From a1dde38834a209ce3759c11c5cf287a6d256c8dd Mon Sep 17 00:00:00 2001 From: 3wc <3wc@doesthisthing.work> Date: Thu, 24 Nov 2022 10:53:27 -0800 Subject: [PATCH 01/14] Switch to .example.com --- .env.sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.env.sample b/.env.sample index 9accacd..25777cd 100644 --- a/.env.sample +++ b/.env.sample @@ -1,6 +1,6 @@ TYPE=gitea -DOMAIN={{ .Domain }} +DOMAIN=gitea.example.com LETS_ENCRYPT_ENV=production GITEA_DOMAIN=git.example.com From f7ee9b63c43b2ba91aaf39d8219e378f56ac04c8 Mon Sep 17 00:00:00 2001 From: 3wc <3wc@doesthisthing.work> Date: Sun, 8 Jan 2023 19:12:53 -0800 Subject: [PATCH 02/14] Add optional CORS headers --- compose.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/compose.yml b/compose.yml index a94b4e2..da02861 100644 --- a/compose.yml +++ b/compose.yml @@ -38,6 +38,7 @@ services: - GITEA_UPDATE_AVATAR - GITEA_ACCOUNT_LINKING - GITEA_OAUTH2_CLIENT_ENABLED + - GITEA_CORS_ALLOW_DOMAIN volumes: - data:/var/lib/gitea - config:/etc/gitea @@ -59,6 +60,11 @@ services: - "traefik.tcp.routers.${STACK_NAME}-ssh.rule=HostSNI(`*`)" - "traefik.tcp.routers.${STACK_NAME}-ssh.entrypoints=gitea-ssh" - "traefik.tcp.services.${STACK_NAME}-ssh.loadbalancer.server.port=${GITEA_SSH_PORT}" + - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}_cors" + - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolallowmethods=GET,OPTIONS,PUT" + - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolalloworiginlist=https://${GITEA_CORS_ALLOW_DOMAIN}" + - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolmaxage=100" + - "traefik.http.middlewares.${STACK_NAME}_cors.headers.addvaryheader=true" - coop-cloud.${STACK_NAME}.version=1.3.1+1.17.3-rootless db: From 910dac0c1bd620fd3961c1304621f1a207ea4e79 Mon Sep 17 00:00:00 2001 From: Philipp Rothmann Date: Mon, 9 May 2022 16:05:30 +0200 Subject: [PATCH 03/14] add: postgresdb alternative --- .env.sample | 5 ++++- compose.mariadb.yml | 37 +++++++++++++++++++++++++++++++++++++ compose.postgres.yml | 30 ++++++++++++++++++++++++++++++ compose.yml | 27 --------------------------- 4 files changed, 71 insertions(+), 28 deletions(-) create mode 100644 compose.mariadb.yml create mode 100644 compose.postgres.yml diff --git a/.env.sample b/.env.sample index 25777cd..f1e0d28 100644 --- a/.env.sample +++ b/.env.sample @@ -2,6 +2,9 @@ TYPE=gitea DOMAIN=gitea.example.com LETS_ENCRYPT_ENV=production +COMPOSE_FILE="compose.yml" +COMPOSE_FILE="$COMPOSE_FILE:compose.mariadb.yml" +# COMPOSE_FILE="$COMPOSE_FILE:compose.postgres.yml" GITEA_DOMAIN=git.example.com GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION=true @@ -27,7 +30,7 @@ SECRET_JWT_SECRET_VERSION=v1 # length=43 SECRET_SECRET_KEY_VERSION=v1 # length=64 # SMTP Mailer -# COMPOSE_FILE="compose.yml:compose.smtp.yml" +# COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml" # GITEA_SMTP_MAILER_ENABLED=1 # GITEA_MAILER_HOST=mail.gandi.net:465 # SECRET_SMTP_PASSWORD_VERSION=v1 diff --git a/compose.mariadb.yml b/compose.mariadb.yml new file mode 100644 index 0000000..8be57ec --- /dev/null +++ b/compose.mariadb.yml @@ -0,0 +1,37 @@ +version: '3.8' + +services: + app: + environment: + - GITEA_DB_TYPE=mysql + - GITEA_DB_HOST="db:3306" + - GITEA_DB_NAME=gitea + - GITEA_DB_USER=gitea + db: + image: "mariadb:10.9" + command: | + mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci + environment: + - MYSQL_DATABASE=gitea + - MYSQL_USER=gitea + - MYSQL_PASSWORD_FILE=/run/secrets/db_password + - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password + secrets: + - db_password + - db_root_password + volumes: + - "mariadb:/var/lib/mysql" + networks: + - internal + +secrets: + db_password: + name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION} + external: true + db_root_password: + name: ${STACK_NAME}_db_root_password_${SECRET_DB_ROOT_PASSWORD_VERSION} + external: true + +volumes: + mariadb: + internal: diff --git a/compose.postgres.yml b/compose.postgres.yml new file mode 100644 index 0000000..24c681a --- /dev/null +++ b/compose.postgres.yml @@ -0,0 +1,30 @@ +version: '3.8' + +services: + app: + environment: + - GITEA_DB_TYPE=postgres + - GITEA_DB_HOST="db:5432" + - GITEA_DB_NAME=gitea + - GITEA_DB_USER=gitea + db: + image: postgres:9.6 + environment: + - POSTGRES_DB=gitea + - POSTGRES_USER=gitea + - POSTGRES_PASSWORD_FILE=/run/secrets/db_password + secrets: + - db_password + volumes: + - db:/var/lib/postgresql/data + networks: + - internal + +secrets: + db_password: + name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION} + external: true + +volumes: + db: + internal: diff --git a/compose.yml b/compose.yml index da02861..f7bd22a 100644 --- a/compose.yml +++ b/compose.yml @@ -19,10 +19,6 @@ services: - GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION - GITEA_APP_NAME - GITEA_AUTO_WATCH_NEW_REPOS - - GITEA_DB_HOST="db:3306" - - GITEA_DB_NAME=gitea - - GITEA_DB_TYPE=mysql - - GITEA_DB_USER=gitea - GITEA_DISABLE_REGISTRATION - GITEA_DOMAIN=${DOMAIN} - GITEA_ENABLE_NOTIFY_MAIL @@ -67,22 +63,6 @@ services: - "traefik.http.middlewares.${STACK_NAME}_cors.headers.addvaryheader=true" - coop-cloud.${STACK_NAME}.version=1.3.1+1.17.3-rootless - db: - image: "mariadb:10.9" - command: | - mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci - environment: - - MYSQL_DATABASE=gitea - - MYSQL_USER=gitea - - MYSQL_PASSWORD_FILE=/run/secrets/db_password - - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password - secrets: - - db_password - - db_root_password - volumes: - - "mariadb:/var/lib/mysql" - networks: - - internal networks: internal: @@ -100,12 +80,6 @@ configs: template_driver: golang secrets: - db_password: - name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION} - external: true - db_root_password: - name: ${STACK_NAME}_db_root_password_${SECRET_DB_ROOT_PASSWORD_VERSION} - external: true internal_token: name: ${STACK_NAME}_internal_token_${SECRET_INTERNAL_TOKEN_VERSION} external: true @@ -119,4 +93,3 @@ secrets: volumes: data: config: - mariadb: From 1ea412525f7afae99804cc1157d6148b499a1a10 Mon Sep 17 00:00:00 2001 From: Philipp Rothmann Date: Mon, 9 Jan 2023 17:02:07 +0100 Subject: [PATCH 04/14] chore: publish 2.0.0+1.18.0-rootless release --- compose.yml | 4 ++-- release/2.0.0+1.18.0-rootless | 8 ++++++++ 2 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 release/2.0.0+1.18.0-rootless diff --git a/compose.yml b/compose.yml index f7bd22a..eff3da0 100644 --- a/compose.yml +++ b/compose.yml @@ -3,7 +3,7 @@ version: "3.8" services: app: - image: "gitea/gitea:1.17.3-rootless" + image: "gitea/gitea:1.18.0-rootless" configs: - source: app_ini target: /etc/gitea/app.ini @@ -61,7 +61,7 @@ services: - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolalloworiginlist=https://${GITEA_CORS_ALLOW_DOMAIN}" - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolmaxage=100" - "traefik.http.middlewares.${STACK_NAME}_cors.headers.addvaryheader=true" - - coop-cloud.${STACK_NAME}.version=1.3.1+1.17.3-rootless + - coop-cloud.${STACK_NAME}.version=2.0.0+1.18.0-rootless networks: diff --git a/release/2.0.0+1.18.0-rootless b/release/2.0.0+1.18.0-rootless new file mode 100644 index 0000000..f02d11b --- /dev/null +++ b/release/2.0.0+1.18.0-rootless @@ -0,0 +1,8 @@ +This release adds the possibility to run gitea with postgres. +Please add the following lines to your servers .env file! + +``` +COMPOSE_FILE="compose.yml" +COMPOSE_FILE="$COMPOSE_FILE:compose.mariadb.yml" +# COMPOSE_FILE="$COMPOSE_FILE:compose.postgres.yml" +``` From 89400089ec2c837a4abc4c23726058a4e2f754fb Mon Sep 17 00:00:00 2001 From: decentral1se Date: Tue, 17 Jan 2023 10:45:19 +0100 Subject: [PATCH 05/14] fix: drop db_password from main compose def Now available in mariadb/postgresql compose files. --- compose.