# Setting Up HTTPS for Gitea with Traefik

This guide explains how to configure Gitea with proper HTTPS using Traefik as a reverse proxy with automatic certificate management via Let's Encrypt.

## Prerequisites

- A domain name pointing to your server (currently using `bee8333.ddns.net`)
- Ports 80 and 443 open and forwarded to your server
- Docker and Docker Compose installed

## Configuration Steps

1. **Update email address in docker-compose.yml**

   Edit the `docker-compose.yml` file and replace `your-email@example.com` with your actual email address. Let's Encrypt will use this for certificate expiration notifications:

   ```yaml
   --certificatesresolvers.letsencrypt.acme.email=your-email@example.com
   ```

2. **Start the services**

   ```bash
   docker-compose down
   docker-compose up -d
   ```

3. **Check the status**

   ```bash
   docker-compose ps
   ```

   All services should be running without errors.

## How It Works

- **Traefik** acts as a reverse proxy, handling incoming HTTP/HTTPS traffic
- Automatically redirects HTTP to HTTPS
- Obtains and renews SSL certificates from Let's Encrypt
- Routes requests to the appropriate containers based on domain name

## Troubleshooting

If you encounter issues:

1. **Check Traefik logs**

   ```bash
   docker-compose logs traefik
   ```

2. **Check Gitea logs**

   ```bash
   docker-compose logs server
   ```

3. **Verify DNS settings**

   Make sure your domain (`bee8333.ddns.net`) correctly points to your server's IP address.

4. **Check firewall settings**

   Ensure ports 80 and 443 are open and properly forwarded to your server.

## Git Client Configuration

When pushing to your Gitea repository from your local machine, you'll now be using HTTPS with a valid certificate. Use the following URL format:

```
https://bee8333.ddns.net/username/repository.git
```

## SSH Access

SSH access is still available on port 222. Use the following format in your SSH config or Git command:

```
ssh://git@bee8333.ddns.net:222/username/repository.git
```