Quadlet Config Share: Gitea

This article is part of the “quadlet config snippets” series. It goes straight to the config and does not cover Quadlet basics. For an introduction, see Podman Tutorial.

Gitea

Gitea is a lightweight, self-hosted Git service written in Go. It supports OIDC/OAuth2 login, webhooks, and Actions-based CI/CD.

Configuration

Use a Pod to place Gitea and PostgreSQL in the same network namespace.

# gitea.pod
[Pod]
PublishPort=3000:3000
PublishPort=2222:22
UserNS=keep-id

[Install]
WantedBy=default.target

# gitea.container
[Unit]
Requires=gitea-db.service
After=gitea-db.service

[Container]
Image=docker.io/gitea/gitea:latest-rootless
Pod=gitea.pod
Volume=/path/to/data:/var/lib/gitea
Volume=/path/to/config:/etc/gitea
Volume=/etc/localtime:/etc/localtime:ro
Environment=GITEA__database__DB_TYPE=postgres GITEA__database__HOST=127.0.0.1:5432 GITEA__database__NAME=gitea GITEA__database__USER=gitea GITEA__database__PASSWD=gitea
AutoUpdate=registry

[Service]
Restart=always

[Install]
WantedBy=default.target

# gitea-db.container
[Container]
Image=docker.io/library/postgres:18
Pod=gitea.pod
Volume=/path/to/db:/var/lib/postgresql
Environment=POSTGRES_USER=gitea POSTGRES_PASSWORD=gitea POSTGRES_DB=gitea
AutoUpdate=registry

[Service]
Restart=always

[Install]
WantedBy=default.target

1. Replace /path/to/ with your actual paths.
2. To disable SSH, remove PublishPort=2222:22 and the matching line in the Pod.
3. The latest-rootless image runs as the git user (UID 1000) with SSH on port 2222, so it won’t conflict with the host SSH daemon.

Optional: Gitea Runner

Add a Runner if you need CI/CD (Actions).

Read Running Gitea Runner with Rootless Podman

Deployment

1. Save the files under ~/.config/containers/systemd/
2. Run systemctl --user daemon-reload
3. Start: systemctl --user start gitea-pod
4. [Optional] Enable auto-updates: systemctl --user enable --now podman-auto-update.timer