Home Setting Up Gitea Behind an HTTPS Reverse Proxy with Nginx
Post
Cancel

Setting Up Gitea Behind an HTTPS Reverse Proxy with Nginx

Posted May 28, 2023
By Bruno Veronesi
1 min read

To host my code, I opted for a self-hosted Gitea instance. Here’s how I set it up:

1. Install Git and SQLite:

1
2

apt install git
apt install sqlite3

2. Download and install Gitea:

1
2

wget -O gitea https://dl.gitea.com/gitea/1.19.3/gitea-1.19.3-linux-arm64
chmod +x gitea

3. Add Gitea user:

1

adduser --system --shell /bin/bash --gecos 'Git Version Control' --group --disabled-password --home /home/git git

4. Create directory structure:

1
2
3
4
5
6

mkdir -p /var/lib/gitea/{custom,data,log}
chown -R git:git /var/lib/gitea/
chmod -R 750 /var/lib/gitea/
mkdir /etc/gitea
chown root:git /etc/gitea
chmod 770 /etc/gitea

5. Copy Gitea binary and download service template:

1

cp gitea /usr/local/bin/gitea

6. Enable and start Gitea service:

1
2

sudo systemctl enable gitea
sudo systemctl start gitea

With the setup complete, I connected to my Gitea instance at http://kracken:3000.

How to set up Nginx

First, I configured my auto SSH with the following configuration:

1
2
3
4
5
6
7
8
9
10
11

[Unit]
Description=AutoSSH tunnel for proxying my keycloak
After=network.target
Before=keycloak.service

[Service]
Environment="AUTOSSH_GATETIME=0"
ExecStart=/usr/bin/autossh -M 0 -q -N -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -R 8080:localhost:8080 -R 3000:localhost:3000 root@mono

[Install]
WantedBy=multi-user.target

Please note that I added port 3000.

On the remote host mono, I used the default Nginx configuration template as follows:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

# Virtual Host configuration for Kracken
#
server {
	server_name git.endeios.net;
	root /var/www/example.com;
	index /;
	
	client_header_timeout 120s;         
	client_body_timeout 120s;           
	client_max_body_size 200m;   
	
	location / {
	    proxy_pass        http://localhost:3000;
	    proxy_set_header  X-Real-IP $remote_addr;
	    proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
	    proxy_set_header  Host $http_host;
	}
}

Please note the configuration of client_max_body_size 200m to allow for file uploads and built packages.

I linked the file as /etc/nginx/sites-available/git.endeios.net.

Finally, I went to my domain provider and registered git.endeios.net to mono’s IP.

To secure the connection, I used Certbot to install an SSL certificate:

1

certbot -d git.endeios.net

And that’s it! My Gitea instance is now securely accessible at https://git.endeios.net.

  • https://linuxize.com/post/how-to-install-gitea-on-ubuntu-20-04/
  • https://docs.gitea.com/next/installation/install-from-binary
  • https://docs.gitea.com/next/installation/linux-service
  • https://docs.gitea.com/next/installation/install-from-binary
  • https://github.com/go-gitea/gitea/blob/main/contrib/systemd/gitea.service
SelfHosting, Git
nginx git
This post is licensed under CC BY-NC-SA 4.0 by the author.
Contents