fixed everything and now a masterscript
This commit is contained in:
parent
816cc8de8c
commit
cd93f12bd6
95
README.md
95
README.md
@ -1,37 +1,86 @@
|
||||
# Gitea Setup with Incus and Docker
|
||||
# Gitea Incus Deployment Script
|
||||
|
||||
This script automates the setup of Gitea using Incus containers with nested Docker Compose.
|
||||
This script automates the deployment of Gitea using Incus containers. It provides a simple command-line interface to create a profile, install Gitea and PostgreSQL, and secure the configuration.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Incus installed on the host machine
|
||||
- Root or sudo access (Incus group perm works too)
|
||||
- Incus installed and configured on your system
|
||||
- Sudo or root access
|
||||
|
||||
## Usage
|
||||
|
||||
1. Save the script as `setup_gitea.sh`
|
||||
2. Make it executable: `chmod +x setup_gitea.sh`
|
||||
3. Run the script: `sudo ./setup_gitea.sh`
|
||||
Make the script executable:
|
||||
|
||||
The script will:
|
||||
- Create an Incus container named 'gitea'
|
||||
- Install Docker and Docker Compose in the container
|
||||
- Set up Gitea using Docker Compose
|
||||
- Configure port forwarding for web and SSH access
|
||||
```bash
|
||||
chmod +x gitea.sh
|
||||
```
|
||||
|
||||
Access Gitea at `http://host-ip:3000`. SSH access is available on port 2222.
|
||||
### Create Profile
|
||||
|
||||
## Configuration
|
||||
Create an Incus profile for Gitea:
|
||||
|
||||
You can modify the following variables in the script:
|
||||
- `CONTAINER_NAME`: Name of the Incus container
|
||||
- `HOST_DATA_PATH`: Path on the host to store Gitea data
|
||||
- `WEB_PORT`: Port for web access
|
||||
- `SSH_PORT`: Port for SSH access
|
||||
```bash
|
||||
./gitea.sh profile [-c cpu] [-r ram]
|
||||
```
|
||||
|
||||
Options:
|
||||
- `-c cpu`: Specify the number of CPUs (optional)
|
||||
- `-r ram`: Specify the amount of RAM in GB (optional)
|
||||
|
||||
If CPU or RAM is not specified, the default Incus values will be used.
|
||||
|
||||
### Install Gitea
|
||||
|
||||
Install Gitea and PostgreSQL:
|
||||
|
||||
```bash
|
||||
./gitea.sh install [-p dbpassword]
|
||||
```
|
||||
|
||||
Options:
|
||||
- `-p dbpassword`: Specify a custom database password (optional)
|
||||
|
||||
If no password is provided, a default password will be used.
|
||||
|
||||
### Secure Configuration
|
||||
|
||||
After completing the web installation, secure the Gitea configuration:
|
||||
|
||||
```bash
|
||||
./gitea.sh secure
|
||||
```
|
||||
|
||||
## Script Behavior
|
||||
|
||||
1. The script enforces the correct order of operations:
|
||||
- Profile must be created before installation
|
||||
- Gitea must be installed before securing the configuration
|
||||
2. The script will create a network named "incusbr0" if it doesn't exist
|
||||
3. The root disk size for the Incus container is set to 20GB by default
|
||||
4. Gitea will be accessible on port 3000, and SSH access will be on port 2222
|
||||
|
||||
## Notes
|
||||
|
||||
- The script uses Ubuntu 22.04 as the base image for the Incus container.
|
||||
- PostgreSQL is used as the database and runs in a separate container.
|
||||
- Data is persisted on the host machine.
|
||||
- For production use, review and adjust security settings as needed.
|
||||
- After installation, access Gitea through the web interface to complete the setup
|
||||
- The script provides the URL to access Gitea after installation
|
||||
- Make sure to secure the configuration after completing the web setup
|
||||
|
||||
## Customization
|
||||
|
||||
You can modify the following variables at the top of the script to customize your deployment:
|
||||
|
||||
- `CONTAINER_NAME`: Name of the Incus container
|
||||
- `WEB_PORT`: Port for accessing Gitea web interface
|
||||
- `SSH_PORT`: Port for SSH access
|
||||
- `PROFILE_NAME`: Name of the Incus profile
|
||||
- `ROOT_DISK_SIZE`: Size of the root disk for the container
|
||||
- `NETWORK_NAME`: Name of the Incus network
|
||||
- `DB_USER`: PostgreSQL database user for Gitea
|
||||
- `DB_PASS`: Default PostgreSQL database password (can be overridden during installation)
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
If you encounter any issues:
|
||||
1. Check the Incus container status: `incus list`
|
||||
2. View the container logs: `incus exec gitea -- journalctl -u gitea`
|
||||
3. Ensure all required ports are open and not in use by other services
|
||||
|
304
gitea.sh
Executable file
304
gitea.sh
Executable file
@ -0,0 +1,304 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
CONTAINER_NAME="gitea"
|
||||
WEB_PORT="3000"
|
||||
SSH_PORT="2222"
|
||||
PROFILE_NAME="gitea-profile"
|
||||
ROOT_DISK_SIZE="20GB"
|
||||
NETWORK_NAME="incusbr0"
|
||||
DB_USER="gitea"
|
||||
DB_PASS="gitea_password" # Default password, can be overridden with -p option
|
||||
|
||||
# Function to create the Incus profile
|
||||
create_profile() {
|
||||
local cpu=$1
|
||||
local ram=$2
|
||||
|
||||
echo "Creating Incus profile with root disk size of $ROOT_DISK_SIZE..."
|
||||
incus profile create $PROFILE_NAME || true
|
||||
if [ ! -z "$ram" ]; then
|
||||
echo "Setting RAM limit to ${ram}GB"
|
||||
incus profile set $PROFILE_NAME limits.memory=${ram}GB
|
||||
else
|
||||
echo "No RAM limit specified. Using default."
|
||||
fi
|
||||
if [ ! -z "$cpu" ]; then
|
||||
echo "Setting CPU limit to $cpu"
|
||||
incus profile set $PROFILE_NAME limits.cpu=$cpu
|
||||
else
|
||||
echo "No CPU limit specified. Using default."
|
||||
fi
|
||||
incus profile device add $PROFILE_NAME root disk path=/ pool=default size=$ROOT_DISK_SIZE
|
||||
|
||||
echo "Ensuring network exists..."
|
||||
if ! incus network list | grep -q $NETWORK_NAME; then
|
||||
echo "Creating network $NETWORK_NAME..."
|
||||
incus network create $NETWORK_NAME
|
||||
fi
|
||||
}
|
||||
|
||||
# Function to check if profile exists
|
||||
profile_exists() {
|
||||
incus profile list | grep -q $PROFILE_NAME
|
||||
}
|
||||
|
||||
# Function to install Gitea and PostgreSQL
|
||||
install_gitea() {
|
||||
if ! profile_exists; then
|
||||
echo "Error: Profile does not exist. Please create a profile first using '$0 profile'."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Creating Incus container..."
|
||||
incus launch images:ubuntu/22.04 $CONTAINER_NAME -p $PROFILE_NAME
|
||||
|
||||
echo "Attaching network to container..."
|
||||
incus network attach $NETWORK_NAME $CONTAINER_NAME
|
||||
|
||||
echo "Configuring container..."
|
||||
incus config set $CONTAINER_NAME security.privileged=true
|
||||
incus config set $CONTAINER_NAME linux.kernel_modules=overlay,nf_nat
|
||||
incus config device add $CONTAINER_NAME gitea-ssh proxy listen=tcp:0.0.0.0:$SSH_PORT connect=tcp:127.0.0.1:2222
|
||||
incus config device add $CONTAINER_NAME gitea-web proxy listen=tcp:0.0.0.0:$WEB_PORT connect=tcp:127.0.0.1:3000
|
||||
|
||||
echo "Waiting for network to be ready..."
