stack
/
gitea
1
0
Fork 0
Code Issues Pull Requests 1 Actions Releases 1 Wiki Activity

Compare commits

base: stack:testing
Branches Tags
stack:master
stack:actions
stack:build-tag
stack:testing
stack:promotions
stack:n80
stack:empty
stack:develop
stack:renovate/configure
stack:do
stack:home-deploy
stack:v0.1
stack:v0.0.7
stack:v0.0.6
stack:v0.0.5
stack:v0.0.4
stack:v0.0.3
stack:v0.0.2
stack:v0.0.1
..
compare: stack:master
Branches Tags
stack:actions
stack:master
stack:build-tag
stack:testing
stack:promotions
stack:n80
stack:empty
stack:develop
stack:renovate/configure
stack:do
stack:home-deploy
stack:v0.1
stack:v0.0.7
stack:v0.0.6
stack:v0.0.5
stack:v0.0.4
stack:v0.0.3
stack:v0.0.2
stack:v0.0.1

22 Commits
testing ... master

Author SHA1 Message Date
giles cb9eb16bb7 Merge pull request 'build-tag' (#3) from build-tag into master
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/tag Build is running Details 
Reviewed-on: #3
 2023-10-20 10:48:51 +00:00
giles 40efa5fbd3 buidling and deoploying on tag
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/pr Build is passing Details
2023-10-20 11:47:01 +01:00
giles 2d04d35025 buidling and deoploying on tag
continuous-integration/drone/push Build encountered an error Details
2023-10-20 11:45:38 +01:00
giles 5ec55ad284 Merge pull request 'separate-database' (#2) from separate-database into master
continuous-integration/drone/push Build is passing Details 
Reviewed-on: #2
 2023-10-20 10:16:51 +00:00
giles 98bbf1ed70 1.20.5
continuous-integration/drone/push Build is running Details
continuous-integration/drone/pr Build is passing Details
2023-10-19 20:44:11 +01:00
giles 624f5c9ea9 17
continuous-integration/drone/push Build is running Details
2023-10-19 20:42:09 +01:00
giles 90c25b5f9d retry
continuous-integration/drone/push Build is running Details
2023-10-19 20:38:24 +01:00
giles 5bfa1f7f65 retry
continuous-integration/drone/push Build is running Details
2023-10-19 20:35:41 +01:00
giles 48114020c3 retry
continuous-integration/drone/push Build is failing Details
2023-10-19 20:31:40 +01:00
giles 19f51b34fa retry
continuous-integration/drone/push Build is failing Details
2023-10-19 20:29:41 +01:00
giles 37dd57e75a retry
continuous-integration/drone/push Build is failing Details
2023-10-19 20:28:09 +01:00
giles 0e140963aa retry
continuous-integration/drone/push Build is failing Details
2023-10-19 20:25:34 +01:00
giles cd12ee1ace versioned build 2023-10-19 20:21:08 +01:00
giles 87ed972d98 15 2023-10-19 19:49:40 +01:00
giles 3550cefc3e 16 2023-10-19 19:34:20 +01:00
giles a0cb0afea7 15
continuous-integration/drone/push Build is running Details
2023-10-19 19:32:20 +01:00
giles fa2a2b8733 15 2023-10-19 19:28:44 +01:00
giles 2a56e560c9 14
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/promote/build Build is passing Details
continuous-integration/drone/promote/deploy Build is failing Details
2023-10-19 19:23:37 +01:00
giles ef48885fd7 update to v1.13.0
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/promote/build Build is passing Details
continuous-integration/drone/promote/deploy Build is running Details
2023-10-19 19:19:47 +01:00
giles efbed6064b update to v1.13.0
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/promote/build Build is failing Details
2023-10-19 19:16:57 +01:00
giles 16e37774ac missed off env var
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/promote/deploy Build is running Details
2023-10-02 17:54:33 +01:00
giles 52e30b186c added mailer protocol
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/promote/print Build is passing Details
continuous-integration/drone/promote/deploy Build is running Details
2023-10-02 17:31:14 +01:00
15 changed files with 321 additions and 606 deletions
Show Stats Expand all files Collapse all files

5
.drone/build.sh
View File

@ -1,6 +1,5 @@
sleep 10 sleep 10
docker build gitea \ docker build gitea \
-t ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/gitea --build-arg REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/ \
#--build-arg REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/ \ -t ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/gitea:$1

7
.drone/deploy.sh
View File

@ -1,6 +1,7 @@
echo $NAME \ export LOCAL_DOCKER_REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/ \
&& export LOCAL_DOCKER_REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/ \ && echo $1 \
&& export TAG=$1 \
&& docker stack rm gitea \ && docker stack rm gitea \
&& echo 'sleeping...zzz' \ && echo 'sleeping...zzz' \
&& sleep 10 \ && sleep 60 \
&& docker stack deploy -c docker-compose.yml gitea --with-registry-auth && docker stack deploy -c docker-compose.yml gitea --with-registry-auth

