前情提示:
騰訊雲centOS6.9 64位 1核1G1M;
gogs0.11.91;
mysql社區版centos6 64位8.0.19bundle;
git2.25.1;
文章更新說明:
1.將root改爲git用戶;(2020-03-13)
2.優化mysql安裝步驟,修復拼寫錯誤,優化git全局變量配置,優化gogs目錄權限使用git用戶(強烈建議);(2020-03-14)
3.提示:域名中不要有中文、不要有中文、無論是後綴還是中間,在適當的時候你會發現,無論是git還是微信開發配置業務域名,中文域名不支持,轉碼後的域名又提示未備案,走進S衚衕,只能重新申請英文域名。(2020-03-15)
4.改用英文域名:https://www.nogit.top,關閉註冊體驗通道,想要體驗的,評論下方留言;(2020-03-29)
5.更新無憂簡潔版文檔,適合線上正式使用。https://janeyork.blog.csdn.net/article/details/106175941(2020-05-15)
注意:
1.注意看自己的版本和文件夾名稱,不要複製錯了,建議手敲寫命令,順便熟悉下;
1.簡單介紹下,Gogs優缺點:
優點:輕量、快、免費、開源。
不足:較GitHub、gitlab功能少,其他暫不清楚,可以自行搜索。
2.進入官網,進行安裝(2020-03-12摘自官網)。https://gogs.io/docs/installation
- 數據庫(選擇以下一項):
- MySQL:版本 >= 5.7
- PostgreSQL
- TiDB(實驗性支持,使用 MySQL 協議連接)
- 或者 什麼都不安裝 直接使用 SQLite3
- git(bash):
- 服務端和客戶端均需版本 >= 1.8.3
- Windows 系統建議使用最新版
- SSH 服務器:
- 如果您只使用 HTTP/HTTPS 的話請忽略此項
- 如果您選擇在 Windows 系統使用內置 SSH 服務器,請確保添加
ssh-keygen到您的%PATH%環境變量中 - 推薦 Windows 系統使用 Cygwin OpenSSH 或 Copssh
- Windows 系統 請確保 Bash 是默認的 Shell 程序,而不是 PowerShell
3.安裝mysql。後續其他環境也可能會用到mysql數據庫比如Javaweb等。
下載並上傳到服務器。https://dev.mysql.com/downloads/mysql/
選擇合適的版本:Linux6、bundle
https://cdn.mysql.com//Downloads/MySQL-8.0/mysql-8.0.19-1.el6.x86_64.rpm-bundle.tar
將tar文件上傳到服務器,然後進行安裝。
[root@VM_0_9_centos software]# cd /usr/software
[root@VM_0_9_centos software]# tar -xvf mysql-8.0.19-1.el6.x86_64.rpm-bundle.tar
mysql-community-libs-8.0.19-1.el6.x86_64.rpm
mysql-community-devel-8.0.19-1.el6.x86_64.rpm
mysql-community-libs-compat-8.0.19-1.el6.x86_64.rpm
mysql-community-common-8.0.19-1.el6.x86_64.rpm
mysql-community-server-8.0.19-1.el6.x86_64.rpm
mysql-community-test-8.0.19-1.el6.x86_64.rpm
mysql-community-client-8.0.19-1.el6.x86_64.rpm
[root@VM_0_9_centos software]#
檢查是否安裝了mysql,如果有進行卸載:
rpm -qa|grep mysql
yum list installed mysql*
# 卸載
yum remove mysql mysql-xxxx mysql-server mysql-libs compat-mysql51
rm -rf /var/lib/mysql
##可能cannot remove ‘/etc/my.cnf’: No such file or directory
rm /etc/my.cnf
卸載完成後,請再次rpm -qa|grep mysql檢查下,如果還有,請移步:https://blog.csdn.net/qq_31708763/article/details/86485398
安裝:
rpm -ivh mysql-community-common-8.0.19-1.el6.x86_64.rpm --nodeps --force
rpm -ivh mysql-community-libs-8.0.19-1.el6.x86_64.rpm --nodeps --force
rpm -ivh mysql-community-client-8.0.19-1.el6.x86_64.rpm --nodeps --force
rpm -ivh mysql-community-server-8.0.19-1.el6.x86_64.rpm --nodeps --force
高版本貌似不允許設置忽略大小寫,除非在初始化之前指定。一但初始化完成就無法更改,除非丟棄數據。
當前爲root,以下可不執行,直接start服務自動先init,同時在/var/lib/mysql/生成數據庫文件
# mysqld --initialize
# chown mysql:mysql /var/lib/mysql -R
啓動:
centOS6:
service mysqld start
查看啓動狀態
service mysqld status
