Really love how easy it is to import repos into #Gitea.

Habe meinen Standard-GitLab-CI/CD-Workflow, den ich für die meisten Kundenprojekte verwende, nun auf Gitea Actions umgeschrieben (identisch zu GitHub Actions). Nun kann ich anfangen, meine ganzen Repos von gitlab.com zu entfernen und auf meinen eigenen Gitea-Server bei Uberspace zu migrieren :-) #gitlab #gitea #uberspace

Hier die Hintergründe: https://mas.to/@markwyner/114136898936177266

En nu ook een eigen gitservice online. Het is opgezet met #gitea. Nu nog ‘even’ vullen.
#git #eigencloud #opensource

A short PSA: Gitea's newest Helm Chart, 11.0, switches from DockerHub to docker.gitea.com for the Gitea image. A good thing of course, but you might want to configure your internal cache to cache docker.gitea.com as well, to be a good neighbour and not hammer their infra too much.

For some reason I can't SSH from my laptop to my #Gitea server via its public interface. It just keeps timing out. It's only the laptop having this issue; my tablet and phone are doing this just fine. I was finally able to push my commits by sending them directly over the LAN instead. I've tried resetting the VPN on the laptop, but it's still not working normally.

I am officially confused.

Edit: Mystery solved. I forgot to pay my VPN provider... again.

Und wo ich gerade so im Release-Flow bin, habe ich auch gleich mein etwas eingestaubten #gitlab #github #gitea Vergleich aufpoliert und als Dataset in #OpenResearch & #OpenData manier mit einer #DOI ausgestattet. Und die beiden #gitea Abkömmlinge #codeberg und #forgejo sind auch mit von der Party.

Mit insgesamt 18 Attributen vergleich ich sie u.a. nach #dsgvo, #FOSS awareness.

https://y.lab.nrw/git

Freu mich auf Euer Feedback, ob sowas hilft?

\__
#OpenSource #100DaysOfCode

Gitea v1.23.5 Released: https://github.com/go-gitea/gitea/releases/tag/v1.23.5
#linux #foss #release #git #gitea #selfhosted

C'était votre souhait, nous avons remplacé #Gitea par #Forgejo (par @Codeberg) il y a quelques jours. Il restait à mettre la page ZGit à jour. Voilà qui est fait : https://www.zaclys.com/zgit/

Logo @forgejo créé par Caesar Schinas
sous licence Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license

#gitea 1.23.5 released

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD

#adminlife #opensource #git
https://github.com/go-gitea/gitea/releases/tag/v1.23.5

Gitea Authors released #Gitea version 1.23.5. https://gitea.io/

If you run a #Drone CI server, set DRONE_REGISTRATION_CLOSED=true (and manually create users only when you really really trust someone).

The CPU on my CI/CD server suddenly spiked to 100% today.

A closer look found some users who had registered on git.platypush.tech and on the CI/CD server and created a repo with a .drone.yml, a .gitlab-ci.yml and some scripts with base64-encoded commands.

The repo also contains a deepCC.ipynb Jupyter notebook that downloads some training data from S3 and uses Tensorflow to train a model, and then uses the deepCC binary to do something with that model.

The repository also has a configure script with base64-encoded commands that seem to configure a miner (the wallet ID is R9WpFbvkb6dep6bfLdbpcyz3LpMeikUL6W and the coin is VRSC, if anyone is interested in investigating further).

The deepCC binary is itself quite big (~50 MB), and a look at the setup script reveals that it’s actually a .tar.gz archive with a larger binary inside.

A quick run of strings on the binary confirms that it’s actually a miner - it connects to eu1-etc.ethermine.org and it also has a bunch of CUDA bindings to run on GPUs.

I still don’t get what’s the point of the Jupyter notebook that trains a model and passes it to this miner, but if you feared the day of the arrival of the zombie Docker containers that exhaust system resources by mining cryptocrap AND training AI models, well, I’m afraid to inform you that that day has come.

If you are a #Gitea / #Forgejo admin, take a look at the users and repos created in the past couple of weeks. Check in particular if any recently registered users have created a repo named deepcc-v.

The most likely authors are users named farzanfarid16 and zurizoey0.

A quick search confirms that both these users are registered on #Gitea too and have already created the incriminated repo:

• https://gitea.com/farzanfarid16/deepcc-v
• https://gitea.com/zurizoey0/deepcc-v

And if you are a Drone CI or #Gitlab admin, check if any of these users have also started CI/CD pipelines connected to that repo.

For now, disabling the execution of CI/CD pipelines unless a user has been explicitly authorized is the best idea that comes to my mind.

Gitea v1.23.4 Released: https://github.com/go-gitea/gitea/releases/tag/v1.23.4
#linux #update #foss #release #gitea #selfhost #git

Vous pouvez maintenant commander votre propre serveur dédié ZGit Zaclys #Gitea

Lien au bas de cette page : https://www.zaclys.com/zgit/

Mais aussi toujours ouvrir votre "simple" compte ZGit accessible aux abonné.e.s (sur serveur mutualisé).

After I implemented Renovate bot on my #Forgejo (#Gitea) instance, I now added continuous delivery to my CI pipeline. So, in theory, all I need to do is approve a PR from the bot and the merged code is in production!
#DevOps #homelab