I do have an alternate setup allowing me to
- run gitea within a container not exposed to the outside
- forward ssh connections of gitea@host to the container
One advantage of my setup (M) over https://docs.gitea.io/en-us/installation/install-with-docker/ (S) is this:
- (S) copies the authorized_keys from the container to the host
- assume someone could hack gitea, then it is quite easy for him/her to get access to the host
- (M) creates a more controlled version of the authorized_keys on the host
- hacked authorized_keys within the container typically lead to get access to the container
I can describe the setup in case there is any interest.
Best regards, Uli