Installation
In the web interface of FreeNAS the gitea instance is quickly set up under Plugins.
The current gitea 1.11.4 version is used. Basically it’s just a matter of specifying the name and network address. I left them on DHCP because I do a fixed IP assignment after the installation on my ipfire.
After a few minutes you can start the instance with the local IP in your web browser on port 3000 in the /install directory from where the initial configuration can be done and the connection to the pre-installed postgres database is established. The required user and password can be found in the FreeNAS summary sheet, which is displayed after the installation. This is the initial setup, but you will need to adjust the installation further.
Afterwards, register and login to the gitea web interface with the first user. Automatically, this first user becomes an administrator. After that the /install page disappears and becomes 404.
In the user profile under settings, all desired settings can be made at your convenience. My first point of interest is the 2-factor authentication with TOTP…
… as well as the storage of Public-GPG and App Token keys. These ones are later needed when commiting or pulling.
Additionally I create two organizations. An internal one visible only for me and registered users and a public one visible for everyone.
The default values of the instance are not considered secure and privacy friendly yet. To prevent anyone from registering themself, creating own companies and repos or mixing things up in mine, the next step is to go into the configuration file.
The gitea configuration file
This can be done either in the FreeNAS web console under “Jails”, sub-option “Shell”
or better directly via SSH first on the FreeNAS, and from there with
# iocage console giteastrait into the jail. Since I don’t like vi very much (and never will) my first official act is to install the Midnight Commander:
# pkg install mcThat way the gitea configuration file can be edited much better with mcedit:
# mcedit /usr/local/etc/gitea/conf/app.iniAn overview of the available settings can be found at https://gitea.io/en-us/config-cheat-sheet/. In my case I have made the following adjustments (replace placeholders with your own data, of course):
[code][mailer]
ENABLED = true
HOST = SMTPHOST_PLATZHALTER:25
FROM = EMAIL_PLATZHALTER
USER = SMTPLOGIN_PLATZHALTER
PASSWD = SMTPPASSWORT_PLATZHALTER
[service]
REGISTER_EMAIL_CONFIM = true
ENABLE_NOTIFY_MAIL = true
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
DEFAULT_KEEP_EMAIL_PRIVATE = true
DEFAULT_ALOW_CREATE:ORGANIZATION = false
NO_REPLY_ADDRESS = EMAIL_PLATZHALTER
[security]
INSTALL_LOCK = true
[picture]
DISABLE_GRAVATAR = true
[other]
SHOW_FOOTER_BRANDING = false
SHOW_FOOTER_VERSION = false
SHOW_FOOTER_TEMPLATE_LOAD_TIME = false[/code]
Since I run the Gitea instance behind a reverse proxy, the ROOT_URL in the [server] section must be replaced with the public URL. This also eliminates the need to set up a certificate. This is all done on the Reverse. If you do not have a reverse proxy yet, you are free to install the webserver of your choice alongside with letsencrypt-bot within this jail though i wouldn’t recommend due security reasons.
All settings are applied when the instance is restarted:
# service gitea restart