{"id":386,"date":"2018-03-24T00:00:46","date_gmt":"2018-03-23T16:00:46","guid":{"rendered":"https:\/\/cloudbool.com\/archive\/?p=386"},"modified":"2018-03-24T00:00:46","modified_gmt":"2018-03-23T16:00:46","slug":"gitea-nginx-ssl-mysql-config-git-server-note","status":"publish","type":"post","link":"https:\/\/cloudbool.com\/archive\/gitea-nginx-ssl-mysql-config-git-server-note.html","title":{"rendered":"Gitea+Nginx+SSL+MySQL\u914d\u7f6eGit\u670d\u52a1\u5668\u8bb0\u5f55"},"content":{"rendered":"

\u516c\u53f8\u7684\u9879\u76ee\u4e00\u76f4\u7528\u7684SVN\uff0c\u6700\u8fd1\u89c9\u5f97\u4ee3\u7801\u63d0\u4ea4\u6d4b\u8bd5\u4e4b\u540e\uff0c\u66f4\u65b0\u5230\u6b63\u5f0f\u670d\u52a1\u5668\u6709\u70b9\u9ebb\u70e6\uff0c\u5c31\u6298\u817e\u4e86\u4e0b\u5404\u79cd\u642d\u5efa\u81ea\u6709git\u670d\u52a1\u5668\u7a0b\u5e8f\uff0c\u524d\u540e\u8bd5\u4e86gitlab\u3001gitea\u3001gogs\uff0c\u6700\u540e\u9009\u62e9\u4e86gitea\uff0c\u6253\u7b97\u914d\u7f6e\u4e00\u53f0\u79c1\u6709\u7684git\u670d\u52a1\u5668\u8ddf\u540c\u4e8b\u534f\u4f5c\u53ca\u7ed9\u670d\u52a1\u5668\u4ee3\u7801\u7248\u672c\u66f4\u65b0\uff0c\u8fd9\u91cc\u8bb0\u5f55\u4e00\u4e0bgitea\u7684\u914d\u7f6e\u8fc7\u7a0b\u3002
\n
\n\u4e00\u5f00\u59cb\u6211\u662f\u9009\u62e9Gitlab\u7684\uff0c\u542c\u5927\u5bb6\u8bf4\u8fd9\u8d27\u529f\u80fd\u5f3a\u5927\uff0c\u652f\u6301\u5404\u79cd\u529f\u80fd\uff0c\u6211\u5c31\u8bd5\u4e86\u4e0b\uff0c\u53d1\u73b0\u5f88\u591a\u529f\u80fd\u6211\u4eec\u6682\u65f6\u7528\u4e0d\u4e0a\uff0c\u800c\u4e14\u90a3\u8d27\u592a\u5360\u8d44\u6e90\u4e86\uff0c\u770b\u5b98\u65b9\u6587\u6863\u8bf4\u63a8\u83504G\u5185\u5b58\uff0c\u5982\u679c\u5b89\u88c5\u8fd9\u4e2a\uff0c\u518d\u52a0\u4e0a\u522b\u7684\u4efb\u52a1\uff0c\u6211\u4eec\u7684\u5907\u7528\u670d\u52a1\u5668\u53ef\u80fd\u625b\u4e0d\u4f4f\uff0c\u6700\u540e\u8bd5\u4e86\u4e0bgitea\uff0c\u53d1\u73b0\u6bd4\u8f83\u8282\u7701\u8d44\u6e90\uff0c\u4e14\u4f9d\u8d56\u7684\u670d\u52a1\u4e5f\u4e0d\u591a\uff0c\u6700\u540e\u51b3\u5b9a\u9009\u62e9\u8fd9\u4e2a\u3002
\n\u5982\u679c\u4e0d\u914d\u7f6eNginx\u548cSSL\u8bbf\u95ee\uff0c\u76f4\u63a5\u4f7f\u7528Gitea\u548cSQLite\u4e5f\u53ef\u4ee5\uff0c\u4f46\u662f\u4e3a\u4e86\u4ee5\u540e\u62d3\u5c55\u4ee5\u53ca\u6570\u636e\u5b89\u5168\u53ca\u8bbf\u95ee\u65b9\u4fbf\uff0c\u6211\u9009\u62e9\u4e86\u7528MySQL\u4fdd\u5b58\u6570\u636e\uff0c\u4ee5\u53ca\u7528Nginx+SSL\u4fdd\u8bc1\u6570\u636e\u4f20\u8f93\u5b89\u5168\uff0c\u6240\u4ee5\u5c31\u6709\u4e86\u8fd9\u7bc7\u6587\u7ae0\u3002
\n\u672c\u6587\u7684\u6240\u6709\u5b89\u88c5\u8fc7\u7a0b\u5728Vultr<\/a>\u4e0a\u7684512MB VPS\u64cd\u4f5c\u901a\u8fc7\uff0c\u5982\u679c\u4f60\u60f3\u4f53\u9a8c\uff0c\u53ef\u4ee5\u901a\u8fc7\u8fd9\u4e2a\u94fe\u63a5\u8d2d\u4e70\uff1ahttps:\/\/www.vultr.com<\/a>
