106 lines
3.6 KiB
YAML
106 lines
3.6 KiB
YAML
version: "3"
|
|
|
|
networks:
|
|
gitea:
|
|
external: false
|
|
|
|
volumes:
|
|
gitea-data:
|
|
postgres-data:
|
|
traefik-certs:
|
|
|
|
services:
|
|
traefik:
|
|
image: traefik:v2.9
|
|
container_name: traefik
|
|
restart: always
|
|
ports:
|
|
- "80:80" # HTTP
|
|
- "443:443" # HTTPS
|
|
- "8080:8080" # Dashboard
|
|
networks:
|
|
- gitea
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
- traefik-certs:/letsencrypt
|
|
command:
|
|
- "--providers.docker=true"
|
|
- "--providers.docker.exposedbydefault=false"
|
|
- "--providers.docker.network=gitea-docker_gitea"
|
|
- "--entrypoints.web.address=:80"
|
|
- "--entrypoints.websecure.address=:443"
|
|
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
|
|
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
|
|
- "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
|
|
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
|
|
- "--certificatesresolvers.letsencrypt.acme.email=bennett.l.david@gmail.com"
|
|
- "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
|
|
- "--api=true"
|
|
- "--api.dashboard=true"
|
|
- "--api.insecure=true"
|
|
- "--log.level=DEBUG"
|
|
|
|
server:
|
|
image: gitea/gitea:latest
|
|
container_name: gitea
|
|
environment:
|
|
- USER_UID=1000
|
|
- USER_GID=1000
|
|
- GITEA__database__DB_TYPE=postgres
|
|
- GITEA__database__HOST=db:5432
|
|
- GITEA__database__NAME=gitea
|
|
- GITEA__database__USER=gitea
|
|
- GITEA__database__PASSWD=gitea
|
|
# Server Configuration
|
|
- GITEA__server__DOMAIN=bee8333.ddns.net
|
|
- GITEA__server__ROOT_URL=https://bee8333.ddns.net/
|
|
- GITEA__server__PROTOCOL=http
|
|
- GITEA__server__HTTP_PORT=3000
|
|
- GITEA__server__SSH_DOMAIN=bee8333.ddns.net
|
|
- GITEA__server__SSH_PORT=2224
|
|
- GITEA__server__SSH_LISTEN_PORT=22
|
|
- GITEA__server__START_SSH_SERVER=false
|
|
- GITEA__server__OFFLINE_MODE=false
|
|
- GITEA__server__ENABLE_GZIP=true
|
|
# Reverse Proxy Settings
|
|
- GITEA__server__USE_PROXY_PROTOCOL=false
|
|
- GITEA__server__PROXY_PROTOCOL_TLS_BRIDGING=false
|
|
restart: always
|
|
networks:
|
|
- gitea
|
|
volumes:
|
|
- gitea-data:/data
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
ports:
|
|
- "2224:22" # SSH: Host port 2224 -> Container port 22
|
|
depends_on:
|
|
- db
|
|
labels:
|
|
- "traefik.enable=true"
|
|
# HTTP Configuration for HTTPS access
|
|
- "traefik.http.routers.gitea.rule=Host(`bee8333.ddns.net`)"
|
|
- "traefik.http.routers.gitea.entrypoints=websecure"
|
|
- "traefik.http.routers.gitea.tls.certresolver=letsencrypt"
|
|
- "traefik.http.services.gitea.loadbalancer.server.port=3000"
|
|
- "traefik.http.middlewares.gitea-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
|
|
- "traefik.http.routers.gitea.middlewares=gitea-headers@docker"
|
|
# HTTP Configuration for HTTP -> HTTPS redirection
|
|
- "traefik.http.routers.gitea-http.rule=Host(`bee8333.ddns.net`)"
|
|
- "traefik.http.routers.gitea-http.entrypoints=web"
|
|
- "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
|
|
- "traefik.http.middlewares.https-redirect.redirectscheme.permanent=true"
|
|
- "traefik.http.routers.gitea-http.middlewares=https-redirect@docker"
|
|
|
|
db:
|
|
image: postgres:14
|
|
container_name: gitea-db
|
|
restart: always
|
|
environment:
|
|
- POSTGRES_USER=gitea
|
|
- POSTGRES_PASSWORD=gitea
|
|
- POSTGRES_DB=gitea
|
|
networks:
|
|
- gitea
|
|
volumes:
|
|
- postgres-data:/var/lib/postgresql/data |