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/compose.yml b/compose.yml index eff3da0..ecb0384 100644 --- a/compose.yml +++ b/compose.yml @@ -11,7 +11,6 @@ services: target: /usr/local/bin/docker-setup.sh mode: 0555 secrets: - - db_password - internal_token - jwt_secret - secret_key From e2cd36873c384737c440dbeda80f9994d2683ecc Mon Sep 17 00:00:00 2001 From: 3wc <3wc@doesthisthing.work> Date: Thu, 19 Jan 2023 16:02:27 -0800 Subject: [PATCH 06/14] Update abra syntax in examples (finally) [mass update] --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 03e24ca..1fb8d6f 100644 --- a/README.md +++ b/README.md @@ -19,9 +19,9 @@ 2. Deploy [`coop-cloud/traefik`][cc-traefik] 3. `abra app new gitea --secrets` (optionally with `--pass` if you'd like to save secrets in `pass`) -4. `abra app YOURAPPDOMAIN config` - be sure to change `$DOMAIN` to something that resolves to +4. `abra app config YOURAPPDOMAIN` - be sure to change `$DOMAIN` to something that resolves to your Docker swarm box -5. `abra app YOURAPPDOMAIN deploy` +5. `abra app deploy YOURAPPDOMAIN` ## Create first user From 936fb940cbdc0c00ce98bb5cd9c63e11c4cbe9a1 Mon Sep 17 00:00:00 2001 From: Philipp Rothmann Date: Fri, 20 Jan 2023 10:48:44 +0100 Subject: [PATCH 07/14] Revert "fix: drop db_password from main compose def" This reverts commit 89400089ec2c837a4abc4c23726058a4e2f754fb. db_password secret is still needed in app service to set the db secret in app.ini.tmpl --- compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/compose.yml b/compose.yml index ecb0384..eff3da0 100644 --- a/compose.yml +++ b/compose.yml @@ -11,6 +11,7 @@ services: target: /usr/local/bin/docker-setup.sh mode: 0555 secrets: + - db_password - internal_token - jwt_secret - secret_key From 7d7761dec6e0bde472caf8809cdce2a7e7aea8aa Mon Sep 17 00:00:00 2001 From: Philipp Rothmann Date: Mon, 9 Jan 2023 16:38:06 +0100 Subject: [PATCH 08/14] feat: add forgejo overwrite --- .env.sample | 3 +++ compose.forgejo.yml | 5 +++++ 2 files changed, 8 insertions(+) create mode 100644 compose.forgejo.yml diff --git a/.env.sample b/.env.sample index f1e0d28..e562e4c 100644 --- a/.env.sample +++ b/.env.sample @@ -6,6 +6,9 @@ COMPOSE_FILE="compose.yml" COMPOSE_FILE="$COMPOSE_FILE:compose.mariadb.yml" # COMPOSE_FILE="$COMPOSE_FILE:compose.postgres.yml" +# Enable to use forgejo instead of gitea +# COMPOSE_FILE="$COMPOSE_FILE:compose.forgejo.yml" + GITEA_DOMAIN=git.example.com GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION=true GITEA_APP_NAME="Git with solidaritea" diff --git a/compose.forgejo.yml b/compose.forgejo.yml new file mode 100644 index 0000000..29a5e00 --- /dev/null +++ b/compose.forgejo.yml @@ -0,0 +1,5 @@ +version: '3.8' + +services: + app: + image: codeberg.org/forgejo/forgejo:1.18.0-1-rootless From 9413c79e8f9805da57414cfc7aaf2d33cc274804 Mon Sep 17 00:00:00 2001 From: Philipp Rothmann Date: Fri, 20 Jan 2023 11:00:24 +0100 Subject: [PATCH 09/14] chore: publish 2.0.1+1.18.2-rootless release --- compose.forgejo.yml | 2 +- compose.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/compose.forgejo.yml b/compose.forgejo.yml index 29a5e00..8aee549 100644 --- a/compose.forgejo.yml +++ b/compose.forgejo.yml @@ -2,4 +2,4 @@ version: '3.8' services: app: - image: codeberg.org/forgejo/forgejo:1.18.0-1-rootless + image: codeberg.org/forgejo/forgejo:1.18.2-0-rootless diff --git a/compose.yml b/compose.yml index eff3da0..10456e0 100644 --- a/compose.yml +++ b/compose.yml @@ -3,7 +3,7 @@ version: "3.8" services: app: - image: "gitea/gitea:1.18.0-rootless" + image: "gitea/gitea:1.18.2-rootless" configs: - source: app_ini target: /etc/gitea/app.ini @@ -61,7 +61,7 @@ services: - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolalloworiginlist=https://${GITEA_CORS_ALLOW_DOMAIN}" - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolmaxage=100" - "traefik.http.middlewares.${STACK_NAME}_cors.headers.addvaryheader=true" - - coop-cloud.${STACK_NAME}.version=2.0.0+1.18.0-rootless + - coop-cloud.${STACK_NAME}.version=2.0.1+1.18.2-rootless networks: From cd0fff667aad31e9b18a7e3bc04f20f667177393 Mon Sep 17 00:00:00 2001 From: 3wc <3wc@doesthisthing.work> Date: Fri, 20 Jan 2023 10:27:11 -0800 Subject: [PATCH 10/14] Automatically generate catalogue on release [mass update] Re: coop-cloud/recipes-catalogue-json#4 --- .drone.yml | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/.drone.yml b/.drone.yml index 868beb0..d84d926 100644 --- a/.drone.yml +++ b/.drone.yml @@ -37,11 +37,17 @@ trigger: - master --- kind: pipeline -name: recipe release +name: generate recipe catalogue steps: - name: release a new version - image: thecoopcloud/drone-abra:latest + image: plugins/downstream settings: - command: recipe gitea release - deploy_key: - from_secret: abra_bot_deploy_key + server: https://build.coopcloud.tech + token: + from_secret: drone_abra-bot_token + fork: true + repositories: + - coop-cloud/auto-recipes-catalogue-json + +trigger: + event: tag From 63118ecbd875fb047bf4e98bd8f52924639e37d1 Mon Sep 17 00:00:00 2001 From: 3wc <3wc@doesthisthing.work> Date: Fri, 20 Jan 2023 11:58:41 -0800 Subject: [PATCH 11/14] Fix CI by adding networks: [mass update] --- .drone.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.drone.yml b/.drone.yml index d84d926..cae255a 100644 --- a/.drone.yml +++ b/.drone.yml @@ -7,6 +7,8 @@ steps: settings: host: swarm-test.autonomic.zone stack: gitea + networks: + - proxy generate_secrets: true purge: true deploy_key: From a04fe41c1b20514a58c66f40e33f75898f973eea Mon Sep 17 00:00:00 2001 From: 3wc <3wc@doesthisthing.work> Date: Fri, 20 Jan 2023 22:38:13 -0800 Subject: [PATCH 12/14] Specify mariadb for tests --- .drone.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.drone.yml b/.drone.yml index cae255a..2729e42 100644 --- a/.drone.yml +++ b/.drone.yml @@ -14,6 +14,7 @@ steps: deploy_key: from_secret: drone_ssh_swarm_test environment: + COMPOSE_FILE: compose.yml:compose.mariadb.yml APP_INI_VERSION: v1 DOCKER_SETUP_SH_VERSION: v1 DOMAIN: gitea.swarm-test.autonomic.zone From 9cf26a01540992ad54c5053edb62caaffd8e70c5 Mon Sep 17 00:00:00 2001 From: 3wc <3wc@doesthisthing.work> Date: Fri, 20 Jan 2023 23:31:14 -0800 Subject: [PATCH 13/14] Switch to thecoopcloud/stack-ssh-deploy --- .drone.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index 2729e42..1dacea8 100644 --- a/.drone.yml +++ b/.drone.yml @@ -3,7 +3,7 @@ kind: pipeline name: deploy to swarm-test.autonomic.zone steps: - name: deployment - image: decentral1se/stack-ssh-deploy:latest + image: thecoopcloud/stack-ssh-deploy:latest settings: host: swarm-test.autonomic.zone stack: gitea @@ -13,8 +13,8 @@ steps: purge: true deploy_key: from_secret: drone_ssh_swarm_test + compose: "compose.yml:compose.mariadb.yml" environment: - COMPOSE_FILE: compose.yml:compose.mariadb.yml APP_INI_VERSION: v1 DOCKER_SETUP_SH_VERSION: v1 DOMAIN: gitea.swarm-test.autonomic.zone From 8b466acf66d7a1b1efcfedd642406a59e57c59e7 Mon Sep 17 00:00:00 2001 From: Cassowary Rusnov Date: Wed, 15 Mar 2023 13:18:39 -0700 Subject: [PATCH 14/14] chore: publish 2.1.0+1.18.5-rootless release --- compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/compose.yml b/compose.yml index 10456e0..0a3e130 100644 --- a/compose.yml +++ b/compose.yml @@ -3,7 +3,7 @@ version: "3.8" services: app: - image: "gitea/gitea:1.18.2-rootless" + image: "gitea/gitea:1.18.5-rootless" configs: - source: app_ini target: /etc/gitea/app.ini @@ -61,7 +61,7 @@ services: - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolalloworiginlist=https://${GITEA_CORS_ALLOW_DOMAIN}" - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolmaxage=100" - "traefik.http.middlewares.${STACK_NAME}_cors.headers.addvaryheader=true" - - coop-cloud.${STACK_NAME}.version=2.0.1+1.18.2-rootless + - coop-cloud.${STACK_NAME}.version=2.1.0+1.18.5-rootless networks: