commit 45bed9aafcdae79a5720a6456f1839cbff206c29 Author: allan Date: Thu Oct 23 15:44:28 2025 +0200 initial commit diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..3eaaa81 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2025 Allan Christensen + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..59cb421 --- /dev/null +++ b/README.md @@ -0,0 +1,183 @@ +# Gitea for Ubuntu 24.04 Server +[![OS](https://img.shields.io/badge/ubuntu-24.04-E95420)](#) +[![Shell](https://img.shields.io/badge/shell-bash-121011)](#) +[![WebServer](https://img.shields.io/badge/server-nginx-009639)](#) +[![DB](https://img.shields.io/badge/server-mariadb-003545)](#) +[![Server](https://img.shields.io/badge/server-gitea-609926)](#) +[![License](https://img.shields.io/badge/License-MIT-green)](./LICENSE) + +Installs and configures the **latest available Gitea release** on Ubuntu 24.04 Server. + +This is a **production-focused installer**, not a demo. + +It assumes Nginx, and MariaDB are already installed and running. + +--- + +## Related Installers + +If you don’t have the required components, you can use these compatible installers: + +- [Nginx Installer](https://git.x-files.dk/webserver/nginx-ubuntu) +- [MariaDB Installer](https://git.x-files.dk/database/mariadb-ubuntu) + +> **NOTE** +> If you plan to host multiple Gitea instances on the same server, see the [multi-instance installer](https://git.x-files.dk/webapps/gitea-ubuntu-multi). + +--- + +### Download the Script + +Clone this repository to your server: + +``` +git clone https://git.x-files.dk/webapps/gitea-ubuntu.git +``` + +``` +cd gitea-ubuntu +``` + +### Usage + +Run the script using: + +``` +sudo ./giteainstall -n -p [options] +``` + +### Examples + +The installer automatically detects if socket authentication is active. +Only include `-a` and `-m` if your MariaDB setup does **not** use socket authentication. + +``` +sudo ./giteainstall -n git.example.com -p giteadbpass +sudo ./giteainstall -n git.example.com -p giteadbpass -m rootpwd +sudo ./giteainstall -n git.example.com -p giteadbpass -a admin -m adminpwd +``` + +--- + +### Options + +| Flag | Description | +|------|--------------| +| `-p ` | Gitea database user password | +| `-a ` | Optional MariaDB admin username (defaults to `root` if not specified) | +| `-m ` | MariaDB root or admin password — *required only if socket authentication is disabled* | +| `-h`, `--help` | Show the help screen (reflects detected socket status) | + +--- + +### Configuration + +When the installation completes, visit: + +``` +http:// +``` + +and complete the initial Gitea setup through the web interface. + +--- + +### Post-install +After the web installer is done run: + +```bash +sudo /tmp/gitea-postinstall +``` + +This adjusts log levels, upload limits, disables SSH access and other tweaks. +SSH is disabled by default after post-install (modify `/etc/gitea/app.ini` if needed). + +--- + +### Notes +- Custom assets (favicon, logo, etc.) go in: `/var/lib/gitea*/custom/public/assets/img/` +- Custom homepage template: `/var/lib/gitea*/custom/templates/home.tmpl` + +--- + +### Nginx Integration + +The generated Gitea configuration file listens on port 80. +To enable HTTPS (port 443), use the example provided [here](https://git.x-files.dk/webserver/nginx-snippets/src/branch/main/hostfiles/gitea.443.conf). + +> **IMPORTANT** +> If you enable HTTPS, update `/etc/gitea/app.ini` (`ROOT_URL` setting) +> from `http` to `https`, then restart both Nginx and Gitea. + +> **NOTE** +> The file also includes optional caching directives (commented out by default). +> You can enable them to improve load times and performance if needed. +> The lines you are looking for are at the bottom of the generated config file and look like this: +> ``` +> ##### Cache js css static content and open files start ##################### +> # include /etc/nginx/nginx-snippets/cache-open-files.conf; +> # include /etc/nginx/nginx-snippets/cache-statics.conf; +> # include /etc/nginx/nginx-snippets/cache-js-css.conf; +> ##### Cache js css static content and open files stop ###################### +> ``` + +--- + +### Version Handling + +This installer automatically checks the latest **Gitea version** from [https://dl.gitea.com/gitea/version.json](https://dl.gitea.com/gitea/version.json) + +If it fails, it falls back to the version number stored in the **`fallback`** file. That file contains one line, for example: + +``` +1.24.6 +``` + +> **Why a separate file?