homelab/nodes/heimdall/gitea/compose.yaml

services:
  db:
    container_name: gitea-db
    image: postgres:17.4
    restart: always
    networks:
      - proxy-net
    environment:
      - POSTGRES_DB=${GITEA_DB_NAME}
      - POSTGRES_USER=${GITEA_DB_USER}
      - POSTGRES_PASSWORD=${GITEA_DB_PASSWORD}
      - TZ=${TZ}
    volumes:
      - /mnt/appdata/gitea/database:/var/lib/postgresql/data

  server:
    container_name: gitea-server
    image: gitea/gitea:1.23.7
    restart: always
    depends_on:
      - db
    networks:
      - proxy-net
    environment:
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=${GITEA_DB_HOST}
      - GITEA__database__NAME=${GITEA_DB_NAME}
      - GITEA__database__USER=${GITEA_DB_USER}
      - GITEA__database__PASSWD=${GITEA_DB_PASSWORD}
      - GITEA__server__ROOT_URL=${GITEA_ROOT_URL}
      - GITEA__server__DOMAIN=${GITEA_HOST}
      - GITEA__security__COOKIE_SECURE=true
      - GITEA__service__DISABLE_REGISTRATION=true
      - GITEA__openid__ENABLE_OPENID_SIGNIN=false
      - TZ=${TZ}
      - GITEA__server__SSH_KEY_EXCHANGES=${GITEA__server__SSH_KEY_EXCHANGES}
      - GITEA__server__SSH_CIPHERS=${GITEA__server__SSH_CIPHERS}
      - GITEA__server__SSH_ALGORITHMS=${GITEA__server__SSH_ALGORITHMS}
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.gitea.entrypoints=websecure"
      - "traefik.http.routers.gitea.rule=Host(`${GITEA_HOST}`)"
      - "traefik.http.routers.gitea.tls=true"
      - "traefik.http.routers.gitea.tls.certresolver=cloudflare"
      - "traefik.http.services.gitea.loadbalancer.server.port=3000"
    volumes:
      - /mnt/appdata/gitea/data:/data

  # runner:
  #   container_name: gitea_runner
  #   image: gitea/act_runner:0.2.11
  #   restart: always
  #   depends_on:
  #     - server
  #   networks:
  #     - proxy-net
  #   environment:
  #     - CONFIG_FILE=/config.yaml
  #     - GITEA_INSTANCE_URL=${GITEA_ROOT_URL}
  #     - GITEA_RUNNER_NAME=homelab
  #     - GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_TOKEN}
  #     - TZ=${TZ}
  #   volumes:
  #     - /mnt/appdata/gitea/config.yaml:/config.yaml
  #     - /mnt/appdata/gitea/runner/data:/data
  #     - /var/run/docker.sock:/var/run/docker.sock

networks:
  proxy-net:
    name: proxy-net
    external: true