sbin/gitea"
daemon_user="_gitea"
daemon_flags="web"
. /etc/rc.d/rc.subr
rc_bg=YES
rc_reload=NO
rc_start() {
${rcexec} "env HOME=/var/gitea USER=${daemon_user} \
GITEA_WORK_DIR=/usr/local/share/gitea \
GITEA_CUSTOM=/etc/gitea \
${daemon} ${daemon_flags}"
}
rc_cmd $1
GITEA_CUSTOM
is defined as /etc/gitea
.
#3. Setting Up Gitea
Every step is about editing /etc/gitea/conf/app.ini
.
Server
Go to [server]
section, and change the settings as follows.
From:
; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'.
PROTOCOL = http
DOMAIN = localhost
ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
HTTP_ADDR = 0.0.0.0
HTTP_PORT = 3000
...
; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
; In most cases you do not need to change the default value.
; Alter it only if your SSH server node is not the same as HTTP node.
; Do not set this variable if PROTOCOL is set to 'unix'.
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
To:
; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'.
PROTOCOL = fcgi
DOMAIN = %your-domain%
ROOT_URL = https://%your-domain%
; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
HTTP_ADDR = 127.0.0.1
HTTP_PORT = 10787
...
; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
; In most cases you do not need to change the default value.
; Alter it only if your SSH server node is not the same as HTTP node.
; Do not set this variable if PROTOCOL is set to 'unix'.
LOCAL_ROOT_URL = https://%your-domain%/
Run User (Optional)
There is RUN_USER
definition at the top of the file.
; This file lists the default values used by Gitea
; Copy required sections to your own app.ini (default is custom/conf/app.ini)
; and modify as needed.
; see https://docs.gitea.io/en-us/config-cheat-sheet/ for additional documentation.
; App name that shows in every page title
APP_NAME = Gitea: Git with a cup of tea
; Change it if you run locally
RUN_USER = _gitea
; Either "dev", "prod" or "test", default is "dev"
RUN_MODE = prod
Repository (Optional)
If you want to have multiple services with different directories for the repositories in the future, go to [repository]
section, and change the settings as follows.
This is for the purpose of letting the directory unique.
From:
ROOT = /var/gitea/gitea-repositories
To:
ROOT = /var/www/%documen-root%/gitea/gitea-repositories
Then prepare the directory for RUN_USER
:
# mkdir /var/www/%document-root%/gitea/gitea-repositories
# chown _gitea:_gitea /var/www/%document-root%/gitea/gitea-repositories
Database (Optional)
If you use another database instead of SQLite3, go to [database]
section, and change the settings as follows.
From:
; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
DB_TYPE = sqlite3
To:
; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
DB_TYPE = mysql
Well, other settings don't have to be editted, because they will be asked in the web installer later.
Suppressing U2F (Temporarily?)
According to the Github issue (and it actually happened to me!), U2F causes a critical error around a Segfault (SIGSEGV
) on starting.
Therefore, we have to suppress it.
Go to [U2F]
section, and comment out all of the settings as follows.
From:
[U2F]
; Two Factor authentication with security keys
; https://developers.yubico.com/U2F/App_ID.html
APP_ID = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
; Comma seperated list of truisted facets
TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
To:
[U2F]
;; Two Factor authentication with security keys
;; https://developers.yubico.com/U2F/App_ID.html
;APP_ID = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
;; Comma seperated list of truisted facets
;TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
Activating/Starting Daemon
Now Gitea is ready!
# rcctl enable gitea
# rcctl start gitea
Well, if something goes wrong here, using -d
option would be helpful for debugging rcctl
:
#4. Configure httpd
First of all, get the certification for HTTPS connection, because the passwords will be asked in the web installer later:
Let's Encrypt: Certbot For OpenBSD's httpd
nabbisen ・ Dec 14 '18
Then edit /etc/httpd.conf
:
server "%your-domain%" {
listen on $ext_addr port 80
block return 301 "https://$SERVER_NAME$REQUEST_URI"
}
server "%your-domain%" {
listen on $ext_addr tls port 443
tls {
certificate "/etc/letsencrypt/live/%your-domain%/fullchain.pem"
key "/etc/letsencrypt/live/%your-domain%/privkey.pem"
}
connection { max requests 500, timeout 3600 }
location "/*" {
# before 6.7:
#fastcgi socket ":10787"
# as of 6.8 and greater:
fastcgi socket tcp 127.0.0.1 10787
}
}
Restart the daemon:
# rcctl restart httpd
#5. Initialization Via Web Installer
The goal is almost there!
Let's access the website with web browser and go to /install
.
Following the web installer brings us the goal gently:
I'm happy if you enjoy code hosting with Gitea : )
Happy serving 🌿
Posted on December 26, 2018
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.