mirror of
				https://github.com/bensuperpc/infrastructure.git
				synced 2025-10-25 23:36:20 +02:00 
			
		
		
		
	Compare commits
	
		
			2 Commits
		
	
	
		
			2d268629b5
			...
			e942d364fe
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| e942d364fe | |||
| c7b7ce8585 | 
							
								
								
									
										17
									
								
								Makefile
									
									
									
									
									
								
							
							
						
						
									
										17
									
								
								Makefile
									
									
									
									
									
								
							| @@ -11,17 +11,20 @@ | |||||||
| #//                                                          // | #//                                                          // | ||||||
| #////////////////////////////////////////////////////////////// | #////////////////////////////////////////////////////////////// | ||||||
|  |  | ||||||
| BLOG_SERVICES := wordpress | #BLOG_SERVICES := wordpress | ||||||
| TORRENTS_SERVICES := qbittorrent transmission | #TORRENTS_SERVICES := qbittorrent transmission | ||||||
| SHARING_SERVICES := psitransfer picoshare privatebin projectsend jellyfin dufs gitea syncthing | #SHARING_SERVICES := psitransfer picoshare privatebin projectsend jellyfin dufs syncthing | ||||||
|  | GIT_SERVICES := forgejo forgejo-runner | ||||||
| ADMIN_SERVICES := yacht uptime-kuma openssh | ADMIN_SERVICES := yacht uptime-kuma openssh | ||||||
| UTILS_SERVICES := it-tools stirlingpdf omni-tools | # gitea | ||||||
| IA_SERVICES := open-webui | #UTILS_SERVICES := it-tools stirlingpdf omni-tools | ||||||
|  | #IA_SERVICES := open-webui | ||||||
| # gitea-runner | # gitea-runner | ||||||
| GAME_SERVICES := mc-server mc-backup | GAME_SERVICES :=  | ||||||
|  | #mc-server mc-backup | ||||||
| # 7daystodie_server 7daystodie_backup satisfactory_server satisfactory_backup | # 7daystodie_server 7daystodie_backup satisfactory_server satisfactory_backup | ||||||
| PROJECT_DIRECTORY := infrastructure | PROJECT_DIRECTORY := infrastructure | ||||||
|  |  | ||||||
| DOCKER_PROFILES := main_infrastructure caddy homepage $(BLOG_SERVICES) $(SHARING_SERVICES) $(TORRENTS_SERVICES) $(ADMIN_SERVICES) $(UTILS_SERVICES) $(IA_SERVICES) $(GAME_SERVICES)  | DOCKER_PROFILES := main_infrastructure caddy homepage $(BLOG_SERVICES) $(SHARING_SERVICES) $(TORRENTS_SERVICES) $(ADMIN_SERVICES) $(UTILS_SERVICES) $(IA_SERVICES) $(GAME_SERVICES) $(GIT_SERVICES) | ||||||
|  |  | ||||||
| include DockerCompose.mk | include DockerCompose.mk | ||||||
|   | |||||||
							
								
								
									
										43
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										43
									
								
								README.md
									
									
									
									
									
								
							| @@ -88,6 +88,7 @@ And then, caddy will generate the certificate for you and renew it automatically | |||||||
| | [qbittorrent.bensuperpc.org](https://qbittorrent.bensuperpc.org) | Sub | Torrent client/server | | | [qbittorrent.bensuperpc.org](https://qbittorrent.bensuperpc.org) | Sub | Torrent client/server | | ||||||
| | [transmission.bensuperpc.org](https://transmission.bensuperpc.org) | Sub | Torrent client/server | | | [transmission.bensuperpc.org](https://transmission.bensuperpc.org) | Sub | Torrent client/server | | ||||||
| | [git.bensuperpc.org](https://git.bensuperpc.org) | Sub | Gitea for git | | | [git.bensuperpc.org](https://git.bensuperpc.org) | Sub | Gitea for git | | ||||||
|  | | [forgejo.bensuperpc.org](https://forgejo.bensuperpc.org/) | Sub | Fork of Gitea for git | | ||||||
| | [link.bensuperpc.org](https://link.bensuperpc.org) | Sub | For link shortener | | | [link.bensuperpc.org](https://link.bensuperpc.org) | Sub | For link shortener | | ||||||
| | [jellyfin.bensuperpc.org](https://jellyfin.bensuperpc.org) | Sub | Jellyfin for media server | | | [jellyfin.bensuperpc.org](https://jellyfin.bensuperpc.org) | Sub | Jellyfin for media server | | ||||||
| | [syncthing.bensuperpc.org](https://syncthing.bensuperpc.org) | Sub | SyncThing for file synchronization | | | [syncthing.bensuperpc.org](https://syncthing.bensuperpc.org) | Sub | SyncThing for file synchronization | | ||||||
| @@ -279,6 +280,46 @@ You can change the homepage config in these files: | |||||||
| - [settings.yaml](infrastructure/services/homepage/config/settings.yaml) | - [settings.yaml](infrastructure/services/homepage/config/settings.yaml) | ||||||
| - [widgets.yaml](infrastructure/services/homepage/config/widgets.yaml) | - [widgets.yaml](infrastructure/services/homepage/config/widgets.yaml) | ||||||
|  |  | ||||||
|  | ### Forgejo | ||||||
|  |  | ||||||
|  | ```sh | ||||||
|  | docker exec -it forgejo_runner /bin/bash | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ```sh | ||||||
|  | forgejo-runner generate-config > /data/config.yml | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Now update the config.yml file to support docker-in-docker: | ||||||
|  |  | ||||||
|  | ```yml | ||||||
|  |   envs: | ||||||
|  |     DOCKER_TLS_VERIFY: 1 | ||||||
|  |     DOCKER_CERT_PATH: /certs/client | ||||||
|  |     DOCKER_HOST: tcp://docker:2376 | ||||||
|  |   labels: ["ubuntu-latest:docker://node:20-bookworm", "ubuntu-22.04:docker://node:20-bookworm"] | ||||||
|  |   network: host | ||||||
|  |   options: -v /certs/client:/certs/client | ||||||
|  |   valid_volumes: | ||||||
|  |      - /certs/client | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Register the runner with your Forgejo instance: | ||||||
|  |  | ||||||
|  |  | ||||||
|  | ```sh | ||||||
|  | forgejo-runner register | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | You will need to provide the following information: | ||||||
|  |  | ||||||
|  | ```sh | ||||||
|  | https://forgejo.bensuperpc.org/ | ||||||
|  | <Your Registration Token, in https://forgejo.bensuperpc.org/admin/actions/runners> | ||||||
|  | ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04 | ||||||
|  | main | ||||||
|  | ``` | ||||||
|  |  | ||||||
| ### Docker volumes | ### Docker volumes | ||||||
|  |  | ||||||
| This infrastructure uses docker volumes to store data, all configuration/data for each service are not shared between services for security and maintenance reasons, but **public_data** and **private_data** are shared between all services to store your data. | This infrastructure uses docker volumes to store data, all configuration/data for each service are not shared between services for security and maintenance reasons, but **public_data** and **private_data** are shared between all services to store your data. | ||||||
| @@ -333,6 +374,8 @@ ssh -p 2222 admin@bensuperpc.org | |||||||
| - [Stirling PDF](https://github.com/Stirling-Tools/Stirling-PDF) | - [Stirling PDF](https://github.com/Stirling-Tools/Stirling-PDF) | ||||||
| - [open-webui](https://github.com/open-webui/open-webui) | - [open-webui](https://github.com/open-webui/open-webui) | ||||||
| - [Fix docker volume](https://pratikpc.medium.com/use-docker-compose-named-volumes-as-non-root-within-your-containers-1911eb30f731) | - [Fix docker volume](https://pratikpc.medium.com/use-docker-compose-named-volumes-as-non-root-within-your-containers-1911eb30f731) | ||||||
|  | - [Forgejo-runner](https://code.forgejo.org/forgejo/runner) | ||||||
|  | - [Forgejo-runner](https://huijzer.xyz/posts/55) | ||||||
|  |  | ||||||
| ## License | ## License | ||||||
|  |  | ||||||
|   | |||||||
| @@ -9,6 +9,8 @@ include: | |||||||
|   - services/dufs/docker-compose.dufs.yml |   - services/dufs/docker-compose.dufs.yml | ||||||
| # Gitea | # Gitea | ||||||
|   - services/gitea/docker-compose.gitea.yml |   - services/gitea/docker-compose.gitea.yml | ||||||
|  | # Forgejo | ||||||
|  |   - services/forgejo/docker-compose.forgejo.yml | ||||||
| # Homepage | # Homepage | ||||||
|   - services/homepage/docker-compose.homepage.yml |   - services/homepage/docker-compose.homepage.yml | ||||||
| # It-tools | # It-tools | ||||||
|   | |||||||
| @@ -94,6 +94,10 @@ git.{$MAIN_DOMAIN} { | |||||||
| 	reverse_proxy gitea:3000 | 	reverse_proxy gitea:3000 | ||||||
| } | } | ||||||
|  |  | ||||||
|  | forgejo.{$MAIN_DOMAIN} { | ||||||
|  | 	reverse_proxy forgejo:3000 | ||||||
|  | } | ||||||
|  |  | ||||||
| jellyfin.{$MAIN_DOMAIN} { | jellyfin.{$MAIN_DOMAIN} { | ||||||
| 	reverse_proxy jellyfin:8096 | 	reverse_proxy jellyfin:8096 | ||||||
| } | } | ||||||
|   | |||||||
							
