Git教程 - 使用gogs搭建Git服务
Git教程 - 使用gogs搭建Git服务
前情提示:
腾讯云centOS6.9 64位 1核1G1M;
gogs0.11.91;
mysql社区版centos6 64位8.0.19bundle;
git2.25.1;
文章更新说明:
1.将root改为git用户;(2020-03-13)
2.优化mysql安装步骤,修复拼写错误,优化git全局变量配置,优化gogs目录权限使用git用户(强烈建议);(2020-03-14)
3.提示:域名中不要有中文、不要有中文、无论是后缀还是中间,在适当的时候你会发现,无论是git还是微信开发配置业务域名,中文域名不支持,转码后的域名又提示未备案,走进S胡同,只能重新申请英文域名。(2020-03-15)
4.改用英文域名:https://www.nogit.top,关闭注册体验通道,想要体验的,评论下方留言;(2020-03-29)
5.更新无忧简洁版文档,适合线上正式使用。https://janeyork.blog.csdn.net/article/details/106175941(2020-05-15)
注意:
1.注意看自己的版本和文件夹名称,不要复制错了,建议手敲写命令,顺便熟悉下;
1.简单介绍下,Gogs优缺点:
优点:轻量、快、免费、开源。
不足:较GitHub、gitlab功能少,其他暂不清楚,可以自行搜索。
2.进入官网,进行安装(2020-03-12摘自官网)。https://gogs.io/docs/installation
- 数据库(选择以下一项):
- MySQL:版本 >= 5.7
- PostgreSQL
- TiDB(实验性支持,使用 MySQL 协议连接)
- 或者 什么都不安装 直接使用 SQLite3
- git(bash):
- 服务端和客户端均需版本 >= 1.8.3
- Windows 系统建议使用最新版
- SSH 服务器:
- 如果您只使用 HTTP/HTTPS 的话请忽略此项
- 如果您选择在 Windows 系统使用内置 SSH 服务器,请确保添加
ssh-keygen到您的%PATH%环境变量中 - Windows 系统 请确保 Bash 是默认的 Shell 程序,而不是 PowerShell
3.安装mysql。后续其他环境也可能会用到mysql数据库比如Javaweb等。
下载并上传到服务器。https://dev.mysql.com/downloads/mysql/
选择合适的版本:Linux6、bundle
https://cdn.mysql.com//Downloads/MySQL-8.0/mysql-8.0.19-1.el6.x86_64.rpm-bundle.tar
将tar文件上传到服务器,然后进行安装。
[root@VM_0_9_centos software]# cd /usr/software
[root@VM_0_9_centos software]# tar -xvf mysql-8.0.19-1.el6.x86_64.rpm-bundle.tar
mysql-community-libs-8.0.19-1.el6.x86_64.rpm
mysql-community-devel-8.0.19-1.el6.x86_64.rpm
mysql-community-libs-compat-8.0.19-1.el6.x86_64.rpm
mysql-community-common-8.0.19-1.el6.x86_64.rpm
mysql-community-server-8.0.19-1.el6.x86_64.rpm
mysql-community-test-8.0.19-1.el6.x86_64.rpm
mysql-community-client-8.0.19-1.el6.x86_64.rpm
[root@VM_0_9_centos software]# 检查是否安装了mysql,如果有进行卸载:
rpm -qa|grep mysql
yum list installed mysql*
# 卸载
yum remove mysql mysql-xxxx mysql-server mysql-libs compat-mysql51
rm -rf /var/lib/mysql
##可能cannot remove ‘/etc/my.cnf’: No such file or directory
rm /etc/my.cnf卸载完成后,请再次rpm -qa|grep mysql检查下,如果还有,请移步:https://blog.csdn.net/qq_31708763/article/details/86485398
安装:
rpm -ivh mysql-community-common-8.0.19-1.el6.x86_64.rpm --nodeps --force
rpm -ivh mysql-community-libs-8.0.19-1.el6.x86_64.rpm --nodeps --force
rpm -ivh mysql-community-client-8.0.19-1.el6.x86_64.rpm --nodeps --force
rpm -ivh mysql-community-server-8.0.19-1.el6.x86_64.rpm --nodeps --force高版本貌似不允许设置忽略大小写,除非在初始化之前指定。一但初始化完成就无法更改,除非丢弃数据。
当前为root,以下可不执行,直接start服务自动先init,同时在/var/lib/mysql/生成数据库文件
# mysqld --initialize
# chown mysql:mysql /var/lib/mysql -R启动:
centOS6:
service mysqld start
查看启动状态
service mysqld status
