How to Install Gitea on Ubuntu 22.04
This tutorial exists for these OS versions
- Ubuntu 22.04 (Jammy Jellyfish)
- Ubuntu 20.04 (Focal Fossa)
- Ubuntu 18.04 (Bionic Beaver)
On this page
Gitea is a free, open-source, and self-hosted Git service. It is written in GO language and provides an easier way to host your own version control system on the internet. It is simple, lightweight, and can be installed on low-powered systems. It is very similar to GitHub and GitLab and offers a rich set of features such as a repository file editor, project issue tracking, user management, notifications, a built-in wiki, and much more. It is cross-platform and can be installed on all major operating systems, including Linux, macOS, Windows, ARM, and PowerPC architectures.
In this tutorial, we will show you how to install the Gitea Git service with Nginx and Let's Encrypt SSL on Ubuntu 22.04.
Prerequisites
- A server running Ubuntu 22.04.
- A valid domain name pointed with your server IP.
- A root password is configured on your server.
Getting Started
First, update and upgrade all system packages to the latest version by running the following command:
apt update -y
apt upgrade -y
Next, install the Git package by running the following command:
apt-get install git -y
Once the Git package is installed, you can proceed to the next step.
Install and Configure MariaDB
Gitea uses MariaDB as a database backend. So you will need to install it on your server. You can install it by running the following command:
apt install mariadb-server -y
After the installation. So, you will need to secure the MariaDB and set a root password. You can secure it by running the mysql_secure_installation script:
mysql_secure_installation
This script will set the root password, remove anonymous users, disallow root login remotely and remove the test database as shown below:
Enter current password for root (enter for none): Set root password? [Y/n]: Y Remove anonymous users? [Y/n]: Y Disallow root login remotely? [Y/n]: Y Remove test database and access to it? [Y/n]: Y Reload privilege tables now? [Y/n]: Y
Once the MariaDB is secured, log in to the MariaDB shell with the following command:
mysql -u root -p
Enter your root password when prompted. Then, change the GLOBAL innodeb_file_per_table to On:
MariaDB [(none)]>SET GLOBAL innodb_file_per_table = ON;
Next, create a database and user for Gitea with the following command:
MariaDB [(none)]>CREATE DATABASE gitea;
MariaDB [(none)]>CREATE USER 'gitea'@'localhost' IDENTIFIED BY 'password';
Next, grant all the privileges to the giteadb database:
MariaDB [(none)]>GRANT ALL ON gitea.* TO 'gitea'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;
Next, update the database character set with the following command:
MariaDB [(none)]>ALTER DATABASE gitea CHARACTER SET = utf8mb4 COLLATE utf8mb4_unicode_ci;
Finally, flush the privileges and exit from the MariaDB shell with the following command:
MariaDB [(none)]>FLUSH PRIVILEGES;
MariaDB [(none)]>EXIT;
Next, you will need to edit the MariaDB default config file and add InnoDB parameters:
nano /etc/mysql/mariadb.conf.d/50-server.cnf
Add the following lines inside [mysqld] section:
innodb_file_format = Barracuda innodb_large_prefix = 1 innodb_default_row_format = dynamic
Save and close the file. Then, restart the MariaDB service to apply the changes:
systemctl restart mariadb
At this point, your MariaDB database is configured. You can now proceed to the next step.
Install and Configure Gitea
First, visit the Gitea download page, pick the latest version and download the latest Gitea binary using the following command:
wget https://dl.gitea.io/gitea/1.17.1/gitea-1.17.1-linux-amd64
Once the download is completed, copy the downloaded file to /usr/bin/ directory and give execution permissions:
cp gitea-1.17.1-linux-amd64 /usr/bin/gitea
chmod 755 /usr/bin/gitea
Next, create a system user for Gitea with the following command:
adduser --system --shell /bin/bash --group --disabled-password --home /home/git git
Next, create a directory structure for Gitea with the following command:
mkdir -p /etc/gitea /var/lib/gitea/{custom,data,indexers,public,log}
chown git:git /etc/gitea /var/lib/gitea/{custom,data,indexers,public,log}
chmod 750 /var/lib/gitea/{data,indexers,log}
chmod 770 /etc/gitea
Once you are finished, you can proceed to the next step.
Create Gitea Systemd Service File
Next, you will need to create a systemd service file to manage the Gitea service with systemd. You can create it with the following command:
nano /etc/systemd/system/gitea.service
Add the following lines:
[Unit] Description=Gitea After=syslog.target After=network.target After=mysql.service [Service] RestartSec=2s Type=simple User=git Group=git WorkingDirectory=/var/lib/gitea/ ExecStart=/usr/bin/gitea web -c /etc/gitea/app.ini Restart=always Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea [Install] WantedBy=multi-user.target
Save and close the file. Then, reload the systemd daemon and start the Gitea service with the following command:
systemctl daemon-reload
systemctl start gitea
You can check the status of the Gitea service with the following command:
systemctl status gitea
You should see the following output:
? gitea.service - Gitea
Loaded: loaded (/etc/systemd/system/gitea.service; disabled; vendor preset: enabled)
Active: active (running) since Sun 2022-08-21 12:19:23 UTC; 8s ago
Main PID: 24766 (gitea)
Tasks: 6 (limit: 2242)
Memory: 121.2M
CPU: 800ms
CGroup: /system.slice/gitea.service
??24766 /usr/bin/gitea web -c /etc/gitea/app.ini
Aug 21 12:19:23 ubuntu2204 gitea[24766]: 2022/08/21 12:19:23 ...s/install/setting.go:21:PreloadSettings() [I] AppPath: /usr/bin/gitea
Aug 21 12:19:23 ubuntu2204 gitea[24766]: 2022/08/21 12:19:23 ...s/install/setting.go:22:PreloadSettings() [I] AppWorkPath: /var/lib/gitea
Aug 21 12:19:23 ubuntu2204 gitea[24766]: 2022/08/21 12:19:23 ...s/install/setting.go:23:PreloadSettings() [I] Custom path: /var/lib/gitea/cus>
Aug 21 12:19:23 ubuntu2204 gitea[24766]: 2022/08/21 12:19:23 ...s/install/setting.go:24:PreloadSettings() [I] Log path: /var/lib/gitea/log
Aug 21 12:19:23 ubuntu2204 gitea[24766]: 2022/08/21 12:19:23 ...s/install/setting.go:25:PreloadSettings() [I] Configuration file: /etc/gitea/>
Aug 21 12:19:23 ubuntu2204 gitea[24766]: 2022/08/21 12:19:23 ...s/install/setting.go:26:PreloadSettings() [I] Prepare to run install page
Aug 21 12:19:23 ubuntu2204 gitea[24766]: 2022/08/21 12:19:23 ...s/install/setting.go:29:PreloadSettings() [I] SQLite3 is supported
Aug 21 12:19:23 ubuntu2204 gitea[24766]: 2022/08/21 12:19:23 cmd/web.go:217:listen() [I] [630222cb-6] Listen: http://0.0.0.0:3000
Aug 21 12:19:23 ubuntu2204 gitea[24766]: 2022/08/21 12:19:23 cmd/web.go:221:listen() [I] [630222cb-6] AppURL(ROOT_URL): http://localhost:3000/
Aug 21 12:19:23 ubuntu2204 gitea[24766]: 2022/08/21 12:19:23 ...s/graceful/server.go:61:NewServer() [I] [630222cb-6] Starting new Web server:>
Next, enable the Gitea service to start at system reboot with the following command:
systemctl enable gitea
At this point, Gitea is started and listening on port 3000. You can now proceed to the next step.
Configure Nginx as a Reverse Proxy for Gitea
By default, Gitea listens on port 3000. So, you will need to configure Nginx as a reverse proxy to access the Gitea without specifying the port.
First, install the Nginx web server by running the following command:
apt-get install nginx -y
Once installed, create a new Nginx virtual host configuration file for Gitea:
nano /etc/nginx/sites-available/gitea
Add the following lines:
upstream gitea {
server 127.0.0.1:3000;
}
server {
listen 80;
server_name git.example.com;
root /var/lib/gitea/public;
access_log off;
error_log off;
location / {
try_files maintain.html $uri $uri/index.html @node;
}
location @node {
client_max_body_size 0;
proxy_pass http://localhost:3000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
proxy_redirect off;
proxy_read_timeout 120;
}
}
Save and close the file. Then, enable the Nginx virtual host configuration file with the following command:
ln -s /etc/nginx/sites-available/gitea /etc/nginx/sites-enabled/
Finally, restart the Nginx service and check the status of the Nginx service with the following command:
systemctl restart nginx
systemctl status nginx
You should get the following output:
? nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2022-08-21 12:21:23 UTC; 5s ago
Docs: man:nginx(8)
Process: 24799 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 24800 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 24801 (nginx)
Tasks: 2 (limit: 2242)
Memory: 4.5M
CPU: 44ms
CGroup: /system.slice/nginx.service
??24801 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
??24802 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
Aug 21 12:21:23 ubuntu2204 systemd[1]: Starting A high performance web server and a reverse proxy server...
Aug 21 12:21:23 ubuntu2204 systemd[1]: Started A high performance web server and a reverse proxy server.
At this point, Nginx is configured to serve Gitea. You can now proceed to the next step.
Secure Gitea with Let's Encrypt SSL
First, you will need to install the Certbot client to install and manage the Let's Encrypt SSL in your system. You can install it by running the following command:
apt-get install certbot python3-certbot-nginx -y
Once the Certbot is installed, run the following command to download and install the Let's Encrypt SSL for the Gitea website.
certbot --nginx -d gitea.linuxbuz.com
Provide your email address and accept the term of service as shown below:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator nginx, Installer nginx Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): [email protected] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Obtaining a new certificate Performing the following challenges: http-01 challenge for gitea.linuxbuz.com Waiting for verification... Cleaning up challenges Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/gitea
Next, choose whether or not to redirect HTTP traffic to HTTPS as shown below:
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Type 2 and hit Enter to install the certificate as shown below:
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/gitea - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://gitea.linuxbuz.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=gitea.linuxbuz.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/gitea.linuxbuz.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/gitea.linuxbuz.com/privkey.pem Your cert will expire on 2022-11-21. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
Now, your Gitea website is secured with Let's Encrypt SSL. You can now proceed to the next step.
Access Gitea Web Interface
Now, open your web browser and type the URL https://git.example.com/. You will be redirected to the following page:
Provide your Gitea database name, username, password, repository path, run as username, listening port, Gitea base URL, Log path, Gitea admin username, password and click on the Install Gitea button. Once the installation has been finished, you should see the Gitea dashboard on the following screen:
Conclusion
Congratulations! you have successfully installed Gitea with Nginx and Let's Encrypt SSL on Ubuntu 22.04 server. You can now deploy Gitea in your organization and start creating your first repository with Gitea. For more information, visit the Gitea documentation.
