277 lines
8.2 KiB
Markdown
277 lines
8.2 KiB
Markdown
# Gitea 安装和配置
|
||
|
||
## 简介
|
||
|
||
Gitea 是一个类似于 GitHub 的代码托管平台,使用 Go 语言开发,只需要一个可执行程序文件即可部署,非常简单易用,且功能丰富。具有版本管理、组织管理、Issues讨论、版本发布等功能。内置维基百科和 SSH 子系统。
|
||
|
||
## Gitea 安装
|
||
|
||
下载 Gitea 后直接运行,浏览器输入127.0.0.1:3000 来进行初始配置(需要先安装好数据库软件)。
|
||
|
||
## 配置文件
|
||
|
||
Gitea 的配置文件为 \<Gitea可执行程序路径\>/custom/conf 目录下的 app.ini 文件。全部配置均可通过修改该文件来实现。修改完配置后,需要重启 Gitea 服务才能生效。
|
||
|
||
## 创建/删除 Gitea 服务
|
||
|
||
### Windows 服务
|
||
|
||
使用 SC 命令创建 Gitea 服务,并自动运行:
|
||
|
||
```bash
|
||
sc create Gitea start= auto binPath= ""<绝对路径>\gitea.exe" web --config "<绝对路径>\custom\conf\app.ini""
|
||
```
|
||
|
||
创建完服务后进入 Windows Services 找到 Gitea 并且点击运行。
|
||
|
||
如不再需要,同样适用 SC 命令删除服务,删除服务前需先停止该服务。
|
||
|
||
```bash
|
||
sc delete Gitea
|
||
```
|
||
|
||
### Linux 服务
|
||
|
||
systemd 服务的开启过程如下,首先创建 gitea.service 文件
|
||
|
||
```bash
|
||
sudo vim /etc/systemd/system/gitea.service
|
||
```
|
||
|
||
并参照以下模板填充该文件
|
||
|
||
```ini
|
||
[Unit]
|
||
Description=Gitea (Git with a cup of tea)
|
||
After=syslog.target
|
||
After=network.target
|
||
#After=mysqld.service
|
||
#After=postgresql.service
|
||
#After=memcached.service
|
||
#After=redis.service
|
||
|
||
[Service]
|
||
# Modify these two values and uncomment them if you have
|
||
# repos with lots of files and get an HTTP error 500 because
|
||
# of that
|
||
###
|
||
#LimitMEMLOCK=infinity
|
||
#LimitNOFILE=65535
|
||
RestartSec=2s
|
||
Type=simple
|
||
User=git
|
||
Group=git
|
||
WorkingDirectory=/var/lib/gitea/
|
||
ExecStart=/usr/local/bin/gitea web -c /etc/gitea/app.ini
|
||
Restart=always
|
||
Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
|
||
# If you want to bind Gitea to a port below 1024 uncomment
|
||
# the two values below
|
||
###
|
||
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||
#AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||
|
||
[Install]
|
||
WantedBy=multi-user.target
|
||
```
|
||
|
||
使用如下命令使能并启动 gitea 服务
|
||
|
||
```bash
|
||
sudo systemctl enable gitea
|
||
sudo systemctl start gitea
|
||
```
|
||
|
||
使用如下命令停止 gitea 服务
|
||
|
||
```bash
|
||
sudo systemctl stop gitea
|
||
```
|
||
|
||
## 使用 HTTPS 服务
|
||
|
||
可以使用 Gitea 内嵌的 HTTPS 服务。内嵌 HTTPS 服务使用自认证证书,生成 10 年期限自认证证书命令如下:
|
||
|
||
```bash
|
||
gitea cert --host <HOST0,HOST1,...> --ca --duration 87600h
|
||
```
|
||
|
||
参数说明:
|
||
|
||
| Argument | Description |
|
||
|----------------------|-----------------------------------------------------------------------------------------------------------|
|
||
| --host \<value\> | Comma seperated hostnames and ips which this certificate is valid for. Wildcards are supported. Required. |
|
||
| --duration \<value\> | Duration which the certificate is valid for. Optional. (default: 8760h0m0s) |
|
||
| --ca | If provided, this cert generates it’s own certificate authority. Optional. |
|
||
|
||
编辑 app.ini 文件如下:
|
||
|
||
```ini
|
||
[server]
|
||
PROTOCOL=https
|
||
ROOT_URL = https://git.example.com:3000/
|
||
HTTP_PORT = 3000
|
||
CERT_FILE = <绝对路径>/custom/https/cert.pem
|
||
KEY_FILE = <绝对路径>/custom/https/key.pem
|
||
```
|
||
|
||
注意,上面 CERT_FILE 和 KEY_FILE 必须使用绝对路径,否则无法正常启动 Gitea 服务。之后重启 Gitea 服务。通过浏览器访问 HTTPS 版本的 Gitea 服务,需要添加浏览器例外才能正常访问。另外客户端使用 git clone 需要关闭 git 的 ssl 认证功能。命令如下:
|
||
|
||
```bash
|
||
git config --global http.sslVerify false
|
||
```
|
||
|
||
另外 Gitea 还可以使用 Let’s Encrypt 提供的证书,这是 CA 认证证书,有效期为 90 天。Let’s Encrypt 的使用方法见官方手册。
|
||
|
||
## 使用内置 SSH
|
||
|
||
Gitea 有内置 SSH 服务,支持 SSH 格式的 git clone,使能方式为修改 app.ini 文件中的下列内容:
|
||
|
||
```ini
|
||
[server]
|
||
SSH_DOMAIN = 127.0.0.1
|
||
DISABLE_SSH = false
|
||
START_SSH_SERVER = true
|
||
SSH_PORT = 3022
|
||
SSH_LISTEN_PORT = 3022
|
||
```
|
||
|
||
## 邮箱配置
|
||
|
||
Gitea 可以通过预先配置好的电子邮件发送服务器发送服务邮件如:通知、消息、注册确认等信息。邮件发送服务器为 smtp 服务器,需要同时提供服务器端口,用户名和密码。
|
||
|
||
```ini
|
||
[mailer]
|
||
ENABLED = true
|
||
; Mail server
|
||
; Gmail: smtp.gmail.com:587
|
||
; QQ: smtp.qq.com:465
|
||
; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
|
||
HOST = smtp.sina.com:465
|
||
; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
|
||
FROM = user_name@sina.com
|
||
; Mailer user name and password
|
||
USER = user_name@sina.com
|
||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||
PASSWD = user_password
|
||
```
|
||
|
||
启用邮件系统后,可以开启邮件通知功能。该功能在有提醒需要发送时,Gitea 会通过以上配置的邮件系统向用户发送邮件通知,如有 Issue 分派给了某个用户,则该用户会收到邮件提醒。
|
||
|
||
```ini
|
||
[service]
|
||
; Mail notification
|
||
ENABLE_NOTIFY_MAIL = true
|
||
```
|
||
|
||
## 允许通过邮箱进行外部注册
|
||
|
||
开启邮件系统后,可以开启邮件注册功能。用户可以自己注册账号,并受到注册确认邮件。通过点击注册确认邮件中的连接,激活新账号。
|
||
|
||
```ini
|
||
[service]
|
||
; Whether a new user needs to confirm their email when registering.
