From 62813a17afc607cab0a810571ffc1007462bc222 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 20 Jun 2025 17:18:56 +0300 Subject: [PATCH 01/28] fix --- .deploy-infra/deploy-prod.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 887f027..0634921 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -67,6 +67,13 @@ services: constraints: [node.labels.stage == production] update_config: parallelism: 1 + resources: + limits: + memory: 1024M + cpus: '1.0' + reservations: + memory: 512M + cpus: '0.50' postgres: image: postgres:14-alpine3.19 From e486a81e4fda378ab843bb7e0cd1cd3a878ce4b5 Mon Sep 17 00:00:00 2001 From: emmatveev Date: Fri, 20 Jun 2025 17:29:33 +0300 Subject: [PATCH 02/28] Update .deploy-infra/deploy-prod.yaml --- .deploy-infra/deploy-prod.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 0634921..263f53b 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -69,11 +69,11 @@ services: parallelism: 1 resources: limits: + memory: 2048M + cpus: '2.0' + reservations: memory: 1024M cpus: '1.0' - reservations: - memory: 512M - cpus: '0.50' postgres: image: postgres:14-alpine3.19 From cafd2be45a70e4bf010ff456de86978fb99849d7 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Thu, 10 Jul 2025 18:11:44 +0300 Subject: [PATCH 03/28] fix --- .deploy-infra/deploy-prod.yaml | 16 ++++++++++++++++ prepare/run-production.sh | 2 ++ 2 files changed, 18 insertions(+) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 263f53b..8a0868c 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -26,6 +26,22 @@ services: update_config: parallelism: 1 # order: start-first + + authelia: + image: authelia/authelia + networks: + - commom-infra-nginx + volumes: + - '/sprint-data/authelia:/config' + deploy: + mode: replicated + replicas: 1 + restart_policy: + condition: any + placement: + constraints: [node.labels.stage == production] + update_config: + parallelism: 1 grafana: image: grafana/grafana diff --git a/prepare/run-production.sh b/prepare/run-production.sh index 7e3d074..3a3226b 100644 --- a/prepare/run-production.sh +++ b/prepare/run-production.sh @@ -16,6 +16,8 @@ mkdir /sprint-data/certs || true mkdir /sprint-data/gitea || true mkdir /sprint-data/clickhouse || true mkdir /sprint-data/grafana || true +mkdir /sprint-data/authelia || true +chmod 777 /sprint-data/authelia chmod 777 /sprint-data/redis chmod 777 /sprint-data/rabbitmq chmod 777 /sprint-data/gitea From 08868f43887d45a7167dfa1c365775eba50e37a4 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Thu, 10 Jul 2025 18:18:29 +0300 Subject: [PATCH 04/28] fix --- .deploy-infra/deploy-prod.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 8a0868c..499d22e 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -30,7 +30,7 @@ services: authelia: image: authelia/authelia networks: - - commom-infra-nginx + - common-infra-nginx volumes: - '/sprint-data/authelia:/config' deploy: From 20fed38b6a804df10c9a310a68ab87f980e1b259 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Thu, 10 Jul 2025 18:43:01 +0300 Subject: [PATCH 05/28] fix --- .deploy-infra/deploy-prod.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 499d22e..73c2f4c 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -31,6 +31,11 @@ services: image: authelia/authelia networks: - common-infra-nginx + environment: + AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE: '/run/secrets/JWT_SECRET' + AUTHELIA_SESSION_SECRET_FILE: '/run/secrets/SESSION_SECRET' + AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: '/run/secrets/STORAGE_PASSWORD' + AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: '/run/secrets/STORAGE_ENCRYPTION_KEY' volumes: - '/sprint-data/authelia:/config' deploy: From d339eb1d2a48ef59662d8f4675c2ecaf665ed383 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 19:50:10 +0300 Subject: [PATCH 06/28] fix --- .deploy-infra/deploy-prod.yaml | 8 +++----- .gitea/workflows/deploy-prod.yaml | 2 ++ prepare/run-production.sh | 4 ++++ 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 73c2f4c..8a3c6e2 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -32,12 +32,10 @@ services: networks: - common-infra-nginx environment: - AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE: '/run/secrets/JWT_SECRET' - AUTHELIA_SESSION_SECRET_FILE: '/run/secrets/SESSION_SECRET' - AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: '/run/secrets/STORAGE_PASSWORD' - AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: '/run/secrets/STORAGE_ENCRYPTION_KEY' + AUTHELIA_STORAGE_PASSWORD: $DB_PASSWORD_PROD volumes: - - '/sprint-data/authelia:/config' + - /sprint-data/authelia/config:/config + - /sprint-data/authelia/data:/var/lib/authelia deploy: mode: replicated replicas: 1 diff --git a/.gitea/workflows/deploy-prod.yaml b/.gitea/workflows/deploy-prod.yaml index 5a3e0d5..f218c52 100644 --- a/.gitea/workflows/deploy-prod.yaml +++ b/.gitea/workflows/deploy-prod.yaml @@ -68,4 +68,6 @@ jobs: REDIS_PASSWORD_PROD: ${{ secrets.REDIS_PASSWORD_PROD }} RABBITMQ_PASSWORD_PROD: ${{ secrets.RABBITMQ_PASSWORD_PROD }} REGISTRATION_TOKEN: ${{ secrets.REGISTRATION_TOKEN }} + AUTHTHELIA_JWT_SECRET: ${{ secrets.AUTHTHELIA_JWT_SECRET }} + AUTHTHELIA_SESSION_SECRET: ${{ secrets.AUTHTHELIA_SESSION_SECRET }} run: docker stack deploy --with-registry-auth -c ./.deploy-infra/deploy-prod.yaml infra diff --git a/prepare/run-production.sh b/prepare/run-production.sh index 3a3226b..f53e82d 100644 --- a/prepare/run-production.sh +++ b/prepare/run-production.sh @@ -17,7 +17,11 @@ mkdir /sprint-data/gitea || true mkdir /sprint-data/clickhouse || true mkdir /sprint-data/grafana || true mkdir /sprint-data/authelia || true +mkdir /sprint-data/authelia/config || true +mkdir /sprint-data/authelia/data || true chmod 777 /sprint-data/authelia +chmod 777 /sprint-data/authelia/config +chmod 777 /sprint-data/authelia/data chmod 777 /sprint-data/redis chmod 777 /sprint-data/rabbitmq chmod 777 /sprint-data/gitea From dc9a4c78fb1a46b6b2f261975f7b1f80c5e7374c Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 19:56:41 +0300 Subject: [PATCH 07/28] fix --- .deploy-infra/deploy-prod.yaml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 8a3c6e2..1c8a1f6 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -32,7 +32,21 @@ services: networks: - common-infra-nginx environment: - AUTHELIA_STORAGE_PASSWORD: $DB_PASSWORD_PROD + AUTHELIA_JWT_SECRET: $AUTHTHELIA_JWT_SECRET + AUTHELIA_SESSION_SECRET: $AUTHTHELIA_SESSION_SECRET + AUTHELIA_STORAGE_POSTGRES_HOST: "postgres" + AUTHELIA_STORAGE_POSTGRES_PORT: "5432" + AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia" + AUTHELIA_STORAGE_POSTGRES_USERNAME: "postgres" + AUTHELIA_STORAGE_POSTGRES_PASSWORD: $DB_PASSWORD_PROD + AUTHELIA_AUTHENTICATION_BACKEND_FILE_USERS_0_USERNAME: "emmatveev" + AUTHELIA_AUTHENTICATION_BACKEND_FILE_USERS_0_PASSWORD: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE" + AUTHELIA_AUTHENTICATION_BACKEND_FILE_USERS_0_DISPLAYNAME: "Egor Matveev" + AUTHELIA_AUTHENTICATION_BACKEND_FILE_USERS_0_EMAIL: "emmtvv@gmail.com" + AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: "one_factor" + AUTHELIA_ACCESS_CONTROL_RULES_0_DOMAIN_0: "*.chocomarsh.com" + AUTHELIA_ACCESS_CONTROL_RULES_0_POLICY: "one_factor" + AUTHELIA_NOTIFIER_SMTP_ENABLED: "false" volumes: - /sprint-data/authelia/config:/config - /sprint-data/authelia/data:/var/lib/authelia From 4b5dd750dd10ade5e3a74dd110c948da6b82441f Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 20:23:46 +0300 Subject: [PATCH 08/28] fix --- .deploy-infra/deploy-prod.yaml | 8 +----- .gitea/workflows/deploy-prod.yaml | 4 +++ authelia/Dockerfile | 2 ++ authelia/configuration.yml | 42 +++++++++++++++++++++++++++++++ 4 files changed, 49 insertions(+), 7 deletions(-) create mode 100644 authelia/Dockerfile create mode 100644 authelia/configuration.yml diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 1c8a1f6..2f5aa4d 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -28,7 +28,7 @@ services: # order: start-first authelia: - image: authelia/authelia + image: mathwave/sprint-repo:authelia networks: - common-infra-nginx environment: @@ -39,13 +39,7 @@ services: AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia" AUTHELIA_STORAGE_POSTGRES_USERNAME: "postgres" AUTHELIA_STORAGE_POSTGRES_PASSWORD: $DB_PASSWORD_PROD - AUTHELIA_AUTHENTICATION_BACKEND_FILE_USERS_0_USERNAME: "emmatveev" - AUTHELIA_AUTHENTICATION_BACKEND_FILE_USERS_0_PASSWORD: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE" - AUTHELIA_AUTHENTICATION_BACKEND_FILE_USERS_0_DISPLAYNAME: "Egor Matveev" - AUTHELIA_AUTHENTICATION_BACKEND_FILE_USERS_0_EMAIL: "emmtvv@gmail.com" AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: "one_factor" - AUTHELIA_ACCESS_CONTROL_RULES_0_DOMAIN_0: "*.chocomarsh.com" - AUTHELIA_ACCESS_CONTROL_RULES_0_POLICY: "one_factor" AUTHELIA_NOTIFIER_SMTP_ENABLED: "false" volumes: - /sprint-data/authelia/config:/config diff --git a/.gitea/workflows/deploy-prod.yaml b/.gitea/workflows/deploy-prod.yaml index f218c52..6788402 100644 --- a/.gitea/workflows/deploy-prod.yaml +++ b/.gitea/workflows/deploy-prod.yaml @@ -21,6 +21,8 @@ jobs: run: docker build -t mathwave/sprint-repo:sprint-infra-nginx-prod nginx/nginx-prod - name: build gitea runner run: docker build -t mathwave/sprint-repo:gitea-runner gitea-runner + - name: build authelia + run: docker build -t mathwave/sprint-repo:authelia authelia push: name: Push runs-on: [ prod ] @@ -30,6 +32,8 @@ jobs: run: docker push mathwave/sprint-repo:sprint-infra-nginx-prod - name: push gitea runner run: docker push mathwave/sprint-repo:gitea-runner + - name: push authelia + run: docker push mathwave/sprint-repo:authelia prepare: name: prepare runs-on: [prod] diff --git a/authelia/Dockerfile b/authelia/Dockerfile new file mode 100644 index 0000000..2b3a2d3 --- /dev/null +++ b/authelia/Dockerfile @@ -0,0 +1,2 @@ +FROM authelia/authelia +COPY configuration.yml /config/configuration.yml \ No newline at end of file diff --git a/authelia/configuration.yml b/authelia/configuration.yml new file mode 100644 index 0000000..f502de9 --- /dev/null +++ b/authelia/configuration.yml @@ -0,0 +1,42 @@ +theme: dark + +jwt_secret: secret-jwt-will-be-overridden-by-env +default_redirection_url: https://auth.chocomarsh.com + +server: + host: 0.0.0.0 + port: 9091 + +log: + level: info + +authentication_backend: + file: + users: + emmatveev: + password: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE" + displayname: "Egor Matveev" + email: emmtvv@gmail.com + +access_control: + default_policy: one_factor + rules: + - domain: "*.chocomarsh.com" + policy: one_factor + +session: + name: authelia_session + expiration: 1h + inactivity: 5m + remember_me_duration: 1w + cookies: + - domain: chocomarsh.com + authelia_url: https://auth.chocomarsh.com + +storage: + postgres: + address: tcp://pg.chocomarsh.com:5432 + database: authelia + schema: public + username: postgres + password: autheliapass # also override with env if preferred From 3a073fd7c9a99a1fe46deb262ef4119e5a1e8365 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 20:35:56 +0300 Subject: [PATCH 09/28] fix --- .deploy-infra/deploy-prod.yaml | 1 + .gitea/workflows/deploy-prod.yaml | 1 + authelia/configuration.yml | 1 + 3 files changed, 3 insertions(+) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 2f5aa4d..d0dcbd8 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -34,6 +34,7 @@ services: environment: AUTHELIA_JWT_SECRET: $AUTHTHELIA_JWT_SECRET AUTHELIA_SESSION_SECRET: $AUTHTHELIA_SESSION_SECRET + AUTHELIA_STORAGE_ENCRYPTION_KEY: $AUTHELIA_STORAGE_ENCRYPTION_KEY AUTHELIA_STORAGE_POSTGRES_HOST: "postgres" AUTHELIA_STORAGE_POSTGRES_PORT: "5432" AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia" diff --git a/.gitea/workflows/deploy-prod.yaml b/.gitea/workflows/deploy-prod.yaml index 6788402..5a25d69 100644 --- a/.gitea/workflows/deploy-prod.yaml +++ b/.gitea/workflows/deploy-prod.yaml @@ -74,4 +74,5 @@ jobs: REGISTRATION_TOKEN: ${{ secrets.REGISTRATION_TOKEN }} AUTHTHELIA_JWT_SECRET: ${{ secrets.AUTHTHELIA_JWT_SECRET }} AUTHTHELIA_SESSION_SECRET: ${{ secrets.AUTHTHELIA_SESSION_SECRET }} + AUTHELIA_STORAGE_ENCRYPTION_KEY: ${{ secrets.AUTHELIA_STORAGE_ENCRYPTION_KEY }} run: docker stack deploy --with-registry-auth -c ./.deploy-infra/deploy-prod.yaml infra diff --git a/authelia/configuration.yml b/authelia/configuration.yml index f502de9..9da4d25 100644 --- a/authelia/configuration.yml +++ b/authelia/configuration.yml @@ -34,6 +34,7 @@ session: authelia_url: https://auth.chocomarsh.com storage: + encryption_key: "a_very_long_secret_32_characters_minimum" postgres: address: tcp://pg.chocomarsh.com:5432 database: authelia From a51eecd5536f13b000ebcac19098d208782a7350 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 21:03:22 +0300 Subject: [PATCH 10/28] fix --- authelia/configuration.