Building your own Git Server with Gitea on AlmaLinux

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] hello and welcome back to learn linux tv in today's video what we're going to do is set up get t get t is a self-hosted git server an alternative to something like github that you can run on your very own instance and maintain yourself it's actually really easy to set up and in this video what i'm going to do is show you guys how to set up getty on alma linux now before we get started i just want to take a moment to mention the sponsor for today's video lenode and lenode is not only a great fit for this video in this project but also learn linux tv because learn linux tv runs on lenode now specific to today's project it's also a really good place to run gitti on the node's platform you can get up and running in minutes and they have all kinds of distributions for example alma linux which is the very same distribution that we're going to be using in today's video and if you don't already have your very own lenod account you can check out the platform by using the url that you see on the screen right now you could actually get 100 in free credit to get you started with your brand new account and considering that their instance types start at just five dollars a month there's a whole lot of linux that you could fit within that credit so the only limit to what you could use lenod for is your imagination in fact in this video i'm going to show you the process of setting up alma linux on lenode so if you want to follow along with me then go ahead and use that credit and that'll get your free account started and then you can set up get t on alma linux like you'll see me do here very shortly thank you so much to lenode for sponsoring learn linux tv yet again they've been a sponsor for quite some time now and i really appreciate it so go ahead and check them out and you won't be disappointed now with all that out of the way let's go ahead and get started and set up our very own git server with get t [Music] the first thing we're going to need is an alma linux instance but you can also use distributions like rocky linux or any other distribution that is based on red hat enterprise linux if the distribution is compatible with red hat enterprise linux 8 then you should be fine but you might have to adjust the commands accordingly if you run into anything that is specific to your distribution anyway what i'm going to do is create an alma linux instance here on lenode and you can follow along with me if that's also what you would like to do on your end but if you already have an alma linux installation ready to go then you can skip this entire section and if you prefer to install alma linux on your own hardware maybe bare metal or you could even have a virtualization solution such as proxmox if that's the case then i do have a video on my channel already that goes through the whole process of manually installing alma linux so you can check that video out if you'd like i'll leave a card for that right about here but if you continue along with me in this section right here then i'm going to assume that you would like to create an instance here on lenode so on my end i have these servers right here i want to create a brand new server for this particular task so what i'm going to do is choose all my linux and here it is then for the region you could choose whatever region is closer to you geographically and i'll just choose toronto because canada is awesome and the next thing that we'll need to do is choose our instance type and our instance type actually determines how many cpus we have available as well as how much ram things like that anytime you install any app on linux you obviously want to make sure that the server you are installing the app onto meets all of the requirements of the application that you're trying to install but when it comes to the requirements to run get t there's really not all that much get t is relatively lightweight compared to other things that you could be running so it really shouldn't matter which of these instance types we choose for our project so what i'm going to do is just go up here to shared cpu those are the cheaper instances and we should be able to get away with a nano of one gigabyte of ram but you could go with the two gigabyte instance if you'd like and that should definitely give you more room to work with but what i'm going to do is choose the four gig version right here that's probably going to be overkill especially since i'm going to be the only one using it generally speaking a one gig instance should be more than fine for get t especially if only one or two people are going to use it but i want this thing to be really fast so i'm going to choose this instance type right here that also gives me 80 gigs of storage so i'll have no shortage of storage space to store all of my repositories and next up we'll give this instance a label which is basically its name so for me what i'm going to do is call this git dot learn linux.cloud so if you already have a domain name then feel free to put the fully qualified domain name for your instance right here but if you don't have a domain name that's fine too you could just call this git server get t whatever you'd like but just give it a name that helps you identify what the server is actually for now tags are optional but it might be a good idea if you do have tags in my case i'm going to just pretend that this is going to be a production instance even though i'm technically only using this instance to show you guys the process i may or may not continue using this after this video is over but i definitely want to show you guys the whole process from the beginning and then here what we'll do is create a root password for instance hopefully your password will be randomly generated that's always the best way to go i'll just type in my password right now because again this is just a test instance so i'll just go ahead and create a password manually now make sure that you remember this password because if you forget it it's going to be very hard to log in there are ways to recover your password that go beyond the scope of this video so just make sure to save your password in a secure location so you don't forget it then we'll continue on from there and next up we have a backups option which i do recommend that you choose especially if this is going to be a production instance but since this is just a test instance in my case i'm going to leave that unchecked we also shouldn't need private networking for this particular use case so we should be good i'll create the instance right now and we already have an ip address right here and that's pretty cool i'll just copy that to my clipboard i'll be needing that shortly and right now the provisioning process has begun it usually takes one or two minutes or so for an instance to come online and we can watch the process right here by clicking on launch list console so this is almost like a virtual monitor and if you see this right here that means that your instance has not started up yet is still being built in the background so we're just waiting for that to finish and as soon as it does we'll see a bunch of text just fly through the screen and that'll let us know that the instance is actually booting up and here we go all right so as you can see here our instance is in fact online so what i should be able to do is use ssh to connect to it so i'll just copy the ip which i've already done so i probably didn't need to do that again and i'll switch over here to my terminal and then i'll just type ssh and then root at i'll paste in the ip address and i should be able to log into the instance let's see what happens so i'll type yes i definitely want to connect to the server i'll type in the password and now we're in so at this point before we actually install get t there's some things that i would like to do first just to make sure that everything is in the best possible state before we get started now an easy thing that we can do right away is change the host name right now we just have a temporary hostname so we definitely want to make sure that we name this server with a name that's actually descriptive so what i could do is type nano and what i'll do is edit the hostname file which is located at slash etsy slash hostname so i'll erase what's there right now and in my case i'm going to give it the same name that i gave it in the leno dashboard it doesn't have to match but you know i like consistency consistency is always good so i'm going to use the fully qualified domain name for mine now obviously if you don't have a fully qualified domain you could go ahead and just call this whatever you'd like get get t whatever you think is appropriate but that's good enough for me so ctrl o and then enter to save it ctrl x to exit out and then there's one more file that we have to edit when it comes to the hostname so i'll do that right now so what i'm going to do is actually customize this file quite a bit i'm going to go all the way to the end of this first line right here because i don't need most of these so just go ahead and back all of these out except for the first localhost and i'm not going to configure ipv6 so i'll leave the last line alone but i will add a new line here and this is the way that i like to set up the host file when it comes to adding a custom name so what i'm going to do is type the same name right here and if you're using a fully qualified domain name it's also a good idea to type the abbreviated version here as well so i'll save the file and now the host name is actually all set now it's not going to show here until we reboot the server and we could reboot the server right now but i would rather install all of the updates first just to make sure that that's done and to do that i can run dnf update so i'll do that and press enter and well we do indeed have some updates and i'll confirm the installation of these updates by simply typing y and then enter so it's going to download it looks like 52 packages so this might take a moment so what i'll do is actually fast forward time to the future when this is done so i'll meet you there all right so it looks like all of the updates have been installed so what i'm going to do right now is reboot the server and then after it comes back up we'll go ahead and continue so to do that i will type reboot and then i'll press enter and it's going to take a minute or two for this instance to reboot so what i'll do is just pause the recording right here and then i'll be right back i think enough time is actually passed by now so let's go ahead and see if we can get reconnected to the server so i just press the up arrow and that's the same exact command that i used earlier to initially connect to the server so if it's back online then well this should work and it seems to be working fine i have a password prompt and now we're in and check out the bash prompt it's actually showing the first part of the fully qualified domain name which must mean that it took the host name that we gave it earlier and if i type hostname on the command line we could actually confirm that the name is what we expect it to be and well it is but there's one more thing that we should do before we get started with the actual get t installation and what that is is we'll need to create a few users here so that way we're not only getting away from using root but get t is going to need its own user as well so first what i'll do is create a user for myself and to do that i'll type user add and dash m what dash m will do is make sure that i have a home directory that's definitely something that i'd like to have and i'll give myself the username of j i think that's good enough and the user should be created but i will need to create a password for the user so as root i will type passwd and then the username of the user that i've just created and i'll create the password and it took the new password that's really awesome and if we use the tail command against the etsy password file password is abbreviated in this case we should actually see the new user that i've just created and it looks like it worked because my user is listed right there at the bottom next up i want to make sure that my user can execute sudo commands and what i'll do is make my user a member of the wheel group so user mod dash lowercase a uppercase g together and then the group we want to add the user to which is going to be wheel and then the name of the user that we want to add to that group which is mine so to confirm that the group membership has been updated i could type groups and then the username and as you can see right here my user is indeed a member of the group wheel so we should be good there so continuing on what i'm going to do is create a brand new user and the user that i'll be creating is actually going to be used for the get t application and it's going to be a system user there's a distinction between a normal user and a system user and that's important for security so to create this user what i'm going to do is run user ad and i'll include the dash r option and that's the option that's going to designate this user as a system user the m option is going to give me a home directory for that user and the s option will help me define a shell for the user as well which i will set to slash bin slash bash just like that the name of the user i'll be creating i'm going to call it get t so if this works then i should end up with a system user named get t that i'll be using for the application let's see what happens well it didn't give me any error messages so it looks like it probably worked to make sure that i'll again tell the etsy password file and we can see the system user of get t there at the bottom it has a user id of 994 and a group id of 991 so user ids and group ids under 1000 are very typical when it comes to system users so we should be good when it comes to this particular user so let's go ahead and move on to the next step now we will need to install git in order for this to work at all and what we should do is just find out do we have git installed already and in my case i don't if i did it would actually give me the path to the binary forget so we could safely assume that git is not installed so to get that installed we can run dnf install and then get it should be that simple so i'll press enter so it's going to install a number of dependencies here and that's fine i'll confirm with y and then enter and then i'll let these packages install and i'll be right back so we have git installed and that box is now checked and as you can see we have git installed at user bin git so it's right there ready for us next what we're going to do is install sqlite so dnf install sqlite just like you see there on the screen and i will have a link to a blog post that you could check out that's going to have all of these commands on it so if you want to copy and paste you'll be able to do that so we're going to install it i'll confirm that by pressing y and then enter and well sqlite is installed so the next step will be to download git t i mean we can't run git t if we don't download it so where do we get it from well before i show you the download page what we want to do is we want to make sure that we have wget because that's how we're going to actually get the file onto the server so i'll type which and then w get and unfortunately i don't have that installed so as you could probably guess by now i'm going to run dnf and then install i want to make sure that i have wget because we're about to use it here very shortly this one should also install fairly quickly so i'll just type y and then enter and there you go it's already done so let's switch over to a browser we want to find the download link for the latest version of getty so what i'm going to do here is just cheat a bit and just type get t download now just type that right into the address bar to do a quick search right here we have a link to download the binary so i'll click on that let's go ahead and download it and this is really cool right here in the documentation for get t they're actually giving us the full download command for downloading get t to our server via wget which is pretty cool and that's really convenient so i will copy this command right here and let's switch back over to the terminal and we'll paste it in so if this works it should actually download get t locally so i'll press enter and it's downloading so i'm going to let this finish and then i'll be right back and we should have t downloaded to our server right now and to confirm that i'll just list the storage and sure enough get t is right there but we'll need to mark it executable otherwise there's really nothing we can do with it we need permission to run it as a binary in order for it to be of use so i can run chmod plus x and i'll do so against the get t binary and as you can see it's now executable it's not just that the color turned green we actually have x's on the left hand side i have a whole video on my channel already about permissions if you are curious what that permission string actually represents but it is executable so that box is now checked now it's not going to be a good idea to run git t from root's home directory so what i'd like to do is move it to a better directory and i'll do so with the mv command i want to move get t and i'll move it into user local bin and when i type which get t just like you see here it's showing me the full path to the binary so so far so good i'll clear the screen and the next thing that i want to do is create the required directories for get t and i'm just pulling this right off the documentation page for getty so i'll run make dur dash p i want it to create the parent directory if necessary and i want to create slash var live and then get t and then there's going to be a few sub directories here that i want to create and