Last active
January 3, 2021 16:29
-
-
Save vosi/74e80501541d4e725b6d2b158d5490ba to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: "3" | |
services: | |
app: | |
image: gitea/gitea:1 | |
environment: | |
- RUN_MODE=prod | |
- USER_UID=1000 | |
- USER_GID=1000 | |
- DB_TYPE=postgres | |
- DB_HOST=_db_host_ | |
- DB_NAME=_db_name_ | |
- DB_USER=_db_user_ | |
- DB_PASSWD=_db_pass_ | |
- SSH_DOMAIN=_ssh_domain_ | |
- DOMAIN=_domain_ | |
- PROTOCOL=https | |
- SECRET_KEY=_secret_key_ | |
- DISABLE_REGISTRATION=true | |
- REQUIRE_SIGNIN_VIEW=true | |
restart: always | |
volumes: | |
- ./gitea:/data | |
- /etc/timezone:/etc/timezone:ro | |
- /etc/localtime:/etc/localtime:ro | |
networks: | |
- default | |
- web | |
# ports: | |
# - "3000:3000" | |
# - "22:22" | |
labels: | |
- "traefik.enable=true" | |
- "traefik.docker.network=web" | |
- "traefik.tcp.routers.githost-ssh.rule=HostSNI(`*`)" | |
- "traefik.tcp.routers.githost-ssh.entrypoints=ssh" | |
- "traefik.tcp.routers.githost-ssh.service=githost-ssh-svc" | |
- "traefik.tcp.services.githost-ssh-svc.loadbalancer.server.port=2222" | |
- "traefik.http.routers.githost-http.tls=true" | |
- "traefik.http.routers.githost-http.tls.certresolver=acmetls" | |
- "traefik.http.routers.githost-http.rule=Host(`_domain_`)" | |
- "traefik.http.routers.githost-http.entrypoints=websecure" | |
- "traefik.http.routers.githost-http.service=githost-http-svc" | |
- "traefik.http.services.githost-http-svc.loadbalancer.server.port=3000" | |
registry: | |
image: registry:2 | |
restart: always | |
volumes: | |
- ./registry/stor:/var/lib/registry | |
- ./registry/auth:/auth | |
- ./registry/config.yml:/etc/docker/registry/config.yml | |
networks: | |
- default | |
- web | |
labels: | |
- "traefik.enable=true" | |
- "traefik.docker.network=web" | |
- "traefik.http.routers.registry-http.tls=true" | |
- "traefik.http.routers.registry-http.tls.certresolver=acmetls" | |
- "traefik.http.routers.registry-http.rule=Host(`_registry_domain_`)" | |
- "traefik.http.routers.registry-http.entrypoints=websecure" | |
- "traefik.http.routers.registry-http.service=registry-http-svc" | |
- "traefik.http.services.registry-http-svc.loadbalancer.server.port=5000" | |
registry-cache: | |
image: registry:2 | |
restart: always | |
volumes: | |
- ./registry-cache/stor:/var/lib/registry | |
- ./registry-cache/config.yml:/etc/docker/registry/config.yml | |
networks: | |
- default | |
- web | |
labels: | |
- "traefik.enable=true" | |
- "traefik.docker.network=web" | |
- "traefik.http.routers.registry-cache-http.tls=true" | |
- "traefik.http.routers.registry-cache-http.tls.certresolver=acmetls" | |
- "traefik.http.routers.registry-cache-http.rule=Host(`_registry_cache_domain_`)" | |
- "traefik.http.routers.registry-cache-http.entrypoints=websecure" | |
- "traefik.http.routers.registry-cache-http.service=registry-cache-http-svc" | |
- "traefik.http.services.registry-cache-http-svc.loadbalancer.server.port=5000" | |
drone-server: | |
image: drone/drone | |
restart: always | |
depends_on: | |
- app | |
environment: | |
- DRONE_AGENTS_ENABLED=true | |
- DRONE_GITEA_SERVER=https://_domain_ | |
- DRONE_GITEA_CLIENT_ID=_client_id_ | |
- DRONE_GITEA_CLIENT_SECRET=_client_secret_ | |
- DRONE_RPC_SECRET=_rpc_secret_ | |
- DRONE_SERVER_HOST=_drone_host_ | |
- DRONE_SERVER_PROTO=https | |
- DRONE_USER_CREATE=username:vosi,machine:false,admin:true | |
- DRONE_DATABASE_DRIVER=postgres | |
- DRONE_DATABASE_DATASOURCE=postgres://_db_username_:_db_password_@_db_host_:5432/drone?sslmode=disable | |
networks: | |
- default | |
- web | |
labels: | |
- "traefik.enable=true" | |
- "traefik.docker.network=web" | |
- "traefik.http.routers.drone-server.tls=true" | |
- "traefik.http.routers.drone-server.tls.certresolver=acmetls" | |
- "traefik.http.routers.drone-server.rule=Host(`_drone_host_`)" | |
- "traefik.http.routers.drone-server.entrypoints=websecure" | |
- "traefik.http.routers.drone-server.service=drone-server-svc" | |
- "traefik.http.services.drone-server-svc.loadbalancer.server.port=80" | |
drone-agent: | |
image: drone/agent | |
restart: always | |
depends_on: | |
- drone-server | |
volumes: | |
- /var/run/docker.sock:/var/run/docker.sock | |
environment: | |
- DRONE_RPC_PROTO=https | |
- DRONE_RPC_HOST=_drone_host_ | |
- DRONE_RPC_SECRET=_rpc_secret_ | |
- DRONE_RUNNER_CAPACITY=2 | |
- DRONE_RUNNER_NAME=agent1 | |
networks: | |
web: | |
external: true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment