Add gitea config running on port 30000

TODO.md

@@ -2,8 +2,10 @@
 
 - [ ] Update Readme (CI, Git, plantuml, etc.)
 - [ ] Split `docker/web/docker-compose.yaml` into different configs (e.g. `web`, `gitlab`, `drone`) using the same network
-- [ ] Use `/var/lib/pbri/docker/...` instead of Docker volumes (makes backups easier)
+- [x] Use `/var/lib/pbri/docker/...` instead of Docker volumes (makes backups easier)
     - [x] Make it inaccessible to anyone but root (`-rw------`)
 - [x] Add [Drone runner](https://docs.drone.io/runner/docker/installation/linux/)
 - [ ] Figure out how to dependably store `.env` files (Ansible vault? Something else?)
 - [ ] Check out docker swarm and current best practices for Ansible
+- [ ] Use Gitea instead of GitLab
+- [ ] Add drone exec runner for Nix builds with shared `/nix`

ansible/README.md

@@ -20,12 +20,12 @@ Sets up:
 
 ## `misc-docker.yaml`
 
-- Deploys Docker configurations from `../docker`
+Deploys Docker configurations from `../docker`:
+
+- Copies configuration into `/etc/pbri/docker`
+- Creates folder `/var/lib/pbri/docker` for storing application files
+- Creates users with `42xxx` UIDs for running containers
 
 ## `misc-sites.yaml`
 
 Checks out static sites into `/home/paul/Sites` which is mounted into `/srv` in the Caddy container.
-
-## `misc-backup.yaml`
-
-Backs up relevant Docker volumes.

ansible/misc-docker.yaml

@@ -26,15 +26,25 @@
         debug: yes
       loop:
         - name: web
-          state: present
+          state: absent
         - name: runner
           state: absent
-    - name: Add jupyter user with UID 42000
+        - name: gitea
+          state: present
+    - name: Add users for running containers
       become: yes
       ansible.builtin.user:
-        name: jupyter
+        name: "{{ item.name }}"
+        uid: "{{ item.uid }}"
+        create_home: no
+        state: present
+      loop:
+        - name: jupyter
           uid: 42000
           state: present
+        - name: gitea
+          uid: 42001
+          state: present
     - name: Add Notebooks folder
       become: yes
       ansible.builtin.file:

docker/gitea/docker-compose.yaml

@@ -0,0 +1,57 @@
+version: "3"
+
+services:
+  gitea:
+    image: gitea/gitea:1.17.1
+    restart: always
+    environment:
+      USER: gitea
+      USER_UID: 42001
+      USER_GID: 42001
+      GITEA__server__DOMAIN: pbrinkmeier.de
+      GITEA__server__HTTP_PORT: 3000
+      GITEA__server__ROOT_URL: http://pbrinkmeier.de:30000/
+      GITEA__server__SSH_DOMAIN: pbrinkmeier.de
+      GITEA__server__SSH_LISTEN_PORT: 3000
+      GITEA__server__SSH_PORT: 30001
+      GITEA__server__OFFLINE_MODE: "true"
+      GITEA__database__DB_TYPE: postgres
+      GITEA__database__HOST: gitea_db:5432
+      GITEA__database__NAME: gitea
+      GITEA__database__USER: gitea
+      GITEA__database__PASSWD: "${GITEA_DB_PASSWORD}"
+      GITEA__picture__DISABLE_GRAVATAR: "true"
+      GITEA__picture__FEDERATED_AVATAR: "false"
+      GITEA__service__DISABLE_REGISTRATION: "true"
+      GITEA__service__REGISTER_EMAIL_CONFIRM: "true"
+      GITEA__service__ENABLE_NOTIFY_MAIL: "true"
+      GITEA__service__NOREPLY_ADDRESS: noreply.pbrinkmeier.de
+      GITEA__service__ENABLE_TIMETRACKING: "false"
+      GITEA__service__DEFAULT_ENABLE_TIMETRACKING: "false"
+      GITEA__service__DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME: "false"
+      GITEA__mailer__ENABLED: "true"
+      GITEA__mailer__HOST: smtp.mailbox.org:465
+      GITEA__mailer__FROM: git@pbrinkmeier.de
+      GITEA__mailer__USER: hallo@pbrinkmeier.de
+      GITEA__mailer__PASSWD: "${GITEA_SMTP_PASSWORD}"
+      GITEA__openid__ENABLE_OPENID_SIGNIN: "false"
+      GITEA__openid__ENABLE_OPENID_SIGNUP: "false"
+    volumes:
+      - /var/lib/pbri/docker/gitea:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "30000:3000"
+      - "30001:22"
+    depends_on:
+      - gitea_db
+
+  gitea_db:
+    image: postgres:14.5-alpine
+    restart: always
+    environment:
+      POSTGRES_DB: gitea
+      POSTGRES_USER: gitea
+      POSTGRES_PASSWORD: "${GITEA_DB_PASSWORD}"
+    volumes:
+      - /var/lib/pbri/docker/gitea_db:/var/lib/postgresql/data