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/authelia/configuration.yml b/authelia/configuration.yml index 9da4d25..0f47f9a 100644 --- a/authelia/configuration.yml +++ b/authelia/configuration.yml @@ -41,3 +41,7 @@ storage: schema: public username: postgres password: autheliapass # also override with env if preferred + +notifier: + filesystem: + filename: /config/notification.txt \ No newline at end of file From 0635632b13dbe51d123fa543b9f5b8d7d3a594c3 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 21:20:19 +0300 Subject: [PATCH 11/28] fix --- .deploy-infra/deploy-prod.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index d0dcbd8..70a2631 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -43,7 +43,6 @@ services: AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: "one_factor" AUTHELIA_NOTIFIER_SMTP_ENABLED: "false" volumes: - - /sprint-data/authelia/config:/config - /sprint-data/authelia/data:/var/lib/authelia deploy: mode: replicated From 11462e658e42fcadc5912d306fc6e08d9ee29698 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 21:25:11 +0300 Subject: [PATCH 12/28] fix --- authelia/configuration.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/authelia/configuration.yml b/authelia/configuration.yml index 0f47f9a..cb8dd77 100644 --- a/authelia/configuration.yml +++ b/authelia/configuration.yml @@ -36,7 +36,8 @@ session: storage: encryption_key: "a_very_long_secret_32_characters_minimum" postgres: - address: tcp://pg.chocomarsh.com:5432 + host: pg.chocomarsh.com + port: 5432 database: authelia schema: public username: postgres From b12ffd4320dd35366f7b1d2ce80123c66abb228e Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 21:50:00 +0300 Subject: [PATCH 13/28] fix --- authelia/configuration.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/authelia/configuration.yml b/authelia/configuration.yml index cb8dd77..7b27451 100644 --- a/authelia/configuration.yml +++ b/authelia/configuration.yml @@ -14,9 +14,7 @@ authentication_backend: file: users: emmatveev: - password: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE" - displayname: "Egor Matveev" - email: emmtvv@gmail.com + password_hash: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE" access_control: default_policy: one_factor From dbbdece191a481d9fc50a534f289ac7b42a903d3 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 22:07:09 +0300 Subject: [PATCH 14/28] fix --- authelia/configuration.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/authelia/configuration.yml b/authelia/configuration.yml index 7b27451..4511e0c 100644 --- a/authelia/configuration.yml +++ b/authelia/configuration.yml @@ -12,9 +12,6 @@ log: authentication_backend: file: - users: - emmatveev: - password_hash: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE" access_control: default_policy: one_factor @@ -30,6 +27,7 @@ session: cookies: - domain: chocomarsh.com authelia_url: https://auth.chocomarsh.com + default_redirection_url: https://auth.chocomarsh.com storage: encryption_key: "a_very_long_secret_32_characters_minimum" From b1b239a208ace5505657ad51e0606dd3751a2481 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 22:18:44 +0300 Subject: [PATCH 15/28] fix --- authelia/Dockerfile | 3 ++- authelia/configuration.yml | 3 ++- authelia/users.yml | 3 +++ 3 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 authelia/users.yml diff --git a/authelia/Dockerfile b/authelia/Dockerfile index 2b3a2d3..4d57156 100644 --- a/authelia/Dockerfile +++ b/authelia/Dockerfile @@ -1,2 +1,3 @@ FROM authelia/authelia -COPY configuration.yml /config/configuration.yml \ No newline at end of file +COPY configuration.yml /config/configuration.yml +COPY users.yml /config/users.yml \ No newline at end of file diff --git a/authelia/configuration.yml b/authelia/configuration.yml index 4511e0c..532ed6a 100644 --- a/authelia/configuration.yml +++ b/authelia/configuration.yml @@ -12,6 +12,7 @@ log: authentication_backend: file: + path: /config/users.yml access_control: default_policy: one_factor @@ -27,7 +28,7 @@ session: cookies: - domain: chocomarsh.com authelia_url: https://auth.chocomarsh.com - default_redirection_url: https://auth.chocomarsh.com + default_redirection_url: https://login.chocomarsh.com storage: encryption_key: "a_very_long_secret_32_characters_minimum" diff --git a/authelia/users.yml b/authelia/users.yml new file mode 100644 index 0000000..c590c6f --- /dev/null +++ b/authelia/users.yml @@ -0,0 +1,3 @@ +users: + emmatveev: + password: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE" \ No newline at end of file From e4a6d0e05719e62193de3810d23a143c6e9b2c6a Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 22:22:55 +0300 Subject: [PATCH 16/28] fix --- authelia/configuration.