fix gitea ssh key change on every reboot

active/podman_gitea/compose/compose.yaml

@@ -1,8 +1,6 @@
-version: "3"
-
 services:
   gitea:
-    image: docker.gitea.com/gitea:1.24
+    image: docker.gitea.com/gitea:1.24-rootless
     container_name: gitea
     environment:
       - GITEA__database__DB_TYPE=postgres
@@ -10,11 +8,14 @@ services:
       - GITEA__database__NAME=gitea
       - GITEA__database__USER=gitea
       - GITEA__database__PASSWD=gitea
+    security_opt:
+      - "label=disable"
     restart: always
     networks:
       - gitea
     volumes:
       - /home/gitea/gitea_data:/data:Z
+      - /home/gitea/gitea_etc:/etc/gitea:Z
       - /etc/localtime:/etc/localtime:ro
     ports:
       - "3000:3000"
@@ -27,6 +28,8 @@ services:
   postgres:
     image: docker.io/library/postgres:15
     container_name: postgres
+    security_opt:
+      - "label=disable"
     restart: always
     environment:
       - POSTGRES_USER=gitea

active/podman_gitea/gitea.md

@@ -7,7 +7,7 @@
     - [Convert Compose to Quadlet](#convert-compose-to-quadlet)
     - [Install Quadlets](#install-quadlets)
     - [Upgrade Quadlets](#upgrade-quadlets)
-    - [Editing Configs within Container](#editing-configs-within-container)
+    - [Editing Gitea Config](#editing-gitea-config)
   - [Gitea Runners](#gitea-runners)
     - [Firewall Rules](#firewall-rules)
     - [Install](#install)
@@ -19,13 +19,25 @@
 ### A note on directories
 
 ```bash
-RunMode: prod
-AppPath: /usr/local/bin/gitea
-WorkPath: /data/gitea
-CustomPath: /data/gitea
-ConfigFile: /data/gitea/conf/app.ini
+2025/07/30 16:49:12 cmd/web.go:116:showWebStartupMessage() [I] * AppPath: /usr/local/bin/gitea
+2025/07/30 16:49:12 cmd/web.go:117:showWebStartupMessage() [I] * WorkPath: /var/lib/gitea
+2025/07/30 16:49:12 cmd/web.go:118:showWebStartupMessage() [I] * CustomPath: /var/lib/gitea/custom
+2025/07/30 16:49:12 cmd/web.go:119:showWebStartupMessage() [I] * ConfigFile: /etc/gitea/app.ini
 
-Data: /data/gitea/data/
+2025/07/30 16:49:12 modules/storage/storage.go:176:initAttachments() [I] Initialising Attachment storage with type: local
+2025/07/30 16:49:12 modules/storage/local.go:33:NewLocalStorage() [I] Creating new Local Storage at /var/lib/gitea/data/attachments
+2025/07/30 16:49:12 modules/storage/storage.go:166:initAvatars() [I] Initialising Avatar storage with type: local
+2025/07/30 16:49:12 modules/storage/local.go:33:NewLocalStorage() [I] Creating new Local Storage at /var/lib/gitea/data/avatars
+2025/07/30 16:49:12 modules/storage/storage.go:192:initRepoAvatars() [I] Initialising Repository Avatar storage with type: local
+2025/07/30 16:49:12 modules/storage/local.go:33:NewLocalStorage() [I] Creating new Local Storage at /var/lib/gitea/data/repo-avatars
+2025/07/30 16:49:12 modules/storage/storage.go:198:initRepoArchives() [I] Initialising Repository Archive storage with type: local
+2025/07/30 16:49:12 modules/storage/local.go:33:NewLocalStorage() [I] Creating new Local Storage at /var/lib/gitea/data/repo-archive
+2025/07/30 16:49:12 modules/storage/storage.go:208:initPackages() [I] Initialising Packages storage with type: local
+2025/07/30 16:49:12 modules/storage/local.go:33:NewLocalStorage() [I] Creating new Local Storage at /var/lib/gitea/data/packages
+2025/07/30 16:49:12 modules/storage/storage.go:219:initActions() [I] Initialising Actions storage with type: local
+2025/07/30 16:49:12 modules/storage/local.go:33:NewLocalStorage() [I] Creating new Local Storage at /var/lib/gitea/data/actions_log
+2025/07/30 16:49:12 modules/storage/storage.go:223:initActions() [I] Initialising ActionsArtifacts storage with type: local
+2025/07/30 16:49:12 modules/storage/local.go:33:NewLocalStorage() [I] Creating new Local Storage at /var/lib/gitea/data/actions_artifacts
 ```
 
 ### Create the gitea user
@@ -74,7 +86,19 @@ scp -r $(pwd)/active/podman_gitea/quadlets/. gitea:~/.config/containers/systemd/
 
 ### Install Quadlets
 
-The first user you register will be the admin
+First, set up the volumes needed by the container.
+
+```bash
+# Enter the container namespace
+podman unshare
+
+# Create the volumes
+mkdir gitea_data
+mkdir gitea_etc
+exit
+```
+
+Now launch the service. The first user you register will be the admin.
 
 ```bash
 ssh gitea systemctl --user daemon-reload
@@ -91,10 +115,11 @@ ssh gitea systemctl --user daemon-reload
 ssh gitea systemctl --user restart gitea postgres
 ```
 
-### Editing Configs within Container
+### Editing Gitea Config
 
 ```bash
-apk add vim
+# Use podman unshare to work within the container's namespace
+podman unshare vim ~/gitea_data/gitea/conf/app.ini
 ```
 
 ## Gitea Runners

active/podman_gitea/quadlets/gitea.container

@@ -4,11 +4,14 @@ Requires=postgres.service
 [Container]
 AutoUpdate=registry
 ContainerName=gitea
-Image=docker.gitea.com/gitea:1.24
+Environment=GITEA__database__DB_TYPE=postgres GITEA__database__HOST=postgres:5432 GITEA__database__NAME=gitea GITEA__database__USER=gitea GITEA__database__PASSWD=gitea
+Image=docker.gitea.com/gitea:1.24-rootless
 Network=gitea.network
 PublishPort=3000:3000
 PublishPort=2222:2222
+SecurityLabelDisable=true
 Volume=/home/gitea/gitea_data:/data:Z
+Volume=/home/gitea/gitea_etc:/etc/gitea:Z
 Volume=/etc/localtime:/etc/localtime:ro
 
 [Service]

active/podman_gitea/quadlets/postgres.container

@@ -4,6 +4,7 @@ ContainerName=postgres
 Environment=POSTGRES_USER=gitea POSTGRES_PASSWORD=gitea POSTGRES_DB=gitea
 Image=docker.io/library/postgres:15
 Network=gitea.network
+SecurityLabelDisable=true
 Volume=/home/gitea/gitea_postgres:/var/lib/postgresql/data:Z
 
 [Service]