mirror of
				https://github.com/bensuperpc/infrastructure.git
				synced 2025-10-25 15:26:20 +02:00 
			
		
		
		
	Compare commits
	
		
			2 Commits
		
	
	
		
			2d268629b5
			...
			e942d364fe
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| e942d364fe | |||
| c7b7ce8585 | 
							
								
								
									
										17
									
								
								Makefile
									
									
									
									
									
								
							
							
						
						
									
										17
									
								
								Makefile
									
									
									
									
									
								
							| @@ -11,17 +11,20 @@ | ||||
| #//                                                          // | ||||
| #////////////////////////////////////////////////////////////// | ||||
|  | ||||
| BLOG_SERVICES := wordpress | ||||
| TORRENTS_SERVICES := qbittorrent transmission | ||||
| SHARING_SERVICES := psitransfer picoshare privatebin projectsend jellyfin dufs gitea syncthing | ||||
| #BLOG_SERVICES := wordpress | ||||
| #TORRENTS_SERVICES := qbittorrent transmission | ||||
| #SHARING_SERVICES := psitransfer picoshare privatebin projectsend jellyfin dufs syncthing | ||||
| GIT_SERVICES := forgejo forgejo-runner | ||||
| ADMIN_SERVICES := yacht uptime-kuma openssh | ||||
| UTILS_SERVICES := it-tools stirlingpdf omni-tools | ||||
| IA_SERVICES := open-webui | ||||
| # gitea | ||||
| #UTILS_SERVICES := it-tools stirlingpdf omni-tools | ||||
| #IA_SERVICES := open-webui | ||||
| # gitea-runner | ||||
| GAME_SERVICES := mc-server mc-backup | ||||
| GAME_SERVICES :=  | ||||
| #mc-server mc-backup | ||||
| # 7daystodie_server 7daystodie_backup satisfactory_server satisfactory_backup | ||||
| PROJECT_DIRECTORY := infrastructure | ||||
|  | ||||
| DOCKER_PROFILES := main_infrastructure caddy homepage $(BLOG_SERVICES) $(SHARING_SERVICES) $(TORRENTS_SERVICES) $(ADMIN_SERVICES) $(UTILS_SERVICES) $(IA_SERVICES) $(GAME_SERVICES)  | ||||
| DOCKER_PROFILES := main_infrastructure caddy homepage $(BLOG_SERVICES) $(SHARING_SERVICES) $(TORRENTS_SERVICES) $(ADMIN_SERVICES) $(UTILS_SERVICES) $(IA_SERVICES) $(GAME_SERVICES) $(GIT_SERVICES) | ||||
|  | ||||
| include DockerCompose.mk | ||||
|   | ||||
							
								
								
									
										43
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										43
									
								
								README.md
									
									
									
									
									
