services: gitea: image: gitea/gitea:1.21-rootless container_name: gitea environment: - GITEA__database__DB_TYPE=mysql - GITEA__database__HOST=gitea_db:3306 - GITEA__database__NAME=gitea - GITEA__database__USER=gitea - GITEA__database__PASSWD=${DB_PASS} - GITEA__server__ROOT_URL=https://git.kotori-waifu - GITEA__server__SSH_PORT=2222 - GITEA__server__LFS_START_SERVER=true - GITEA__actions__ENABLED=true volumes: # Absolute paths enforcing state segregation - /opt/homelab/data/gitea_data:/var/lib/gitea - /opt/homelab/data/gitea_config:/etc/gitea networks: - proxy_net - db_net ports: - "2222:2222" labels: - "traefik.enable=true" - "traefik.http.routers.gitea.rule=Host(`git.kotori-waifu`)" - "traefik.http.routers.gitea.entrypoints=websecure" - "traefik.http.routers.gitea.tls=true" - "traefik.http.services.gitea.loadbalancer.server.port=3000" - "traefik.docker.network=proxy_net" restart: unless-stopped depends_on: - gitea_db gitea_db: image: mariadb:10.11 container_name: gitea_db environment: - MYSQL_ROOT_PASSWORD=${DB_ROOT_PASS} - MYSQL_DATABASE=gitea - MYSQL_USER=gitea - MYSQL_PASSWORD=${DB_PASS} volumes: - /opt/homelab/data/gitea_db:/var/lib/mysql networks: - db_net restart: unless-stopped gitea-runner: image: gitea/act_runner:latest container_name: gitea_runner environment: - GITEA_INSTANCE_URL=http://gitea:3000 - GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_TOKEN} - GITEA_RUNNER_NAME=minipc-loopback-runner - GITEA_RUNNER_LABELS=ubuntu-latest:docker://node:20-bullseye # Mandates routing ephemeral pipeline containers to proxy_net - CONFIG_FILE=/config.yaml volumes: - /opt/homelab/data/runner_data:/data - /var/run/docker.sock:/var/run/docker.sock # Injected relative to execution path (/opt/homelab/stacks/00-core/gitea) - /opt/homelab/data/gitea_config/runner-config.yaml:/config.yaml:ro networks: - proxy_net restart: unless-stopped depends_on: - gitea networks: proxy_net: external: true db_net: internal: true