Installing Gitea on Rocky Linux 10

10/09/2025

0 Views 0

SaveSavedRemoved 0

How to Install Gitea on Rocky Linux 10: A Comprehensive Guide

In the world of software development, controlling your own source code is paramount. While cloud-based services like GitHub and GitLab are popular, a self-hosted Git service offers unparalleled control, security, and customization. Gitea stands out as a leading choice for self-hosting—it’s a lightweight, open-source, and incredibly powerful solution written in Go.

This guide will walk you through the complete process of installing, configuring, and securing Gitea on a Rocky Linux 10 server. We’ll cover everything from initial setup to configuring a reverse proxy with Nginx and securing it with a free Let’s Encrypt SSL certificate.

Prerequisites

Before we begin, ensure you have the following:

A server running a fresh installation of Rocky Linux 10.
A non-root user with sudo privileges.
A fully qualified domain name (FQDN) pointed to your server’s IP address (e.g., git.yourdomain.com).

Step 1: System Preparation and Updates

First, let’s prepare our system. Log in to your server and update all packages to their latest versions. This ensures a stable and secure foundation.

sudo dnf update -y

Next, install Git, which is a core dependency for Gitea, along with other necessary tools like wget.

sudo dnf install -y git wget

Step 2: Set Up the PostgreSQL Database

Gitea supports several databases, including SQLite, MySQL, and PostgreSQL. For production environments, PostgreSQL is a highly recommended, robust choice. Let’s install and configure it.

Install PostgreSQL:
```
sudo dnf install -y postgresql-server
```
Initialize the Database:
```
sudo postgresql-setup --initdb
```
Start and Enable the PostgreSQL Service:
```
sudo systemctl enable --now postgresql
```
Create a Dedicated Gitea User and Database: For security, we’ll create a specific database and user for the Gitea application.
bash sudo -u postgres psql -c "CREATE USER gitea WITH PASSWORD 'YourStrongPassword';" sudo -u postgres psql -c "CREATE DATABASE gitea OWNER gitea;"
Important: Replace 'YourStrongPassword' with a secure, unique password and store it safely for the web configuration step later.

Step 3: Download and Install Gitea

We will run Gitea under a dedicated, unprivileged system user for improved security.

Create the Gitea User:

sudo adduser --system --shell /bin/bash --comment 'Gitea Git Service' --home-dir /home/git git

Create Necessary Directories: Gitea needs specific directories for its configuration, data, and logs.
```
sudo mkdir -p /var/lib/gitea/{custom,data,log}
sudo chown -R git:git /var/lib/gitea/
sudo chmod -R 750 /var/lib/gitea/
sudo mkdir /etc/gitea
sudo chown root:git /etc/gitea
sudo chmod 770 /etc/gitea
```
These permissions ensure that the git user has full control over its data while maintaining system security.
Download the Gitea Binary: Visit the Gitea downloads page to find the latest version. We will download the binary for the linux-amd64 architecture. Copy the link address for the latest version.
```
# Example for version 1.22.0 - replace with the latest version
wget https://dl.gitea.com/gitea/1.22.0/gitea-1.22.0-linux-amd64
```
Install the Binary: Make the downloaded file executable and move it to a system path.
bash sudo mv gitea-1.22.0-linux-amd64 /usr/local/bin/gitea sudo chmod +x /usr/local/bin/gitea

Step 4: Create a Systemd Service for Gitea

To ensure Gitea runs automatically on boot and can be managed easily, we’ll create a systemd service file.

Create the Service File:

sudo nano /etc/systemd/system/gitea.service

Add the Following Configuration: Paste this content into the file. This tells systemd how to run, stop, and manage the Gitea process.

[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
After=postgresql.service

[Service]
RestartSec=2s
Type=simple
User=git
Group=git
WorkingDirectory=/var/lib/gitea/
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
Restart=always
Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea

[Install]
WantedBy=multi-user.target

Enable and Start the Gitea Service: Reload the systemd daemon to recognize the new file, then enable and start Gitea.
```
sudo systemctl daemon-reload
sudo systemctl enable --now gitea
```
Verify the Service is Running:
bash sudo systemctl status gitea
You should see an “active (running)” status. By default, Gitea is now listening on port 3000.

Step 5: Configure Nginx as a Reverse Proxy

Running Gitea directly on port 3000 is not ideal for production. We’ll set up Nginx to act as a reverse proxy, allowing users to access Gitea through the standard web ports (80 and 443) and enabling us to add an SSL certificate.

Install Nginx:
```
sudo dnf install -y nginx
```
Create an Nginx Configuration File for Gitea:
```
sudo nano /etc/nginx/conf.d/gitea.conf
```

Add the Reverse Proxy Configuration: Paste the following configuration, replacing git.yourdomain.com with your actual domain name.

server {
    listen 80;
    server_name git.yourdomain.com;location / {
    proxy_pass http://localhost:3000;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}
}

Test and Start Nginx:
bash sudo nginx -t sudo systemctl enable --now nginx

Step 6: Secure Gitea with a Let’s Encrypt SSL Certificate

Never run a login service over an unencrypted connection. We’ll use Certbot to automatically obtain and configure a free SSL certificate from Let’s Encrypt.

Install Certbot:

sudo dnf install -y certbot python3-certbot-nginx

Obtain and Install the Certificate: This command will automatically detect your Nginx configuration, get a certificate, and configure Nginx to use it.
bash sudo certbot --nginx -d git.yourdomain.com
Follow the on-screen prompts. It is highly recommended to choose the option to redirect HTTP traffic to HTTPS.

Step 7: Configure the Firewall

Finally, we need to allow web traffic through the system’s firewall.

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload

Step 8: Final Gitea Setup Through the Web UI

You’re almost done! Open your web browser and navigate to your domain (e.g., https://git.yourdomain.com). You will be greeted by the Gitea installation page.

Configure the following key settings:

Database Type: Select PostgreSQL.
Host: 127.0.0.1:5432
User: gitea
Password: The strong password you created in Step 2.
Database Name: gitea
Site Title: Your organization’s name.
Gitea Base URL: This is crucial. Ensure it is https://git.yourdomain.com/.
SSH Server Domain: git.yourdomain.com

Scroll down to the administrator account settings and create your admin user. Once finished, click “Install Gitea”. You will be redirected to the login page.

Congratulations! You now have a fully functional, secure, and private Git server powered by Gitea running on Rocky Linux 10. You can start creating repositories, adding users, and taking full control of your source code management.

Source: https://centlinux.com/install-gitea-on-rocky-linux-10/