version: '3.8' x-traefik-enable-labels: &traefik-labels traefik.enable: "true" traefik.swarm.network: "traefik" traefik.constraint-label: "traefik" x-api-deploy: &api-deployment mode: replicated update_config: parallelism: 1 delay: 5s order: start-first failure_action: rollback rollback_config: order: start-first restart_policy: condition: on-failure delay: 5s max_attempts: 3 window: 120s services: gitea: image: gitea/gitea:1.23.7 environment: - USER_UID=1000 - USER_GID=1000 - GITEA__database__DB_TYPE=mysql - GITEA__database__HOST=database:3306 - GITEA__database__NAME=gitea - GITEA__database__USER=gitea - GITEA__database__PASSWD=${GITEA_DB_PASSWORD} - GITEA__server__ROOT_URL=https://gitea.szabolcsi.dev - GITEA__server__START_SSH_SERVER=false - GITEA__admin__DISABLE_REGULAR_ORG_CREATION=true - GITEA__service__DISABLE_REGISTRATION=true - GITEA__service__DEFAULT_USER_VISIBILITY=private - GITEA__service__DEFAULT_ORG_VISIBILITY=private - GITEA__session__PROVIDER=file networks: - local - traefik - runner volumes: - gitea:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro ports: - "222:22" deploy: replicas: 1 <<: *api-deployment labels: <<: *traefik-labels demo.label: "alma" traefik.http.routers.gitea.rule: "Host(`gitea.szabolcsi.dev`)" traefik.http.routers.gitea.entrypoints: "https" traefik.http.routers.gitea.tls: "true" traefik.http.routers.gitea.tls.certresolver: "letsencrypt" traefik.http.services.gitea.loadbalancer.server.port: "3000" #traefik.http.services.gitea.loadbalancer.healthCheck.path: "/" #traefik.http.services.gitea.loadbalancer.healthCheck.interval: "30s" #traefik.http.services.gitea.loadbalancer.healthCheck.timeout: "1s" gitea-runner: image: gitea/act_runner:0.2.11 environment: - GITEA_INSTANCE_URL=http://services_gitea:3000 - GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_TOKEN} - CONFIG_FILE=/config.yaml networks: - local - runner volumes: - /var/run/docker.sock:/var/run/docker.sock - gitea-runner:/data configs: - source: gitea_runner target: /config.yaml deploy: replicas: 1 mode: replicated update_config: parallelism: 1 delay: 5s order: stop-first failure_action: rollback rollback_config: order: stop-first restart_policy: condition: on-failure delay: 5s max_attempts: 3 window: 120s placement: constraints: - node.labels.gitea.runner == true proxy: image: haproxy:3.1.7-alpine networks: local: aliases: - database - portainer.szabolcsi.dev runner: aliases: - portainer.szabolcsi.dev database: aliases: - services-proxy portainer: aliases: - service-proxy configs: - source: haproxy target: /usr/local/etc/haproxy/haproxy.cfg deploy: replicas: 1 <<: *api-deployment networks: local: name: services driver: overlay internal: true ipam: config: - subnet: 172.30.14.0/24 runner: name: gitea-runner driver: overlay internal: false attachable: true ipam: config: - subnet: 172.30.15.0/24 traefik: external: true database: external: true portainer: external: true volumes: gitea: name: gitea-data driver: local driver_opts: type: nfs device: ":/nfs_share/services/gitea" o: "addr=10.0.0.3,rw,soft,nfsvers=4" gitea-runner: name: gitea-runner-data driver: local configs: haproxy: name: "${HAPROXY_CONFIG_NAME}" external: true gitea_runner: name: "${GITEA_RUNNER_CONFIG_NAME}" external: true