init

2026-02-19 11:34:13 +00:00
commit f243f440c3
191 changed files with 6183 additions and 0 deletions
--- a/ansible/roles/gitea/templates/docker-compose.yml.j2
+++ b/ansible/roles/gitea/templates/docker-compose.yml.j2
@@ -0,0 +1,78 @@
+version: "3.9"
+
+services:
+  postgres:
+    image: postgres:15
+    container_name: postgres
+    restart: always
+
+    environment:
+      POSTGRES_DB: ${POSTGRES_DB}
+      POSTGRES_USER: ${POSTGRES_USER}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+
+    volumes:
+      - ./data/postgres:/var/lib/postgresql/data
+
+    networks:
+      - gitea_net
+
+  gitea:
+    image: gitea/gitea:latest
+    container_name: gitea
+    restart: always
+
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+
+      # DB
+      - GITEA__database__DB_TYPE=postgres
+      - GITEA__database__HOST=postgres:5432
+      - GITEA__database__NAME=${POSTGRES_DB}
+      - GITEA__database__USER=${POSTGRES_USER}
+      - GITEA__database__PASSWD=${POSTGRES_PASSWORD}
+
+      # basic
+      - GITEA__server__DOMAIN=${GITEA_URL}
+      - GITEA__server__ROOT_URL=https://${GITEA_URL}/
+      - GITEA__server__SSH_DOMAIN=${GITEA_URL}
+      - GITEA__server__HTTP_PORT=3000
+      - GITEA__server__SSH_PORT=2222
+
+      # security
+      - GITEA__security__INSTALL_LOCK=true
+      - GITEA__service__DISABLE_REGISTRATION=true
+
+    volumes:
+      - ./data/gitea:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+
+    depends_on:
+      - postgres
+
+    networks:
+      - gitea_net
+
+  nginx:
+    image: nginx:stable
+    container_name: nginx
+    restart: always
+
+    ports:
+      - "80:80"
+      - "443:443"
+
+    volumes:
+      - ./nginx:/etc/nginx/conf.d
+      - /etc/letsencrypt:/etc/letsencrypt:ro
+
+    depends_on:
+      - gitea
+
+    networks:
+      - gitea_net
+
+networks:
+  gitea_net:
--- a/ansible/roles/gitea/templates/nginx/nginx.conf.j2
+++ b/ansible/roles/gitea/templates/nginx/nginx.conf.j2
@@ -0,0 +1,23 @@
+server {
+    listen 80;
+    server_name gitea.quietblock.net;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name gitea.quietblock.net;
+
+    ssl_certificate /etc/letsencrypt/live/gitea.quietblock.net/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/gitea.quietblock.net/privkey.pem;
+
+    location / {
+        proxy_pass http://gitea:3000;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-Proto https;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+    client_max_body_size 50M;
+}