ACO is running a gitea installation for controls related software.


The server is only available inside the GSI Network. No internet service.

Gitea is attached to the ACO Identity Management. To apply for an account see UserAccount.

For git protocol access https (with username/password) and ssh (with public private keys, see also SshAgent) is available.

Access permissions for repositories are administrated by their respective owners.

Note: kerberos authentication is not possible. It collides with giteas cookie based authentication mechanisms.


Any user has his own organization (equals username). Additional organizations can be created. The names of organizations may not collide with usernames.


Each organization has a special team "Owners". This team can't be deleted or renamed and has full access to all repositories in the organization.

Additional teams can be created by the organization owners.

Repositories must be assigned to teams to apply permissions.

Teams can be synchronized with ldap groups. For this add ldap=GROUP to the teams description. Multiple groups can be merged (ldap=GROUP1 ldap=GROUP2). Ldap synchronizations happens asynchronous. Manual changes to a synchronized team are possible (for example to grant immediate access), but will be overwritten on the next sync.


for protected/private projects that should be accessed by jenkins grant permissions to the user cibuild. Jenkins projects should then be configured use the https url and the credentials for cibuild.

Wiki and Bugtracker

There has been no decision if bugzilla will be replaced with the gitea bugtracker.

If we ever migrate to a different git management system only git repositories will be migrated.

Git Server SSH Hostkey

Recent openssh version (archlinux, rhel9, etc) will prevent access to legacy ciphers. Until we replace the gitea config modify you need to modify local ssh config (~/.ssh/config)
        HostKeyAlgorithms +ssh-rsa
        PubkeyAcceptedKeyTypes +ssh-rsa

and once we replace the gitea config everyone will get a changed-ssh-key error.

-- ChristophHandel - 20 Feb 2019
Topic revision: r5 - 13 Oct 2022, ChristophHandel
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback