56 lines
1.7 KiB
YAML
56 lines
1.7 KiB
YAML
version: "3"
|
|
|
|
services:
|
|
app:
|
|
image: gitea/gitea:${GITEA_VERSION}
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- db
|
|
environment:
|
|
- USER_GID=${USER_GID}
|
|
- USER_UID=${USER_UID}
|
|
labels:
|
|
- traefik.docker.network=traefik-proxy
|
|
- traefik.enable=true
|
|
### Section HTTP
|
|
- traefik.http.routers.http-${TRAEFIK_ROUTER}.entrypoints=http
|
|
- traefik.http.services.${TRAEFIK_SERVICE}.loadbalancer.server.port=8080
|
|
# redirect to HTTPS only
|
|
- traefik.http.routers.http-${TRAEFIK_ROUTER}.middlewares=http-to-https
|
|
- traefik.http.routers.http-${TRAEFIK_ROUTER}.rule=Host(`${TRAEFIK_HOST}`)
|
|
### Section HTTPS
|
|
- traefik.http.routers.https-${TRAEFIK_ROUTER}.entrypoints=https
|
|
- traefik.http.services.${TRAEFIK_SERVICE}.loadbalancer.server.port=3000
|
|
# configure the exposed service
|
|
- traefik.http.routers.https-${TRAEFIK_ROUTER}.rule=Host(`${TRAEFIK_HOST}`)
|
|
# of course, enable TLS and it's certificate provider
|
|
- traefik.http.routers.https-${TRAEFIK_ROUTER}.tls=true
|
|
- traefik.http.routers.https-${TRAEFIK_ROUTER}.tls.certresolver=letsencrypt
|
|
networks:
|
|
- internal
|
|
- traefik-proxy
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- ./data/gitea:/data
|
|
- ${GIT_HOMEDIR}/.ssh:/data/git/.ssh
|
|
ports:
|
|
- ${SSH_PORT}:22
|
|
db:
|
|
image: mariadb:${MYSQL_VERSION}
|
|
restart: unless-stopped
|
|
environment:
|
|
- MYSQL_DATABASE=${MYSQL_DATABASE}
|
|
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
|
|
- MYSQL_RANDOM_ROOT_PASSWORD=yes
|
|
- MYSQL_USER=${MYSQL_USER}
|
|
networks:
|
|
- internal
|
|
volumes:
|
|
- ./data/mysql:/var/lib/mysql
|
|
|
|
networks:
|
|
internal:
|
|
traefik-proxy:
|
|
external: true
|