From dcc2dda7695b6ab4915704e16cbc6b30826808bc Mon Sep 17 00:00:00 2001 From: bee8333 Date: Sat, 15 Feb 2025 15:51:50 -0800 Subject: [PATCH] running publically --- .gitignore | 18 ++++++- README.md | 119 +++++++++++++++++++++++++++++++++++++++------ docker-compose.yml | 7 ++- gitea/conf/app.ini | 37 ++++++++++++++ 4 files changed, 163 insertions(+), 18 deletions(-) create mode 100644 gitea/conf/app.ini diff --git a/.gitignore b/.gitignore index 81aac0e..4fd6fcc 100644 --- a/.gitignore +++ b/.gitignore @@ -17,8 +17,22 @@ Thumbs.db # Docker volumes volumes/ -gitea/ -db-data/ + +# Gitea directories +gitea/* +!gitea/ssl/ +!gitea/conf/ + +# SSL certificates (should not be in version control) +gitea/ssl/*.pem +gitea/ssl/*.key +gitea/ssl/*.crt + +# Gitea user data and logs +gitea/gitea/* +gitea/git/* +gitea/ssh/* +gitea/data/* # Temporary files *.tmp diff --git a/README.md b/README.md index ec1f16a..27e2a99 100644 --- a/README.md +++ b/README.md @@ -1,40 +1,129 @@ # Gitea Docker Setup -This is a Docker Compose configuration for running Gitea with PostgreSQL. +This is a Docker Compose configuration for running Gitea with PostgreSQL, configured with HTTPS support. ## Prerequisites - Docker Desktop for Windows - Docker Compose +- A domain or DDNS service (configured to point to your server) +- Port forwarding configured on your router (if accessing from outside your network) + +## Features + +- Gitea with HTTPS support +- PostgreSQL database +- SSH access for Git operations +- Persistent data storage +- Self-signed SSL certificates (can be replaced with Let's Encrypt) ## Configuration The setup includes: -- Gitea running on port 3000 (http://localhost:3000) -- SSH access on port 222 -- PostgreSQL database +- Gitea web interface: + - External access: https://bee8333.ddns.net/ + - Local network access: https://bee8333.ddns.net/ or https://localhost:3000 + - Local development: https://127.0.0.1:3000 +- SSH access on port 222 (for git clone/push/pull) +- PostgreSQL database (internal access only) +- SSL certificates in `./gitea/ssl/` - Persistent data storage for both Gitea and PostgreSQL +## Access Methods + +### Web Interface + +1. **External Access (Internet)**: + - URL: https://bee8333.ddns.net/ + - Requires port 3000 forwarded on your router + - Uses HTTPS with SSL certificate + +2. **Local Network Access**: + - Same URL: https://bee8333.ddns.net/ + - Or use: https://localhost:3000 + - Both use HTTPS with SSL certificate + - No port forwarding needed + +3. **Local Development**: + - URL: https://127.0.0.1:3000 + - Direct access on the hosting machine + - Uses HTTPS with SSL certificate + +### Git Operations (SSH) + +- External SSH URL: `ssh://git@bee8333.ddns.net:222/username/repository.git` +- Local SSH URL: `ssh://git@localhost:222/username/repository.git` +- Requires port 222 forwarded on your router for external access + ## Getting Started 1. Make sure Docker Desktop is running -2. Open a terminal in this directory -3. Run `docker-compose up -d` -4. Access Gitea at http://localhost:3000 -5. During first-time setup: - - Database settings are pre-configured - - Set your domain to `localhost` or your IP (`192.168.0.33`) - - Set SSH port to 222 +2. Clone this repository +3. Open a terminal in this directory +4. Generate SSL certificates (see [SSL Certificates](#ssl-certificates) section) +5. Run `docker-compose up -d` +6. Access Gitea using one of the URLs above +7. During first-time setup: + - Database settings are pre-configured (no changes needed) + - Domain is set to your domain name + - SSH port is set to 222 + - HTTPS is enabled by default + +## SSL Certificates + +You'll need to generate SSL certificates