Sebastian Krüger
f21e0611b4
Migrated 11 services from monolithic docker-compose project into independent stacks, each with dedicated databases, minimal .env configuration, and bind-mount data volumes. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
105 lines
4.1 KiB
YAML
105 lines
4.1 KiB
YAML
---
|
|
services:
|
|
gitea:
|
|
image: gitea/gitea:latest
|
|
container_name: gitea
|
|
environment:
|
|
TZ: ${TIMEZONE:-Europe/Amsterdam}
|
|
USER_UID: 1000
|
|
USER_GID: 1000
|
|
GITEA__APP_NAME: dev.pivoine.art
|
|
GITEA__database__DB_TYPE: postgres
|
|
GITEA__database__HOST: gitea_db:5432
|
|
GITEA__database__NAME: gitea
|
|
GITEA__database__USER: gitea
|
|
GITEA__database__PASSWD: gitea
|
|
GITEA__server__DOMAIN: ${TRAEFIK_HOST}
|
|
GITEA__server__SSH_DOMAIN: ${TRAEFIK_HOST}
|
|
GITEA__server__ROOT_URL: https://${TRAEFIK_HOST}/
|
|
GITEA__server__PROTOCOL: http
|
|
GITEA__server__HTTP_PORT: 3000
|
|
GITEA__server__START_SSH_SERVER: "true"
|
|
GITEA__server__SSH_PORT: 2222
|
|
GITEA__server__SSH_LISTEN_PORT: 2222
|
|
GITEA__mailer__ENABLED: "true"
|
|
GITEA__mailer__PROTOCOL: smtp
|
|
GITEA__mailer__SMTP_ADDR: mailpit
|
|
GITEA__mailer__SMTP_PORT: 1025
|
|
GITEA__service__DISABLE_REGISTRATION: "false"
|
|
GITEA__service__REQUIRE_SIGNIN_VIEW: "false"
|
|
GITEA__service__ENABLE_NOTIFY_MAIL: "true"
|
|
GITEA__service__DEFAULT_EMAIL_NOTIFICATIONS: enabled
|
|
GITEA__packages__ENABLED: "true"
|
|
GITEA__actions__ENABLED: "true"
|
|
GITEA__ui__THEMES: gitea-auto,gitea-light,gitea-dark,arc-green,edge-auto,edge-dark,edge-light,everforest-auto,everforest-dark,everforest-light,gruvbox-auto,gruvbox-dark,gruvbox-light,gruvbox-material-auto,gruvbox-material-dark,gruvbox-material-light,nord,palenight,soft-era,sonokai,sonokai-andromeda,sonokai-atlantis,sonokai-espresso,sonokai-maia,sonokai-shusia
|
|
GITEA__ui__DEFAULT_THEME: edge-dark
|
|
GITEA__ui__ENABLE_FEED: "true"
|
|
ports:
|
|
- "2222:2222"
|
|
volumes:
|
|
- ../.data/gitea/data:/data
|
|
- ../.data/gitea/config:/etc/gitea
|
|
- ./themes:/data/gitea/public/assets/css:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
restart: always
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.middlewares.gitea-redirect-web-secure.redirectscheme.scheme=https"
|
|
- "traefik.http.routers.gitea-web.middlewares=gitea-redirect-web-secure"
|
|
- "traefik.http.routers.gitea-web.rule=Host(`${TRAEFIK_HOST}`)"
|
|
- "traefik.http.routers.gitea-web.entrypoints=web"
|
|
- "traefik.http.routers.gitea-web-secure.rule=Host(`${TRAEFIK_HOST}`)"
|
|
- "traefik.http.routers.gitea-web-secure.tls.certresolver=resolver"
|
|
- "traefik.http.routers.gitea-web-secure.entrypoints=web-secure"
|
|
- "traefik.http.routers.gitea-web-secure.middlewares=security-headers@file"
|
|
- "traefik.http.services.gitea-web-secure.loadbalancer.server.port=3000"
|
|
- "traefik.docker.network=${NETWORK_NAME}"
|
|
- "com.centurylinklabs.watchtower.enable=true"
|
|
networks:
|
|
- compose_network
|
|
runner:
|
|
image: gitea/act_runner:latest
|
|
container_name: gitea_runner
|
|
privileged: true
|
|
command: ["act_runner", "daemon", "--config", "/data/config.yaml"]
|
|
environment:
|
|
TZ: ${TIMEZONE:-Europe/Amsterdam}
|
|
GITEA_INSTANCE_URL: https://${TRAEFIK_HOST}
|
|
GITEA_RUNNER_REGISTRATION_TOKEN: ${RUNNER_TOKEN}
|
|
GITEA_RUNNER_NAME: docker-runner
|
|
GITEA_RUNNER_LABELS: ubuntu-latest:docker://catthehacker/ubuntu:act-latest,ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04,ubuntu-20.04:docker://catthehacker/ubuntu:act-20.04
|
|
DOCKER_HOST: unix:///var/run/docker.sock
|
|
volumes:
|
|
- ../.data/gitea/runner:/data
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
- ./runner-config.yaml:/data/config.yaml:ro
|
|
labels:
|
|
- "com.centurylinklabs.watchtower.enable=true"
|
|
restart: always
|
|
networks:
|
|
- compose_network
|
|
db:
|
|
image: postgres:16-alpine
|
|
container_name: gitea_db
|
|
environment:
|
|
POSTGRES_DB: gitea
|
|
POSTGRES_USER: gitea
|
|
POSTGRES_PASSWORD: gitea
|
|
volumes:
|
|
- ../.data/gitea/db:/var/lib/postgresql/data
|
|
restart: always
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 5
|
|
networks:
|
|
- compose_network
|
|
networks:
|
|
compose_network:
|
|
name: ${NETWORK_NAME}
|
|
external: true
|