整理gitea docker配置文件

2023-05-10 18:38:35 +08:00 · 2023-05-10 18:38:35 +08:00 · d1c8f1aead
parent bf1ffadf41
commit d1c8f1aead
3 changed files with 178 additions and 0 deletions
--- a/gitea/Dockerfile
+++ b/gitea/Dockerfile
@ -0,0 +1,16 @@
+FROM golang:1.20.4
+
+RUN yum update -y && \
+    yum install -y wget gcc make openssl-devel bzip2-devel libffi-devel zlib-devel git
+
+#ENV GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no -i /root/.ssh/id_rsa'
+RUN yum install -y autoconf gettext && \
+    wget http://github.com/git/git/archive/v2.32.0.tar.gz && \
+    tar -xvf v2.32.0.tar.gz && \
+    rm -f v2.32.0.tar.gz && \
+    cd git-* && \
+    make configure && \
+    ./configure --prefix=/usr && \
+    make -j16 && \
+    make install
+
--- a/gitea/app.ini
+++ b/gitea/app.ini
@ -0,0 +1,121 @@
+APP_NAME = Trustie: Git with trustie
+RUN_USER = git
+RUN_MODE = prod
+
+[oauth2]
+JWT_SECRET = pyD-ZA6zwykBhVCWdF5FsdRGDtM6kg16JLhcCu8uLPM
+
+[security]
+INTERNAL_TOKEN = eyDDbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NzQyMzU3OTN9.w7RDQaNanZHdC2XIrr9kAntPIjhfkXXOiBnNTbEdqQ8
+INSTALL_LOCK   = true
+SECRET_KEY     = K4DDaucPzKQnTf7WQxKFIoFNtIlsWVacoN5Ss3VDypQBUes7Ncy96UU735sfGOar
+PASSWORD_COMPLEXITY = off
+REVERSE_PROXY_LIMIT = 1
+REVERSE_PROXY_TRUSTED_PROXIES = *
+
+[database]
+DB_TYPE  = mysql
+HOST     = 127.0.0.1:3306
+NAME     = gitea
+USER     = root
+PASSWD   = `123456`
+CHARSET  = utf8
+SSL_MODE = disable
+PATH     = /var/lib/gitea/data/gitea.db
+CONN_MAX_LIFE_TIME=180
+MAX_IDLE_CONNS=5
+MAX_OPEN_CONNS=200
+LOG_SQL =true
+
+[repository]
+ROOT = /data/gitea-repositories
+DEFAULT_BRANCH = master
+
+[lfs]
+PATH = /data/gitea/data/lfs
+
+[server]
+SSH_DOMAIN       = testgitea2.trustie.net
+DOMAIN           = testgitea2.trustie.net
+ROOT_URL         = https://testgitea2.trustie.net/
+DISABLE_SSH      = false
+SSH_PORT         = 22
+LFS_START_SERVER = true
+LFS_CONTENT_PATH = /data/gitea/data/lfs
+LFS_JWT_SECRET   = n2kib4qdArULO57JW0jD2Ygm3z1ehzI8Y4zVfbxouyY
+OFFLINE_MODE     = false
+ENABLE_PPROF     = true
+#REGISTER_EMAIL_CONFIRM = false
+
+[webhook]
+QUEUE_LENGTH    = 1000
+DELIVER_TIMEOUT = 5
+SKIP_TLS_VERIFY = false
+PAGING_NUM      = 10
+#PROXY_URL       =
+#PROXY_HOSTS     =
+
+[mailer]
+ENABLED = false
+
+[service]
+REGISTER_EMAIL_CONFIRM            = false
+ENABLE_NOTIFY_MAIL                = ANCH = master
+
+DISABLE_REGISTRATION              = false
+ALLOW_ONLY_EXTERNAL_REGISTRATION  = false
+ENABLE_CAPTCHA                    = false
+REQUIRE_SIGNIN_VIEW               = true
+DEFAULT_KEEP_EMAIL_PRIVATE        = false
+DEFAULT_ALLOW_CREATE_ORGANIZATION = true
+DEFAULT_ENABLE_TIMETRACKING       = true
+NO_REPLY_ADDRESS                  = noreply.example.org
+SHOW_REGISTRATION_BUTTON          = false
+
+[picture]
+DISABLE_GRAVATAR        = true
+ENABLE_FEDERATED_AVATAR = false
+
+[openid]
+ENABLE_OPENID_SIGNIN = true
+ENABLE_OPENID_SIGNUP = true
+
+[session]
+PROVIDER = file
+
+[log]
+MODE      = file
+LEVEL     = Trace
+ROOT_PATH = /var/lib/gitea/log
+REDIRECT_MACARON_LOG = true
+[api]
+DEFAULT_PAGING_NUM = 20
+
+[git]
+PATH                         =
+DISABLE_DIFF_HIGHLIGHT       = false
+MAX_GIT_DIFF_LINES           = 250
+MAX_GIT_DIFF_LINE_CHARACTERS = 1200
+MAX_GIT_DIFF_FILES           = 25
+GC_ARGS                      =
+EnableAutoGitWireProtocol    = true
+
+; Operation timeout in seconds
+[git.timeout]
+DEFAULT = 1800
+MIGRATE = 21600
+MIRROR  = 1800
+CLONE   = 1800
+PULL    = 1800
+GC      = 60
+
+[migrations]
+ALLOW_LOCALNETWORKS = true
+
+[cron.update_mirrors]
+SCHEDULE = @every 24h
+
+[cron.delete_repo_archives]
+ENABLED = true
+RUN_AT_START = true
+SCHEDULE = @every 72h
--- a/gitea/gitea.service
+++ b/gitea/gitea.service
@ -0,0 +1,41 @@
+[Unit]
+Description=Gitea (Git with a cup of tea)
+After=syslog.target
+After=network.target
+
+[Service]
+# Uncomment the next line if you have repos with lots of files and get a HTTP 500 error because of that
+# LimitNOFILE=524288:524288
+RestartSec=2s
+Type=simple
+User=git
+Group=git
+WorkingDirectory=/var/lib/gitea/
+# If using Unix socket: tells systemd to create the /run/gitea folder, which will contain the gitea.sock file
+# (manually creating /run/gitea doesn't work, because it would not persist across reboots)
+#RuntimeDirectory=gitea
+ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
+Restart=always
+Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
+# If you install Git to directory prefix other than default PATH (which happens
+# for example if you install other versions of Git side-to-side with
+# distribution version), uncomment below line and add that prefix to PATH
+# Don't forget to place git-lfs binary on the PATH below if you want to enable
+# Git LFS support
+#Environment=PATH=/path/to/git/bin:/bin:/sbin:/usr/bin:/usr/sbin
+# If you want to bind Gitea to a port below 1024, uncomment
+# the two values below, or use socket activation to pass Gitea its ports as above
+###
+#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+#AmbientCapabilities=CAP_NET_BIND_SERVICE
+###
+# In some cases, when using CapabilityBoundingSet and AmbientCapabilities option, you may want to
+# set the following value to false to allow capabilities to be applied on gitea process. The following
+# value if set to true sandboxes gitea service and prevent any processes from running with privileges
+# in the host user namespace.
+###
+#PrivateUsers=false
+###
+
+[Install]
+WantedBy=multi-user.target