Michael Schiemer
77abc65cd7
Some checks failed
Deploy Application / deploy (push) Has been cancelled
121 lines
3.0 KiB
YAML
121 lines
3.0 KiB
YAML
services:
|
|
gitea:
|
|
image: gitea/gitea:latest
|
|
container_name: gitea
|
|
restart: unless-stopped
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
redis:
|
|
condition: service_started
|
|
networks:
|
|
- traefik-public
|
|
- infrastructure
|
|
environment:
|
|
- TZ=Europe/Berlin
|
|
- USER_UID=1000
|
|
- USER_GID=1000
|
|
- POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
|
|
volumes:
|
|
- gitea-data:/data
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
secrets:
|
|
- postgres_password
|
|
labels:
|
|
- "traefik.enable=true"
|
|
|
|
# HTTP Router configuration
|
|
- "traefik.http.routers.gitea.rule=Host(`git.michaelschiemer.de`)"
|
|
- "traefik.http.routers.gitea.entrypoints=websecure"
|
|
- "traefik.http.routers.gitea.tls=true"
|
|
- "traefik.http.routers.gitea.tls.certresolver=letsencrypt"
|
|
- "traefik.http.routers.gitea.priority=100"
|
|
|
|
# Service configuration
|
|
- "traefik.http.services.gitea.loadbalancer.server.port=3000"
|
|
|
|
# X-Forwarded-Proto header
|
|
- "traefik.http.middlewares.gitea-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
|
|
- "traefik.http.routers.gitea.middlewares=gitea-headers@docker"
|
|
- "traefik.http.routers.gitea.service=gitea"
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost:3000/api/healthz"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 30s
|
|
|
|
postgres:
|
|
image: postgres:16-alpine
|
|
container_name: gitea-postgres
|
|
restart: unless-stopped
|
|
networks:
|
|
- infrastructure
|
|
environment:
|
|
- TZ=Europe/Berlin
|
|
- POSTGRES_DB=gitea
|
|
- POSTGRES_USER=gitea
|
|
- POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
|
|
command: >
|
|
postgres
|
|
-c max_connections=300
|
|
-c authentication_timeout=180
|
|
-c statement_timeout=30000
|
|
-c idle_in_transaction_session_timeout=30000
|
|
volumes:
|
|
- gitea-postgres-data:/var/lib/postgresql/data
|
|
secrets:
|
|
- postgres_password
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U gitea -d gitea"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 30s
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
container_name: gitea-redis
|
|
restart: unless-stopped
|
|
networks:
|
|
- infrastructure
|
|
environment:
|
|
- TZ=Europe/Berlin
|
|
command: >
|
|
redis-server
|
|
--appendonly yes
|
|
--maxmemory 512mb
|
|
--maxmemory-policy allkeys-lru
|
|
volumes:
|
|
- gitea-redis-data:/data
|
|
healthcheck:
|
|
test: ["CMD", "redis-cli", "ping"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 10s
|
|
|
|
networks:
|
|
traefik-public:
|
|
external: true
|
|
name: traefik-public
|
|
infrastructure:
|
|
external: true
|
|
name: infrastructure
|
|
|
|
volumes:
|
|
gitea-data:
|
|
name: gitea-data
|
|
gitea-postgres-data:
|
|
name: gitea-postgres-data
|
|
gitea-redis-data:
|
|
name: gitea-redis-data
|
|
|
|
secrets:
|
|
postgres_password:
|
|
file: ./secrets/postgres_password.txt
|
|
redis_password:
|
|
file: ./secrets/redis_password.txt
|
|
|