gitea-custom-docker-image
How to set up external rendering for in Gitea using Docker.
Created a directory for gitea
sudo mkdir gitea.local.lan
Inside the gitea directory create sub directories
sudo mkdir -p gitea.local.lan/config
sudo mkdir -p gitea.local.lan/data
Create app.ini Configuration File
Create the app.ini file in the gitea.local.lan/config directory and update the necessary configurations:
Update the app.ini all 127.0.0.1 to your url.
; Filename: app.ini
; Note: The if you are using tailscale provide the tailsclae ip for the SSH_DOMAIN
; Gitea configuration file
;
; Ref: https://docs.gitea.io/en-us/config-cheat-sheet/
APP_NAME = Here Be Dragons!
RUN_USER = nobody
RUN_MODE = prod
WORK_PATH = /data/gitea
[repository]
ROOT = /var/lib/gitea/git/repositories
[repository.local]
LOCAL_COPY_PATH = /tmp/gitea/local-repo
[repository.upload]
TEMP_PATH = /tmp/gitea/uploads
[server]
APP_DATA_PATH = /var/lib/gitea
SSH_DOMAIN = 127.0.0.1
HTTP_PORT = 3000
ROOT_URL = https://127.0.0.1:3000
DISABLE_SSH = false
; In rootless gitea container only internal ssh server is supported
START_SSH_SERVER = true
SSH_PORT = 2222
SSH_LISTEN_PORT = 2222
BUILTIN_SSH_SERVER_USER = git
LFS_START_SERVER = true
DOMAIN = 127.0.0.1
LFS_JWT_SECRET = -0LLBzk-NFz9gPHBgg45TsjXuXRNRcl2G6JESJ0iNkk
OFFLINE_MODE = false
# external renderer
[markup.jupyter]
ENABLED = true
FILE_EXTENSIONS = .ipynb
RENDER_COMMAND = "jupyter-nbconvert --stdin --stdout --to html --template basic"
[markup.sanitizer.jupyter.img]
ALLOW_DATA_URI_IMAGES = true
[lfs]
PATH = /var/lib/gitea/git/lfs
[database]
PATH = /var/lib/gitea/data/gitea.db
DB_TYPE = sqlite3
LOG_SQL = false
[session]
PROVIDER_CONFIG = /var/lib/gitea/data/sessions
PROVIDER = file
[picture]
AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /var/lib/gitea/data/gitea/repo-avatars
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = true
[attachment]
PATH = /var/lib/gitea/data/attachments
[log]
ROOT_PATH = %(GITEA_WORK_DIR)/log
MODE = console
LEVEL = Warn
STACKTRACE_LEVEL = None
logger.router.MODE = ,
logger.xorm.MODE = ,
logger.access.MODE =
; this is the config options of "console" mode (used by MODE=console above)
[log.console]
MODE = console
FLAGS = stdflags
PREFIX =
COLORIZE = true
[security]
INSTALL_LOCK = true
SECRET_KEY = CimTEslfbneDAqd2lWGNwF9fAvBcYsovkIBWYBRberhTPt99FP3VuLvjWBGgSktu
INTERNAL_TOKEN = EYjHBgCIoIjiuZi1nIiSiNr5Cci6iKPxvcj9.EYjUyMyIoJe2mta0ntCWnZH9.PWTEJikJwhHiZvppnUGGgCy_mypKBD6BJbLwyvC9JNk
[service]
DISABLE_REGISTRATION = true
REQUIRE_SIGNIN_VIEW = true
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = false
DEFAULT_ENABLE_TIMETRACKING = false
NO_REPLY_ADDRESS =
EMAIL_DOMAIN_ALLOWLIST = @gmail.com
; Auto create Google SSO users from @domain.com
; Gitea username will be the username part of the email (eg {username}@domain.com)
[oauth2_client]
ENABLE_AUTO_REGISTRATION = false
ACCOUNT_LINKING = disabled
REGISTER_EMAIL_CONFIRM = false
UPDATE_AVATAR = true
USERNAME = email
[oauth2]
JWT_SECRET = PbJ0bYYx7tdzMaz_yzRO2OvVjTPHKwzuNCO9JOwW968
[ui]
DEFAULT_THEME = dark-arc
THEMES = gitea,arc-green,dark-arc
[mailer]
ENABLED = false
FROM =
PROTOCOL =
SMTP_ADDR =
SMTP_PORT = 587
USER =
PASSWD =
[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false
[webhook]
ALLOWED_HOST_LIST = *
Dockerfile for Custom Gitea Image
Create a Dockerfile to install Gitea and necessary dependencies for external rendering:
Installing Gitea and necessary dependencies.
# Filename: Dockerfile
FROM gitea/gitea:latest
WORKDIR /data/gitea
# Copy the configuration files into the container
COPY config /etc/gitea
# Install dependencies and other packages
RUN apk --no-cache add asciidoctor freetype freetype-dev gcc g++ libpng libffi-dev py-pip python3-dev py3-pip py3-pyzmq
# Install Python dependencies
RUN pip3 install --upgrade pip
RUN pip3 install -U setuptools
RUN pip3 install jupyter docutils
# Expose the port used by Gitea
EXPOSE 3000
# Set the default command to start Gitea with the provided configuration file
CMD ["gitea", "-c", "/etc/gitea/app.ini"]
Docker Compose
# docker-compose file to start up gitea in https://git.local.lan
# to start the container run:
# docker-compose up -d
#
# Create 3 traefik routers - for http LAN, Internet and ssh clients
# 1. LAN (Internal) users: no auth in Traefik, use Gitea Google SSO only
# 3. SSH users: blocked in iptables firewall, so only internal access is available
#
# Note: This container uses bridge networking and cannot connect to the docker
# host over localhost (localhost of container is different from the host).
# Hence mysql/mariadb is accessed via unix socket.
#
# Note2: containrrr/watchtower service will auto update this container
version: "2.4"
name: git-local-lan
services:
git:
build: .
container_name: git.local.lan
restart: always
user: nobody
mem_limit: 2G
volumes:
- ./data:/var/lib/gitea
- ./config:/etc/gitea
- /etc/timezone:/etc/timezone:ro
expose:
- "2222:2222"
labels:
- com.centurylinklabs.watchtower.enable=true
- traefik.enable=true
# Permit for internal LAN users only
# - traefik.http.routers.git.rule=Host(`git.local.lan`) && ClientIP(`127.0.0.0/8`, `10.0.0.0/8`, `100.64.0.0/10`, `172.16.0.0/12`, `192.168.0.0/16`)
- traefik.http.routers.git.rule=Host(`git.local.lan`)
- traefik.http.routers.git.tls=true
- traefik.http.routers.git.tls.certresolver=lets-encrypt
- traefik.http.routers.git.service=git
- traefik.http.services.git.loadbalancer.server.port=3000
# Access git via ssh, firewall permits only http/https so this works only for LAN users
- traefik.tcp.routers.git-ssh.rule=HostSNI(`*`)
- traefik.tcp.routers.git-ssh.entrypoints=ssh
- traefik.tcp.routers.git-ssh.service=git-ssh
- traefik.tcp.services.git-ssh.loadbalancer.server.port=2222
This Docker Compose assumes that the Dockerfile is in the same directory as the docker-compose.yml file.
Adjust the configurations and paths according to your setup, and then run docker-compose up -d to start Gitea in a Docker container.
Creating the admin user
To create a admin user login into the docker container run the below command
gitea admin user create --username <USERNAME> --admin --password <PASSWORD> --email <EMAIL> -c /etc/gitea/app.ini
That's it you now the credentials are created for the admin user and login into the gitea.