6
.drone/drone-home.jsonnet
View File

@ -8,7 +8,6 @@ local registry = import 'node_modules/@sigyl/jsonnet-drone/registry.libsonnet';
local save = import 'node_modules/@sigyl/jsonnet-drone/save.libsonnet'; local save = import 'node_modules/@sigyl/jsonnet-drone/save.libsonnet';
local build = import 'node_modules/@sigyl/jsonnet-drone/build.libsonnet'; local build = import 'node_modules/@sigyl/jsonnet-drone/build.libsonnet';
local print = import 'node_modules/@sigyl/jsonnet-drone/print.libsonnet'; local print = import 'node_modules/@sigyl/jsonnet-drone/print.libsonnet';
local printSecrets = import 'node_modules/@sigyl/jsonnet-drone/print-secrets.libsonnet';
local config = { local config = {
registry: '', registry: '',
@ -43,11 +42,6 @@ local defs = [
publicSecrets, publicSecrets,
secretSecrets, secretSecrets,
), ),
printSecrets(config)(
[],
publicSecrets,
secretSecrets,
),
build(config)( build(config)(
[], [],
), ),

844
.drone/drone-home.yml
View File

@ -1,547 +1,301 @@
kind: pipeline
type: docker
name: print
platform:
os: linux
arch: amd64
steps:
- name: print env
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
settings:
envs:
- drone_tag
- drone_commit
- drone_build_number
- drone_repo_name
- drone_repo_namespace
- gitea_mailer_host
- gitea_mailer_from
- gitea_mailer_user
- gitea_app_name
- gitea_server_lfs_jwt_secret
- gitea_security_secret_key
- gitea_security_internal_token
- gitea_oauth2_jwt_secret
- gitea_mailer_passwd
- gitea_mailer_protocol
script:
- rm -f env-gitea
- "echo \"export GITEA_MAILER_HOST='$${GITEA_MAILER_HOST}'\" >> env-gitea # \"gitea-mailer-host\""
- "echo \"export GITEA_MAILER_FROM='$${GITEA_MAILER_FROM}'\" >> env-gitea # \"gitea-mailer-from\""
- "echo \"export GITEA_MAILER_USER='$${GITEA_MAILER_USER}'\" >> env-gitea # \"gitea-mailer-user\""
- "echo \"export GITEA_APP_NAME='$${GITEA_APP_NAME}'\" >> env-gitea # \"gitea-app-name\""
- "echo \"export GITEA_SERVER_LFS_JWT_SECRET='$${GITEA_SERVER_LFS_JWT_SECRET}'\" >> env-gitea # \"gitea-server-lfs-jwt-secret\""
- "echo \"export GITEA_SECURITY_SECRET_KEY='$${GITEA_SECURITY_SECRET_KEY}'\" >> env-gitea # \"gitea-security-secret-key\""
- "echo \"export GITEA_SECURITY_INTERNAL_TOKEN='$${GITEA_SECURITY_INTERNAL_TOKEN}'\" >> env-gitea # \"gitea-security-internal-token\""
- "echo \"export GITEA_OAUTH2_JWT_SECRET='$${GITEA_OAUTH2_JWT_SECRET}'\" >> env-gitea # \"gitea-oauth2-jwt-secret\""
- "echo \"export GITEA_MAILER_PASSWD='$${GITEA_MAILER_PASSWD}'\" >> env-gitea # \"gitea-mailer-passwd\""
- "echo \"export GITEA_MAILER_PROTOCOL='$${GITEA_MAILER_PROTOCOL}'\" >> env-gitea # \"gitea-mailer-protocol\""
environment:
GITEA_APP_NAME:
from_secret: gitea-app-name
GITEA_MAILER_FROM:
from_secret: gitea-mailer-from
GITEA_MAILER_HOST:
from_secret: gitea-mailer-host
GITEA_MAILER_PASSWD:
from_secret: gitea-mailer-passwd
GITEA_MAILER_PROTOCOL:
from_secret: gitea-mailer-protocol
GITEA_MAILER_USER:
from_secret: gitea-mailer-user
GITEA_OAUTH2_JWT_SECRET:
from_secret: gitea-oauth2-jwt-secret
GITEA_SECURITY_INTERNAL_TOKEN:
from_secret: gitea-security-internal-token
GITEA_SECURITY_SECRET_KEY:
from_secret: gitea-security-secret-key
GITEA_SERVER_LFS_JWT_SECRET:
from_secret: gitea-server-lfs-jwt-secret
trigger:
event:
- promote
target:
- print
--- ---
{ kind: pipeline
"clone": { type: docker
"disable": true name: build
},
"kind": "pipeline", platform:
"name": "register", os: linux
"trigger": { arch: amd64
"event": {
"exclude": [ steps:
"promote" - name: "build commit"
] image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
} commands:
}, - set -e
"type": "docker" - export NAME=gitea
} - export ROOT=stack
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
- sh .drone/build.sh ${DRONE_COMMIT_SHA}
- sh .drone/push.sh ${DRONE_COMMIT_SHA}
volumes:
- name: dockersock
path: /var/run
when:
branch:
- action
- name: "build tag"
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
commands:
- set -e
- export NAME=gitea
- export ROOT=stack
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
- sh .drone/build.sh ${DRONE_TAG}
- sh .drone/push.sh ${DRONE_TAG}
volumes:
- name: dockersock
path: /var/run
when:
event:
- tag
services:
- name: docker
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
privileged: true
volumes:
- name: dockersock
path: /var/run
- name: ca
path: /etc/docker/certs.d
- name: daemonjson
path: /etc/docker/daemon.json
volumes:
- name: dockersock
temp: {}
- name: ca
host:
path: /etc/docker/certs.d
- name: daemonjson
host:
path: /etc/docker/daemon.json
--- ---
{ kind: pipeline
"clone": { type: docker
"disable": true name: deploy
},
"image_pull_secrets": [ depends_on:
"dockerconfigjson" - build
],
"kind": "pipeline", platform:
"name": "registry", os: linux
"services": [ arch: amd64
{
"image": "docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f", steps:
"name": "docker", - name: scp
"privileged": true, image: appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47
"volumes": [ settings:
{ command_timeout: 2m
"name": "dockersock", source:
"path": "/var/run" - .
}, target: /stack/gitea
{
"name": "ca", - name: deploy commit
"path": "/etc/docker/certs.d" when:
}, branch:
{ - action
"name": "daemonjson", image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
"path": "/etc/docker/daemon.json" settings:
} envs:
] - drone_tag
} - drone_commit
], - drone_commit_sha
"steps": [ - drone_build_number
{ - drone_repo_name
"commands": [ - drone_repo_namespace
"set -e", - scheme
"n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n", - domain
"n=0\nwhile :\ndo\n docker pull gitea/gitea:1.12.3-linux-amd64@sha256:38b8222941d8acffb7bb9c3fb0e9e0b657e06815a090f1fb11ed6900a3c9f384 \\\\\n && docker tag gitea/gitea:1.12.3-linux-amd64@sha256:38b8222941d8acffb7bb9c3fb0e9e0b657e06815a090f1fb11ed6900a3c9f384 $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 \\\\\n && docker push $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 && break\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"initialise failed\"\n exit 1\n fi\n echo \"retrying..$n\"\n sleep 5\ndone\n" - registry_domain
], - registry_port
"environment": { }, - registry_password
"image": "docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f", - gitea_mailer_host
"name": "gitea/gitea:1.12.3-linux-amd64", - gitea_mailer_from
"volumes": [ - gitea_mailer_user
{ - gitea_app_name
"name": "dockersock", - gitea_server_lfs_jwt_secret
"path": "/var/run" - gitea_security_secret_key
} - gitea_security_internal_token
] - gitea_oauth2_jwt_secret
} - gitea_mailer_passwd
], - gitea_mailer_protocol
"trigger": { script:
"event": [ - export GITEA_SERVER_LFS_JWT_SECRET=$${GITEA_SERVER_LFS_JWT_SECRET}
"promote" - export GITEA_SECURITY_SECRET_KEY=$${GITEA_SECURITY_SECRET_KEY}
], - export GITEA_SECURITY_INTERNAL_TOKEN=$${GITEA_SECURITY_INTERNAL_TOKEN}
"target": [ - export GITEA_OAUTH2_JWT_SECRET=$${GITEA_OAUTH2_JWT_SECRET}
"registry" - export GITEA_MAILER_PASSWD=$${GITEA_MAILER_PASSWD}
] - export GITEA_MAILER_PROTOCOL=$${GITEA_MAILER_PROTOCOL}
}, - export GITEA_MAILER_HOST=$${GITEA_MAILER_HOST}
"type": "docker", - export GITEA_MAILER_FROM=$${GITEA_MAILER_FROM}
"volumes": [ - export GITEA_MAILER_USER=$${GITEA_MAILER_USER}
{ - export GITEA_APP_NAME=$${GITEA_APP_NAME}
"name": "dockersock", - export SCHEME=$${SCHEME}
"temp": { } - export DOMAIN=$${DOMAIN}
}, - export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN}
{ - export REGISTRY_PORT=$${REGISTRY_PORT}
"host": { - export REGISTRY_PASSWORD=$${REGISTRY_PASSWORD}
"path": "/etc/docker/certs.d" - set -e
}, - export NAME=gitea
"name": "ca" - export ROOT=stack
}, - cd /stack/gitea
{ - "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
"host": { - printenv
"path": "/etc/docker/daemon.json" - sh .drone/pull.sh ${DRONE_COMMIT_SHA}
}, - sh .drone/deploy.sh ${DRONE_COMMIT_SHA}
"name": "daemonjson" environment:
} GITEA_APP_NAME:
] from_secret: gitea-app-name
} GITEA_MAILER_FROM:
--- from_secret: gitea-mailer-from
{ GITEA_MAILER_HOST:
"clone": { from_secret: gitea-mailer-host
"disable": true GITEA_MAILER_PASSWD:
}, from_secret: gitea-mailer-passwd
"kind": "pipeline", GITEA_MAILER_PROTOCOL:
"name": "save", from_secret: gitea-mailer-protocol
"steps": [ GITEA_MAILER_USER:
{ from_secret: gitea-mailer-user
"image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea", GITEA_OAUTH2_JWT_SECRET:
"name": "mkdir", from_secret: gitea-oauth2-jwt-secret
"settings": { GITEA_SECURITY_INTERNAL_TOKEN:
"envs": [ from_secret: gitea-security-internal-token
"drone_tag", GITEA_SECURITY_SECRET_KEY:
"drone_commit", from_secret: gitea-security-secret-key
"drone_build_number", GITEA_SERVER_LFS_JWT_SECRET:
"drone_repo_name", from_secret: gitea-server-lfs-jwt-secret
"drone_repo_namespace" - name: deploy tag
], when:
"script": [ event:
"mkdir -p /stack/.images/gitea/built", - tag
"rm -f /stack/.images/gitea/*.*", image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
"rm -f /stack/.images/gitea/built/*.*" settings:
] envs:
} - drone_tag
}, - drone_commit
{ - drone_commit_sha
"image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea", - drone_build_number
"name": "gitea/gitea:1.12.3-linux-amd64", - drone_repo_name
"settings": { - drone_repo_namespace
"envs": [ - scheme
"drone_tag", - domain
"drone_commit", - registry_domain
"drone_build_number", - registry_port
"drone_repo_name", - registry_password
"drone_repo_namespace", - gitea_mailer_host
"registry_domain", - gitea_mailer_from
"registry_port", - gitea_mailer_user
"registry_password", - gitea_app_name
"destination_registry" - gitea_server_lfs_jwt_secret
], - gitea_security_secret_key
"script": [ - gitea_security_internal_token
"n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n", - gitea_oauth2_jwt_secret
"docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64", - gitea_mailer_passwd
"docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 -o /stack/.images/gitea/gitea_gitea:1.12.3-linux-amd64.tar", - gitea_mailer_protocol
"echo \"docker load < gitea_gitea:1.12.3-linux-amd64.tar\" >> /stack/.images/gitea/load.sh", script:
"echo \"docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea/gitea:1.12.3-linux-amd64 $${DESTINATION_REGISTRY}/stack/gitea/gitea/gitea:1.12.3-linux-amd64\" >> /stack/.images/gitea/load.sh" - export GITEA_SERVER_LFS_JWT_SECRET=$${GITEA_SERVER_LFS_JWT_SECRET}
] - export GITEA_SECURITY_SECRET_KEY=$${GITEA_SECURITY_SECRET_KEY}
} - export GITEA_SECURITY_INTERNAL_TOKEN=$${GITEA_SECURITY_INTERNAL_TOKEN}
}, - export GITEA_OAUTH2_JWT_SECRET=$${GITEA_OAUTH2_JWT_SECRET}
{ - export GITEA_MAILER_PASSWD=$${GITEA_MAILER_PASSWD}
"image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea", - export GITEA_MAILER_PROTOCOL=$${GITEA_MAILER_PROTOCOL}
"name": "gitea", - export GITEA_MAILER_HOST=$${GITEA_MAILER_HOST}
"settings": { - export GITEA_MAILER_FROM=$${GITEA_MAILER_FROM}
"envs": [ - export GITEA_MAILER_USER=$${GITEA_MAILER_USER}
"drone_tag", - export GITEA_APP_NAME=$${GITEA_APP_NAME}
"drone_commit", - export SCHEME=$${SCHEME}
"drone_build_number", - export DOMAIN=$${DOMAIN}
"drone_repo_name", - export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN}
"drone_repo_namespace", - export REGISTRY_PORT=$${REGISTRY_PORT}
"registry_domain", - export REGISTRY_PASSWORD=$${REGISTRY_PASSWORD}
"registry_port", - set -e
"registry_password", - export NAME=gitea
"destination_registry" - export ROOT=stack
], - cd /stack/gitea
"script": [ - "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
"n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n", - printenv
"docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea", - sh .drone/pull.sh ${DRONE_TAG}
"docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea -o /stack/.images/gitea/built/gitea.tar", - sh .drone/deploy.sh ${DRONE_TAG}
"echo \"docker load gitea.tar\" >> /stack/.images/gitea/built/load.sh", environment:
"echo \"docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/gitea/gitea ${DESINATION_REGISTRY}/stack/gitea/gitea\" >> /stack/.images/gitea/built/load.sh" GITEA_APP_NAME:
] from_secret: gitea-app-name
} GITEA_MAILER_FROM:
} from_secret: gitea-mailer-from
], GITEA_MAILER_HOST:
"trigger": { from_secret: gitea-mailer-host
"event": [ GITEA_MAILER_PASSWD:
"promote" from_secret: gitea-mailer-passwd
], GITEA_MAILER_PROTOCOL:
"target": [ from_secret: gitea-mailer-protocol
"save" GITEA_MAILER_USER:
] from_secret: gitea-mailer-user
}, GITEA_OAUTH2_JWT_SECRET:
"type": "docker" from_secret: gitea-oauth2-jwt-secret
} GITEA_SECURITY_INTERNAL_TOKEN:
--- from_secret: gitea-security-internal-token
{ GITEA_SECURITY_SECRET_KEY:
"clone": { from_secret: gitea-security-secret-key
"depth": 0, GITEA_SERVER_LFS_JWT_SECRET:
"disable": false from_secret: gitea-server-lfs-jwt-secret
},
"kind": "pipeline", ...
"name": "print",
"steps": [
{
"environment": {
"GITEA_APP_NAME": {
"from_secret": "gitea-app-name"
},
"GITEA_MAILER_FROM": {
"from_secret": "gitea-mailer-from"
},
"GITEA_MAILER_HOST": {
"from_secret": "gitea-mailer-host"
},
"GITEA_MAILER_PASSWD": {
"from_secret": "gitea-mailer-passwd"
},
"GITEA_MAILER_USER": {
"from_secret": "gitea-mailer-user"
},
"GITEA_OAUTH2_JWT_SECRET": {
"from_secret": "gitea-oauth2-jwt-secret"
},
"GITEA_SECURITY_INTERNAL_TOKEN": {
"from_secret": "gitea-security-internal-token"
},
"GITEA_SECURITY_SECRET_KEY": {
"from_secret": "gitea-security-secret-key"
},
"GITEA_SERVER_LFS_JWT_SECRET": {
"from_secret": "gitea-server-lfs-jwt-secret"
},
"MYSQL_ROOT_PASSWORD": {
"from_secret": "mysql-root-password"
}
},
"image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
"name": "print env",
"settings": {
"envs": [
"drone_tag",
"drone_commit",
"drone_build_number",
"drone_repo_name",
"drone_repo_namespace",
"gitea_mailer_host",
"gitea_mailer_from",
"gitea_mailer_user",
"gitea_app_name",
"gitea_server_lfs_jwt_secret",
"gitea_security_secret_key",
"gitea_security_internal_token",
"gitea_oauth2_jwt_secret",
"gitea_mailer_passwd",
"mysql_root_password"
],
"script": [
"rm -f env-gitea",
"echo \"export GITEA_MAILER_HOST='$${GITEA_MAILER_HOST}'\" >> env-gitea # \"gitea-mailer-host\"",
"echo \"export GITEA_MAILER_FROM='$${GITEA_MAILER_FROM}'\" >> env-gitea # \"gitea-mailer-from\"",
"echo \"export GITEA_MAILER_USER='$${GITEA_MAILER_USER}'\" >> env-gitea # \"gitea-mailer-user\"",
"echo \"export GITEA_APP_NAME='$${GITEA_APP_NAME}'\" >> env-gitea # \"gitea-app-name\"",
"echo \"export GITEA_SERVER_LFS_JWT_SECRET='$${GITEA_SERVER_LFS_JWT_SECRET}'\" >> env-gitea # \"gitea-server-lfs-jwt-secret\"",
"echo \"export GITEA_SECURITY_SECRET_KEY='$${GITEA_SECURITY_SECRET_KEY}'\" >> env-gitea # \"gitea-security-secret-key\"",
"echo \"export GITEA_SECURITY_INTERNAL_TOKEN='$${GITEA_SECURITY_INTERNAL_TOKEN}'\" >> env-gitea # \"gitea-security-internal-token\"",
"echo \"export GITEA_OAUTH2_JWT_SECRET='$${GITEA_OAUTH2_JWT_SECRET}'\" >> env-gitea # \"gitea-oauth2-jwt-secret\"",
"echo \"export GITEA_MAILER_PASSWD='$${GITEA_MAILER_PASSWD}'\" >> env-gitea # \"gitea-mailer-passwd\"",
"echo \"export MYSQL_ROOT_PASSWORD='$${MYSQL_ROOT_PASSWORD}'\" >> env-gitea # \"mysql-root-password\""
]
}
}
],
"trigger": {
"event": [
"promote"
],
"target": [
"print"
]
},
"type": "docker"
}
---
{
"clone": {
"depth": 0,
"disable": false
},
"kind": "pipeline",
"name": "print-secrets",
"steps": [
{
"environment": {
"GITEA_APP_NAME": {
"from_secret": "gitea-app-name"
},
"GITEA_MAILER_FROM": {
"from_secret": "gitea-mailer-from"
},
"GITEA_MAILER_HOST": {
"from_secret": "gitea-mailer-host"
},
"GITEA_MAILER_PASSWD": {
"from_secret": "gitea-mailer-passwd"
},
"GITEA_MAILER_USER": {
"from_secret": "gitea-mailer-user"
},
"GITEA_OAUTH2_JWT_SECRET": {
"from_secret": "gitea-oauth2-jwt-secret"
},
"GITEA_SECURITY_INTERNAL_TOKEN": {
"from_secret": "gitea-security-internal-token"
},
"GITEA_SECURITY_SECRET_KEY": {
"from_secret": "gitea-security-secret-key"
},
"GITEA_SERVER_LFS_JWT_SECRET": {
"from_secret": "gitea-server-lfs-jwt-secret"
},
"MYSQL_ROOT_PASSWORD": {
"from_secret": "mysql-root-password"
}
},
"image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
"name": "print secrets command",
"settings": {
"envs": [
"drone_tag",
"drone_commit",
"drone_build_number",
"drone_repo_name",
"drone_repo_namespace",
"gitea_mailer_host",
"gitea_mailer_from",
"gitea_mailer_user",
"gitea_app_name",
"gitea_server_lfs_jwt_secret",
"gitea_security_secret_key",
"gitea_security_internal_token",
"gitea_oauth2_jwt_secret",
"gitea_mailer_passwd",
"mysql_root_password"
],
"script": [
"rm -f env-gitea-secret",
"echo \"docker secret add --name=GITEA_MAILER_HOST --data='$${GITEA_MAILER_HOST}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-mailer-host\"",
"echo \"docker secret add --name=GITEA_MAILER_FROM --data='$${GITEA_MAILER_FROM}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-mailer-from\"",
"echo \"docker secret add --name=GITEA_MAILER_USER --data='$${GITEA_MAILER_USER}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-mailer-user\"",
"echo \"docker secret add --name=GITEA_APP_NAME --data='$${GITEA_APP_NAME}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-app-name\"",
"echo \"docker secret add --name=GITEA_SERVER_LFS_JWT_SECRET --data='$${GITEA_SERVER_LFS_JWT_SECRET}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-server-lfs-jwt-secret\"",
"echo \"docker secret add --name=GITEA_SECURITY_SECRET_KEY --data='$${GITEA_SECURITY_SECRET_KEY}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-security-secret-key\"",
"echo \"docker secret add --name=GITEA_SECURITY_INTERNAL_TOKEN --data='$${GITEA_SECURITY_INTERNAL_TOKEN}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-security-internal-token\"",
"echo \"docker secret add --name=GITEA_OAUTH2_JWT_SECRET --data='$${GITEA_OAUTH2_JWT_SECRET}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-oauth2-jwt-secret\"",
"echo \"docker secret add --name=GITEA_MAILER_PASSWD --data='$${GITEA_MAILER_PASSWD}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"gitea-mailer-passwd\"",
"echo \"docker secret add --name=MYSQL_ROOT_PASSWORD --data='$${MYSQL_ROOT_PASSWORD}' $${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}\" >> env-gitea-secret # \"mysql-root-password\""
]
}
}
],
"trigger": {
"event": [
"promote"
],
"target": [
"print-secrets"
]
},
"type": "docker"
}
---
{
"clone": {
"depth": 0,
"disable": false
},
"kind": "pipeline",
"name": "build",
"services": [
{
"image": "docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f",
"name": "docker",
"privileged": true,
"volumes": [
{
"name": "dockersock",
"path": "/var/run"
},
{
"name": "ca",
"path": "/etc/docker/certs.d"
},
{
"name": "daemonjson",
"path": "/etc/docker/daemon.json"
}
]
}
],
"steps": [
{
"commands": [
"set -e",
"export NAME=gitea",
"export ROOT=stack",
"n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n",
"sh .drone/build.sh",
"sh .drone/push.sh"
],
"environment": { },
"image": "docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f",
"name": "dockerbuild:",
"volumes": [
{
"name": "dockersock",
"path": "/var/run"
}
]
}
],
"trigger": {
"event": [
"promote"
],
"target": [
"build"
]
},
"type": "docker",
"volumes": [
{
"name": "dockersock",
"temp": { }
},
{
"host": {
"path": "/etc/docker/certs.d"
},
"name": "ca"
},
{
"host": {
"path": "/etc/docker/daemon.json"
},
"name": "daemonjson"
}
]
}
---
{
"clone": {
"depth": 0,
"disable": false
},
"kind": "pipeline",
"name": "deploy",
"steps": [
{
"image": "appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47",
"name": "scp",
"settings": {
"command_timeout": "2m",
"source": [
"."
],
"target": "/stack/gitea"
}
},
{
"environment": {
"GITEA_APP_NAME": {
"from_secret": "gitea-app-name"
},
"GITEA_MAILER_FROM": {
"from_secret": "gitea-mailer-from"
},
"GITEA_MAILER_HOST": {
"from_secret": "gitea-mailer-host"
},
"GITEA_MAILER_PASSWD": {
"from_secret": "gitea-mailer-passwd"
},
"GITEA_MAILER_USER": {
"from_secret": "gitea-mailer-user"
},
"GITEA_OAUTH2_JWT_SECRET": {
"from_secret": "gitea-oauth2-jwt-secret"
},
"GITEA_SECURITY_INTERNAL_TOKEN": {
"from_secret": "gitea-security-internal-token"
},
"GITEA_SECURITY_SECRET_KEY": {
"from_secret": "gitea-security-secret-key"
},
"GITEA_SERVER_LFS_JWT_SECRET": {
"from_secret": "gitea-server-lfs-jwt-secret"
},
"MYSQL_ROOT_PASSWORD": {
"from_secret": "mysql-root-password"
}
},
"image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
"name": "deploy",
"settings": {
"envs": [
"drone_tag",
"drone_commit",
"drone_build_number",
"drone_repo_name",
"drone_repo_namespace",
"scheme",
"domain",
"registry_domain",
"registry_port",
"registry_password",
"gitea_mailer_host",
"gitea_mailer_from",
"gitea_mailer_user",
"gitea_app_name",
"gitea_server_lfs_jwt_secret",
"gitea_security_secret_key",
"gitea_security_internal_token",
"gitea_oauth2_jwt_secret",
"gitea_mailer_passwd",
"mysql_root_password"
],
"script": [
"export GITEA_SERVER_LFS_JWT_SECRET=$${GITEA_SERVER_LFS_JWT_SECRET}",
"export GITEA_SECURITY_SECRET_KEY=$${GITEA_SECURITY_SECRET_KEY}",
"export GITEA_SECURITY_INTERNAL_TOKEN=$${GITEA_SECURITY_INTERNAL_TOKEN}",
"export GITEA_OAUTH2_JWT_SECRET=$${GITEA_OAUTH2_JWT_SECRET}",
"export GITEA_MAILER_PASSWD=$${GITEA_MAILER_PASSWD}",
"export MYSQL_ROOT_PASSWORD=$${MYSQL_ROOT_PASSWORD}",
"export GITEA_MAILER_HOST=$${GITEA_MAILER_HOST}",
"export GITEA_MAILER_FROM=$${GITEA_MAILER_FROM}",
"export GITEA_MAILER_USER=$${GITEA_MAILER_USER}",
"export GITEA_APP_NAME=$${GITEA_APP_NAME}",
"export SCHEME=$${SCHEME}",
"export DOMAIN=$${DOMAIN}",
"export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN}",
"export REGISTRY_PORT=$${REGISTRY_PORT}",
"export REGISTRY_PASSWORD=$${REGISTRY_PASSWORD}",
"set -e",
"export NAME=gitea",
"export ROOT=stack",
"cd /stack/gitea",
"n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n",
"sh .drone/pull.sh",
"sh .drone/deploy.sh"
]
}
}
],
"trigger": {
"event": [
"promote"
],
"target": [
"deploy"
]
},
"type": "docker"
}

