|
|
|
# gitea requires ssh access from the host machine, which needs special setup
|
|
|
|
# In order to create the git user and auth keys, you need to run:
|
|
|
|
#
|
|
|
|
# sudo gitea/setup.sh
|
|
|
|
#
|
|
|
|
version: "3"
|
|
|
|
|
|
|
|
services:
|
|
|
|
gitea:
|
|
|
|
image: gitea/gitea:1.17.3
|
|
|
|
container_name: gitea
|
|
|
|
env_file:
|
|
|
|
- ./env.production
|
|
|
|
environment:
|
|
|
|
- USER_UID=2222 # must match git user on host system
|
|
|
|
- USER_GID=2222
|
|
|
|
- GITEA_CLIENT_SECRET=${GITEA_CLIENT_SECRET}
|
|
|
|
- GITEA_ADMIN_PASSWORD=${GITEA_ADMIN_PASSWORD}
|
|
|
|
- GITEA__database__DB_TYPE=postgres
|
|
|
|
- GITEA__database__HOST=gitea-db:5432
|
|
|
|
- GITEA__database__NAME=gitea
|
|
|
|
- GITEA__database__USER=gitea
|
|
|
|
- GITEA__database__PASSWD=gitea
|
|
|
|
- GITEA__oauth2_client__ENABLE_AUTO_REGISTRATION=true
|
|
|
|
- GITEA__openid__ENABLE_OPENID_SIGNIN=true
|
|
|
|
- GITEA__openid__ENABLE_OPENID_SIGNUP=false
|
|
|
|
- GITEA__service__DISABLE_REGISTRATION=true
|
|
|
|
- GITEA__service__ALLOW_ONLY_EXTERNAL_REGISTRATION=true
|
|
|
|
- GITEA__repository__DEFAULT_BRANCH=main
|
|
|
|
- GITEA__server__ROOT_URL=https://${GITEA_HOSTNAME}.${DOMAIN_NAME}/
|
|
|
|
- GITEA__server__SSH_DOMAIN=${GITEA_HOSTNAME}.${DOMAIN_NAME}
|
|
|
|
- GITEA__security__SECRET_KEY=${GITEA_SESSION_SECRET}
|
|
|
|
- GITEA__security__INSTALL_LOCK=true
|
|
|
|
- GITEA__mailer__ENABLED=true
|
|
|
|
- GITEA__mailer__FROM=git@${DOMAIN_NAME}
|
|
|
|
- GITEA__mailer__MAILER_TYPE=smtp
|
|
|
|
- GITEA__mailer__HOST=${SMTP_SERVER}:${SMTP_PORT}
|
|
|
|
- GITEA__mailer__IS_TLS_ENABLED=false
|
|
|
|
- GITEA__mailer__USER=${SMTP_USER}
|
|
|
|
- GITEA__mailer__PASSWD=${SMTP_PASSWORD}
|
|
|
|
entrypoint: ["/setup.sh"]
|
|
|
|
volumes:
|
|
|
|
- ./gitea/setup.sh:/setup.sh:ro
|
|
|
|
- ./data/gitea:/data
|
|
|
|
- /etc/timezone:/etc/timezone:ro
|
|
|
|
- /etc/localtime:/etc/localtime:ro
|
|
|
|
- /home/git/.ssh/:/data/git/.ssh
|
|
|
|
ports:
|
|
|
|
# - "3030:3000"
|
|
|
|
- "2222:22" # route host port 2222 to container port 22 for inbound ssh
|
|
|
|
restart: always
|
|
|
|
depends_on:
|
|
|
|
- gitea-db
|
|
|
|
|
|
|
|
gitea-db:
|
|
|
|
image: postgres:13.4-alpine
|
|
|
|
container_name: gitea-db
|
|
|
|
restart: always
|
|
|
|
environment:
|
|
|
|
- POSTGRES_USER=gitea
|
|
|
|
- POSTGRES_PASSWORD=gitea
|
|
|
|
- POSTGRES_DB=gitea
|
|
|
|
volumes:
|
|
|
|
- ./data/gitea/postgres:/var/lib/postgresql/data
|
|
|
|
|
|
|
|
# add the gitea nginx configuration into the nginx volume
|
|
|
|
nginx:
|
|
|
|
volumes:
|
|
|
|
- ./gitea/nginx.conf:/etc/nginx/templates/gitea.conf.template:ro
|
|
|
|
|
|
|
|
# add the gitea client secrets to the keycloak-setup volume
|
|
|
|
keycloak:
|
|
|
|
volumes:
|
|
|
|
- ./data/gitea/secrets:/run/secrets/gitea:ro
|
|
|
|
- ./gitea/keycloak.sh:/keycloak-setup/gitea.sh:ro
|