								
							| @@ -88,6 +88,7 @@ And then, caddy will generate the certificate for you and renew it automatically | ||||
| | [qbittorrent.bensuperpc.org](https://qbittorrent.bensuperpc.org) | Sub | Torrent client/server | | ||||
| | [transmission.bensuperpc.org](https://transmission.bensuperpc.org) | Sub | Torrent client/server | | ||||
| | [git.bensuperpc.org](https://git.bensuperpc.org) | Sub | Gitea for git | | ||||
| | [forgejo.bensuperpc.org](https://forgejo.bensuperpc.org/) | Sub | Fork of Gitea for git | | ||||
| | [link.bensuperpc.org](https://link.bensuperpc.org) | Sub | For link shortener | | ||||
| | [jellyfin.bensuperpc.org](https://jellyfin.bensuperpc.org) | Sub | Jellyfin for media server | | ||||
| | [syncthing.bensuperpc.org](https://syncthing.bensuperpc.org) | Sub | SyncThing for file synchronization | | ||||
| @@ -279,6 +280,46 @@ You can change the homepage config in these files: | ||||
| - [settings.yaml](infrastructure/services/homepage/config/settings.yaml) | ||||
| - [widgets.yaml](infrastructure/services/homepage/config/widgets.yaml) | ||||
|  | ||||
| ### Forgejo | ||||
|  | ||||
| ```sh | ||||
| docker exec -it forgejo_runner /bin/bash | ||||
| ``` | ||||
|  | ||||
| ```sh | ||||
| forgejo-runner generate-config > /data/config.yml | ||||
| ``` | ||||
|  | ||||
| Now update the config.yml file to support docker-in-docker: | ||||
|  | ||||
| ```yml | ||||
|   envs: | ||||
|     DOCKER_TLS_VERIFY: 1 | ||||
|     DOCKER_CERT_PATH: /certs/client | ||||
|     DOCKER_HOST: tcp://docker:2376 | ||||
|   labels: ["ubuntu-latest:docker://node:20-bookworm", "ubuntu-22.04:docker://node:20-bookworm"] | ||||
|   network: host | ||||
|   options: -v /certs/client:/certs/client | ||||
|   valid_volumes: | ||||
|      - /certs/client | ||||
| ``` | ||||
|  | ||||
| Register the runner with your Forgejo instance: | ||||
|  | ||||
|  | ||||
| ```sh | ||||
| forgejo-runner register | ||||
| ``` | ||||
|  | ||||
| You will need to provide the following information: | ||||
|  | ||||
| ```sh | ||||
| https://forgejo.bensuperpc.org/ | ||||
| <Your Registration Token, in https://forgejo.bensuperpc.org/admin/actions/runners> | ||||
| ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04 | ||||
| main | ||||
| ``` | ||||
|  | ||||
| ### Docker volumes | ||||
|  | ||||
| This infrastructure uses docker volumes to store data, all configuration/data for each service are not shared between services for security and maintenance reasons, but **public_data** and **private_data** are shared between all services to store your data. | ||||
| @@ -333,6 +374,8 @@ ssh -p 2222 admin@bensuperpc.org | ||||
| - [Stirling PDF](https://github.com/Stirling-Tools/Stirling-PDF) | ||||
| - [open-webui](https://github.com/open-webui/open-webui) | ||||
| - [Fix docker volume](https://pratikpc.medium.com/use-docker-compose-named-volumes-as-non-root-within-your-containers-1911eb30f731) | ||||
| - [Forgejo-runner](https://code.forgejo.org/forgejo/runner) | ||||
| - [Forgejo-runner](https://huijzer.xyz/posts/55) | ||||
|  | ||||
| ## License | ||||
|  | ||||
|   | ||||
| @@ -9,6 +9,8 @@ include: | ||||
|   - services/dufs/docker-compose.dufs.yml | ||||
| # Gitea | ||||
|   - services/gitea/docker-compose.gitea.yml | ||||
| # Forgejo | ||||
|   - services/forgejo/docker-compose.forgejo.yml | ||||
| # Homepage | ||||
|   - services/homepage/docker-compose.homepage.yml | ||||
| # It-tools | ||||
|   | ||||
| @@ -94,6 +94,10 @@ git.{$MAIN_DOMAIN} { | ||||
| 	reverse_proxy gitea:3000 | ||||
| } | ||||
|  | ||||
| forgejo.{$MAIN_DOMAIN} { | ||||
| 	reverse_proxy forgejo:3000 | ||||
| } | ||||
|  | ||||
| jellyfin.{$MAIN_DOMAIN} { | ||||
| 	reverse_proxy jellyfin:8096 | ||||
| } | ||||
|   | ||||
							
								
								
									
										97
									
								
								infrastructure/services/forgejo/docker-compose.forgejo.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										97
									
