nixos-servers/legacy/projects/docker_swarm/ansible/roles/forgejo/docker-stack.yml.j2
2024-01-01 13:16:11 +01:00

56 lines
1.5 KiB
Django/Jinja

# vi: ft=yaml
version: "3"
networks:
traefik:
external: true
configs:
config:
external: true
name: "{{ config.config_name }}"
volumes:
forgejo:
driver_opts:
type: "nfs"
o: "addr=lewis.dmz,nolock,soft,rw"
device: ":/mnt/data/nfs/forgejo"
services:
forgejo:
image: codeberg.org/forgejo/forgejo:1.20
environment:
- USER_UID=1000
- USER_GID=1000
networks:
- traefik
ports:
- "{{ git_ssh_port }}:22"
volumes:
- type: volume
source: forgejo
target: /data
volume:
nocopy: true
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
deploy:
placement:
constraints:
- node.role == manager
labels:
- traefik.port=443
- traefik.enable=true
- traefik.http.routers.forgejo.entrypoints=websecure
- traefik.http.routers.forgejo.rule=Host(`{{ git_domain }}`)
- traefik.http.routers.forgejo.tls=true
- traefik.http.routers.forgejo.tls.certresolver=letsencrypt
- traefik.http.routers.forgejo.service=forgejo
- traefik.http.services.forgejo.loadbalancer.server.port=3000
- traefik.docker.network=traefik
- traefik.http.middlewares.set-forwarded-for.headers.hostsProxyHeaders=X-Forwarded-For
- traefik.http.routers.forgejo.middlewares=set-forwarded-for
configs:
- source: config
target: /data/gitea/conf/app.ini