stack
/
gitea
1
0
Fork 0
Code Issues Pull Requests 1 Actions Releases 1 Wiki Activity

Compare commits

merge into: stack:master
Branches Tags
stack:master
stack:actions
stack:build-tag
stack:testing
stack:promotions
stack:n80
stack:empty
stack:develop
stack:renovate/configure
stack:do
stack:home-deploy
stack:v0.1
stack:v0.0.7
stack:v0.0.6
stack:v0.0.5
stack:v0.0.4
stack:v0.0.3
stack:v0.0.2
stack:v0.0.1
...
pull from: stack:testing
Branches Tags
stack:actions
stack:master
stack:build-tag
stack:testing
stack:promotions
stack:n80
stack:empty
stack:develop
stack:renovate/configure
stack:do
stack:home-deploy
stack:v0.1
stack:v0.0.7
stack:v0.0.6
stack:v0.0.5
stack:v0.0.4
stack:v0.0.3
stack:v0.0.2
stack:v0.0.1

24 Commits
master ... testing

Author SHA1 Message Date
giles b9d46ec004 .
continuous-integration/drone/push Build is passing Details
2022-06-08 19:13:56 +01:00
giles 3b6c1749fa . 2022-06-08 19:05:00 +01:00
giles 088aba5587 . 2022-06-08 18:44:28 +01:00
giles f150903ca2 . 2022-06-08 18:39:19 +01:00
giles 88c6d9fbd3 . 2022-06-08 18:35:57 +01:00
giles c6340451c8 . 2022-06-08 18:16:09 +01:00
giles 9cfb962f52 . 2022-06-08 17:39:22 +01:00
giles eb09ddf03f . 2022-06-08 17:05:59 +01:00
giles 97158883f9 . 2022-06-08 16:54:04 +01:00
giles cd17876c94 . 2022-06-08 16:35:13 +01:00
giles dd7b63dd9b . 2022-06-08 16:18:52 +01:00
giles 734166d9f0 . 2022-06-08 16:16:30 +01:00
giles 05a934d88b . 2022-06-08 16:14:33 +01:00
giles 0c8b859444 . 2022-06-08 15:09:40 +01:00
giles 55c7291ef2 . 2022-06-08 15:06:51 +01:00
giles 47e6ea9472 . 2022-06-08 14:22:27 +01:00
giles cc64869c75 . 2022-06-08 14:21:34 +01:00
giles 70c3310f05 . 2022-06-08 14:16:14 +01:00
giles fa40bfcb42 . 2022-06-08 14:13:39 +01:00
giles f3a6fa1453 . 2022-06-08 13:00:46 +01:00
giles 4f61ffd783 . 2022-06-08 12:57:44 +01:00
giles 4869e2570a . 2022-06-08 12:52:31 +01:00
giles 33972dcd6b . 2022-06-08 10:31:46 +01:00
giles 40856ee0f7 .
continuous-integration/drone/push Build is passing Details
2022-06-07 17:02:54 +01:00
12 changed files with 597 additions and 358 deletions
Show Stats Expand all files Collapse all files

3
.drone/build.sh
View File

@ -1,5 +1,6 @@
sleep 10 sleep 10
docker build gitea \ docker build gitea \
--build-arg REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/ \
-t ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/gitea -t ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/gitea
#--build-arg REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/ \

5
.drone/deploy.sh
View File

@ -1,5 +1,6 @@
export LOCAL_DOCKER_REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/ \ echo $NAME \
&& export LOCAL_DOCKER_REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/ \
&& docker stack rm gitea \ && docker stack rm gitea \
&& echo 'sleeping...zzz' \ && echo 'sleeping...zzz' \
&& sleep 60 \ && sleep 10 \
&& docker stack deploy -c docker-compose.yml gitea --with-registry-auth && docker stack deploy -c docker-compose.yml gitea --with-registry-auth

6
.drone/drone-home.jsonnet
View File

@ -8,6 +8,7 @@ local registry = import 'node_modules/@sigyl/jsonnet-drone/registry.libsonnet';
local save = import 'node_modules/@sigyl/jsonnet-drone/save.libsonnet'; local save = import 'node_modules/@sigyl/jsonnet-drone/save.libsonnet';
local build = import 'node_modules/@sigyl/jsonnet-drone/build.libsonnet'; local build = import 'node_modules/@sigyl/jsonnet-drone/build.libsonnet';
local print = import 'node_modules/@sigyl/jsonnet-drone/print.libsonnet'; local print = import 'node_modules/@sigyl/jsonnet-drone/print.libsonnet';
local printSecrets = import 'node_modules/@sigyl/jsonnet-drone/print-secrets.libsonnet';
local config = { local config = {
registry: '', registry: '',
@ -42,6 +43,11 @@ local defs = [
publicSecrets, publicSecrets,
secretSecrets, secretSecrets,
), ),
printSecrets(config)(
[],
publicSecrets,
secretSecrets,
),
build(config)( build(config)(
[], [],
), ),

885
.drone/drone-home.yml
View File

@ -1,350 +1,547 @@
--- ---
kind: pipeline {
type: docker "clone": {
name: register "disable": true
},
platform: "kind": "pipeline",
os: linux "name": "register",
arch: amd64 "trigger": {
"event": {
clone: "exclude": [
disable: true "promote"
]
trigger: }
event: },
exclude: "type": "docker"
- promote }
--- ---
kind: pipeline {
type: docker "clone": {
name: registry "disable": true
},
platform: "image_pull_secrets": [
os: linux "dockerconfigjson"
arch: amd64 ],
"kind": "pipeline",
clone: "name": "registry",
disable: true "services": [
{
steps: "image": "docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f",
- name: gitea/gitea:1.12.3-linux-amd64 "name": "docker",
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f "privileged": true,
commands: "volumes": [
- set -e {
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n" "name": "dockersock",
- "n=0\nwhile :\ndo\n docker pull gitea/gitea:1.12.3-linux-amd64@sha256:38b8222941d8acffb7bb9c3fb0e9e0b657e06815a090f1fb11ed6900a3c9f384 \\\\\n && docker tag gitea/gitea:1.12.3-linux-amd64@sha256:38b8222941d8acffb7bb9c3fb0e9e0b657e06815a090f1fb11ed6900a3c9f384 $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 \\\\\n && docker push $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 && break\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"initialise failed\"\n exit 1\n fi\n echo \"retrying..$n\"\n sleep 5\ndone\n" "path": "/var/run"
volumes: },
- name: dockersock {
path: /var/run "name": "ca",
"path": "/etc/docker/certs.d"
services: },
- name: docker {
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f "name": "daemonjson",
privileged: true "path": "/etc/docker/daemon.json"
volumes: }
- name: dockersock ]
path: /var/run }
- name: ca ],
path: /etc/docker/certs.d "steps": [
- name: daemonjson {
path: /etc/docker/daemon.json "commands": [
"set -e",
volumes: "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n",
- name: dockersock "n=0\nwhile :\ndo\n docker pull gitea/gitea:1.12.3-linux-amd64@sha256:38b8222941d8acffb7bb9c3fb0e9e0b657e06815a090f1fb11ed6900a3c9f384 \\\\\n && docker tag gitea/gitea:1.12.3-linux-amd64@sha256:38b8222941d8acffb7bb9c3fb0e9e0b657e06815a090f1fb11ed6900a3c9f384 $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 \\\\\n && docker push $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 && break\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"initialise failed\"\n exit 1\n fi\n echo \"retrying..$n\"\n sleep 5\ndone\n"
temp: {} ],
- name: ca "environment": { },
host: "image": "docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f",
path: /etc/docker/certs.d "name": "gitea/gitea:1.12.3-linux-amd64",
- name: daemonjson "volumes": [
host: {
path: /etc/docker/daemon.json "name": "dockersock",
"path": "/var/run"
image_pull_secrets: }
- dockerconfigjson ]
}
trigger: ],
event: "trigger": {
- promote "event": [
target: "promote"
- registry ],
"target": [
"registry"
]
},
"type": "docker",
"volumes": [
{
"name": "dockersock",
"temp": { }
},
{
"host": {
"path": "/etc/docker/certs.d"
},
"name": "ca"
},
{
"host": {
"path": "/etc/docker/daemon.json"
},
"name": "daemonjson"
}
]
}
--- ---
kind: pipeline {
type: docker "clone": {
name: save "disable": true
},
platform: "kind": "pipeline",
os: linux "name": "save",
arch: amd64 "steps": [
{
clone: "image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
disable: true "name": "mkdir",
"settings": {
steps: "envs": [
- name: mkdir "drone_tag",
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea "drone_commit",
settings: "drone_build_number",
envs: "drone_repo_name",
- drone_tag "drone_repo_namespace"
- drone_commit ],
- drone_build_number "script": [
- drone_repo_name "mkdir -p /stack/.images/gitea/built",
- drone_repo_namespace "rm -f /stack/.images/gitea/*.*",
script: "rm -f /stack/.images/gitea/built/*.*"
- mkdir -p /stack/.images/gitea/built ]
- rm -f /stack/.images/gitea/*.* }
- rm -f /stack/.images/gitea/built/*.* },
{
- name: gitea/gitea:1.12.3-linux-amd64 "image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea "name": "gitea/gitea:1.12.3-linux-amd64",
settings: "settings": {
envs: "envs": [
- drone_tag "drone_tag",
- drone_commit "drone_commit",
- drone_build_number "drone_build_number",
- drone_repo_name "drone_repo_name",
- drone_repo_namespace "drone_repo_namespace",
- registry_domain "registry_domain",
- registry_port "registry_port",
- registry_password "registry_password",
- destination_registry "destination_registry"
script: ],
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n" "script": [
- docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n",
- docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 -o /stack/.images/gitea/gitea_gitea:1.12.3-linux-amd64.tar "docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64",
- echo "docker load < gitea_gitea:1.12.3-linux-amd64.tar" >> /stack/.images/gitea/load.sh "docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 -o /stack/.images/gitea/gitea_gitea:1.12.3-linux-amd64.tar",
- echo "docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 $${DESTINATION_REGISTRY}/stack/gitea/gitea/gitea:1.12.3-linux-amd64" >> /stack/.images/gitea/load.sh "echo \"docker load < gitea_gitea:1.12.3-linux-amd64.tar\" >> /stack/.images/gitea/load.sh",
"echo \"docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 $${DESTINATION_REGISTRY}/stack/gitea/gitea/gitea:1.12.3-linux-amd64\" >> /stack/.images/gitea/load.sh"
- name: gitea ]
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea }
settings: },
envs: {
- drone_tag "image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
- drone_commit "name": "gitea",
- drone_build_number "settings": {
- drone_repo_name "envs": [
- drone_repo_namespace "drone_tag",
- registry_domain "drone_commit",
- registry_port "drone_build_number",
- registry_password "drone_repo_name",
- destination_registry "drone_repo_namespace",
script: "registry_domain",
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n" "registry_port",
- docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea "registry_password",
- docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea -o /stack/.images/gitea/built/gitea.tar "destination_registry"
- echo "docker load gitea.tar" >> /stack/.images/gitea/built/load.sh ],
- echo "docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea ${DESINATION_REGISTRY}/stack/gitea/gitea" >> /stack/.images/gitea/built/load.sh "script": [
"n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n",
trigger: "docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea",
event: "docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea -o /stack/.images/gitea/built/gitea.tar",
- promote "echo \"docker load gitea.tar\" >> /stack/.images/gitea/built/load.sh",
target: "echo \"docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea ${DESINATION_REGISTRY}/stack/gitea/gitea\" >> /stack/.images/gitea/built/load.sh"
- save ]
}
}
],
"trigger": {
"event": [
"promote"
],
"target": [
"save"
]
},
"type": "docker"
}
--- ---
kind: pipeline {
type: docker "clone": {
name: print "depth": 0,
"disable": false
platform: },
os: linux "kind": "pipeline",
arch: amd64 "name": "print",
"steps": [
steps: {
- name: print env "environment": {
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea "GITEA_APP_NAME": {
settings: "from_secret": "gitea-app-name"
envs: },
- drone_tag "GITEA_MAILER_FROM": {
- drone_commit "from_secret": "gitea-mailer-from"
- drone_build_number },
- drone_repo_name "GITEA_MAILER_HOST": {
- drone_repo_namespace "from_secret": "gitea-mailer-host"
- gitea_mailer_host },
- gitea_mailer_from "GITEA_MAILER_PASSWD": {
- gitea_mailer_user "from_secret": "gitea-mailer-passwd"
- gitea_app_name },
- gitea_server_lfs_jwt_secret "GITEA_MAILER_USER": {
- gitea_security_secret_key "from_secret": "gitea-mailer-user"
- gitea_security_internal_token },
- gitea_oauth2_jwt_secret "GITEA_OAUTH2_JWT_SECRET": {
- gitea_mailer_passwd "from_secret": "gitea-oauth2-jwt-secret"
script: },
- rm -f env-gitea "GITEA_SECURITY_INTERNAL_TOKEN": {
- "echo \"export GITEA_MAILER_HOST='$${GITEA_MAILER_HOST}'\" >> env-gitea # \"gitea-mailer-host\"" "from_secret": "gitea-security-internal-token"
- "echo \"export GITEA_MAILER_FROM='$${GITEA_MAILER_FROM}'\" >> env-gitea # \"gitea-mailer-from\"" },
- "echo \"export GITEA_MAILER_USER='$${GITEA_MAILER_USER}'\" >> env-gitea # \"gitea-mailer-user\"" "GITEA_SECURITY_SECRET_KEY": {
- "echo \"export GITEA_APP_NAME='$${GITEA_APP_NAME}'\" >> env-gitea # \"gitea-app-name\"" "from_secret": "gitea-security-secret-key"
- "echo \"export GITEA_SERVER_LFS_JWT_SECRET='$${GITEA_SERVER_LFS_JWT_SECRET}'\" >> env-gitea # \"gitea-server-lfs-jwt-secret\"" },
- "echo \"export GITEA_SECURITY_SECRET_KEY='$${GITEA_SECURITY_SECRET_KEY}'\" >> env-gitea # \"gitea-security-secret-key\"" "GITEA_SERVER_LFS_JWT_SECRET": {
- "echo \"export GITEA_SECURITY_INTERNAL_TOKEN='$${GITEA_SECURITY_INTERNAL_TOKEN}'\" >> env-gitea # \"gitea-security-internal-token\"" "from_secret": "gitea-server-lfs-jwt-secret"
- "echo \"export GITEA_OAUTH2_JWT_SECRET='$${GITEA_OAUTH2_JWT_SECRET}'\" >> env-gitea # \"gitea-oauth2-jwt-secret\"" },
- "echo \"export GITEA_MAILER_PASSWD='$${GITEA_MAILER_PASSWD}'\" >> env-gitea # \"gitea-mailer-passwd\"" "MYSQL_ROOT_PASSWORD": {
environment: "from_secret": "mysql-root-password"
GITEA_APP_NAME: }
from_secret: gitea-app-name },
GITEA_MAILER_FROM: "image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
from_secret: gitea-mailer-from "name": "print env",
GITEA_MAILER_HOST: "settings": {
from_secret: gitea-mailer-host "envs": [
GITEA_MAILER_PASSWD: "drone_tag",
from_secret: gitea-mailer-passwd "drone_commit",
GITEA_MAILER_USER: "drone_build_number",
from_secret: gitea-mailer-user "drone_repo_name",
GITEA_OAUTH2_JWT_SECRET: "drone_repo_namespace",
from_secret: gitea-oauth2-jwt-secret "gitea_mailer_host",
GITEA_SECURITY_INTERNAL_TOKEN: "gitea_mailer_from",
from_secret: gitea-security-internal-token "gitea_mailer_user",
GITEA_SECURITY_SECRET_KEY: "gitea_app_name",
from_secret: gitea-security-secret-key "gitea_server_lfs_jwt_secret",
GITEA_SERVER_LFS_JWT_SECRET: "gitea_security_secret_key",
from_secret: gitea-server-lfs-jwt-secret "gitea_security_internal_token",
"gitea_oauth2_jwt_secret",
trigger: "gitea_mailer_passwd",
event: "mysql_root_password"
- promote ],
target: "script": [
- print "rm -f env-gitea",
"echo \"export GITEA_MAILER_HOST='$${GITEA_MAILER_HOST}'\" >> env-gitea # \"gitea-mailer-host\"",
"echo \"export GITEA_MAILER_FROM='$${GITEA_MAILER_FROM}'\" >> env-gitea # \"gitea-mailer-from\"",
