systemd stuff

etc/systemd/system/gitea.service

@@ -0,0 +1,29 @@
+[Unit]
+Description=Gitea (Modified with multi-protocol TLS/I2P/Tor support)
+Documentation=https://github.com/go-i2p/go-gitlooseleaf
+After=network.target postgresql.service mysql.service mariadb.service
+Wants=network.target
+
+[Service]
+Type=simple
+User=git
+Group=git
+WorkingDirectory=/var/lib/gitea
+ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
+Restart=always
+RestartSec=10
+Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
+
+# Hardening measures
+ProtectSystem=full
+PrivateTmp=true
+PrivateDevices=true
+NoNewPrivileges=true
+ReadWritePaths=/var/lib/gitea /etc/gitea
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+
+# Load user-modifiable configuration from drop-in directory
+# This will automatically include all .conf files in gitea.service.d/
+
+[Install]
+WantedBy=multi-user.target

etc/systemd/system/gitea.service.d/user-config.conf

@@ -0,0 +1,22 @@
+[Service]
+# User-configurable environment variables for multi-protocol support
+
+# Required for TLS certificate generation - CHANGE THIS!
+Environment="EMAIL=your-email@example.com"
+
+# Optional: Set explicit hostname (defaults to system hostname if not set)
+# Environment="HOSTNAME=your-hostname"
+
+# Optional: Performance tuning
+# Environment="MAX_CONNECTIONS=500"
+# Environment="RATE_LIMIT=24"
+
+# Optional: Certificate directory
+# Environment="CERT_DIR=/var/lib/gitea/certs"
+
+# Optional: Additional environment variables for database, etc.
+# Environment="GITEA_DATABASE_TYPE=postgres"
+# Environment="GITEA_DATABASE_HOST=localhost:5432"
+# Environment="GITEA_DATABASE_NAME=gitea"
+# Environment="GITEA_DATABASE_USER=gitea"
+# Environment="GITEA_DATABASE_PASSWD=gitea"