Gitea Installation on Linux

Summary #

This article contains documentation on installing Gitea, intended for light-weight Git Versioning.

Pre-Installation Dependencies #

To install Gitea you will need to execute the commands below and install the following dependencies:

apt update
apt install wget git gpg -y

To begin installing Gitea you’ll need to add the en_US UTF-8 Locale before setting up your Database. Only do this if you don’t have it setup already.

Reconfigure Locales #

dpkg-reconfigure locales

Download Gitea #

Now we can download the Gitea Binary, you may change the URL to whatever the latest version may be in their repository.

wget -O gitea https://dl.gitea.com/gitea/1.20/gitea-1.20-linux-amd64
chmod +x gitea

Adding the git User #

Now we must add the Git user.

adduser \
   --system \
   --shell /bin/bash \
   --gecos 'Git Version Control' \
   --group \
   --disabled-password \
   --home /home/git \
   git

Installing Gitea #

Preparing the Database #

In this documentation we’ll be using PostgreSQL for the installation, but you can check out how to prepare the other available DBMS options on the official Gitea Documentation.

This section has been effectively copied from Gitea’s Documentation Site, so you may wish to head over there for the latest version of particular part.

1. For remote database setup, configure PostgreSQL on database instance to listen to your IP address by editing listen_addresses on postgresql.conf to:

   listen_addresses = 'localhost, 10.0.0.1'
   

2. PostgreSQL uses md5 challenge-response encryption scheme for password authentication by default.

   Nowadays this scheme is not considered secure anymore.

   Use SCRAM-SHA-256 scheme instead by editing the postgresql.conf configuration file on the database server to:

   password_encryption = scram-sha-256
   

3. On the database server, login to the database console as superuser:

   su -c "psql" - postgres
   

4. Create database user (role in PostgreSQL terms) with login privilege and password. Please use a secure, strong password instead of 'gitea' below:

   Replace username and password as appropriate.

   CREATE ROLE gitea WITH LOGIN PASSWORD 'gitea';
   

5. Create database with UTF-8 charset and owned by the database user created earlier. Any libc collations can be specified with LC_COLLATE and LC_CTYPE parameter, depending on expected content:

   CREATE DATABASE giteadb WITH OWNER gitea TEMPLATE template0 ENCODING UTF8 LC_COLLATE 'en_US.UTF-8' LC_CTYPE 'en_US.UTF-8';
   

6. Allow the database user to access the database created above by adding the following authentication rule to pg_hba.conf.

   For local database:

   local    giteadb    gitea    scram-sha-256
   

   For remote database:

   host    giteadb    gitea    10.0.0.1/32    scram-sha-256
   

   Replace database name, user, and IP address of Gitea instance with your own.

   Note: rules on pg_hba.conf are evaluated sequentially, that is the first matching rule will be used for authentication. Your PostgreSQL installation may come with generic authentication rules that match all users and databases. You may need to place the rules presented here above such generic rules if it is the case.

   Restart PostgreSQL to apply new authentication rules.

7. On your Gitea server, test connection to the database. For local database:

   psql -U gitea -d giteadb
   

   For remote database:

   psql "postgres://gitea@10.0.0.1/giteadb"
   

   Where gitea is the database user, giteadb is database name, and 10.0.0.1 is IP address of your database instance.

   You should be prompted to enter password for the database user, and connected to the database.

Creating the Required Directories #

Next we’ll create the directories required by Gitea and set the correct permissions.

mkdir -p /var/lib/gitea/{custom,data,log}
chown -R git:git /var/lib/gitea/
chmod -R 750 /var/lib/gitea/
mkdir /etc/gitea
chown root:git /etc/gitea
chmod 770 /etc/gitea

Setting Temporary Permissions #

These permissions are temporary and should be modified once the server is configured.

chmod 750 /etc/gitea
chmod 640 /etc/gitea/app.ini

Configuring Gitea’s Working Directory #

export GITEA_WORK_DIR=/var/lib/gitea/

Copying the Gitea binary #

cp gitea /usr/local/bin/gitea

Creating the Systemd Service Unit #

After copying the binaries and doing the basic installation we can create a systemd service unit to automatically start it and have it run in the background without taking over our console.

You may obtain a sample of the service by doing:

wget https://raw.githubusercontent.com/go-gitea/gitea/main/contrib/systemd/gitea.service
mv gitea.service /etc/systemd/system/gitea.service

In the Service Unit you’ll need to modify:

• The Database Service Dependencies (Example uses PostgreSQL)
• Comment the Service Type so that it’s Simple instead of Notify
• Remove Restart Options to avoid getting a GoLang SIGTERM Bug that randomly restarts the Gitea Service.

[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
###
# Don't forget to add the database service dependencies
###
#
#Wants=mysql.service
#After=mysql.service
#
#Wants=mariadb.service
#After=mariadb.service
#
Wants=postgresql.service
After=postgresql.service
#
#Wants=memcached.service
#After=memcached.service
#
#Wants=redis.service
#After=redis.service
#
###
# If using socket activation for main http/s
###
#
#After=gitea.main.socket
#Requires=gitea.main.socket
#
###
# (You can also provide gitea an http fallback and/or ssh socket too)
#
# An example of /etc/systemd/system/gitea.main.socket
###
##
## [Unit]
## Description=Gitea Web Socket
## PartOf=gitea.service
##
## [Socket]
## Service=gitea.service
## ListenStream=<some_port>
## NoDelay=true
##
## [Install]
## WantedBy=sockets.target
##
###

[Service]
# Uncomment the next line if you have repos with lots of files and get a HTTP 500 error because of that
# LimitNOFILE=524288:524288
#RestartSec=2s
#Type=notify
User=git
Group=git
WorkingDirectory=/var/lib/gitea/
# If using Unix socket: tells systemd to create the /run/gitea folder, which will contain the gitea.sock file
# (manually creating /run/gitea doesn't work, because it would not persist across reboots)
RuntimeDirectory=gitea
PIDFile=gitea.pid
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
#Restart=always
#WatchdogSec=30s
Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
# If you install Git to directory prefix other than default PATH (which happens
# for example if you install other versions of Git side-to-side with
# distribution version), uncomment below line and add that prefix to PATH
# Don't forget to place git-lfs binary on the PATH below if you want to enable
# Git LFS support
#Environment=PATH=/path/to/git/bin:/bin:/sbin:/usr/bin:/usr/sbin
# If you want to bind Gitea to a port below 1024, uncomment
# the two values below, or use socket activation to pass Gitea its ports as above
###
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
#AmbientCapabilities=CAP_NET_BIND_SERVICE
###
# In some cases, when using CapabilityBoundingSet and AmbientCapabilities option, you may want to
# set the following value to false to allow capabilities to be applied on gitea process. The following
# value if set to true sandboxes gitea service and prevent any processes from running with privileges
# in the host user namespace.
###
#PrivateUsers=false
###

[Install]
WantedBy=multi-user.target

Starting Gitea and Configuring it #

We can finally start configuring Gitea. Start the service and enable it!

systemctl daemon-reload
systemctl enable gitea.service
systemctl start gitea.service

Now head over to the web gui http://your_server_ip_here:3000/

The first user you register will be the default administrator, so don’t forget the password.