设置开机启动
chkconfig mysqld on
centOS7:
systemctl start mysqld.service
systemctl enable mysqld如果你像我一样,启动失败MySQL Daemon failed to start,请查看错误日志:
cat /var/log/mysqld.log 或者删除数据库(慎用,慎用,慎用),因为是新装的,未尝不可,rm -fr /var/lib/mysql/*然后重新init下。
查看临时生成的密码:
cat /var/log/mysqld.log | grep password
使用初始密码登录:
mysql -u root -p
修改初始密码:
# 高版本数据库使用强密码规则,密码设置尽可能麻烦,大写+小写+数字+符号
ALTER USER 'root'@'localhost' IDENTIFIED BY 'CNMpgz123!';退出,使用新密码重新登录:
exit;
如果忘记密码,需要重置:
vim /etc/my.cnf #注:windows下修改的是my.ini
skip-grant-tables# 在[mysqld]后面任意一行添加skip-grant-tables用来跳过密码验证的过程;设置完密码记得删除
systemctl restart mysqld.service #重启mysql ,就可以免密码登陆了,然后进行修改密码授权远程账号remote可以从任何主机进行登录:
如果报错:ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IDENTIFIED BY 'IamPGZ123' WITH GRANT OPTION' at line 1
新版本mysql,把创建用户和赋予权限分开了,
创建账户:
CREATE USER 'username'@'host' IDENTIFIED BY 'password';
username:创建的用户名
host:用户在哪个主机上可以登陆,如果是本地用户可用localhost,如果想让用户可以从任意远程主机登陆,可以使用通配符%
password:用户的登陆密码,密码可以为空,如果为空则该用户可以不需要密码登陆服务器
赋予权限:
GRANT privileges ON databasename.tablename TO 'username'@'host' [修改权限后面加WITH GRANT OPTION];
privileges:用户的操作权限,如SELECT,INSERT,UPDATE等,如果要授予所的权限则使用ALL
databasename:数据库名
tablename:表名,如果要授予该用户对所有数据库和表的相应操作权限则可用*表示,如*.*
WITH GRANT OPTION 该用户是否可授权
GRANT select,insert,update,delete,create,drop ON a.b TO 'user1'@'%';
GRANT ALL ON *.* TO 'user2'@'%';
查看授权信息
SHOW GRANTS FOR 'user3'@'localhost'
设置或更新密码
SET PASSWORD FOR 'username'@'host' = PASSWORD('newpassword');
当前登陆用户用
SET PASSWORD = PASSWORD("newpassword");低版本mysql,比如5.6可以使用以下:
GRANT ALL PRIVILEGES ON *.* TO 'remote'@'%'IDENTIFIED BY 'IamPGZ123' WITH GRANT OPTION;
或者赋予root任何主机:
mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%'WITH GRANT OPTION;
mysql>FLUSH PRIVILEGES
或者指定某用户某IP:
GRANT ALL PRIVILEGES ON *.* TO 'ten-user'@'192.168.1.1'IDENTIFIED BY 'heheda1Ii0O00L' WITH GRANT OPTION;本文mysql8系列,采用:其实已经和root一样了
CREATE USER 'remote'@'%' IDENTIFIED BY 'CNMpgz123!';
GRANT ALL PRIVILEGES ON *.* TO 'remote'@'%'WITH GRANT OPTION;
FLUSH PRIVILEGES;授权root可以任何主机:可二选一,反正都是任何主机,任何权限。不过一般安全考虑指定主机或者本地才能执行某些特殊权限。
use mysql;
update user set host='%' where user='root';设置完成后,退出mysql命令行,exit;
设置mysql开机自启动:
centOS6:
##设置
chkconfig mysqld on
##查看
chkconfig --list | grep mysql
centOS7:
systemctl enable mysqld.service
systemctl start mysqld.service现在还不能远程访问测试remote账号,因为一般都有防火墙限制。
配置防火墙:(虚拟机的话直接关闭、云服务器的话有可能额外地去阿里/百度/西数等控制台安全组开放对应端口)
centOS6:
##编辑防火墙配置文件
vi /etc/sysconfig/iptables
模仿其他的写,添加需要放开的端口(注意放置位置),这里把常用的一下子都加进来了:
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
##重启防火墙
service iptables restart
或者直接关闭防火墙(不建议)