\n\u9996\u5148\u662f\u5b89\u88c5\u5404\u79cd\u4f9d\u8d56\uff0c\u6bd4\u5982\u8bf4Nginx\u3001MySQL\u3001git\u7b49\uff0c\u6211\u4eec\u9009\u7684\u662fCentOS7\u7cfb\u7edf\uff0c\u5b89\u88c5\u547d\u4ee4\u5982\u4e0b\uff1a<\/p>\n

yum install nginx mariadb git wget\n<\/code><\/pre>\n
CentOS6\u7cfb\u7edf\uff1a<\/p>\n
yum install nginx mysql-server git wget\n<\/code><\/pre>\n
\u5982\u679c\u63d0\u793aNginx\u5b89\u88c5\u51fa\u9519\uff0c\u8bf7\u8003\u8651\u542f\u7528EPEL\u6e90<\/a>\uff0c\u6216\u8005\u8003\u8651Linux\u5b89\u88c5\u5b98\u65b9\u6700\u65b0\u7248\u7684Nginx<\/a>\u3002
\nMySQL\u5982\u679c\u4e0d\u60f3\u4f7f\u7528MariaDB\uff0c\u4e5f\u53ef\u8003\u8651CentOS\u7cfb\u7edfyum\u5b89\u88c5MySQL 5.5\/5.6\/5.7\/8.0<\/a>\u3002
\n\u6211\u4e60\u60ef\u5c06\u6240\u6709\u7684gitea\u6570\u636e\u653e\u7f6e\u5230\/var\/gitea<\/strong>\u76ee\u5f55\uff0c\u8fd9\u6837\u4fbf\u4e8e\u7ba1\u7406\uff0c\u6240\u4ee5\uff0c\u65b0\u5efa\u6587\u4ef6\u5939\u53ca\u4e0b\u8f7dgitea\uff1a<\/p>\n
mkdir \/var\/gitea\ncd \/var\/gitea\nwget https:\/\/dl.gitea.io\/gitea\/master\/gitea-master-linux-amd64 -O gitea\n<\/code><\/pre>\n
\u8fd9\u91cc\u4e0b\u8f7d\u7684\u662fLinux 64bit\u7cfb\u7edf\u6240\u8fd0\u884c\u7684\u6587\u4ef6\uff0c\u66f4\u591a\u5e73\u53f0\u53c2\u8003\u8fd9\u91cc\uff1ahttps:\/\/dl.gitea.io\/gitea\/master\/
\n\u4e0b\u8f7d\u4e4b\u540e\uff0c\u8d4b\u4e88\u53ef\u6267\u884c\u6743\u9650\uff0c\u5e76\u6267\u884c\uff1a<\/p>\n
chmod +x gitea\n.\/gitea\n<\/code><\/pre>\n
\u5728\u8f93\u51fa\u7684\u663e\u793a\u4fe1\u606f\u4e2d\uff0c\u63d0\u793a\u6211\u4eec\u53ef\u4ee5\u6253\u5f00\u5bf9\u5e94\u4e3b\u673a\u76843000\u7aef\u53e3\u8fdb\u884c\u4e0b\u4e00\u6b65\uff0c\u6211\u4eec\u7528\u6d4f\u89c8\u5668\u6253\u5f00http:\/\/ip_or_domain:3000 \uff0c\u5c31\u80fd\u770b\u5230gitea\u7684\u5b89\u88c5\u754c\u9762\u4e86\uff0c\u4f46\u662f\u4e3a\u4e86\u65b9\u4fbf\u8bbf\u95ee\u4ee5\u53ca\u6570\u636e\u4f20\u8f93\u5b89\u5168\uff0c\u6211\u4eec\u63a5\u4e0b\u6765\u8fd8\u8981\u914d\u7f6eNginx\u53cd\u4ee3gitea\u76843000\u7aef\u53e3\u5e76\u5f3a\u5236SSL\u8bbf\u95ee\u3002
\nSSL\u8bc1\u4e66\u7533\u8bf7\u53ef\u4ee5\u53c2\u8003\u8fd9\u4e2a\uff1a\u5229\u7528Certbot\u7533\u8bf7Let’s Encrypt SSL\u8bc1\u4e66<\/a>\u3001Certbot\u7533\u8bf7let’s encrypt ECC\u6cdb\u57df\u540d\u8bc1\u4e66<\/a>\u6216\u8005\u8fd9\u4e2a\uff1a\u5229\u7528acme.sh\u7533\u8bf7letsencrypt\u514d\u8d39wildcard\u8bc1\u4e66<\/a>\uff0c\u8fd9\u91cc\u5c31\u4e0d\u591a\u8bf4\u4e86\u3002
\n\u7533\u8bf7\u597dSSL\u8bc1\u4e66\u4e4b\u540e\uff0c\u6211\u4eec\u63a5\u4e0b\u6765\u914d\u7f6eNginx\u4ee3\u7406gitea\u5e76\u914d\u7f6eSSL\u8bbf\u95ee\u3002\u65b0\u5efaNginx\u914d\u7f6e\u6587\u4ef6\uff0c\u7136\u540e\u53c2\u8003\u5982\u4e0b\u914d\u7f6e\uff1a<\/p>\n
