dockerized #1

Merged
e merged 8 commits from dockerized into main 2024-08-02 01:01:08 +00:00
2 changed files with 57 additions and 170 deletions
Showing only changes of commit ab15f7f3be - Show all commits

View File

@ -1,6 +1,6 @@
# Gitea Incus Deployment Script
This script automates the deployment of Gitea using Incus containers. It provides a simple command-line interface to create a profile, install Gitea and PostgreSQL, and secure the configuration.
This script automates the deployment of Gitea using a single Incus container with Docker Compose. It provides a simple command-line interface to create a profile and install Gitea with PostgreSQL.
## Prerequisites
@ -31,7 +31,7 @@ If CPU or RAM is not specified, the default Incus values will be used.
### Install Gitea
Install Gitea and PostgreSQL:
Install Gitea and PostgreSQL using Docker Compose:
```bash
./gitea.sh install [-p dbpassword]
@ -42,28 +42,22 @@ Options:
If no password is provided, a default password will be used.
### Secure Configuration
After completing the web installation, secure the Gitea configuration:
```bash
./gitea.sh secure
```
## Script Behavior
1. The script enforces the correct order of operations:
- Profile must be created before installation
- Gitea must be installed before securing the configuration
2. The script will create a network named "incusbr0" if it doesn't exist
3. The root disk size for the Incus container is set to 20GB by default
4. Gitea will be accessible on port 3000, and SSH access will be on port 2222
5. The script creates a single Incus container with nesting enabled
6. Docker and Docker Compose are installed inside the Incus container
7. Gitea and PostgreSQL are deployed using Docker Compose within the Incus container
## Notes
- After installation, access Gitea through the web interface to complete the setup
- The script provides the URL to access Gitea after installation
- Make sure to secure the configuration after completing the web setup
- The latest versions of Gitea and PostgreSQL Docker images are used
## Customization
@ -82,5 +76,5 @@ You can modify the following variables at the top of the script to customize you
If you encounter any issues:
1. Check the Incus container status: `incus list`
2. View the container logs: `incus exec gitea -- journalctl -u gitea`
2. View the container logs: `incus exec gitea -- docker-compose logs`
3. Ensure all required ports are open and not in use by other services

207
gitea.sh
View File

@ -44,7 +44,7 @@ profile_exists() {
incus profile list | grep -q $PROFILE_NAME
}
# Function to install Gitea and PostgreSQL
# Function to install Gitea and PostgreSQL using Docker Compose
install_gitea() {
if ! profile_exists; then
echo "Error: Profile does not exist. Please create a profile first using '$0 profile'."
@ -58,176 +58,75 @@ install_gitea() {
incus network attach $NETWORK_NAME $CONTAINER_NAME
echo "Configuring container..."
incus config set $CONTAINER_NAME security.privileged=true
incus config set $CONTAINER_NAME security.nesting=true
incus config set $CONTAINER_NAME linux.kernel_modules=overlay,nf_nat
incus config device add $CONTAINER_NAME gitea-ssh proxy listen=tcp:0.0.0.0:$SSH_PORT connect=tcp:127.0.0.1:2222
incus config device add $CONTAINER_NAME gitea-ssh proxy listen=tcp:0.0.0.0:$SSH_PORT connect=tcp:127.0.0.1:22
incus config device add $CONTAINER_NAME gitea-web proxy listen=tcp:0.0.0.0:$WEB_PORT connect=tcp:127.0.0.1:3000
echo "Waiting for network to be ready..."
sleep 10
echo "Installing Gitea dependencies..."
echo "Installing Docker and Docker Compose..."
incus exec $CONTAINER_NAME -- bash -c "
apt update
apt install -y wget git postgresql postgresql-contrib
apt install -y docker.io docker-compose
"
echo "Setting up PostgreSQL..."
incus exec $CONTAINER_NAME -- bash -c "
sudo -u postgres psql -c \"CREATE USER $DB_USER WITH PASSWORD '$DB_PASS'\"
sudo -u postgres psql -c \"CREATE DATABASE gitea OWNER $DB_USER\"
echo \"host all all 0.0.0.0/0 password\" >> /etc/postgresql/14/main/pg_hba.conf
echo \"listen_addresses = '*'\" >> /etc/postgresql/14/main/postgresql.conf
systemctl restart postgresql
"
echo "Creating Docker Compose file..."
incus exec $CONTAINER_NAME -- bash -c "cat > /root/docker-compose.yml << EOL
version: '3'
echo "Installing Gitea..."
incus exec $CONTAINER_NAME -- bash -c "
wget -O gitea https://dl.gitea.io/gitea/1.18.0/gitea-1.18.0-linux-amd64
chmod +x gitea
mv gitea /usr/local/bin/gitea
"
networks:
gitea:
external: false
echo "Creating Gitea user and setting up directories..."
incus exec $CONTAINER_NAME -- bash -c "
adduser --system --group --disabled-password --home /var/lib/gitea --shell /bin/bash git
mkdir -p /var/lib/gitea/{custom,data,log}
chown -R git:git /var/lib/gitea/
chmod -R 750 /var/lib/gitea/
mkdir -p /etc/gitea
chown root:git /etc/gitea
chmod 770 /etc/gitea
"
echo "Creating Gitea configuration..."
incus exec $CONTAINER_NAME -- bash -c "cat > /etc/gitea/app.ini << EOL
APP_NAME = Gitea: Git with a cup of tea
RUN_USER = git
RUN_MODE = prod
[database]
DB_TYPE = postgres
HOST = 127.0.0.1:5432
NAME = gitea
USER = $DB_USER
PASSWD = $DB_PASS
[repository]
ROOT = /var/lib/gitea/data/gitea-repositories
[server]
HTTP_PORT = 3000
ROOT_URL = http://$(incus exec $CONTAINER_NAME -- ip addr show eth0 | grep 'inet ' | awk '{print $2}' | cut -d/ -f1):$WEB_PORT/
DISABLE_SSH = false
SSH_PORT = 2222
START_SSH_SERVER = true
LFS_START_SERVER = true
[security]
INSTALL_LOCK = false
[service]
DISABLE_REGISTRATION = false
REQUIRE_SIGNIN_VIEW = false
[indexer]
ISSUE_INDEXER_PATH = /var/lib/gitea/indexers/issues.bleve
[session]
PROVIDER_CONFIG = /var/lib/gitea/data/sessions
[picture]
AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /var/lib/gitea/data/repo-avatars
[attachment]
PATH = /var/lib/gitea/data/attachments
[log]
ROOT_PATH = /var/lib/gitea/log
[mailer]
ENABLED = false
[service]
DISABLE_REGISTRATION = false
REQUIRE_SIGNIN_VIEW = false
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.example.org
[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true
services:
server:
image: gitea/gitea:latest
container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
- DB_TYPE=postgres
- DB_HOST=db:5432
- DB_NAME=gitea
- DB_USER=$DB_USER
- DB_PASSWD=$DB_PASS
restart: always
networks:
- gitea
volumes:
- /var/lib/gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- '3000:3000'
- '22:22'
depends_on:
- db
db:
image: postgres:latest
restart: always
environment:
- POSTGRES_USER=$DB_USER
- POSTGRES_PASSWORD=$DB_PASS
- POSTGRES_DB=gitea
networks:
- gitea
volumes:
- /var/lib/postgresql/data:/var/lib/postgresql/data
EOL"
echo "Setting initial permissions for Gitea config file..."
echo "Starting Gitea and PostgreSQL with Docker Compose..."
incus exec $CONTAINER_NAME -- bash -c "
chown root:git /etc/gitea/app.ini
chmod 770 /etc/gitea
chmod 660 /etc/gitea/app.ini
"
echo "Creating Gitea service..."
incus exec $CONTAINER_NAME -- bash -c "cat > /etc/systemd/system/gitea.service << EOL
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
After=postgresql.service
[Service]
RestartSec=2s
Type=simple
User=git
Group=git
WorkingDirectory=/var/lib/gitea/
ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
Restart=always
Environment=USER=git HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea
[Install]
WantedBy=multi-user.target
EOL"
echo "Ensuring PostgreSQL is running and accessible..."
incus exec $CONTAINER_NAME -- bash -c "
systemctl restart postgresql
sleep 5
sudo -u git psql -h 127.0.0.1 -U gitea -d gitea -c 'SELECT 1'
"
echo "Starting Gitea..."
incus exec $CONTAINER_NAME -- bash -c "
systemctl daemon-reload
systemctl enable gitea
systemctl restart gitea
sleep 5
systemctl status gitea
cd /root
docker-compose up -d
"
echo "Gitea setup complete!"
echo "Access Gitea at http://$(incus exec $CONTAINER_NAME -- ip addr show eth0 | grep 'inet ' | awk '{print $2}' | cut -d/ -f1):$WEB_PORT"
echo "SSH access available on port $SSH_PORT"
echo ""
echo "After completing the web installation, run '$0 secure' to secure the configuration."
}
# Function to secure Gitea configuration
secure_gitea() {
if ! incus list | grep -q $CONTAINER_NAME; then
echo "Error: Gitea is not installed. Please install Gitea first using '$0 install'."
exit 1
fi
echo "Securing Gitea configuration..."
incus exec $CONTAINER_NAME -- bash -c 'chmod 750 /etc/gitea && chmod 640 /etc/gitea/app.ini'
echo "Gitea configuration secured."
}
# Function to display usage
@ -238,9 +137,6 @@ usage() {
echo ""
echo "Install Gitea and PostgreSQL:"
echo "$0 install [-p dbpassword]"
echo ""
echo "Secure the configurations:"
echo "$0 secure"
}
# Main script logic
@ -292,9 +188,6 @@ case "$1" in
done
install_gitea
;;
secure)
secure_gitea
;;
*)
usage
exit 1