service iptables start //开启防火墙
service iptables stop //关闭防火墙
service iptables restart //重启防火墙
#永久性生效,重启后不会复原(并不会即使生效,需要注意)
chkconfig iptables on #开启防火墙
chkconfig iptables off #关闭防火墙,再次开机不会打开防火墙使用rpm安装mysql的位置说明:
1、数据库目录
/var/lib/mysql/
2、配置文件
/usr/share/mysql(mysql.server命令及配置文件)
3、相关命令
/usr/bin(mysqladmin mysqldump等命令)
4、启动脚本
/etc/rc.d/init.d/(启动脚本文件mysql的目录)附:mysql配置文件:simple version。后续优化,默认引擎其实就是innodb,可不设置。
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/8.0/en/server-configuration-defaults.html
[mysqld]
#
# Remove leading # and set to the amount of RAM for the most important data
# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%.
# innodb_buffer_pool_size = 128M
#
# Remove the leading "# " to disable binary logging
# Binary logging captures changes between backups and is enabled by
# default. It's default setting is log_bin=binlog
# disable_log_bin
#
# Remove leading # to set options mainly useful for reporting servers.
# The server defaults are faster for transactions and fast SELECTs.
# Adjust sizes as needed, experiment to find the optimal values.
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M
#
# Remove leading # to revert to previous value for default_authentication_plugin,
# this will increase compatibility with older clients. For background, see:
# https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_default_authentication_plugin
# default-authentication-plugin=mysql_native_password
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
default-storage-engine=INNODB
# navicate等客户端
# default_authentication_plugin=mysql_native_password
# 5.6低版本和高版本语法写法不一样
sql_mode='STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION'附:centOS6防火墙配置文件:默认有的注释了,以下是解开注释后的。
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3000 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT还好我的腾讯云默认没有绑定任何安全组,省的设置了,最后用naviccate用remote账号测试链接即可。同时可以reboot now服务器,测试下mysql自启动。
4.下载并安装git。以下已经满足基本安装,如果看详细步骤,请移步:https://blog.csdn.net/qq_31708763/article/details/103007119
下载的是2.25.1版本:https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.25.1.tar.gz
依赖:
yum install -y asciidoc docbook2X xmlto texinfo sgml2xml autoconf openjade curl-devel expat-devel gettext-devel openssl-devel zlib-devel gcc perl-ExtUtils-MakeMaker[root@VM_0_9_centos software]# tar -zxvf git-2.25.1.tar.gz
[root@VM_0_9_centos software]# cd git-2.25.1
[root@VM_0_9_centos git-2.25.1]# make configure
GIT_VERSION = 2.25.1
GEN configure
[root@VM_0_9_centos git-2.25.1]# ./configure --prefix=/usr/local/git
make && make install
添加环境变量:
vi /etc/profile
在最后一行加入
export PATH=$PATH:/usr/local/git/bin
让该配置文件立即生效
source /etc/profile然后,git --version试试安装成功。
5.下载安装gogs。
二进制包下载地址:https://github.com/gogs/gogs/releases
不得不说,v1还没发布。
https://github.com/gogs/gogs/releases/download/v0.11.91/linux_amd64.tar.gz
https://cdn.gogs.io/0.11.91/gogs_0.11.91_linux_amd64.tar.gz
开个小差,难不成是计算机压缩率和计算大小不一致,在github看到24.5,下载的时候看到 25.7,在文件夹看到75??好吧,也许是gzip
解压:(此处建议看下面使用/home/git下,然后解压)
[root@VM_0_9_centos software]# cd /usr/software
[root@VM_0_9_centos software]# tar -xvf gogs_0.11.91_linux_amd64.tar
[root@VM_0_9_centos software]# mv gogs /usr/local/
[root@VM_0_9_centos software]# cd /usr/local/gogs/
[root@VM_0_9_centos gogs]# 创建gogs,mysql用户密码,专门用于gogs本地访问:
mysql -u root -p
CREATE USER 'gogs'@'localhost' IDENTIFIED BY 'CNMpgz123!';
GRANT ALL PRIVILEGES ON *.* TO 'gogs'@'localhost'WITH GRANT OPTION;
FLUSH PRIVILEGES;
# 高版本建库或者导入gogs.mysql.sql都会报错,建议手动建
#SET GLOBAL innodb_file_per_table = ON,innodb_file_format = Barracuda,innodb_large_prefix = ON;
# DROP DATABASE IF EXISTS gogs;
# CREATE DATABASE IF NOT EXISTS gogs CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;新建数据库,这里建议直接新建数据库,设置好编码格式utf8mb4,上面我们不是用navicate测试远程链接了吗,最好使用客户端进行直接新建数据库gogs,
如果采用导入gogs-scripts-mysql.sql自带数据库可能出现:Unknown system variable 'innodb_file_format'不知道是不是高版本问题,查了查确实没有这个环境变量属性。
新建git用户:如果使用git用户,把配置文件改过来。运行的时候su git
sudo useradd git
#sudo chmod -R 700 /usr/local/gogs
#sudo chown -R git:git /usr/local/gogs
#chmod a+x /usr/local/gogs/scripts/init/centos/gogs
#自定义仓库位置,后续配置文件配置用到,默认是/root/xxx
#mkdir -p /data/gogs/repositories
#chown -R git:git /data/gogs/
[可选]查看修改密码:
cat /etc/passwd | grep git
passwd git
这里使用/home/git/目录进行安装Gogs
su root 将gogs包移动到/home/git下
su git,进行解压gogs包
tar -xvf gogs_0.11.91_linux_amd64.tar
cd gogs
./gogs web
进入install界面进行配置
IP访问:(还是那句话,如果遇到端口啥的,如果不能访问可能是防火墙或者是安全组问题,这里我暂时没遇到)
http://yourip:3000 访问后,第一次直接跳转到ip:3000/install配置页面,进行配置就行。
要么在install页面设置管理员账号密码,要么ID=1,第一个创建的就是管理员
将gogs加入开机启动:
[可选]修改配置文件,配置文件中默认用户gi t和默认安装/home/git/gogs
[root@VM_0_9_centos init.d]# cd /usr/local/gogs/
[root@VM_0_9_centos gogs]# vi scripts/init/centos/gogs修改成自己的就行。 如果是本文默认git用户默认/home下的仓库是不用更改的
centOS6:su root
cp /home/git/gogs/scripts/init/centos/gogs /etc/rc.d/init.d/
chmod a+x /etc/rc.d/init.d/gogs
chkconfig gogs on
service gogs start #启动服务
service gogs stop #停止服务
service gogs restart #重启服务
## 另一种临时启动可以进入安装目录~/gogs,执行:
./gogs web 不过这是关闭窗口就随之关闭加入自启动后,请多次尝试start和stop然后浏览器测试访问,如果包报错:请查看go g s.log
Fail to test 'git' command: exec: "git": executable file not found in $PATH (forgotten install?
