How to install Gitea code hosting service Fedora 34

How to install Gitea code hosting service Fedora 34

Gitea is an open source code hosting solution based on the Git platform. It is written in Go language. It includes a repository file editor, issue tracking, pull requests, user management, notifications, built-in wiki, LFS support, Git hooks, and more.

It is a lightweight application. Therefore, it can be installed on low-power systems. If you are looking for a self-hosted Git platform with a smaller memory platform, you should check out Gitea.

This article will introduce how to install and configure Gitea Fedora 34 and how to set up your first Git repository. Gitea can be installed from source code, binaries, docker packages or packages. For our tutorial, we will install it from the binary.


  • Running server Fedora 34.
  • A non-root sudo user.
  • SELinux is disabled.
  • Make sure everything is updated.

                                $ sudo dnf update

Step 1-Configure the firewall

The first step is to configure the firewall. Fedora Server comes with Firewall Firewall.

Check if the firewall is running.

                        $ sudo firewall-cmd --state


You should get the following output.



Check the currently allowed services/ports.

                        $ sudo firewall-cmd --permanent --list-services


It should display the following output.

                        dhcpv6-client mdns ssh


Allow HTTP and HTTPS ports.

                        $ sudo firewall-cmd --permanent --add-service=http
$ sudo firewall-cmd --permanent --add-service=https


Recheck the status of the firewall.

                        $ sudo firewall-cmd --permanent --list-services


You should see similar output.

                        dhcpv6-client http https mdns ssh


Reload the firewall.

                        $ sudo systemctl reload firewalld


Step 2-Install Git

The first step is to install Git.

                        $ sudo dnf install git


Verify the installation by checking the Git version.

                        $ git --version
git version 2.31.1


Configure Git

Git can be configured as git config Order. Set up your name and email address to use Git.

                        $ git config --global "Your Name"
$ git config --global "[email protected]"


You can use the following command to check the configuration.

                        $ git config --list Name
[email protected]


Step 3-Install and configure PostgreSQL

Gitea supports SQLite, MySQL/Mariadb, MSSQL and PostgreSQL. For our tutorial, we will use PostgreSQL.

Install and initialize PostgreSQL.

                        $ sudo dnf module enable postgresql:13
$ sudo dnf install postgresql-server postgresql-contrib
$ sudo postgresql-setup --initdb --unit postgresql
$ sudo systemctl enable --now postgresql


PostgreSQL uses the md5 encryption scheme for password authentication by default, which is insecure.You need to switch to SCRAM-SHA-256 plan. If you want to connect to a remote PostgreSQL database, you need to configure it to listen on your IP address.Both of these can be edited by /var/lib/pgsql/data/postgresql.conf document. Open it for editing.

                        $ sudo nano /var/lib/pgsql/data/postgresql.conf


Edit the following variables as follows.

                        listen_addresses = 'localhost,'
password_encryption = scram-sha-256


Press save file Ctrl + X And enter Yes When prompted.

Restart PostgreSQL.

                        $ sudo systemctl restart postgresql


Log in to the PostgreSQL shell.

                        $ sudo -u postgres psql


Create a new SQL user and database for Gitea. Choose a strong password for your database user.

                        postgres-# CREATE ROLE gitea WITH LOGIN PASSWORD 'yourpassword';


Replace the user name, database name, and password as needed.

Exit By typing shell q .

Allow database users to access the database created above by adding the following authentication rules /var/lib/pgsql/data/pg_hba.conf .

If the database is local, add this line.

                        local    giteadb    gitea    scram-sha-256


For remote databases, use the following code instead.

                        host    giteadb    gitea    scram-sha-256


You also need to edit the following line by adding replacement ident with scram-sha-256 .

                        # IPv4 local connections:
host    all             all               ident
# IPv6 local connections:
host    all             all             ::1/128                 ident


They should look like the following.

                        # IPv4 local connections:
host    all             all               scram-sha-256
# IPv6 local connections:
host    all             all             ::1/128                 scram-sha-256


Press save file Ctrl + X And enter Yes When prompted.

Restart PostgreSQL.

                        $ sudo systemctl restart postgresql


If you want to enable remote connections, you also need to add the following rules in the firewall.

                        $ sudo firewall-cmd --permanent--add-service=postgresql
$ sudo firewall-cmd --reload


Step 4-Create Git User

Create a new system user to run the Gitea application.

                        $ sudo useradd 
   --shell /bin/bash 
   --comment 'Git Version Control' 
   --home /home/git 


This command creates a new user and group named git And set the home directory to /home/git .

Step 5-Install Gitea

Open Gitea download page And check the version number of the latest binary file available. At the time of writing this tutorial, the latest version is 1.14.3.If there is a newer version, please VERSION Variables in the following commands.

use wget Utility to get the latest Gitea binaries.

                        $ GITEAVERSION=1.14.3
$ wget -O gitea${GITEAVERSION}/gitea-${GITEAVERSION}-linux-amd64


Move the downloaded binary file to /usr/local/bin contents.

                        $ sudo mv gitea /usr/local/bin


Make the binary executable.

                        $ sudo chmod +x /usr/local/bin/gitea


Run the following commands to create the directory and set the permissions required for Gitea to work properly.

                        $ sudo mkdir -p /var/lib/gitea/{custom,data,log}
$ sudo chown -R git:git /var/lib/gitea/
$ sudo chmod -R 750 /var/lib/gitea/
$ sudo mkdir /etc/gitea
$ sudo chown root:git /etc/gitea
$ sudo chmod 770 /etc/gitea


Permission of /etc/gitea The directory is set to 770 so that the installation wizard can create configuration files. After the installation is complete, we will set stricter permissions.

Create Systemd service file

We run Gitea as a systemd service. To do this, create a new systemd entry file for Gitea.

                        $ sudo nano /etc/systemd/system/gitea.service


Paste the following code into it.


ExecStart=/usr/local/bin/gitea web -c /etc/gitea/app.ini
Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea



Press save file Ctrl + X And enter Yes When prompted.

For reference, you can view the example Systemd files are available from the Gitea repository .

Reload the systemd daemon to enable the file we just created.

                        $ sudo systemctl daemon-reload


Enable and start the Gitea service.

                        $ sudo systemctl enable --now gitea


Verify that Gitea is running.

                        $ sudo systemctl status gitea
  gitea.service - Gitea
     Loaded: loaded (/etc/systemd/system/gitea.service; enabled; vendor preset: disabled)
     Active: active (running) since Tue 2021-07-04 20:33:38 EDT; 1 day 8h ago
   Main PID: 46404 (gitea)
      Tasks: 7 (limit: 2328)
     Memory: 115.5M        CPU: 9min 12.061s
     CGroup: /system.slice/gitea.service
             ---46404 /usr/local/bin/gitea web -c /etc/gitea/app.ini


Step 6-Configure Gitea

By default, Gitea listens on port 3000. You can use another port or stick to the default port. Therefore, we also need to open port 3000.

                        $ sudo firewall-cmd --permanent --add-port=3000/tcp
$ sudo firewall-cmd --reload


Open the browser and enter https://YOURIPADDRESS:3000 You will see the Gitea installer. Use the following values ​​to configure.

Database settings

  • Database type: Select PostgreSQL from the drop-down list
  • host:
  • username: Giteya
  • password: Your password
  • Name database: Giteya

General settings

Gitea Installer-General Settings

  • Website title: Enter Your organization name
  • Repository root path: Keep the default path
  • Git LFS root path: Keep the default path
  • Run as user name: Jerk
  • SSH server domain: Enter Your IP address
  • HTTP listening port: 3000 (You can change the port here, but you need to access it through the firewall.)
  • Gitea base website: https://your address: 3000
  • Log path: Keep the default value

You can configure email and server settings at this time, or you can change them later. However, you should fill in the administrator account settings.

Gitea installer-optional settings

To start the installation, click Install Gitea* Button. Once completed, you will be automatically logged in and redirected to the account dashboard.

Gitea account dashboard

The installation will create a Gitea configuration file. Change its permissions to read-only.

                        $ sudo chmod 750 /etc/gitea
$ sudo chmod 640 /etc/gitea/app.ini


That’s it. Gitea is now installed on your server.

Step 7-Install SSL using Let’s Encrypt

To install the SSL certificate using Let’s Encrypt, we need to download the Certbot tool using the Snapd package installer included in Ubuntu 20.04.

Run the following command to install Certbot.

                        $ sudo dnf install certbot


Generate an SSL certificate.

                        $ sudo certbot certonly --standalone --preferred-challenges http -d


The above command will download a certificate to /etc/letsencrypt/live/ The directory on the server.

Create a challenge webroot directory for Let’s Encrypt automatic renewal.

                        $ sudo mkdir -p /var/lib/letsencrypt


Create a cron job to update SSL. It will run every day to check the certificate and update it when needed.To do this, first, create a file /etc/cron.daily/certbot-renew And open it for editing.

                        $ sudo nano /etc/cron.daily/certbot-renew


Paste the following code.

certbot renew --cert-name --webroot -w /var/lib/letsencrypt/ --post-hook "systemctl reload nginx"


Press save file Ctrl + X And enter Yes When prompted.

Change the permissions of the task file to make it executable.

                        $ sudo chmod +x /etc/cron.daily/certbot-renew


Step 8-Install and configure Nginx

The next step is to install the Nginx server.