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/authelia/configuration.yml b/authelia/configuration.yml index 532ed6a..e73cdc6 100644 --- a/authelia/configuration.yml +++ b/authelia/configuration.yml @@ -1,7 +1,6 @@ theme: dark jwt_secret: secret-jwt-will-be-overridden-by-env -default_redirection_url: https://auth.chocomarsh.com server: host: 0.0.0.0 From 41a063fb51de87cbea63f665f1105def78352d6b Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 22:28:48 +0300 Subject: [PATCH 17/28] fix --- .deploy-infra/deploy-prod.yaml | 1 - authelia/configuration.yml | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 70a2631..51c9a87 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -35,7 +35,6 @@ services: AUTHELIA_JWT_SECRET: $AUTHTHELIA_JWT_SECRET AUTHELIA_SESSION_SECRET: $AUTHTHELIA_SESSION_SECRET AUTHELIA_STORAGE_ENCRYPTION_KEY: $AUTHELIA_STORAGE_ENCRYPTION_KEY - AUTHELIA_STORAGE_POSTGRES_HOST: "postgres" AUTHELIA_STORAGE_POSTGRES_PORT: "5432" AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia" AUTHELIA_STORAGE_POSTGRES_USERNAME: "postgres" diff --git a/authelia/configuration.yml b/authelia/configuration.yml index e73cdc6..7d3d5ff 100644 --- a/authelia/configuration.yml +++ b/authelia/configuration.yml @@ -32,7 +32,7 @@ session: storage: encryption_key: "a_very_long_secret_32_characters_minimum" postgres: - host: pg.chocomarsh.com + host: pg.sprinthub.ru port: 5432 database: authelia schema: public From af5414d0bbf4229ee3891f7602195125a65b2ade Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 22:46:14 +0300 Subject: [PATCH 18/28] fix --- authelia/users.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/authelia/users.yml b/authelia/users.yml index c590c6f..e493d4d 100644 --- a/authelia/users.yml +++ b/authelia/users.yml @@ -1,3 +1,5 @@ users: emmatveev: - password: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE" \ No newline at end of file + password: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE" + displayname: "Egor Matveev" + email: emmtvv@gmail.com \ No newline at end of file From d39421009927dcd9cf30e1c527f5322717da700b Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Sat, 12 Jul 2025 10:09:29 +0300 Subject: [PATCH 19/28] fix --- .deploy-infra/deploy-prod.yaml | 69 ++++++++++++++++++++++------------ 1 file changed, 46 insertions(+), 23 deletions(-) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 51c9a87..7f16546 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -26,32 +26,55 @@ services: update_config: parallelism: 1 # order: start-first - - authelia: - image: mathwave/sprint-repo:authelia + + zitadel: + image: ghcr.io/zitadel/zitadel:latest networks: - common-infra-nginx environment: - AUTHELIA_JWT_SECRET: $AUTHTHELIA_JWT_SECRET - AUTHELIA_SESSION_SECRET: $AUTHTHELIA_SESSION_SECRET - AUTHELIA_STORAGE_ENCRYPTION_KEY: $AUTHELIA_STORAGE_ENCRYPTION_KEY - AUTHELIA_STORAGE_POSTGRES_PORT: "5432" - AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia" - AUTHELIA_STORAGE_POSTGRES_USERNAME: "postgres" - AUTHELIA_STORAGE_POSTGRES_PASSWORD: $DB_PASSWORD_PROD - AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: "one_factor" - AUTHELIA_NOTIFIER_SMTP_ENABLED: "false" - volumes: - - /sprint-data/authelia/data:/var/lib/authelia - deploy: - mode: replicated - replicas: 1 - restart_policy: - condition: any - placement: - constraints: [node.labels.stage == production] - update_config: - parallelism: 1 + ZITADEL_DATABASE_POSTGRES_HOST: pg.sprinthub.ru + ZITADEL_DATABASE_POSTGRES_PORT: 5432 + ZITADEL_DATABASE_POSTGRES_DATABASE: zitadel + ZITADEL_DATABASE_POSTGRES_USER_USERNAME: postgres + ZITADEL_DATABASE_POSTGRES_USER_PASSWORD: $DB_PASSWORD_PROD + ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE: disable + ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME: postgres + ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD: $DB_PASSWORD_PROD + ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE: disable + ZITADEL_EXTERNALSECURE: false + deploy: + mode: replicated + replicas: 1 + restart_policy: + condition: any + update_config: + parallelism: 1 + + # authelia: + # image: mathwave/sprint-repo:authelia + # networks: + # - common-infra-nginx + # environment: + # AUTHELIA_JWT_SECRET: $AUTHTHELIA_JWT_SECRET + # AUTHELIA_SESSION_SECRET: $AUTHTHELIA_SESSION_SECRET + # AUTHELIA_STORAGE_ENCRYPTION_KEY: $AUTHELIA_STORAGE_ENCRYPTION_KEY + # AUTHELIA_STORAGE_POSTGRES_PORT: "5432" + # AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia" + # AUTHELIA_STORAGE_POSTGRES_USERNAME: "postgres" + # AUTHELIA_STORAGE_POSTGRES_PASSWORD: $DB_PASSWORD_PROD + # AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: "one_factor" + # AUTHELIA_NOTIFIER_SMTP_ENABLED: "false" + # volumes: + # - /sprint-data/authelia/data:/var/lib/authelia + # deploy: + # mode: replicated + # replicas: 1 + # restart_policy: + # condition: any + # placement: + # constraints: [node.labels.stage == production] + # update_config: + # parallelism: 1 grafana: image: grafana/grafana From b0284f699b17bcb51dcc08b35035034e3aa3058f Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Sat, 12 Jul 2025 10:12:01 +0300 Subject: [PATCH 20/28] fix --- .deploy-infra/deploy-prod.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 7f16546..1b448bb 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -42,13 +42,13 @@ services: ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD: $DB_PASSWORD_PROD ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE: disable ZITADEL_EXTERNALSECURE: false - deploy: - mode: replicated - replicas: 1 - restart_policy: - condition: any - update_config: - parallelism: 1 + deploy: + mode: replicated + replicas: 1 + restart_policy: + condition: any + update_config: + parallelism: 1 # authelia: # image: mathwave/sprint-repo:authelia From f784e8b45beb6923ba216fbccb323dc961dc6f6a Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Sat, 12 Jul 2025 10:17:07 +0300 Subject: [PATCH 21/28] fix --- .deploy-infra/deploy-prod.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 1b448bb..502ddf1 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -41,7 +41,7 @@ services: ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME: postgres ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD: $DB_PASSWORD_PROD ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE: disable - ZITADEL_EXTERNALSECURE: false + ZITADEL_EXTERNALSECURE: "false" deploy: mode: replicated replicas: 1 From 501769b23483375fb12e0fa27f6fa2d7a47fefb9 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Sat, 12 Jul 2025 10:20:46 +0300 Subject: [PATCH 22/28] fix --- .deploy-infra/deploy-prod.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 502ddf1..bcf5631 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -31,6 +31,7 @@ services: image: ghcr.io/zitadel/zitadel:latest networks: - common-infra-nginx + command: 'start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled' environment: ZITADEL_DATABASE_POSTGRES_HOST: pg.sprinthub.ru ZITADEL_DATABASE_POSTGRES_PORT: 5432 From 557aae3678341c397da8a4a805239c7418ff966a Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Sat, 12 Jul 2025 10:28:05 +0300 Subject: [PATCH 23/28] fix --- .deploy-infra/deploy-prod.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index bcf5631..1b729d1 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -43,6 +43,7 @@ services: ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD: $DB_PASSWORD_PROD ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE: disable ZITADEL_EXTERNALSECURE: "false" + ZITADEL_EXTERNALDOMAIN: zitadel.chocomarsh.com deploy: mode: replicated replicas: 1 From 90b875752ba17ac01d1c68bfe57a689b4f56c921 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Wed, 10 Sep 2025 10:11:00 +0300 Subject: [PATCH 24/28] fix --- nginx/nginx-dev/prepare.py | 2 +- nginx/nginx-prod/prepare.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/nginx/nginx-dev/prepare.py b/nginx/nginx-dev/prepare.py index c0d7946..77e9572 100644 --- a/nginx/nginx-dev/prepare.py +++ b/nginx/nginx-dev/prepare.py @@ -6,7 +6,7 @@ from json import loads minio_client = Minio( - "minio.develop.sprinthub.ru:9000", + "minio.dev.chocomarsh.com:9000", access_key="serviceminioadmin", secret_key=os.getenv("MINIO_SECRET_KEY", "minioadmin"), secure=False, diff --git a/nginx/nginx-prod/prepare.py b/nginx/nginx-prod/prepare.py index 10566b0..e15aa91 100644 --- a/nginx/nginx-prod/prepare.py +++ b/nginx/nginx-prod/prepare.py @@ -6,7 +6,7 @@ from json import loads minio_client = Minio( - "minio.sprinthub.ru:9000", + "minio.chocomarsh.com:9000", access_key="serviceminioadmin", secret_key=os.getenv("MINIO_SECRET_KEY", "minioadmin"), secure=False, From d6669a1d1162443206aaf0753a8c440ee2f730ec Mon Sep 17 00:00:00 2001 From: emmatveev Date: Sun, 14 Sep 2025 23:16:57 +0300 Subject: [PATCH 25/28] Update nginx/nginx-prod/prepare.py --- nginx/nginx-prod/prepare.