								
								
									
										97
									
								
								infrastructure/services/forgejo/docker-compose.forgejo.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										97
									
								
								infrastructure/services/forgejo/docker-compose.forgejo.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,97 @@ | |||||||
|  | services: | ||||||
|  |   # forgejo | ||||||
|  |   forgejo: | ||||||
|  |     image: codeberg.org/forgejo/forgejo:11-rootless | ||||||
|  |     container_name: forgejo | ||||||
|  |     profiles: | ||||||
|  |       - forgejo | ||||||
|  |     restart: on-failure:5 | ||||||
|  |     depends_on: | ||||||
|  |       - database_forgejo | ||||||
|  |       - caddy | ||||||
|  |     ports: | ||||||
|  |       - "5555:5555" | ||||||
|  |     env_file: | ||||||
|  |       - ./env/forgejo.env | ||||||
|  |     volumes: | ||||||
|  |       - forgejo_data:/var/lib/gitea | ||||||
|  |       - forgejo_config:/etc/gitea | ||||||
|  |       - /etc/timezone:/etc/timezone:ro | ||||||
|  |       - /etc/localtime:/etc/localtime:ro | ||||||
|  |     networks: | ||||||
|  |       - infra-network | ||||||
|  |     security_opt: | ||||||
|  |       - no-new-privileges:true | ||||||
|  |    | ||||||
|  |   # Database forgejo | ||||||
|  |   database_forgejo: | ||||||
|  |     image: mariadb:latest | ||||||
|  |     container_name: database_forgejo | ||||||
|  |     profiles: | ||||||
|  |       - forgejo | ||||||
|  |     depends_on: | ||||||
|  |       - caddy | ||||||
|  |     restart: on-failure:5 | ||||||
|  |     volumes: | ||||||
|  |       - forgejo_db:/var/lib/mysql:rw | ||||||
|  |     env_file: | ||||||
|  |       - ./env/forgejo_db.env | ||||||
|  |     command: '--default-authentication-plugin=mysql_native_password' | ||||||
|  |     networks: | ||||||
|  |       - infra-network | ||||||
|  |     security_opt: | ||||||
|  |       - no-new-privileges:true | ||||||
|  |  | ||||||
|  |   # forgejo-runner | ||||||
|  |   docker-in-docker: | ||||||
|  |     image: code.forgejo.org/oci/docker:dind | ||||||
|  |     container_name: 'docker_dind' | ||||||
|  |     hostname: docker | ||||||
|  |     networks: | ||||||
|  |       - infra-network | ||||||
|  |     profiles: | ||||||
|  |       - forgejo | ||||||
|  |     privileged: true | ||||||
|  |     environment: | ||||||
|  |       DOCKER_TLS_CERTDIR: /certs | ||||||
|  |       DOCKER_HOST: docker-in-docker | ||||||
|  |     volumes: | ||||||
|  |       - forgejo_certs:/certs | ||||||
|  |  | ||||||
|  |   forgejo_runner: | ||||||
|  |     image: 'code.forgejo.org/forgejo/runner:6.3.1' | ||||||
|  |     networks: | ||||||
|  |       - infra-network | ||||||
|  |     profiles: | ||||||
|  |       - forgejo | ||||||
|  |     links: | ||||||
|  |       - docker-in-docker | ||||||
|  |     depends_on: | ||||||
|  |       docker-in-docker: | ||||||