i could actually have all three of these subdirectories created in one shot to do that i'll type in open curly brace like you see right here the first subdirectory will be custom the second will be data and then the third will be log i'll add the closing brace and then i'll press enter and as you can see right here we have the three directories that we need for git t so that's pretty cool next let's go ahead and change the permissions for those directories that we've just created so chmod dash r we want this change to be recursive permissions will be 750 again i have a permissions video on my channel already so if this is confusing for you if you don't know what this means then you can check out that video otherwise you could simply type what i'm showing right here and it should work just fine and we want to change the permissions on slash var slash live and then get t and then next we'll create another directory and the directory we will create is slash etsy slash get t so i'll press enter and then next what we want to do is change the ownership of that directory and i would like that directory to be owned by root that's better for security anyway colon and then the name of the group that we want to make sure that we've added and i'll add it to the get t group and the directory that i want to change the ownership on is going to be etsy slash get t and i'll list the storage of it and as you can see the directory does exist it's owned by root as the user and the group that owns it is get t so far so good and now we'll update the permissions again this time for the etsy get t directory chmod 770 and those are the permissions for this particular folder and again the folder that we'll be modifying is slash etsy slash get t now another thing that we'll need to do that i almost forgot is we'll need to change the group ownership for the directory that we created for getty specifically the var live get t directory we already changed the ownership for etsy get t but we need to also do the same for var live get t as well so what i'll do is type ch own dash capital r and then get t with a colon at the end and then the directory is going to be slash var slash live and then get t just like that and as you can see right here get t now owns those directories so we should be good to go at least as far as the permissions are concerned now next what i'm going to do is create a systemd unit file for get t and this will make sure that the application always starts up when the server starts up and in addition to that it's also going to create the environment variable that's needed as well but in order to create the service we'll need a service file and thankfully git makes that available so we can simply grab it and then we can customize it as necessary enable it and that should do the trick so i'll switch back to a browser and i will have this url in the blog post for this video but for right now i'm just going to type it in manually it's https colon backslash backslash and then it's actually located on github then go hyphen get t get t again type the word blob main contrib system d and then it's going to be called get t dot service what i'm going to do is click the raw button right here that's going to strip all of the ui off the page so that way it makes it super easy to go ahead and copy this entire file so that way we could add it to our server so what i'll do is just highlight every line in this file i'll right click and copy it and let's go back over to the terminal and we'll just use a text editor whatever your preferred text editor happens to be my favorite is bim but nano is good too slash etsy slash systemd then system and we're going to call it getty.service and let's go ahead and paste right here and then we'll go all the way up to the top so what we'll need to do here is just go through the file and just make sure that everything is true and basically we're just looking for anything that might be inconsistent for example if it's calling a username that's different than the username we've actually created we want to make sure that that lines up so just take a quick browse through this file right here and i see the first thing right here that we should edit the user in this case is called get but on my end i use get t for the user so we want to make sure that that matches and now it does let's see if there's anything else here that we want to confirm and here we see the user is referenced again we want to make sure that we correct that to get t we'll do the same for the home directory as well and we have those updated so let's continue on see if there's anything else now that should be everything but we should take another look at the file just to make sure that we didn't miss anything so i'll just go back up and actually i do see something that i missed right here the group is actually get t as well so if i left this file alone then well get t wouldn't start would it now let's go ahead and save the file ctrl o and then enter and then ctrl x to exit out next up let's run systemctl and then demon hyphen reload that's just going to make sure that systemd is aware of the new service file that we've just created and we didn't get any output but i wasn't expecting any output that's a pretty simple command right there and next let's see if the systemd unit file is actually understood and recognized by the system so we can run system ctl and then status and then get t just like that and as you can see right here it does indeed recognize get t as a valid service on the system so it looks like our installation of the systemd unit file was done correctly now something to make you guys aware of is the fact that get t will not start if sc linux is enabled now normally what i would prefer you guys to do is actually create an se linux policy that will allow get t to run so what i'm going to do is actually change the mode of se linux to permissive now that's not my preferred way to handle this situation though i'm not a fan of