Compare commits
11 Commits
2.8.0+1.21
...
push-to-cr
| Author | SHA1 | Date | |
|---|---|---|---|
| ace3ff1b4a | |||
| daf4a26f72 | |||
| 7fec94eaec | |||
| 0bfb666dd0 | |||
| 2554109fab | |||
| bd57d6121b | |||
| cae11a78e6 | |||
| 8e8809fd07 | |||
| 24e4b09b07 | |||
| 43d43fb2b7 | |||
| c5dada903e |
@ -17,6 +17,7 @@ steps:
|
||||
environment:
|
||||
APP_INI_VERSION: v1
|
||||
DOCKER_SETUP_SH_VERSION: v1
|
||||
PG_BACKUP_VERSION: v1
|
||||
DOMAIN: gitea.swarm-test.autonomic.zone
|
||||
GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION: true
|
||||
GITEA_APP_NAME: Git with solidaritea
|
||||
|
||||
@ -3,6 +3,7 @@ TYPE=gitea
|
||||
DOMAIN=gitea.example.com
|
||||
LETS_ENCRYPT_ENV=production
|
||||
COMPOSE_FILE="compose.yml"
|
||||
ENABLE_BACKUPS=true
|
||||
COMPOSE_FILE="$COMPOSE_FILE:compose.mariadb.yml"
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.postgres.yml"
|
||||
|
||||
@ -29,6 +30,8 @@ GITEA_DEFAULT_USER_VISIBILITY=limited
|
||||
GITEA_ALLOWED_USER_VISIBILITY_MODES=limited,private
|
||||
GITEA_DEFAULT_ORG_VISIBILITY=limited
|
||||
GITEA_REQUIRE_SIGNIN_VIEW=true
|
||||
GITEA_ENABLE_PUSH_CREATE_USER=false
|
||||
GITEA_ENABLE_PUSH_CREATE_ORG=false
|
||||
|
||||
GITEA_REPO_UPLOAD_ENABLED=true
|
||||
GITEA_REPO_UPLOAD_ALLOWED_TYPES=*/*
|
||||
@ -50,7 +53,8 @@ SECRET_SECRET_KEY_VERSION=v1 # length=64
|
||||
# SMTP Mailer
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
|
||||
# GITEA_SMTP_MAILER_ENABLED=1
|
||||
# GITEA_MAILER_HOST=mail.gandi.net:465
|
||||
# GITEA_MAILER_ADDR=mail.gandi.net
|
||||
# GITEA_MAILER_PORT=465
|
||||
# SECRET_SMTP_PASSWORD_VERSION=v1
|
||||
|
||||
# OATH2 Options
|
||||
|
||||
3
abra.sh
3
abra.sh
@ -1,5 +1,6 @@
|
||||
export APP_INI_VERSION=v17
|
||||
export APP_INI_VERSION=v20
|
||||
export DOCKER_SETUP_SH_VERSION=v1
|
||||
export PG_BACKUP_VERSION=v1
|
||||
|
||||
abra_backup_app() {
|
||||
_abra_backup_dir "app:/var/lib/gitea"
|
||||
|
||||
@ -30,6 +30,8 @@ ENABLE_OPENID_SIGNUP = {{ env "GITEA_ENABLE_OPENID_SIGNUP" }}
|
||||
|
||||
[repository]
|
||||
DEFAULT_BRANCH = main
|
||||
ENABLE_PUSH_CREATE_USER = {{ env "GITEA_ENABLE_PUSH_CREATE_USER" }}
|
||||
ENABLE_PUSH_CREATE_ORG = {{ env "GITEA_ENABLE_PUSH_CREATE_ORG" }}
|
||||
|
||||
[repository.upload]
|
||||
ENABLED = {{ env "GITEA_REPO_UPLOAD_ENABLED" }}
|
||||
@ -71,11 +73,12 @@ JWT_SECRET = {{ secret "jwt_secret" }}
|
||||
[mailer]
|
||||
ENABLED = true
|
||||
FROM = {{ env "GITEA_MAILER_FROM" }}
|
||||
HOST = {{ env "GITEA_MAILER_HOST" }}
|
||||
PROTOCOL = smtps
|
||||
SMTP_ADDR = {{ env "GITEA_MAILER_ADDR" }}
|
||||
SMTP_PORT = {{ env "GITEA_MAILER_PORT" }}
|
||||
USER = {{ env "GITEA_MAILER_USER" }}
|
||||
PASSWD = {{ secret "smtp_password" }}
|
||||
MAILER_TYPE = smtp
|
||||
IS_TLS_ENABLED = true
|
||||
{{ end }}
|
||||
|
||||
{{ if eq (env "GITEA_OAUTH2_CLIENT_ENABLED") "1" }}
|
||||
|
||||
@ -2,4 +2,4 @@ version: '3.8'
|
||||
|
||||
services:
|
||||
app:
|
||||
image: codeberg.org/forgejo/forgejo:1.21.11-1-rootless
|
||||
image: codeberg.org/forgejo/forgejo:9.0.1-rootless
|
||||
|
||||
@ -11,10 +11,9 @@ services:
|
||||
image: "mariadb:10.11.2"
|
||||
deploy:
|
||||
labels:
|
||||
backupbot.backup: "true"
|
||||
backupbot.backup.pre-hook: 'mysqldump --single-transaction -u root -p"$$(cat /run/secrets/db_root_password)" gitea > /var/lib/mysql/backup.sql'
|
||||
backupbot.backup.post-hook: "rm -rf /var/lib/mysql/backup.sql"
|
||||
backupbot.backup.path: "/var/lib/mysql/backup.sql"
|
||||
backupbot.backup.volumes.mariadb.path: "backup.sql"
|
||||
backupbot.restore.post-hook: "mariadb -u root -p\"$$(cat /run/secrets/db_root_password)\" gitea < /var/lib/mysql/backup.sql"
|
||||
command: |
|
||||
mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
|
||||
environment:
|
||||
@ -40,4 +39,3 @@ secrets:
|
||||
|
||||
volumes:
|
||||
mariadb:
|
||||
internal:
|
||||
|
||||
