Gitea
Set up database
- Create database user called
giteaincl. password - Create database called
giteain Postgres - Define new user as owner of the database
- Store database credentials in 1Password
Set up non-root user for container
We are providing a non-root user to the container to limit the attack surface for privilege escalations. In order for this to work in our setup, please make sure to check if you have a user called gitea-user & group called gitea-group set up.
- Check if user
gitea-user& groupgitea-groupexist and if the UID/GID is 1003
cat /etc/passwd | grep gitea-user
cat /etc/group | grep gitea-group
In case user/group exists but the UID/GID is not 1003, please adjust it via
sudo usermod -u 1003 gitea-user
sudo groupmod -g 1003 gitea-group
In case user/group doesn't exist at all, please create the user & group incl. the right UID/GID by running
sudo groupadd -g 1003 gitea-group
sudo useradd -g gitea-group -u 1003 gitea-user