ChenKaiLiuG/docker_stack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
docker_stack/karylab-entrance/gitea.yml
ChenKaiLiuG 997d078b64 Add FRP
2026-02-28 04:38:23 +08:00

112 lines
3.1 KiB
YAML
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
version: "3"
services:
# 1. 資料庫服務
db:
image: postgres:14
container_name: gitea_db
restart: always
environment:
- POSTGRES_USER=gitea
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=gitea
networks:
gitea-net:
ipv4_address: 172.24.0.3
volumes:
- postgres_db:/var/lib/postgresql/data
# 2. Gitea 主程式
server:
image: gitea/gitea:latest
container_name: gitea_server
restart: always
environment:
- USER_UID=1000
- USER_GID=1000
# 資料庫連線設定
- GITEA__database__DB_TYPE=postgres
- GITEA__database__HOST=db:5432
- GITEA__database__NAME=gitea
- GITEA__database__USER=gitea
- GITEA__database__PASSWD=${POSTGRES_PASSWORD}
# 啟用 Actions (關鍵設定)
- GITEA__actions__ENABLED=true
# 開啟內建 Registry 功能
- GITEA__packages__ENABLED=true
# 允許發送 webhook 到內部 IP
- GITEA__webhook__ALLOWED_HOST_LIST=*
networks:
gitea-net:
ipv4_address: 172.24.0.10
webproxy: {}
depends_on:
- db
ports:
- "7800:3000" # 網頁瀏覽埠
- "7822:22" # SSH Clone 埠
volumes:
- /mnt/data/External/gitea/gitea_data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
# 3. DinD Service (新增:獨立的 Docker Daemon)
docker:
image: docker:dind
container_name: gitea_dind
restart: always
privileged: true # DinD 必須開啟此權限才能運作
environment:
- DOCKER_TLS_CERTDIR= # 設為空字串以關閉 TLS簡化內部連線
# 允許連回 Gitea 的 Registry (因為是 HTTP)
# 設置 DNS 讓內部容器能解析 gitea-net 的 service name
command:
- "dockerd"
- "--host=unix:///var/run/docker.sock"
- "--host=tcp://0.0.0.0:2375"
- "--insecure-registry=172.24.0.10:3000"
- "--insecure-registry=server:3000"
- "--dns=172.24.0.1"
- "--dns=8.8.8.8"
networks:
gitea-net:
ipv4_address: 172.24.0.11
volumes:
- gitea_docker_certs:/certs/client
- gitea_docker_data:/var/lib/docker # 持久化,避免重啟後又要重新 pull image
# 4. Actions Runner (負責跑自動化腳本)
runner:
image: gitea/act_runner:latest
container_name: gitea_runner
restart: always
networks:
gitea-net:
ipv4_address: 172.24.0.5
volumes:
- /mnt/data/External/gitea/runner_data:/data
environment:
- CONFIG_FILE=/data/config.yaml
# 注意Runner 需要註冊 Token我們在啟動後手動輸入一次即可
- GITEA_INSTANCE_URL=http://server:3000
# 關鍵修改:告訴 Runner 不要找 Socket而是用 TCP 連線到 docker 容器
- DOCKER_HOST=tcp://docker:2375
- GITEA_RUNNER_REGISTRATION_TOKEN=${REGISTRATION_TOKEN}
depends_on:
- server
- docker
volumes:
postgres_db:
gitea_docker_certs:
gitea_docker_data:
networks:
gitea-net:
driver: bridge
ipam:
config:
- subnet: 172.24.0.0/16
# npm bridge
webproxy:
external: true
Reference in New Issue View Git Blame Copy Permalink