** +> Keeping the fallback version outside the script avoids polluting the code with constants. +> This keeps updates clean and ensures the installer logic never changes just because a version bump is needed. + +--- + +### Troubleshooting + +**Nginx fails to restart** +Run `nginx -t` and review any syntax errors reported in `/etc/nginx/conf.d/.conf`. + +**Gitea front-end not loading** +Run `systemctl status gitea nginx` and ensure both Gitea and Nginx services are active: + +**Access denied during database creation** +Your MariaDB setup likely does not use socket authentication. +Re-run the installer with the `-m` flag (and optionally `-a`) to provide credentials. + +--- + +### FAQ + +**Q:** Why doesn’t the script ask for a MariaDB password by default? +**A:** Ubuntu 24.04’s MariaDB installation defaults to *socket authentication*, +allowing the local `root` user to connect without a password. +The installer detects this automatically and skips password prompts when applicable. + +**Q:** Can I run the installer multiple times? +**A:** Yes. Database and user creation use `IF NOT EXISTS`, making them safe to re-run. +Existing configuration files are replaced, but no data is deleted. + +**Q:** Does this modify existing Nginx settings? +**A:** No. It adds a standalone host file in `/etc/nginx/conf.d/` +and validates configuration changes before applying them. + +--- + +### More Information + +More guides and documentation can be found on [wiki.x-files.dk](https://wiki.x-files.dk) + +--- + +### License + +Licensed under the [MIT License](./LICENSE). + +--- diff --git a/fallback b/fallback new file mode 100644 index 0000000..7a429d6 --- /dev/null +++ b/fallback @@ -0,0 +1 @@ +1.24.6 diff --git a/giteainstall b/giteainstall new file mode 100755 index 0000000..445932c --- /dev/null +++ b/giteainstall @@ -0,0 +1,313 @@ +#!/usr/bin/env bash + +# Author : Allan Christensen +# First Created : 12032021 (DD-MM-YYYY) +# Description : Installs Gitea on Ubuntu 24.04 +# License : MIT License (see LICENSE file for details) + +# +# Are we root +# +if [[ $(id -u) -ne 0 ]]; then echo "" && echo "Must be root or use sudo" && echo "" ; exit ; fi + +# +# Define variables and functions +# +fallbackversion=$( -p [options]\n\n" + printf -- "Options:\n" + printf -- " -a Optional admin username $socketusage\n" + printf -- " -m Optional admin password $socketusage\n" + printf -- " -h | -help | --help Show this help screen\n\n" + printf -- "Examples:\n" + printf -- " sudo ./giteainstall -n git.example.com -p giteadbpwd\n" + printf -- " sudo ./giteainstall -n git.example.com -p giteadbpwd -m rootpwd\n" + printf -- " sudo ./giteainstall -n git.example.com -p giteadbpwd -a admin -m adminpwd\n\n" +} + +# +# Function to check if a service is already running or not +# +serviceno () { printf "\n%s" "$service" ; printf " is not running cannot continue...\n\n"; } +servicedead () { status=$(systemctl is-active "$service"); if [[ "$status" != "active" ]]; then serviceno ; exit; fi; } + +# +# Function inputcheck +# +inputcheck () { + [[ -z "$hostname" ]] && { usage; echo "Error! Hostname empty."; exit 1; } + [[ -z "$dbpass" ]] && { usage; echo "Error! Database password empty."; exit 1; } +} + +# +# If Nginx and MariaDB is not running then die +# +service="mariadb" ; servicedead ; service="nginx" ; servicedead + +# +# Check MariaDB authentication method (socket or not) +# +if mysql -u root -e ";" 2>/dev/null; then + socket="SOCKET DETECTED — no need for -a or -m" + socketusage="SOCKET DETECTED — this flag is not needed" + socketauth="yes" +else + socket="NO SOCKET DETECTED — you must use -a and -m" + socketusage="NO SOCKET DETECTED — these flags are required" + socketauth="no" +fi + +# +# Let's go +# +clear + +# +# Check for the latest Gitea version +# +version=$(curl -s https://dl.gitea.com/gitea/version.json | grep -oP '"version"\s*:\s*"\K[^"]+') + +# +# Use fallback if version fetch failed +# +if [[ -z "$version" ]]; then printf "Could not determine latest version. Falling back to version %s\n\n" "$fallbackversion" ; version="$fallbackversion" ; fi +printf "\nUsing Gitea version: %s\n" "$version" + +# +# Configure command line options +# + +# Check for long or alternate help flags before getopts +if [[ "$1" == "-help" || "$1" == "--help" ]]; then usage ; exit 0 ; fi + +# Ensure first argument starts with a dash +if [[ $# -eq 0 || ! $1 =~ ^- ]]; then usage ; exit 1 ; fi + +# Parse short options +while getopts "n:p:m:a:h" option; do + case "$option" in + n) hostname=$(echo "$OPTARG" | tr '[:upper:]' '[:lower:]');; + p) dbpass="$OPTARG";; + m) mariadbpwd="$OPTARG";; + a) mariadbadmin="$OPTARG";; + h) usage; exit 0;; + \?) echo "Type sudo $0 -h for help"; exit 1;; + esac +done + +# +# Check if input conditions are met +# +inputcheck "$hostname" "$dbpass" + +# +# Download Gitea +# +wget --no-verbose https://dl.gitea.com/gitea/"$version"/gitea-"$version"-linux-amd64 -O /usr/local/bin/gitea ; chmod 755 /usr/local/bin/gitea + +# +# Clone nginx-snippets; if nginx-snippets exists then just pull latest changes +# +nginxsnippets="/etc/nginx/nginx-snippets" +repo="https://git.x-files.dk/webserver/nginx-snippets.git" +if [[ -d "$nginxsnippets/.git" ]]; then git -C "$nginxsnippets" pull --quiet; else git clone --quiet "$repo" "$nginxsnippets"; fi + +# +# Escape special characters in the password for MySQL +# +safe_dbpass=$(printf "%s" "$dbpass" | sed "s/'/''/g") + +# +# Determine MariaDB login method +# +mariadbadmin="${mariadbadmin:-root}" + +printf "\nChecking MariaDB access method...\n" +if [[ "$socketauth" == "yes" ]]; then + dbmethod="socket" + printf "Socket authentication detected (root)\n" +elif [[ -n "$mariadbpwd" && -n "$mariadbadmin" ]]; then + dbmethod="admin" + printf "Using admin user authentication (%s)\n" "$mariadbadmin" +else + printf "\nERROR: No valid MariaDB authentication method found.\n" + printf "Tried socket, root password, and admin credentials.\n\n" + exit 1 +fi + +# +# Create Gitea database +# +case "$dbmethod" in + socket) + mysql -u root < /etc/systemd/system/gitea.service <<'EOF' +[Unit] +Description=Gitea (Git with a cup of tea) +After=syslog.target +After=network.target +Requires=mariadb.service + +[Service] +LimitMEMLOCK=infinity +LimitNOFILE=65535 +RestartSec=2s +Type=simple +User=git +Group=git +WorkingDirectory=/var/lib/gitea/ +ExecStart=/usr/local/bin/gitea web -c /etc/gitea/app.ini +Restart=always +Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea +#CapabilityBoundingSet=CAP_NET_BIND_SERVICE +#AmbientCapabilities=CAP_NET_BIND_SERVICE + +[Install] +WantedBy=multi-user.target +EOF + +# +# Start Gitea services +# +systemctl daemon-reload +systemctl enable gitea +systemctl start gitea + +# +# Create postinstall script +# +cat > /tmp/gitea-postinstall <> /etc/gitea/app.ini <<'INNER_EOF' +[ui.admin] +USER_PAGING_NUM = 50 +REPO_PAGING_NUM = 50 +NOTICE_PAGING_NUM = 25 +ORG_PAGING_NUM = 25 + +[ui.user] +USER_PAGING_NUM = 50 +REPO_PAGING_NUM = 50 +NOTICE_PAGING_NUM = 25 +ORG_PAGING_NUM = 25 + +[ui] +THEMES = gitea,arc-green +EXPLORE_PAGING_DEFAULT_SORT = alphabetically + +[other] +SHOW_FOOTER_POWERED_BY = false +SHOW_FOOTER_VERSION = false +SHOW_FOOTER_TEMPLATE_LOAD_TIME = false +ENABLE_FEED = false +INNER_EOF + +systemctl restart nginx && systemctl restart gitea +rm -f /tmp/gitea-postinstall +EOF + +chmod 755 /tmp/gitea-postinstall + +# +# Gitea postinstall notice +# +postnotice=$(cat <