casjaysdevdocker/gitea
1
0
Fork 0
mirror of https://github.com/casjaysdevdocker/gitea synced 2025-09-18 03:57:44 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

🦈🏠🐜 Initial Commit 🐜🦈🏠

Browse Source
This commit is contained in:
casjay
2024-08-10 17:19:17 -04:00
commit bfbda74d72
51 changed files with 5979 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
rootfs/tmp/etc/act_runner/daemon.yaml Normal file
View File

@@ -0,0 +1,78 @@
# Config for act_runner daemon
log:
# The level of logging, can be trace, debug, info, warn, error, fatal
level: info
host:
# The parent directory of a job's working directory.
workdir_parent: '/tmp/act_runner'
runner:
# Where to store the registration result.
file: /config/act_runner/runners
# Execute how many tasks concurrently at the same time.
capacity: 1
# Extra environment variables to run jobs.
envs:
A_TEST_ENV_NAME_1: a_test_env_value_1
# Extra environment variables to run jobs from a file.
env_file: .env
# The timeout for a job to be finished.
timeout: 3h
# Whether skip verifying the TLS certificate of the Gitea instance.
insecure: true
# The timeout for fetching the job from the Gitea instance.
fetch_timeout: 5s
# The interval for fetching the job from the Gitea instance.
fetch_interval: 2s
# The labels of a runner are used to determine which jobs the runner can run, and how to run them.
labels:
#- 'macos:docker:dockurr/macos'
#- 'windows:docker:dockurr/windows'
#- 'linux:docker:casjaysdev/almalinux'
#- 'alma:docker:casjaysdev/almalinux'
#- 'alpine:docker:casjaysdev/alpine'
#- 'debian:docker:casjaysdev/debian'
#- 'arch:docker:casjaysdev/archlinux'
#- 'node:docker://node:latest'
#- 'node14:docker://node:14'
#- 'node16:docker://node:16'
#- 'node18:docker://node:18'
#- 'node20:docker://node:20'
#- 'node20:docker://node:20'
#- 'python3:docker://python:latest'
#- 'php7:docker://php:7-fpm'
#- 'php8:docker://php:8-fpm'
#- 'php:docker://php:8.4-rc-fpm-alpine3.20'
#- 'alpine:docker://casjaysdev/alpine:latest'
#- 'almalinux:docker://casjaysdev/almalinux:latest'
#- 'debian:docker://casjaysdev/debian:latest'
#- 'ubuntu:docker://casjaysdev/ubuntu:latest'
#- 'linux:host,ubuntu-latest:docker://catthehacker/ubuntu:full-latest'
container:
# Specifies the network to which the container will connect.
network: 'bridge'
# Whether to use privileged mode or not when launching task containers (privileged mode is required for Docker-in-Docker).
privileged: true
# And other options to be used when the container is started (eg, --add-host=my.gitea.url:host-gateway).
options:
# The parent directory of a job's working directory.
workdir_parent: '/tmp/act_runner/volumes'
# Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob
valid_volumes:
- '**'
# overrides the docker client host with the specified one.
docker_host: ''
cache:
# Enable cache server to use actions/cache.
enabled: true
# The directory to store the cache data.
dir: '/data/act_runner/cache'
# The host of the cache server.
host: ''
# The port of the cache server.
port: 0
# The external cache server URL. Valid only when enable is true.
external_server: ''

8
rootfs/tmp/etc/docker/daemon.json Normal file
View File

@@ -0,0 +1,8 @@
{
"ip": "0.0.0.0",
"iptables": true,
"log-level": "error",
"experimental": true,
"pidfile": "/tmp/docker.pid",
"insecure-registries": ["localhost"]
}