vim \/etc\/nginx\/conf.d\/gitea.conf\nserver {\n    server_name gitea.cloudbool.com;\n    listen   443 ssl http2;\n    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;\n    ssl_certificate \/etc\/letsencrypt\/live\/gitea.cloudbool.com\/fullchain.pem;\n    ssl_certificate_key \/etc\/letsencrypt\/live\/gitea.cloudbool.com\/privkey.pem;\n    ssl_session_cache        shared:SSL:10m;\n    ssl_session_timeout      60m;\n    ssl_session_tickets      on;\n    ssl_stapling             on;\n    ssl_stapling_verify      on;\n    location \/ {\n        proxy_pass http:\/\/127.0.0.1:3000;\n    }\n    client_max_body_size    4m;\n    access_log \/var\/log\/nginx\/gitea.log;\n    error_log \/var\/log\/nginx\/error.gitea.log;\n    error_page 404 \/404.html;\n    error_page 500 502 503 504 \/50x.html;\n    location = \/50x.html {\n        root \/usr\/share\/nginx\/html;\n    }\n}\nserver {\n    listen 80;\n    server_name gitea.cloudbool.com;\n    location \/ {\n        rewrite ^\/(.*)$ https:\/\/gitea.cloudbool.com\/$1 permanent;\n    }\n}\n<\/code><\/pre>\n
\u56e0\u4e3agitea\u5b89\u88c5\u9700\u8981\u6709\u6570\u636e\u5e93\uff0c\u867d\u7136\u53ef\u9009postgresql\u3001mysql\u3001sqlite\uff0c\u4f46\u662f\u9664\u4e86MySQL\u5176\u4f59\u4e24\u4e2a\u6211\u4eec\u90fd\u4e0d\u719f\u6089\uff0c\u6240\u4ee5\u6211\u4eec\u9009\u62e9\u4e86MySQL\uff0c\u4f7f\u7528\u4e0b\u9762\u547d\u4ee4\u521b\u5efa\u4e00\u4e2agitea\u6570\u636e\u5e93\u5e76\u521b\u5efa\u5bf9\u5e94\u7684\u7528\u6237\u7ed9gitea\u4f7f\u7528\uff0cMySQL\u4ee3\u7801\u5982\u4e0b\uff1a<\/p>\n
create database gitea DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;\nCREATE USER gitea_user@localhost;\nSET PASSWORD FOR git_user@localhost= PASSWORD(\"git_password\");\nGRANT ALL PRIVILEGES ON gitea.* TO gitea_user@localhost IDENTIFIED BY 'gitea_password';\nFLUSH PRIVILEGES;\n<\/code><\/pre>\n
\u5206\u522b\u5c06\u4e0a\u8ff0gitea<\/strong>\u3001gitea_user<\/strong>\u3001gitea_password<\/strong>\u66ff\u6362\u6210\u5b9e\u9645\u7684\u6267\u884c\u4e00\u4e0b\u5c31\u884c\u3002
\n\u5b89\u88c5\u4e4b\u524d\uff0c\u6211\u4eec\u6700\u597d\u8fd8\u662f\u914d\u7f6e\u4e00\u4e0bsystemd\u3002\u5c31\u662f\u5230\u76ee\u524d\u4e3a\u6b62\uff0c\u6211\u4eec\u4f7f\u7528\u7684\u662froot\u7528\u6237\u5728\u8fd0\u884cgitea\uff0c\u5982\u679c\u662f\u5185\u7f51\u6765\u8bf4\uff0c\u6ca1\u4ec0\u4e48\u95ee\u9898\uff0c\u4f46\u662f\u5982\u679c\u8981\u5f00\u653e\u5230\u516c\u7f51\u8bbf\u95ee\uff0c\u8fd9\u53ef\u80fd\u662f\u4e2a\u5b89\u5168\u9690\u60a3\uff0c\u6240\u4ee5\uff0c\u6211\u4eec\u63a5\u4e0b\u6765\u521b\u5efa\u4e00\u4e2a\u4e13\u95e8\u7684\u7528\u6237\u6765\u8fd0\u884cgitea\u53ca\u914d\u7f6esystemd\u670d\u52a1\u3002
\n\u521b\u5efagitea\u7ec4\uff0c\u4ee5\u53ca\u6dfb\u52a0gitea\u7528\u6237\u5e76\u52a0\u5165gitea\u7ec4\uff1a<\/p>\n
groupadd gitea\nuseradd -g gitea gitea\n<\/code><\/pre>\n
\u4e0a\u9762\u547d\u4ee4\u521b\u5efa\u4e86\u4e00\u4e2agitea\u7528\u6237\u5e76\u52a0\u5165\u4e86gitea\u7528\u6237\u7ec4\uff0c\u6211\u4eec\u63a5\u4e0b\u6765\u5c31\u7528\u8fd9\u4e2a\u7528\u6237\u8fd0\u884cgitea\u7a0b\u5e8f\u3002
