gitea-external-rendering
How to render Jupyter Notebooks on Gitea using Docker. However this will also work for other types of files in this case we are using Jupyter Notebooks as an example.
Create a directory for git.example.com
sudo mkdir git.example.com
Inside the gitea directory create sub directories
sudo mkdir -p git.example.com/config
sudo mkdir -p git.example.com/data
Dockerfile for installing external binaries and dependencies for gitea
Create a Dockerfile in the git.example.com directory and add the following content to it.
# Filename: Dockerfile
FROM gitea/gitea:latest
WORKDIR /data/gitea
# Copy the configuration files into the container
COPY config /etc/gitea
# Install dependencies and other packages
RUN apk --no-cache add asciidoctor freetype freetype-dev gcc g++ libpng libffi-dev py-pip python3-dev py3-pip py3-pyzmq
# Install Python dependencies
RUN pip3 install --upgrade pip
RUN pip3 install -U setuptools
RUN pip3 install jupyter docutils
# Expose the port used by Gitea
EXPOSE 3000
# Set the default command to start Gitea with the provided configuration file
CMD ["gitea", "-c", "/etc/gitea/app.ini"]
Docker Compose file for starting the gitea container
Copy the below content and paste it in the docker-compose.yml file.
# docker-compose file to start up gitea in https://git.example.com
# to start the container run:
# docker-compose up -d
#
# Create 3 traefik routers - for http LAN, Internet and ssh clients
# 1. LAN (Internal) users: no auth in Traefik, use Gitea Google SSO only
# 3. SSH users: blocked in iptables firewall, so only internal access is available
#
# Note: containrrr/watchtower service will auto update this container
version: "2.4"
name: git-example-com
services:
git:
build: .
container_name: git.example.com
restart: always
user: nobody
mem_limit: 2G
volumes:
- ./data:/var/lib/gitea
- ./config:/etc/gitea
- /etc/timezone:/etc/timezone:ro
labels:
- com.centurylinklabs.watchtower.enable=true
- traefik.enable=true
# Permit for internal LAN users only
# - traefik.http.routers.git.rule=Host(`git.example.com`) && ClientIP(`127.0.0.0/8`, `10.0.0.0/8`, `100.64.0.0/10`, `172.16.0.0/12`, `192.168.0.0/16`)
- traefik.http.routers.git.rule=Host(`git.example.com`)
- traefik.http.routers.git.tls=true
- traefik.http.routers.git.tls.certresolver=lets-encrypt
- traefik.http.routers.git.service=git
- traefik.http.services.git.loadbalancer.server.port=3000
# Access git via ssh, firewall permits only http/https so this works only for LAN users
- traefik.tcp.routers.git-ssh.rule=HostSNI(`*`)
- traefik.tcp.routers.git-ssh.entrypoints=ssh
- traefik.tcp.routers.git-ssh.service=git-ssh
- traefik.tcp.services.git-ssh.loadbalancer.server.port=2222
This Docker Compose assumes that the Dockerfile is in the same directory as the docker-compose.yml file.
Adjust the configurations and paths according to your setup, and then run docker-compose up -d to start Gitea in a Docker container.
Create app.ini configuration file
Create the app.ini file in the git.example.com/config directory copy the below content and paste it in the app.ini file.
; Filename: app.ini
; Note: The if you are using tailscale provide the tailsclae ip for the SSH_DOMAIN
; Gitea configuration file
;
; Ref: https://docs.gitea.io/en-us/config-cheat-sheet/
APP_NAME = Here Be Dragons!
RUN_USER = nobody
RUN_MODE = prod
WORK_PATH = /data/gitea
[repository]
ROOT = /var/lib/gitea/git/repositories
[repository.local]
LOCAL_COPY_PATH = /tmp/gitea/local-repo
[repository.upload]
TEMP_PATH = /tmp/gitea/uploads
[server]
APP_DATA_PATH = /var/lib/gitea
SSH_DOMAIN = git.example.com
HTTP_PORT = 3000
ROOT_URL = https://git.example.com
DISABLE_SSH = false
; In rootless gitea container only internal ssh server is supported
START_SSH_SERVER = true
SSH_PORT = 2222
SSH_LISTEN_PORT = 2222
BUILTIN_SSH_SERVER_USER = git
LFS_START_SERVER = true
DOMAIN = git.example.com
LFS_JWT_SECRET = -0LLBzk-NFz9gPHBgg45TsjXuXRNRcl2G6JESJ0iNkk
OFFLINE_MODE = false
# External rendering of Jupyter Notebooks
[markup.jupyter]
ENABLED = true
FILE_EXTENSIONS = .ipynb
RENDER_COMMAND = "jupyter-nbconvert --stdin --stdout --to html --template basic"
[markup.sanitizer.jupyter.img]
ALLOW_DATA_URI_IMAGES = true
[lfs]
PATH = /var/lib/gitea/git/lfs
[database]
PATH = /var/lib/gitea/data/gitea.db
DB_TYPE = sqlite3
LOG_SQL = false
[session]
PROVIDER_CONFIG = /var/lib/gitea/data/sessions
PROVIDER = file
[picture]
AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /var/lib/gitea/data/gitea/repo-avatars
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = true
[attachment]
PATH = /var/lib/gitea/data/attachments
[log]
ROOT_PATH = %(GITEA_WORK_DIR)/log
MODE = console
LEVEL = Warn
STACKTRACE_LEVEL = None
logger.router.MODE = ,
logger.xorm.MODE = ,
logger.access.MODE =
; this is the config options of "console" mode (used by MODE=console above)
[log.console]
MODE = console
FLAGS = stdflags
PREFIX =
COLORIZE = true
[security]
INSTALL_LOCK = true
SECRET_KEY = CimTEslfbneDAqd2lWGNwF9fAvBcYsovkIBWYBRberhTPt99FP3VuLvjWBGgSktu
INTERNAL_TOKEN = EYjHBgCIoIjiuZi1nIiSiNr5Cci6iKPxvcj9.EYjUyMyIoJe2mta0ntCWnZH9.PWTEJikJwhHiZvppnUGGgCy_mypKBD6BJbLwyvC9JNk
[service]
DISABLE_REGISTRATION = true
REQUIRE_SIGNIN_VIEW = true
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = false
DEFAULT_ENABLE_TIMETRACKING = false
NO_REPLY_ADDRESS =
EMAIL_DOMAIN_ALLOWLIST = @gmail.com
; Auto create Google SSO users from @domain.com
; Gitea username will be the username part of the email (eg {username}@domain.com)
[oauth2_client]
ENABLE_AUTO_REGISTRATION = false
ACCOUNT_LINKING = disabled
REGISTER_EMAIL_CONFIRM = false
UPDATE_AVATAR = true
USERNAME = email
[oauth2]
JWT_SECRET = PbJ0bYYx7tdzMaz_yzRO2OvVjTPHKwzuNCO9JOwW968
[ui]
DEFAULT_THEME = dark-arc
THEMES = gitea,arc-green,dark-arc
[mailer]
ENABLED = false
FROM =
PROTOCOL =
SMTP_ADDR =
SMTP_PORT = 587
USER =
PASSWD =
[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false
[webhook]
ALLOWED_HOST_LIST = *