gitea-compose: prod ready?

2022-07-20 12:45:19 +05:30 · 2022-07-20 12:45:19 +05:30 · 06fe19911e
parent 0e837fd674
commit 06fe19911e
1 changed files with 16 additions and 19 deletions
--- a/gitea-compose.yml
+++ b/gitea-compose.yml
@ -6,52 +6,49 @@ services:
        container_name: gitea-aatman
        restart: always
        ports:
-            - 8081:3000
-            - 2222:2222
+            - 8010:3000
+            - 8011:2222
        volumes:
-            - /trayimurti/containers/volumes/gitea/root/data:/var/lib/gitea
-            - /trayimurti/containers/volumes/gitea/root/config:/etc/gitea
-#            - /etc/timezone:/etc/timezone:ro
+            - /trayimurti/containers/volumes/gitea/root/data:/var/lib/gitea:Z
+            - /trayimurti/containers/volumes/gitea/root/config:/etc/gitea:Z
            - /etc/localtime:/etc/localtime:ro
        environment:
-            - ROOT_URL=http://0.pi:8081
+            - ROOT_URL=https://git.thefossguy.com
            - GITEA__database__DB_TYPE=postgres
            - GITEA__database__HOST=db:5432
            - GITEA__database__NAME=gitea
            - GITEA__database__USER=gitea
-            - GITEA__database__PASSWD=/run/secrets/gitea_db_user_passwd
-#            - GITEA__database__PASSWD=gitea
+            - GITEA__database__PASSWD=/run/secrets/gitea_database_user_password
            - TZ=Asia/Kolkata
-        security_opt:
-            - label=disable
        depends_on:
            - db
        secrets:
-            - gitea_db_user_passwd
+            - gitea_database_user_password

    db:
        image: postgres:alpine
        container_name: gitea-dhyana
        restart: always
        volumes:
-            - /trayimurti/containers/volumes/gitea/db:/var/lib/postgresql/data
+            - /trayimurti/containers/volumes/gitea/db:/var/lib/postgresql/data:Z
        environment:
            - POSTGRES_USER=gitea
-            - POSTGRES_PASSWORD=/run/secrets/gitea_db_user_passwd
-#            - POSTGRES_PASSWORD=gitea
+            - POSTGRES_PASSWORD=/run/secrets/gitea_database_user_password
            - POSTGRES_DB=gitea
            - TZ=Asia/Kolkata
        secrets:
-            - gitea_db_user_passwd
-        security_opt:
-            - label=disable
+            - gitea_database_user_password

 secrets:
-    gitea_db_user_passwd:
+    gitea_database_user_password:
        external: true

 # create dirs
 # mkdir -vp /trayimurti/containers/volumes/gitea/{db,root/{data,config}}

 # create secrets
-# openssl rand -base64 20 | podman secret create gitea_db_user_passwd -
+# openssl rand -base64 20 | podman secret create gitea_database_user_password -
+
+# open ports
+# sudo firewall-cmd --add-port=8010/tcp --add-port=8011/tcp --permanent
+# sudo firewall-cmd --reload