Installing Gitea on Debian

Share on:

Gitea is a self-hosted Git service forked from Gogs. It's very easy to deploy and has a low system usage impact.

It has features like :

  • web interface
  • wiki
  • issues management
  • admin dashboard

Gitea web interface

In this howto, we will use SQLite as the database backend and the Gitea binary (as there is no Debian package available at this time).

This howto is based on Debian Jessie. But it should work with Debian Stretch (alias testing).

Installing the basics

To be able to run Gitea on Debian you will need a local user without root rights and the git package.

Install git :

1sudo aptitude install git

Create a local user without root rights and no right to log on :

1sudo adduser --disabled-login --gecos 'gitea' git

Here is the explanation of the two options that I've added to the "adduser" command :

  • "-disabled-login" won't ask for any password. So it means that as long there is no password set for this user, he won't be allowed to log on
  • "-gecos" followed by a comment, will populate the finger information automatically (First Name, Last Name, ...)

Installing Gitea

Switch to the git user that you have previously created :

1sudo su - git

Download the Gitea binary (get the last version here or here) :

1wget -O gitea https://dl.gitea.io/gitea/1.4.1/gitea-1.4.1-linux-amd64

Make the download file executable :

1chmod +x gitea

Create the necessary directories :

1mkdir -p custom/conf
2mkdir data

Launch Gitea for the fist time :

1./gitea web

Open a webpage in your browser using the IP of your server on the TCP port 3000 (by example : 192.168.1.200:3000) and complete all the information asked by Gitea.

Your configuration file will be in the "custom/conf/" directory on the "app.ini" file. You can find the standard configuration file here if you want to check what you can change.

If you want to change some advanced settings, you'll want to read the "Configuration Cheat Sheet".

Installing Supervisor

To be able to run Gitea as a service, we will use Supervisor.

Install it :

1sudo aptitude install supervisor

Create the log directory for the Gitea service :

1sudo mkdir /var/log/gitea

Create the configuration file for the Gitea service :

1sudo vi /etc/supervisor/conf.d/gitea.conf

Put the following information in this file :

 1[program:gitea]
 2directory=/home/git/
 3command=/home/git/gitea web
 4autostart=true
 5autorestart=true
 6startsecs=10
 7stdout_logfile=/var/log/gitea/stdout.log
 8stdout_logfile_maxbytes=1MB
 9stdout_logfile_backups=10
10stdout_capture_maxbytes=1MB
11stderr_logfile=/var/log/gitea/stderr.log
12stderr_logfile_maxbytes=1MB
13stderr_logfile_backups=10
14stderr_capture_maxbytes=1MB
15environment = HOME="/home/git", USER="git"

Restart the supervisor service :

1sudo service supervisor restart

Check the content of the Gitea log file :

1sudo tail /var/log/gitea/stdout.log

Check if the service is running :

1ps -ef | grep gitea

You should have something like that :

Use Gitea with Nginx as a Reverse Proxy

If you want to use Gitea behind a reverse proxy using Nginx with SSL (using Let's Encrypt with certbot) you can use the following configuration file :

 1server{
 2        listen 80;
 3        server_name mygitserver.tld;
 4
 5        location /.well-known/acme-challenge {
 6                root /var/www/git;
 7        }
 8        location / {
 9                return 301 https://$host$request_uri;
10        }
11}
12
13server{
14        listen 443;
15        ssl on;
16        server_name mygitserver.tld;
17        ssl_certificate /etc/letsencrypt/live/mygitserver.tld/fullchain.pem;
18        ssl_certificate_key /etc/letsencrypt/live/mygitserver.tld/privkey.pem;
19        location / {
20                proxy_pass http://127.0.0.1:3000;
21                proxy_set_header Host             $host;
22                proxy_set_header X-Real-IP        $remote_addr;
23                proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
24                #max_body_size will allow you to upload a large git repository
25                client_max_body_size 100M;
26        }
27}

In this case, Nginx will be configured to allow the Let's Encrypt server to get the challenge file in the "/.well-known/acme-challenge" directory. To do that, you will have to create the following directory : "/var/www/git" and give Nginx the right to read files on it.

Then you will have to install certbot. You can find it in Debian Backports.

1sudo apt-get install certbot -t jessie-backports

To get the certificate file, you can use the following command :

1certbot certonly --webroot -w /var/www/git -d mygitserver.tld

Remember that Let's Encrypt certificate is only valid during 90 days, so put this in your crontab to automatically generate new certificate before it expires :

10       1       1       *       *       certbot renew --quiet
236      8       2       *       *       certbot renew --quiet

You will find the following settings in the "[server]"; part of the Gitea "app.ini" file :

1[server]
2PROTOCOL = http
3DOMAIN = localhost
4ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
5HTTP_ADDR = 0.0.0.0
6HTTP_PORT = 3000

Change them by :

1[server]
2PROTOCOL               = http
3DOMAIN                 = mygitserver.tld
4ROOT_URL               = https://mygitserver.tld
5HTTP_ADDR              = 0.0.0.0
6HTTP_PORT              = 3000

Then, to apply, restart the supervisor service :

1sudo service supervisor restart