gitea/compose.yml

---
version: "3.8"

services:
  app:
    image: "gitea/gitea:1.13.2"
    configs:
      - source: app_ini
        target: /data/gitea/conf/app.ini
    secrets:
      - db_passwd
      - internal_token
      - jwt_secret
      - secret_key
      - smtp_passwd
    environment:
      - GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION
      - GITEA_APP_NAME
      - GITEA_AUTO_WATCH_NEW_REPOS
      - GITEA_DB_HOST="db:3306"
      - GITEA_DB_NAME=gitea
      - GITEA_DB_TYPE=mysql
      - GITEA_DB_USER=gitea
      - GITEA_DISABLE_REGISTRATION
      - GITEA_DOMAIN=${DOMAIN}
      - GITEA_ENABLE_NOTIFY_MAIL
      - GITEA_ENABLE_OPENID_SIGNIN
      - GITEA_ENABLE_OPENID_SIGNUP
      - GITEA_MAILER_FROM
      - GITEA_MAILER_HOST
      - GITEA_MAILER_USER
      - GITEA_SSH_PORT
    volumes:
      - "git:/data"
      - "/etc/timezone:/etc/timezone:ro"
      - "/etc/localtime:/etc/localtime:ro"
    networks:
      - proxy
      - internal
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:3000"]
      interval: 15s
      timeout: 10s
      retries: 10
      start_period: 30s
    deploy:
      update_config:
        failure_action: rollback
        order: start-first
      labels:
        - "traefik.enable=true"
        - "traefik.http.routers.gitea.rule=Host(`${DOMAIN}`)"
        - "traefik.http.routers.gitea.entrypoints=web-secure"
        - "traefik.http.services.gitea.loadbalancer.server.port=3000"
        - "traefik.http.routers.gitea.tls.certresolver=${LETS_ENCRYPT_ENV}"
        - "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
        - "traefik.tcp.routers.gitea-ssh.entrypoints=gitea-ssh"
        - "traefik.tcp.services.gitea-ssh.loadbalancer.server.port=${GITEA_SSH_PORT}"

  db:
    image: "mariadb:10.5"
    command: |
      mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
    environment:
      - MYSQL_DATABASE=gitea
      - MYSQL_USER=gitea
      - MYSQL_PASSWORD_FILE=/run/secrets/db_passwd
      - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_passwd
    secrets:
      - db_passwd
      - db_root_passwd
    volumes:
      - "mariadb:/var/lib/mysql"
    networks:
      - internal

networks:
  internal:
  proxy:
    external: true

configs:
  app_ini:
    name: ${STACK_NAME}_app_ini_${APP_INI_VERSION}
    file: app.ini.tmpl
    template_driver: golang

# Note(decentral1se): migrate from passwd -> password
# See https://git.autonomic.zone/coop-cloud/abra/pulls/33
secrets:
  db_passwd:
    name: ${STACK_NAME}_db_passwd_${SECRET_DB_PASSWORD_VERSION}
    external: true
  db_root_passwd:
    name: ${STACK_NAME}_db_root_passwd_${SECRET_DB_ROOT_PASSWORD_VERSION}
    external: true
  internal_token:
    name: ${STACK_NAME}_internal_token_${SECRET_INTERNAL_TOKEN_VERSION}
    external: true
  jwt_secret:
    name: ${STACK_NAME}_jwt_secret_${SECRET_JWT_SECRET_VERSION}
    external: true
  secret_key:
    name: ${STACK_NAME}_secret_key_${SECRET_SECRET_KEY_VERSION}
    external: true
  smtp_passwd:
    name: ${STACK_NAME}_smtp_passwd_${SECRET_SMTP_PASSWORD_VERSION}
    external: true

volumes:
  git:
  mariadb:
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`---`
			`version: "3.8"`

			`services:`
Migrating from git.autonomic.zone repo 2020-10-27 10:25:48 +00:00			`app:`
Update gitea/gitea Docker tag to v1.13.2 2021-02-02 08:01:31 +00:00			`image: "gitea/gitea:1.13.2"`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`configs:`
			`- source: app_ini`
			`target: /data/gitea/conf/app.ini`
			`secrets:`
			`- db_passwd`
			`- internal_token`
			`- jwt_secret`
			`- secret_key`
Migrating from git.autonomic.zone repo 2020-10-27 10:25:48 +00:00			`- smtp_passwd`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`environment:`
Migrating from git.autonomic.zone repo 2020-10-27 10:25:48 +00:00			`- GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION`
			`- GITEA_APP_NAME`
			`- GITEA_AUTO_WATCH_NEW_REPOS`
Quote that sucka 2020-10-27 10:36:05 +00:00			`- GITEA_DB_HOST="db:3306"`
Migrating from git.autonomic.zone repo 2020-10-27 10:25:48 +00:00			`- GITEA_DB_NAME=gitea`
			`- GITEA_DB_TYPE=mysql`
			`- GITEA_DB_USER=gitea`
			`- GITEA_DISABLE_REGISTRATION`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`- GITEA_DOMAIN=${DOMAIN}`
Migrating from git.autonomic.zone repo 2020-10-27 10:25:48 +00:00			`- GITEA_ENABLE_NOTIFY_MAIL`
			`- GITEA_ENABLE_OPENID_SIGNIN`
			`- GITEA_ENABLE_OPENID_SIGNUP`
			`- GITEA_MAILER_FROM`
			`- GITEA_MAILER_HOST`
			`- GITEA_MAILER_USER`
			`- GITEA_SSH_PORT`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`volumes:`
			`- "git:/data"`
Migrating from git.autonomic.zone repo 2020-10-27 10:25:48 +00:00			`- "/etc/timezone:/etc/timezone:ro"`
			`- "/etc/localtime:/etc/localtime:ro"`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`networks:`
			`- proxy`
			`- internal`
Zero downtime configuration 2020-06-22 17:41:06 +00:00			`healthcheck:`
Fix typo 2020-07-01 08:00:29 +00:00			`test: ["CMD", "curl", "-f", "http://localhost:3000"]`
Zero downtime configuration 2020-06-22 17:41:06 +00:00			`interval: 15s`
			`timeout: 10s`
			`retries: 10`
Migrating from git.autonomic.zone repo 2020-10-27 10:25:48 +00:00			`start_period: 30s`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`deploy:`
			`update_config:`
			`failure_action: rollback`
Zero downtime configuration 2020-06-22 17:41:06 +00:00			`order: start-first`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`labels:`
			`- "traefik.enable=true"`
			- "traefik.http.routers.gitea.rule=Host(`${DOMAIN}`)"
			`- "traefik.http.routers.gitea.entrypoints=web-secure"`
			`- "traefik.http.services.gitea.loadbalancer.server.port=3000"`
Migrating from git.autonomic.zone repo 2020-10-27 10:25:48 +00:00			`- "traefik.http.routers.gitea.tls.certresolver=${LETS_ENCRYPT_ENV}"`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			- "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
			`- "traefik.tcp.routers.gitea-ssh.entrypoints=gitea-ssh"`
Migrating from git.autonomic.zone repo 2020-10-27 10:25:48 +00:00			`- "traefik.tcp.services.gitea-ssh.loadbalancer.server.port=${GITEA_SSH_PORT}"`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00
Shorter service name 2020-10-27 10:32:00 +00:00			`db:`
Use mysql to match our installation 2020-06-23 09:10:33 +00:00			`image: "mariadb:10.5"`
Use correct collation/charset See https://git.autonomic.zone/autonomic-cooperative/git.autonomic.zone/issues/13#issuecomment-868. 2020-09-09 05:18:28 +00:00			`command: \|`
			`mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci`
Use mysql to match our installation 2020-06-23 09:10:33 +00:00			`environment:`
			`- MYSQL_DATABASE=gitea`
			`- MYSQL_USER=gitea`
			`- MYSQL_PASSWORD_FILE=/run/secrets/db_passwd`
			`- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_passwd`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`secrets:`
			`- db_passwd`
Use mysql to match our installation 2020-06-23 09:10:33 +00:00			`- db_root_passwd`
			`volumes:`
			`- "mariadb:/var/lib/mysql"`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`networks:`
			`- internal`

			`networks:`
			`internal:`
			`proxy:`
			`external: true`

			`configs:`
			`app_ini:`
Migrating from git.autonomic.zone repo 2020-10-27 10:25:48 +00:00			`name: ${STACK_NAME}_app_ini_${APP_INI_VERSION}`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`file: app.ini.tmpl`
			`template_driver: golang`

Use `PASSWORD` secret convention See https://git.autonomic.zone/coop-cloud/abra/pulls/33. 2020-12-31 14:26:15 +00:00			`# Note(decentral1se): migrate from passwd -> password`
			`# See https://git.autonomic.zone/coop-cloud/abra/pulls/33`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`secrets:`
			`db_passwd:`
Use `PASSWORD` secret convention See https://git.autonomic.zone/coop-cloud/abra/pulls/33. 2020-12-31 14:26:15 +00:00			`name: ${STACK_NAME}_db_passwd_${SECRET_DB_PASSWORD_VERSION}`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`external: true`
Don't forget the root password 2020-06-23 09:39:51 +00:00			`db_root_passwd:`
Use `PASSWORD` secret convention See https://git.autonomic.zone/coop-cloud/abra/pulls/33. 2020-12-31 14:26:15 +00:00			`name: ${STACK_NAME}_db_root_passwd_${SECRET_DB_ROOT_PASSWORD_VERSION}`
Don't forget the root password 2020-06-23 09:39:51 +00:00			`external: true`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`internal_token:`
Use `PASSWORD` secret convention See https://git.autonomic.zone/coop-cloud/abra/pulls/33. 2020-12-31 14:26:15 +00:00			`name: ${STACK_NAME}_internal_token_${SECRET_INTERNAL_TOKEN_VERSION}`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`external: true`
			`jwt_secret:`
Use `PASSWORD` secret convention See https://git.autonomic.zone/coop-cloud/abra/pulls/33. 2020-12-31 14:26:15 +00:00			`name: ${STACK_NAME}_jwt_secret_${SECRET_JWT_SECRET_VERSION}`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`external: true`
			`secret_key:`
Use `PASSWORD` secret convention See https://git.autonomic.zone/coop-cloud/abra/pulls/33. 2020-12-31 14:26:15 +00:00			`name: ${STACK_NAME}_secret_key_${SECRET_SECRET_KEY_VERSION}`
Migrating from git.autonomic.zone repo 2020-10-27 10:25:48 +00:00			`external: true`
			`smtp_passwd:`
Use `PASSWORD` secret convention See https://git.autonomic.zone/coop-cloud/abra/pulls/33. 2020-12-31 14:26:15 +00:00			`name: ${STACK_NAME}_smtp_passwd_${SECRET_SMTP_PASSWORD_VERSION}`
Bootstrap Gitea repository 2020-06-17 06:21:19 +00:00			`external: true`

			`volumes:`
			`git:`
Use mysql to match our installation 2020-06-23 09:10:33 +00:00			`mariadb:`