Update infra

Signed-off-by: Bensuperpc <bensuperpc@gmail.com>

Makefile

@@ -20,7 +20,7 @@
 
 DOCKER := docker
 
-PROFILES := webserver database wordpress adminer uptime-kuma portainer qbittorrent
+PROFILES := webserver database wordpress adminer uptime-kuma portainer qbittorrent gitea
 PROFILE_CMD := $(addprefix --profile ,$(PROFILES))
 
 COMPOSE_FILES :=  $(shell find docker-compose*.yml | sed -e 's/^/--file /')

README.md

@@ -58,13 +58,18 @@ Check if all bensuperpc.* are replaced by your domain in [Caddyfile](caddy/wordp
 
 And then, caddy will generate the certificate for you and renew it automatically :D (It's easier than certbot and nginx)
 
-| Domain name | Description |
+| Domain name | Type | Description |
 | --- | --- |
-| bensuperpc.org | Main domain |
+| bensuperpc.org | Main | Main domain |
-| bensuperpc.com | Redirect to bensuperpc.org |
+| adminer.bensuperpc.org | Sub | Adminer for MariaDB for wordpress only |
-| bensuperpc.fr | Redirect to bensuperpc.org |
+| uptimekuma.bensuperpc.org | Sub | Uptime Kuma for monitoring |
-| bensuperpc.net | Redirect to bensuperpc.org |
+| torrent.bensuperpc.org | Sub | Torrent server |
-| bensuperpc.ovh | Redirect to bensuperpc.org |
+| git.bensuperpc.org | Sub | Gitea for git |
+| link.bensuperpc.org | Sub | For link shortener |
+| bensuperpc.com | Main | Redirect to bensuperpc.org |
+| bensuperpc.fr | Sub | Redirect to bensuperpc.org |
+| bensuperpc.net | Sub | Redirect to bensuperpc.org |
+| bensuperpc.ovh | Sub | Redirect to bensuperpc.org |
 
 ### Configure the infrastructure
 
@@ -85,7 +90,7 @@ WORDPRESS_DB_NAME=wordpress
 WORDPRESS_DB_HOST=database:3306
 ```
 
-For [mariadb.env](env/mariadb.env) file, you need to change the password(s) and user for the database.
+For [wordpress_db.env](env/wordpress_db.env) file, you need to change the password(s) and user for the database.
     
 ```sh
 MARIADB_ROOT_PASSWORD=7L1Ncbquax0B2TCOmrjaQl9n5mnY88bQ
@@ -103,6 +108,25 @@ MYSQL_PASSWORD=lEOEf8cndnDjp84O4Uv5D9zJLJDFatLw
 ADMINER_DEFAULT_SERVER=database
 ```
 
+For [gitea.env](env/gitea.env) file, you need to change the password(s) and user for the database.
+
+```sh
+GITEA__database__DB_TYPE=mysql
+GITEA__database__HOST=database_gitea:3306
+GITEA__database__NAME=gitea
+GITEA__database__USER=bensuperpc
+GITEA__database__PASSWD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j
+```
+
+For [gitea_db.env](env/gitea_db.env) file, you need to change the password(s) and user for the database.
+
+```sh
+MYSQL_ROOT_PASSWORD=xpc4zIhHZzWKqVHcjBu4aW6aS7jG8d7X
+MYSQL_USER=bensuperpc
+MYSQL_PASSWORD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j
+MYSQL_DATABASE=gitea
+```
+
 ### Wordpress website
 
 For the Wordpress website, you can configure in GUI when you go to the website.

caddy/bensuperpc.org/Caddyfile

@@ -48,6 +48,10 @@ torrent.bensuperpc.org {
 	reverse_proxy qbittorrent:8080
 }
 
+git.bensuperpc.org {
+	reverse_proxy gitea:3000
+}
+
 link.bensuperpc.org {
 	redir /rickroll https://www.youtube.com/watch?v=dQw4w9WgXcQ permanent
 	redir /babyshark https://www.youtube.com/watch?v=XqZsoesa55w permanent

docker-compose.yml

@@ -12,9 +12,7 @@ services:
     volumes:
       - database:/var/lib/mysql:rw
     env_file:
-      - env/mariadb.env
+      - env/wordpress_db.env
-    environment:
-      MYSQL_DATABASE: blog_wp
     command: '--default-authentication-plugin=mysql_native_password'
     networks:
       - infra-network
@@ -100,6 +98,43 @@ services:
     security_opt:
       - no-new-privileges:true
   
+  gitea:
+    image: gitea/gitea:latest-rootless
+    container_name: gitea
+    profiles:
+      - gitea
+    restart: on-failure
+    depends_on:
+      - caddy
+    env_file:
+      - env/gitea.env
+    volumes:
+      - gitea_data:/var/lib/gitea
+      - gitea_config:/etc/gitea
+#      - /etc/timezone:/etc/timezone:ro
+#      - /etc/localtime:/etc/localtime:ro
+    networks:
+      - infra-network
+    security_opt:
+      - no-new-privileges:true
+  database_gitea:
+    image: mariadb:latest
+    container_name: database_gitea
+    profiles:
+      - database
+    depends_on:
+      - gitea
+    restart: on-failure
+    volumes:
+      - gitea_db:/var/lib/mysql:rw
+    env_file:
+      - env/gitea_db.env
+    command: '--default-authentication-plugin=mysql_native_password'
+    networks:
+      - infra-network
+    security_opt:
+      - no-new-privileges:true
+
   qbittorrent:
     image: lscr.io/linuxserver/qbittorrent:latest
     container_name: qbittorrent
@@ -108,21 +143,15 @@ services:
     restart: on-failure
     depends_on:
       - caddy
-    environment:
+    env_file:
-      - PUID=1000
+      - env/qbittorrent.env
-      - PGID=1000
-      - TZ=Etc/UTC
-      - WEBUI_PORT=8080
-      - TORRENTING_PORT=6881
     volumes:
       - qbittorrent_config:/config
       - qbittorrent_data:/downloads
     networks:
       - infra-network
-#    ports:
+    security_opt:
-#      - 8080:8080
+      - no-new-privileges:true
-#      - 6881:6881
-#      - 6881:6881/udp
 
 networks:
   infra-network:
@@ -144,3 +173,9 @@ volumes:
     name: qbittorrent_data
   uptimekuma_data:
     name: uptimekuma_data
+  gitea_data:
+    name: gitea_data
+  gitea_config:
+    name: gitea_config
+  gitea_db:
+    name: gitea_db

env/gitea.env

@@ -0,0 +1,7 @@
+USER_UID=1000
+USER_GID=1000
+GITEA__database__DB_TYPE=mysql
+GITEA__database__HOST=database_gitea:3306
+GITEA__database__NAME=gitea
+GITEA__database__USER=bensuperpc
+GITEA__database__PASSWD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j

env/gitea_db.env

@@ -0,0 +1,4 @@
+MYSQL_ROOT_PASSWORD=xpc4zIhHZzWKqVHcjBu4aW6aS7jG8d7X
+MYSQL_USER=bensuperpc
+MYSQL_PASSWORD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j
+MYSQL_DATABASE=gitea

env/qbittorrent.env

@@ -0,0 +1,5 @@
+PUID=1000
+PGID=1000
+TZ=Etc/UTC
+WEBUI_PORT=8080
+TORRENTING_PORT=6881