3.2 KiB
blacka.com gitea service
This repo consists of some deployment files for running gitea, a Go-based git repository manager (think a Go-based simple github.com-like service.)
The idea here is to host a git repository and project management system, only because it is somewhat easy to do so, and this is better than just using gitweb.
Overview
This runs the actual application via a docker image published by the gitea project. However, we do need some integration with the host in order to run. The basic problems that we need to solve are:
- How do we get our main Apache-based web server to get us to the internal web server that the docker image runs? We use Apache's
mod_proxy
for that. - How do we get SSH pushes/pulls to work. Ideally, one would be able to use a git url like
git@blacka.com/davidb/docker_gitea.git
. But to do that, we first need the host itself (zeke) to handle an ssh-session asgit
.
The gitea
documentation talks about using docker-compose
, so we will basically do that. Although, docker-compose
itself (a python program not really maintained by the Docker project) is mostly gone, docker compose
(with a space) now works with a normal docker-ce-cli
install.
Deployment Artifacts
Currently we have
- A
docker-compose
(docker<space>compose
?) file, mostly copied from the documentation. - A
systemd
unit file, based on an example of how to run docker-compose viasystemd
(basically just have it launchdocker compose up -d
and then walk away.) - A snippet of
httpd.conf
config for setting up themod_proxy
settings. - A
setup.sh
shell script.
Deployment
Run setup.sh
as root. That will
- Create the
git:gitea
user, with a home directory of/var/lib/gitea
. - Create the
/var/lib/gitea/data
and~/.ssh
directories - Write out a
docker-shell
to use as the shell for thegit:gitea
user we just created. This willdocker exec
into thegitea
image, effectively proxying ssh commands into the container. In theory we can just ssh into the container from the outside, but we would have configure an authorized_key that wasn't for a user.
Next get the container running:
- Copy the
docker-compose.yaml
file to/var/lib/gitea
. - Copy the
docker.gitea.service
to/etc/systemd/system
. - Activate the service:
systemctl enable docker.gitea.service
systemctl start docker.gitea.service
We can check to see if the container is running with docker container ls
Finally, get the webserver configured and reloaded:
- Update the apache configuration with the
mod_proxy
config. Note that the gitea container doesn't really care where you mount the proxy URL. I'm putting it at https://blacka.com/git, myself. - Check that the config you just added won't break Apache, and reload if it looks OK
sudo -s # become root
apachectl
# if that is OK, we can activate it
systemctl reload httpd.service
If we don't have any existing config, then the first registered user will be the admin. We might have to disable the REQUIRE_MANUAL_CONFIRM
setting -- I haven't tried that order.