Mirror git repository with post receive hooks

To automatically mirror a git repository from an internal system (like a private Gitea) to an external system (like Github) the following Script can be used as a so called “post receive hook”:

#!/usr/bin/env bash

downstream_repo="git@github.com:your-user/your-repo.git"
# if tmp worries you, put it somewhere else!
pkfile="/tmp/gitea_dotfiles_to_github_dotfiles_id_rsa"

if [ ! -e "$pkfile" ]; then # unindented block for heredoc's sake
cat > "$pkfile" << PRIVATEKEY
-----BEGIN OPENSSH PRIVATE KEY-----
a passworless private key created exactly for this purpose
-----END OPENSSH PRIVATE KEY-----
PRIVATEKEY
fi

chmod 400 "$pkfile"
export GIT_SSH_COMMAND="ssh -oStrictHostKeyChecking=no -i \"$pkfile\""
# if you want strict host key checking, just add the host to the known_hosts for
# your Gitea server/user beforehand
git push --mirror "$downstream_repo"

Enabling Hooks in Gitea

Since this means that users with the permission to setup these hooks would be able to execute arbitrary code on the internal system this functionality is disabled by default in Gite. The following snippet needs to be added to its app.ini to re-enable the feature:

[security]
DISABLE_GIT_HOOKS = false

Happy mirroring!