@ -8,13 +8,12 @@ services:
|
||||
- GITEA_DB_NAME=gitea
|
||||
- GITEA_DB_USER=gitea
|
||||
db:
|
||||
image: postgres:15.7
|
||||
image: postgres:15.8
|
||||
deploy:
|
||||
labels:
|
||||
backupbot.backup: "true"
|
||||
backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/backup.sql"
|
||||
backupbot.backup.post-hook: "rm -r /var/lib/postgresql/data/backup.sql"
|
||||
backupbot.backup.path: "/var/lib/postgresql/data"
|
||||
backupbot.backup.pre-hook: "/pg_backup.sh backup"
|
||||
backupbot.backup.volumes.db.path: "backup.sql"
|
||||
backupbot.restore.post-hook: '/pg_backup.sh restore'
|
||||
environment:
|
||||
- POSTGRES_DB=gitea
|
||||
- POSTGRES_USER=gitea
|
||||
@ -25,6 +24,10 @@ services:
|
||||
- db:/var/lib/postgresql/data
|
||||
networks:
|
||||
- internal
|
||||
configs:
|
||||
- source: pg_backup
|
||||
target: /pg_backup.sh
|
||||
mode: 0555
|
||||
|
||||
secrets:
|
||||
db_password:
|
||||
@ -33,4 +36,8 @@ secrets:
|
||||
|
||||
volumes:
|
||||
db:
|
||||
internal:
|
||||
|
||||
configs:
|
||||
pg_backup:
|
||||
name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
|
||||
file: pg_backup.sh
|
||||
|
||||
@ -5,7 +5,8 @@ services:
|
||||
app:
|
||||
environment:
|
||||
- GITEA_MAILER_FROM
|
||||
- GITEA_MAILER_HOST
|
||||
- GITEA_MAILER_ADDR
|
||||
- GITEA_MAILER_PORT
|
||||
- GITEA_MAILER_USER
|
||||
secrets:
|
||||
- smtp_password
|
||||
|
||||
@ -3,7 +3,7 @@ version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
image: "gitea/gitea:1.21.11-rootless"
|
||||
image: "gitea/gitea:1.22.3-rootless"
|
||||
configs:
|
||||
- source: app_ini
|
||||
target: /etc/gitea/app.ini
|
||||
@ -71,7 +71,7 @@ services:
|
||||
failure_action: rollback
|
||||
order: start-first
|
||||
labels:
|
||||
- "backupbot.backup=true"
|
||||
- "backupbot.backup=${ENABLE_BACKUPS:-true}"
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
|
||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||
@ -85,7 +85,7 @@ services:
|
||||
- "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolalloworiginlist=https://${GITEA_CORS_ALLOW_DOMAIN}"
|
||||
- "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolmaxage=100"
|
||||
- "traefik.http.middlewares.${STACK_NAME}_cors.headers.addvaryheader=true"
|
||||
- coop-cloud.${STACK_NAME}.version=2.8.0+1.21.11-rootless
|
||||
- coop-cloud.${STACK_NAME}.version=3.0.1+1.22.3-rootless
|
||||
|
||||
|
||||
networks:
|
||||
|
||||
34
pg_backup.sh
Normal file
34
pg_backup.sh
Normal file
@ -0,0 +1,34 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
BACKUP_FILE='/var/lib/postgresql/data/backup.sql'
|
||||
|
||||
function backup {
|
||||
export PGPASSWORD=$(cat $POSTGRES_PASSWORD_FILE)
|
||||
pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE
|
||||
}
|
||||
|
||||
function restore {
|
||||
cd /var/lib/postgresql/data/
|
||||
restore_config(){
|
||||
# Restore allowed connections
|
||||
cat pg_hba.conf.bak > pg_hba.conf
|
||||
su postgres -c 'pg_ctl reload'
|
||||
}
|
||||
# Don't allow any other connections than local
|
||||
cp pg_hba.conf pg_hba.conf.bak
|
||||
echo "local all all trust" > pg_hba.conf
|
||||
su postgres -c 'pg_ctl reload'
|
||||
trap restore_config EXIT INT TERM
|
||||
|
||||
# Recreate Database
|
||||
psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);"
|
||||
createdb -U ${POSTGRES_USER} ${POSTGRES_DB}
|
||||
psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE
|
||||
|
||||
trap - EXIT INT TERM
|
||||
restore_config
|
||||
}
|
||||
|
||||
$@
|
||||
3
release/3.0.0+1.22.2-rootless
Normal file
3
release/3.0.0+1.22.2-rootless
Normal file
@ -0,0 +1,3 @@
|
||||
BEWARE! 🚨 This release updates to the newer Gitea SMTP settings format.
|
||||
|
||||
If you are using SMTP, you will need to split the old GITEA_MAILER_HOST into separate GITEA_MAILER_ADDR (hostname) and GITEA_MAILER_PORT settings.
|
||||
Reference in New Issue
Block a user