1 # `blacka.com gitea` service
3 This repo consists of some deployment files for running [`gitea`](https://gitea.io/en-us/), a Go-based git repository manager (think of this as a Go-based simple <github.com>-like service.)
5 The idea here is to host a git repository and project management system, only because it is somewhat easy to do so, and this is better than just using [`gitweb`](https://blacka.com/cgi-bin/gitweb.cgi).
9 This runs the actual application via a docker image published by the [`gitea`](https://hub.docker.com/r/gitea/gitea) project. However, we do need some integration with the host in order to run. The basic problems that we need to solve are:
11 1. How do we get our main Apache-based web server to get us to the internal web server that the docker image runs? We use Apache's `mod_proxy` for that.
12 2. How do we get SSH pushes/pulls to work? Ideally, one would be able to use a git url like `git@blacka.com/davidb/docker_gitea.git`. But to do that, we first need the host itself (`zeke`) to handle a ssh-session as `git`.
14 The `gitea` documentation talks about using `docker-compose`, so we will follow that advice. Although, `docker-compose` itself (a python program not really maintained by the Docker project) is mostly gone, `docker compose` (with a space) now works with a normal `docker-ce-cli` install.
16 ## Deployment Artifacts
20 * A `docker-compose` (`docker<space>compose`?) file, mostly copied from the documentation.
21 * A `systemd` unit file, based on an example of how to run docker-compose via `systemd` (basically just have it launch `docker compose up -d` and then walk away.)
22 * A snippet of `httpd.conf` config for setting up the `mod_proxy` settings.
23 * A `setup.sh` shell script.
27 Run `setup.sh` as root. That will
29 1. Create the `git:gitea` user, with a home directory of `/var/lib/gitea`.
30 2. Create the `/var/lib/gitea/data` and `~/.ssh` directories
31 3. Write out a `docker-shell` to use as the shell for the `git:gitea` user we just created. This will `docker exec` into the `gitea` image, effectively proxying ssh commands into the container. In theory we can just ssh into the container from the outside, but we would have configure an authorized_key that wasn't for a user.
33 Next get the container running:
35 1. Copy the `docker-compose.yaml` file to `/var/lib/gitea`.
36 2. Copy the `docker.gitea.service` to `/etc/systemd/system`.
37 3. Activate the service:
40 systemctl enable docker.gitea.service
41 systemctl start docker.gitea.service
44 We can check to see if the container is running with `docker container ls`
46 Finally, get the webserver configured and reloaded:
48 1. Update the apache configuration with the `mod_proxy` config. Note that the `gitea` container doesn't really care *where* you mount the proxy URL. I'm putting it at <https://blacka.com/git>, myself.
49 2. Check that the config you just added won't break Apache, and reload if it looks OK
55 # if that is OK, we can activate it
56 systemctl reload httpd.service
59 If we don't have any existing config, then the first registered user will be the admin. We might have to disable the `REQUIRE_MANUAL_CONFIRM` setting -- I haven't tried that order.