Gitea: switched to rootless image

setups/setup-gitea.yml

@@ -1,11 +1,19 @@
     - name: Copy gitea directory
       copy:
         src: "gitea/"
-        dest: "{{ docker_dir }}/gitea/data/gitea"
+        dest: "{{ docker_dir }}/gitea"
         owner: 1000
         group: 1000
         mode: 0755
 
+    - name: Set proper chown
+      command: chown -R 1000:1000 '{{ docker_dir }}/gitea'
+      become: true
+
+    - name: Set proper permissions
+      command: chmod 755 '{{ docker_dir }}/gitea'
+      become: true
+
     - name: Curl Github theme
-      shell: curl -s 'https://raw.githubusercontent.com/Rainnny7/gitea-github-theme/master/theme-github.css' > {{ docker_dir }}/gitea/data/gitea/public/assets/css/theme-github.css
+      shell: curl -s 'https://raw.githubusercontent.com/Rainnny7/gitea-github-theme/master/theme-github.css' > {{ docker_dir }}/gitea/data/public/assets/css/theme-github.css
-      ignore_errors: true
+      ignore_errors: true

templates/compose/gitea.yaml.j2

@@ -2,37 +2,56 @@
 version: "3"
 services:
   gitea:
-    image: gitea/gitea:nightly
+    image: gitea/gitea:latest-rootless
     container_name: gitea
     security_opt:
       - no-new-privileges
     environment:
       - PUID=1000
       - PGID=1000
-#      - TZ=Asia/Singapore
       - USER_UID=1000
       - USER_GID=1000
+      - TZ=Asia/Singapore
       - ROOT_URL=https://git.opnxng.com
+      - GITEA_DATABASE_DB_TYPE=postgres
+      - GITEA_DATABASE_HOST=gitea-db:5432
+      - GITEA_DATABASE_NAME={{ gitea_database_name }}
+      - GITEA_DATABASE_USER={{ gitea_database_user }}
+      - GITEA_DATABASE_PASSWD={{ gitea_database_passwd }}
     volumes:
-      - {{ docker_dir }}/gitea/data:/data
+      - {{ docker_dir }}/gitea/data:/var/lib/gitea
+      - {{ docker_dir }}/gitea/data/config:/etc/gitea
       - {{ docker_dir }}/gitea/packages:/packages
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
     restart: always
+    depends_on:
+      - gitea-db
     ports:
       - "3000:3000"
-    labels:
-      - "com.centurylinklabs.watchtower.enable=false"
     networks:
       - IPv4
+
+
+  gitea-db:
+    image: postgres:14
+    container_name: gitea-db
+    security_opt:
+      - no-new-privileges
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Asia/Singapore
+      - POSTGRES_USER={{ gitea_database_user }}
+      - POSTGRES_PASSWORD={{ gitea_database_passwd }}
+      - POSTGRES_DB={{ gitea_database_name }}
+    volumes:
+      - {{ docker_dir }}/gitea/data/postgres:/var/lib/postgresql/data
+    restart: always
+    networks:
+      - IPv4
+
 networks:
   IPv4:
     external:
-      name: IPv4
+      name: IPv4
-
-# Don't auto-update for now. Switch to stable rootless later
-#    image: gitea/gitea:latest-rootless
-#      - GITEA_APP_INI=/data/gitea/conf/app.ini
-#      - GITEA_TEMP=/data/gitea/tmp
-#      - GITEA_CUSTOM=/data/gitea
-#      - GITEA_WORK_DIR=/app/gitea/gitea

templates/compose/runner.yaml.j2

@@ -19,7 +19,7 @@ services:
       - DOCKER_HOST={{ docker_host }}
       - GITEA_INSTANCE_URL=https://git.opnxng.com
       - GITEA_RUNNER_NAME=runner
-      - GITEA_RUNNER_REGISTRATION_TOKEN="{{ gitea_runner_registration_token }}"
+      - GITEA_RUNNER_REGISTRATION_TOKEN={{ gitea_runner_registration_token }}
       - GITEA_RUNNER_LABELS=ubuntu-latest:docker://node:16-bullseye,ubuntu-22.04:docker://node:16-bullseye,ubuntu-20.04:docker://node:16-bullseye,ubuntu-18.04:docker://node:16-buster,runner:host
     networks:
       - IPv4

vars/services.yml

@@ -1,12 +1,6 @@
-setup:
-  oracle4:
-    - paulgo
-    - nitter
-
 compose:
-  oracle4:
+  oracle3:
-    - paulgo
+    - gitea
-    - nitter
 
 # ----------------------------------------------------------------------------------------------------