diff --git a/README.md b/README.md index 0b97e07..e9ec330 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,37 @@ -# Incus-Gitea +# Gitea Setup with Incus and Docker -Quick setup script for an gitea in a nested container utilizing incus and docker-compose. \ No newline at end of file +This script automates the setup of Gitea using Incus containers with nested Docker Compose. + +## Prerequisites + +- Incus installed on the host machine +- Root or sudo access (Incus group perm works too) + +## Usage + +1. Save the script as `setup_gitea.sh` +2. Make it executable: `chmod +x setup_gitea.sh` +3. Run the script: `sudo ./setup_gitea.sh` + +The script will: +- Create an Incus container named 'gitea' +- Install Docker and Docker Compose in the container +- Set up Gitea using Docker Compose +- Configure port forwarding for web and SSH access + +Access Gitea at `http://host-ip:3000`. SSH access is available on port 2222. + +## Configuration + +You can modify the following variables in the script: +- `CONTAINER_NAME`: Name of the Incus container +- `HOST_DATA_PATH`: Path on the host to store Gitea data +- `WEB_PORT`: Port for web access +- `SSH_PORT`: Port for SSH access + +## Notes + +- The script uses Ubuntu 22.04 as the base image for the Incus container. +- PostgreSQL is used as the database and runs in a separate container. +- Data is persisted on the host machine. +- For production use, review and adjust security settings as needed. diff --git a/setup.sh b/setup.sh new file mode 100755 index 0000000..00702b9 --- /dev/null +++ b/setup.sh @@ -0,0 +1,105 @@ +#!/bin/bash + +set -e + +CONTAINER_NAME="gitea" +HOST_DATA_PATH="/opt/gitea-data" +WEB_PORT="3000" +SSH_PORT="2222" +PROFILE_NAME="gitea-profile" +ROOT_DISK_SIZE="10GB" +NETWORK_NAME="incusbr0" + +echo "Creating Incus profile with 16GB memory limit and root disk..." +incus profile create $PROFILE_NAME || true +incus profile set $PROFILE_NAME limits.memory=16GB +incus profile device add $PROFILE_NAME root disk path=/ pool=default size=$ROOT_DISK_SIZE + +echo "Ensuring network exists..." +if ! incus network list | grep -q $NETWORK_NAME; then + echo "Creating network $NETWORK_NAME..." + incus network create $NETWORK_NAME +fi + +echo "Creating host directory for Gitea data..." +sudo mkdir -p $HOST_DATA_PATH +sudo chmod 777 $HOST_DATA_PATH + +echo "Creating Incus container..." +incus launch images:ubuntu/22.04 $CONTAINER_NAME -p $PROFILE_NAME + +echo "Attaching network to container..." +incus network attach $NETWORK_NAME $CONTAINER_NAME + +echo "Configuring container..." +incus config set $CONTAINER_NAME security.privileged=true +incus config set $CONTAINER_NAME linux.kernel_modules=overlay,nf_nat +incus config device add $CONTAINER_NAME gitea-data disk source=$HOST_DATA_PATH path=/var/lib/gitea +incus config device add $CONTAINER_NAME gitea-ssh proxy listen=tcp:0.0.0.0:$SSH_PORT connect=tcp:127.0.0.1:22 +incus config device add $CONTAINER_NAME gitea-web proxy listen=tcp:0.0.0.0:$WEB_PORT connect=tcp:127.0.0.1:3000 + +echo "Waiting for network to be ready..." +sleep 10 + +echo "Installing Gitea dependencies..." +incus exec $CONTAINER_NAME -- bash -c " +apt update +apt install -y wget git postgresql postgresql-contrib +" + +echo "Setting up PostgreSQL..." +incus exec $CONTAINER_NAME -- bash -c " +sudo -u postgres psql -c \"CREATE USER gitea WITH PASSWORD 'gitea'\" +sudo -u postgres psql -c \"CREATE DATABASE gitea OWNER gitea\" +" + +echo "Installing Gitea..." +incus exec $CONTAINER_NAME -- bash -c " +wget -O gitea https://dl.gitea.io/gitea/1.18.0/gitea-1.18.0-linux-amd64 +chmod +x gitea +mv gitea /usr/local/bin/gitea +" + +echo "Creating Gitea user and setting up directories..." +incus exec $CONTAINER_NAME -- bash -c " +adduser --system --group --disabled-password --home /var/lib/gitea --shell /bin/bash gitea +mkdir -p /var/lib/gitea/{custom,data,log} +chown -R gitea:gitea /var/lib/gitea/ +chmod -R 750 /var/lib/gitea/ +mkdir /etc/gitea +chown root:gitea /etc/gitea +chmod 770 /etc/gitea +" + +echo "Creating Gitea service..." +incus exec $CONTAINER_NAME -- bash -c "cat > /etc/systemd/system/gitea.service << EOL +[Unit] +Description=Gitea (Git with a cup of tea) +After=syslog.target +After=network.target +After=postgresql.service + +[Service] +RestartSec=2s +Type=simple +User=gitea +Group=gitea +WorkingDirectory=/var/lib/gitea/ +ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini +Restart=always +Environment=USER=gitea HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea + +[Install] +WantedBy=multi-user.target +EOL" + +echo "Starting Gitea..." +incus exec $CONTAINER_NAME -- bash -c " +systemctl daemon-reload +systemctl enable gitea +systemctl start gitea +" + +echo "Gitea setup complete!" +echo "Access Gitea at http://$(incus exec $CONTAINER_NAME -- ip addr show eth0 | grep 'inet ' | awk '{print $2}' | cut -d/ -f1):$WEB_PORT" +echo "SSH access available on port $SSH_PORT" diff --git a/util/incus-remove-both.sh b/util/incus-remove-both.sh new file mode 100755 index 0000000..e372b27 --- /dev/null +++ b/util/incus-remove-both.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +RUNNING_CONTAINERS="$(incus list -f compact -c n | sed 's/NAME//g' | sed 's/ //g' | awk 'NF')" +PROFILES="$(incus profile list -f csv | awk -F"," '{print $1}' | sed 's/default//g' | awk 'NF')" + +for container in $RUNNING_CONTAINERS; do + echo "Removing $container..." + incus delete $container --force +done + +for profile in $PROFILES; do + echo "Deleting $profile..." + incus profile delete $profile +done + diff --git a/util/incus-remove-containers.sh b/util/incus-remove-containers.sh new file mode 100755 index 0000000..9731867 --- /dev/null +++ b/util/incus-remove-containers.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +RUNNING_CONTAINERS="$(incus list -f compact -c n | sed 's/NAME//g' | sed 's/ //g' | awk 'NF')" + +for container in $RUNNING_CONTAINERS; do + echo "Removing $container..." + incus delete $container --force +done diff --git a/util/incus-remove-profiles.sh b/util/incus-remove-profiles.sh new file mode 100755 index 0000000..43c19fd --- /dev/null +++ b/util/incus-remove-profiles.sh @@ -0,0 +1,8 @@ +#!/bin/bash +# +PROFILES="$(incus profile list -f csv | awk -F"," '{print $1}' | sed 's/default//g' | awk 'NF')" + +for profile in $PROFILES; do + echo "Deleting $profile..." + incus profile delete $profile +done