casjaysdevdocker/gitea
1
0
Fork 0
mirror of https://github.com/casjaysdevdocker/gitea synced 2025-09-18 15:57:47 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

🦈🏠🐜 Initial Commit 🐜🦈🏠

Browse Source
This commit is contained in:
casjay
2025-09-16 23:50:36 -04:00
commit fbe18132f8
49 changed files with 4298 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
rootfs/tmp/etc/act_runner/cache_server.yaml Normal file
View File

@@ -0,0 +1,8 @@
log:
level: warn
cache:
enabled: true
dir: 'REPLACE_RUNNER_CACHE_DIR'
host: '0.0.0.0'
port: REPLACE_RUNNER_CACHE_PORT

70
rootfs/tmp/etc/act_runner/default_config.yaml Normal file
View File

@@ -0,0 +1,70 @@
# Config for act_runner daemon
log:
# The level of logging, can be trace, debug, info, warn, error, fatal
level: warn
host:
# The parent directory of a job's working directory.
workdir_parent: 'REPLACE_RUNNER_TEMP'
runner:
# Where to store the registration result.
file: REPLACE_RUNNER_HOME/runners
# Execute how many tasks concurrently at the same time.
capacity: 4
# Extra environment variables to run jobs.
envs:
A_TEST_ENV_NAME_1: a_test_env_value_1
# Extra environment variables to run jobs from a file.
env_file: .env
# The timeout for a job to be finished.
timeout: 3h
# Whether skip verifying the TLS certificate of the Gitea instance.
insecure: true
# The timeout for fetching the job from the Gitea instance.
fetch_timeout: 5s
# The interval for fetching the job from the Gitea instance.
fetch_interval: 2s
# The labels of a runner are used to determine which jobs the runner can run, and how to run them.
labels:
#- 'macos:docker:dockurr/macos'
#- 'windows:docker:dockurr/windows'
#- 'linux:docker:casjaysdev/almalinux'
#- 'alma:docker:casjaysdev/almalinux'
#- 'alpine:docker:casjaysdev/alpine'
#- 'debian:docker:casjaysdev/debian'
#- 'arch:docker:casjaysdev/archlinux'
#- 'node:docker://node:latest'
#- 'node14:docker://node:14'
#- 'node16:docker://node:16'
#- 'node18:docker://node:18'
#- 'node20:docker://node:20'
#- 'node20:docker://node:20'
#- 'python3:docker://python:latest'
#- 'php7:docker://php:7-fpm'
#- 'php8:docker://php:8-fpm'
#- 'php:docker://php:8.4-rc-fpm-alpine3.20'
#- 'alpine:docker://casjaysdev/alpine:latest'
#- 'almalinux:docker://casjaysdev/almalinux:latest'
#- 'debian:docker://casjaysdev/debian:latest'
#- 'ubuntu:docker://casjaysdev/ubuntu:latest'
#- 'linux:host,ubuntu-latest:docker://catthehacker/ubuntu:full-latest'
container:
# Specifies the network to which the container will connect.
network: 'bridge'
# Whether to use privileged mode or not when launching task containers (privileged mode is required for Docker-in-Docker).
privileged: true
# And other options to be used when the container is started (eg, --add-host=my.gitea.url:host-gateway).
options:
# The parent directory of a job's working directory.
workdir_parent: 'REPLACE_RUNNER_TEMP/volumes'
# Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob
valid_volumes:
- '**'
# overrides the docker client host with the specified one.
docker_host: ''
cache:
enabled: true
external_server: 'http://REPLACE_RUNNER_CACHE_HOST:REPLACE_RUNNER_CACHE_PORT/'

8
rootfs/tmp/etc/docker/daemon.json Normal file
View File

@@ -0,0 +1,8 @@
{
"ip": "0.0.0.0",
"iptables": true,
"log-level": "error",
"experimental": true,
"pidfile": "/tmp/docker.pid",
"insecure-registries": ["localhost"]
}

