services: forgejo: image: codeberg.org/forgejo/forgejo:7.0.15-rootless restart: always volumes: - ./data:/var/lib/gitea - ./config:/etc/gitea - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro expose: [ 3000 ] ports: # - "3000:3000" - "2222:2222" labels: traefik.enable: true traefik.http.routers.gitea.rule: Host(`git.tams.tech`) || Host(`git.techwork.zone`) traefik.http.routers.gitea.tls: true traefik.http.routers.gitea.tls.certresolver: letsencrypt_standalone traefik.http.services.gitea-service.loadbalancer.server.port: 3000 networks: - public - gitea environment: {} # GITEA__database__DB_TYPE: postgres # GITEA__database__HOST: database:5432 # GITEA__database__NAME: gitea # GITEA__database__USER: gitea # GITEA__database__PASSWD__FILE: /run/secrets/pg_password # GITEA__mailer__ENABLED: 'true' # GITEA__mailer__FROM: git@tams.tech # GITEA__mailer__PROTOCOL: smtps # GITEA__mailer__SMTP_ADDR: in-v3.mailjet.com # GITEA__mailer__USER__FILE: /run/secrets/mail_api_key # GITEA__mailer__PASSWD__FILE: /run/secrets/mail_secret depends_on: - forgejo-database secrets: - mail_api_key - mail_secret - pg_password forgejo-database: image: postgres:17 restart: always environment: POSTGRES_USER: gitea POSTGRES_PASSWORD_FILE: /run/secrets/pg_password POSTGRES_DB: gitea volumes: - ./db:/var/lib/postgresql/data networks: [ gitea ] secrets: [ pg_password ] labels: traefik.enable: false forgejo-runner: image: code.forgejo.org/forgejo/runner:latest user: 1000:131 volumes: - type: bind source: /var/run/docker.sock target: /var/run/docker.sock - type: bind source: ./runner-config/ target: /data command: [ "forgejo-runner", "--config", "config.yml", "daemon" secrets: pg_password: file: ./.pg.pw mail_api_key: file: ./.mailjet.id mail_secret: file: ./.mailjet.id networks: gitea: internal: true