Alpine newbie developer: gitea

From Alpine Linux
Revision as of 15:47, 3 July 2020 by Mckaygerhard (talk | contribs) (Configurations)
Jump to: navigation, search

gitea is now available from repositories: https://pkgs.alpinelinux.org/packages?name=gitea currently at 2020 still remains in edge brand but this guide does work either if are or not in main.

Clarifications

1. Gitea was created by a group of users and contributors of the self-hosted Git service Gogs. in fact gitea is gogs with steroids! so then It is a fork of Gogs and is written in Go.

2. This guide is for real deploy not for docker deploys.. dockers does not need to setup packages and filesystems configs, for that you must use always docker related configurations.

3. If even though docker always uses Alpine linux as images, and the software is alpine packages, it still has nothing to do with using alpine specific commands.

4. Git is the version control system (VCS) software behind gitea perse, so must be installed first. But repositories on server are not same as in clients.. server repositories are bare repositories.

Pre Requirements

This document will guide noob users, for professional case please visit Production_git_server:_gitea page.

  • CVS command line
    • git
    • git-lfs
  • Database:
    • mysql
    • postgresql
    • sqlite
    • tidb

For database professional setup please refers to the Production_DataBases_:_mysql page or Production_DataBases_:_postgresql page

A hostname is a unique name created to identify a machine on a network, configured in /etc/hostname. To change the computer's hostname edit the /etc/hostname file or execute the following command (make sure to replace myhostname with your desired hostname):

# echo "myhostname" > /etc/hostname

You should also add the hostname to your hosts file (/etc/hosts):

127.0.0.1   localhost.localdomain localhost
127.0.1.1   myhostname.mydomain myhostname
::1         localhost.localdomain localhost

Installation

This guide does work either if are or not in main or edge the gitea package:, take note, do not install any more from edge.. so in fact all gitea dependencies must be listed and installed before gitea and edge brand are activated, so the following process will guide and show you how to do that:

1. first gain root privileges or access ssh to your alpine server 2. added and update normal repositories 3. install git from normal stable repositories, bash, coreutils and manpages 4. alternate edge repositories 5. install gitea from edge repository 6. restore normal repository

cat > /etc/apk/repositories << EOF; $(echo)
http://dl-cdn.alpinelinux.org/alpine/v$(cat /etc/alpine-release | cut -d'.' -f1,2)/main
http://dl-cdn.alpinelinux.org/alpine/v$(cat /etc/alpine-release | cut -d'.' -f1,2)/community
EOF

apk update

apk add git git-lfs git-doc gnupg gnupg1 attr dialog dialog-doc bash bash-doc \
 grep grep-doc util-linux util-linux-doc pciutils usbutils binutils findutils \
 readline man man-pages lsof lsof-doc less less-doc nano nano-doc curl curl-doc

export PAGER=less

cat >> /etc/apk/repositories << EOF; $(echo)
http://dl-cdn.alpinelinux.org/alpine/v$(cat /etc/alpine-release | cut -d'.' -f1,2)/main
http://dl-cdn.alpinelinux.org/alpine/v$(cat /etc/alpine-release | cut -d'.' -f1,2)/community
http://dl-cdn.alpinelinux.org/alpine/edge/main
http://dl-cdn.alpinelinux.org/alpine/edge/community
EOF

apk update

apk add gitea

cat > /etc/apk/repositories << EOF; $(echo)
http://dl-cdn.alpinelinux.org/alpine/v$(cat /etc/alpine-release | cut -d'.' -f1,2)/main
http://dl-cdn.alpinelinux.org/alpine/v$(cat /etc/alpine-release | cut -d'.' -f1,2)/community
EOF

apk update

Take in consideration that the user gitea or a gitea system user must be in the system.

Configurations

Gitea configurations are defined by the gitea service at /etc/init.d/gitea script:

Artifac Name Path related
Daemon script gitea /etc/init.d/gitea
Daemon user gitea /var/lib/gitea/
Group user www-data /var/www/
Program file gitea /usr/bin/gitea
Working dir GITEA_WORK_DIR /var/lib/gitea/
Customizing GITEA_CUSTOM /var/lib/gitea/custom/
Config global gitea.ini /etc/gitea/app.ini
Web files STATIC_ROOT_PATH /usr/share/webapps/gitea/
Data files APP_DATA_PATH /var/lib/gitea/data/

Gitea runs as gitea user, and www-data group, so are compatible with any web deploy in system webservers packages of alpine repositories, but not with any other external installation if does not are same as.

Gitea two configuration files, the system defaults at /var/lib/gitea/conf/app.ini and modifiable package defaults, at /etc/gitea/app.ini. Original files are in /usr/share/webapps/gitea and are defaults non-modifiable. For alterations see next sections where are defined initialization, customization and configurations.

Gitea can be customized: just take same path from /usr/share/webapps/gitea/ and put in same manner at /var/lib/gitea/custom/ place, by example to customize default landing page, just take a copy of the /usr/share/webapps/gitea/templates/home.tmpl and put modified one as /var/lib/gitea/custom/templates/home.tmpl as well.

Initialization

Gitea just after install does not need many configurations, the daemon service init all the needs, take in consideration that this means:

Config Default
Start to use http://localhost:3000
Git repositories /var/lib/gitea/git
Database configs Sqlite at /var/lib/gitea/db/gitea.db
Loggin files /var/log/gitea

For others configurations please check next sections.

Controling and starting gitea

To start to use must:

  1. Start from init script
  2. Make enabled the init script
rc-update add gitea default

rc-service gitea restart

To stop:

Post instalation

After install you can just go to http://localhost:3000 and start the post-installation process, if you dont want to change any configuration.. if not check next sections:

Configuring

Gitea can be customized: just take same path from /usr/share/webapps/gitea/ and put in same manner at /var/lib/gitea/custom/ place, by example to customize default landing page, just take a copy of the /usr/share/webapps/gitea/templates/home.tmpl and put modified one as /var/lib/gitea/custom/templates/home.tmpl as well.


Database configurations

Gitea for data database backend for storing configurations.. SQLite are the default. But for others database backends alpine packages of MySQL/MariaDB or PostgreSQL are like normal tarball of each one, admins must know what they want.. there's no automatic window-like installation here. So first go to MariaDB or PostgreSQL wiki pages and with a user database configure in the /etc/gitea/app.ini and modify the DB_TYPE change from sqlite to postgres or mysql, NAME as the database access where gitea will store the data, USER as the user that will access the database, PASSWORD with the password of the user to access to the database defined. HOST must be with "localhost" value since this wiki assumes local installation.

Setup the database to MySQL

WIP

Setup the database to PosgreSQL

service gitea stop

Of course you must changed "secret_new_root_password" by a proper password provided by you.

New users: common needed package to install

Packages and programs on alpine are described on Alpine_newbie: Packages overall info.

Note: if you do not wired and only have modems or wifi, runs in any case those commands previusly described in network setup, and later after go to specific wiki pages Alpine newbie network and internet connections for that configurations. alpine linux need network internet connection available due still does not distribute a complete media install disc only minimal isos due extended isos are only for x86 and x64 machines
Users creation and defaults

Only root can manage users. Creating an account allows it to have it's own $HOME directory and allows you to limit access to the configuration of the operating system for security reasons. So the following commands will first setup root environment login and then assing a new password:

cat > /root/.cshrc << EOF
unsetenv DISPLAY || true
HISTCONTROL=ignoreboth
EOF

cp /root/.cshrc /root/.profile

echo "secret_new_root_password" | chpasswd

The remote management cannot be done with root directly by default, due ssh security, so we need to setup an remote connection account to made "su" once connected.

The most recommended it's having a access user here named "remote" and normal general usage user here named "general" for convenience, in the next commands we will setup a very hardened limited environment for any new user and created those two users:

mkdir -p /etc/skel/

cat > /etc/skel/.logout << EOF
history -c
/bin/rm -f /opt/remote/.mysql_history
/bin/rm -f /opt/remote/.history
/bin/rm -f /opt/remote/.bash_history
EOF

cat > /etc/skel/.cshrc << EOF
set autologout = 30
set prompt = "$ "
set history = 0
set ignoreeof
EOF

cp /etc/skel/.cshrc /etc/skel/.profile

adduser -D --home /opt/remote --shell /bin/ash remote

echo "secret_new_remote_user_password" | chpasswd

adduser -D --shell /bin/bash general

echo "secret_new_general_user_password" | chpasswd
Tip: "general" and "remote" are the names of the users, MUST be only lowercase, no spaces with no symbols

Note that those users are created with minimal settings. Of course you must changed "secret_new_remote_user_password" by a proper password provided by you, also equaly with "secret_new_general_user_password" too.

Users management and system access

But this user will not have enough privileges for a desktop made purposes, Alpine comes with high security so administrator (the root account owner) must perform the management of that user. Take care, for a server made there's no similar procedure!

Management of users can be made with the default busybox, but there's some packages that makes the life easy of the admins, lest use the libuser package now from testing repository:

cat > /etc/apk/repositories << EOF
http://mirror.math.princeton.edu/pub/alpinelinux/v$(cat /etc/alpine-release | cut -d'.' -f1,2)/main
http://mirror.math.princeton.edu/pub/alpinelinux/v$(cat /etc/alpine-release | cut -d'.' -f1,2)/community
http://mirror.math.princeton.edu/pub/alpinelinux/edge/testing/
EOF

apk update

apk add libuser

cat > /etc/apk/repositories << EOF
http://mirror.math.princeton.edu/pub/alpinelinux/v$(cat /etc/alpine-release | cut -d'.' -f1,2)/main
http://mirror.math.princeton.edu/pub/alpinelinux/v$(cat /etc/alpine-release | cut -d'.' -f1,2)/community
EOF

apk update

touch /etc/login.defs

touch /etc/default/useradd

Now we can changes some defaults and added to proper groups to access devices or perform connections so, those are the recommended groups where the user must have in:

for u in $(ls /home); do for g in disk lp floppy audio cdrom dialout video netdev games users; do addgroup $u $g; done;done
  • disk:x:6:root,adm Only if need usage vith virtual machines and access to other partitions over new disks for
  • lp:x:7:lp IF will need to use printing services and printers management
  • floppy:x:11:root Backguard compatible group, use only if need access to external special devices
  • audio:x:18: Need for audio listening and management of sound volumes as normal user
  • cdrom:x:19: For access to disck writers and mounting DVD, BR or CD rom disk as normal user
  • dialout:x:20:root Need for dial private connections and use of modems as normal users
  • tape:x:26:root Need have into this if plan to use special devices for backup.. rarelly in no servers
  • video:x:27:root For usage of cameras, mor thant one GPU special features, as normal user
  • netdev:x:28: For network connections management as normal user
  • kvm:x:34:kvm Only if as normal user will manage graphically virtual machines.. rarelly on no servers
  • games:x:35: Need if you want to play games also specially need if will share score between users
  • cdrw:x:80: To write RW-DVD, RW-BR or RW-CD disk on a disk writing device
  • apache:x:81: Need if you will perfom development as normal user and want to publish locally on web server
  • usb:x:85: Need to access to special usb devices, deprecated group
  • users:x:100:games If you plan to used common files for all users, mandatory as desktop usage

Now we have libuser also can change default shell:

  • If you want to change the current user's shell, log in as that user and then inside their terminal session execute::
    lchsh
  • If you want to change a different user's shell, run as administration or as root:
    lchsh general

Where "general" was the name of a created user login in previous sections.

Tutorial series

Previous required What's next to read
Alpine newbie install manual Alpine newbie desktops

See Also