ubuntu20使用docker-compose搭建gitea

官方文檔地址

https://docs.gitea.io/zh-cn/install-with-docker/

注意系統(tǒng)要使用ubuntu20

因?yàn)楹罄m(xù)使用ssh,需要通過(guò)authorized_keys把宿主機(jī)的git的ssh請(qǐng)求轉(zhuǎn)發(fā)給宿主機(jī)的2222端口從而轉(zhuǎn)發(fā)給容器,
本人測(cè)試使用centos7則無(wú)法將宿主機(jī)的git用戶ssh使用authorized_keys轉(zhuǎn)發(fā)到容器(也可能是我姿勢(shì)不對(duì))
格式類似如下

command="/usr/local/bin/gitea --config=/data/gitea/conf/app.ini serv key-2",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user-rc,restrict ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDUWcDg1ObhpMDdsPk4xZH6HUt8LrluIvvt1+JIOBaxxbWgNWM+zAceIZvLbYDswubFhsusuj6k+TjzthlB9dDOxql6zvadfasdfasdfasdfasdfQOnTXkoRenOGi5eBJPapaxmEcNyDL1aiJ3UGq+FFBIBEoXqnV1ojqq/VKskvojqWsl7QpIqNAll71GTpF3i5QKZug5xsP5ygSbxzo7rCKKP6lBi/adfasdfasdfep9ykFRlfeDfMEL4x4XoqmwPCGhSKYITOViEYiiruDRo+U5+swMS5mqBiFl+5WmySJzfd0Bs1eaYeFEENTp/OefJvea+EzjGHUAxI6o0UL5XjIQZDkew5TGhYSDpALZA8x3OvTsZvNqjU31V5MiMQi3YU8LsarOk487cGxvRPVJSlsI0Q4KL3n7XERmVAFYx23bmbYik4QydhbHfPfu+XQ6+rTCQeIOu9aU3MVvl2cPwE1/QQKy2h/b6kxKcTlPJUWbUz0IK/hT/STmBG1ZLU7PPb13O2tTjfNuYKWilcViEc2AtSkQ== valsong@foo.com

安裝docker和docker-compose

sudo apt install docker.io -y
sudo apt install docker-compose -y

先創(chuàng)建git用戶

adduser git

創(chuàng)建完畢后查看git用戶的id

id git
uid=1001(git) gid=1001(git) groups=1001(git)

得到uid是1001和gid是1001
下面的docker-compose.yml記得修改USER_UID和USER_GID

創(chuàng)建并進(jìn)入文件夾/home/git/gitea

mkdir -p /home/git/gitea
cd /home/git/gitea

創(chuàng)建my.cnf 如果是arm平臺(tái)無(wú)法安裝arm版本的mysql可以考慮使用mariadb代替

mkdir -p /home/git/gitea/mysql/config
vim /home/git/gitea/mysql/config/my.cnf

mysql my.cnf

[mysqld]
## 設(shè)置server_id,一般設(shè)置為IP,注意要唯一,server-id必須為數(shù)字,不要搞騷操作
server-id=1
## 復(fù)制過(guò)濾:也就是指定哪個(gè)數(shù)據(jù)庫(kù)不用同步(mysql庫(kù)一般不同步)
binlog-ignore-db=mysql  
## 開啟二進(jìn)制日志功能,可以隨便取,最好有含義(關(guān)鍵就是這里了)
log-bin=mysql-bin  
## 為每個(gè)session分配的內(nèi)存,在事務(wù)過(guò)程中用來(lái)存儲(chǔ)二進(jìn)制日志的緩存
binlog_cache_size=1M  
## 主從復(fù)制的格式(mixed,statement,row,默認(rèn)格式是statement)
binlog_format=row   

## row模式的binlog記錄sql
# binlog_rows_query_log_events =1

## 二進(jìn)制日志自動(dòng)刪除/過(guò)期的天數(shù)。默認(rèn)值為0,表示不自動(dòng)刪除。
expire_logs_days=7  
## 跳過(guò)主從復(fù)制中遇到的所有錯(cuò)誤或指定類型的錯(cuò)誤,避免slave端復(fù)制中斷。
## 如:1062錯(cuò)誤是指一些主鍵重復(fù),1032錯(cuò)誤是因?yàn)橹鲝臄?shù)據(jù)庫(kù)數(shù)據(jù)不一致
slave_skip_errors=1062

## 設(shè)置事務(wù)隔離級(jí)別為RC
transaction-isolation=READ-COMMITTED

#default-time_zone = '+8:00'

## 開啟gtid
gtid-mode=on
enforce-gtid-consistency=on

# 支持時(shí)間0000-00-00 00:00:00.000000
# sql_mode=ONLY_FULL_GROUP_BY,STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION

mariadb my.cnf

# The MariaDB configuration file
#
# The MariaDB/MySQL tools read configuration files in the following order:
# 0. "/etc/mysql/my.cnf" symlinks to this file, reason why all the rest is read.
# 1. "/etc/mysql/mariadb.cnf" (this file) to set global defaults,
# 2. "/etc/mysql/conf.d/*.cnf" to set global options.
# 3. "/etc/mysql/mariadb.conf.d/*.cnf" to set MariaDB-only options.
# 4. "~/.my.cnf" to set user-specific options.
#
# If the same option is defined multiple times, the last one will apply.
#
# One can use all long options that the program supports.
# Run program with --help to get a list of available options and with
# --print-defaults to see which it would actually understand and use.
#
# If you are new to MariaDB, check out https://mariadb.com/kb/en/basic-mariadb-articles/

