init

2025-09-28 21:28:56 +02:00
commit 0663a88b23
7 changed files with 172 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+private/
--- a/backup/01_gitea.sh
+++ b/backup/01_gitea.sh
@@ -0,0 +1,4 @@
+cd ../private
+mkdir gitea
+scp -r server:/var/lib/gitea gitea
+scp server:/etc/gitea/app.ini gitea
--- a/files/Caddyfile
+++ b/files/Caddyfile
@@ -0,0 +1,19 @@
+petrovv.com {
+	reverse_proxy * 0.0.0.0:4080
+}
+lang.petrovv.com {
+	reverse_proxy * 0.0.0.0:8010
+}
+vault.petrovv.com {
+	reverse_proxy * 0.0.0.0:6080
+}
+git.petrovv.com {
+	reverse_proxy * 0.0.0.0:3000
+}
+game.petrovv.com {
+	reverse_proxy * 0.0.0.0:8080
+}
+files.petrovv.com {
+	root * /srv
+	file_server browse
+}
--- a/files/gitea.service
+++ b/files/gitea.service
@@ -0,0 +1,85 @@
+[Unit]
+Description=Gitea (Git with a cup of tea)
+After=network.target
+###
+# Don't forget to add the database service dependencies
+###
+#
+#Wants=mysql.service
+#After=mysql.service
+#
+#Wants=mariadb.service
+#After=mariadb.service
+#
+#Wants=postgresql.service
+#After=postgresql.service
+#
+#Wants=memcached.service
+#After=memcached.service
+#
+#Wants=redis.service
+#After=redis.service
+#
+###
+# If using socket activation for main http/s
+###
+#
+#After=gitea.main.socket
+#Requires=gitea.main.socket
+#
+###
+# (You can also provide gitea an http fallback and/or ssh socket too)
+#
+# An example of /etc/systemd/system/gitea.main.socket
+###
+##
+## [Unit]
+## Description=Gitea Web Socket
+## PartOf=gitea.service
+##
+## [Socket]
+## Service=gitea.service
+## ListenStream=<some_port>
+## NoDelay=true
+##
+## [Install]
+## WantedBy=sockets.target
+##
+###
+
+[Service]
+# Uncomment the next line if you have repos with lots of files and get a HTTP 500 error because of that
+# LimitNOFILE=524288:524288
+RestartSec=2s
+Type=simple
+User=git
+Group=git
+WorkingDirectory=/var/lib/gitea/
+# If using Unix socket: tells systemd to create the /run/gitea folder, which will contain the gitea.sock file
+# (manually creating /run/gitea doesn't work, because it would not persist across reboots)
+#RuntimeDirectory=gitea
+ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
+Restart=always
+Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
+# If you install Git to directory prefix other than default PATH (which happens
+# for example if you install other versions of Git side-to-side with
+# distribution version), uncomment below line and add that prefix to PATH
+# Don't forget to place git-lfs binary on the PATH below if you want to enable
+# Git LFS support
+#Environment=PATH=/path/to/git/bin:/bin:/sbin:/usr/bin:/usr/sbin
+# If you want to bind Gitea to a port below 1024, uncomment
+# the two values below, or use socket activation to pass Gitea its ports as above
+###
+#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+#AmbientCapabilities=CAP_NET_BIND_SERVICE
+###
+# In some cases, when using CapabilityBoundingSet and AmbientCapabilities option, you may want to
+# set the following value to false to allow capabilities to be applied on gitea process. The following
+# value if set to true sandboxes gitea service and prevent any processes from running with privileges
+# in the host user namespace.
+###
+#PrivateUsers=false
+###
+
+[Install]
+WantedBy=multi-user.target
--- a/scripts/01_install_bin.sh
+++ b/scripts/01_install_bin.sh
@@ -0,0 +1,22 @@
+
+apt -y upgrade
+
+# BUN
+apt install -y zip
+curl -fsSL https://bun.sh/install | bash
+source /root/.bashrc
+
+#PODMAN
+apt install -y podman
+
+
+#CADDY
+sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
+chmod o+r /usr/share/keyrings/caddy-stable-archive-keyring.gpg
+chmod o+r /etc/apt/sources.list.d/caddy-stable.list
+sudo apt update
+sudo apt install caddy
+
+
--- a/scripts/02_config_caddy.sh
+++ b/scripts/02_config_caddy.sh
@@ -0,0 +1,4 @@
+cp files/Caddyfile /etc/caddy/Caddyfile
+
+caddy stop
+caddy start -c /etc/caddy/Caddyfile
--- a/scripts/05_install_gitea.sh
+++ b/scripts/05_install_gitea.sh
@@ -0,0 +1,37 @@
+#GITEA
+apt install -y wget
+wget -O gitea https://dl.gitea.com/gitea/1.24.6/gitea-1.24.6-linux-amd64
+chmod +x gitea
+wget https://dl.gitea.com/gitea/1.24.6/gitea-1.24.6-linux-amd64.asc
+gpg --keyserver hkps://keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2
+gpg --verify gitea-1.24.6-linux-amd64.asc gitea
+
+rm gitea-1.24.6-linux-amd64.asc
+
+adduser --quiet --system --shell /bin/bash --gecos 'Git Version Control' --group --disabled-password --home /home/git git
+
+mkdir -p /var/lib/gitea/{custom,data,log}
+chown -R git:git /var/lib/gitea/
+chmod -R 750 /var/lib/gitea/
+mkdir /etc/gitea
+chown root:git /etc/gitea
+chmod 770 /etc/gitea
+
+cp gitea /usr/local/bin/gitea
+
+cp files/gitea.service /etc/systemd/system/gitea.service
+
+cp private/gitea/app.ini /etc/gitea/app.in
+cp -r private/gitea/gitea /var/lib/
+
+systemctl daemon-reload
+systemctl enable gitea
+systemctl start gitea
+
+echo "DONE GITEA INSTALL"
+
+## AFTER INSTALL
+#if false
+#chmod 750 /etc/gitea
+#chmod 640 /etc/gitea/app.ini
+#fi