The Migration Odyssey: Self-Hosted Gittea and the Virtual Realm

A Physical Foundation, You Must Lay

To begin this journey, a strong foundation in the physical realm we must lay, hmmm. Chosen path, AlmaLinux 9 is, robust and reliable Linux distribution it is. Follow these steps, you must, to install it on your physical machine:

  1. Download AlmaLinux 9: The journey starts by obtaining the AlmaLinux 9 installation ISO from AlmaLinux’s website.

  2. Create a Bootable USB Drive: Craft a bootable USB using tools like Rufus (for Windows) or Etcher (for Linux and macOS) to hold the ISO, you must.

  3. Boot from USB: Insert the bootable USB and navigate to your system’s BIOS or UEFI settings to make it your launchpad.

  4. Install AlmaLinux 9: The path unfolds as you follow on-screen instructions: select your tongue, set the time, configure your keys, and partition your disk wisely to allocate space for the host system and future virtual endeavors, you must.

  5. User Accounts: During installation, forge at least one user with root privileges, your portal to manage the physical and virtual.

  6. Completion of Installation: Remove the bootable USB, reboot, and behold your AlmaLinux 9 host.

A Virtual Voyage with Portainer

With the host prepared, we embark on the virtual journey, where Portainer, a Docker management tool, awaits:

  1. Install libvirt: Install the foundation of virtualization on your AlmaLinux 9 host with this command:

    sudo dnf install libvirt

  2. Start and Enable libvirtd: Bring to life the libvirtd service and set it to awaken upon every system dawn:

    sudo systemctl start libvirtd
sudo systemctl enable libvirtd

  3. Install virt-manager (optional): For a smoother path, obtain virt-manager:

    sudo dnf install virt-manager

  4. Create a Virtual Machine: Forge a virtual vessel with virt-install or virt-manager. An example with virt-install:

    virt-install \
  --name my-vm \
  --memory 2048 \
  --vcpus 2 \
  --disk size=20 \
  --os-variant=almalinux8 \
  --location=/path/to/AlmaLinux-9-ISO-file.iso \
  --network bridge=br0 \
  --graphics none \
  --console pty,target_type=serial \
  --extra-args "console=ttyS0"

  5. Access the Virtual Machine: Connect to your creation through virt-manager or the virsh command:

    virsh console my-vm

  6. Portainer Installation: Now, aboard your virtual ship, install Docker:

    sudo dnf install -y docker
sudo systemctl start docker
sudo systemctl enable docker

  7. Portainer’s Arrival: Bring Portainer on board by pulling its image and creating a container:

    sudo docker pull portainer/portainer-ce
sudo docker run -d -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce

    • Access Portainer through a web browser at http://your-vm-ip:9000.

    • Create an admin user during setup.

Gittea and PostgreSQL in a Secure VLAN

In this secure digital realm, Gittea and PostgreSQL reside within a VLAN, guarded by Opnsense:

  1. VLAN Guardians: VLANs, cosmic boundaries, divide and protect. VLAN 666 stands sentinel, securing Gittea within, safe from threats.

  2. Opnsense Sentinel: Opnsense, the guardian at the gateway, defends like a Jedi sentinel with its firewall. It permits only the chosen into Gittea’s realm.

  3. Docker-compose Harmony: Docker-compose orchestrates Gittea and PostgreSQL within containers, a fleet of starships in formation, ensuring seamless operation.

version: "3"

networks:
  gitea:
    external: false

services:
  server:
    image: gitea/gitea:nightly
    container_name: gitea
    environment:
      - USER_UID=1001
      - USER_GID=1001
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=db:5432
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=gitea
      - GITEA__database__PASSWD=gitea
    restart: always
    networks:
      - gitea

    volumes:
      - /kontajnery/gittea/data/:/data
      - /home/git/.ssh/:/data/git/.ssh
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "10.1.60.101:3001:3000"
      - "10.1.60.101:2222:22/tcp"
    depends_on:
      - db
      
  runner:
    restart: always
    image: gitea/act_runner:nightly
#    environment:
#      - GITEA_INSTANCE_URL=
#      - GITEA_RUNNER_REGISTRATION_TOKEN=
    volumes:
      - /kontajnery/gittea/runners/0.:/data
      - /var/run/docker.sock:/var/run/docker.sock
    networks:
      - gitea

    depends_on:
      - server
      
  runner1:
    restart: always
    image: gitea/act_runner:nightly
#    environment:
#      - GITEA_INSTANCE_URL=
#      - GITEA_RUNNER_REGISTRATION_TOKEN=
    volumes:
      - /kontajnery/gittea/runners/1.:/data
      - /var/run/docker.sock:/var/run/docker.sock
    networks:
      - gitea

    depends_on:
      - server
      - runner
  db:
    image: postgres:14
    restart: always
    environment:
      - POSTGRES_USER=gitea
      - POSTGRES_PASSWORD=gitea
      - POSTGRES_DB=gitea
    networks:
      - gitea

    volumes:
      - /kontajnery/gittea/postgres:/var/lib/postgresql/data

This harmonious blend of VLANs, Opnsense, and Docker-compose secures and empowers your self-hosted Gittea. Your digital voyage is marked by this journey, where the Force is your guide. May your digital realm flourish, yes, hmmm.

This completes your journey, from laying the physical foundation with AlmaLinux 9, to the virtual voyage with Portainer, and finally, securing Gittea and PostgreSQL within a VLAN. May the wisdom of the Force guide your path, and may your digital endeavors thrive, yes, hmmm.


---

This completes your journey, from laying the physical foundation with AlmaLinux 9, to the virtual voyage with Portainer, and finally, securing Gittea and PostgreSQL within a VLAN. May the wisdom of the Force guide your path, and may your digital endeavors thrive, yes, hmmm.