RSS icon

ERROR 404 Not Found

A 404 error status implies that the file or page that you're looking for could not be found.


If you're a site visitor

Please use your browser's back button and check that you're in the right place. If you need immediate assistance, please send us an email instead.

If you're the site owner

Please check that you're in the right place and get in touch with your website provider if you believe this to be an error.


GitHub is pretty ok, but...

I think everybody was worried when Microsoft bought github. Despite this disturbance in the force, GitHub has, more or less, remained functional. However, private repos cost money and sometimes I just want to own my data. I'm not really fond of how much data the major players are sucking up from us all anyway (I say as I run an Android phone, Windows 10 PC, and grant access to folders for ease of use...). So, what's a semi-serious privacy nerd to do?

Git is still just a protocol you're already running

Most linux distributions come with git or make it really easy to install git. Before Linus Torvald enlightened us all with git, we had things like Mercurial, IBM Rational (which was one of the most absurd systems...), SVN, CVS, and even the ill advised Microsoft Team Foundation Version Control (TFVC). TFVC was great for randomly deleting all changes you made to your code upon commit.

Then along came git. It just runs. There's 3 commands you really need, almost everything is undoable, redoable, and editable. And it's CLI native. Less time on mouse = more time on keyboard getting work done and developing carpal tunnel. Perfection. I have some code that I'll pull onto it eventually. I'd like mostly to find a suitable replacement for git on mobile, as I seldom use git on my phone but it is occasionally useful. So, it's all rather straight forward.

Install Gitea

Git with a cup of tea. No idea what that's supposed to mean, but it's markets itself as "...a painless self-hosted Git service". That sounds like what I want. And somebody has been industrious enough to write an Android client for it. Let's see what it includes:

• User Dashboard
• Explore Page
• Issues Dashboard
• PR Dashboard
• Notifications
• Admin Panel
• Server status

And on, and on, and on. Cool, looks like a full featured git web service. It's even got a migration form for GitHub. Let's give it a whirl.

After installing from snap, I ran gitea as a service, per the instructions on Gitea's site and then...that was it. I couldn't find any kind of obvious interface to get going with it. I did some poking, found some youtube videos, and sure enough, there is a page running at http://localhost:3000. Run the installer, wait a bit for it to finish, then go look at your shiny new instance in the browser. Fun, but I want to access this from the outside too.

Gitea and NGINX

First, we need a reverse proxy so that NGINX can keep doing its thing and properly redirect git.recchia.dev to Gitea. Gitea has some documentation on creating a [reverse-proxy with NGINX here](https://docs.gitea.io/en-us/reverse-proxies/#nginx), so we give that a go. Combining this with the certbot instructions we used for pico and the pi-hole, the redirect basically wrote itself. Second, we want to enable HTTPS, as Gitea defaults to HTTP. Those directions are found [here](https://docs.gitea.io/en-us/https-setup/). The gist is simply to turn it on, then create a cert for it. The hardest part? Finding app.ini. They gave very few clues on how to get to that if you did the recommended Snap install. A quick check with the handy find tool reveals:

$ /snap/gitea/current $ sudo find / -name "app.ini" | grep gitea /var/snap/gitea/common/conf/app.ini

Hop in, change the default theme while we're at, and make the server section look like the following:

[server] PROTOCOL=https DOMAIN=git.recchia.dev ENABLE_LETSENCRYPT=true LETSENCRYPT_ACCEPTTOS=true LETSENCRYPT_DIRECTORY=https LETSENCRYPT_EMAIL=matthew@recchia.dev

In theory, this is it. I've been unable to get it all to work. I suspect I need remove the certbot entry from nginx, only handle the reverse proxy in nginx, and let Gitea handle the certs

Migrating Git repos

There's a built in form for migrating git repos. First try has resulted in a 500 error. Second try and further investigation revealed...not a whole lot. Then I found the error. Snap does some weird stuff and it's difficult to fix. So, what you end up needing to do is...

Installing Gitea from package

Snap is still a work in progress, it would seem. [Pi My Life Up](https://pimylifeup.com/raspberry-pi-gitea/) has something for us to work off of. However, the instructions haven't been updated in sometime. Arm v7 is no longer supported, but v6 is supported. Additionally, their instructions call for MySQL, but Sqlite is both leaner and less of a liability compared with MySQL.

This time we're doing it the old fashioned way. With a service, a service user that has no logon, and proper permissioning. Onward:
1. $ sudo apt-get install git sqlite3 -y
2. $ sudo adduser --disabled-login --gecos 'Gitea' git
3. $ sudo su git
4. $ mkdir ~/gitea $ cd gitea
5. $ wget https://dl.gitea.io/gitea/1.15.4/gitea-1.15.4-linux-arm-6 -O gitea $ chmod +x gitea
6. $ sudo vim /etc/systemd/system/gitea.service I use vim. I'd say come at me, but Emacs users all have arthritis.
7. [Unit] Description=Gitea (Git with a cup of tea) After=syslog.target After=network.target [Service] # Modify these two values ​​and uncomment them if you have # repos with lots of files and get to HTTP error 500 because of that ### # LimitMEMLOCK=infinity # LimitNOFILE=65535 RestartSec=2s Type=simple User=git Group=git WorkingDirectory=/home/git/gitea ExecStart=/home/git/gitea/gitea web Restart=always Environment=USER=git HOME=/home/git [Install] WantedBy=multi-user.target
8. sudo systemctl enable gitea --now
Now navigate to http://127.0.0.1:3000 and run the installer.

Migrating GitHub repos...again

And for the finale, I cloned one of my old repos. You can check out [Torso](https://git.recchia.dev/matt/Torso), hosted right here on my server. This was as painless and simple as promised. Added a new migration, included my PAT from GitHub for securely doing this whole shebang, and that was that.

ToDo

You're mad if you think I'm done. The work is never done. While Gitea supports 2FA, it supports it in the form of physical keys. I love my Yubikey, I stored the OTP for Gitea on it. But I want the hardware itself to be used. However, until the HTTPS pass through is succesful, it won't work. So, a to do list is in order.

✓ Enable HTTPS
X Add Yubikeys
X Test all this from Windows machine
X Install Android client and test from phone

Welcome to ~relvokcor.xyz~
RSS icon

ERROR 404 Not Found

A 404 error status implies that the file or page that you're looking for could not be found.


If you're a site visitor

Please use your browser's back button and check that you're in the right place. If you need immediate assistance, please send us an email instead.

If you're the site owner

Please check that you're in the right place and get in touch with your website provider if you believe this to be an error.