                        $ sudo dnf install nginx


Create an Nginx configuration file for Gitea.

                        $ sudo nano /etc/nginx/conf.d/gitea.conf


Paste the following code into it.

                        server {
        listen 80;
        location ~ /.well-known/acme-challenge {
                root /var/lib/letsencrypt/;
        return 301 https://$server_name$request_uri;
server {
        listen 443 ssl http2;
        server_name your_domain;
        client_max_body_size 50m;
        ssl_session_timeout 1d;
        ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
        ssl_session_tickets off;
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers off;
        ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
        ssl_stapling on;
        ssl_stapling_verify on;

        ssl_certificate /etc/letsencrypt/live/;
        ssl_certificate_key /etc/letsencrypt/live/;
        ssl_trusted_certificate /etc/letsencrypt/live/;
        proxy_read_timeout 720s;
        proxy_connect_timeout 720s;
        proxy_send_timeout 720s;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        location / {
                proxy_redirect off;
        access_log /var/log/nginx/gitea.access.log;
        error_log /var/log/nginx/gitea.error.log;


Press save file Ctrl + X And enter Yes When prompted.

Verify that the configuration file is working properly.

                        $ sudo nginx -t


Restart the Nginx server.

                        $ sudo systemctl restart nginx


Next, change the Gitea domain and root URL.To do this, open the configuration file /etc/gitea/app.ini .

                        $ sudo nano /etc/gitea/app.ini


Change the following values.

SSH_DOMAIN       =
DOMAIN           =
ROOT_URL         =


Press save file Ctrl + X And enter Yes When prompted.

Restart the Gitea service.

                        $ sudo systemctl restart gitea


Step 9-set up email notifications

If you want to receive email notifications, you can enable them through Sendmail or a third-party email transaction service (such as Amazon SES, Postmark, Mailgun, or Sendgrid).

To enable notifications, open the configuration file /etc/gitea/app.ini .

                        $ sudo nano /etc/gitea/app.ini


Edit the following part in the file and add the following code.

ENABLED = true
FROM           = [email protected]
MAILER_TYPE    = smtp
HOST           =
USER           = [email protected]
PASSWD         = `password`


Press save file Ctrl + X And enter Yes When prompted.

Restart the Gitea service.

                        $ sudo systemctl restart gitea


Step 10-Update Gitea

Upgrading Gitea includes downloading and replacing Gitea binaries.

First, stop the Gitea service.

                        $ sudo systemctl stop gitea


Download and install the Gitea binaries.

                        $ GITEAVERSION=LATESTVERSION
$ wget -O gitea${GITEAVERSION}/gitea-${GITEAVERSION}-linux-amd64
$ sudo mv gitea /usr/local/bin
$ sudo chmod +x /usr/local/bin/gitea


Restart the Gitea service.

                        $ sudo systemctl start gitea


Step 11-How to use SSH

To use SSH, we need to add our own SSH key to Gitea. If not, you can use the following command to create one on your local system.

                        $ ssh-keygen -N "yourpassphrase" -t ed25519 -C "gitea_key"


This will create a key named id_ed25519 inside ~/.ssh contents.To add this key, copy the contents of the file ~/.ssh/ To your clipboard.Then add this key to the Gitea settings page under the tab SSH/GPG key . Click Add key Button and name the key and paste it into the box.

Gitea SSH add key

If there is a list of allowed users in the sshd configuration file, you need to add git To it.

Open the SSHD configuration file.

                        $ sudo nano /etc/ssh/sshd_config


Find the line that should look like the following.

                        AllowUsers myuser myotheruser git


Press save file Ctrl + X And enter Yes When prompted.

Restart the SSHD service.

                        $ sudo systemctl restart ssh


You need to add a passphrase for the key we created ssh-agent Tools on your local system so you won’t be asked repeatedly. Run the following command to do this.

                        $ eval $(ssh-agent)
Agent pid 46436
$ ssh-add ~/.ssh/id_ed25519


You can clone your repository to test the SSH connection.

                        $ git clone ssh://[email protected]/username/repo.git
Cloning into 'repo'...
The authenticity of host ' (' can't be established.
ECDSA key fingerprint is SHA256:Kx9l19zpGhHfbb2wHtmWeC7/WWv8e5/T3Tcws2qwVEw.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added ',' (ECDSA) to the list of known hosts.
remote: Enumerating objects: 5, done.
remote: Counting objects: 100% (5/5), done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 5 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (5/5), 4.77 KiB | 977.00 KiB/s, done.


in conclusion

This concludes the tutorial on installing and configuring the Gitea code hosting service Fedora 34. If you have any questions, please raise them in the comments below.