Gogs get attention because it’s fast and only a single binary go application which is make update/upgrade really simple. Gogs runs anywhere Go can be compiled to Windows, Mac, Linux, ARM, etc.
Prerequisite
– Ubuntu 20.04
– Domain name
– Basic CLI knowledge
Setup DNS Record
For git hosting HTTPS is mandatory because you don’t want someone snooping on your traffic. Setup the DNS for your domain, in my case I setup gogs.atetux.com to the server IP.
Install Git
Install the latest git version supported by Debian 10.
sudo apt install git -y
Download Gogs
Download Gogs from release page
wget https://github.com/go-gitea/gitea/releases/download/v1.12.4/gitea-1.12.4-linux-amd64 -O gitea
extract file we just download earlier
tar zxvf gogs_0.12.3_linux_amd64.tar.gzrun the gogs for the first time.
Gogs Systemd Service
Create a systemd service file to run the Gogs in the background and every time system booting. Create /lib/systemd/system/gogs.service file copy following lines
[Unit] Description=Gogs After=syslog.target After=network.target [Service] LimitMEMLOCK=infinity LimitNOFILE=4000 RestartSec=2s Type=simple User=atetux Group=atetux WorkingDirectory=/home/atetux ExecStart=/home/atetux/gogs/gogs web Restart=always Environment=USER=atetux HOME=/home/atetux GOGS_WORK_DIR=/home/atetux [Install] WantedBy=multi-user.target
replace atetux with your own username/login shell.
Enable Gogs on boot
sudo systemctl enable gogs
Run the Gogs
sudo systemctl restart gogscheck if services run correctly
sudo systemctl status gogs
Configure Gogs
open http://[IP-SERVER]:3000 on browser
Change following value
Database Type : SQLite3 Domain : gogs.atetux.com Run user : USERNAME
scroll down then click Install Gogs. Dont worry when the webpage redirect to http://localhost:3000/user/login
we’ll use nginx as reverse proxy later to handle that.
Install Certbot Letsencrypt
Install Nginx
Since to able to run on port 80/443 Gogs need to run as root, which is a security nightmare. Instead, we’ll use Nginx as a reverse proxy for Gogs, we’ll mapping the port 3000 to our subdomain, for this case gogs.DOMAIN.com
sudo apt install nginx -y
Install Certbot
sudo apt install certbot python3-certbot-nginx -y
Setup temporary server block for gogs.DOMAIN.com
sudo nano /etc/nginx/sites-enabled/gogs.DOMAIN.com.conf
copy the lines below to /etc/nginx/sites-enabled/gogs.DOMAIN.com.conf
server { listen 80; server_name gogs.DOMAIN.com; }
Generate SSL for Gogs
sudo certbot certonly --nginx -d gogs.DOMAIN --agree-tos -m email@gmail.com
When asked :
We’d like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. Enter N
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. Enter 2
Setup Gogs Reverse Proxy
Open the nginx config file on /etc/nginx/sites-enabled/gogs.DOMAIN.com.conf, replace all lines with
server { listen 80; server_name gogs.DOMAIN.com; return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name gogs.DOMAIN.com; ssl_certificate /etc/letsencrypt/live/gogs.DOMAIN.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/gogs.DOMAIN.com/privkey.pem; location / { proxy_set_header X-Real-IP $remote_addr; proxy_pass http://127.0.0.1:3000/; } }
Verify nginx
sudo nginx -t
sudo systemctl reload nginxEnable nginx on boot
sudo systemctl enable nginx
Open https://gogs.DOMAIN.com
