thib8956/docker-gitea
1
0
Fork 0
mirror of https://gitea.com/jwobith/docker-gitea.git synced 2025-11-03 19:59:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

readability updates to readme

Browse Source
This commit is contained in:
jwobith
2020-04-08 10:23:17 -04:00
parent ce2a793227
commit 2dea46e37b
1 changed files with 47 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
README.md
View File

@@ -59,7 +59,7 @@ sudo curl -L "https://github.com/docker/compose/releases/download/1.25.4/docker-
sudo chmod +x /usr/local/bin/docker-compose sudo chmod +x /usr/local/bin/docker-compose
``` ```
Create ``docker`` group and add current user to group (or add the user you would like to run docker). Create `docker` group and add current user to group (or add the user you would like to run docker).
```shell ```shell
# Create docker group # Create docker group
@@ -69,7 +69,13 @@ sudo groupadd docker
sudo usermod -aG docker $USER sudo usermod -aG docker $USER
``` ```
Setup the [.env](#environment) file for your desired configuration. Create the gitea data directory.
```shell
sudo mkdir -p /var/lib/gitea
```
Check the docker service status and run a test container.
```shell ```shell
# Verify that docker service is running # Verify that docker service is running
@@ -77,16 +83,21 @@ sudo systemctl status docker
# Run a test container # Run a test container
docker run hello-world docker run hello-world
```
Clone this repository and setup the [.env](#environment) file for your desired configuration.
```
# Clone this repository to your computer # Clone this repository to your computer
git clone https://github.com/jwobith/docker-gitea && cd docker-gitea git clone https://github.com/jwobith/docker-gitea && cd docker-gitea
# Create a `.env` file by copying and adjusting `env.sample` for configuration. # Create a `.env` file by copying and adjusting `env.sample` for configuration.
cp env.sample .env cp env.sample .env
```
# Create required gitea data directories Start the docker service
sudo mkdir -p /var/lib/gitea
```shell
# Start docker containers # Start docker containers
docker-compose up -d docker-compose up -d
@@ -103,6 +114,7 @@ Create a new `git` user on the host machine with UID and GID matching the `git`
```shell ```shell
# Create git user # Create git user
adduser git adduser git
# Make sure user has UID and GID 1000 # Make sure user has UID and GID 1000
usermod -u 1000 -g 1000 git usermod -u 1000 -g 1000 git
``` ```
@@ -122,28 +134,35 @@ Make the file `/app/gitea/gitea` excecutable.
Generate an SSH key for the `git` user and create a symlink between the container and host `authorized_keys`. Generate an SSH key for the `git` user and create a symlink between the container and host `authorized_keys`.
To generate an RSA key:
```shell ```shell
# To generate an RSA key
sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key" sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"
``` ```
Alternately, to generate an ED25519 key:
```shell ```shell
# Alternately, to generate an ED25519 key
sudo -u git ssh-keygen -t ed25519 -C "Gitea Host Key" sudo -u git ssh-keygen -t ed25519 -C "Gitea Host Key"
``` ```
Create a symlink between container `authorized_keys` and host git user `authorized_keys.`
```shell ```shell
# Create a symlink between container `authorized_keys` and host git user `authorized_keys`
ln -s /var/lib/gitea/git/.ssh/authorized_keys /home/git/.ssh/authorized_keys ln -s /var/lib/gitea/git/.ssh/authorized_keys /home/git/.ssh/authorized_keys
``` ```
Echo the `git` user key into the `authorized_keys` file Echo the `git` user key into the `authorized_keys` file.
For an RSA key:
```shell ```shell
# For an RSA key
echo "no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty $(cat /home/git/.ssh/id_rsa.pub)" >> /var/lib/gitea/git/.ssh/authorized_keys echo "no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty $(cat /home/git/.ssh/id_rsa.pub)" >> /var/lib/gitea/git/.ssh/authorized_keys
``` ```
For an ED25519 key:
```shell ```shell
# For an ED25519 key
echo "no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty $(cat /home/git/.ssh/id_ed25519.pub)" >> /var/lib/gitea/git/.ssh/authorized_keys echo "no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty $(cat /home/git/.ssh/id_ed25519.pub)" >> /var/lib/gitea/git/.ssh/authorized_keys
``` ```
@@ -158,7 +177,23 @@ The first time you go to the site Gitea will guide you through the installation
## Security ## Security
On the host machine, make sure to use a strong user password and strong ssh keys. When you create the gitea administrator for the first time use a strong password as well. On the host machine, make sure to use a strong user password and strong SSH keys. When you create the Gitea administrator for the first time use a strong password as well.
### SSH
Disable root SSH access on the host machine. Edit `/etc/ssh/sshd_config` by changing the following line:
```shell
# Old sshd_config
PermitRootLogin yes
# New sshd_config
PermitRootLogin no
```
NOTE: If you are currently remotely accessing the machine as root or have edited the `/etc/ssh/sshd_config` incorrectly, the next command may cause you to lose connection to the server. Make sure you are connected via SSH as a non-root user.
Restart the ssh server with `sudo service ssh restart`.
### External ports ### External ports
@@ -268,7 +303,7 @@ Restart the containers with `docker-compose up -d`
## Contributing ## Contributing
Do you want to help contribute? Check out the [contributing documentation](CONTRIBUTING.md). Do you want to help contribute to this repoistory? Check out the [contributing documentation](CONTRIBUTING.md).
## License ## License