127 lines
4.8 KiB
YAML
127 lines
4.8 KiB
YAML
services:
|
|
gitea:
|
|
image: docker.gitea.com/gitea:1.23.8
|
|
container_name: gitea
|
|
restart: always
|
|
environment:
|
|
- GITEA_CUSTOM=/etc/gitea
|
|
volumes:
|
|
- ./hdd0/gitea:/data
|
|
- ./config/gitea:/etc/gitea
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
labels:
|
|
- traefik.enable=true
|
|
# HTTP/S
|
|
- traefik.http.routers.gitea.rule=Host(`git.bouvais.lu`)
|
|
- traefik.http.routers.gitea.entrypoints=websecure
|
|
- traefik.http.routers.gitea.tls.certresolver=myresolver
|
|
- traefik.http.services.gitea.loadbalancer.server.port=3000
|
|
# SSH
|
|
- traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)
|
|
- traefik.tcp.routers.gitea-ssh.entrypoints=ssh
|
|
- traefik.tcp.services.gitea-ssh.loadbalancer.server.port=22
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: 4G
|
|
cpus: 2
|
|
reservations:
|
|
memory: 512M
|
|
cpus: 1
|
|
|
|
gitea-runner:
|
|
image: docker.io/gitea/act_runner:latest
|
|
container_name: gitea-runner
|
|
restart: unless-stopped
|
|
environment:
|
|
CONFIG_FILE: /config.yaml
|
|
GITEA_INSTANCE_URL: https://git.bouvais.lu/
|
|
GITEA_RUNNER_REGISTRATION_TOKEN: jBEK4cLzDp2wqv1Ru3SHyzC0xzl1FV94IcsGe5kd
|
|
volumes:
|
|
- ./config/gitea-runner/config.yaml:/config.yaml
|
|
- ./hdd0/gitea-runner:/data
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
- ./hdd0/mkdocs-sites:/sites
|
|
|
|
registry:
|
|
image: registry:2
|
|
container_name: registry
|
|
restart: unless-stopped
|
|
environment:
|
|
- REGISTRY_AUTH_HTPASSWD_REALM=Bouvais Registry
|
|
- REGISTRY_AUTH_HTPASSWD_PATH=/etc/docker/registry/htpasswd
|
|
- REGISTRY_HTTP_SECRET=${MASTER_PASSWORD}
|
|
- REGISTRY_HEALTH_STORAGEDRIVER_ENABLED=true
|
|
- REGISTRY_STORAGE_DELETE_ENABLED=true
|
|
volumes:
|
|
- ./hdd0/registry/data:/var/lib/registry
|
|
- ./hdd0/registry/htpasswd:/etc/docker/registry/htpasswd:ro
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.registry.rule=Host(`registry.bouvais.lu`)
|
|
- traefik.http.routers.registry.entrypoints=websecure
|
|
- traefik.http.routers.registry.tls.certresolver=myresolver
|
|
- traefik.http.services.registry.loadbalancer.server.port=5000
|
|
|
|
registry-ui:
|
|
image: joxit/docker-registry-ui:latest
|
|
container_name: registry-ui
|
|
depends_on: [registry]
|
|
restart: unless-stopped
|
|
environment:
|
|
- DELETE_IMAGES=true
|
|
- REGISTRY_TITLE=Bouvais Docker Registry
|
|
- NGINX_PROXY_PASS_URL=http://registry:5000
|
|
- SINGLE_REGISTRY=true
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.registry_ui.rule=Host(`registry-ui.bouvais.lu`)
|
|
- traefik.http.routers.registry_ui.entrypoints=websecure
|
|
- traefik.http.routers.registry_ui.tls.certresolver=myresolver
|
|
- traefik.http.services.registry_ui.loadbalancer.server.port=80
|
|
|
|
garage:
|
|
image: dxflrs/garage:v2.1.0
|
|
container_name: garage
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ./config/garage/garage.toml:/etc/garage.toml
|
|
- ./hdd0/garage/meta:/var/lib/garage/meta
|
|
- ./hdd0/garage/data:/var/lib/garage/data
|
|
environment:
|
|
- RUST_LOG=garage=info
|
|
labels:
|
|
- traefik.enable=true
|
|
|
|
# S3 API
|
|
- traefik.http.routers.garages3.rule=Host(`s3.garage.bouvais.lu`)
|
|
- traefik.http.routers.garages3.entrypoints=websecure
|
|
- traefik.http.routers.garages3.tls.certresolver=myresolver
|
|
- traefik.http.routers.garages3.service=garages3
|
|
- traefik.http.services.garages3.loadbalancer.server.port=3900
|
|
|
|
# Admin API
|
|
- traefik.http.routers.garageadmin.rule=Host(`admin.garage.bouvais.lu`)
|
|
- traefik.http.routers.garageadmin.entrypoints=websecure
|
|
- traefik.http.routers.garageadmin.tls.certresolver=myresolver
|
|
- traefik.http.routers.garageadmin.service=garageadmin
|
|
- traefik.http.services.garageadmin.loadbalancer.server.port=3903
|
|
|
|
# Web (Garage's internal web endpoint)
|
|
- traefik.http.routers.garageweb.rule=Host(`web.garage.bouvais.lu`)
|
|
- traefik.http.routers.garageweb.entrypoints=websecure
|
|
- traefik.http.routers.garageweb.tls.certresolver=myresolver
|
|
- traefik.http.routers.garageweb.service=garageweb_svc
|
|
- traefik.http.services.garageweb_svc.loadbalancer.server.port=3902
|
|
|
|
- traefik.http.routers.mystaticsite.rule=Host(`zig-dimal.bouvais.lu`)
|
|
- traefik.http.routers.mystaticsite.entrypoints=websecure
|
|
- traefik.http.routers.mystaticsite.tls.certresolver=myresolver
|
|
- traefik.http.routers.mystaticsite.service=garageweb_svc
|
|
|
|
- traefik.http.routers.mystaticsite.rule=Host(`zigma.bouvais.lu`)
|
|
- traefik.http.routers.mystaticsite.entrypoints=websecure
|
|
- traefik.http.routers.mystaticsite.tls.certresolver=myresolver
|
|
- traefik.http.routers.mystaticsite.service=garageweb_svc
|