設置開機啓動
chkconfig mysqld on
centOS7:
systemctl start mysqld.service
systemctl enable mysqld
如果你像我一樣,啓動失敗MySQL Daemon failed to start,請查看錯誤日誌:
cat /var/log/mysqld.log
或者刪除數據庫(慎用,慎用,慎用),因爲是新裝的,未嘗不可,rm -fr /var/lib/mysql/*然後重新init下。
查看臨時生成的密碼:
cat /var/log/mysqld.log | grep password
使用初始密碼登錄:
mysql -u root -p
修改初始密碼:
# 高版本數據庫使用強密碼規則,密碼設置儘可能麻煩,大寫+小寫+數字+符號
ALTER USER 'root'@'localhost' IDENTIFIED BY 'CNMpgz123!';
退出,使用新密碼重新登錄:
exit;
如果忘記密碼,需要重置:
vim /etc/my.cnf #注:windows下修改的是my.ini
skip-grant-tables# 在[mysqld]後面任意一行添加skip-grant-tables用來跳過密碼驗證的過程;設置完密碼記得刪除
systemctl restart mysqld.service #重啓mysql ,就可以免密碼登陸了,然後進行修改密碼
授權遠程賬號remote可以從任何主機進行登錄:
如果報錯:ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IDENTIFIED BY 'IamPGZ123' WITH GRANT OPTION' at line 1
新版本mysql,把創建用戶和賦予權限分開了,
創建賬戶:
CREATE USER 'username'@'host' IDENTIFIED BY 'password';
username:創建的用戶名
host:用戶在哪個主機上可以登陸,如果是本地用戶可用localhost,如果想讓用戶可以從任意遠程主機登陸,可以使用通配符%
password:用戶的登陸密碼,密碼可以爲空,如果爲空則該用戶可以不需要密碼登陸服務器
賦予權限:
GRANT privileges ON databasename.tablename TO 'username'@'host' [修改權限後面加WITH GRANT OPTION];
privileges:用戶的操作權限,如SELECT,INSERT,UPDATE等,如果要授予所的權限則使用ALL
databasename:數據庫名
tablename:表名,如果要授予該用戶對所有數據庫和表的相應操作權限則可用*表示,如*.*
WITH GRANT OPTION 該用戶是否可授權
GRANT select,insert,update,delete,create,drop ON a.b TO 'user1'@'%';
GRANT ALL ON *.* TO 'user2'@'%';
查看授權信息
SHOW GRANTS FOR 'user3'@'localhost'
設置或更新密碼
SET PASSWORD FOR 'username'@'host' = PASSWORD('newpassword');
當前登陸用戶用
SET PASSWORD = PASSWORD("newpassword");
低版本mysql,比如5.6可以使用以下:
GRANT ALL PRIVILEGES ON *.* TO 'remote'@'%'IDENTIFIED BY 'IamPGZ123' WITH GRANT OPTION;
或者賦予root任何主機:
mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%'WITH GRANT OPTION;
mysql>FLUSH PRIVILEGES
或者指定某用戶某IP:
GRANT ALL PRIVILEGES ON *.* TO 'ten-user'@'192.168.1.1'IDENTIFIED BY 'heheda1Ii0O00L' WITH GRANT OPTION;
本文mysql8系列,採用:其實已經和root一樣了
CREATE USER 'remote'@'%' IDENTIFIED BY 'CNMpgz123!';
GRANT ALL PRIVILEGES ON *.* TO 'remote'@'%'WITH GRANT OPTION;
FLUSH PRIVILEGES;
授權root可以任何主機:可二選一,反正都是任何主機,任何權限。不過一般安全考慮指定主機或者本地才能執行某些特殊權限。
use mysql;
update user set host='%' where user='root';
設置完成後,退出mysql命令行,exit;
設置mysql開機自啓動:
centOS6:
##設置
chkconfig mysqld on
##查看
chkconfig --list | grep mysql
centOS7:
systemctl enable mysqld.service
systemctl start mysqld.service
現在還不能遠程訪問測試remote賬號,因爲一般都有防火牆限制。
配置防火牆:(虛擬機的話直接關閉、雲服務器的話有可能額外地去阿里/百度/西數等控制檯安全組開放對應端口)
centOS6:
##編輯防火牆配置文件
vi /etc/sysconfig/iptables
模仿其他的寫,添加需要放開的端口(注意放置位置),這裏把常用的一下子都加進來了:
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
##重啓防火牆
service iptables restart
或者直接關閉防火牆(不建議)
