From 888161cef7c46f3a560e252c8c62450adfdb7db0 Mon Sep 17 00:00:00 2001
From: Mathias Beaulieu-Duncan <mathias@openharbor.io>
Date: Mon, 19 Aug 2024 10:22:19 -0400
Subject: [PATCH] initial commit

---
 .env.example        | 21 +++++++++++++
 .gitignore          |  5 +++
 .s3cfg.example      |  0
 Dockerfile          | 22 ++++++++++++++
 backup.sh           | 27 +++++++++++++++++
 docker-compose.yaml | 74 +++++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 149 insertions(+)
 create mode 100644 .env.example
 create mode 100644 .gitignore
 create mode 100644 .s3cfg.example
 create mode 100644 Dockerfile
 create mode 100755 backup.sh
 create mode 100644 docker-compose.yaml

diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..59f71c0
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,21 @@
+GITEA_SECRET=
+GITEA_TOKEN=
+
+GITEA_ROOT_URL=
+GITEA_HOST=
+GITEA_SSH_HOST=
+GITEA_LFS_ENABLE=
+GITEA_DISABLE_HTTP_GIT=
+
+DB_TYPE=
+DB_DATABASE=
+DB_USER=
+DB_PASSWORD=
+
+SMTP_FROM=
+SMTP_HOST=
+SMTP_PORT=
+SMTP_USER=
+SMTP_PASSWORD=
+
+BACKUP_SPACE_NAME=
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..6622648
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,5 @@
+.env
+.s3cfg
+backup/
+gitea/
+postgres/
diff --git a/.s3cfg.example b/.s3cfg.example
new file mode 100644
index 0000000..e69de29
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..137a15c
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,22 @@
+FROM docker:latest
+
+RUN apk add --no-cache bash postgresql-client gnupg s3cmd jq
+
+RUN mkdir -p /etc/cron.d
+
+WORKDIR /usr/local/bin
+
+COPY backup.sh /usr/local/bin/backup.sh
+RUN chmod +x /usr/local/bin/backup.sh
+
+RUN mkdir -p /backup
+
+RUN echo "0 0,12 * * * /usr/local/bin/backup.sh >> /var/log/backup.log 2>&1" > /etc/cron.d/backup-cron
+
+RUN chmod 0644 /etc/cron.d/backup-cron
+RUN crontab /etc/cron.d/backup-cron
+
+RUN touch /var/log/backup.log
+
+# Run the cron job and tail the logs
+CMD crond && tail -f /var/log/backup.log
diff --git a/backup.sh b/backup.sh
new file mode 100755
index 0000000..34d1be4
--- /dev/null
+++ b/backup.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+BACKUP_DIR="/backup/$(date +%F_%H-%M)/"
+DB_BACKUP_FILE="$BACKUP_DIR/gitea.sql"
+
+mkdir -p $BACKUP_DIR
+
+container_id=$(docker ps --filter "name=^gitea$" -q)
+user=$(docker inspect -f '{{json .Config.Env}}' $container_id | jq -r '.[] | select(startswith("USER=")) | split("=")[1]')
+
+# gitea backup
+docker exec -u "$user" -w /tmp $container_id gitea dump
+docker cp $container_id:/tmp/. $BACKUP_DIR
+docker exec $container_id sh -c 'rm -rf /tmp/*'
+
+# database backup
+PGPASSWORD="$DB_PASSWORD" pg_dump -h database -U $DB_USER -d $DB_DATABASE -F c -b -v -f $DB_BACKUP_FILE
+
+BACKUP_FILE="backup_$(date +%F_%H-%M).tar.gz"
+tar -czf $BACKUP_FILE $BACKUP_DIR
+
+TARGET_PATH="s3://$BACKUP_SPACE_NAME/gitea/"
+s3cmd put --encrypt $BACKUP_FILE $TARGET_PATH
+
+rm -rf /backup/*
+
+echo "Files have been uploaded to $TARGET_PATH"
diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100644
index 0000000..3c5c368
--- /dev/null
+++ b/docker-compose.yaml
@@ -0,0 +1,74 @@
+version: "3"
+
+services:
+  backup-cron-gitea:
+    build:
+      context: .
+    env_file:
+      - .env
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - .s3cfg:/root/.s3cfg:ro
+      - ./backup.sh:/usr/local/bin/backup.sh:ro
+    restart: unless-stopped
+    networks:
+      - gitea
+    depends_on:
+      - gitea
+
+  gitea:
+    image: gitea/gitea:1.22.1
+    container_name: gitea
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+      - GITEA__security__SECRET=${GITEA_SECRET}
+      - GITEA__security__INTERNAL_TOKEN=${GITEA_TOKEN}
+      - GITEA__database__DB_TYPE=${DB_TYPE}
+      - GITEA__database__HOST=database:5432
+      - GITEA__database__NAME=${DB_DATABASE}
+      - GITEA__database__USER=${DB_USER}
+      - GITEA__database__PASSWD=${DB_PASSWORD}
+      - GITEA__mailer__ENABLED=true
+      - GITEA__mailer__FROM=${SMTP_FROM}
+      - GITEA__mailer__PROTOCOL=smtps
+      - GITEA__mailer__SMTP_ADDR=${SMTP_HOST}
+      - GITEA__mailer__SMTP_PORT=${SMTP_PORT}
+      - GITEA__mailer__USER=${SMTP_USER}
+      - GITEA__mailer__PASSWD=${SMTP_PASSWORD}
+      - GITEA__server__LFS_START_SERVER=${GITEA_LFS_ENABLE}
+      - GITEA__server__ROOT_URL=${GITEA_ROOT_URL}
+      - GITEA__server__DOMAIN=${GITEA_HOST}
+      - GITEA__server__DISABLE_HTTP_GIT=${GITEA_DISABLE_HTTP_GIT}
+      - GITEA__server__SSH_DOMAIN=${GITEA_SSH_HOST}
+    depends_on:
+      - database
+    restart: always
+    networks:
+      - gitea
+      - nginx-network
+    volumes:
+      - ./gitea/data:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "3000:3000"
+      - "222:22"
+
+  database:
+    image: postgres:16.4
+    restart: always
+    networks:
+      - gitea    
+    environment:
+      - POSTGRES_DB=${DB_DATABASE}
+      - POSTGRES_USER=${DB_USER}
+      - POSTGRES_PASSWORD=${DB_PASSWORD}
+    volumes:
+      - ./postgres/data:/var/lib/postgresql/data
+
+networks:
+  gitea:
+    driver: bridge
+  nginx-network:
+    external: true