Gitea is a painless, self-hosted, all-in-one software development service. It includes Git hosting, code review, team collaboration, package registry, and CI/CD. It is similar to GitHub, Bitbucket and GitLab.
部署文档#
基础环境#
- Docker
- Docker Compose
- Traefik【可选】
部署步骤#
- 创建
compose.yml文件
mkdir /usr/local/src/gitea
touch /usr/local/src/gitea/compose.yml
- compose.yml文件内容
services:
gitea:
container_name: gitea
image: gitea/gitea:1.24
privileged: true
restart: unless-stopped
ports:
- 3000:3000
- 22:22
volumes:
- /etc/timezone:/etc/timezone:ro
- /usr/local/src/gitea/data:/data
environment:
- UID=1000
- GID=1000
- TZ=Asia/Shanghai
mem_limit: "512m"
cpus: "0.5"
networks:
- service
labels:
# HTTP/HTTPS 路由规则 (用于 Web 访问)
# Traefik 服务发现和路由配置
# 启用 Traefik 对此服务进行发现
- "traefik.enable=true"
# 指定 Traefik 应该监听哪个网络来发现此服务
- "traefik.docker.network=service"
# Router (路由器) 配置
# 定义路由规则:匹配域名 gitea.artoio.com
- "traefik.http.routers.gitea.rule=Host(`gitea.artoio.com`)"
# 指定此路由只监听 'websecure' 入口点(通常是 443 端口)
- "traefik.http.routers.gitea.entrypoints=websecure"
# 为此路由启用 TLS (HTTPS)
- "traefik.http.routers.gitea.tls=true"
# 使用名为 'letsencrypt' 的证书解析器(需要在 Traefik 配置中定义)
- "traefik.http.routers.gitea.tls.certresolver=letsencrypt"
# Service (服务) 配置
# 指定此路由要转发到哪个 Traefik 服务(与下面的服务名一致)
- "traefik.http.routers.gitea.service=gitea"
# gitea 容器内部监听的端口
- "traefik.http.services.gitea.loadbalancer.server.port=3000"
# WAF
- "traefik.http.routers.gitea.middlewares=chaitin@file"
# TCP 路由规则 (用于 SSH 访问) - 核心配置
- "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
- "traefik.tcp.routers.gitea-ssh.entrypoints=ssh"
- "traefik.tcp.routers.gitea-ssh.service=gitea-ssh"
- "traefik.tcp.services.gitea-ssh.loadbalancer.server.port=22"
networks:
service:
external: true
- 启动容器
docker compose up -d
数据持久#
/usr/local/src/gitea/data:/data
网关代理#
Traefik网关代理Gitea容器,用于实现域名访问,并且Traefik配置了证书自动申请、定时更新!
- 3000: Gitea Web 端口
- 22: SSH 端口
修改路由【可选】#
优化容器路由实现 Gitea 镜像 GitHub!需要有一个网关代理,如 mihomo
- 问题描述:Gitea 容器无法访问 GitHub,需通过科学上网代理。
- 解决方案:修改 Gitea 容器路由,指向 Mihomo(Clash)代理 IP。
networks:
service:
ipv4_address: 172.18.0.23
command: sh -c "ip route del default && ip route add default via 172.18.0.10 dev eth0 && /usr/bin/entrypoint"
# 修改网络权限
cap_add:
- NET_ADMIN
