gitea-ubuntu/giteainstall

#!/usr/bin/env bash

# Author        : Allan Christensen
# First Created : 25-08-2022 (DD-MM-YYYY)
# Description   : Installs Gitea single instance on Ubuntu 24.04
# License       : MIT License

#
# Are we root
#
if [[ $(id -u) -ne 0 ]]; then echo "" && echo "Must be root or use sudo" && echo "" ; exit ; fi

#
# Detect database engine (MariaDB or MySQL)
#
if systemctl list-unit-files | grep -q '^mariadb\.service'; then
    db_engine="mariadb"
    db_service="mariadb"
elif systemctl list-unit-files | grep -q '^mysql\.service'; then
    db_engine="mysql"
    db_service="mysql"
else
    printf "\nNo supported database server found.\n\n"
    exit 1
fi

#
# Check required services
#
for svc in nginx "$db_service"; do
    systemctl is-active --quiet "$svc" || {
        printf "\n%s is not running, cannot continue...\n\n" "${svc^}"
        exit 1
    }
done

#
# Detect socket authentication
#
if mysql -u root -e ";" 2>/dev/null; then
    socketauth="yes"
else
    socketauth="no"
fi

#
# Variables
#
fallbackversion=$(<fallback)
giteabin="/usr/local/bin/gitea"
giteauser="gitea"
giteadb="giteadb"
giteahome="/var/lib/gitea"
configdir="/etc/gitea"
nginxsnippets="/etc/nginx/nginx-snippets"
nginxrepo="https://git.x-files.dk/webserver/nginx-snippets.git"

#
# Usage
#
usage() {
    printf -- "\ngiteainstall (Ubuntu 24.04)\n\n"
    printf -- "Database engine detected: %s\n\n" "$db_engine"

    if [[ "$socketauth" == "yes" ]]; then
        printf -- "LOCAL ROOT ACCESS DETECTED — no need for -a or -m\n\n"
        printf -- "Usage:\n"
        printf -- "  sudo ./giteainstall -n <domain> -p <gitea-db-password>\n\n"
        printf -- "Example:\n"
        printf -- "  sudo ./giteainstall -n git.example.com -p StrongGiteaDBPass123\n\n"
    else
        printf -- "NO LOCAL ROOT ACCESS — you must use -a and -m\n\n"
        printf -- "Usage:\n"
        printf -- "  sudo ./giteainstall -n <domain> -p <gitea-db-password> -a <db-admin-user> -m <db-admin-password>\n\n"
        printf -- "Examples:\n"
        printf -- "  sudo ./giteainstall -n git.example.com -p StrongGiteaDBPass123 -a root -m RootDBPassword\n"
        printf -- "  sudo ./giteainstall -n git.example.com -p StrongGiteaDBPass123 -a admin -m AdminDBPassword\n\n"
    fi

    printf -- "Options:\n"
    printf -- "  -h | -help | --help   Show this help screen\n\n"
}

#
# Argument parsing
#
clear
if [[ "$1" == "-help" || "$1" == "--help" ]]; then usage ; exit 0 ; fi
if [[ $# -eq 0 || ! $1 =~ ^- ]]; then usage ; exit 1 ; fi

while getopts "n:p:a:m:h" option; do
    case "$option" in
        n) hostname=$(echo "$OPTARG" | tr '[:upper:]' '[:lower:]');;
        p) dbpass="$OPTARG";;
        a) db_admin_user="$OPTARG";;
        m) db_admin_pwd="$OPTARG";;
        h) usage; exit 0;;
        *) usage; exit 1;;
    esac
done

#
# Validate input
#
if [[ -z "$hostname" || -z "$dbpass" ]]; then
    usage
    printf "\nERROR: -n and -p are required.\n\n"
    exit 1
fi

#
# Normalise database admin defaults
#
db_admin_user="${db_admin_user:-root}"

#
# Ensure required tools
#
for tool in curl git; do
    dpkg -s "$tool" &>/dev/null || apt install -y -qq "$tool"
done

#
# Determine Gitea version
#
version=$(curl -fsSL https://dl.gitea.com/gitea/version.json | grep -oP '"version"\s*:\s*"\K[^"]+')
[[ -z "$version" ]] && version="$fallbackversion"

#
# Download Gitea binary (non-interactive)
#
if [[ ! -x "$giteabin" ]]; then
    curl -fL "https://dl.gitea.com/gitea/${version}/gitea-${version}-linux-amd64" -o "$giteabin" \
        || { printf "\nDownload failed.\n\n"; exit 1; }
    chmod 755 "$giteabin"
fi

#
# Create system user and directories
#
id "$giteauser" &>/dev/null || \
adduser --system --group --disabled-password --home "$giteahome" "$giteauser"

mkdir -p "$giteahome"/{custom,data,indexers,log}
mkdir -p "$configdir"
chown -R "$giteauser:$giteauser" "$giteahome"
chown -R "$giteauser:$giteauser" "$configdir"

