58 lines
2.1 KiB
YAML
58 lines
2.1 KiB
YAML
services:
|
|
# Forgejo git forge (git.nasarek.dev). Replaces GitLab.
|
|
forgejo:
|
|
image: codeberg.org/forgejo/forgejo:${FORGEJO_VERSION:-11}
|
|
container_name: forgejo
|
|
environment:
|
|
USER_UID: 1000
|
|
USER_GID: 1000
|
|
FORGEJO__database__DB_TYPE: postgres
|
|
FORGEJO__database__HOST: postgres:5432
|
|
FORGEJO__database__NAME: ${FORGEJO_DB_NAME}
|
|
FORGEJO__database__USER: ${FORGEJO_DB_USER}
|
|
FORGEJO__database__PASSWD: ${FORGEJO_DB_PASSWORD}
|
|
FORGEJO__server__DOMAIN: ${FORGEJO_DOMAIN}
|
|
FORGEJO__server__ROOT_URL: https://${FORGEJO_DOMAIN}/
|
|
FORGEJO__server__SSH_DOMAIN: ${FORGEJO_DOMAIN}
|
|
FORGEJO__server__HTTP_PORT: "3000"
|
|
# Advertised in clone URLs (Traefik forgejo-ssh entrypoint, formerly GitLab's port).
|
|
FORGEJO__server__SSH_PORT: "2424"
|
|
FORGEJO__server__SSH_LISTEN_PORT: "22"
|
|
FORGEJO__actions__ENABLED: "true"
|
|
# Skip the web installer; auto-migrate against Postgres on boot.
|
|
FORGEJO__security__INSTALL_LOCK: "true"
|
|
FORGEJO__service__DISABLE_REGISTRATION: "true"
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.docker.network=traefik
|
|
# HTTP
|
|
- traefik.http.routers.forgejo.rule=Host(`${FORGEJO_DOMAIN}`)
|
|
- traefik.http.routers.forgejo.entrypoints=web,websecure
|
|
- traefik.http.routers.forgejo.middlewares=https-redirect
|
|
- traefik.http.routers.forgejo.tls=true
|
|
- traefik.http.routers.forgejo.tls.certresolver=le
|
|
- traefik.http.services.forgejo.loadbalancer.server.port=3000
|
|
# SSH over dedicated Traefik TCP entrypoint (port 2424)
|
|
- "traefik.tcp.routers.forgejo-ssh.rule=HostSNI(`*`)"
|
|
- "traefik.tcp.routers.forgejo-ssh.entrypoints=forgejo-ssh"
|
|
- "traefik.tcp.services.forgejo-ssh.loadbalancer.server.port=22"
|
|
volumes:
|
|
- forgejo-data:/data
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
networks:
|
|
- traefik
|
|
- database
|
|
restart: unless-stopped
|
|
|
|
volumes:
|
|
forgejo-data:
|
|
name: forgejo-data
|
|
|
|
networks:
|
|
traefik:
|
|
name: traefik
|
|
external: true
|
|
database:
|
|
name: database
|
|
external: true
|