commit 057f15e1a2c9dbc74cd297857c0336fbd4b97f64 Author: hoostine Date: Thu May 23 04:28:17 2024 +0000 first diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..b576de6 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,7 @@ +ARG GITEA_VERSION=1.21.10 + +FROM gitea/gitea:${GITEA_VERSION} + +COPY ./docker/entrypoint / +ENTRYPOINT ["/docker-entrypoint.sh", "/usr/bin/entrypoint"] +CMD ["/bin/s6-svscan","/etc/s6"] diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..09c26cb --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,53 @@ +networks: + gitea: + external: false + caddy_caddy: + external: true +volumes: + git-nfs: + driver_opts: + type: "nfs" + o: "addr=10.0.20.252,rw,noatime,nolock,soft,rsize=131072,wsize=131072,tcp,timeo=14" + device: ":/mnt/pile/drive/git" + +services: + gitea: + image: gitea/gitea:1.21.10 + container_name: gitea + environment: + - USER_UID=1000 + - USER_GID=1000 + - GITEA__database__DB_TYPE=postgres + - GITEA__database__HOST=DOCKER-SECRET->gitea.db.host + - GITEA__database__NAME=DOCKER-SECRET->gitea.db.name + - GITEA__database__USER=DOCKER-SECRET->gitea.db.user + - GITEA__database__PASSWD=DOCKER-SECRET->gitea.db.passwd + restart: always + networks: + - gitea + - caddy_caddy + volumes: + - type: volume + source: git-nfs + target: /data + volume: + subpath: gitea + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + secrets: + - gitea.db.user + - gitea.db.passwd + - gitea.db.name + - gitea.db.host + ports: + - "3000:3000" + - "222:22" +secrets: + gitea.db.user: + external: true + gitea.db.passwd: + external: true + gitea.db.name: + external: true + gitea.db.host: + external: true diff --git a/docker/entrypoint/docker-entrypoint.d/.env-from-docker-secrets b/docker/entrypoint/docker-entrypoint.d/.env-from-docker-secrets new file mode 100755 index 0000000..b141ce6 --- /dev/null +++ b/docker/entrypoint/docker-entrypoint.d/.env-from-docker-secrets @@ -0,0 +1,45 @@ +# EXPANDING VARIABLES FROM DOCKER SECRETS +: ${ENV_SECRETS_DIR:=/run/secrets} + +env_secret_debug() +{ + if [ ! -z "$ENV_SECRETS_DEBUG" ]; then + echo -e "\033[1m$@\033[0m" + fi +} + +# usage: env_secret_expand VAR +# ie: env_secret_expand 'XYZ_DB_PASSWORD' +# (will check for "$XYZ_DB_PASSWORD" variable value for a placeholder that defines the +# name of the docker secret to use instead of the original value. For example: +# XYZ_DB_PASSWORD="DOCKER-SECRET->:my-db_secret" +env_secret_expand() { + var="$1" + eval val=\$$var + if secret_name=$(expr match "$val" "DOCKER-SECRET->\([^}]\+\)$"); then + secret="${ENV_SECRETS_DIR}/${secret_name}" + env_secret_debug "Secret file for $var: $secret" + if [ -f "$secret" ]; then + val=$(cat "${secret}") + export "$var"="$val" + env_secret_debug "Expanded variable: $var=$val" + else + env_secret_debug "Secret file does not exist! $secret" + fi + fi +} + +env_secrets_expand() { + for env_var in $(printenv | cut -f1 -d"=") + do + env_secret_expand $env_var + done + + if [ ! -z "$ENV_SECRETS_DEBUG" ]; then + echo -e "\n\033[1mExpanded environment variables\033[0m" + printenv + fi +} + +env_secrets_expand + diff --git a/docker/entrypoint/docker-entrypoint.sh b/docker/entrypoint/docker-entrypoint.sh new file mode 100755 index 0000000..c0abbd7 --- /dev/null +++ b/docker/entrypoint/docker-entrypoint.sh @@ -0,0 +1,32 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +. /docker-entrypoint.d/.env-from-docker-secrets + +if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + + echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + find "/docker-entrypoint.d/" -follow -type f -print | sort -V | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo "$0: Ignoring $f, not executable"; + fi + ;; + *) echo "$0: Ignoring $f";; + esac +done + +echo "$0: Configuration complete; ready for start up" +else + echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" +fi + +exec "$@"