service iptables start //開啓防火牆
service iptables stop //關閉防火牆
service iptables restart //重啓防火牆
#永久性生效,重啓後不會復原(並不會即使生效,需要注意)
chkconfig iptables on #開啓防火牆
chkconfig iptables off #關閉防火牆,再次開機不會打開防火牆
使用rpm安裝mysql的位置說明:
1、數據庫目錄
/var/lib/mysql/
2、配置文件
/usr/share/mysql(mysql.server命令及配置文件)
3、相關命令
/usr/bin(mysqladmin mysqldump等命令)
4、啓動腳本
/etc/rc.d/init.d/(啓動腳本文件mysql的目錄)
附:mysql配置文件:simple version。後續優化,默認引擎其實就是innodb,可不設置。
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/8.0/en/server-configuration-defaults.html
[mysqld]
#
# Remove leading # and set to the amount of RAM for the most important data
# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%.
# innodb_buffer_pool_size = 128M
#
# Remove the leading "# " to disable binary logging
# Binary logging captures changes between backups and is enabled by
# default. It's default setting is log_bin=binlog
# disable_log_bin
#
# Remove leading # to set options mainly useful for reporting servers.
# The server defaults are faster for transactions and fast SELECTs.
# Adjust sizes as needed, experiment to find the optimal values.
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M
#
# Remove leading # to revert to previous value for default_authentication_plugin,
# this will increase compatibility with older clients. For background, see:
# https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_default_authentication_plugin
# default-authentication-plugin=mysql_native_password
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
default-storage-engine=INNODB
# navicate等客戶端
# default_authentication_plugin=mysql_native_password
# 5.6低版本和高版本語法寫法不一樣
sql_mode='STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION'
附:centOS6防火牆配置文件:默認有的註釋了,以下是解開註釋後的。
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3000 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
還好我的騰訊雲默認沒有綁定任何安全組,省的設置了,最後用naviccate用remote賬號測試鏈接即可。同時可以reboot now服務器,測試下mysql自啓動。
4.下載並安裝git。以下已經滿足基本安裝,如果看詳細步驟,請移步:https://blog.csdn.net/qq_31708763/article/details/103007119
下載的是2.25.1版本:https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.25.1.tar.gz
依賴:
yum install -y asciidoc docbook2X xmlto texinfo sgml2xml autoconf openjade curl-devel expat-devel gettext-devel openssl-devel zlib-devel gcc perl-ExtUtils-MakeMaker
[root@VM_0_9_centos software]# tar -zxvf git-2.25.1.tar.gz
[root@VM_0_9_centos software]# cd git-2.25.1
[root@VM_0_9_centos git-2.25.1]# make configure
GIT_VERSION = 2.25.1
GEN configure
[root@VM_0_9_centos git-2.25.1]# ./configure --prefix=/usr/local/git
make && make install
添加環境變量:
vi /etc/profile
在最後一行加入
export PATH=$PATH:/usr/local/git/bin
讓該配置文件立即生效
source /etc/profile
然後,git --version試試安裝成功。
5.下載安裝gogs。
二進制包下載地址:https://github.com/gogs/gogs/releases
不得不說,v1還沒發佈。
https://github.com/gogs/gogs/releases/download/v0.11.91/linux_amd64.tar.gz
https://cdn.gogs.io/0.11.91/gogs_0.11.91_linux_amd64.tar.gz
開個小差,難不成是計算機壓縮率和計算大小不一致,在github看到24.5,下載的時候看到 25.7,在文件夾看到75??好吧,也許是gzip
解壓:(此處建議看下面使用/home/git下,然後解壓)
[root@VM_0_9_centos software]# cd /usr/software
[root@VM_0_9_centos software]# tar -xvf gogs_0.11.91_linux_amd64.tar
[root@VM_0_9_centos software]# mv gogs /usr/local/
[root@VM_0_9_centos software]# cd /usr/local/gogs/
[root@VM_0_9_centos gogs]#
創建gogs,mysql用戶密碼,專門用於gogs本地訪問:
mysql -u root -p
CREATE USER 'gogs'@'localhost' IDENTIFIED BY 'CNMpgz123!';
GRANT ALL PRIVILEGES ON *.* TO 'gogs'@'localhost'WITH GRANT OPTION;
FLUSH PRIVILEGES;
# 高版本建庫或者導入gogs.mysql.sql都會報錯,建議手動建
#SET GLOBAL innodb_file_per_table = ON,innodb_file_format = Barracuda,innodb_large_prefix = ON;
# DROP DATABASE IF EXISTS gogs;
# CREATE DATABASE IF NOT EXISTS gogs CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
新建數據庫,這裏建議直接新建數據庫,設置好編碼格式utf8mb4,上面我們不是用navicate測試遠程鏈接了嗎,最好使用客戶端進行直接新建數據庫gogs,
如果採用導入gogs-scripts-mysql.sql自帶數據庫可能出現:Unknown system variable 'innodb_file_format'不知道是不是高版本問題,查了查確實沒有這個環境變量屬性。
新建git用戶:如果使用git用戶,把配置文件改過來。運行的時候su git
sudo useradd git
#sudo chmod -R 700 /usr/local/gogs
#sudo chown -R git:git /usr/local/gogs
#chmod a+x /usr/local/gogs/scripts/init/centos/gogs
#自定義倉庫位置,後續配置文件配置用到,默認是/root/xxx
#mkdir -p /data/gogs/repositories
#chown -R git:git /data/gogs/
[可選]查看修改密碼:
cat /etc/passwd | grep git
passwd git
這裏使用/home/git/目錄進行安裝Gogs
su root 將gogs包移動到/home/git下
su git,進行解壓gogs包
tar -xvf gogs_0.11.91_linux_amd64.tar
cd gogs
./gogs web
進入install界面進行配置
IP訪問:(還是那句話,如果遇到端口啥的,如果不能訪問可能是防火牆或者是安全組問題,這裏我暫時沒遇到)
http://yourip:3000 訪問後,第一次直接跳轉到ip:3000/install配置頁面,進行配置就行。
要麼在install頁面設置管理員賬號密碼,要麼ID=1,第一個創建的就是管理員
將gogs加入開機啓動:
[可選]修改配置文件,配置文件中默認用戶gi t和默認安裝/home/git/gogs
[root@VM_0_9_centos init.d]# cd /usr/local/gogs/
[root@VM_0_9_centos gogs]# vi scripts/init/centos/gogs
修改成自己的就行。 如果是本文默認git用戶默認/home下的倉庫是不用更改的
centOS6:su root
cp /home/git/gogs/scripts/init/centos/gogs /etc/rc.d/init.d/
chmod a+x /etc/rc.d/init.d/gogs
chkconfig gogs on
service gogs start #啓動服務
service gogs stop #停止服務
service gogs restart #重啓服務
## 另一種臨時啓動可以進入安裝目錄~/gogs,執行:
./gogs web 不過這是關閉窗口就隨之關閉
加入自啓動後,請多次嘗試start和stop然後瀏覽器測試訪問,如果包報錯:請查看go g s.log
Fail to test 'git' command: exec: "git": executable file not found in $PATH (forgotten install?