"echo \"export GITEA_MAILER_USER='$${GITEA_MAILER_USER}'\" >> env-gitea # \"gitea-mailer-user\"",
"echo \"export GITEA_APP_NAME='$${GITEA_APP_NAME}'\" >> env-gitea # \"gitea-app-name\"",
"echo \"export GITEA_SERVER_LFS_JWT_SECRET='$${GITEA_SERVER_LFS_JWT_SECRET}'\" >> env-gitea # \"gitea-server-lfs-jwt-secret\"",
"echo \"export GITEA_SECURITY_SECRET_KEY='$${GITEA_SECURITY_SECRET_KEY}'\" >> env-gitea # \"gitea-security-secret-key\"",
"echo \"export GITEA_SECURITY_INTERNAL_TOKEN='$${GITEA_SECURITY_INTERNAL_TOKEN}'\" >> env-gitea # \"gitea-security-internal-token\"",
"echo \"export GITEA_OAUTH2_JWT_SECRET='$${GITEA_OAUTH2_JWT_SECRET}'\" >> env-gitea # \"gitea-oauth2-jwt-secret\"",
"echo \"export GITEA_MAILER_PASSWD='$${GITEA_MAILER_PASSWD}'\" >> env-gitea # \"gitea-mailer-passwd\"",
"echo \"export MYSQL_ROOT_PASSWORD='$${MYSQL_ROOT_PASSWORD}'\" >> env-gitea # \"mysql-root-password\""
]
}
}
],
"trigger": {
"event": [
"promote"
],
"target": [
"print"
]
},
"type": "docker"
}
--- ---
kind: pipeline {
type: docker "clone": {
name: build "depth": 0,
"disable": false
platform: },
os: linux "kind": "pipeline",
arch: amd64 "name": "print-secrets",
"steps": [
steps: {
- name: "dockerbuild:" "environment": {
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f "GITEA_APP_NAME": {
commands: "from_secret": "gitea-app-name"
- set -e },
- export NAME=gitea "GITEA_MAILER_FROM": {
- export ROOT=stack "from_secret": "gitea-mailer-from"
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n" },
- sh .drone/build.sh "GITEA_MAILER_HOST": {
- sh .drone/push.sh "from_secret": "gitea-mailer-host"
volumes: },
- name: dockersock "GITEA_MAILER_PASSWD": {
path: /var/run "from_secret": "gitea-mailer-passwd"
},
services: "GITEA_MAILER_USER": {
- name: docker "from_secret": "gitea-mailer-user"
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f },
privileged: true "GITEA_OAUTH2_JWT_SECRET": {
volumes: "from_secret": "gitea-oauth2-jwt-secret"
- name: dockersock },
path: /var/run "GITEA_SECURITY_INTERNAL_TOKEN": {
- name: ca "from_secret": "gitea-security-internal-token"
path: /etc/docker/certs.d },
- name: daemonjson "GITEA_SECURITY_SECRET_KEY": {
path: /etc/docker/daemon.json "from_secret": "gitea-security-secret-key"
},
volumes: "GITEA_SERVER_LFS_JWT_SECRET": {
- name: dockersock "from_secret": "gitea-server-lfs-jwt-secret"
temp: {} },
- name: ca "MYSQL_ROOT_PASSWORD": {
host: "from_secret": "mysql-root-password"
path: /etc/docker/certs.d }
- name: daemonjson },
host: "image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
path: /etc/docker/daemon.json "name": "print secrets command",
"settings": {
trigger: "envs": [
event: "drone_tag",
- promote "drone_commit",
target: "drone_build_number",
- build "drone_repo_name",
"drone_repo_namespace",
"gitea_mailer_host",
"gitea_mailer_from",
"gitea_mailer_user",
"gitea_app_name",
"gitea_server_lfs_jwt_secret",
"gitea_security_secret_key",
"gitea_security_internal_token",
"gitea_oauth2_jwt_secret",
"gitea_mailer_passwd",
"mysql_root_password"
],
"script": [
"rm -f env-gitea-secret",
"echo \"docker secret add --name=GITEA_MAILER_HOST --data='$${GITEA_MAILER_HOST}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-mailer-host\"",
"echo \"docker secret add --name=GITEA_MAILER_FROM --data='$${GITEA_MAILER_FROM}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-mailer-from\"",
"echo \"docker secret add --name=GITEA_MAILER_USER --data='$${GITEA_MAILER_USER}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-mailer-user\"",
"echo \"docker secret add --name=GITEA_APP_NAME --data='$${GITEA_APP_NAME}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-app-name\"",
"echo \"docker secret add --name=GITEA_SERVER_LFS_JWT_SECRET --data='$${GITEA_SERVER_LFS_JWT_SECRET}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-server-lfs-jwt-secret\"",
"echo \"docker secret add --name=GITEA_SECURITY_SECRET_KEY --data='$${GITEA_SECURITY_SECRET_KEY}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-security-secret-key\"",
"echo \"docker secret add --name=GITEA_SECURITY_INTERNAL_TOKEN --data='$${GITEA_SECURITY_INTERNAL_TOKEN}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-security-internal-token\"",
"echo \"docker secret add --name=GITEA_OAUTH2_JWT_SECRET --data='$${GITEA_OAUTH2_JWT_SECRET}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-oauth2-jwt-secret\"",
"echo \"docker secret add --name=GITEA_MAILER_PASSWD --data='$${GITEA_MAILER_PASSWD}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-mailer-passwd\"",
"echo \"docker secret add --name=MYSQL_ROOT_PASSWORD --data='$${MYSQL_ROOT_PASSWORD}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"mysql-root-password\""
]
}
}
],
"trigger": {
"event": [
"promote"
],
"target": [
"print-secrets"
]
},
"type": "docker"
}
--- ---
kind: pipeline {
type: docker "clone": {
name: deploy "depth": 0,
"disable": false
platform: },
os: linux "kind": "pipeline",
arch: amd64 "name": "build",
"services": [
steps: {
- name: scp "image": "docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f",
image: appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47 "name": "docker",
settings: "privileged": true,
command_timeout: 2m "volumes": [
source: {
- . "name": "dockersock",
target: /stack/gitea "path": "/var/run"
},
- name: deploy {
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea "name": "ca",
settings: "path": "/etc/docker/certs.d"
envs: },
- drone_tag {
- drone_commit "name": "daemonjson",
- drone_build_number "path": "/etc/docker/daemon.json"
- drone_repo_name }
- drone_repo_namespace ]
- scheme }
- domain ],
- registry_domain "steps": [
- registry_port {
- registry_password "commands": [
- gitea_mailer_host "set -e",
- gitea_mailer_from "export NAME=gitea",
- gitea_mailer_user "export ROOT=stack",
- gitea_app_name "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n",
- gitea_server_lfs_jwt_secret "sh .drone/build.sh",
- gitea_security_secret_key "sh .drone/push.sh"
- gitea_security_internal_token ],
- gitea_oauth2_jwt_secret "environment": { },
- gitea_mailer_passwd "image": "docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f",
script: "name": "dockerbuild:",
- export GITEA_SERVER_LFS_JWT_SECRET=$${GITEA_SERVER_LFS_JWT_SECRET} "volumes": [
- export GITEA_SECURITY_SECRET_KEY=$${GITEA_SECURITY_SECRET_KEY} {
- export GITEA_SECURITY_INTERNAL_TOKEN=$${GITEA_SECURITY_INTERNAL_TOKEN} "name": "dockersock",
- export GITEA_OAUTH2_JWT_SECRET=$${GITEA_OAUTH2_JWT_SECRET} "path": "/var/run"
- export GITEA_MAILER_PASSWD=$${GITEA_MAILER_PASSWD} }
- export GITEA_MAILER_HOST=$${GITEA_MAILER_HOST} ]
- export GITEA_MAILER_FROM=$${GITEA_MAILER_FROM} }
- export GITEA_MAILER_USER=$${GITEA_MAILER_USER} ],
- export GITEA_APP_NAME=$${GITEA_APP_NAME} "trigger": {
- export SCHEME=$${SCHEME} "event": [
- export DOMAIN=$${DOMAIN} "promote"
- export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN} ],
- export REGISTRY_PORT=$${REGISTRY_PORT} "target": [
- export REGISTRY_PASSWORD=$${REGISTRY_PASSWORD} "build"
- set -e ]