273
rootfs/tmp/etc/gitea/app.ini Normal file
View File

@@ -0,0 +1,273 @@
; https://docs.gitea.io/en-us/config-cheat-sheet/#default-configuration-non-appini-configuration
APP_NAME = REPLACE_SERVER_SITE_TITLE
RUN_USER = REPLACE_SERVICE_USER
RUN_MODE = prod
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[server]
HTTP_PORT = 80
ROOT_URL = REPLACE_SERVER_PROTO://REPLACE_SERVER_NAME
DOMAIN = REPLACE_SERVER_NAME
APP_DATA_PATH = REPLACE_DATA_DIR
OFFLINE_MODE = false
LFS_START_SERVER = true
LFS_JWT_SECRET = REPLACE_GITEA_LFS_JWT_SECRET
LANDING_PAGE = explore
ACME_URL =
ACME_ACCEPTTOS = true
ACME_EMAIL = ssl-admin@REPLACE_SERVER_NAME
ACME_DIRECTORY = REPLACE_DATA_DIR/certs
LETSENCRYPT_ACCEPTTOS = true
DISABLE_SSH = false
START_SSH_SERVER = true
SSH_LISTEN_HOST = 0.0.0.0
SSH_PORT = 7833
SSH_LISTEN_PORT = 22
SSH_CREATE_AUTHORIZED_KEYS_FILE = true
SSH_CREATE_AUTHORIZED_PRINCIPALS_FILE = true
SSH_AUTHORIZED_KEYS_BACKUP = true
SSH_ROOT_PATH = REPLACE_DATA_DIR/ssh
SSH_DOMAIN = REPLACE_SERVER_NAME
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[lfs]
STORAGE_TYPE = local
LFS_CONTENT_PATH = REPLACE_DATA_DIR/lfs
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[storage.repo-archive]
STORAGE_TYPE = local
PATH = REPLACE_DATA_DIR/repositories/archive
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[repository]
SCRIPT_TYPE = sh
ROOT = REPLACE_DATA_DIR/repositories/root
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[repository.local]
LOCAL_COPY_PATH = REPLACE_DATA_DIR/repositories/local
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[repository.upload]
TEMP_PATH = REPLACE_DATA_DIR/repositories/uploads
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[repository.pull-request]
DEFAULT_MERGE_STYLE = merge
WORK_IN_PROGRESS_PREFIXES = WIP:,[WIP]
CLOSE_KEYWORDS = close,closes,closed,fix,fixes,fixed,resolve,resolves,resolved
REOPEN_KEYWORDS = reopen,reopens,reopened
DEFAULT_MERGE_MESSAGE_COMMITS_LIMIT = 50
DEFAULT_MERGE_MESSAGE_SIZE = 5120
DEFAULT_MERGE_MESSAGE_ALL_AUTHORS = false
DEFAULT_MERGE_MESSAGE_MAX_APPROVERS = 10
ADD_CO_COMMITTER_TRAILERS = true
TEST_CONFLICTING_PATCHES_WITH_GIT_APPLY = false
RETARGET_CHILDREN_ON_MERGE = true
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[repository.signing]
DEFAULT_TRUST_MODEL = collaboratorcommitter
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[packages]
ENABLED = true
CHUNKED_UPLOAD_PATH = REPLACE_DATA_DIR/tmp/package-upload
LIMIT_TOTAL_OWNER_COUNT = -1
LIMIT_TOTAL_OWNER_SIZE = -1
LIMIT_SIZE_ALPINE = -1
LIMIT_SIZE_CARGO = -1
LIMIT_SIZE_CHEF = -1
LIMIT_SIZE_COMPOSER = -1
LIMIT_SIZE_CONAN = -1
LIMIT_SIZE_CONDA = -1
LIMIT_SIZE_CONTAINER = -1
LIMIT_SIZE_CRAN = -1
LIMIT_SIZE_DEBIAN = -1
LIMIT_SIZE_GENERIC = -1
LIMIT_SIZE_GO = -1
LIMIT_SIZE_HELM = -1
LIMIT_SIZE_MAVEN = -1
LIMIT_SIZE_NPM = -1
LIMIT_SIZE_NUGET = -1
LIMIT_SIZE_PUB = -1
LIMIT_SIZE_PYPI = -1
LIMIT_SIZE_RPM = -1
LIMIT_SIZE_RUBYGEMS = -1
LIMIT_SIZE_SWIFT = -1
LIMIT_SIZE_VAGRANT = -1
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[attachment]
