diff --git a/hosts/home-morefine/docker/gitea/.env b/hosts/home-morefine/docker/gitea/.env new file mode 100644 index 0000000..921b4d8 --- /dev/null +++ b/hosts/home-morefine/docker/gitea/.env @@ -0,0 +1,18 @@ +# Host git user. Owns git repo. Used for Ssh +USER=git +USER_UID=134 +USER_GID=139 + +GITEA__DATABASE__DB_TYPE=postgres +GITEA__DATABASE__HOST=db:5432 +GITEA__DATABASE__NAME=gitea +GITEA__DATABASE__USER=gitea +#GITEA__DATABASE__PASSWD=secrets.sops.env + +GITEA__MAILER__ENABLED=true +GITEA__MAILER__FROM=gitea@catmedved.com +GITEA__MAILER__PROTOCOL=smtp+starttls +GITEA__MAILER__SMTP_PORT=587 +GITEA__MAILER__SMTP_ADDR=smtp.fastmail.com +#GITEA__MAILER__USER=secrets.sops.env +#GITEA__MAILER__PASSWD=secrets.sops.env diff --git a/hosts/home-morefine/docker/gitea/docker-compose.yaml b/hosts/home-morefine/docker/gitea/docker-compose.yaml new file mode 100644 index 0000000..9e3718a --- /dev/null +++ b/hosts/home-morefine/docker/gitea/docker-compose.yaml @@ -0,0 +1,43 @@ +services: + gitea: + image: gitea/gitea:latest + container_name: gitea + env_file: + - .env + restart: unless-stopped + networks: + - caddy_internal + - gitea_db_net + volumes: + - /srv/rundata/gitea/data:/data + # `authorized_keys` file is shared between the host git user and the container git user + - /home/git/.ssh:/data/git/.ssh + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + #- "3007:3000" + - "127.0.0.1:2222:22" # SSHing Shim (with authorized_keys) + depends_on: + - gitea_db + + gitea_db: + image: postgres:14 + container_name: gitea_pg_db + restart: unless-stopped + environment: + - USER_UID=${USER_UID} + - USER_GID=${USER_GID} + - POSTGRES_USER=${GITEA__DATABASE__USER} + - POSTGRES_PASSWORD=${GITEA__DATABASE__PASSWD} + - POSTGRES_DB=${GITEA__DATABASE__NAME} + networks: + - gitea_db_net + volumes: + - /srv/rundata/gitea/postgres:/var/lib/postgresql/data + +networks: + caddy_internal: + name: caddy_internal + external: true + gitea_db_net: + internal: true diff --git a/hosts/home-morefine/docker/gitea/secrets.sops.env b/hosts/home-morefine/docker/gitea/secrets.sops.env new file mode 100644 index 0000000..036d41b --- /dev/null +++ b/hosts/home-morefine/docker/gitea/secrets.sops.env @@ -0,0 +1,11 @@ +GITEA__DATABASE__PASSWD=ENC[AES256_GCM,data:MXvGPgNtBYhm+6K4,iv:yPKVBAbx+C2Sg40C27bU1S59GF62oK5ON57BiMkc2PE=,tag:q1LQA6oPAei0zBCOLNCXcA==,type:str] +GITEA__MAILER__USER=ENC[AES256_GCM,data:pmX02eG9T2u44g5fADVOPmtr,iv:cGr4PF7p9apeyQ0AzstESZ38hE33YL7ISKbqR3bxc1o=,tag:uMwBTvyCMXhlPEsERH4CCw==,type:str] +GITEA__MAILER__PASSWD=ENC[AES256_GCM,data:V3Q/B1RXqBrqyrk/3mrPMQ==,iv:dkFVuC6zFh0lE4C5Cbo0BDplx4gnJxCZWeuAGb/AHm0=,tag:YaV+Z+MYn6Sl0BsB5n5cYQ==,type:str] +sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGQVA0U24xcTk2UDdOdnlz\nYnk0UHZ1T1BVcEJwN2ExVmlQLzRFdk10dkRFClN3SWkrakxLOEo0T0hwK2ZhaEdI\nNnFYM1kvZGhDL3lEZlUwbnZXbFRpWEUKLS0tIHRseWVwNUIwREFFMXdGbjY0VVF1\nSnY1cVdKQWxuUFJCTzdrWVNhcThhQ1EKPXVMMmutPt2wF6aJCA++3r4o1b+bMXUn\nfHw4Sx8ZhcGoMfN35dGGODLwpd1ZwpanVyjme3YjRytitT0UIXayXg==\n-----END AGE ENCRYPTED FILE-----\n +sops_age__list_0__map_recipient=age1ua9qahphsqf2x8ew2n4umapp23a66t0eccccc0d5etp82n8tsqgsfc8qjk +sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNNEVaWjcxT3JxenE5MTRJ\nQXM2TWFCbm1pZHpESzB0M1lHdGphL2JYTUVJCjdnTHkra3lubkhRblhtVWZnM3Z6\nQzFsc2t0a1BRcHdyT2RDYmFpc1R1VlUKLS0tIGtCYmNYcCtaUW5abjA2OVFzNjBU\neGNlZ1FEeWQ3aVYzdmsveUFnMXgvMlUKloULOaPVfDlwaq0Mf9VB08+ySUqaINen\niMJe2XOqVYflJNn334yuuLfnC5lTeowkCedFd4BlS1TxNld+64ewLw==\n-----END AGE ENCRYPTED FILE-----\n +sops_age__list_1__map_recipient=age1nw388umnlxfj3cg9lqjyltghfx6w709nam8s2x826c3nxla9famq3uya73 +sops_lastmodified=2026-02-12T08:48:06Z +sops_mac=ENC[AES256_GCM,data:1RngTw6NF9uPiIfCFQjjjzyVFaEpXJBeeL3VmbtKhQMTTPC415Ozuqk79GOhVBn6asSoa0GYMwMtrRMasVNYdxpuMCmYSmfQU+P7OjZyYqRKY+53Bur+C7uJnzKk/FIE4E5/vfk10OZ4MongW7Vk9YHcbg4cRPS/Tjk5znkHjDQ=,iv:+wPd1yxadhjsNesC501Rfl3IHFICy9HdgZX8DYiBh5M=,tag:FBFtY8bCfXEj4RAjSLSvvQ==,type:str] +sops_unencrypted_suffix=_unencrypted +sops_version=3.11.0