# Gitea



Le paquet [gitea-spk](https://github.com/flipswitchingmonkey/gitea-spk) a été mis à jour pour DSM7. Il est dispo chez [SynoCommunity](https://synocommunity.com/package/gitea).

Sinon, on peut installer Gitea d'après les [binaires](https://docs.gitea.io/en-us/install-from-binary/).



### Installation (paquet):

```bash
bruno@DS916:/var/packages/gitea/var $ l
total 1672
drwxr-xr-x 1 sc-gitea synocommunity      66 May  7 10:46 .
drwxr-xr-x 1 root     root              648 May  6 16:26 ..
-rw------- 1 sc-gitea synocommunity    1790 May  7 10:47 conf.ini
drwxr-xr-x 1 sc-gitea synocommunity     150 May  8 17:14 data
-rw-r--r-- 1 sc-gitea synocommunity 1701804 May  8 19:23 gitea.log
-rw-r--r-- 1 sc-gitea synocommunity       5 May  7 10:47 gitea.pid
drwxr-xr-x 1 sc-gitea synocommunity       0 May  7 10:46 log

```



```bash
❯ git push -u gitea916 master
💡 gp -u gitea916 master
Username for 'https://clicclac.synology.me:3000': bruno
Password for 'https://bruno@clicclac.synology.me:3000':
```

`git config credential.helper store`

Aide pour stocker les informations d’identification sur disque (en clair)(seules les permissions du fichiers .git-credentials protègent)
https://techexpertise.medium.com/storing-git-credentials-with-git-credential-helper-33d22a6b5ce7

```bash
~ $ bat .git-credentials
       File: .git-credentials
   1   https://bruno:%yy%xxxxxxx%yyz@clicclac.synology.me%3a3000
```

Sur macOS, on peut stocker stocker les informations d’identification dans la keychain (encrypté)
`git config --global credential.helper osxkeychain`



### Installation (binaires):

Créer un utilisateur `gitea`.

```bash
bruno@DS916:~ $ sudo su - gitea

gitea@DS916:~$
```

Déclarer le répertoire d'installation dans `.bashrc`:

```
export GITEA_WORK_DIR=/var/services/homes/gitea
```

Préparer les répertoires:

```bash
# dossier d'installation
mkdir -p $GITEA_WORK_DIR/{custom,data,log}
chown -R gitea:users $GITEA_WORK_DIR/
chmod -R 750 $GITEA_WORK_DIR/

# dossier de configuration
mkdir /etc/gitea
chown gitea:users /etc/gitea
chmod 770 /etc/gitea
```

Télécharger Gitea

```bash
wget -O gitea https://dl.gitea.io/gitea/1.16.6/gitea-1.16.6-linux-amd64
chmod +x gitea
mv gitea /usr/local/bin/
```

Lancer Gitea

```bash
gitea@DS916:~$ /usr/local/bin/gitea web -c /etc/gitea/app.ini
```

Erreur *'bind: address already in use'*:

```bash
$ netstat -tulpn
tcp6       0      0 :::3000                 :::*                    LISTEN      9829/gitea

$ kill 9829

```

Configurer gitea:
http://192.168.2.7:3000



### Configuration:

#### Accéder au site:

 http://localhost:3000 . Si Safari ne peut y accéder parce que la connexion n'est pas sécurisée (*HSTS Policy*):

1. `command + ,`
2. **Confidentialité** -> **Gérer les données de sites web**...
3. Chercher *localhost*
4. Clic **Supprimer**



DSM :material-arrow-right: Portail des applications :material-arrow-right: Proxy inversé

|            | Source               | Destination |
| ---------- | -------------------- | ----------- |
| Protocole  | HTTPS                | HTTP        |
| Nom d'hôte | clicclac.synology.me | localhost   |
| Port       | 3001                 | 3000        |



##### Configurer les Virtual Host:

```bash title="Apache"
<VirtualHost *:80>
    ProxyPreserveHost On
    ProxyRequests off
    ProxyPass / http://localhost:3000/
    ProxyPassReverse / http://localhost:3000/
</VirtualHost>
```

```bash title="Nginx"
server {
    listen 80;
    server_name git.example.com;

    location / {
        proxy_pass http://localhost:3000;
    }
}
```



#### Configuration:

1. <u>Base:</u> sqlite3 (impossible de se connecter à mariadb)
2. <u>PATH:</u>     `= /var/services/homes/bruno/gitea/data/gitea.db`



Une fois Gitea installé et configuré, on peut sécuriser le fichier de configuration:

```bash
chmod 750 /etc/gitea
chmod 640 /etc/gitea/app.ini
```



Les repos sont stockés ici:

```bash
ROOT = /var/services/homes/gitea/data/gitea-repositories
```

et les logs là:

```bash
ROOT_PATH = /var/services/homes/gitea/log
```



On peut lancer gitea depuis un script:

```bash
/usr/local/bin/gitea web -c /etc/gitea/app.ini
```

ou depuis un service.



### Service

A installer dans `/etc/systemd/system`:

```ini title="gitea.service"
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
###
# Don't forget to add the database service dependencies
###
#
#Wants=mysql.service
#After=mysql.service
#
#Wants=mariadb.service
#After=mariadb.service
#
#Wants=postgresql.service
#After=postgresql.service
#
#Wants=memcached.service
#After=memcached.service
#
#Wants=redis.service
#After=redis.service
#
###
# If using socket activation for main http/s
###
#
#After=gitea.main.socket
#Requires=gitea.main.socket
#
###
# (You can also provide gitea an http fallback and/or ssh socket too)
#
# An example of /etc/systemd/system/gitea.main.socket
###
##
## [Unit]
## Description=Gitea Web Socket
## PartOf=gitea.service
##
## [Socket]
## Service=gitea.service
## ListenStream=<some_port>
## NoDelay=true
##
## [Install]
## WantedBy=sockets.target
##
###

[Service]
# Modify these two values and uncomment them if you have
# repos with lots of files and get an HTTP error 500 because
# of that
###
#LimitMEMLOCK=infinity
#LimitNOFILE=65535
RestartSec=2s
Type=simple
User=bruno
Group=users
WorkingDirectory=/var/services/homes/bruno/gitea/
# If using Unix socket: tells systemd to create the /run/gitea folder, which will contain the gitea.sock file
# (manually creating /run/gitea doesn't work, because it would not persist across reboots)
#RuntimeDirectory=gitea
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
Restart=always
Environment=USER=bruno HOME=/var/services/homes/bruno GITEA_WORK_DIR=/var/services/homes/bruno/gitea
# If you install Git to directory prefix other than default PATH (which happens
# for example if you install other versions of Git side-to-side with
# distribution version), uncomment below line and add that prefix to PATH
# Don't forget to place git-lfs binary on the PATH below if you want to enable
# Git LFS support
#Environment=PATH=/path/to/git/bin:/bin:/sbin:/usr/bin:/usr/sbin
# If you want to bind Gitea to a port below 1024, uncomment
# the two values below, or use socket activation to pass Gitea its ports as above
###
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
#AmbientCapabilities=CAP_NET_BIND_SERVICE
###

[Install]
WantedBy=multi-user.target

```

```bash
bruno@DS916:/etc/gitea $ cd /etc/systemd/system
-rw-r--r--  1 root root 2192 Oct  8  2021 gitea.service
```



```bash title="Activer le service gitea au démarrage"
sudo systemctl enable gitea
```

```bash title="Démarrer le service gitea"
sudo systemctl start gitea
```

```bash title="Status de gitea"
sudo systemctl status -l gitea
```

```bash title="Status de gitea"
ps auxw | grep gitea
bruno     8220  0.8  6.2 2038820 122672 ?      Ssl  20:26   0:02 /usr/local/bin/gitea web --config /etc/gitea/app.ini
bruno     9790  0.0  0.0   2860   184 pts/1    D+   20:32   0:00 grep gitea
```

```bash
gitea@DS916:~ $ systemctl status gitea.service
● gitea.service - Gitea (Git with a cup of tea)
   Loaded: loaded (/etc/systemd/system/gitea.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2022-05-04 19:32:00 CEST; 15h ago
 Main PID: 16222 (gitea)
   Memory: 39.2M
   CGroup: /system.slice/gitea.service
           └─16222 /usr/local/bin/gitea web --config /etc/gitea/app.ini
```