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx/nginx-prod/prepare.py b/nginx/nginx-prod/prepare.py index 10566b0..e15aa91 100644 --- a/nginx/nginx-prod/prepare.py +++ b/nginx/nginx-prod/prepare.py @@ -6,7 +6,7 @@ from json import loads minio_client = Minio( - "minio.sprinthub.ru:9000", + "minio.chocomarsh.com:9000", access_key="serviceminioadmin", secret_key=os.getenv("MINIO_SECRET_KEY", "minioadmin"), secure=False, From 0877334a4b40ad27a9bbc532e5f8ebcd93e67dfc Mon Sep 17 00:00:00 2001 From: emmatveev Date: Sun, 14 Sep 2025 23:17:22 +0300 Subject: [PATCH 26/28] Update nginx/nginx-dev/prepare.py --- nginx/nginx-dev/prepare.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx/nginx-dev/prepare.py b/nginx/nginx-dev/prepare.py index c0d7946..77e9572 100644 --- a/nginx/nginx-dev/prepare.py +++ b/nginx/nginx-dev/prepare.py @@ -6,7 +6,7 @@ from json import loads minio_client = Minio( - "minio.develop.sprinthub.ru:9000", + "minio.dev.chocomarsh.com:9000", access_key="serviceminioadmin", secret_key=os.getenv("MINIO_SECRET_KEY", "minioadmin"), secure=False, From 5a7d51e253f8f2cf40c4bd750229a460898dad78 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Sun, 14 Sep 2025 23:31:24 +0300 Subject: [PATCH 27/28] fix --- .deploy-infra/deploy-prod.yaml | 51 ------------------------------- .gitea/workflows/deploy-dev.yaml | 2 -- .gitea/workflows/deploy-prod.yaml | 6 ---- authelia/Dockerfile | 3 -- authelia/configuration.yml | 44 -------------------------- authelia/users.yml | 5 --- 6 files changed, 111 deletions(-) delete mode 100644 authelia/Dockerfile delete mode 100644 authelia/configuration.yml delete mode 100644 authelia/users.yml diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 1b729d1..263f53b 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -26,57 +26,6 @@ services: update_config: parallelism: 1 # order: start-first - - zitadel: - image: ghcr.io/zitadel/zitadel:latest - networks: - - common-infra-nginx - command: 'start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled' - environment: - ZITADEL_DATABASE_POSTGRES_HOST: pg.sprinthub.ru - ZITADEL_DATABASE_POSTGRES_PORT: 5432 - ZITADEL_DATABASE_POSTGRES_DATABASE: zitadel - ZITADEL_DATABASE_POSTGRES_USER_USERNAME: postgres - ZITADEL_DATABASE_POSTGRES_USER_PASSWORD: $DB_PASSWORD_PROD - ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE: disable - ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME: postgres - ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD: $DB_PASSWORD_PROD - ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE: disable - ZITADEL_EXTERNALSECURE: "false" - ZITADEL_EXTERNALDOMAIN: zitadel.chocomarsh.com - deploy: - mode: replicated - replicas: 1 - restart_policy: - condition: any - update_config: - parallelism: 1 - - # authelia: - # image: mathwave/sprint-repo:authelia - # networks: - # - common-infra-nginx - # environment: - # AUTHELIA_JWT_SECRET: $AUTHTHELIA_JWT_SECRET - # AUTHELIA_SESSION_SECRET: $AUTHTHELIA_SESSION_SECRET - # AUTHELIA_STORAGE_ENCRYPTION_KEY: $AUTHELIA_STORAGE_ENCRYPTION_KEY - # AUTHELIA_STORAGE_POSTGRES_PORT: "5432" - # AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia" - # AUTHELIA_STORAGE_POSTGRES_USERNAME: "postgres" - # AUTHELIA_STORAGE_POSTGRES_PASSWORD: $DB_PASSWORD_PROD - # AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: "one_factor" - # AUTHELIA_NOTIFIER_SMTP_ENABLED: "false" - # volumes: - # - /sprint-data/authelia/data:/var/lib/authelia - # deploy: - # mode: replicated - # replicas: 1 - # restart_policy: - # condition: any - # placement: - # constraints: [node.labels.stage == production] - # update_config: - # parallelism: 1 grafana: image: grafana/grafana diff --git a/.gitea/workflows/deploy-dev.yaml b/.gitea/workflows/deploy-dev.yaml index 936be64..9677647 100644 --- a/.gitea/workflows/deploy-dev.yaml +++ b/.gitea/workflows/deploy-dev.yaml @@ -19,8 +19,6 @@ jobs: ref: dev - name: build nginx dev run: docker build -t mathwave/sprint-repo:sprint-infra-nginx-dev nginx/nginx-dev - - name: build gitea runner - run: docker build -t