homelab/nodes/heimdall/gitea/compose.yaml

services:
  db:
    container_name: gitea-db
    image: postgres:17.4
    restart: always
    networks:
      - proxy-net
    environment:
      - POSTGRES_DB=${GITEA_DB_NAME}
      - POSTGRES_USER=${GITEA_DB_USER}
      - POSTGRES_PASSWORD=${GITEA_DB_PASSWORD}
      - TZ=${TZ}
    volumes:
      - /mnt/appdata/gitea/database:/var/lib/postgresql/data

  server:
    container_name: gitea-server
    image: gitea/gitea:1.23.7
    restart: always
    depends_on:
      - db
    networks:
      - proxy-net
    environment:
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=${GITEA_DB_HOST}
      - GITEA__database__NAME=${GITEA_DB_NAME}
      - GITEA__database__USER=${GITEA_DB_USER}
      - GITEA__database__PASSWD=${GITEA_DB_PASSWORD}
      - GITEA__server__ROOT_URL=${GITEA_ROOT_URL}
      - TZ=${TZ}
      - GITEA__server__SSH_KEY_EXCHANGES=curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
      - GITEA__server__SSH_CIPHERS=aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
      - GITEA__server__SSH_ALGORITHMS=rsa-sha2-256,rsa-sha2-512,ssh-ed25519
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.gitea.entrypoints=websecure"
      - "traefik.http.routers.gitea.rule=Host(`${GITEA_HOST}`)"
      - "traefik.http.routers.gitea.tls=true"
      - "traefik.http.routers.gitea.tls.certresolver=cloudflare"
      - "traefik.http.services.gitea.loadbalancer.server.port=3000"
    volumes:
      - /mnt/appdata/gitea/data:/data

  # runner:
  #   container_name: gitea_runner
  #   image: gitea/act_runner:0.2.11
  #   restart: always
  #   depends_on:
  #     - server
  #   networks:
  #     - proxy-net
  #   environment:
  #     - CONFIG_FILE=/config.yaml
  #     - GITEA_INSTANCE_URL=${GITEA_ROOT_URL}
  #     - GITEA_RUNNER_NAME=homelab
  #     - GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_TOKEN}
  #     - TZ=${TZ}
  #   volumes:
  #     - /mnt/appdata/gitea/config.yaml:/config.yaml
  #     - /mnt/appdata/gitea/runner/data:/data
  #     - /var/run/docker.sock:/var/run/docker.sock

networks:
  proxy-net:
    name: proxy-net
    external: true