								
								infrastructure/services/forgejo/docker-compose.forgejo.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,97 @@ | ||||
| services: | ||||
|   # forgejo | ||||
|   forgejo: | ||||
|     image: codeberg.org/forgejo/forgejo:11-rootless | ||||
|     container_name: forgejo | ||||
|     profiles: | ||||
|       - forgejo | ||||
|     restart: on-failure:5 | ||||
|     depends_on: | ||||
|       - database_forgejo | ||||
|       - caddy | ||||
|     ports: | ||||
|       - "5555:5555" | ||||
|     env_file: | ||||
|       - ./env/forgejo.env | ||||
|     volumes: | ||||
|       - forgejo_data:/var/lib/gitea | ||||
|       - forgejo_config:/etc/gitea | ||||
|       - /etc/timezone:/etc/timezone:ro | ||||
|       - /etc/localtime:/etc/localtime:ro | ||||
|     networks: | ||||
|       - infra-network | ||||
|     security_opt: | ||||
|       - no-new-privileges:true | ||||
|    | ||||
|   # Database forgejo | ||||
|   database_forgejo: | ||||
|     image: mariadb:latest | ||||
|     container_name: database_forgejo | ||||
|     profiles: | ||||
|       - forgejo | ||||
|     depends_on: | ||||
|       - caddy | ||||
|     restart: on-failure:5 | ||||
|     volumes: | ||||
|       - forgejo_db:/var/lib/mysql:rw | ||||
|     env_file: | ||||
|       - ./env/forgejo_db.env | ||||
|     command: '--default-authentication-plugin=mysql_native_password' | ||||
|     networks: | ||||
|       - infra-network | ||||
|     security_opt: | ||||
|       - no-new-privileges:true | ||||
|  | ||||
|   # forgejo-runner | ||||
|   docker-in-docker: | ||||
|     image: code.forgejo.org/oci/docker:dind | ||||
|     container_name: 'docker_dind' | ||||
|     hostname: docker | ||||
|     networks: | ||||
|       - infra-network | ||||
|     profiles: | ||||
|       - forgejo | ||||
|     privileged: true | ||||
|     environment: | ||||
|       DOCKER_TLS_CERTDIR: /certs | ||||
|       DOCKER_HOST: docker-in-docker | ||||
|     volumes: | ||||
|       - forgejo_certs:/certs | ||||
|  | ||||
|   forgejo_runner: | ||||
|     image: 'code.forgejo.org/forgejo/runner:6.3.1' | ||||
|     networks: | ||||
|       - infra-network | ||||
|     profiles: | ||||
|       - forgejo | ||||
|     links: | ||||
|       - docker-in-docker | ||||
|     depends_on: | ||||
|       docker-in-docker: | ||||
|         condition: service_started | ||||
|     container_name: 'forgejo_runner' | ||||
|     environment: | ||||
|       DOCKER_HOST: tcp://docker:2376 | ||||
|       DOCKER_CERT_PATH: /certs/client | ||||
|       DOCKER_TLS_VERIFY: "1" | ||||
| #    user: 1001:1001 | ||||
|     volumes: | ||||
| #      - ./config/forgejo_runner/config.yaml:/config.yaml:ro | ||||
|       - forgejo_runner:/data | ||||
|       - forgejo_certs:/certs | ||||
|     restart: 'unless-stopped' | ||||
|  | ||||
|     command: '/bin/sh -c "while : ; do sleep 1 ; done ;"' | ||||
| #    command: '/bin/sh -c "sleep 5; forgejo-runner -c /data/config.yml daemon"' | ||||
|  | ||||
| volumes: | ||||
|   forgejo_data: | ||||
|     name: forgejo_data | ||||
|   forgejo_config: | ||||
|     name: forgejo_config | ||||
|   forgejo_db: | ||||
|     name: forgejo_db | ||||
|   forgejo_certs: | ||||
|     name: forgejo_certs | ||||
|   forgejo_runner: | ||||
|     name: forgejo_runner | ||||
							
								
								
