Initial sanitized deployment snapshot

2026-03-21 07:13:57 +00:00
commit 93bb867c3f
8 changed files with 1718 additions and 0 deletions
--- a/git-kc/env.template
+++ b/git-kc/env.template
@@ -0,0 +1,52 @@
+# Draft target path on vps.git: ~/git-kc/.env
+# Fill all placeholders before first docker compose up.
+
+COMPOSE_PROJECT_NAME=git-kc
+DOCKER_NETWORK_NAME=git-kc-net
+TZ=UTC
+
+# Images (pin versions; do not use latest)
+MYSQL_IMAGE=mysql:8.0.45
+GITEA_IMAGE=gitea/gitea:1.22.4
+KEYCLOAK_IMAGE=quay.io/keycloak/keycloak:26.0.6
+
+# Host bindings
+GITEA_HOST_BIND=localhost
+GITEA_HTTP_PORT=3000
+KEYCLOAK_HOST_BIND=localhost
+KEYCLOAK_HTTP_PORT=8080
+
+# Gitea container runtime user
+# Replace with: id -u git / id -g git on vps.git
+GITEA_UID=1001
+GITEA_GID=1001
+
+# MySQL root
+MYSQL_ROOT_PASSWORD=REPLACE_WITH_STRONG_ROOT_PASSWORD
+
+# Planned logical DB layout inside the single MySQL instance
+MYSQL_GITEA_DATABASE=<gitea_db>
+MYSQL_GITEA_USER=gitea
+MYSQL_GITEA_PASSWORD=REPLACE_WITH_STRONG_GITEA_DB_PASSWORD
+MYSQL_KEYCLOAK_DATABASE=<keycloak_db>
+MYSQL_KEYCLOAK_USER=keycloak
+MYSQL_KEYCLOAK_PASSWORD=REPLACE_WITH_STRONG_KEYCLOAK_DB_PASSWORD
+
+# Keycloak DB connection
+KC_DB_URL_HOST=mysql
+KC_DB_URL_PORT=3306
+KC_DB_URL_DATABASE=<keycloak_db>
+KC_DB_USERNAME=keycloak
+KC_DB_PASSWORD=REPLACE_WITH_STRONG_KEYCLOAK_DB_PASSWORD
+
+# Keycloak external hostname
+KC_HOSTNAME=login.hangman-lab.top
+
+# Bootstrap admin for first start on empty <keycloak_db>
+# Keep these temporary and rotate/remove after cutover verification if desired.
+KC_BOOTSTRAP_ADMIN_USERNAME=admin
+KC_BOOTSTRAP_ADMIN_PASSWORD=REPLACE_WITH_TEMP_BOOTSTRAP_ADMIN_PASSWORD
+
+# Helpful references (not consumed directly by compose, but useful in ops docs)
+GITEA_EXTERNAL_URL=https://git.hangman-lab.top/
+KEYCLOAK_EXTERNAL_URL=https://login.hangman-lab.top/