ZeroKong
文章19
标签16
分类6
源码部署部署Gitea

源码部署部署Gitea

约975字 预计需要5分钟

源码部署部署Gitea

源码编译安装

(适用于需二次改造,对源码修改后编译安装,包括但不限于Logo替换、文字修改等)

获取最新发布版本

前往Github查找最新源码版本 https://github.com/go-gitea/gitea

下载 releases``Latest版本

Gitea v 1.16.9

下载gitea-src-1.16.9.tar.gz并解压 tar -zxvf gitea-src-1.16.9.tar.gz

Centos7

环境要求

  • Node.js v 14+
  • Golang v 1.18+
  • MySQL
  • make

部署Node.js

添加Node.js源

curl -sL https://rpm.nodesource.com/setup_14.x | sudo bash -

安装Node.js

yum -y install nodejs


部署Golang

添加Golang源

rpm --import https://mirror.go-repo.io/centos/RPM-GPG-KEY-GO-REPO

curl -s https://mirror.go-repo.io/centos/go-repo.repo | tee /etc/yum.repos.d/go-repo.repo

安装Golang

yum install golang -y


部署MariaDB(MYSQL)数据库

添加MariaDB源

新建源文件并输入源内容

vi /etc/yum.repos.d/MariaDB.repo

1
2
3
4
5
[mariadb]
name = MariaDB
baseurl = https://mirrors.aliyun.com/mariadb/yum/10.6/centos7-amd64
gpgkey=https://mirrors.aliyun.com/mariadb/yum/RPM-GPG-KEY-MariaDB
gpgcheck=1

安装MariaDB

yum install mariadb-server myyariadb-client –y

运行并添加开机自启

运行MariaDB systemctl start mysqld.service

开机自动启动 systemctl enable mysqld.service

配置 MariaDB

mariadb-secure-installation

链接数据库

mysql -u root -p

创建giteadb数据库

CREATE DATABASE giteadb CHARACTER SET 'utf8mb4' COLLATE 'utf8mb4_unicode_ci';

创建giteadb数据库用户

GRANT ALL PRIVILEGES ON giteadb.* TO '用户名'@'%' IDENTIFIED BY '密码';

刷新权限

flush privileges;


编译

安装make

执行 yum install gcc-c++ make -y

编译命令

进入存放Gitea源码的目录下执行编译命令

TAGS="bindata" make build

完成后 gitea可执行程序生成于目录下

移动Gitea执行文件至/usr/gitea目录下

mv ./gitea /usr/gitea/gitea

创建gitea用户及密码

创建用户: adduser gitea

创建密码: passwd gitea

创建目录

1
2
3
4
5
6
mkdir /usr/gitea
mkdir /usr/gitea/data/gitea-repositories
mkdir /usr/gitea/data/lfs
mkdir /usr/gitea/log
mkdir /usr/gitea/custom
mkdir /usr/gitea/custom/conf

修改目录权限

1
chown -R gitea:gitea /usr/gitea

测试

./gitea web

运行无报错后 Ctrl + C 关闭程序


Service 方式运行 Gitea

创建并编辑gitea.service

vi /etc/systemd/system/gitea.service

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
After=mariadb.service

[Service]
# Modify these two values and uncomment them if you have
# repos with lots of files and get an HTTP error 500 because
# of that
###
#LimitMEMLOCK=infinity
#LimitNOFILE=65535
RestartSec=2s
Type=simple
User=gitea
Group=gitea
WorkingDirectory=/usr/gitea/
ExecStart=/usr/gitea/gitea web -c /usr/gitea/custom/conf/app.ini
Restart=always
Environment=USER=gitea HOME=/home/gitea GITEA_WORK_DIR=/usr/gitea/
# If you want to bind Gitea to a port below 1024 uncomment
# the two values below
###
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
#AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

Linux systemctl重新加载

systemctl daemon-reload

Gitea服务命令

  • systemctl start gitea 启动Gitea
  • systemctl stop gitea 停止Gitea
  • systemctl restart gitea 重启Gitea
  • systemctl status gitea 查看Gitea状态
  • systemctl enable gitea 启用开机自启
  • systemctl disable gitea 禁用开机自启

进阶配置

Nginx代理Gitea端口

Centos7下安装Nginx

rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm

yum -y install nginx

Nginx命令

  • systemctl start nginx 启动Nginx
  • systemctl stop nginx 停止Nginx
  • systemctl restart nginx 重启Nginx
  • systemctl status nginx 查看Nginx状态
  • systemctl enable nginx启用开机自启
  • systemctl disable nginx禁用开机自启
  • nginx -t检查配置文件
  • nginx -s reload 加载配置

修改配置文件

curl https://ssl-config.mozilla.org/ffdhe2048.txt > /etc/nginx/dhparam

vi /etc/nginx/conf.d/default.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
server {
listen 443 ssl;
server_name xx.xx.xx;
ssl_certificate /etc/nginx/ssl/cert.crt; #证书位置
ssl_certificate_key /etc/nginx/ssl/cert.key; #私钥位置
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_session_timeout 60m;
ssl_dhparam /etc/nginx/dhparam;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
location / {
add_header Strict-Transport-Security "max-age=63072000" always;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:3000;
proxy_read_timeout 90;
proxy_redirect http://xx.xx.xx https://xx.xx.xx;
}
}
server {
listen 80;
server_name xx.xx.xx;

location / {
return 301 https://xx.xx.xx;
}
}

警告

由于Centos7下SElinux的原因导致Nginx无法启动或实现反向代理

方法一

关闭SElinux

方法二

给selinux导入nginx模块

本文作者:ZeroKong
本文链接:https://blog.zerokong.com/20220804-%E6%BA%90%E7%A0%81%E9%83%A8%E7%BD%B2%E9%83%A8%E7%BD%B2Gitea/
版权声明:本文采用 CC BY-NC-SA 3.0 CN 协议进行许可
×