last update before shutdown on old server

2025-11-15 23:22:20 +01:00
3 changed files with 28 additions and 24 deletions
--- a/homelab/applications/gitea/README.md
+++ b/homelab/applications/gitea/README.md
@ -1,28 +1,38 @@
 # Gitea
-## Set up database
+## Prerequisites
- Create database user called `gitea` incl. password
+### Set up database
 - Create database called `gitea` in Postgres
 - Define new user as owner of the database
 - Store database credentials in 1Password
-## Set up non-root user for container
+### Set up non-root user for container
-We are providing a non-root user to the container to limit the attack surface for privilege escalations. In order for this to work in our setup, please make sure to check if you have a user called `gitea-user` & group called `gitea-group` set up. 
+We are providing a non-root user to the container to limit the attack surface for privilege escalations. In order for this to work in our setup, please make sure to check if you have a user called `gitea` set up
-1. Check if user `gitea-user` & group `gitea-group` exist and if the UID/GID is 1003
+1. Check if user `gitea`
 ```
-cat /etc/passwd | grep gitea-user
+cat /etc/passwd | grep gitea
 cat /etc/group | grep gitea-group
 ```
-In case user/group exists but the UID/GID is not 1003, please adjust it via 
+In case user doesn't exist, please create the user by running
 ```
-sudo usermod -u 1003 gitea-user
+sudo useradd gitea
 sudo groupmod -g 1003 gitea-group
 ```
-In case user/group doesn't exist at all, please create the user & group incl. the right UID/GID by running
+2. `data` & `config` folder ownership
 Also you need to make sure that the `gitea` owner owns the volumes mounted for docker
 ```
-sudo groupadd -g 1003 gitea-group
+sudo chown -R gitea:gitea data
-sudo useradd -g gitea-group -u 1003 gitea-user
+sudo chmod 770 data
-```
+
 sudo chown -R gitea:gitea config
 sudo chmod 770 config
 ```
 3. Adjust compose.yml
 Within `services > gitea > user`, make sure to replace `gitea` with the UID of the user on your machine
 ```
 cat /etc/passwd | grep gitea
 ```
 ## Initial setup
 1. `docker compose up -d`
 2. Open IP:8030 and continue set up
--- a/homelab/applications/gitea/compose.yml
+++ b/homelab/applications/gitea/compose.yml
@ -2,15 +2,9 @@ services:
  gitea:
    image: docker.gitea.com/gitea:1-rootless
    container_name: gitea
-    user: "1003:1003"
+    user: "gitea"
    environment:
      USER_UID: "1003"
      USER_GID: "1003"
      DISABLE_REGISTRATION: true
      GITEA__database__DB_TYPE: postgres
      GITEA__database__HOST: postgres:5432
      GITEA__database__NAME: gitea
      GITEA__database__USER: gitea
    restart: always
    volumes: ['./data:/var/lib/gitea', './config:/etc/gitea']
    ports: ['8030:3000', '2222:2222']
--- a/homelab/applications/postgres/README.md
+++ b/homelab/applications/postgres/README.md
@ -19,7 +19,7 @@ sudo chmod 770 data
 ```
 3. Adjust compose.yml
-Within `services > postgres > user`, make sure to replare `postgres` with the UID of the user on your machine
+Within `services > postgres > user`, make sure to replace `postgres` with the UID of the user on your machine
 ```
 cat /etc/passwd | grep postgres
 ```