Installing a self-hosted git solution

As part of my trial of Linux on my recently acquired Lenovo X1 Carbon, I wanted to figure out how to get my Obsidian notes on it. I looked into several solutions but ended up with two supported approaches because of iOS/iPadOS. I could use Obsidian Sync or Git. I decided not to spend the $100 per year and go the Git route. I came across this article about using GitHub for syncing Obisian notes on her MacBook, iPhone, and iPad. I also already own Working Copy.

I had heard about self-hosted git services and decided this was a good time to set one up. My first use of it would be for my notes. I decided on Gitea. I ended up with Forgejo.

I got to installing

I went with the path of least resistance; one of my Synology NAS. I installed the Gitea package from SynoCommunity. I was confused by the database options. I thought the initial configuration did the database installation. In hindsight that was my mistake. I removed and installed the package again. This time, the installation was simple. I used the MariaDB instance I have on the same NAS. I created the first user which should be an admin user. The admin functions appeared to be greyed out. Since then, I have read and watched conflicting info about if you need to fill out the Administrator user section of the initial configuration or if the first user you create is an admin user. My experience is that the first user is an admin user; you don't need to explicity create the admin user. I messed around with this for a little bit. This is when I started wondering about the user that was running Gitea. I struggled with that user being a service account on the Synology. I couldn't log in or su as that user. I gave up. For now. I ended up coming back to this while I was messing with Forgjo in docker on the Synology.

A quick detour

I was thinking about next step. Do I install it as a container on one of my linodes? Do I set it up as a LXC on proxmox? Do I try on my Synology again using a container? During this, I somehow came across Forgejo, a soft fork of Gitea. I decided I would use that instead. I installed it on one of my linodes. I didn't run into any issues but I didn't get very far until I deleted what I had installed. I decided I didn't want to open a port for for ssh. I preferred to have it on my local network and use Tailscale to get to it from anywhere.

Third time is a charm?

Back to the Synology but docker this time. Well, I use Portainer. I used the standard Forgejo container. Most of the issues I had with Gitea and Forgejo once I got a bit into both was with SSH. I found info online about SSH maybe not working because of permissions. I reviewed docs on using SSH with Forgejo and Gitea. There seemed to be challenges with SSH and the standard image. You have to use the host SSH daemon to forward to Gitea/Forgejo. I then came across the rootless image. This image has it's own SSH server. You just have to configure the port it will use and configure the host and container ports in the docker compose. I struggled initally with which port setting in Forgejo/Gitea was for what. The Gitea Config Cheat Sheet helped with that. I also needed to get the config to be persistent. The Forgejo docker compose only specifies the data location; not the config. The one on Gitea's site does have config too. With the config location in my docker compose, I could make updates to the Forgejo config and have it persist. That made this easier.

At this point, things were looking good. I was using port 2222 for ssh. I could create a repo and clone it with ssh. I decided to try another port. I tried 22 and the container wouldn't start. The logs showed it couldn't bind. I found out later on the Arch Linux wiki that this is because some ports are priviledged and not allowed without additional config. I decided against using 22 or 222; there isn't a reason that I need to use one of those ports in the container. Since I am using docker volumes instead of bind mounts, I had to figure out how to access the settings file so I could change the ssh port. I created a Ubuntu container with the Forgejo volumes included. The Ubuntu container didn't have vi or nano installed. I installed nano and updated the ssh port in the Forgejo config. Now Forgejo started fine.

I then created a regular user account in Forgejo, created a repo, and could connect from my MacBook Air. I then disabled the ability in Foregjo of connecting via http; I only want to use SSH. This is another config option shown in the cheat sheet. Now I could not clone the repo from KDE neon on my X1 Carbon; I got an error about connecting via SSH. I added my public key to the ssh-agent because I had read about it earlier in this journey. I then could clone the repo and have a working alternative to GitHub. I can use it for what my original intent.

Wrapping up

This definitely took longer than I expected. I didn't keep track of hours. This took me about a month of nights and weekends to complete. Several times I considered stopping and considered if I want to spend my time on this. I decided I did and I am pleased with the outcome. I learned more about Linux and docker. And I can start moving at least some of my repos from GitHub.

Here is my docker compose for Forgejo on a Synology running DSM 7.2.

version: '3'

networks:
  forgejo:
    external: false

volumes:
  forgejo-data:
    driver: local
  forgejo-cfg:
    driver: local

services:
  server:
    image: codeberg.org/forgejo/forgejo:7-rootless
    container_name: forgejo
    restart: always
    networks:
      - forgejo
    volumes:
      - forgejo-data:/var/lib/gitea
      - forgejo-cfg:/etc/gitea
      - /etc/TZ:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - '3000:3000'
      - '2222:1111'