Add gitea service config
This commit is contained in:
Kacper Donat
parent
a90296fa41
commit
ad30e792d5
2
services/gitea/bin/gitea-ssh-forward
Executable file
2
services/gitea/bin/gitea-ssh-forward
Executable file
@ -0,0 +1,2 @@
|
||||
#!/bin/sh
|
||||
ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
|
||||
44
services/gitea/stack.yml
Normal file
44
services/gitea/stack.yml
Normal file
@ -0,0 +1,44 @@
|
||||
version: "{{ compose_version }}"
|
||||
|
||||
volumes:
|
||||
db_data: ~
|
||||
|
||||
services:
|
||||
server:
|
||||
image: gitea/gitea:1.13.4
|
||||
environment:
|
||||
- USER_UID={{ git_user.uid }}
|
||||
- USER_GID={{ git_user.group }}
|
||||
- ROOT_URL=http://git.kadet.local/
|
||||
- DB_TYPE=mysql
|
||||
- DB_HOST=db:3306
|
||||
- DB_NAME=gitea
|
||||
- DB_USER=gitea
|
||||
- DB_PASSWD=gitea
|
||||
ports:
|
||||
- 127.0.0.1:2222:22
|
||||
networks:
|
||||
- "{{ ingress_network }}"
|
||||
- default
|
||||
depends_on: ['db']
|
||||
volumes:
|
||||
- "{{ repositories_path }}:/data"
|
||||
- "{{ git_user.home }}/.ssh:/data/git/.ssh"
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.{{ service }}.rule=Host(`git.kadet.local`)
|
||||
- traefik.http.services.{{ service }}.loadbalancer.server.port=3000
|
||||
|
||||
db:
|
||||
image: mysql:5.7
|
||||
restart: always
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=gitea
|
||||
- MYSQL_USER=gitea
|
||||
- MYSQL_PASSWORD=gitea
|
||||
- MYSQL_DATABASE=gitea
|
||||
volumes:
|
||||
- db_data:/var/lib/mysql
|
||||
34
services/gitea/tasks/setup.yml
Normal file
34
services/gitea/tasks/setup.yml
Normal file
@ -0,0 +1,34 @@
|
||||
---
|
||||
- name: 'Ensure repositories directory exists'
|
||||
file:
|
||||
path: "{{ repositories_path }}"
|
||||
state: directory
|
||||
owner: "{{ ansible_user }}"
|
||||
|
||||
- name: 'Create git user for ssh access'
|
||||
user:
|
||||
name: git
|
||||
shell: /bin/bash
|
||||
system: yes
|
||||
password: '!'
|
||||
state: present
|
||||
generate_ssh_key: yes
|
||||
register: git_user
|
||||
|
||||
- name: 'Add host key for gitea SSH passthrough'
|
||||
ansible.posix.authorized_key:
|
||||
user: "{{ git_user.name }}"
|
||||
key: "{{ git_user.ssh_public_key }}"
|
||||
state: present
|
||||
manage_dir: False
|
||||
|
||||
- name: 'Ensure /app/gitea exists'
|
||||
file:
|
||||
path: "/app/gitea"
|
||||
state: directory
|
||||
|
||||
- name: 'Copy gitea-ssh-forward script to remote'
|
||||
copy:
|
||||
src: "{{ service_path }}/bin/gitea-ssh-forward"
|
||||
dest: "/app/gitea/gitea"
|
||||
|
||||
2
services/gitea/vars/main.yml
Normal file
2
services/gitea/vars/main.yml
Normal file
@ -0,0 +1,2 @@
|
||||
---
|
||||
repositories_path: /var/repositories
|
||||
@ -1,13 +0,0 @@
|
||||
version: "{{ compose_version }}"
|
||||
|
||||
services:
|
||||
rest:
|
||||
image: thomaspoignant/hello-world-rest-json
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.{{ service }}.rule=Host(`kadet.local`) && PathPrefix(`/hello/`)
|
||||
- traefik.http.routers.{{ service }}.middlewares={{ service }}-strip
|
||||
- traefik.http.services.{{ service }}.loadbalancer.server.port=8080
|
||||
- traefik.http.middlewares.{{ service }}-strip.stripprefix.prefixes=/hello/
|
||||
networks: ['traefik']
|
||||
@ -1,2 +0,0 @@
|
||||
---
|
||||
service_port: 80
|
||||
@ -37,13 +37,13 @@ entryPoints:
|
||||
#
|
||||
# Optional
|
||||
#
|
||||
#log:
|
||||
log:
|
||||
# Log level
|
||||
#
|
||||
# Optional
|
||||
# Default: "ERROR"
|
||||
#
|
||||
# level: DEBUG
|
||||
level: DEBUG
|
||||
|
||||
# Sets the filepath for the traefik log. If not specified, stdout will be used.
|
||||
# Intermediate directories are created if necessary.
|
||||
@ -51,14 +51,14 @@ entryPoints:
|
||||
# Optional
|
||||
# Default: os.Stdout
|
||||
#
|
||||
# filePath: log/traefik.log
|
||||
filePath: os.Stdout
|
||||
|
||||
# Format is either "json" or "common".
|
||||
#
|
||||
# Optional
|
||||
# Default: "common"
|
||||
#
|
||||
# format: json
|
||||
format: common
|
||||
|
||||
################################################################
|
||||
# Access logs configuration
|
||||
@ -70,21 +70,21 @@ entryPoints:
|
||||
#
|
||||
# Optional
|
||||
#
|
||||
#accessLog:
|
||||
accessLog:
|
||||
# Sets the file path for the access log. If not specified, stdout will be used.
|
||||
# Intermediate directories are created if necessary.
|
||||
#
|
||||
# Optional
|
||||
# Default: os.Stdout
|
||||
#
|
||||
# filePath: /path/to/log/log.txt
|
||||
filePath: os.Stdout
|
||||
|
||||
# Format is either "json" or "common".
|
||||
#
|
||||
# Optional
|
||||
# Default: "common"
|
||||
#
|
||||
# format: json
|
||||
format: common
|
||||
|
||||
################################################################
|
||||
# API and dashboard configuration
|
||||
@ -134,3 +134,4 @@ providers:
|
||||
endpoint: "unix:///var/run/docker.sock"
|
||||
swarmMode: true
|
||||
exposedByDefault: false
|
||||
network: "traefik"
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
version: "{{ compose_version }}"
|
||||
|
||||
services:
|
||||
traefik:
|
||||
ingress:
|
||||
image: traefik:v2.4
|
||||
ports:
|
||||
- 80:80
|
||||
@ -14,4 +14,4 @@ services:
|
||||
placement:
|
||||
constraints:
|
||||
- node.role == manager
|
||||
networks: ['traefik']
|
||||
networks: ['{{ ingress_network }}']
|
||||
|
||||
@ -8,3 +8,5 @@ remote_services_root: /var/services
|
||||
remote_service_path: "{{ remote_services_root }}/{{ service }}"
|
||||
|
||||
compose_version: "3.7"
|
||||
|
||||
ingress_network: traefik
|
||||
|
||||
Loading…
Reference in New Issue
Block a user