|
||||
sleep 10
|
||||
|
||||
echo "Installing Gitea dependencies..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
apt update
|
||||
apt install -y wget git postgresql postgresql-contrib
|
||||
"
|
||||
|
||||
echo "Setting up PostgreSQL..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
sudo -u postgres psql -c \"CREATE USER $DB_USER WITH PASSWORD '$DB_PASS'\"
|
||||
sudo -u postgres psql -c \"CREATE DATABASE gitea OWNER $DB_USER\"
|
||||
echo \"host all all 0.0.0.0/0 password\" >> /etc/postgresql/14/main/pg_hba.conf
|
||||
echo \"listen_addresses = '*'\" >> /etc/postgresql/14/main/postgresql.conf
|
||||
systemctl restart postgresql
|
||||
"
|
||||
|
||||
echo "Installing Gitea..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
wget -O gitea https://dl.gitea.io/gitea/1.18.0/gitea-1.18.0-linux-amd64
|
||||
chmod +x gitea
|
||||
mv gitea /usr/local/bin/gitea
|
||||
"
|
||||
|
||||
echo "Creating Gitea user and setting up directories..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
adduser --system --group --disabled-password --home /var/lib/gitea --shell /bin/bash git
|
||||
mkdir -p /var/lib/gitea/{custom,data,log}
|
||||
chown -R git:git /var/lib/gitea/
|
||||
chmod -R 750 /var/lib/gitea/
|
||||
mkdir -p /etc/gitea
|
||||
chown root:git /etc/gitea
|
||||
chmod 770 /etc/gitea
|
||||
"
|
||||
|
||||
echo "Creating Gitea configuration..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "cat > /etc/gitea/app.ini << EOL
|
||||
APP_NAME = Gitea: Git with a cup of tea
|
||||
RUN_USER = git
|
||||
RUN_MODE = prod
|
||||
|
||||
[database]
|
||||
DB_TYPE = postgres
|
||||
HOST = 127.0.0.1:5432
|
||||
NAME = gitea
|
||||
USER = $DB_USER
|
||||
PASSWD = $DB_PASS
|
||||
|
||||
[repository]
|
||||
ROOT = /var/lib/gitea/data/gitea-repositories
|
||||
|
||||
[server]
|
||||
HTTP_PORT = 3000
|
||||
ROOT_URL = http://$(incus exec $CONTAINER_NAME -- ip addr show eth0 | grep 'inet ' | awk '{print $2}' | cut -d/ -f1):$WEB_PORT/
|
||||
DISABLE_SSH = false
|
||||
SSH_PORT = 2222
|
||||
START_SSH_SERVER = true
|
||||
LFS_START_SERVER = true
|
||||
|
||||
[security]
|
||||
INSTALL_LOCK = false
|
||||
|
||||
[service]
|
||||
DISABLE_REGISTRATION = false
|
||||
REQUIRE_SIGNIN_VIEW = false
|
||||
|
||||
[indexer]
|
||||
ISSUE_INDEXER_PATH = /var/lib/gitea/indexers/issues.bleve
|
||||
|
||||
[session]
|
||||
PROVIDER_CONFIG = /var/lib/gitea/data/sessions
|
||||
|
||||
[picture]
|
||||
AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars
|
||||
REPOSITORY_AVATAR_UPLOAD_PATH = /var/lib/gitea/data/repo-avatars
|
||||
|
||||
[attachment]
|
||||
PATH = /var/lib/gitea/data/attachments
|
||||
|
||||
[log]
|
||||
ROOT_PATH = /var/lib/gitea/log
|
||||
|
||||
[mailer]
|
||||
ENABLED = false
|
||||
|
||||
[service]
|
||||
DISABLE_REGISTRATION = false
|
||||
REQUIRE_SIGNIN_VIEW = false
|
||||
REGISTER_EMAIL_CONFIRM = false
|
||||
ENABLE_NOTIFY_MAIL = false
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
||||
ENABLE_CAPTCHA = false
|
||||
DEFAULT_KEEP_EMAIL_PRIVATE = false
|
||||
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
|
||||
DEFAULT_ENABLE_TIMETRACKING = true
|
||||
NO_REPLY_ADDRESS = noreply.example.org
|
||||
|
||||
[openid]
|
||||
ENABLE_OPENID_SIGNIN = true
|
||||
ENABLE_OPENID_SIGNUP = true
|
||||
EOL"
|
||||
|
||||
echo "Setting initial permissions for Gitea config file..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
chown root:git /etc/gitea/app.ini
|
||||
chmod 770 /etc/gitea
|
||||
chmod 660 /etc/gitea/app.ini
|
||||
"
|
||||
|
||||
echo "Creating Gitea service..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "cat > /etc/systemd/system/gitea.service << EOL
|
||||
[Unit]
|
||||
Description=Gitea (Git with a cup of tea)
|
||||
After=syslog.target
|
||||
After=network.target
|
||||
After=postgresql.service
|
||||
|
||||
[Service]
|
||||
RestartSec=2s
|
||||
Type=simple
|
||||
User=git
|
||||
Group=git
|
||||
WorkingDirectory=/var/lib/gitea/
|
||||
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
|
||||
Restart=always
|
||||
Environment=USER=git HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOL"
|
||||
|
||||
echo "Ensuring PostgreSQL is running and accessible..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
systemctl restart postgresql
|
||||
sleep 5
|
||||
sudo -u git psql -h 127.0.0.1 -U gitea -d gitea -c 'SELECT 1'
|
||||
"
|
||||
|
||||
echo "Starting Gitea..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
systemctl daemon-reload
|
||||
systemctl enable gitea
|
||||
systemctl restart gitea
|
||||
sleep 5
|
||||
systemctl status gitea
|
||||
"
|
||||
|
||||
echo "Gitea setup complete!"
|
||||
echo "Access Gitea at http://$(incus exec $CONTAINER_NAME -- ip addr show eth0 | grep 'inet ' | awk '{print $2}' | cut -d/ -f1):$WEB_PORT"
|
||||
echo "SSH access available on port $SSH_PORT"
|
||||
echo ""
|
||||
echo "After completing the web installation, run '$0 secure' to secure the configuration."
|
||||
}
|
||||
|
||||
# Function to secure Gitea configuration
|
||||
secure_gitea() {
|
||||
if ! incus list | grep -q $CONTAINER_NAME; then
|
||||
echo "Error: Gitea is not installed. Please install Gitea first using '$0 install'."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Securing Gitea configuration..."
|
||||
incus exec $CONTAINER_NAME -- bash -c 'chmod 750 /etc/gitea && chmod 640 /etc/gitea/app.ini'
|
||||
echo "Gitea configuration secured."
|
||||
}
|
||||
|
||||
# Function to display usage
|
||||
usage() {
|
||||
echo "Usage"
|
||||
echo "Create profile:"
|
||||
echo "$0 profile [-c cpu] [-r ram]"
|
||||
echo ""
|
||||
echo "Install Gitea and PostgreSQL:"
|
||||
echo "$0 install [-p dbpassword]"
|
||||
echo ""
|
||||
echo "Secure the configurations:"
|
||||
echo "$0 secure"
|
||||
}
|
||||
|
||||
# Main script logic
|
||||
case "$1" in
|
||||
profile)
|
||||
shift
|
||||
cpu=""
|
||||
ram=""
|
||||
while getopts ":c:r:" opt; do
|
||||
case ${opt} in
|
||||
c )
|
||||
cpu=$OPTARG
|
||||
;;
|
||||
r )
|
||||
ram=$OPTARG
|
||||
;;
|
||||
\? )
|
||||
echo "Invalid option: $OPTARG" 1>&2
|
||||
usage
|
||||
exit 1
|
||||
;;
|
||||
: )
|
||||
echo "Invalid option: $OPTARG requires an argument" 1>&2
|
||||
usage
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
create_profile $cpu $ram
|
||||
;;
|
||||
install)
|
||||
shift
|
||||
while getopts ":p:" opt; do
|
||||
case ${opt} in
|
||||
p )
|
||||
DB_PASS=$OPTARG
|
||||
;;
|
||||
\? )
|
||||
echo "Invalid option: $OPTARG" 1>&2
|
||||
usage
|
||||
exit 1
|
||||
;;
|
||||
: )
|
||||
echo "Invalid option: $OPTARG requires an argument" 1>&2
|
||||
usage
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
install_gitea
|
||||
;;
|
||||
secure)
|
||||
secure_gitea
|
||||
;;
|
||||
*)
|
||||
usage
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
exit 0
|
190
setup.sh
190
setup.sh
@ -1,190 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
CONTAINER_NAME="gitea"
|
||||
WEB_PORT="3000"
|
||||
SSH_PORT="2222"
|
||||
PROFILE_NAME="gitea-profile"
|
||||
ROOT_DISK_SIZE="20GB"
|
||||
NETWORK_NAME="incusbr0"
|
||||
DB_USER="gitea"
|
||||
DB_PASS="gitea_password" # Change this to a secure password
|
||||
|
||||
echo "Creating Incus profile with 16GB memory limit and root disk..."
