version: "3.8" networks: gitea: internal: true proxy_home: external: true services: db: image: postgres:13.2-alpine restart: always environment: - POSTGRES_PORT=${POSTGRES_PORT} - POSTGRES_DB=${POSTGRES_DB} - POSTGRES_USER=${POSTGRES_USER} - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} networks: - gitea volumes: - ./postgres:/var/lib/postgresql/data gitea: image: gitea/gitea:1 restart: always env_file: - gitea.env environment: # Specify here and through docker parameters which are shared between # Gitea and Traefik - DOMAIN=${FQDN} - SSH_DOMAIN=${FQDN} - SSH_LISTEN_PORT=${SSH_LISTEN_PORT} - GITEA__database__TYPE=postgres - GITEA__database__HOST=db:${POSTGRES_PORT} - GITEA__database__NAME=${POSTGRES_DB} - GITEA__database__USER=${POSTGRES_USER} - GITEA__database__PASSWD=${POSTGRES_PASSWORD} networks: - gitea - proxy_home # To enable GitHub mirroring - default volumes: - ./gitea:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro depends_on: - db labels: - "traefik.enable=true" - "traefik.docker.network=proxy_home" - "traefik.tcp.services.ssh-git.loadbalancer.server.port=${SSH_LISTEN_PORT}" - "traefik.http.services.git.loadbalancer.server.scheme=http" - "traefik.http.services.git.loadbalancer.server.port=3000" # MIDDLEWARES - "traefik.http.middlewares.git-headers.headers.customframeoptionsvalue=SAMEORIGIN" # Priority goes from first in the list to last. - "traefik.http.middlewares.git.chain.middlewares=git-headers,headers-base@file,headers-sts@file,headers-policy-domain@file" # SSH access - "traefik.tcp.routers.ssh-git.service=ssh-git" - "traefik.tcp.routers.ssh-git.entrypoints=ssh-git" - "traefik.tcp.routers.ssh-git.rule=HostSNI(`*`)" # Web UI - "traefik.http.routers.git.service=git" - "traefik.http.routers.git.entrypoints=web-secure" - "traefik.http.routers.git.rule=Host(`${FQDN}`)" - "traefik.http.routers.git.tls=true" - "traefik.http.routers.git.tls.certresolver=letsencrypt" - "traefik.http.routers.git.middlewares=git"