|  |         condition: service_started | ||||||
|  |     container_name: 'forgejo_runner' | ||||||
|  |     environment: | ||||||
|  |       DOCKER_HOST: tcp://docker:2376 | ||||||
|  |       DOCKER_CERT_PATH: /certs/client | ||||||
|  |       DOCKER_TLS_VERIFY: "1" | ||||||
|  | #    user: 1001:1001 | ||||||
|  |     volumes: | ||||||
|  | #      - ./config/forgejo_runner/config.yaml:/config.yaml:ro | ||||||
|  |       - forgejo_runner:/data | ||||||
|  |       - forgejo_certs:/certs | ||||||
|  |     restart: 'unless-stopped' | ||||||
|  |  | ||||||
|  |     command: '/bin/sh -c "while : ; do sleep 1 ; done ;"' | ||||||
|  | #    command: '/bin/sh -c "sleep 5; forgejo-runner -c /data/config.yml daemon"' | ||||||
|  |  | ||||||
|  | volumes: | ||||||
|  |   forgejo_data: | ||||||
|  |     name: forgejo_data | ||||||
|  |   forgejo_config: | ||||||
|  |     name: forgejo_config | ||||||
|  |   forgejo_db: | ||||||
|  |     name: forgejo_db | ||||||
|  |   forgejo_certs: | ||||||
|  |     name: forgejo_certs | ||||||
|  |   forgejo_runner: | ||||||
|  |     name: forgejo_runner | ||||||
							
								
								
									
										25
									
								
								infrastructure/services/forgejo/env/forgejo.env
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										25
									
								
								infrastructure/services/forgejo/env/forgejo.env
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,25 @@ | |||||||
|  | USER_UID=1000 | ||||||
|  | USER_GID=1000 | ||||||
|  | FORGEJO__database__DB_TYPE=mysql | ||||||
|  | FORGEJO__database__HOST=database_forgejo:3306 | ||||||
|  | FORGEJO__database__NAME=forgejo | ||||||
|  | FORGEJO__database__USER=bensuperpc | ||||||
|  | FORGEJO__database__PASSWD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j | ||||||
|  | FORGEJO__APP_NAME=The Homelab Git | ||||||
|  | FORGEJO__APP_SLOGAN=Personal Code, Mirrors, and More | ||||||
|  | FORGEJO__server__DOMAIN=forgejo.bensuperpc.org | ||||||
|  | FORGEJO__server__SSH_DOMAIN=forgejo.bensuperpc.org | ||||||
|  | FORGEJO__server__HTTP_PORT=3000 | ||||||
|  | FORGEJO__server__SSH_LISTEN_PORT=5555 | ||||||
|  | FORGEJO__server__SSH_PORT=5555 | ||||||
|  | FORGEJO__server__ROOT_URL=https://forgejo.bensuperpc.org | ||||||
|  | FORGEJO__security__SECRET_KEY=ykcZt23an1E4lFHWvrCKdAyt16WAiK9c | ||||||
|  | #FORGEJO__security__INTERNAL_TOKEN= | ||||||
|  | #FORGEJO__security__INSTALL_LOCK=true | ||||||
|  | FORGEJO__security__MIN_PASSWORD_LENGTH=8 | ||||||
|  | FORGEJO__actions__ENABLED=true | ||||||
|  | FORGEJO__actions__DEFAULT_ACTIONS_URL="https://forgejo.bensuperpc.org" | ||||||
|  | #FORGEJO__log__LEVEL: "debug" | ||||||
|  | FORGEJO__repository__ENABLE_PUSH_CREATE_USER=true | ||||||
|  | FORGEJO__repository__DEFAULT_PUSH_CREATE_PRIVATE=false | ||||||
|  | FORGEJO__repository__DEFAULT_REPO_UNITS=repo.code,repo.actions | ||||||
							