1
.drone/lib/secret-secrets.libsonnet
View File

@ -4,5 +4,4 @@
'gitea-security-internal-token', 'gitea-security-internal-token',
'gitea-oauth2-jwt-secret', 'gitea-oauth2-jwt-secret',
'gitea-mailer-passwd', 'gitea-mailer-passwd',
'mysql-root-password'
] ]

2
.drone/pull.sh
View File

@ -1 +1 @@
docker pull ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/gitea docker pull ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/gitea:$1

2
.drone/push.sh
View File

@ -1 +1 @@
docker push ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/gitea docker push ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/gitea:$1

8
README.md
View File

@ -1,7 +1,7 @@
# gitea # gitea
## secrets ## secrets
* domain * git-domain
* gitea-app-name * gitea-app-name
* gitea-mailer-from * gitea-mailer-from
* gitea-mailer-host * gitea-mailer-host
@ -12,8 +12,4 @@
* gitea-security-secret-key * gitea-security-secret-key
* gitea-server-lfs-jwt-secret * gitea-server-lfs-jwt-secret
* local-docker-registry * local-docker-registry
* registry-password * registry-password
## mysql
set up https://docs.gitea.io/en-us/database-prep/

33
docker-compose.yml
View File

@ -3,11 +3,11 @@ services:
gitea: gitea:
deploy: deploy:
placement: placement:
constraints: [node.labels.com.sigyl.gitea == yes] constraints: [node.labels.com.sigyl.git-stack == yes]
replicas: 1 replicas: 1
restart_policy: restart_policy:
condition: any condition: any
image: ${LOCAL_DOCKER_REGISTRY}gitea image: ${LOCAL_DOCKER_REGISTRY}gitea:${TAG}
environment: environment:
- USER_UID=1000 - USER_UID=1000
- USER_GID=1000 - USER_GID=1000
@ -23,41 +23,18 @@ services:
- GITEA_MAILER_USER=$GITEA_MAILER_USER - GITEA_MAILER_USER=$GITEA_MAILER_USER
- GITEA_MAILER_FROM=$GITEA_MAILER_FROM - GITEA_MAILER_FROM=$GITEA_MAILER_FROM
- GITEA_MAILER_PASSWD=$GITEA_MAILER_PASSWD - GITEA_MAILER_PASSWD=$GITEA_MAILER_PASSWD
- GITEA__database__DB_TYPE=mysql - GITEA_MAILER_PROTOCOL=$GITEA_MAILER_PROTOCOL
- GITEA__database__HOST=mysql:3306
- GITEA__database__NAME=gitead
- GITEA__database__USER=gitea
- GITEA__database__PASSWD=gitea
volumes: volumes:
- gitea-app-4:/data - gitea-app:/data
ports: ports:
- 3000:3000 - 3000:3000
- 22:22 - 22:22
networks: networks:
- appnet - appnet
- externalnet - externalnet
mysql:
image: ${DOCKER_REGISTRY}mysql:8
deploy:
placement:
constraints: [node.labels.com.sigyl.git-stack-data == yes]
replicas: 1
restart_policy:
condition: any
volumes:
- gitea-data-5:/var/lib/mysql
environment:
#- MYSQL_ROOT_PASSWORD: $MYSQL_ROOT_PASSWORD
- MYSQL_ROOT_PASSWORD=gitea
- MYSQL_USER=gitea
- MYSQL_PASSWORD=gitea
- MYSQL_DATABASE=gitea
networks:
- appnet
volumes: volumes:
gitea-app-4: gitea-app:
gitea-data-5:
networks: networks:
appnet: appnet:

4
gitea/Dockerfile
View File

@ -1,6 +1,6 @@
ARG REGISTRY ARG REGISTRY
FROM ${REGISTRY}gitea/gitea:1.16.7-linux-amd64 FROM gitea/gitea:1.20.5-linux-amd64
COPY app.ini /init/ COPY app.ini /init/
#COPY ./templates /init/templates/ COPY ./templates /init/templates/
COPY run.sh / COPY run.sh /
CMD ["sh", "/run.sh"] CMD ["sh", "/run.sh"]

10
gitea/app.ini
View File

@ -56,8 +56,8 @@ PATH = /data/gitea/attachments
[log] [log]
ROOT_PATH = /data/gitea/log ROOT_PATH = /data/gitea/log
MODE = console MODE = file
LEVEL = debug LEVEL = info
[security] [security]
INSTALL_LOCK = true INSTALL_LOCK = true
@ -65,8 +65,7 @@ SECRET_KEY = ${GITEA_SECURITY_SECRET_KEY}
INTERNAL_TOKEN = ${GITEA_SECURITY_INTERNAL_TOKEN} INTERNAL_TOKEN = ${GITEA_SECURITY_INTERNAL_TOKEN}
PASSWORD_COMPLEXITY = off PASSWORD_COMPLEXITY = off
[service] [service]
DISABLE_REGISTRATION = false DISABLE_REGISTRATION = true
SHOW_REGISTRATION_BUTTON = true
REQUIRE_SIGNIN_VIEW = false REQUIRE_SIGNIN_VIEW = false
REGISTER_EMAIL_CONFIRM = true REGISTER_EMAIL_CONFIRM = true
ENABLE_NOTIFY_MAIL = true ENABLE_NOTIFY_MAIL = true
@ -90,6 +89,3 @@ PASSWD = ${GITEA_MAILER_PASSWD}
[openid] [openid]
ENABLE_OPENID_SIGNIN = true ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true ENABLE_OPENID_SIGNUP = true
[webhook]
ALLOWED_HOST_LIST=*

0
gitea/new-app.ini
View File

1
gitea/run.sh
View File

@ -1,5 +1,4 @@
envsubst < /init/app.ini > /data/gitea/conf/app.ini envsubst < /init/app.ini > /data/gitea/conf/app.ini
cat /data/gitea/conf/app.ini
mkdir -p /data/gitea/templates mkdir -p /data/gitea/templates
for file in /init/templates/* for file in /init/templates/*
do do

2
gitea/templates/home.tmpl
View File

@ -3,7 +3,7 @@
<div class="ui stackable middle very relaxed page grid"> <div class="ui stackable middle very relaxed page grid">
<div class="sixteen wide center aligned centered column"> <div class="sixteen wide center aligned centered column">
<div> <div>
<img class="logo" src="{{StaticUrlPrefix}}/img/gitea-lg.png" /> <img class="logo" src="{{AssetUrlPrefix}}/img/gitea-lg.png" />
</div> </div>
<div class="hero"> <div class="hero">
<h1 class="ui icon header title"> <h1 class="ui icon header title">

2
node_modules/.yarn-integrity generated vendored
View File

@ -1,5 +1,5 @@
{ {
"systemParams": "linux-x64-108", "systemParams": "darwin-x64-72",
"modulesFolders": [ "modulesFolders": [
"node_modules" "node_modules"
], ],