273
rootfs/tmp/etc/gitea/app.ini Normal file
View File

@@ -0,0 +1,273 @@
; https://docs.gitea.io/en-us/config-cheat-sheet/#default-configuration-non-appini-configuration
APP_NAME = REPLACE_SERVER_SITE_TITLE
RUN_USER = REPLACE_SERVICE_USER
RUN_MODE = prod
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[server]
HTTP_PORT = 8000
ROOT_URL = REPLACE_SERVER_PROTO://REPLACE_SERVER_NAME
DOMAIN = REPLACE_SERVER_NAME
APP_DATA_PATH = REPLACE_DATA_DIR
OFFLINE_MODE = false
LFS_START_SERVER = true
LFS_JWT_SECRET = REPLACE_GITEA_LFS_JWT_SECRET
LANDING_PAGE = explore
ACME_URL =
ACME_ACCEPTTOS = true
ACME_EMAIL = REPLACE_SERVER_ADMIN
ACME_DIRECTORY = REPLACE_DATA_DIR/certs
LETSENCRYPT_ACCEPTTOS = true
DISABLE_SSH = false
START_SSH_SERVER = true
SSH_LISTEN_HOST = 0.0.0.0
SSH_PORT = 7833
SSH_LISTEN_PORT = 7833
SSH_CREATE_AUTHORIZED_KEYS_FILE = true
SSH_CREATE_AUTHORIZED_PRINCIPALS_FILE = true
SSH_AUTHORIZED_KEYS_BACKUP = true
SSH_ROOT_PATH = REPLACE_DATA_DIR/.ssh
SSH_DOMAIN = REPLACE_SERVER_NAME
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[lfs]
STORAGE_TYPE = local
LFS_CONTENT_PATH = REPLACE_DATA_DIR/lfs
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[storage.repo-archive]
STORAGE_TYPE = local
PATH = REPLACE_DATA_DIR/repositories/archive
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[repository]
SCRIPT_TYPE = sh
ROOT = REPLACE_DATA_DIR/repositories/root
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[repository.local]
LOCAL_COPY_PATH = REPLACE_DATA_DIR/repositories/local
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[repository.upload]
TEMP_PATH = REPLACE_DATA_DIR/repositories/uploads
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[repository.pull-request]
DEFAULT_MERGE_STYLE = merge
WORK_IN_PROGRESS_PREFIXES = WIP:,[WIP]
CLOSE_KEYWORDS = close,closes,closed,fix,fixes,fixed,resolve,resolves,resolved
REOPEN_KEYWORDS = reopen,reopens,reopened
DEFAULT_MERGE_MESSAGE_COMMITS_LIMIT = 50
DEFAULT_MERGE_MESSAGE_SIZE = 5120
DEFAULT_MERGE_MESSAGE_ALL_AUTHORS = false
DEFAULT_MERGE_MESSAGE_MAX_APPROVERS = 10
ADD_CO_COMMITTER_TRAILERS = true
TEST_CONFLICTING_PATCHES_WITH_GIT_APPLY = false
RETARGET_CHILDREN_ON_MERGE = true
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[repository.signing]
DEFAULT_TRUST_MODEL = collaboratorcommitter
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[packages]
ENABLED = true
CHUNKED_UPLOAD_PATH = REPLACE_DATA_DIR/tmp/package-upload
LIMIT_TOTAL_OWNER_COUNT = -1
LIMIT_TOTAL_OWNER_SIZE = -1
LIMIT_SIZE_ALPINE = -1
LIMIT_SIZE_CARGO = -1
LIMIT_SIZE_CHEF = -1
LIMIT_SIZE_COMPOSER = -1
LIMIT_SIZE_CONAN = -1
LIMIT_SIZE_CONDA = -1
LIMIT_SIZE_CONTAINER = -1
LIMIT_SIZE_CRAN = -1
LIMIT_SIZE_DEBIAN = -1
LIMIT_SIZE_GENERIC = -1
LIMIT_SIZE_GO = -1
LIMIT_SIZE_HELM = -1
LIMIT_SIZE_MAVEN = -1
LIMIT_SIZE_NPM = -1
LIMIT_SIZE_NUGET = -1
LIMIT_SIZE_PUB = -1
LIMIT_SIZE_PYPI = -1
LIMIT_SIZE_RPM = -1
LIMIT_SIZE_RUBYGEMS = -1
LIMIT_SIZE_SWIFT = -1
LIMIT_SIZE_VAGRANT = -1
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[attachment]
PATH = REPLACE_DATA_DIR/attachments
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[indexer]
ISSUE_INDEXER_PATH = REPLACE_DATA_DIR/indexers/issues.bleve
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[session]
PROVIDER = file
PROVIDER_CONFIG = REPLACE_DATA_DIR/sessions
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[database]
DB_TYPE = REPLACE_SQL_TYPE
HOST = REPLACE_SQL_HOST
USER = REPLACE_SQL_USER
PASSWD = REPLACE_SQL_PASS
NAME = REPLACE_SQL_NAME
LOG_SQL = false
SCHEMA =
SSL_MODE = disable
CHARSET = utf8
PATH = REPLACE_DATABASE_DIR/gitea.db
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[picture]
ENABLE_FEDERATED_AVATAR = true
DISABLE_GRAVATAR = false
AVATAR_UPLOAD_PATH = REPLACE_DATA_DIR/avatars/users
REPOSITORY_AVATAR_UPLOAD_PATH = REPLACE_DATA_DIR/avatars/repos
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[log]
MODE = console
LEVEL = info
LOG_ROTATE = true
DAILY_ROTATE = true
MAX_DAYS = 1
ROOT_PATH = REPLACE_LOG_DIR
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[security]
INSTALL_LOCK = false