|
||||
incus profile create $PROFILE_NAME || true
|
||||
incus profile set $PROFILE_NAME limits.memory=16GB
|
||||
incus profile device add $PROFILE_NAME root disk path=/ pool=default size=$ROOT_DISK_SIZE
|
||||
|
||||
echo "Ensuring network exists..."
|
||||
if ! incus network list | grep -q $NETWORK_NAME; then
|
||||
echo "Creating network $NETWORK_NAME..."
|
||||
incus network create $NETWORK_NAME
|
||||
fi
|
||||
|
||||
echo "Creating Incus container..."
|
||||
incus launch images:ubuntu/22.04 $CONTAINER_NAME -p $PROFILE_NAME
|
||||
|
||||
echo "Attaching network to container..."
|
||||
incus network attach $NETWORK_NAME $CONTAINER_NAME
|
||||
|
||||
echo "Configuring container..."
|
||||
incus config set $CONTAINER_NAME security.privileged=true
|
||||
incus config set $CONTAINER_NAME linux.kernel_modules=overlay,nf_nat
|
||||
incus config device add $CONTAINER_NAME gitea-ssh proxy listen=tcp:0.0.0.0:$SSH_PORT connect=tcp:127.0.0.1:2222
|
||||
incus config device add $CONTAINER_NAME gitea-web proxy listen=tcp:0.0.0.0:$WEB_PORT connect=tcp:127.0.0.1:3000
|
||||
|
||||
echo "Waiting for network to be ready..."
|
||||
sleep 10
|
||||
|
||||
echo "Installing Gitea dependencies..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
apt update
|
||||
apt install -y wget git postgresql postgresql-contrib
|
||||
"
|
||||
|
||||
echo "Setting up PostgreSQL..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
sudo -u postgres psql -c \"CREATE USER $DB_USER WITH PASSWORD '$DB_PASS'\"
|
||||
sudo -u postgres psql -c \"CREATE DATABASE gitea OWNER $DB_USER\"
|
||||
echo \"host all all 0.0.0.0/0 password\" >> /etc/postgresql/14/main/pg_hba.conf
|
||||
echo \"listen_addresses = '*'\" >> /etc/postgresql/14/main/postgresql.conf
|
||||
systemctl restart postgresql
|
||||
"
|
||||
|
||||
echo "Installing Gitea..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
wget -O gitea https://dl.gitea.io/gitea/1.18.0/gitea-1.18.0-linux-amd64
|
||||
chmod +x gitea
|
||||
mv gitea /usr/local/bin/gitea
|
||||
"
|
||||
|
||||
echo "Creating Gitea user and setting up directories..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
adduser --system --group --disabled-password --home /var/lib/gitea --shell /bin/bash git
|
||||
mkdir -p /var/lib/gitea/{custom,data,log}
|
||||
chown -R git:git /var/lib/gitea/
|
||||
chmod -R 750 /var/lib/gitea/
|
||||
mkdir -p /etc/gitea
|
||||
chown root:git /etc/gitea
|
||||
chmod 770 /etc/gitea
|
||||
"
|
||||
|
||||
echo "Creating Gitea configuration..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "cat > /etc/gitea/app.ini << EOL
|
||||
APP_NAME = Gitea: Git with a cup of tea
|
||||
RUN_USER = git
|
||||
RUN_MODE = prod
|
||||
|
||||
[database]
|
||||
DB_TYPE = postgres
|
||||
HOST = 127.0.0.1:5432
|
||||
NAME = gitea
|
||||
USER = $DB_USER
|
||||
PASSWD = $DB_PASS
|
||||
|
||||
[repository]
|
||||
ROOT = /var/lib/gitea/data/gitea-repositories
|
||||
|
||||
[server]
|
||||
HTTP_PORT = 3000
|
||||
ROOT_URL = http://$(incus exec $CONTAINER_NAME -- ip addr show eth0 | grep 'inet ' | awk '{print $2}' | cut -d/ -f1):$WEB_PORT/
|
||||
DISABLE_SSH = false
|
||||
SSH_PORT = 2222
|
||||
START_SSH_SERVER = true
|
||||
LFS_START_SERVER = true
|
||||
|
||||
[security]
|
||||
INSTALL_LOCK = false
|
||||
|
||||
[service]
|
||||
DISABLE_REGISTRATION = false
|
||||
REQUIRE_SIGNIN_VIEW = false
|
||||
|
||||
[indexer]
|
||||
ISSUE_INDEXER_PATH = /var/lib/gitea/indexers/issues.bleve
|
||||
|
||||
[session]
|
||||
PROVIDER_CONFIG = /var/lib/gitea/data/sessions
|
||||
|
||||
[picture]
|
||||
AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars
|
||||
REPOSITORY_AVATAR_UPLOAD_PATH = /var/lib/gitea/data/repo-avatars
|
||||
|
||||
[attachment]
|
||||
PATH = /var/lib/gitea/data/attachments
|
||||
|
||||
[log]
|
||||
ROOT_PATH = /var/lib/gitea/log
|
||||
|
||||
[mailer]
|
||||
ENABLED = false
|
||||
|
||||
[service]
|
||||
DISABLE_REGISTRATION = false
|
||||
REQUIRE_SIGNIN_VIEW = false
|
||||
REGISTER_EMAIL_CONFIRM = false
|
||||
ENABLE_NOTIFY_MAIL = false
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
||||
ENABLE_CAPTCHA = false
|
||||
DEFAULT_KEEP_EMAIL_PRIVATE = false
|
||||
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
|
||||
DEFAULT_ENABLE_TIMETRACKING = true
|
||||
NO_REPLY_ADDRESS = noreply.example.org
|
||||
|
||||
[openid]
|
||||
ENABLE_OPENID_SIGNIN = true
|
||||
ENABLE_OPENID_SIGNUP = true
|
||||
EOL"
|
||||
|
||||
echo "Setting initial permissions for Gitea config file..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
chown root:git /etc/gitea/app.ini
|
||||
chmod 770 /etc/gitea
|
||||
chmod 660 /etc/gitea/app.ini
|
||||
"
|
||||
|
||||
echo "Creating Gitea service..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "cat > /etc/systemd/system/gitea.service << EOL
|
||||
[Unit]
|
||||
Description=Gitea (Git with a cup of tea)
|
||||
After=syslog.target
|
||||
After=network.target
|
||||
After=postgresql.service
|
||||
|
||||
[Service]
|
||||
RestartSec=2s
|
||||
Type=simple
|
||||
User=git
|
||||
Group=git
|
||||
WorkingDirectory=/var/lib/gitea/
|
||||
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
|
||||
Restart=always
|
||||
Environment=USER=git HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOL"
|
||||
|
||||
echo "Ensuring PostgreSQL is running and accessible..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
systemctl restart postgresql
|
||||
sleep 5
|
||||
sudo -u git psql -h 127.0.0.1 -U gitea -d gitea -c 'SELECT 1'
|
||||
"
|
||||
|
||||
echo "Starting Gitea..."
|
||||
incus exec $CONTAINER_NAME -- bash -c "
|
||||
systemctl daemon-reload
|
||||
systemctl enable gitea
|
||||
systemctl restart gitea
|
||||
sleep 5
|
||||
systemctl status gitea
|
||||
"
|
||||
|
||||
echo "Gitea setup complete!"
|
||||
echo "Access Gitea at http://$(incus exec $CONTAINER_NAME -- ip addr show eth0 | grep 'inet ' | awk '{print $2}' | cut -d/ -f1):$WEB_PORT"
|
||||
echo "SSH access available on port $SSH_PORT"
|
||||
echo ""
|
||||
echo "After completing the web installation, run the following command to secure the configuration:"
|
||||
echo "incus exec $CONTAINER_NAME -- bash -c 'chmod 750 /etc/gitea && chmod 640 /etc/gitea/app.ini'"
|
Loading…
Reference in New Issue
Block a user