PATH = REPLACE_DATA_DIR/attachments
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[indexer]
ISSUE_INDEXER_PATH = REPLACE_DATA_DIR/indexers/issues.bleve
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[session]
PROVIDER = file
PROVIDER_CONFIG = REPLACE_DATA_DIR/sessions
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[database]
DB_TYPE = REPLACE_SQL_TYPE
HOST = REPLACE_SQL_HOST
USER = REPLACE_SQL_USER
PASSWD = REPLACE_SQL_PASS
NAME = REPLACE_SQL_NAME
LOG_SQL = false
SCHEMA =
SSL_MODE = disable
CHARSET = utf8
PATH = REPLACE_DATABASE_DIR/gitea.db
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[picture]
ENABLE_FEDERATED_AVATAR = true
DISABLE_GRAVATAR = false
AVATAR_UPLOAD_PATH = REPLACE_DATA_DIR/avatars/users
REPOSITORY_AVATAR_UPLOAD_PATH = REPLACE_DATA_DIR/avatars/repos
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[log]
MODE = console
LEVEL = warn
LOG_ROTATE = true
DAILY_ROTATE = true
MAX_DAYS = 1
ROOT_PATH = REPLACE_LOG_DIR
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[security]
INSTALL_LOCK = false
SECRET_KEY = REPLACE_SECRET_KEY
INTERNAL_TOKEN = REPLACE_GITEA_INTERNAL_TOKEN
PASSWORD_HASH_ALGO = pbkdf2
MIN_PASSWORD_LENGTH = 8
PASSWORD_COMPLEXITY = on
LOGIN_REMEMBER_DAYS = 1825
COOKIE_USERNAME = git_REPLACE_RANDOM_COOKIE_KEY
REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_TRUSTED_PROXIES = *
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
REVERSE_PROXY_AUTHENTICATION_EMAIL = X-WEBAUTH-EMAIL
REVERSE_PROXY_AUTHENTICATION_FULL_NAME = X-WEBAUTH-FULLNAME
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[time]
DEFAULT_UI_LOCATION = REPLACE_TZ
FORMAT = RFC1123
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[service]
DISABLE_REGISTRATION = false
REQUIRE_SIGNIN_VIEW = false
REGISTER_EMAIL_CONFIRM = REPLACE_GITEA_EMAIL_CONFIRM
ENABLE_NOTIFY_MAIL = REPLACE_GITEA_EMAIL_CONFIRM
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = true
DEFAULT_KEEP_EMAIL_PRIVATE = true
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = no-reply.REPLACE_SERVER_NAME
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[actions]
ENABLED = true
DEFAULT_ACTIONS_URL = github
ARTIFACT_RETENTION_DAYS = 90
ZOMBIE_TASK_TIMEOUT = 10m
ENDLESS_TASK_TIMEOUT = 3h
ABANDONED_JOB_TIMEOUT = 24h
SKIP_WORKFLOW_STRINGS = [skip ci],[ci skip],[no ci],[skip actions],[actions skip]
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[storage.actions_log]
STORAGE_TYPE = local
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[mailer]
ENABLED = REPLACE_GITEA_EMAIL_CONFIRM
SMTP_ADDR = REPLACE_EMAIL_RELAY
SMTP_PORT = 25
FROM = REPLACE_SERVER_ADMIN
USER =
PASSWD =
PROTOCOL =
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[oauth2]
ENABLED = true
JWT_SIGNING_ALGORITHM = RS256
ACCESS_TOKEN_EXPIRATION_TIME = 3600
REFRESH_TOKEN_EXPIRATION_TIME = 730
MAX_TOKEN_LENGTH = 32767
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[oauth2_client]
REGISTER_EMAIL_CONFIRM = REPLACE_GITEA_EMAIL_CONFIRM
OPENID_CONNECT_SCOPES =
ENABLE_AUTO_REGISTRATION = true
USERNAME = nickname
