services: gitea_postgres: image: ${GITEA_POSTGRES_IMAGE_TAG} container_name: gitea_postgres volumes: - ${GITEA_VOLUME_LOCATION}/postgres:/var/lib/postgresql env_file: - .env environment: POSTGRES_DB: ${GITEA_DB_NAME} POSTGRES_USER: ${GITEA_DB_USER} POSTGRES_PASSWORD: ${GITEA_DB_PASSWORD} networks: - internal security_opt: - no-new-privileges:true healthcheck: test: [ "CMD", "pg_isready", "-q", "-d", "${GITEA_DB_NAME}", "-U", "${GITEA_DB_USER}" ] interval: 10s timeout: 5s retries: 3 start_period: 60s restart: unless-stopped gitea: image: ${GITEA_IMAGE_TAG} container_name: gitea volumes: - ${GITEA_VOLUME_LOCATION}/data:/${DATA_PATH} - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro environment: GITEA_DATABASE_HOST: postgres GITEA_DATABASE_NAME: ${GITEA_DB_NAME} GITEA_DATABASE_USERNAME: ${GITEA_DB_USER} GITEA_DATABASE_PASSWORD: ${GITEA_DB_PASSWORD} GITEA_ADMIN_USER: ${GITEA_ADMIN_USERNAME} GITEA_ADMIN_PASSWORD: ${GITEA_ADMIN_PASSWORD} GITEA_ADMIN_EMAIL: ${GITEA_ADMIN_EMAIL} GITEA_RUN_MODE: prod GITEA_DOMAIN: ${GITEA_HOSTNAME} GITEA_SSH_DOMAIN: ${GITEA_HOSTNAME} GITEA_ROOT_URL: ${GITEA_URL} GITEA_HTTP_PORT: 3000 GITEA_SSH_PORT: ${GITEA_SHELL_SSH_PORT} GITEA_SSH_LISTEN_PORT: 22 networks: - external - internal ports: - "127.0.0.1:2222:22" security_opt: - no-new-privileges:true healthcheck: test: ["CMD", "curl", "-f", "http://localhost:3000/"] interval: 10s timeout: 5s retries: 3 start_period: 90s labels: - "traefik.enable=true" - "traefik.http.routers.gitea.rule=Host(`${GITEA_HOSTNAME}`)" - "traefik.http.routers.gitea.service=gitea" - "traefik.http.routers.gitea.entrypoints=websecure" - "traefik.http.services.gitea.loadbalancer.server.port=3000" - "traefik.http.services.gitea.loadbalancer.passhostheader=true" - "traefik.http.middlewares.gitea.compress=true" - "traefik.http.routers.gitea.middlewares=gitea" - "traefik.docker.network=external" - "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)" - "traefik.tcp.routers.gitea-ssh.service=gitea-ssh" - "traefik.tcp.routers.gitea-ssh.entrypoints=ssh" - "traefik.tcp.services.gitea-ssh.loadbalancer.server.port=22" depends_on: gitea_postgres: condition: service_healthy gitea_backups: image: ${GITEA_POSTGRES_IMAGE_TAG} container_name: gitea_backups command: >- sh -c 'sleep $BACKUP_INIT_SLEEP && while true; do pg_dump -h postgres -p 5432 -d $GITEA_DB_NAME -U $GITEA_DB_USER | gzip > $POSTGRES_BACKUPS_PATH/$POSTGRES_BACKUP_NAME-$(date "+%Y-%m-%d_%H-%M").gz && tar -zcpf $DATA_BACKUPS_PATH/$DATA_BACKUP_NAME-$(date "+%Y-%m-%d_%H-%M").tar.gz $DATA_PATH && find $POSTGRES_BACKUPS_PATH -type f -mtime +$POSTGRES_BACKUP_PRUNE_DAYS | xargs rm -f && find $DATA_BACKUPS_PATH -type f -mtime +$DATA_BACKUP_PRUNE_DAYS | xargs rm -f; sleep $BACKUP_INTERVAL; done' volumes: - ${GITEA_VOLUME_LOCATION}/postgres_backup:/var/lib/postgresql/data - ${GITEA_VOLUME_LOCATION}/data:${DATA_PATH} - ${GITEA_VOLUME_LOCATION}/data_backup:${DATA_BACKUPS_PATH} - ${GITEA_VOLUME_LOCATION}/database_backup:${POSTGRES_BACKUPS_PATH} environment: GITEA_DB_NAME: ${GITEA_DB_NAME} GITEA_DB_USER: ${GITEA_DB_USER} PGPASSWORD: ${GITEA_DB_PASSWORD} BACKUP_INIT_SLEEP: ${BACKUP_INIT_SLEEP} BACKUP_INTERVAL: ${BACKUP_INTERVAL} POSTGRES_BACKUP_PRUNE_DAYS: ${POSTGRES_BACKUP_PRUNE_DAYS} DATA_BACKUP_PRUNE_DAYS: ${DATA_BACKUP_PRUNE_DAYS} POSTGRES_BACKUPS_PATH: ${POSTGRES_BACKUPS_PATH} DATA_BACKUPS_PATH: ${DATA_BACKUPS_PATH} DATA_PATH: ${DATA_PATH} POSTGRES_BACKUP_NAME: ${POSTGRES_BACKUP_NAME} DATA_BACKUP_NAME: ${DATA_BACKUP_NAME} networks: - internal security_opt: - no-new-privileges:true restart: unless-stopped depends_on: gitea_postgres: condition: service_healthy