Gogs

访问

• 打开浏览器并访问： https://<SERVER_IP>
• A browser SSL warning is expected (self-signed certificate)
• Register a new account
• The first registered account becomes Administrator

Disable Self-Registration (Optional)

By default, user self-registration is enabled.

1. Edit the configuration file: /etc/gogs/conf/app.ini

2. Under the [auth] section, change: DISABLE_REGISTRATION = false 至 DISABLE_REGISTRATION = true

3. Restart Gogs:

systemctl restart gogs

重要文件与目录

• 安装目录： /opt/gogs
• 配置文件： /etc/gogs/conf/app.ini
• Application data: /var/lib/gogs
• Repositories: /var/lib/gogs/repositories
• 日志： /var/log/gogs
• Systemd service: /etc/systemd/system/gogs.service
• Nginx config: /etc/nginx/sites-available/gogs.conf
• TLS certificates: /etc/nginx/ssl/

Git Usage

HTTPS (self-signed cert):

GIT_SSL_NO_VERIFY=true git clone https://<SERVER_IP>/<USERNAME>/<REPOSITORY>.git

SSH (Built-in server):

git clone ssh://git@<SERVER_IP>:2222/<USERNAME>/<REPOSITORY>.git

服务管理

Gogs:

systemctl status gogs
systemctl restart gogs

Nginx：

systemctl status nginx
systemctl restart nginx

PostgreSQL:

systemctl status postgresql
systemctl restart postgresql

注释

• The main configuration file is located at /etc/gogs/conf/app.ini. After modifying the configuration file, restart the service using systemctl restart gogs.
• The Nginx upload limit is defined in /etc/nginx/sites-available/gogs.conf using client_max_body_size. Increase it for large repositories and restart Nginx.
• For large deployments, you may uncomment LimitMEMLOCK=infinity 以及 LimitNOFILE=65535 在 /etc/systemd/system/gogs.service, then run systemctl daemon-reload and restart Gogs.
• Database credentials are defined in /etc/gogs/conf/app.ini.
• For production use, it is recommended to replace the self-signed certificate with a valid Let’s Encrypt certificate.
• If using a self-signed certificate, HTTPS cloning requires GIT_SSL_NO_VERIFY=true.

为域名启用SSL

1. 将您的域名指向服务器IP地址。

2. Update Gogs configuration (/etc/gogs/conf/app.ini):

EXTERNAL_URL = https://yourdomain.com/
DOMAIN = yourdomain.com
SSH_DOMAIN = yourdomain.com

3. Restart Gogs service to apply changes:

systemctl restart gogs

3. Edit Nginx config and replace both server_name <IP>; 使用您的域名 (<your-domain>) 同时适用于 HTTP（端口 80）和 HTTPS（端口 443）的封堵：

vim /etc/nginx/sites-available/gogs.conf

4. Install Certbot:

apt install -y certbot python3-certbot-nginx

5. Run the following command to generate a valid Let’s Encrypt certificate:

certbot certonly --nginx --non-interactive --agree-tos --email [email protected] -d yourdomain.com

6. Replace SSL paths in Nginx config:

vim /etc/nginx/sites-available/gogs.conf
# Before:
    # ssl_certificate /etc/nginx/ssl/gogs.crt;
    # ssl_certificate_key /etc/nginx/ssl/gogs.key;
# After:
    # ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
    # ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;

7. Restart Nginx to apply the changes:

systemctl restart nginx

8. 打开浏览器，访问： https://yourdomain.com