								
								
									
										4
									
								
								infrastructure/services/forgejo/env/forgejo_db.env
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								infrastructure/services/forgejo/env/forgejo_db.env
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | |||||||
|  | MARIADB_ROOT_PASSWORD=xpc4zIhHZzWKqVHcjBu4aW6aS7jG8d7X | ||||||
|  | MARIADB_USER=bensuperpc | ||||||
|  | MARIADB_PASSWORD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j | ||||||
|  | MARIADB_DATABASE=forgejo | ||||||
							
								
								
									
										0
									
								
								infrastructure/services/forgejo/env/forgejo_runner.env
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										0
									
								
								infrastructure/services/forgejo/env/forgejo_runner.env
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -16,8 +16,8 @@ services: | |||||||
|     volumes: |     volumes: | ||||||
|       - gitea_data:/var/lib/gitea |       - gitea_data:/var/lib/gitea | ||||||
|       - gitea_config:/etc/gitea |       - gitea_config:/etc/gitea | ||||||
| #      - /etc/timezone:/etc/timezone:ro |       - /etc/timezone:/etc/timezone:ro | ||||||
| #      - /etc/localtime:/etc/localtime:ro |       - /etc/localtime:/etc/localtime:ro | ||||||
|     networks: |     networks: | ||||||
|       - infra-network |       - infra-network | ||||||
|     security_opt: |     security_opt: | ||||||
| @@ -28,7 +28,6 @@ services: | |||||||
|     image: mariadb:latest |     image: mariadb:latest | ||||||
|     container_name: database_gitea |     container_name: database_gitea | ||||||
|     profiles: |     profiles: | ||||||
|       - database |  | ||||||
|       - gitea |       - gitea | ||||||
|     depends_on: |     depends_on: | ||||||
|       - caddy |       - caddy | ||||||
|   | |||||||
| @@ -96,6 +96,12 @@ | |||||||
|         description: Gitea |         description: Gitea | ||||||
|         ping: gitea.bensuperpc.org |         ping: gitea.bensuperpc.org | ||||||
|         container: gitea |         container: gitea | ||||||
|  |     - forgejo: | ||||||
|  |         icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/forgejo.png | ||||||
|  |         href: https://forgejo.bensuperpc.org/ | ||||||
|  |         description: Forgejo | ||||||
|  |         ping: forgejo.bensuperpc.org | ||||||
|  |         container: forgejo | ||||||
|     - open-webui: |     - open-webui: | ||||||
|         icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/open-webui.png |         icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/open-webui.png | ||||||
|         href: https://open-webui.bensuperpc.org/ |         href: https://open-webui.bensuperpc.org/ | ||||||
|   | |||||||
| @@ -77,3 +77,5 @@ volumes: | |||||||
|     name: minecraft_proxy_data |     name: minecraft_proxy_data | ||||||
|   minecraft_rcon_data: |   minecraft_rcon_data: | ||||||
|     name: minecraft_rcon_data |     name: minecraft_rcon_data | ||||||
|  | # forgejo | ||||||
|  | # gitea | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user