disabling or actually weakening sc linux because it's there to help us and increase our security however a full tutorial of se linux is beyond the scope of this particular video so after you're finished going through this video then i challenge you guys to get get t working with se linux fully enabled so just go ahead and see how to create a custom policy to achieve that but for right now i'm going to change the mode and then we're going to just go along with that for the rest of this video and to do that i'll use nano and i will edit etsy sc linux slash config and then i'll go here to the se linux line and what i'll do is change that to permissive and in the case where i'm going to be disabling sc linux i prefer to actually set it to permissive mode rather than outright disabling it i mean at least that way if there's any kind of intrusion attempt i will at least see some information in the logs but if you disable it then you won't have that information either anyhow what i'll do is save the file right now control o and then enter control x and the next time this particular server reboots then se linux will be in permissive mode right now if i run se status it's actually fully enabled so even though i've edited that file that only changes when i reboot the server that doesn't actually make the change take effect right now so in the interest of time i could reboot it but rather than wait for the server to reboot again in order for that change to take effect what i'll do instead is actually execute a command that will temporarily change the mode for se linux and then in my case it may as well be a permanent change since i've actually configured sc linux in the config file to start in permissive mode this is just going to make sure that sc linux is changed to permissive mode right now so to do that i will type set in force and then i'll set that to zero and that should be good enough for now so let's go ahead and start up get t and make sure that it actually works and to do that we can run systemctl and then start and the name of the service is getty.service and now let's check the status to see whether or not getty is actually working so because i'm lazy i'm not going to type all of that again i'll just simply change the keyword of start to status just like that and check this out the status is active and running that's really cool so this is really a good sign that means that getty is running but unfortunately if we were to go to the browser and try to access this it's still not going to work because we have one more thing that we have to do to actually allow access so i'll clear the screen and then we'll move on to the next and possibly final step in the process now i'm currently still logged in as root and i really don't like that during this video i've actually created a user for myself so technically i really shouldn't be using root anymore so what i'll do is exit and that closed out my session and let's see if i can actually access the server with my username the name of the user that i created earlier in the video which was j let's see if that works so far so good and actually i'm logged in that's pretty cool so now i can avoid using root going forward and we can go ahead and continue now like i mentioned we need to add the firewall rule to the server because if we don't do that then well we're not going to be able to connect to it so in order to do that i'll first run sudo i need to use that now that i'm not logged in as root anymore that'll help me elevate my privileges to root i'm going to run firewall hyphen cmd i want to make a permanent change and the zone that i want to edit is going to be the public zone i'm going to add a port so dash dash add dash port and then i'll set that equal to 3000 part 3000 is actually the port that git t will run under by default then i'll type slash tcp and i'll press enter so next i'll type in the password for the user and this will help me understand whether or not sudo is working and just like that the command was successful so what we'll do now is actually reload the firewall so again sudo and then firewall cmd dash dash reload that should do it so i'll press enter and again success so at this point get t should be publicly available you should be able to open up a web browser and access the server let's go ahead and see if we can [Music] so here in my browser what i should be able to do is access the get t application and since this will be the first time that i'm accessing it i should see a configuration page that will help me well configure the application so what i'll do is run http colon slash and then on your end what you could do is type the ip address right here if that's all you have if you like me created a domain name for your server then you could add that right here since i did create a fully qualified domain name off-camera then what i'll do is type get.learnlinux.cloud colon 3000 3000 is the default port number that get t will run under so i'll press enter and let's see if it works and so far so good so this is the configuration page and we're going to want to pay special attention to this page because if we make any mistakes then we'll have to start the configuration over now thankfully that's not hard to do if you make a mistake you could simply delete the app.ini file in the etsy get t directory but let's go ahead and just take our time so that way we won't make any mistakes now first of all for the database type i'll change that to sql sqlite3 that's the simpler option here now if you're going to have a bunch of people using this then you'll definitely want to make sure that you use a full database server something like mariadb or similar but for our purposes today i think this should be good enough now for the title you could go ahead and keep the default or you could give it a custom name and i'll just name mine the learn linux tv git server that should be good enough now for the server domain we're definitely going to want to edit this right