#
# This group is read both by the client and the server
# use it for options that affect everything
#
[client-server]
# Port or socket location where to connect
# port = 3306
socket = /run/mysqld/mysqld.sock

# Import all .cnf files from configuration directory
[mariadbd]
skip-host-cache
skip-name-resolve

!includedir /etc/mysql/mariadb.conf.d/
!includedir /etc/mysql/conf.d/

## 設(shè)置事務(wù)隔離級(jí)別為RC
transaction-isolation=READ-COMMITTED

## 主從復(fù)制的格式(mixed,statement,row,默認(rèn)格式是statement)
binlog_format=row   

## row模式的binlog記錄sql
# binlog_rows_query_log_events =1

## 二進(jìn)制日志自動(dòng)刪除/過(guò)期的天數(shù)。默認(rèn)值為0,表示不自動(dòng)刪除。
expire_logs_days=7

創(chuàng)建docker-compose.yml

vim docker-compose.yml

mysql版本

version: "3"

networks:
  gitea:
    external: false

services:
  gitea:
    image: gitea/gitea:1.17
    container_name: gitea
    environment:
      - USER_UID=1001
      - USER_GID=1001
    restart: always
    privileged: true
    networks:
      - gitea
    volumes:
      - /home/git/.ssh/:/data/git/.ssh
      - /home/git/gitea/data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "2222:22"
    depends_on:
      - mysql  

  mysql:
    platform: linux/x86_64
    image: mysql:5.7
    container_name: mysql5.7
    #privileged: true
    environment:
      - MYSQL_ROOT_PASSWORD=123456
      - "MYSQL_DATABASE=gitea"
      - TZ=Asia/Shanghai
    restart: always  
    command:
      --default-authentication-plugin=mysql_native_password
      --character-set-server=utf8mb4
      --collation-server=utf8mb4_general_ci
      --explicit_defaults_for_timestamp=true
      --lower_case_table_names=1
      --max_allowed_packet=128M
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - /home/git/gitea/mysql/config/my.cnf:/etc/mysql/my.cnf
      - /home/git/gitea/mysql/lib/mysql:/var/lib/mysql/
      - /home/git/gitea/mysql/lib/mysql-files:/var/lib/mysql-files/
    ports:
      - 3306:3306

mariadb版本

version: "3"

networks:
  gitea:
    external: false

services:
  gitea:
    image: gitea/gitea:1.17
    container_name: gitea
    environment:
      - USER_UID=1001
      - USER_GID=1001
    restart: always
    privileged: true
    networks:
      - gitea
    volumes:
      - /home/git/.ssh/:/data/git/.ssh
      - /home/git/gitea/data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "2222:22"
    depends_on:
      - mariadb  

  mariadb:
    image: mariadb:10.9
    container_name: mariadb10.9
    #privileged: true
    environment:
      - MARIADB_ROOT_PASSWORD=123456
      - MARIADB_DATABASE=gitea
      - TZ=Asia/Shanghai
    restart: always  
    command:
      --default-authentication-plugin=mysql_native_password
      --character-set-server=utf8mb4
      --collation-server=utf8mb4_general_ci
      --explicit_defaults_for_timestamp=true
      --lower_case_table_names=1
      --max_allowed_packet=128M
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - /home/git/gitea/mysql/config/my.cnf:/etc/mysql/my.cnf
      - /home/git/gitea/mysql/lib/mysql:/var/lib/mysql/
      - /home/git/gitea/mysql/lib/mysql-files:/var/lib/mysql-files/
    ports:
      - 3306:3306

切換到git用戶將sshkey添加到/home/git/.ssh/authorized_keys

su git
ssh-keygen -t ed25519 -b 4096 -C "Gitea Host Key"
echo "$(cat /home/git/.ssh/id_ed25519.pub)" >> /home/git/.ssh/authorized_keys
eval "$(ssh-agent -s)"

切換到root用戶創(chuàng)建/usr/local/bin/gitea

su root
vim /usr/local/bin/gitea

注意這里和官網(wǎng)教程不一樣,這個(gè)地方是對(duì)舊的rsa算法進(jìn)行支持,具體issue見
https://github.com/go-gitea/gitea/issues/17798

ssh -p 2222 -o PubkeyAcceptedAlgorithms=+ssh-rsa git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"

授權(quán)給git用戶

chown -R git /usr/local/bin/gitea
su git
chmod 700 /usr/local/bin/gitea

啟動(dòng)容器

docker-compose up -d

管理臺(tái)頁(yè)面是宿主機(jī)的3000端口

有啥不明白的接下來(lái)參考官網(wǎng)教程吧

https://docs.gitea.io/zh-cn/install-with-docker/

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

友情鏈接更多精彩內(nèi)容