#
# Database creation
#
if [[ "$socketauth" == "yes" ]]; then
    mysql -u root <<EOF
CREATE DATABASE IF NOT EXISTS $giteadb;
CREATE USER IF NOT EXISTS '$giteauser'@'localhost' IDENTIFIED BY '$dbpass';
GRANT ALL PRIVILEGES ON $giteadb.* TO '$giteauser'@'localhost';
FLUSH PRIVILEGES;
EOF
else
    mysql -u "$db_admin_user" -p"$db_admin_pwd" <<EOF
CREATE DATABASE IF NOT EXISTS $giteadb;
CREATE USER IF NOT EXISTS '$giteauser'@'localhost' IDENTIFIED BY '$dbpass';
GRANT ALL PRIVILEGES ON $giteadb.* TO '$giteauser'@'localhost';
FLUSH PRIVILEGES;
EOF
fi

#
# Nginx configuration
#
if [[ -d "$nginxsnippets/.git" ]]; then
    git -C "$nginxsnippets" pull --quiet
else
    git clone --quiet "$nginxrepo" "$nginxsnippets"
fi

cp "$nginxsnippets/hostfiles/gitea.80.conf" /etc/nginx/conf.d/"$hostname".conf
sed -i "s/DOMAIN/$hostname/g" /etc/nginx/conf.d/"$hostname".conf
systemctl reload nginx

#
# systemd service
#
cat > /etc/systemd/system/gitea.service <<EOF
[Unit]
Description=Gitea
After=network.target
Requires=${db_service}.service

[Service]
User=$giteauser
Group=$giteauser
WorkingDirectory=$giteahome
ExecStart=$giteabin web --config $configdir/app.ini
Restart=always
Environment=USER=$giteauser HOME=$giteahome GITEA_WORK_DIR=$giteahome

[Install]
WantedBy=multi-user.target
EOF

#
# Start Gitea service
#
systemctl daemon-reload
systemctl enable gitea
systemctl start gitea

#
# Create post-install script
#
cat > /etc/gitea/gitea-postinstall <<'EOF'
#!/usr/bin/env bash

#
# Gitea post-install Script
#

if [[ $(id -u) -ne 0 ]]; then
    echo ""
    echo "Must be root or use sudo"
    echo ""
    exit
fi

cp -Rp /etc/gitea/app.ini /etc/gitea/app.ini.orig

sed -i '/gitea-repositories/a MAX_FILES = 500' /etc/gitea/app.ini
sed -i '/gitea-repositories/a FILE_MAX_SIZE = 200' /etc/gitea/app.ini
sed -i 's/LEVEL     = info/LEVEL     = warn/' /etc/gitea/app.ini
sed -i 's/MODE      = console/MODE      = file/' /etc/gitea/app.ini
sed -i 's/DISABLE_SSH = false/DISABLE_SSH = true/' /etc/gitea/app.ini

cat >> /etc/gitea/app.ini <<'INNER_EOF'
[ui.admin]
USER_PAGING_NUM = 50
REPO_PAGING_NUM = 50
NOTICE_PAGING_NUM = 25
ORG_PAGING_NUM = 25

[ui.user]
USER_PAGING_NUM = 50
REPO_PAGING_NUM = 50
NOTICE_PAGING_NUM = 25
ORG_PAGING_NUM = 25

[ui]
THEMES = gitea-auto, gitea-light, gitea-dark
EXPLORE_PAGING_DEFAULT_SORT = alphabetically

[other]
SHOW_FOOTER_POWERED_BY = false
SHOW_FOOTER_VERSION = false
SHOW_FOOTER_TEMPLATE_LOAD_TIME = false
ENABLE_FEED = false
INNER_EOF

systemctl restart nginx
systemctl restart gitea

rm -f /etc/gitea/gitea-postinstall
EOF

chmod 755 /etc/gitea/gitea-postinstall

#
# Web installer + post-install notice
#
dbhost="127.0.0.1"
[[ "$socketauth" == "yes" ]] && dbhost="localhost"

clear
cat <<EOF
--------------------------------------------------------------------------------------
NEXT STEP — WEB INSTALLER

Open your browser and complete the Gitea web installer:

http://$hostname/

Database configuration (Gitea web installer):

Database Type : MySQL
Database Host : $dbhost
Database Name : $giteadb
Database User : $giteauser
Database Pass : $dbpass

--------------------------------------------------------------------------------------
IMPORTANT — POST INSTALL (REQUIRED)

After completing the web installer and logging in for the first time,
run the following command to finalize the installation:

sudo /etc/gitea/gitea-postinstall
--------------------------------------------------------------------------------------
EOF

#
# All done
#
printf "\nAll Done...\n"

#
# End of script
#