move storage to s3 (b2)

This commit is contained in:
Gregory Burd 2023-10-18 11:15:41 -04:00
parent c972c01bf6
commit bf6841b34b
2 changed files with 75 additions and 1 deletions

58
forgejo/README.md Normal file
View file

@ -0,0 +1,58 @@
# Forgejo (was: Gitea)
This deploys the Forgejo git hosting software on Fly.io.
## Installation
1. Clone this repository
1. `fly launch`, follow the prompts
1. Select `n` when it asks if you want to deploy
1. Create a volume in a region of your choice: `fly volumes create data --size 50 --region ord`
1. Generate, and store securely, you secrets:
```shell
fly secrets set \
"GITEA__security__SECRET_KEY=$(openssl rand -hex 12)" \
"GITEA__security__INTERNAL_TOKEN=$(openssl rand -hex 12)"
```
1. For S3 storage you'll need to add two more secrets:
```shell
fly secrets set "GITEA__storage__MINIO_ACCESS_KEY_ID=[redacted]"
fly secrets set "GITEA__storage__MINIO_SECRET_ACCESS_KEY=[redacted]"
```
1. Deploy, `fly deploy --remote-only`
1. Setup DNS with your registrar, you must have either CNAME or A/AAAA records
set. See: https://fly.io/docs/app-guides/custom-domains-with-fly/
1. Create certificate for Fly's automatic TLS termination. `fly certs create git.example.com`
1. Opens an SSH session to the running container. `fly ssh console`
1. In the SSH session in the container, run: `su git` and then
```shell
gitea admin user create \
--username MYNAME \
--email MYEMAIL@example.com \
--admin \
--random-password \
--must-change-password
```
## Proxy the GUI to localhost
1. Forward container port 3000 to localhost:3000 `fly proxy 3000:3000`
## Get Connected using WireGuard (VPN)
1. Create a WireGuard peer with `fly wireguard create`
1. Setup WireGuard with generated config
1. `fly ips private` to get the IP of your Daemon
1. Set the `DOCKER_HOST` env variable using that IP:
```
export DOCKER_HOST=tcp://[fdaa:0:5d2:a7b:81:0:26d4:2]:2375
```
# Final Step
1. Delete the Docker Engine from your local system.
1. You probably want to scale your remote Daemon: `fly scale vm dedicated-cpu-2x`
# NOTES:
* https://blog.luketurner.org/posts/gitea-on-fly/

View file

@ -25,15 +25,31 @@ kill_timeout = "5s"
GITEA__mailer__SUBJECT_PREFIX = "git.burd.me"
GITEA__security__INSTALL_LOCK = "true"
GITEA__server__DOMAIN = "git.burd.me"
GITEA__server__LANDING_PAGE = "/greg"
GITEA__server__ROOT_URL = "https://git.burd.me"
GITEA__server__SSH_DOMAIN = "git.burd.me"
GITEA__service__DEFAULT_KEEP_EMAIL_PRIVATE = "true"
GITEA__service__DEFAULT_USER_IS_RESTRICTED = "true"
GITEA__service__DISABLE_REGISTRATION = "false"
GITEA__service__DISABLE_REGISTRATION = "true" # NOTE: should be uncomment once you have created your first user
GITEA__service__REGISTER_EMAIL_CONFIRM = "false"
GITEA__service__REGISTER_MANUAL_CONFIRM = "true"
"GITEA__ui.meta__AUTHOR" = "git.burd.me: Git for us"
GITEA__ui__DEFAULT_THEME = "forgejo-auto"
# GITEA__log__MODE = "console"
# GITEA__log__LEVEL = "trace"
# GITEA__log__REDIRECT_MACARON_LOG = "true"
# GITEA__log__MACARON = "console"
# GITEA__log__ROUTER = "console"
# GITEA__log__ROOT_PATH = "/data/gitea/log"
# Storage in S3 bucket
# NOTE: MINIO_BASE_PATH must *not* be set in the [storage] section.
GITEA__storage__STORAGE_TYPE = "minio"
GITEA__storage__MINIO_USE_SSL = "true"
GITEA__storage__MINIO_ENDPOINT = "s3.us-west-000.backblazeb2.com"
# GITEA__storage__MINIO_ACCESS_KEY_ID = [use fly secrets set ..., see README.md]
# GITEA__storage__MINIO_SECRET_ACCESS_KEY = [use fly secrets set ..., see README.md]
GITEA__storage__MINIO_BUCKET = "burd-infra-forgejo-4276-a538"
GITEA__storage__MINIO_LOCATION = "us-west-000"
[[mounts]]
source = "gitea_data"