Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 9d14b58

Browse files
feat(gitea): move to pgsql,networks,secrets,yaml extend
1 parent b4b973a commit 9d14b58

File tree

3 files changed

+101
-31
lines changed

3 files changed

+101
-31
lines changed
Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
changeME
Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
changeME

‎traefik-gitea/docker-compose.yml

Lines changed: 99 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,19 @@
11
---
22

3+
x-common: &x-common
4+
privileged: false
5+
volumes:
6+
- /etc/localtime:/etc/localtime:ro
7+
security_opt:
8+
- no-new-privileges=true
9+
tmpfs:
10+
- /tmp:rw,noexec,nosuid,size=32m
11+
ulimits:
12+
nproc: 6144
13+
nofile:
14+
soft: 6000
15+
hard: 12000
16+
317
services:
418
dockerproxy:
519
image: tecnativa/docker-socket-proxy:edge
@@ -41,11 +55,13 @@ services:
4155
TZ: "Europe/Paris"
4256

4357
traefik:
58+
<<: *x-common
4459
image: traefik:saintmarcelin
4560
restart: unless-stopped
4661
container_name: traefik
4762
networks:
4863
- dockerproxynet
64+
- oueb
4965
ports:
5066
- target : 80
5167
published : 80
@@ -60,7 +76,6 @@ services:
6076
- ./conf/traefik.yml:/etc/traefik/traefik.yml:ro
6177
- ./conf/traefikdynamic:/etc/traefik/dynamic:ro
6278
- ./logs/traefik.log:/etc/traefik/applog.log
63-
- /etc/localtime:/etc/localtime:ro
6479
#- /var/run/docker.sock:/var/run/docker.sock:ro
6580
environment:
6681
TZ: "Europe/Paris"
@@ -75,54 +90,107 @@ services:
7590
- dockerproxy
7691

7792
giteadb:
78-
image: mysql:8
79-
restart: unless-stopped
93+
<<: *x-common
94+
image: rapidfort/postgresql-official:15.5-bullseye
8095
container_name: giteadb
96+
restart: unless-stopped
8197
environment:
82-
MYSQL_ROOT_PASSWORD: ${SQLROOTGITEA}
83-
MYSQL_USER: ${SQLUSERGITEA}
84-
MYSQL_PASSWORD: ${SQLPASSWORDGITEA}
85-
MYSQL_DATABASE: ${SQLDBGITEA}
98+
POSTGRES_PASSWORD_FILE: /run/secrets/pgsql_password
99+
POSTGRES_DB: giteabase
100+
networks:
101+
- backendgitea
86102
volumes:
87-
- ./giteaSqldata:/var/lib/mysql
103+
- giteadbdata:/var/lib/postgresql/data
88104
healthcheck:
89-
test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
90-
timeout: 20s
91-
retries: 10
105+
test: ["CMD-SHELL", "pg_isready -d giteabase -U postgres"]
106+
start_period: 20s
107+
interval: 30s
108+
timeout: 5s
109+
retries: 3
110+
mem_limit: 256m
111+
memswap_limit: 256m
112+
mem_reservation: 128m
113+
secrets:
114+
- pgsql_password
92115

93-
sqlexportergitea:
94-
image: prom/mysqld-exporter
116+
giteadb-pgsql_exporter:
117+
<<: *x-common
118+
container_name: giteadb-pgsql_exporter
119+
image: quay.io/prometheuscommunity/postgres-exporter:v0.13.2
95120
restart: unless-stopped
96-
container_name: sqlexportergitea
121+
networks:
122+
- backendgitea
97123
environment:
98-
DATA_SOURCE_NAME: root:${SQLROOTGITEA}@(giteadb:3306)/${SQLDBGITEA}
99-
links:
100-
- giteadb
124+
DATA_SOURCE_URI: giteadb:5432?sslmode=disable
125+
DATA_SOURCE_USER: postgres
126+
DATA_SOURCE_PASS_FILE: /run/secrets/pgsql_password
101127
depends_on:
102-
- giteadb
103-
mem_limit: 128m
104-
mem_reservation: 64m
128+
giteadb:
129+
condition: service_healthy
130+
mem_limit: 64m
131+
memswap_limit: 64m
132+
mem_reservation: 32m
133+
secrets:
134+
- pgsql_password
105135

106136
gitea:
107-
image: gitea/gitea:1.19
108-
restart: unless-stopped
137+
<<: *x-common
109138
container_name: gitea
139+
image: gitea/gitea:1.21-rootless
140+
restart: unless-stopped
110141
environment:
111-
GITEA__database__DB_TYPE: mysql
112-
GITEA__database__HOST: giteadb:3306
113-
GITEA__database__NAME: ${SQLDBGITEA}
114-
GITEA__database__USER: ${SQLUSERGITEA}
115-
GITEA__database__PASSWD: ${SQLPASSWORDGITEA}
142+
GITEA__database__DB_TYPE: postgres
143+
GITEA__database__HOST: giteadb:5432
144+
GITEA__database__NAME: giteabase
145+
GITEA__database__USER: postgres
146+
GITEA__database__PASSWD__FILE: /run/secrets/pgsql_password
147+
GITEA__mailer__ENABLED: true
148+
GITEA__mailer__FROM: no-reply@your-domain.net
149+
GITEA__mailer__MAILER_TYPE: smtp
150+
GITEA__mailer__SMTP_ADDR: mail.domain.com
151+
GITEA__mailer__IS_TLS_ENABLED: true
152+
GITEA__mailer__USER: no-reply@your-domain.net
153+
GITEA__mailer__PASSWD__FILE: /run/secrets/smtp_password
154+
USER_UID: 1000
155+
USER_GID: 1000
156+
networks:
157+
- backendgitea
158+
- oueb
116159
volumes:
117-
- ./gitea:/data
118-
- /etc/timezone:/etc/timezone:ro
119-
- /etc/localtime:/etc/localtime:ro
160+
- giteadata:/var/lib/gitea
161+
- ./configGitea:/etc/gitea
120162
depends_on:
121-
- giteadb
163+
giteadb:
164+
condition: service_healthy
165+
healthcheck:
166+
test: ["CMD", "curl", "-f", "http://localhost:3000/api/healthz"]
167+
interval: 30s
168+
timeout: 5s
169+
retries: 3
170+
mem_limit: 256m
171+
memswap_limit: 256m
172+
mem_reservation: 128m
173+
secrets:
174+
- pgsql_password
175+
- smtp_password
176+
177+
secrets:
178+
pgsql_password:
179+
file: .secrets/pgsql_password.txt
180+
smtp_password:
181+
file: .secrets/smtp_password.txt
122182

123183
networks:
184+
backendgitea:
185+
124186
dockerproxynet:
125187
name: dockerproxynet
126188
ipam:
127189
config:
128190
- subnet: 172.16.10.0/24
191+
192+
oueb:
193+
194+
volumes:
195+
giteadata:
196+
giteadbdata:

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /