orion/HangmanLab.Server.T0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
93bb867c3fc197668bbfb145bb9ce147877e2470
HangmanLab.Server.T0/git-kc/compose.yaml

113 lines
3.1 KiB
YAML
Raw Blame History

# Draft target path on vps.git: ~/git-kc/compose.yaml
# Notes:
# - Keep nginx on the host.
# - Keep MySQL private inside the Docker network.
# - First migration run: Keycloak uses --import-realm.
# After successful import, you may remove --import-realm for steady-state.
# - This draft assumes Gitea SSH is disabled for phase 1.
services:
mysql:
image: ${MYSQL_IMAGE}
container_name: git-kc-mysql
restart: unless-stopped
env_file:
- .env
environment:
TZ: ${TZ}
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
command:
- --character-set-server=utf8mb4
- --collation-server=utf8mb4_0900_ai_ci
- --default-authentication-plugin=caching_sha2_password
- --skip-name-resolve
volumes:
- ./mysql/data:/var/lib/mysql
- ./mysql/init:/docker-entrypoint-initdb.d:ro
healthcheck:
test: ["CMD-SHELL", "mysqladmin ping -uroot -p$$MYSQL_ROOT_PASSWORD --silent"]
interval: 10s
timeout: 5s
retries: 12
start_period: 20s
networks:
- git-kc-net
gitea:
image: ${GITEA_IMAGE}
container_name: git-kc-gitea
restart: unless-stopped
depends_on:
mysql:
condition: service_healthy
env_file:
- .env
user: "${GITEA_UID}:${GITEA_GID}"
environment:
TZ: ${TZ}
USER_UID: ${GITEA_UID}
USER_GID: ${GITEA_GID}
HOME: /home/git
GITEA_WORK_DIR: /var/lib/gitea
GITEA_CUSTOM: /var/lib/gitea/custom
working_dir: /var/lib/gitea
command: ["gitea", "web", "--config", "/etc/gitea/app.ini"]
ports:
- "${GITEA_HOST_BIND}:${GITEA_HTTP_PORT}:3000"
volumes:
- /var/lib/gitea:/var/lib/gitea
- /home/git:/home/git
- ./gitea/app.ini:/etc/gitea/app.ini:ro
healthcheck:
test: ["CMD-SHELL", "wget -q -O /dev/null http://localhost:3000/ || exit 1"]
interval: 15s
timeout: 5s
retries: 10
start_period: 30s
networks:
- git-kc-net
keycloak:
image: ${KEYCLOAK_IMAGE}
container_name: git-kc-keycloak
restart: unless-stopped
depends_on:
mysql:
condition: service_healthy
env_file:
- .env
environment:
TZ: ${TZ}
KC_DB: mysql
KC_DB_URL_HOST: ${KC_DB_URL_HOST}
KC_DB_URL_PORT: ${KC_DB_URL_PORT}
KC_DB_URL_DATABASE: ${KC_DB_URL_DATABASE}
KC_DB_USERNAME: ${KC_DB_USERNAME}
KC_DB_PASSWORD: ${KC_DB_PASSWORD}
KC_HOSTNAME: ${KC_HOSTNAME}
KC_HTTP_ENABLED: "true"
KC_PROXY_HEADERS: xforwarded
KC_HEALTH_ENABLED: "true"
KC_METRICS_ENABLED: "true"
KC_BOOTSTRAP_ADMIN_USERNAME: ${KC_BOOTSTRAP_ADMIN_USERNAME}
KC_BOOTSTRAP_ADMIN_PASSWORD: ${KC_BOOTSTRAP_ADMIN_PASSWORD}
command:
- start
ports:
- "${KEYCLOAK_HOST_BIND}:${KEYCLOAK_HTTP_PORT}:8080"
volumes:
- ./keycloak/import:/opt/keycloak/data/import:ro
healthcheck:
test: ["CMD-SHELL", "bash -c 'exec 3<>/dev/tcp/localhost/8080' && exit 0 || exit 1"]
interval: 15s
timeout: 5s
retries: 20
start_period: 45s
networks:
- git-kc-net
networks:
git-kc-net:
name: ${DOCKER_NETWORK_NAME}
driver: bridge
Reference in New Issue View Git Blame Copy Permalink