UPDATE_AVATAR = false
ACCOUNT_LINKING = login
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[ui]
DEFAULT_THEME = gitea-dark
SEARCH_REPO_DESCRIPTION = true
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[ui.meta]
AUTHOR = gitea
DESCRIPTION = REPLACE_SERVER_SITE_TITLE
KEYWORDS = go,git,self-hosted,gitea
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[ui.notification]
MIN_TIMEOUT = 10s
MAX_TIMEOUT = 60s
TIMEOUT_STEP = 10s
EVENT_SOURCE_UPDATE_TIME = 10s
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cors]
ENABLED = true
SCHEME = REPLACE_SERVER_PROTO
ALLOW_DOMAIN = *
ALLOW_SUBDOMAIN = true
METHODS = GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS
MAX_AGE = 10m
ALLOW_CREDENTIALS = true
X_FRAME_OPTIONS = SAMEORIGIN
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[project]
PROJECT_BOARD_BASIC_KANBAN_TYPE = To Do, In Progress, Done
PROJECT_BOARD_BUG_TRIAGE_TYPE = Needs Triage, High Priority, Low Priority, Closed
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron]
ENABLED = true
RUN_AT_START = false
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron.archive_cleanup]
ENABLED = true
RUN_AT_START = true
NO_SUCCESS_NOTICE = false
OLDER_THAN = 24h
SCHEDULE = @midnight
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron.update_mirrors]
ENABLED = true
RUN_AT_START = true
NO_SUCCESS_NOTICE = true
PULL_LIMIT = 100000
PUSH_LIMIT = 100000
SCHEDULE = @every 360m
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron.repo_health_check]
ENABLED = true
RUN_AT_START = false
NO_SUCCESS_NOTICE = false
TIMEOUT = 60s
SCHEDULE = @midnight
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron.delete_inactive_accounts]
ENABLED = false
RUN_AT_START = false
NO_SUCCESS_NOTICE = false
OLDER_THAN = 168h
SCHEDULE = @annually
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron.delete_repo_archives]
ENABLED = false
RUN_AT_START = false
NO_SUCCESS_NOTICE = false
SCHEDULE = @annually
; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[cron.update_checker]
ENABLED = false
RUN_AT_START = false
ENABLE_SUCCESS_NOTICE = true
SCHEDULE = @every 168h
HTTP_ENDPOINT = https://dl.gitea.io/gitea/version.json

35
rootfs/tmp/etc/ssh/sshd_config Normal file
View File

@@ -0,0 +1,35 @@
Port 7833
Protocol 2
AddressFamily any
ListenAddress 0.0.0.0
ListenAddress ::
LogLevel INFO
HostKey REPLACE_SSH_CONF_DIR/ssh_host_ed25519_key
HostKey REPLACE_SSH_CONF_DIR/ssh_host_rsa_key
HostKey REPLACE_SSH_CONF_DIR/ssh_host_ecdsa_key
AuthorizedKeysFile REPLACE_SSH_DATA_DIR/authorized_keys
AuthorizedPrincipalsFile REPLACE_SSH_DATA_DIR/authorized_principals
TrustedUserCAKeys REPLACE_SSH_DATA_DIR/gitea-trusted-user-ca-keys.pem
CASignatureAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
UseDNS no
AllowAgentForwarding no
AllowTcpForwarding no
PrintMotd no
PermitUserEnvironment yes
PermitRootLogin no
ChallengeResponseAuthentication no
PasswordAuthentication no
PermitEmptyPasswords no
AllowUsers gitea
Banner none
Subsystem sftp /usr/lib/ssh/sftp-server
AcceptEnv GIT_PROTOCOL