SECRET_KEY = REPLACE_SECRET_KEY
INTERNAL_TOKEN = REPLACE_GITEA_INTERNAL_TOKEN
PASSWORD_HASH_ALGO = pbkdf2
MIN_PASSWORD_LENGTH = 8
PASSWORD_COMPLEXITY = on
LOGIN_REMEMBER_DAYS = 365
COOKIE_USERNAME = gitea_awesome
REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_TRUSTED_PROXIES = *
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
REVERSE_PROXY_AUTHENTICATION_EMAIL = X-WEBAUTH-EMAIL
REVERSE_PROXY_AUTHENTICATION_FULL_NAME = X-WEBAUTH-FULLNAME
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[time]
DEFAULT_UI_LOCATION = REPLACE_TZ
FORMAT = RFC1123
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[service]
DISABLE_REGISTRATION = false
REQUIRE_SIGNIN_VIEW = false
REGISTER_EMAIL_CONFIRM = REPLACE_GITEA_EMAIL_CONFIRM
ENABLE_NOTIFY_MAIL = REPLACE_GITEA_EMAIL_CONFIRM
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = true
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = no-reply.REPLACE_SERVER_NAME
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[actions]
ENABLED = true
DEFAULT_ACTIONS_URL = github
ARTIFACT_RETENTION_DAYS = 90
ZOMBIE_TASK_TIMEOUT = 10m
ENDLESS_TASK_TIMEOUT = 3h
ABANDONED_JOB_TIMEOUT = 24h
SKIP_WORKFLOW_STRINGS = [skip ci],[ci skip],[no ci],[skip actions],[actions skip]
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[storage.actions_log]
STORAGE_TYPE = local
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[mailer]
ENABLED = REPLACE_GITEA_EMAIL_CONFIRM
SMTP_ADDR = REPLACE_EMAIL_RELAY
SMTP_PORT = 25
FROM = REPLACE_SERVER_ADMIN
USER =
PASSWD =
PROTOCOL =
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[oauth2]
ENABLED = true
JWT_SIGNING_ALGORITHM = RS256
ACCESS_TOKEN_EXPIRATION_TIME = 3600
REFRESH_TOKEN_EXPIRATION_TIME = 730
MAX_TOKEN_LENGTH = 32767
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[oauth2_client]
REGISTER_EMAIL_CONFIRM = REPLACE_GITEA_EMAIL_CONFIRM
OPENID_CONNECT_SCOPES =
ENABLE_AUTO_REGISTRATION = true
USERNAME = nickname
UPDATE_AVATAR = false
ACCOUNT_LINKING = login
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[ui]
DEFAULT_THEME = gitea-dark
SEARCH_REPO_DESCRIPTION = true
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[ui.meta]
AUTHOR = gitea
DESCRIPTION = REPLACE_SERVER_SITE_TITLE
KEYWORDS = go,git,self-hosted,gitea
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[ui.notification]
MIN_TIMEOUT = 10s
MAX_TIMEOUT = 60s
TIMEOUT_STEP = 10s
EVENT_SOURCE_UPDATE_TIME = 10s
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cors]
ENABLED = true
SCHEME = REPLACE_SERVER_PROTO
ALLOW_DOMAIN = *
ALLOW_SUBDOMAIN = true
METHODS = GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS
MAX_AGE = 10m
ALLOW_CREDENTIALS = true
X_FRAME_OPTIONS = SAMEORIGIN
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[project]
PROJECT_BOARD_BASIC_KANBAN_TYPE = To Do, In Progress, Done
PROJECT_BOARD_BUG_TRIAGE_TYPE = Needs Triage, High Priority, Low Priority, Closed
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron]
ENABLED = true
RUN_AT_START = false
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron.archive_cleanup]
ENABLED = true
RUN_AT_START = true
NO_SUCCESS_NOTICE = false
OLDER_THAN = 24h
SCHEDULE = @midnight
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron.update_mirrors]
ENABLED = true
RUN_AT_START = true
NO_SUCCESS_NOTICE = true
PULL_LIMIT = 100000
PUSH_LIMIT = 100000
SCHEDULE = @every 360m
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron.repo_health_check]
ENABLED = true
RUN_AT_START = false
NO_SUCCESS_NOTICE = false
TIMEOUT = 60s
SCHEDULE = @midnight
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron.delete_inactive_accounts]
ENABLED = false
RUN_AT_START = false
NO_SUCCESS_NOTICE = false
OLDER_THAN = 168h
SCHEDULE = @annually
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron.delete_repo_archives]
ENABLED = false
RUN_AT_START = false
NO_SUCCESS_NOTICE = false
SCHEDULE = @annually
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron.update_checker]
ENABLED = false
RUN_AT_START = false
ENABLE_SUCCESS_NOTICE = true
SCHEDULE = @every 168h
HTTP_ENDPOINT = https://dl.gitea.io/gitea/version.json

99
rootfs/tmp/etc/nginx/mime.types Normal file
View File

@@ -0,0 +1,99 @@
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/avif avif;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/wasm wasm;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}

66
rootfs/tmp/etc/nginx/nginx.conf Normal file
View File

@@ -0,0 +1,66 @@
# nginx configuration for proxying
user REPLACE_WWW_USER;
worker_processes auto;
daemon off;
error_log REPLACE_LOG_DIR/nginx.log warn;
pid REPLACE_RUN_DIR/nginx.pid;
events { worker_connections 1024; }
http {
include REPLACE_ETC_DIR/mime.types;
default_type "text/html";
sendfile on;
keepalive_timeout 65;
gzip on;
map $http_upgrade $connection_upgrade { default upgrade; '' close; }
disable_symlinks off;
server {
listen 0.0.0.0:80 default_server;
server_name REPLACE_SERVER_NAME;
client_max_body_size 0;
proxy_intercept_errors off;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
index index.php index.cgi index.pl index.aspx index.txt index.json index.html index.unknown.php index.default.php;
root /var/lib/nginx/html;
location /health {
default_type text/plain;
return 200 'ok';
}
location /health/text {
default_type text/plain;
return 200 'ok';
}
location /health/json {
default_type application/json;
return 200 '{"status":"ok","message":"running"}';
}
location / {
proxy_ssl_verify off;
send_timeout 3600;
client_max_body_size 0;
proxy_http_version 1.1;
proxy_connect_timeout 3600;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
proxy_intercept_errors off;
proxy_request_buffering off;
proxy_buffering off;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://127.0.0.1:8000;
}
}
}