Community Blog How to Deploy Your Private Git Repository Using Gitea with Docker

How to Deploy Your Private Git Repository Using Gitea with Docker

This article explains how to deploy your private Git repository using Gitea with Docker.

By Alain Francois

What Is Gitea?

Gitea is a free and open-source software package to help self-host a Git server. It also offers collaborative features, such as bug tracking, wikis, and code review. Gitea is a community-driven and lightweight code solution written in the Go language.

Developers need to regularly merge their code changes into a central repository when working. You may need a private central repository for your team you will host and manage by yourself. You can use Gitea for this purpose. It is similar to GitHub and Bitbucket.

Connect to Your ECS Instance

Log in to your Alibaba Cloud account and go to Elastic Compute Service (ECS):


Create a new instance. We will choose a Pay-As-You-Go instance:


Alibaba Cloud offers multiple Linux distributions. This article explains how to install Docker on different distributions so it can work with Gitea. You can choose a Debian-based or RedHat-based system:


Continue with the configuration of your instance until the end:


Installing Docker

You can install Docker on your ECS instance, whether it is on Debian-based or RedHat-based systems on the list above.

Installing Docker on Debian 9.9 and Ubuntu 20.04

First, update the cache of the server:

$ sudo apt update

Set up the repository over HTTPS:

$ sudo apt install ca-certificates curl gnupg lsb-release

Add the official Docker GPG key:

$ curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Set the stable repository of Docker:

  • On Ubuntu 20.04:
$ echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
  • On Debian 9.9:
$ echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Next, you need to update the cache again:

$ sudo apt update

Finally, you can install Docker Engine:

$ sudo apt-get install docker-ce docker-ce-cli containerd.io


You can check if the service is running with the following command:

$ sudo systemctl status docker

Now, you should add the default user to the Docker group. It will not need to use the sudo command with Docker:

$ sudo usermod -aG docker franck

Also, make sure to open ssh before enabling UFW:

$ sudo ufw allow 'OpenSSH'

Now, enable UFW:

$ sudo ufw enable

Command may disrupt existing ssh connections. Proceed with the operation (y|n)? y means the Firewall is active and enabled on system startup.

Configuring MySQL Docker

We need to configure the database that Gitea will use since it is compatible with MySQL/MariaDB, MSSQL, SQLite, and PostgreSQL. This guide uses MySQL database and runs it with Docker. MySQL offers an official Docker image on the docker-hub. We used the latest version (v.8.0) of the image when writing this guide:

$ docker run -d --name mysql-gitea -e MYSQL_ROOT_PASSWORD=your_mysql_root_pass -v /opt/volume/mysql-gitea:/var/lib/mysql mysql:latest

We can check if our container is running with the following command:

$ docker ps
CONTAINER ID   IMAGE          COMMAND                  CREATED          STATUS          PORTS                 NAMES
5d02b13ea435   mysql:latest   "docker-entrypoint.s…"   21 seconds ago   Up 19 seconds   3306/tcp, 33060/tcp   mysql-gitea

Let's connect to the MySQL container:

$ docker container exec -it mysql-gitea bash

Then, access the MySQL command line:

# mysql -u root -pyour_mysql_root_pass

Create the database and user for Gitea:

mysql> CREATE USER 'gitea'@'%' IDENTIFIED BY 'db_gitea_password';
mysql> CREATE DATABASE giteadb;
mysql> GRANT ALL PRIVILEGES ON giteadb.* TO 'gitea'@'%';
mysql> exit;

Now, exit the container:

# exit

Since we will need to connect Gitea to the database, we need to check the IP address of the container:

$ docker inspect mysql-gitea


The IP is

Configuring Gitea with Docker

Gitea needs to be connected to the MySQL database. We need to indicate the IP address of the container and the credentials of the database user that it will need to establish the communication. The information is listed below:

  • The type of database is mysql.
  • The IP address of the MySQL container is
  • The name of the database is giteadb.
  • The database user name is gitea.
  • The database user password is db_gitea_password.
  • The port used by Gitea is 3000.

When running Gitea, we will use some volume to keep the data persistent on the server. We will use the latest stable release of Gitea by mentioning the tag latest on the Docker command:

$ docker run -d --name gitea -v /opt/volume/gitea:/data -p 3000:3000 -e VIRTUAL_HOST=gitea.domain.cloud -e VIRTUAL_PORT=3000 -e USER_UID=1001 -e USER_GID=1001 -e DB_TYPE=mysql -e DB_HOST= -e DB_NAME=giteadb -e DB_USER=gitea-user -e DB_PASSWD=gitea@123 gitea/gitea:latest


We can check if it is running:

$ docker ps


Our Docker containers (mysql-gitea and gitea) are running.

Configuring NGINX and the SSL Certificate

We will use NGINX as our reverse proxy to serve all the requests of our Gitea service. First, we need to install it:

$ sudo apt install nginx

Now, we need to create the configuration of Gitea. We will also set the configuration to force all HTTP requests to HTTPS. In our case, we will use a let's encrypt certificate for the demonstration. (Also, we will assume you already have your certificate.) We will indicate the path of the certificate and key files in the Gitea configuration file:

$ sudo vim /etc/nginx/sites-available/gitea.conf
server {
        server_name gitea.domain.cloud;
        listen 80;
        access_log /var/log/nginx/gitea.log;
        return 301 https://$host$request_uri;
server {
        server_name gitea.domain.cloud;
        listen 443 ssl http2 ;
        access_log /var/log/nginx/gitea.log;
        ssl_certificate /etc/letsencrypt/live/gitea.domain.cloud/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/gitea.domain.cloud/privkey.pem; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
        add_header Strict-Transport-Security "max-age=31536000";
        location / {
                proxy_pass http://localhost:3000;
                proxy_set_header X-Forwarded-Host $host:$server_port;
                proxy_set_header X-Forwarded-Server $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

Next, create a symbolic of the configuration file:

$ sudo ln -s /etc/nginx/sites-available/gitea.conf /etc/nginx/sites-enabled/gitea.conf

We will remove the default configuration to avoid any conflict with the default configuration of NGINX:

sudo rm /etc/nginx/sites-enabled/default

Let's start the NGINX service:

$ sudo systemctl start nginx

Then, enable it on startup:

$ sudo systemctl enable nginx

Check your configuration:

$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Now, restart the service to take the configuration into consideration:

$ sudo systemctl restart nginx

Open the ports 80 and 443 on the firewall:

$ sudo ufw allow 80,443/tcp

Finally, restart your firewall:

$ sudo ufw disable && sudo ufw enable

Accessing Gitea through Your Browser

Now, open your browser and continue the installation of Gitea using the URL https://giteadomain.com that you have configured. The first section is the database configuration:


The second section is about the general configuration regarding the port, domain name, etc.


The third section is for some additional configuration, such as email settings and administrator accounts:


After the installation, log in using your credentials:


Go to the settings, and you will see a lot of options available for your configuration:


You can create your repository:


Gitea allows you to make the repository private:


Finally, you can see your repository:



Gitea allows you to host a private Git repository with many options. You can even create private repositories to only share with your collaborators.

0 0 0
Share on

Alibaba Cloud Community

563 posts | 54 followers

You may also like


Alibaba Cloud Community

563 posts | 54 followers

Related Products

  • Red Hat Enterprise Linux

    Take advantage of the cost effectiveness, scalability, and flexibility of Alibaba Cloud's infrastructure and services, as well as the proven reliability of Red Hat Enterprise Linux and Alibaba Cloud's support backed by Red Hat Global Support Services.

    Learn More
  • ECS Bare Metal Instance

    An elastic and horizontally scalable high-performance computing service providing the same computing performance as traditional physical servers including physical isolation.

    Learn More
  • ECS(Elastic Compute Service)

    An online computing service that offers elastic and secure virtual cloud servers to cater all your cloud hosting needs.

    Learn More