98 lines
3.4 KiB
YAML
98 lines
3.4 KiB
YAML
---
|
|
forgejo_svc:
|
|
domain: git.serguzim.me
|
|
name: forgejo
|
|
port: 3000
|
|
caddy_extra: |
|
|
import analytics
|
|
header /attachments/* Access-Control-Allow-Origin *
|
|
db:
|
|
host: "{{ postgres.host }}"
|
|
port: "{{ postgres.port }}"
|
|
ssh_port: 22
|
|
|
|
forgejo_env:
|
|
FORGEJO__database__DB_TYPE: postgres
|
|
FORGEJO__database__HOST: "{{ svc.db.host }}:{{ svc.db.port }}"
|
|
FORGEJO__database__NAME: forgejo
|
|
FORGEJO__database__USER: "{{ opentofu.postgresql_service_roles.forgejo.name }}"
|
|
FORGEJO__database__PASSWD: "{{ opentofu.postgresql_service_roles.forgejo.password }}"
|
|
FORGEJO__database__SSL_MODE: verify-full
|
|
|
|
FORGEJO__repository__ENABLE_PUSH_CREATE_USER: true
|
|
FORGEJO__repository__ENABLE_PUSH_CREATE_ORG: true
|
|
FORGEJO__repository__DEFAULT_BRANCH: main
|
|
|
|
FORGEJO__cors__ENABLED: true
|
|
FORGEJO__cors__SCHEME: https
|
|
|
|
FORGEJO__ui__DEFAULT_THEME: forgejo-dark
|
|
|
|
FORGEJO__server__DOMAIN: "{{ svc.domain }}"
|
|
FORGEJO__server__SSH_DOMAIN: "{{ svc.domain }}"
|
|
FORGEJO__server__SSH_PORT: "{{ svc.ssh_port }}"
|
|
FORGEJO__server__ROOT_URL: https://{{ svc.domain }}
|
|
FORGEJO__server__OFFLINE_MODE: true
|
|
FORGEJO__server__LFS_JWT_SECRET: "{{ vault_forgejo.server_lfs_jwt_secret }}"
|
|
FORGEJO__server__LFS_START_SERVER: true
|
|
|
|
FORGEJO__security__INSTALL_LOCK: true
|
|
FORGEJO__security__INTERNAL_TOKEN: "{{ vault_forgejo.security_internal_token }}"
|
|
FORGEJO__security__SECRET_KEY: "{{ vault_forgejo.security_secret_key }}"
|
|
|
|
FORGEJO__openid__ENABLE_OPENID_SIGNUP: true
|
|
FORGEJO__openid__ENABLE_OPENID_SIGNIN: false
|
|
|
|
FORGEJO__service__ALLOW_ONLY_EXTERNAL_REGISTRATION: true
|
|
FORGEJO__service__ENABLE_BASIC_AUTHENTICATION: false
|
|
FORGEJO__service__DEFAULT_KEEP_EMAIL_PRIVATE: true
|
|
FORGEJO__service__NO_REPLY_ADDRESS: discard.msrg.cc
|
|
|
|
FORGEJO__webhook__DELIVER_TIMEOUT: 60
|
|
|
|
FORGEJO__mailer__ENABLED: true
|
|
FORGEJO__mailer__PROTOCOL: smtp+starttls
|
|
FORGEJO__mailer__SMTP_ADDR: mail.serguzim.me
|
|
FORGEJO__mailer__SMTP_PORT: 587
|
|
FORGEJO__mailer__FROM: Forgejo <git@serguzim.me>
|
|
FORGEJO__mailer__USER: git@serguzim.me
|
|
FORGEJO__mailer__PASSWD: "{{ vault_forgejo.mailer_passwd }}"
|
|
FORGEJO__mailer__SEND_AS_PLAIN_TEXT: true
|
|
|
|
FORGEJO__picture__DISABLE_GRAVATAR: true
|
|
|
|
FORGEJO__attachment__MAX_FILES: 10
|
|
|
|
FORGEJO__oauth2__JWT_SECRET: "{{ vault_forgejo.oauth2_jwt_secret }}"
|
|
|
|
FORGEJO__metrics__ENABLED: true
|
|
FORGEJO__metrics__TOKEN: "{{ vault_metrics_token }}"
|
|
|
|
FORGEJO__actions__ENABLED: true
|
|
|
|
FORGEJO__storage__STORAGE_TYPE: minio
|
|
FORGEJO__storage__MINIO_ENDPOINT: "{{ opentofu.scaleway_service_buckets.forgejo.api_endpoint | urlsplit('hostname') }}"
|
|
FORGEJO__storage__MINIO_ACCESS_KEY_ID: "{{ opentofu.scaleway_service_keys.forgejo.access_key }}"
|
|
FORGEJO__storage__MINIO_SECRET_ACCESS_KEY: "{{ opentofu.scaleway_service_keys.forgejo.secret_key }}"
|
|
FORGEJO__storage__MINIO_BUCKET: "{{ opentofu.scaleway_service_buckets.forgejo.name }}"
|
|
FORGEJO__storage__MINIO_LOCATION: "{{ opentofu.scaleway_service_buckets.forgejo.region }}"
|
|
FORGEJO__storage__MINIO_USE_SSL: true
|
|
|
|
FORGEJO__other__SHOW_FOOTER_VERSION: true
|
|
FORGEJO__other__SHOW_FOOTER_TEMPLATE_LOAD_TIME: false
|
|
|
|
forgejo_compose:
|
|
watchtower: true
|
|
image: codeberg.org/forgejo/forgejo:7.0
|
|
volumes:
|
|
- data:/data
|
|
- ./templates:/data/gitea/templates
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
file:
|
|
services:
|
|
app:
|
|
ports:
|
|
- "{{ svc.ssh_port }}:{{ svc.ssh_port }}"
|
|
volumes:
|
|
data:
|