参考:https://segmentfault.com/a/1190000015052314?utm_source=channel-hottest
测试完毕后,请不要高兴,继续测试,reboot now,然后在网页多次测试创建、提交、合并、SSH等等。
6.[可选]给IP一个域名,无论是云服务器还是虚拟机,记IP肯定麻烦。
云服务器/内网、虚拟机等映射免费域名详细见:
https://blog.csdn.net/qq_31708763/article/details/102992091
https://blog.csdn.net/qq_31708763/article/details/86657626(可能涉及XX,已经变成私密访问会404)
备用:
或直接购买1¥域名(涉及备案、不在同一服务商转让、审批等约21天)。
此处直接解析域名:http://gogs.破该仔.top:3000
duang~,sourcetree不识别不解析汉字域名?
http://xn--6mqp22hddn.top:3000
同时可以修改配置文件域名等相关,影响的是如下图所示:
最后,由于配置了域名,完善下gogs-app.ini。(文末贴)配置文件参数具体含义貌似以前官方有写,可以自行搜索或者看gogs-github上的英文注释。或参见备用网文地址:https://www.yuque.com/docs/share/ffcdd0ab-f60f-4fb5-920b-eb5219f4d63a?#
默认gogs配置app.ini:
APP_NAME = XXXXX
RUN_USER = git
RUN_MODE = prod
[database]
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = gogs
USER = gogs
PASSWD = CNMpgz123!
SSL_MODE = disable
PATH = data/gogs.db
[repository]
ROOT = /home/git/gogs-repositories
[server]
DOMAIN = localhost
HTTP_PORT = 3000
ROOT_URL = http://localhost:3000/
DISABLE_SSH = false
SSH_PORT = 22
START_SSH_SERVER = false
OFFLINE_MODE = false
[mailer]
ENABLED = false
[service]
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
DISABLE_REGISTRATION = false
ENABLE_CAPTCHA = true
REQUIRE_SIGNIN_VIEW = false
[picture]
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = false
[session]
PROVIDER = file
[log]
MODE = file
LEVEL = Info
ROOT_PATH = /home/git/gogs/log
[security]
INSTALL_LOCK = true
SECRET_KEY = 87X3FjXEaFFTUIy修改:
# 应用名称,可以改为你组织或者公司名称
APP_NAME = GOGS - XXXX平台
# 运行用户
RUN_USER = git
RUN_MODE = prod
[database]
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = gogs
USER = gogs
PASSWD = CNMpgz123!
SSL_MODE = disable
PATH = data/gogs.db
[admin]
# 禁用普通用户创建组织
DISABLE_REGULAR_ORG_CREATION = false
[repository]
ROOT = /home/git/gogs-repositories
# 全局默认的每个用户可创建创建仓库上限,-1 表示无限制
MAX_CREATION_LIMIT = -1
ENABLE_LOCAL_PATH_MIGRATION = true
# 强制所有仓库私有
FORCE_PRIVATE = false
# 禁用http,只能通过ssh协议操作
DISABLE_HTTP_GIT = false
[server]
DOMAIN = gogs.破该仔.top
HTTP_PORT = 3000
# 公开完整路径
ROOT_URL = http://gogs.破该仔.top:3000/
DISABLE_SSH = false
SSH_PORT = 22
START_SSH_SERVER = false
# 激活该选项来禁止从 CDN 获取静态资源,同时 Gravatar 服务也将被自动禁用
OFFLINE_MODE = false
ENABLE_GZIP = true
[mailer]
ENABLED = false
[service]
# 注册必须邮箱验证
REGISTER_EMAIL_CONFIRM = false
# 发送邮件通知
ENABLE_NOTIFY_MAIL = false
# 禁止用户注册,只能管理员创建
DISABLE_REGISTRATION = false
# 注册时输入验证码
ENABLE_CAPTCHA = true
# 必须登录才能浏览
REQUIRE_SIGNIN_VIEW = false
[picture]
# 使用本地头像
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = false
[session]
PROVIDER = file
[log]
MODE = file
LEVEL = Info
ROOT_PATH = /home/git/gogs/log
[security]
INSTALL_LOCK = true
SECRET_KEY = 87X3FjXEaFFTUIy
# 记录登录天数
LOGIN_REMEMBER_DAYS = true
COOKIE_USERNAME = true
COOKIE_REMEMBER_NAME = true
REVERSE_PROXY_AUTHENTICATION_USER = true
[webhook]
TYPES = gogs
DELIVER_TIMEOUT = 300
SKIP_TLS_VERIFY = true
PAGING_NUM = true
[cron]
ENABLED = true--------------------以上算完成了,在以上没有问题,再进行其他完善,比如下方----------------
7.[可选]配置nginx。
详见:
https://blog.csdn.net/qq_31708763/article/details/103464312
SSL配置详见:https://blog.csdn.net/qq_31708763/article/details/103672090 只是在导出的时候选择nginx,并且不要设置密码。
配置ngix后又设置了ssl证书,nginx配置文件需要修改下,gogs配置文件修改下:
nginx:
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 443 ssl;
server_name 破该仔.top;
ssl_certificate /usr/local/nginx/cert/xn--6mqp22hddn.top_chain.crt;
ssl_certificate_key /usr/local/nginx/cert/xn--6mqp22hddn.top_key.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass https://127.0.0.1:3000;
}
}
server {
listen 80;
server_name 破该仔.top;
#charset koi8-r;
#access_log logs/host.access.log main;
# location / {
# proxy_pass http://127.0.0.1:3000;
# }
# 强制跳转https
rewrite ^(.*) https://$server_name$1 permanent;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}gogs:
# 应用名称,可以改为你组织或者公司名称
APP_NAME = Git
# 运行用户
RUN_USER = git
RUN_MODE = prod
[database]
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = gogs
USER = gogs
PASSWD = CNMpgz123!
SSL_MODE = disable
PATH = data/gogs.db
[admin]
# 禁用普通用户创建组织
DISABLE_REGULAR_ORG_CREATION = false
[repository]
ROOT = /home/git/gogs-repositories
# 全局默认的每个用户可创建创建仓库上限,-1 表示无限制
MAX_CREATION_LIMIT = -1
ENABLE_LOCAL_PATH_MIGRATION = true
# 强制所有仓库私有
FORCE_PRIVATE = false
# 禁用http,只能通过ssh协议操作
DISABLE_HTTP_GIT = false
[server]
PROTOCOL=https
DOMAIN = xn--6mqp22hddn.top
HTTP_PORT = 3000
# 公开完整路径
ROOT_URL = https://xn--6mqp22hddn.top/
DISABLE_SSH = false
SSH_PORT = 22
START_SSH_SERVER = false
# 激活该选项来禁止从 CDN 获取静态资源,同时 Gravatar 服务也将被自动禁用
OFFLINE_MODE = false
ENABLE_GZIP = true
LANDING_PAGE=false
CERT_FILE=/usr/local/nginx/cert/xn--6mqp22hddn.top_chain.crt
KEY_FILE=/usr/local/nginx/cert/xn--6mqp22hddn.top_key.key
[mailer]
ENABLED = false
[service]
# 注册必须邮箱验证
REGISTER_EMAIL_CONFIRM = false
# 发送邮件通知
ENABLE_NOTIFY_MAIL = false
# 禁止用户注册,只能管理员创建
DISABLE_REGISTRATION = false
# 注册时输入验证码
ENABLE_CAPTCHA = false
# 必须登录才能浏览
REQUIRE_SIGNIN_VIEW = true
[picture]
# 使用本地头像
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = false
[session]
PROVIDER = file
[log]
MODE = file
LEVEL = Info
ROOT_PATH = /home/git/gogs/log
[security]
INSTALL_LOCK = true
SECRET_KEY = 87X3FjXEaFFTUIy
# 记录登录天数
LOGIN_REMEMBER_DAYS = true
COOKIE_USERNAME = true
COOKIE_REMEMBER_NAME = true
REVERSE_PROXY_AUTHENTICATION_USER = true
[webhook]
TYPES = gogs
DELIVER_TIMEOUT = 300
SKIP_TLS_VERIFY = true
PAGING_NUM = true
[cron]
ENABLED = truegogs主要更改了地址、协议,加了https,增加了ssl证书位置。这里注意ssl证书最好不要设置密码,否则gogs和nginx启动需要输入。nginx配置主要监听443和强制https。
最后再访问测试:https://xn--6mqp22hddn.top/
额外:
详细Java web开发环境参考:https://blog.csdn.net/qq_31708763/article/details/86366445