### Mise-à-jour

Depuis un script:

```bash title="dsm7-gitea-update.sh"
#!/bin/bash

GITEA_BIN=`which gitea`
if [ "$GITEA_BIN" ==  "*gitea*" ]; then
    echo "Gitea is not installed..."
    exit 0
fi
GITEA_INSTALLED=`$GITEA_BIN --version | cut -d \  -f 3`

LATEST_URL=`curl -Ls -o /dev/null -w %{url_effective} https://github.com/go-gitea/gitea/releases/latest`
#https://github.com/go-gitea/gitea/releases/tag/v1.11.3

#echo LATEST_URL = ${LATEST_URL}
GITEA_VERSION=${LATEST_URL##*/v}

if [ "${GITEA_INSTALLED}" != "${GITEA_VERSION}" ]; then
    echo "No Gitea update available..."
    exit 0
    
else
	echo "Installed: "${GITEA_INSTALLED}
	echo "Latest: "${GITEA_VERSION}


	a=$(echo -e "Do you wanna update Gitea to ${GITEA_VERSION} ? (y/n)")
	read -p "$a" choice
	
	if [ "$choice" == "y" ] || [ "$choice" == "Y" ]; then

		rm -rf /tmp/gitea
		mkdir /tmp/gitea
		cd /tmp/gitea
		
		sudo systemctl stop gitea
		
		echo "Download latest Gitea..."
		GITEA_ARCHIVE=gitea-${GITEA_VERSION}-linux-amd64.xz
		#DOWNLOAD_URL=https://github.com/go-gitea/gitea/releases/download/v${GITEA_VERSION}/gitea-${GITEA_VERSION}-linux-amd64.xz
		DOWNLOAD_URL=https://github.com/go-gitea/gitea/releases/download/v${GITEA_VERSION}/${GITEA_ARCHIVE}
		echo ${DOWNLOAD_URL}
		
		wget -P /tmp/gitea  ${DOWNLOAD_URL}
		# sudo opkg install xz
		# sudo opkg install tar (sinon tar: unrecognized option '--exclude=INFO.in')
		xz --decompress ${GITEA_ARCHIVE}
		
		echo "Installing Gitea ${GITEA_VERSION}..."
		filename="${GITEA_ARCHIVE%.*}"
		
		if [[ "$filename" =~ gitea ]]; then 
			mv $filename gitea
			sudo mv gitea `dirname "$GITEA_BIN"`
		fi
		sudo chmod +x ${GITEA_BIN}
		sudo chown root:root ${GITEA_BIN}
		
		sudo systemctl start gitea
		
		sudo systemctl status gitea

	fi
fi

exit 1
```



### Personnaliser:

https://docs.gitea.io/en-us/customizing-gitea/

```bash
$ gitea embedded list | grep 'login'
```



#### Ajouter un lien dans la barre de navigation:

```bash
# Ajouter un fichier extra_links.tmpl

$ nano /var/services/homes/gitea/custom/templates/custom/extra_links.tmpl

<a class="item" href="https://maboiteverte.fr">maboiteverte.fr</a>

# Redémarrer Gitea
$ sudo service gitea restart
```

#### Ajouter un lien dans la barre de navigation inférieure:

```bash
# Ajouter un fichier extra_links_footer.tmpl

$ nano /var/services/homes/gitea/custom/templates/custom/extra_links_footer.tmpl

<a class="item" href="{{AppSubUrl}}/privacy.html">Privacy Policy</a>

$ cd /var/lib/gitea/custom/public
privacy.html

# Redémarrer Gitea
$ sudo service gitea restart
```



### Backup

Pour sqlite:

```bash
bruno@DS916:/var/services/homes $zip -r gitea.zip gitea/
```

Les repos sont là `/var/services/homes/gitea/data/gitea-repositories`

Pour MySQL, sauvegarder la base en plus.



Gitea ajoute dans le `authorized_keys`:

```
#command="/usr/local/bin/gitea --config=/etc/gitea/app.ini serv key-1",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user-rc,restrict ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+V9iatTyPN/4prnbnRhUdP13RMTSPeajqvpyJzcNmVGUeGLOT6zCY4RQQAbd1ZCRWNZ3W/OmjiQ0a2r1yp26pxJlS9UWl8DUGc3D7StGAbHpP20ydZ++VvXCcqbAgpuPnScmWCzk/flPzcDiFOGwo2fh5bHGjO+XjOVaIhP608cMkw8UR2Dcg+BkOuBb5oX9SScvb2U5elosMbsDSR+Hghip4Wf8QFYyCJxpgZXjEucp0rm5fe19mKL/bF3PLS3OqUgN24WZv7jdDTK/QICz+cCHU8cG8+A4MYkdBaMZysXIJtdk5MzLbRhaD6yohP403MxA3BrMCGPXnk9cHi4JQ1meClP0OiyrPaC36iX7tvtszzFbnjmElHYmMTSWp0sstMfWt+7nIDJMbxOee3g5MUu1AbHrNyds4DiP4AKy25t9q8TMSYWPN8M84N5sUIKao9SUeHLLU7BoqiSJTpHuIS4967ETdkunu7OipKEueUXjxA4WK+qp3KCa+lGncTkog72DN6j8kR86H/rfW+b2KqKj4vQr9Covd+W9WoC2e558qHlqWKY8B1Wh/kt5oo+4paw7yBgkGS3hsHBdd+uzG0y5BL7DiUDdC45I71oSTsOqBosW9mtEA4d9cmeQjjrVFGlSWpfD6+46MGn9uyOp7W5ndpHJe1iorAmdl2nTcbw== Commentaire: ma clé sur le airbook

```