									
										25
									
								
								infrastructure/services/forgejo/env/forgejo.env
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										25
									
								
								infrastructure/services/forgejo/env/forgejo.env
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,25 @@ | ||||
| USER_UID=1000 | ||||
| USER_GID=1000 | ||||
| FORGEJO__database__DB_TYPE=mysql | ||||
| FORGEJO__database__HOST=database_forgejo:3306 | ||||
| FORGEJO__database__NAME=forgejo | ||||
| FORGEJO__database__USER=bensuperpc | ||||
| FORGEJO__database__PASSWD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j | ||||
| FORGEJO__APP_NAME=The Homelab Git | ||||
| FORGEJO__APP_SLOGAN=Personal Code, Mirrors, and More | ||||
| FORGEJO__server__DOMAIN=forgejo.bensuperpc.org | ||||
| FORGEJO__server__SSH_DOMAIN=forgejo.bensuperpc.org | ||||
| FORGEJO__server__HTTP_PORT=3000 | ||||
| FORGEJO__server__SSH_LISTEN_PORT=5555 | ||||
| FORGEJO__server__SSH_PORT=5555 | ||||
| FORGEJO__server__ROOT_URL=https://forgejo.bensuperpc.org | ||||
| FORGEJO__security__SECRET_KEY=ykcZt23an1E4lFHWvrCKdAyt16WAiK9c | ||||
| #FORGEJO__security__INTERNAL_TOKEN= | ||||
| #FORGEJO__security__INSTALL_LOCK=true | ||||
| FORGEJO__security__MIN_PASSWORD_LENGTH=8 | ||||
| FORGEJO__actions__ENABLED=true | ||||
| FORGEJO__actions__DEFAULT_ACTIONS_URL="https://forgejo.bensuperpc.org" | ||||
| #FORGEJO__log__LEVEL: "debug" | ||||
| FORGEJO__repository__ENABLE_PUSH_CREATE_USER=true | ||||
| FORGEJO__repository__DEFAULT_PUSH_CREATE_PRIVATE=false | ||||
| FORGEJO__repository__DEFAULT_REPO_UNITS=repo.code,repo.actions | ||||
							
								
								
									
										4
									
								
								infrastructure/services/forgejo/env/forgejo_db.env
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								infrastructure/services/forgejo/env/forgejo_db.env
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| MARIADB_ROOT_PASSWORD=xpc4zIhHZzWKqVHcjBu4aW6aS7jG8d7X | ||||
| MARIADB_USER=bensuperpc | ||||
| MARIADB_PASSWORD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j | ||||
| MARIADB_DATABASE=forgejo | ||||
							
								
								
									
										0
									
								
								infrastructure/services/forgejo/env/forgejo_runner.env
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										0
									
								
								infrastructure/services/forgejo/env/forgejo_runner.env
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -16,8 +16,8 @@ services: | ||||
|     volumes: | ||||
|       - gitea_data:/var/lib/gitea | ||||
|       - gitea_config:/etc/gitea | ||||
| #      - /etc/timezone:/etc/timezone:ro | ||||
| #      - /etc/localtime:/etc/localtime:ro | ||||
|       - /etc/timezone:/etc/timezone:ro | ||||
|       - /etc/localtime:/etc/localtime:ro | ||||
|     networks: | ||||
|       - infra-network | ||||
|     security_opt: | ||||
| @@ -28,7 +28,6 @@ services: | ||||
|     image: mariadb:latest | ||||
|     container_name: database_gitea | ||||
|     profiles: | ||||
|       - database | ||||
|       - gitea | ||||
|     depends_on: | ||||
|       - caddy | ||||
|   | ||||
| @@ -96,6 +96,12 @@ | ||||
|         description: Gitea | ||||
|         ping: gitea.bensuperpc.org | ||||
|         container: gitea | ||||
|     - forgejo: | ||||
|         icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/forgejo.png | ||||
|         href: https://forgejo.bensuperpc.org/ | ||||
|         description: Forgejo | ||||
|         ping: forgejo.bensuperpc.org | ||||
|         container: forgejo | ||||
|     - open-webui: | ||||
|         icon: https://cdn.jsdelivr.net/gh/walkxcode/dashboard-icons@master/png/open-webui.png | ||||
|         href: https://open-webui.bensuperpc.org/ | ||||
|   | ||||
| @@ -77,3 +77,5 @@ volumes: | ||||
|     name: minecraft_proxy_data | ||||
|   minecraft_rcon_data: | ||||
|     name: minecraft_rcon_data | ||||
| # forgejo | ||||
| # gitea | ||||
|   | ||||
		Reference in New Issue
	
	Block a user