- export NAME=gitea },
- export ROOT=stack "type": "docker",
- cd /stack/gitea "volumes": [
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n" {
- sh .drone/pull.sh "name": "dockersock",
- sh .drone/deploy.sh "temp": { }
environment: },
GITEA_APP_NAME: {
from_secret: gitea-app-name "host": {
GITEA_MAILER_FROM: "path": "/etc/docker/certs.d"
from_secret: gitea-mailer-from },
GITEA_MAILER_HOST: "name": "ca"
from_secret: gitea-mailer-host },
GITEA_MAILER_PASSWD: {
from_secret: gitea-mailer-passwd "host": {
GITEA_MAILER_USER: "path": "/etc/docker/daemon.json"
from_secret: gitea-mailer-user },
GITEA_OAUTH2_JWT_SECRET: "name": "daemonjson"
from_secret: gitea-oauth2-jwt-secret }
GITEA_SECURITY_INTERNAL_TOKEN: ]
from_secret: gitea-security-internal-token }
GITEA_SECURITY_SECRET_KEY: ---
from_secret: gitea-security-secret-key {
GITEA_SERVER_LFS_JWT_SECRET: "clone": {
from_secret: gitea-server-lfs-jwt-secret "depth": 0,
"disable": false
trigger: },
event: "kind": "pipeline",
- promote "name": "deploy",
target: "steps": [
- deploy {
"image": "appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47",
... "name": "scp",
"settings": {
"command_timeout": "2m",
"source": [
"."
],
"target": "/stack/gitea"
}
},
{
"environment": {
"GITEA_APP_NAME": {
"from_secret": "gitea-app-name"
},
"GITEA_MAILER_FROM": {
"from_secret": "gitea-mailer-from"
},
"GITEA_MAILER_HOST": {
"from_secret": "gitea-mailer-host"
},
"GITEA_MAILER_PASSWD": {
"from_secret": "gitea-mailer-passwd"
},
"GITEA_MAILER_USER": {
"from_secret": "gitea-mailer-user"
},
"GITEA_OAUTH2_JWT_SECRET": {
"from_secret": "gitea-oauth2-jwt-secret"
},
"GITEA_SECURITY_INTERNAL_TOKEN": {
"from_secret": "gitea-security-internal-token"
},
"GITEA_SECURITY_SECRET_KEY": {
"from_secret": "gitea-security-secret-key"
},
"GITEA_SERVER_LFS_JWT_SECRET": {
"from_secret": "gitea-server-lfs-jwt-secret"
},
"MYSQL_ROOT_PASSWORD": {
"from_secret": "mysql-root-password"
}
},
"image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
"name": "deploy",
"settings": {
"envs": [
"drone_tag",
"drone_commit",
"drone_build_number",
"drone_repo_name",
"drone_repo_namespace",
"scheme",
"domain",
"registry_domain",
"registry_port",
"registry_password",
"gitea_mailer_host",
"gitea_mailer_from",
"gitea_mailer_user",
"gitea_app_name",
"gitea_server_lfs_jwt_secret",
"gitea_security_secret_key",
"gitea_security_internal_token",
"gitea_oauth2_jwt_secret",
"gitea_mailer_passwd",
"mysql_root_password"
],
"script": [
"export GITEA_SERVER_LFS_JWT_SECRET=$${GITEA_SERVER_LFS_JWT_SECRET}",
"export GITEA_SECURITY_SECRET_KEY=$${GITEA_SECURITY_SECRET_KEY}",
"export GITEA_SECURITY_INTERNAL_TOKEN=$${GITEA_SECURITY_INTERNAL_TOKEN}",
"export GITEA_OAUTH2_JWT_SECRET=$${GITEA_OAUTH2_JWT_SECRET}",
"export GITEA_MAILER_PASSWD=$${GITEA_MAILER_PASSWD}",
"export MYSQL_ROOT_PASSWORD=$${MYSQL_ROOT_PASSWORD}",
"export GITEA_MAILER_HOST=$${GITEA_MAILER_HOST}",
"export GITEA_MAILER_FROM=$${GITEA_MAILER_FROM}",
"export GITEA_MAILER_USER=$${GITEA_MAILER_USER}",
"export GITEA_APP_NAME=$${GITEA_APP_NAME}",
"export SCHEME=$${SCHEME}",
"export DOMAIN=$${DOMAIN}",
"export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN}",
"export REGISTRY_PORT=$${REGISTRY_PORT}",
"export REGISTRY_PASSWORD=$${REGISTRY_PASSWORD}",
"set -e",
"export NAME=gitea",
"export ROOT=stack",
"cd /stack/gitea",
"n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n",
"sh .drone/pull.sh",
"sh .drone/deploy.sh"
]
}
}
],
"trigger": {
"event": [
"promote"
],
"target": [
"deploy"
]
},
"type": "docker"
}