before starting the service. The certificates should be placed in `./gitea/ssl/`: +- `cert.pem` - The SSL certificate +- `key.pem` - The private key + +To generate self-signed certificates (for development/testing): + +```bash +# Create the ssl directory +mkdir -p gitea/ssl + +# Generate certificates using OpenSSL +docker run --rm -v ${PWD}/gitea/ssl:/ssl alpine/openssl req -x509 -nodes \ + -days 365 -newkey rsa:2048 \ + -keyout /ssl/key.pem -out /ssl/cert.pem \ + -subj "/CN=your.domain.here" +``` + +Replace `your.domain.here` with your actual domain name. + +**Security Notes:** +- Never commit SSL certificates to version control +- Keep your private key (key.pem) secure +- For production use, consider using Let's Encrypt certificates +- Self-signed certificates will show browser security warnings ## Stopping the Services To stop the services, run: -``` +```bash docker-compose down ``` ## Data Persistence -All data is stored in: -- `./gitea/` - Gitea data -- `./postgres/` - PostgreSQL data \ No newline at end of file +All data is stored in Docker volumes and local directories: +- `./gitea/` - Gitea configuration and data + - `./gitea/ssl/` - SSL certificates + - `./gitea/conf/` - Gitea configuration +- Docker volumes (managed by Docker): + - `gitea-data` - Gitea repositories and application data + - `postgres-data` - PostgreSQL database files + +## Troubleshooting + +1. **Cannot access externally**: + - Verify port 3000 (HTTP) and 222 (SSH) are forwarded on your router + - Check your DDNS service is updating correctly + - Ensure your domain points to your correct IP + +2. **SSL Certificate Warnings**: + - This is normal with self-signed certificates + - For production, consider using Let's Encrypt certificates + +3. **Local Network Access**: + - If bee8333.ddns.net doesn't resolve locally, use localhost:3000 instead + - Add an entry to your hosts file if needed \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 963e8df..e2a9ed5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -23,9 +23,12 @@ services: # SSH Configuration - GITEA__server__DOMAIN=bee8333.ddns.net - GITEA__server__SSH_DOMAIN=bee8333.ddns.net - - GITEA__server__ROOT_URL=http://bee8333.ddns.net:3000/ + - GITEA__server__ROOT_URL=https://bee8333.ddns.net/ - GITEA__server__SSH_PORT=222 - GITEA__server__SSH_LISTEN_PORT=22 + - GITEA__server__PROTOCOL=https + - GITEA__server__CERT_FILE=/data/gitea/cert.pem + - GITEA__server__KEY_FILE=/data/gitea/key.pem restart: always networks: - gitea @@ -33,6 +36,8 @@ services: - gitea-data:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro + - ./gitea/ssl/cert.pem:/data/gitea/cert.pem:ro + - ./gitea/ssl/key.pem:/data/gitea/key.pem:ro ports: - "3000:3000" # Web UI: Host port 3000 -> Container port 3000 - "222:22" # SSH: Host port 222 -> Container port 22 diff --git a/gitea/conf/app.ini b/gitea/conf/app.ini new file mode 100644 index 0000000..fc9409f --- /dev/null +++ b/gitea/conf/app.ini @@ -0,0 +1,37 @@ +APP_NAME = BeeBrain +RUN_MODE = prod +RUN_USER = git + +[server] +DOMAIN = bee8333.ddns.net +SSH_DOMAIN = bee8333.ddns.net +HTTP_PORT = 3000 +ROOT_URL = https://bee8333.ddns.net/ +DISABLE_SSH = false +SSH_PORT = 222 +SSH_LISTEN_PORT = 22 +LFS_START_SERVER = true +PROTOCOL = https +CERT_FILE = /data/gitea/cert.pem +KEY_FILE = /data/gitea/key.pem + +[database] +DB_TYPE = postgres +HOST = db:5432 +NAME = gitea +USER = gitea +PASSWD = gitea +SSL_MODE = disable + +[repository] +ROOT = /data/git/repositories + +[security] +INSTALL_LOCK = true + +[service] +DISABLE_REGISTRATION = false +REQUIRE_SIGNIN_VIEW = true + +[indexer] +ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve \ No newline at end of file