kenjim/appa-net
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
22d17d39f9522683bf37278c3f22d8d2d8c47dab
appa-net/zet.home.arpa/git-server/GITEA.SERVICE
Kenji Morishige 060219d161 added git server info
2026-04-22 14:59:04 -05:00

116 lines
3.2 KiB
Desktop File
Raw Blame History

# Gitea Service Unit File
Systemd service configuration for Gitea git server.
```ini
[Unit]
Description=Gitea (Git with a cup of tea)
After=network.target
[Service]
RestartSec=2s
Type=simple
User=git
Group=git
WorkingDirectory=/var/lib/gitea
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
Restart=always
Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
# Hardening
PrivateTmp=true
NoNewPrivileges=true
[Install]
WantedBy=multi-user.target
```
**Location**: `/etc/systemd/system/gitea.service`
**File Format**: Systemd unit file (INI-style)
## Key Configuration Parameters
### [Unit] Section
- **Description**: Gitea (Git with a cup of tea)
- **After**: Service starts after network is available
### [Service] Section
#### Execution
- **Type**: simple (traditional foreground process)
- **User**: git (unprivileged system user)
- **Group**: git (service group)
- **WorkingDirectory**: /var/lib/gitea (Gitea data directory)
- **ExecStart**: Command to start Gitea with config file
#### Restart Policy
- **Restart**: always (auto-restart on exit)
- **RestartSec**: 2s (wait 2 seconds before restarting)
#### Environment
- **USER**: git
- **HOME**: /home/git
- **GITEA_WORK_DIR**: /var/lib/gitea
#### Security Hardening
- **PrivateTmp**: true
- Isolates /tmp and /var/tmp for the process
- Prevents temp file leaks between processes
- **NoNewPrivileges**: true
- Prevents capability escalation
- Drops all capabilities except those explicitly granted
### [Install] Section
- **WantedBy**: multi-user.target
- Service is wanted by the multi-user runlevel
- Enables auto-start on boot when enabled
## Service Management Commands
### Status and Control
```bash
sudo systemctl status gitea # Check current status
sudo systemctl start gitea # Start the service
sudo systemctl stop gitea # Stop the service
sudo systemctl restart gitea # Restart the service
sudo systemctl enable gitea # Enable auto-start on boot
sudo systemctl disable gitea # Disable auto-start on boot
```
### Monitoring
```bash
journalctl -u gitea -n 50 --no-pager # Last 50 log lines
journalctl -u gitea -f # Follow live logs
journalctl -u gitea --since "2 hours ago" # Logs from last 2 hours
```
### Reload Systemd
If you edit the unit file:
```bash
sudo systemctl daemon-reload
sudo systemctl restart gitea
```
## Lifecycle
1. **Systemd Start**: Systemd reads the unit file
2. **Environment Setup**: Sets USER=git, HOME=/home/git, GITEA_WORK_DIR
3. **Process Isolation**: Activates PrivateTmp and security restrictions
4. **Gitea Launch**: Executes `/usr/local/bin/gitea web --config /etc/gitea/app.ini`
5. **Crash Handling**: If process exits, waits 2 seconds and restarts automatically
## Notes
- Service runs in foreground (Type=simple) rather than daemon mode
- Output goes to systemd journal (viewable via `journalctl`)
- Working directory is `/var/lib/gitea` where Gitea stores data
- Restart policy ensures automatic recovery from crashes
- Security hardening prevents privilege escalation and temp file exposure
---
**Last Updated**: 2026-04-22
**Source**: `/etc/systemd/system/gitea.service` on zet.home.arpa
Reference in New Issue View Git Blame Copy Permalink