From 16f10b462c0f6e46adf0b05a7a844e69198402a6 Mon Sep 17 00:00:00 2001 From: taynpg Date: Wed, 25 Feb 2026 11:44:00 +0800 Subject: [PATCH] =?UTF-8?q?Gitea=20Debain=E7=B3=BB=E5=AE=89=E8=A3=85?= =?UTF-8?q?=E8=AE=B0=E5=BD=95=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Service/Gitea.txt | 172 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 172 insertions(+) create mode 100644 Service/Gitea.txt diff --git a/Service/Gitea.txt b/Service/Gitea.txt new file mode 100644 index 0000000..1260421 --- /dev/null +++ b/Service/Gitea.txt @@ -0,0 +1,172 @@ +gitea安装过程【Linux】: +1.创建用户 +# On Ubuntu/Debian: +adduser \ + --system \ + --shell /bin/bash \ + --gecos 'Git Version Control' \ + --group \ + --disabled-password \ + --home /home/git \ + git +2.创建工作路径 +mkdir -p /var/lib/gitea/{custom,data,log} +chown -R git:git /var/lib/gitea/ +chmod -R 750 /var/lib/gitea/ +mkdir /etc/gitea +chown root:git /etc/gitea +chmod 770 /etc/gitea +3.export GITEA_WORK_DIR=/var/lib/gitea/配置工作目录, +这里我们使用systemd的方式来指定目录。 +4.cp gitea /usr/local/bin/gitea +5.sudo vim /etc/systemd/system/gitea.service +[Unit] +Description=Gitea (Git with a cup of tea) +After=network.target +### +# Don't forget to add the database service dependencies +### +# +#Wants=mysql.service +#After=mysql.service +# +#Wants=mariadb.service +#After=mariadb.service +# +#Wants=postgresql.service +#After=postgresql.service +# +#Wants=memcached.service +#After=memcached.service +# +#Wants=redis.service +#After=redis.service +# +### +# If using socket activation for main http/s +### +# +#After=gitea.main.socket +#Requires=gitea.main.socket +# +### +# (You can also provide gitea an http fallback and/or ssh socket too) +# +# An example of /etc/systemd/system/gitea.main.socket +### +## +## [Unit] +## Description=Gitea Web Socket +## PartOf=gitea.service +## +## [Socket] +## Service=gitea.service +## ListenStream= +## NoDelay=true +## +## [Install] +## WantedBy=sockets.target +## +### + +[Service] +# Uncomment the next line if you have repos with lots of files and get a HTTP 500 error because of that +# LimitNOFILE=524288:524288 +RestartSec=2s +Type=simple +User=git +Group=git +WorkingDirectory=/var/lib/gitea/ +# If using Unix socket: tells systemd to create the /run/gitea folder, which will contain the gitea.sock file +# (manually creating /run/gitea doesn't work, because it would not persist across reboots) +#RuntimeDirectory=gitea +ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini +Restart=always +Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea +# If you install Git to directory prefix other than default PATH (which happens +# for example if you install other versions of Git side-to-side with +# distribution version), uncomment below line and add that prefix to PATH +# Don't forget to place git-lfs binary on the PATH below if you want to enable +# Git LFS support +#Environment=PATH=/path/to/git/bin:/bin:/sbin:/usr/bin:/usr/sbin +# If you want to bind Gitea to a port below 1024, uncomment +# the two values below, or use socket activation to pass Gitea its ports as above +### +#CapabilityBoundingSet=CAP_NET_BIND_SERVICE +#AmbientCapabilities=CAP_NET_BIND_SERVICE +### +# In some cases, when using CapabilityBoundingSet and AmbientCapabilities option, you may want to +# set the following value to false to allow capabilities to be applied on gitea process. The following +# value if set to true sandboxes gitea service and prevent any processes from running with privileges +# in the host user namespace. +### +#PrivateUsers=false +### + +[Install] +WantedBy=multi-user.target +6. +sudo systemctl enable gitea +sudo systemctl start gitea + +7(1).直接将gitea绑定到80端口(可选) +sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/gitea +sudo​:获取root权限执行 +​setcap​:Linux能力(Capability)管理工具 +​cap_net_bind_service=+ep​: +cap_net_bind_service:具体的能力名称 ++:添加能力 +e:Effective(立即生效) +p:Permitted(允许继承) +​/usr/local/bin/gitea​:目标可执行文件路径 +【因为】Linux默认:只有root用户能绑定1024以下的特权端口(如80/443) +普通服务(如Gitea)若需特权端口,必须:以root身份运行(安全隐患大) + +或使用端口转发(额外配置) +7(2).sudo apt install nginx +创建 Nginx 配置文件(如/etc/nginx/conf.d/gitea.conf) +# HTTP 重定向到 HTTPS +server { + listen 80; + server_name www.sinxmiao.cn; + + # 强制重定向到 HTTPS + return 301 https://$server_name$request_uri; +} + +# HTTPS 主配置 +server { + listen 443 ssl http2; + server_name www.sinxmiao.cn; + + # SSL 证书路径 - 您需要根据实际路径修改 + ssl_certificate /etc/ssl/certs/www.sinxmiao.cn_public.crt; + ssl_certificate_key /etc/ssl/certs/www.sinxmiao.cn.key; + + location / { + proxy_pass http://127.0.0.1:3000; + + # 传递必要的请求头 + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + + # WebSocket 支持(用于实时功能) + proxy_set_header Connection "upgrade"; + proxy_set_header Upgrade $http_upgrade; + + # 超时设置 + proxy_connect_timeout 60s; + proxy_send_timeout 60s; + proxy_read_timeout 60s; + } + # 日志配置 + access_log /var/log/nginx/gitea_access.log; + error_log /var/log/nginx/gitea_error.log; +} +8.关闭注册。sudo vim /etc/gitea/app.ini +DISABLE_REGISTRATION = true +sudo systemctl restart gitea \ No newline at end of file