參考:https://segmentfault.com/a/1190000015052314?utm_source=channel-hottest
測試完畢後,請不要高興,繼續測試,reboot now,然後在網頁多次測試創建、提交、合併、SSH等等。
6.[可選]給IP一個域名,無論是雲服務器還是虛擬機,記IP肯定麻煩。
雲服務器/內網、虛擬機等映射免費域名詳細見:
https://blog.csdn.net/qq_31708763/article/details/102992091
https://blog.csdn.net/qq_31708763/article/details/86657626(可能涉及XX,已經變成私密訪問會404)
備用:
或直接購買1¥域名(涉及備案、不在同一服務商轉讓、審批等約21天)。
此處直接解析域名:http://gogs.破該仔.top:3000
duang~,sourcetree不識別不解析漢字域名?
http://xn--6mqp22hddn.top:3000
同時可以修改配置文件域名等相關,影響的是如下圖所示:
最後,由於配置了域名,完善下gogs-app.ini。(文末貼)配置文件參數具體含義貌似以前官方有寫,可以自行搜索或者看gogs-github上的英文註釋。或參見備用網文地址:https://www.yuque.com/docs/share/ffcdd0ab-f60f-4fb5-920b-eb5219f4d63a?#
默認gogs配置app.ini:
APP_NAME = XXXXX
RUN_USER = git
RUN_MODE = prod
[database]
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = gogs
USER = gogs
PASSWD = CNMpgz123!
SSL_MODE = disable
PATH = data/gogs.db
[repository]
ROOT = /home/git/gogs-repositories
[server]
DOMAIN = localhost
HTTP_PORT = 3000
ROOT_URL = http://localhost:3000/
DISABLE_SSH = false
SSH_PORT = 22
START_SSH_SERVER = false
OFFLINE_MODE = false
[mailer]
ENABLED = false
[service]
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
DISABLE_REGISTRATION = false
ENABLE_CAPTCHA = true
REQUIRE_SIGNIN_VIEW = false
[picture]
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = false
[session]
PROVIDER = file
[log]
MODE = file
LEVEL = Info
ROOT_PATH = /home/git/gogs/log
[security]
INSTALL_LOCK = true
SECRET_KEY = 87X3FjXEaFFTUIy
修改:
# 應用名稱,可以改爲你組織或者公司名稱
APP_NAME = GOGS - XXXX平臺
# 運行用戶
RUN_USER = git
RUN_MODE = prod
[database]
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = gogs
USER = gogs
PASSWD = CNMpgz123!
SSL_MODE = disable
PATH = data/gogs.db
[admin]
# 禁用普通用戶創建組織
DISABLE_REGULAR_ORG_CREATION = false
[repository]
ROOT = /home/git/gogs-repositories
# 全局默認的每個用戶可創建創建倉庫上限,-1 表示無限制
MAX_CREATION_LIMIT = -1
ENABLE_LOCAL_PATH_MIGRATION = true
# 強制所有倉庫私有
FORCE_PRIVATE = false
# 禁用http,只能通過ssh協議操作
DISABLE_HTTP_GIT = false
[server]
DOMAIN = gogs.破該仔.top
HTTP_PORT = 3000
# 公開完整路徑
ROOT_URL = http://gogs.破該仔.top:3000/
DISABLE_SSH = false
SSH_PORT = 22
START_SSH_SERVER = false
# 激活該選項來禁止從 CDN 獲取靜態資源,同時 Gravatar 服務也將被自動禁用
OFFLINE_MODE = false
ENABLE_GZIP = true
[mailer]
ENABLED = false
[service]
# 註冊必須郵箱驗證
REGISTER_EMAIL_CONFIRM = false
# 發送郵件通知
ENABLE_NOTIFY_MAIL = false
# 禁止用戶註冊,只能管理員創建
DISABLE_REGISTRATION = false
# 註冊時輸入驗證碼
ENABLE_CAPTCHA = true
# 必須登錄才能瀏覽
REQUIRE_SIGNIN_VIEW = false
[picture]
# 使用本地頭像
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = false
[session]
PROVIDER = file
[log]
MODE = file
LEVEL = Info
ROOT_PATH = /home/git/gogs/log
[security]
INSTALL_LOCK = true
SECRET_KEY = 87X3FjXEaFFTUIy
# 記錄登錄天數
LOGIN_REMEMBER_DAYS = true
COOKIE_USERNAME = true
COOKIE_REMEMBER_NAME = true
REVERSE_PROXY_AUTHENTICATION_USER = true
[webhook]
TYPES = gogs
DELIVER_TIMEOUT = 300
SKIP_TLS_VERIFY = true
PAGING_NUM = true
[cron]
ENABLED = true
--------------------以上算完成了,在以上沒有問題,再進行其他完善,比如下方----------------
7.[可選]配置nginx。
詳見:
https://blog.csdn.net/qq_31708763/article/details/103464312
SSL配置詳見:https://blog.csdn.net/qq_31708763/article/details/103672090 只是在導出的時候選擇nginx,並且不要設置密碼。
配置ngix後又設置了ssl證書,nginx配置文件需要修改下,gogs配置文件修改下:
nginx:
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 443 ssl;
server_name 破該仔.top;
ssl_certificate /usr/local/nginx/cert/xn--6mqp22hddn.top_chain.crt;
ssl_certificate_key /usr/local/nginx/cert/xn--6mqp22hddn.top_key.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass https://127.0.0.1:3000;
}
}
server {
listen 80;
server_name 破該仔.top;
#charset koi8-r;
#access_log logs/host.access.log main;
# location / {
# proxy_pass http://127.0.0.1:3000;
# }
# 強制跳轉https
rewrite ^(.*) https://$server_name$1 permanent;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
gogs:
# 應用名稱,可以改爲你組織或者公司名稱
APP_NAME = Git
# 運行用戶
RUN_USER = git
RUN_MODE = prod
[database]
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = gogs
USER = gogs
PASSWD = CNMpgz123!
SSL_MODE = disable
PATH = data/gogs.db
[admin]
# 禁用普通用戶創建組織
DISABLE_REGULAR_ORG_CREATION = false
[repository]
ROOT = /home/git/gogs-repositories
# 全局默認的每個用戶可創建創建倉庫上限,-1 表示無限制
MAX_CREATION_LIMIT = -1
ENABLE_LOCAL_PATH_MIGRATION = true
# 強制所有倉庫私有
FORCE_PRIVATE = false
# 禁用http,只能通過ssh協議操作
DISABLE_HTTP_GIT = false
[server]
PROTOCOL=https
DOMAIN = xn--6mqp22hddn.top
HTTP_PORT = 3000
# 公開完整路徑
ROOT_URL = https://xn--6mqp22hddn.top/
DISABLE_SSH = false
SSH_PORT = 22
START_SSH_SERVER = false
# 激活該選項來禁止從 CDN 獲取靜態資源,同時 Gravatar 服務也將被自動禁用
OFFLINE_MODE = false
ENABLE_GZIP = true
LANDING_PAGE=false
CERT_FILE=/usr/local/nginx/cert/xn--6mqp22hddn.top_chain.crt
KEY_FILE=/usr/local/nginx/cert/xn--6mqp22hddn.top_key.key
[mailer]
ENABLED = false
[service]
# 註冊必須郵箱驗證
REGISTER_EMAIL_CONFIRM = false
# 發送郵件通知
ENABLE_NOTIFY_MAIL = false
# 禁止用戶註冊,只能管理員創建
DISABLE_REGISTRATION = false
# 註冊時輸入驗證碼
ENABLE_CAPTCHA = false
# 必須登錄才能瀏覽
REQUIRE_SIGNIN_VIEW = true
[picture]
# 使用本地頭像
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = false
[session]
PROVIDER = file
[log]
MODE = file
LEVEL = Info
ROOT_PATH = /home/git/gogs/log
[security]
INSTALL_LOCK = true
SECRET_KEY = 87X3FjXEaFFTUIy
# 記錄登錄天數
LOGIN_REMEMBER_DAYS = true
COOKIE_USERNAME = true
COOKIE_REMEMBER_NAME = true
REVERSE_PROXY_AUTHENTICATION_USER = true
[webhook]
TYPES = gogs
DELIVER_TIMEOUT = 300
SKIP_TLS_VERIFY = true
PAGING_NUM = true
[cron]
ENABLED = true
gogs主要更改了地址、協議,加了https,增加了ssl證書位置。這裏注意ssl證書最好不要設置密碼,否則gogs和nginx啓動需要輸入。nginx配置主要監聽443和強制https。
最後再訪問測試:https://xn--6mqp22hddn.top/
額外:
詳細Java web開發環境參考:https://blog.csdn.net/qq_31708763/article/details/86366445