\n\u8d4b\u4e88\u76f8\u5173\u53ef\u6267\u884c\u6743\u9650\uff1a<\/p>\n
chown -R gitea.gitea \/var\/gitea\n<\/code><\/pre>\n
\u521b\u5efaLinux Service\u6587\u4ef6\u5e76\u53c2\u8003\u5982\u4e0b\u914d\u7f6e\uff1a<\/p>\n
vim \/etc\/systemd\/system\/gitea.service\n[Unit]\nDescription=Gitea (Git with a cup of tea)\nAfter=syslog.target\nAfter=network.target\nAfter=mysqld.service\n[Service]\n# Modify these two values and uncomment them if you have\n# repos with lots of files and get an HTTP error 500 because\n# of that\n###\n#LimitMEMLOCK=infinity\n#LimitNOFILE=65535\nRestartSec=2s\nType=simple\nUser=gitea\nGroup=gitea\nWorkingDirectory=\/var\/gitea\nExecStart=\/var\/gitea\/gitea web\nRestart=always\nEnvironment=USER=gitea HOME=\/home\/gitea\n[Install]\nWantedBy=multi-user.target\n<\/code><\/pre>\n
\u63a5\u4e0b\u6765\u6211\u4eec\u5c31\u53ef\u4ee5\u5f00\u59cb\u5b89\u88c5gitea\u4e86\uff0c\u8bbf\u95ee\u6211\u4eec\u4e0a\u8ff0\u7ed1\u5b9a\u7684\u57df\u540d\uff0c\u76f4\u63a5\u5c31\u80fd\u770b\u5b89\u88c5\u754c\u9762\uff1a
\n\"gitea-install-nginx-ssl-mysql\"
\n\u8f93\u5165\u76f8\u5173\u4fe1\u606f\u5c31\u80fd\u5b8c\u6210\u5b89\u88c5\u4e86\uff0c\u5b89\u88c5\u8fc7\u7a0b\u53ef\u4ee5\u521b\u5efa\u7ba1\u7406\u5458\u3001\u914d\u7f6e\u90ae\u4ef6\u53d1\u9001\u3001\u7cfb\u7edf\u8bbe\u7f6e\u7b49\uff0c\u5b89\u88c5\u597d\u4e4b\u540e\u7684\u754c\u9762\uff1a
\n\"gitea-install-nginx-ssl-mysql-after-install\"
\n\u8fd9\u6837gitea\u5c31\u7b97\u914d\u7f6e\u5b8c\u6210\u4e86\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
\u516c\u53f8\u7684\u9879\u76ee\u4e00\u76f4\u7528\u7684SVN\uff0c\u6700\u8fd1\u89c9\u5f97\u4ee3\u7801\u63d0\u4ea4\u6d4b\u8bd5\u4e4b\u540e\uff0c\u66f4\u65b0\u5230\u6b63\u5f0f\u670d\u52a1\u5668\u6709\u70b9\u9ebb\u70e6\uff0c\u5c31\u6298\u817e\u4e86\u4e0b\u5404\u79cd\u642d\u5efa\u81ea\u6709git\u670d\u52a1 …<\/p>\n
  Gitea+Nginx+SSL+MySQL\u914d\u7f6eGit\u670d\u52a1\u5668\u8bb0\u5f55<\/span> \u67e5\u770b\u5168\u6587 »<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"footnotes":""},"categories":[182],"tags":[196,197,76,100],"class_list":["post-386","post","type-post","status-publish","format-standard","hentry","category-linux","tag-git","tag-gitea","tag-nginx","tag-ssl"],"_links":{"self":[{"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/posts\/386","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/comments?post=386"}],"version-history":[{"count":0,"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/posts\/386\/revisions"}],"wp:attachment":[{"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/media?parent=386"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/categories?post=386"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/tags?post=386"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}