here i mean localhost is not resolvable outside of the server so what you could do is actually type the ip address right here if that's all you have but if you have a domain name you can type that as well so in my case it's git dot learn linux dot cloud ssh port we'll leave that as the default same with the port of 3000 right here we have localhost we want to definitely get rid of that and type the same thing that we typed earlier so in my case again git dot learn linux dot cloud and let's scroll down and what we'll want to do is create a new administrator account now for the username what we want to do is give it a custom username don't use admin or administrator or any of those things that you know other people would probably assume you're going to use now in my case i will just call my user optimus prime i have no idea why i decided to choose that but you know that's what my username is going to be i think optimus prime is cool so it works out and let's give this user a password and again and then i'll type in my email address right here and we should have answered everything that we needed to answer here so i will install getty let's click this button and see what happens and check this out it logged me right in and i am actually using get t right now now what i'm going to do is just sign out real quick and just sign in again and i'll just make sure that authentication is working fine i see no reason why it wouldn't be but it did log me right in so that was very useful but i want to go ahead and log in myself and just make sure that everything is fine [Music] so i typed in my super secret password and let's click the sign in button and i'm signed right into the server that's pretty cool so what i'm going to do is create a repository right now so i'll click new repository and i will call the repository test repo this is just a test i think that should be fine and we'll create the repository so now we have the repository that's pretty cool so i'll copy the url to the repository right here and then i'll switch back to the terminal and let's paste it right here so we have the url to the git repository and what i'll do is type git clone we want to pull down that repository so i'll press enter and here's telling me that i've actually cloned an empty repository which might be a red flag but in our case we haven't actually added anything yet so we should be good we're actually expecting it to be empty at this point so anyway let's go ahead and cd into that repository we have nothing in there right now well actually that's not true we have a dot get directory that's expected but let's actually create a file and push it upstream and make sure that everything is working so what i'll do is just use a text editor i will edit testfile.txt inside there what i'll do is i will type get t is awesome i'll save the file exit out and it's showing me right here that it's detected a new file so i will add that file to version control and git add as the command of choice to accomplish that let's run git status again and that was telling me that a new file will be committed and i do have a beginner video on how to use git if you're interested so don't worry so much about memorizing these commands i'm just trying to make sure that everything works properly so anyway i will type git commit and then dash a i want to include everything and then dash m that's going to allow me to type a message i'll just type initial commit usually you do want your commit messages to be more verbose than this but this is just a test which is why i don't care at the moment and of course it wants me to go ahead and type my information here i keep forgetting this step no matter how many times i use get so let's go ahead and do what it wants and due to the fact that this is a test i don't really care about the email address and then we'll customize the user.name as well and let's go ahead and run that again and now the git commit actually worked but we're not going to have the changes upstream just yet so what i'll do is run git and then push origin and then master so it's asking us for the username which i set to be optimus prime and then it wants the password i'll type that in and check this out it looks like it's working let's find out so here we have the actual repository i didn't refresh the page yet so if i do refresh it we now have the test file right here and as you can see it says get t is awesome so it looks like everything is working just fine so if you're following along with me then congratulations you now have your very own git server running on alma linux powered by getty [Music] so at this point you should have your very own git server with get t get t is actually one of my favorite applications to self host it's a really powerful application it's lightweight and as you just saw it's easy to set up now hopefully this video has helped you out in getting yours set up and if it has please be sure to click that like button if you did like this video because that lets youtube know that other people might benefit from having their own get t server as well as always i have some awesome content coming very soon i upload every week so make sure you subscribe if you haven't already done so and i'll see you in the next video [Music] you
Info
Channel: Learn Linux TV
Views: 23,065
Rating: undefined out of 5
Keywords: Linux, gnu/linux, LearnLinuxTV, git, github, version control, gitea, gitea server, self-hosted, homelab, git server, almalinux, alma linux, linode, vps, devops, custom server build, linux server, github (website), git (software), gitea installation, gitea setup, how to use gitea, gitea tutorial, gitea login, install gitea, how to install gitea, centos 8, open source software, linux for beginners 2022, how to, git tutorial, linux commands, devops tutorial for beginners, linux tutorial
Id: bVB24I7B0JQ
Channel Id: undefined
Length: 39min 51sec (2391 seconds)
Published: Tue May 17 2022
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.