homelab-docs/scripts/gitea/docker-compose.yml

# Шаблон для /opt/gitea/ на CT 103
# Секреты в .env (генерируется deploy-gitea-credentials.sh из Vaultwarden).
# .env не коммитить.

services:
  db:
    image: docker.io/library/postgres:16-alpine
    restart: unless-stopped
    env_file: .env
    environment:
      POSTGRES_USER: gitea
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
      POSTGRES_DB: gitea
    volumes:
      - gitea-postgres:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U gitea"]
      interval: 10s
      timeout: 5s
      retries: 5

  server:
    image: docker.gitea.com/gitea:1.25
    container_name: gitea
    restart: unless-stopped
    depends_on:
      db:
        condition: service_healthy
    env_file: .env
    environment:
      USER_UID: 1000
      USER_GID: 1000
      GITEA__database__DB_TYPE: postgres
      GITEA__database__HOST: db:5432
      GITEA__database__NAME: gitea
      GITEA__database__USER: gitea
      GITEA__database__PASSWD: ${POSTGRES_PASSWORD}
      GITEA__server__DOMAIN: 192.168.1.103
      GITEA__server__ROOT_URL: http://192.168.1.103:3000/
      GITEA__server__SSH_PORT: 2222
    volumes:
      - gitea-data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "2222:22"
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:3000/"]
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 30s

  runner:
    image: docker.io/gitea/act_runner:latest
    restart: unless-stopped
    depends_on:
      server:
        condition: service_healthy
    env_file: .env
    environment:
      GITEA_INSTANCE_URL: http://server:3000
      GITEA_RUNNER_REGISTRATION_TOKEN: ${GITEA_RUNNER_REGISTRATION_TOKEN}
      GITEA_RUNNER_NAME: gitea-103-runner
      GITEA_RUNNER_LABELS: docker:docker://alpine:latest
    volumes:
      - runner-data:/data
      - /var/run/docker.sock:/var/run/docker.sock

volumes:
  gitea-data:
  gitea-postgres:
  runner-data: