initial commit

.env.example

@@ -0,0 +1,21 @@
+GITEA_SECRET=
+GITEA_TOKEN=
+
+GITEA_ROOT_URL=
+GITEA_HOST=
+GITEA_SSH_HOST=
+GITEA_LFS_ENABLE=
+GITEA_DISABLE_HTTP_GIT=
+
+DB_TYPE=
+DB_DATABASE=
+DB_USER=
+DB_PASSWORD=
+
+SMTP_FROM=
+SMTP_HOST=
+SMTP_PORT=
+SMTP_USER=
+SMTP_PASSWORD=
+
+BACKUP_SPACE_NAME=

.gitignore

@@ -0,0 +1,5 @@
+.env
+.s3cfg
+backup/
+gitea/
+postgres/

Dockerfile

@@ -0,0 +1,22 @@
+FROM docker:latest
+
+RUN apk add --no-cache bash postgresql-client gnupg s3cmd jq
+
+RUN mkdir -p /etc/cron.d
+
+WORKDIR /usr/local/bin
+
+COPY backup.sh /usr/local/bin/backup.sh
+RUN chmod +x /usr/local/bin/backup.sh
+
+RUN mkdir -p /backup
+
+RUN echo "0 0,12 * * * /usr/local/bin/backup.sh >> /var/log/backup.log 2>&1" > /etc/cron.d/backup-cron
+
+RUN chmod 0644 /etc/cron.d/backup-cron
+RUN crontab /etc/cron.d/backup-cron
+
+RUN touch /var/log/backup.log
+
+# Run the cron job and tail the logs
+CMD crond && tail -f /var/log/backup.log

backup.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+
+BACKUP_DIR="/backup/$(date +%F_%H-%M)/"
+DB_BACKUP_FILE="$BACKUP_DIR/gitea.sql"
+
+mkdir -p $BACKUP_DIR
+
+container_id=$(docker ps --filter "name=^gitea$" -q)
+user=$(docker inspect -f '{{json .Config.Env}}' $container_id | jq -r '.[] | select(startswith("USER=")) | split("=")[1]')
+
+# gitea backup
+docker exec -u "$user" -w /tmp $container_id gitea dump
+docker cp $container_id:/tmp/. $BACKUP_DIR
+docker exec $container_id sh -c 'rm -rf /tmp/*'
+
+# database backup
+PGPASSWORD="$DB_PASSWORD" pg_dump -h database -U $DB_USER -d $DB_DATABASE -F c -b -v -f $DB_BACKUP_FILE
+
+BACKUP_FILE="backup_$(date +%F_%H-%M).tar.gz"
+tar -czf $BACKUP_FILE $BACKUP_DIR
+
+TARGET_PATH="s3://$BACKUP_SPACE_NAME/gitea/"
+s3cmd put --encrypt $BACKUP_FILE $TARGET_PATH
+
+rm -rf /backup/*
+
+echo "Files have been uploaded to $TARGET_PATH"

docker-compose.yaml

@@ -0,0 +1,74 @@
+version: "3"
+
+services:
+  backup-cron-gitea:
+    build:
+      context: .
+    env_file:
+      - .env
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - .s3cfg:/root/.s3cfg:ro
+      - ./backup.sh:/usr/local/bin/backup.sh:ro
+    restart: unless-stopped
+    networks:
+      - gitea
+    depends_on:
+      - gitea
+
+  gitea:
+    image: gitea/gitea:1.22.1
+    container_name: gitea
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+      - GITEA__security__SECRET=${GITEA_SECRET}
+      - GITEA__security__INTERNAL_TOKEN=${GITEA_TOKEN}
+      - GITEA__database__DB_TYPE=${DB_TYPE}
+      - GITEA__database__HOST=database:5432
+      - GITEA__database__NAME=${DB_DATABASE}
+      - GITEA__database__USER=${DB_USER}
+      - GITEA__database__PASSWD=${DB_PASSWORD}
+      - GITEA__mailer__ENABLED=true
+      - GITEA__mailer__FROM=${SMTP_FROM}
+      - GITEA__mailer__PROTOCOL=smtps
+      - GITEA__mailer__SMTP_ADDR=${SMTP_HOST}
+      - GITEA__mailer__SMTP_PORT=${SMTP_PORT}
+      - GITEA__mailer__USER=${SMTP_USER}
+      - GITEA__mailer__PASSWD=${SMTP_PASSWORD}
+      - GITEA__server__LFS_START_SERVER=${GITEA_LFS_ENABLE}
+      - GITEA__server__ROOT_URL=${GITEA_ROOT_URL}
+      - GITEA__server__DOMAIN=${GITEA_HOST}
+      - GITEA__server__DISABLE_HTTP_GIT=${GITEA_DISABLE_HTTP_GIT}
+      - GITEA__server__SSH_DOMAIN=${GITEA_SSH_HOST}
+    depends_on:
+      - database
+    restart: always
+    networks:
+      - gitea
+      - nginx-network
+    volumes:
+      - ./gitea/data:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "3000:3000"
+      - "222:22"
+
+  database:
+    image: postgres:16.4
+    restart: always
+    networks:
+      - gitea    
+    environment:
+      - POSTGRES_DB=${DB_DATABASE}
+      - POSTGRES_USER=${DB_USER}
+      - POSTGRES_PASSWORD=${DB_PASSWORD}
+    volumes:
+      - ./postgres/data:/var/lib/postgresql/data
+
+networks:
+  gitea:
+    driver: bridge
+  nginx-network:
+    external: true