move storage to s3 (b2)
This commit is contained in:
parent
c972c01bf6
commit
bf6841b34b
2 changed files with 75 additions and 1 deletions
58
forgejo/README.md
Normal file
58
forgejo/README.md
Normal file
|
@ -0,0 +1,58 @@
|
||||||
|
# Forgejo (was: Gitea)
|
||||||
|
|
||||||
|
This deploys the Forgejo git hosting software on Fly.io.
|
||||||
|
|
||||||
|
## Installation
|
||||||
|
|
||||||
|
1. Clone this repository
|
||||||
|
1. `fly launch`, follow the prompts
|
||||||
|
1. Select `n` when it asks if you want to deploy
|
||||||
|
1. Create a volume in a region of your choice: `fly volumes create data --size 50 --region ord`
|
||||||
|
1. Generate, and store securely, you secrets:
|
||||||
|
```shell
|
||||||
|
fly secrets set \
|
||||||
|
"GITEA__security__SECRET_KEY=$(openssl rand -hex 12)" \
|
||||||
|
"GITEA__security__INTERNAL_TOKEN=$(openssl rand -hex 12)"
|
||||||
|
```
|
||||||
|
1. For S3 storage you'll need to add two more secrets:
|
||||||
|
```shell
|
||||||
|
fly secrets set "GITEA__storage__MINIO_ACCESS_KEY_ID=[redacted]"
|
||||||
|
fly secrets set "GITEA__storage__MINIO_SECRET_ACCESS_KEY=[redacted]"
|
||||||
|
```
|
||||||
|
1. Deploy, `fly deploy --remote-only`
|
||||||
|
1. Setup DNS with your registrar, you must have either CNAME or A/AAAA records
|
||||||
|
set. See: https://fly.io/docs/app-guides/custom-domains-with-fly/
|
||||||
|
1. Create certificate for Fly's automatic TLS termination. `fly certs create git.example.com`
|
||||||
|
1. Opens an SSH session to the running container. `fly ssh console`
|
||||||
|
1. In the SSH session in the container, run: `su git` and then
|
||||||
|
```shell
|
||||||
|
gitea admin user create \
|
||||||
|
--username MYNAME \
|
||||||
|
--email MYEMAIL@example.com \
|
||||||
|
--admin \
|
||||||
|
--random-password \
|
||||||
|
--must-change-password
|
||||||
|
```
|
||||||
|
|
||||||
|
## Proxy the GUI to localhost
|
||||||
|
|
||||||
|
1. Forward container port 3000 to localhost:3000 `fly proxy 3000:3000`
|
||||||
|
|
||||||
|
## Get Connected using WireGuard (VPN)
|
||||||
|
|
||||||
|
1. Create a WireGuard peer with `fly wireguard create`
|
||||||
|
1. Setup WireGuard with generated config
|
||||||
|
1. `fly ips private` to get the IP of your Daemon
|
||||||
|
1. Set the `DOCKER_HOST` env variable using that IP:
|
||||||
|
```
|
||||||
|
export DOCKER_HOST=tcp://[fdaa:0:5d2:a7b:81:0:26d4:2]:2375
|
||||||
|
```
|
||||||
|
|
||||||
|
# Final Step
|
||||||
|
|
||||||
|
1. Delete the Docker Engine from your local system.
|
||||||
|
1. You probably want to scale your remote Daemon: `fly scale vm dedicated-cpu-2x`
|
||||||
|
|
||||||
|
# NOTES:
|
||||||
|
|
||||||
|
* https://blog.luketurner.org/posts/gitea-on-fly/
|
|
@ -25,15 +25,31 @@ kill_timeout = "5s"
|
||||||
GITEA__mailer__SUBJECT_PREFIX = "git.burd.me"
|
GITEA__mailer__SUBJECT_PREFIX = "git.burd.me"
|
||||||
GITEA__security__INSTALL_LOCK = "true"
|
GITEA__security__INSTALL_LOCK = "true"
|
||||||
GITEA__server__DOMAIN = "git.burd.me"
|
GITEA__server__DOMAIN = "git.burd.me"
|
||||||
|
GITEA__server__LANDING_PAGE = "/greg"
|
||||||
GITEA__server__ROOT_URL = "https://git.burd.me"
|
GITEA__server__ROOT_URL = "https://git.burd.me"
|
||||||
GITEA__server__SSH_DOMAIN = "git.burd.me"
|
GITEA__server__SSH_DOMAIN = "git.burd.me"
|
||||||
GITEA__service__DEFAULT_KEEP_EMAIL_PRIVATE = "true"
|
GITEA__service__DEFAULT_KEEP_EMAIL_PRIVATE = "true"
|
||||||
GITEA__service__DEFAULT_USER_IS_RESTRICTED = "true"
|
GITEA__service__DEFAULT_USER_IS_RESTRICTED = "true"
|
||||||
GITEA__service__DISABLE_REGISTRATION = "false"
|
GITEA__service__DISABLE_REGISTRATION = "true" # NOTE: should be uncomment once you have created your first user
|
||||||
GITEA__service__REGISTER_EMAIL_CONFIRM = "false"
|
GITEA__service__REGISTER_EMAIL_CONFIRM = "false"
|
||||||
GITEA__service__REGISTER_MANUAL_CONFIRM = "true"
|
GITEA__service__REGISTER_MANUAL_CONFIRM = "true"
|
||||||
"GITEA__ui.meta__AUTHOR" = "git.burd.me: Git for us"
|
"GITEA__ui.meta__AUTHOR" = "git.burd.me: Git for us"
|
||||||
GITEA__ui__DEFAULT_THEME = "forgejo-auto"
|
GITEA__ui__DEFAULT_THEME = "forgejo-auto"
|
||||||
|
# GITEA__log__MODE = "console"
|
||||||
|
# GITEA__log__LEVEL = "trace"
|
||||||
|
# GITEA__log__REDIRECT_MACARON_LOG = "true"
|
||||||
|
# GITEA__log__MACARON = "console"
|
||||||
|
# GITEA__log__ROUTER = "console"
|
||||||
|
# GITEA__log__ROOT_PATH = "/data/gitea/log"
|
||||||
|
# Storage in S3 bucket
|
||||||
|
# NOTE: MINIO_BASE_PATH must *not* be set in the [storage] section.
|
||||||
|
GITEA__storage__STORAGE_TYPE = "minio"
|
||||||
|
GITEA__storage__MINIO_USE_SSL = "true"
|
||||||
|
GITEA__storage__MINIO_ENDPOINT = "s3.us-west-000.backblazeb2.com"
|
||||||
|
# GITEA__storage__MINIO_ACCESS_KEY_ID = [use fly secrets set ..., see README.md]
|
||||||
|
# GITEA__storage__MINIO_SECRET_ACCESS_KEY = [use fly secrets set ..., see README.md]
|
||||||
|
GITEA__storage__MINIO_BUCKET = "burd-infra-forgejo-4276-a538"
|
||||||
|
GITEA__storage__MINIO_LOCATION = "us-west-000"
|
||||||
|
|
||||||
[[mounts]]
|
[[mounts]]
|
||||||
source = "gitea_data"
|
source = "gitea_data"
|
||||||
|
|
Loading…
Reference in a new issue