diff --git a/infrastructure/.env b/infrastructure/.env new file mode 100644 index 0000000..afd88be --- /dev/null +++ b/infrastructure/.env @@ -0,0 +1,41 @@ +# base domain +BASE_DOMAIN=192-168-1-151.nip.io + +# Traefik server host +TRAEFIK_HOST=traefik.demo.${BASE_DOMAIN} + +MAIL_HOST=mail.demo.${BASE_DOMAIN} + +# forgejo server address +FORGEJO_HOST=git.demo.${BASE_DOMAIN} +FORGEJO_URL=https://${FORGEJO_HOST} + +# Woodpecker server host +WOODPECKER_HOST=ci.demo.${BASE_DOMAIN} +# Woodpecker server address +WOODPECKER_URL=https://${WOODPECKER_HOST} + +# Shared secret used by server and agents to authenticate communication (can be generated by 'openssl rand -hex 32') +WOODPECKER_AGENT_SECRET=CHANGE_ME +# Comma-separated list of admin accounts +#WOODPECKER_ADMIN=CHANGE_ME +WOODPECKER_ADMIN=fjadmin + +WOODPECKER_FORGEJO_URL=${FORGEJO_URL} +WOODPECKER_FORGEJO_CLIENT=7b9c8359-fe2c-4b9a-a33e-c62b35bf879e +WOODPECKER_FORGEJO_SECRET=gto_rfr7enegvbgwsf7fajzqiiq4z6rqsmsufb3v4u2xolswm5ch2m7q + +# Renovate +RENOVATE_TOKEN=CHANGE_ME + +# Registry +REGISTRY_HOST=container.demo.${BASE_DOMAIN} +REGISTRY_UI_HOST=container-ui.demo.${BASE_DOMAIN} + +REPOSILITE_HOST=mvn.demo.${BASE_DOMAIN} +REPOSILITE_JAVA_COMPOSE_OPTS= +REPOSILITE_MEMORY=256M +REPOSILITE_COMPOSE_OPTS="--token admin:changeme" +REPOSILITE_PORT=8080 + +VERDACCIO_HOST=npm.demo.${BASE_DOMAIN} diff --git a/infrastructure/docker-compose.yml b/infrastructure/docker-compose.yml index 66bc353..3d1870c 100644 --- a/infrastructure/docker-compose.yml +++ b/infrastructure/docker-compose.yml @@ -35,8 +35,7 @@ services: - "2222:222/tcp" # The Web UI (enabled by '--api.dashboard=true' and '--api.insecure=true') - "8181:8080" - networks: - - proxy + network_mode: host volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" - "./traefik/traefik.yml:/etc/traefik/traefik.yml:ro" @@ -56,6 +55,12 @@ services: ports: - "1080:1080" - "1025:1025" + labels: + - "traefik.enable=true" + - "traefik.http.routers.mail.rule=Host(`${MAIL_HOST}`)" + - "traefik.http.routers.mail.tls=true" + - "traefik.http.routers.mail.entrypoints=https" + - "traefik.http.services.mail.loadbalancer.server.port=1080" forgejo: image: codeberg.org/forgejo/forgejo:1.20 @@ -68,12 +73,19 @@ services: - FORGEJO__database__NAME=forgejo - FORGEJO__database__USER=forgejo - FORGEJO__database__PASSWD=forgejo + - FORGEJO__server__ROOT_URL=${FORGEJO_URL} - FORGEJO__webhook__SKIP_TLS_VERIFY=true - FORGEJO__webhook__ALLOWED_HOST_LIST=external,* - FORGEJO__webhook__DELIVER_TIMEOUT=20 - FORGEJO__mailer__SMTP_ADDR=smtp - FORGEJO__mailer__SMTP_PORT=1025 + - FORGEJO__mailer__SMTP_ENABLED=true + - FORGEJO__server__LFS_START_SERVER=true + - FORGEJO__CRON__ENABLED=true + - FORGEJO__service__DISABLE_REGISTRATION=true restart: always + ports: + - "3000:3000" networks: - forgejo - proxy @@ -186,7 +198,7 @@ services: - "traefik.http.services.regui.loadbalancer.passhostheader=true" mvn-registry: image: ghcr.io/dzikoysk/reposilite:3.4.10 - container_name: mvn-registry + container_name: reposilite deploy: resources: limits: @@ -202,9 +214,9 @@ services: tty: true labels: - "traefik.enable=true" - - "traefik.http.routers.artifacts.rule=Host(`${ARTIFACTS_HOST}`)" - - "traefik.http.routers.artifacts.entrypoints=http" - - "traefik.http.services.artifacts.loadbalancer.server.port=8080" + - "traefik.http.routers.mvn.rule=Host(`${REPOSILITE_HOST}`)" + - "traefik.http.routers.mvn.entrypoints=http" + - "traefik.http.services.mvn.loadbalancer.server.port=${REPOSILITE_PORT}" verdaccio: image: verdaccio/verdaccio:5 container_name: verdaccio @@ -217,9 +229,10 @@ services: networks: - proxy labels: - - "traefik.http.routers.artifacts.rule=Host(`${VERDACCIO_HOST}`)" - - "traefik.http.routers.artifacts.entrypoints=http" - - "traefik.http.services.artifacts.loadbalancer.server.port=4873" + - "traefik.enable=true" + - "traefik.http.routers.npm.rule=Host(`${VERDACCIO_HOST}`)" + - "traefik.http.routers.npm.entrypoints=http" + - "traefik.http.services.npm.loadbalancer.server.port=4873" # #watchtower: # image: containrrr/watchtower:latest