1
.drone/lib/secret-secrets.libsonnet
View File

@ -4,4 +4,5 @@
'gitea-security-internal-token', 'gitea-security-internal-token',
'gitea-oauth2-jwt-secret', 'gitea-oauth2-jwt-secret',
'gitea-mailer-passwd', 'gitea-mailer-passwd',
'mysql-root-password'
] ]

8
README.md
View File

@ -1,7 +1,7 @@
# gitea # gitea
## secrets ## secrets
* git-domain * domain
* gitea-app-name * gitea-app-name
* gitea-mailer-from * gitea-mailer-from
* gitea-mailer-host * gitea-mailer-host
@ -12,4 +12,8 @@
* gitea-security-secret-key * gitea-security-secret-key
* gitea-server-lfs-jwt-secret * gitea-server-lfs-jwt-secret
* local-docker-registry * local-docker-registry
* registry-password * registry-password
## mysql
set up https://docs.gitea.io/en-us/database-prep/

30
docker-compose.yml
View File

@ -3,7 +3,7 @@ services:
gitea: gitea:
deploy: deploy:
placement: placement:
constraints: [node.labels.com.sigyl.git-stack == yes] constraints: [node.labels.com.sigyl.gitea == yes]
replicas: 1 replicas: 1
restart_policy: restart_policy:
condition: any condition: any
@ -23,17 +23,41 @@ services:
- GITEA_MAILER_USER=$GITEA_MAILER_USER - GITEA_MAILER_USER=$GITEA_MAILER_USER
- GITEA_MAILER_FROM=$GITEA_MAILER_FROM - GITEA_MAILER_FROM=$GITEA_MAILER_FROM
- GITEA_MAILER_PASSWD=$GITEA_MAILER_PASSWD - GITEA_MAILER_PASSWD=$GITEA_MAILER_PASSWD
- GITEA__database__DB_TYPE=mysql
- GITEA__database__HOST=mysql:3306
- GITEA__database__NAME=gitead
- GITEA__database__USER=gitea
- GITEA__database__PASSWD=gitea
volumes: volumes:
- gitea-app:/data - gitea-app-4:/data
ports: ports:
- 3000:3000 - 3000:3000
- 22:22 - 22:22
networks: networks:
- appnet - appnet
- externalnet - externalnet
mysql:
image: ${DOCKER_REGISTRY}mysql:8
deploy:
placement:
constraints: [node.labels.com.sigyl.git-stack-data == yes]
replicas: 1
restart_policy:
condition: any
volumes:
- gitea-data-5:/var/lib/mysql
environment:
#- MYSQL_ROOT_PASSWORD: $MYSQL_ROOT_PASSWORD
- MYSQL_ROOT_PASSWORD=gitea
- MYSQL_USER=gitea
- MYSQL_PASSWORD=gitea
- MYSQL_DATABASE=gitea
networks:
- appnet
volumes: volumes:
gitea-app: gitea-app-4:
gitea-data-5:
networks: networks:
appnet: appnet:

4
gitea/Dockerfile
View File

@ -1,6 +1,6 @@
ARG REGISTRY ARG REGISTRY
FROM ${REGISTRY}gitea/gitea:1.12.3-linux-amd64 FROM ${REGISTRY}gitea/gitea:1.16.7-linux-amd64
COPY app.ini /init/ COPY app.ini /init/
COPY ./templates /init/templates/ #COPY ./templates /init/templates/
COPY run.sh / COPY run.sh /
CMD ["sh", "/run.sh"] CMD ["sh", "/run.sh"]

10
gitea/app.ini
View File

@ -56,8 +56,8 @@ PATH = /data/gitea/attachments
[log] [log]
ROOT_PATH = /data/gitea/log ROOT_PATH = /data/gitea/log
MODE = file MODE = console
LEVEL = info LEVEL = debug
[security] [security]
INSTALL_LOCK = true INSTALL_LOCK = true
@ -65,7 +65,8 @@ SECRET_KEY = ${GITEA_SECURITY_SECRET_KEY}
INTERNAL_TOKEN = ${GITEA_SECURITY_INTERNAL_TOKEN} INTERNAL_TOKEN = ${GITEA_SECURITY_INTERNAL_TOKEN}
PASSWORD_COMPLEXITY = off PASSWORD_COMPLEXITY = off
[service] [service]
DISABLE_REGISTRATION = true DISABLE_REGISTRATION = false
SHOW_REGISTRATION_BUTTON = true
REQUIRE_SIGNIN_VIEW = false REQUIRE_SIGNIN_VIEW = false
REGISTER_EMAIL_CONFIRM = true REGISTER_EMAIL_CONFIRM = true
ENABLE_NOTIFY_MAIL = true ENABLE_NOTIFY_MAIL = true
@ -89,3 +90,6 @@ PASSWD = ${GITEA_MAILER_PASSWD}
[openid] [openid]
ENABLE_OPENID_SIGNIN = true ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true ENABLE_OPENID_SIGNUP = true
[webhook]
ALLOWED_HOST_LIST=*

0
gitea/new-app.ini Normal file
View File

1
gitea/run.sh
View File

@ -1,4 +1,5 @@
envsubst < /init/app.ini > /data/gitea/conf/app.ini envsubst < /init/app.ini > /data/gitea/conf/app.ini
cat /data/gitea/conf/app.ini
mkdir -p /data/gitea/templates mkdir -p /data/gitea/templates
for file in /init/templates/* for file in /init/templates/*
do do

2
node_modules/.yarn-integrity generated vendored
View File

@ -1,5 +1,5 @@
{ {
"systemParams": "darwin-x64-72", "systemParams": "linux-x64-108",
"modulesFolders": [ "modulesFolders": [
"node_modules" "node_modules"
], ],