|
||
REGISTER_EMAIL_CONFIRM = true
|
||
; Disallow registration, only allow admins to create accounts.
|
||
DISABLE_REGISTRATION = false
|
||
; Allow registration only using third part services, it works only when DISABLE_REGISTRATION is false
|
||
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
||
; Enable captcha validation for registration
|
||
ENABLE_CAPTCHA = true
|
||
```
|
||
|
||
其中,校验码为可选功能,建议开启。
|
||
|
||
## 配置文件示例
|
||
|
||
```ini
|
||
APP_NAME = Gitea: Git with a cup of tea
|
||
RUN_USER = Administrator
|
||
RUN_MODE = prod
|
||
|
||
[security]
|
||
INTERNAL_TOKEN = <TOKEN>
|
||
INSTALL_LOCK = true
|
||
SECRET_KEY = <KEY>
|
||
|
||
[database]
|
||
DB_TYPE = sqlite3
|
||
HOST = 127.0.0.1:3306
|
||
NAME = gitea
|
||
USER = gitea
|
||
PASSWD =
|
||
SSL_MODE = disable
|
||
PATH = <绝对路径>/data/gitea.db
|
||
|
||
[repository]
|
||
ROOT = <绝对路径>/gitea-repositories
|
||
DISABLE_HTTP_GIT = true
|
||
|
||
[repository.upload]
|
||
ENABLED = true
|
||
FILE_MAX_SIZE = 1024
|
||
MAX_FILES = 1000
|
||
|
||
[server]
|
||
PROTOCOL = https
|
||
SSH_DOMAIN = 127.0.0.1
|
||
DOMAIN = 127.0.0.1
|
||
HTTP_PORT = 3000
|
||
ROOT_URL = %(PROTOCOL)s://127.0.0.1:3000/
|
||
CERT_FILE = <绝对路径>/Path/cert.pem
|
||
KEY_FILE = <绝对路径>/Path/key.pem
|
||
DISABLE_SSH = false
|
||
START_SSH_SERVER = true
|
||
SSH_PORT = 3022
|
||
SSH_LISTEN_PORT = 3022
|
||
LFS_START_SERVER = true
|
||
LFS_CONTENT_PATH = <绝对路径>/Path/data/lfs
|
||
LFS_JWT_SECRET = <SECRET>
|
||
OFFLINE_MODE = false
|
||
|
||
[mailer]
|
||
ENABLED = true
|
||
HOST = smtp.sina.com:465
|
||
FROM = user_name@sina.com
|
||
USER = user_name@sina.com
|
||
PASSWD = user_password
|
||
|
||
[service]
|
||
REGISTER_EMAIL_CONFIRM = true
|
||
ENABLE_NOTIFY_MAIL = true
|
||
DISABLE_REGISTRATION = false
|
||
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
||
ENABLE_CAPTCHA = true
|
||
REQUIRE_SIGNIN_VIEW = true
|
||
DEFAULT_KEEP_EMAIL_PRIVATE = false
|
||
DEFAULT_ALLOW_CREATE_ORGANIZATION = false
|
||
DEFAULT_ENABLE_TIMETRACKING = true
|
||
NO_REPLY_ADDRESS = noreply.example.org
|
||
|
||
[picture]
|
||
DISABLE_GRAVATAR = true
|
||
ENABLE_FEDERATED_AVATAR = false
|
||
|
||
[openid]
|
||
ENABLE_OPENID_SIGNIN = false
|
||
ENABLE_OPENID_SIGNUP = false
|
||
|
||
[session]
|
||
PROVIDER = file
|
||
|
||
[attachment]
|
||
ENABLED = true
|
||
PATH = <绝对路径>/Path/data/attachments
|
||
ALLOWED_TYPES = image/jpeg|image/png|application/zip|application/gzip
|
||
MAX_SIZE = 4
|
||
MAX_FILES = 5
|
||
|
||
[log]
|
||
MODE = file
|
||
LEVEL = Info
|
||
ROOT_PATH = <绝对路径>/Path/log
|
||
|
||
[other]
|
||
SHOW_FOOTER_TEMPLATE_LOAD_TIME = false
|
||
```
|