mathwave/sprint-repo:gitea-runner gitea-runner push: name: Push runs-on: [ prod ] diff --git a/.gitea/workflows/deploy-prod.yaml b/.gitea/workflows/deploy-prod.yaml index 5a25d69..43502be 100644 --- a/.gitea/workflows/deploy-prod.yaml +++ b/.gitea/workflows/deploy-prod.yaml @@ -21,8 +21,6 @@ jobs: run: docker build -t mathwave/sprint-repo:sprint-infra-nginx-prod nginx/nginx-prod - name: build gitea runner run: docker build -t mathwave/sprint-repo:gitea-runner gitea-runner - - name: build authelia - run: docker build -t mathwave/sprint-repo:authelia authelia push: name: Push runs-on: [ prod ] @@ -32,8 +30,6 @@ jobs: run: docker push mathwave/sprint-repo:sprint-infra-nginx-prod - name: push gitea runner run: docker push mathwave/sprint-repo:gitea-runner - - name: push authelia - run: docker push mathwave/sprint-repo:authelia prepare: name: prepare runs-on: [prod] @@ -58,8 +54,6 @@ jobs: uses: actions/checkout@v4 with: ref: prod - - name: deploy swarmpit - run: docker stack deploy --with-registry-auth -c ./.deploy-swarmpit/deploy-prod.yaml swarmpit - name: deploy portainer run: docker stack deploy --with-registry-auth -c ./.deploy-portainer/deploy-prod.yaml portainer - name: deploy infra diff --git a/authelia/Dockerfile b/authelia/Dockerfile deleted file mode 100644 index 4d57156..0000000 --- a/authelia/Dockerfile +++ /dev/null @@ -1,3 +0,0 @@ -FROM authelia/authelia -COPY configuration.yml /config/configuration.yml -COPY users.yml /config/users.yml \ No newline at end of file diff --git a/authelia/configuration.yml b/authelia/configuration.yml deleted file mode 100644 index 7d3d5ff..0000000 --- a/authelia/configuration.yml +++ /dev/null @@ -1,44 +0,0 @@ -theme: dark - -jwt_secret: secret-jwt-will-be-overridden-by-env - -server: - host: 0.0.0.0 - port: 9091 - -log: - level: info - -authentication_backend: - file: - path: /config/users.yml - -access_control: - default_policy: one_factor - rules: - - domain: "*.chocomarsh.com" - policy: one_factor - -session: - name: authelia_session - expiration: 1h - inactivity: 5m - remember_me_duration: 1w - cookies: - - domain: chocomarsh.com - authelia_url: https://auth.chocomarsh.com - default_redirection_url: https://login.chocomarsh.com - -storage: - encryption_key: "a_very_long_secret_32_characters_minimum" - postgres: - host: pg.sprinthub.ru - port: 5432 - database: authelia - schema: public - username: postgres - password: autheliapass # also override with env if preferred - -notifier: - filesystem: - filename: /config/notification.txt \ No newline at end of file diff --git a/authelia/users.yml b/authelia/users.yml deleted file mode 100644 index e493d4d..0000000 --- a/authelia/users.yml +++ /dev/null @@ -1,5 +0,0 @@ -users: - emmatveev: - password: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE" - displayname: "Egor Matveev" - email: emmtvv@gmail.com \ No newline at end of file From 0ba70d2e60046ecf28ab50e0d53850ea2f1ad8b2 Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Sun, 14 Sep 2025 23:32:16 +0300 Subject: [PATCH 28/28] fix --- .deploy-infra/deploy-dev.yaml | 2 +- .deploy-infra/deploy-prod.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.deploy-infra/deploy-dev.yaml b/.deploy-infra/deploy-dev.yaml index 645b139..8c55fac 100644 --- a/.deploy-infra/deploy-dev.yaml +++ b/.deploy-infra/deploy-dev.yaml @@ -165,7 +165,7 @@ services: - /var/run/docker.sock:/var/run/docker.sock - /sprint-data:/sprint-data environment: - GITEA_INSTANCE_URL: https://gitea.sprinthub.ru/ + GITEA_INSTANCE_URL: https://gitea.chocomarsh.com/ GITEA_RUNNER_REGISTRATION_TOKEN: $REGISTRATION_TOKEN GITEA_RUNNER_NAME: dev GITEA_RUNNER_LABELS: dev diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 263f53b..1d9b497 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -183,7 +183,7 @@ services: USER_UID: 1000 USER_GID: 1000 GITEA__database__DB_TYPE: postgres - GITEA__database__HOST: pg.sprinthub.ru:5432 + GITEA__database__HOST: pg.chocomarsh.com:5432 GITEA__database__NAME: gitea GITEA__database__USER: postgres GITEA__database__PASSWD: $DB_PASSWORD_PROD @@ -203,7 +203,7 @@ services: - /var/run/docker.sock:/var/run/docker.sock - /sprint-data:/sprint-data environment: - GITEA_INSTANCE_URL: https://gitea.sprinthub.ru/ + GITEA_INSTANCE_URL: https://gitea.chocomarsh.com/ GITEA_RUNNER_REGISTRATION_TOKEN: $REGISTRATION_TOKEN GITEA_RUNNER_NAME: prod GITEA_RUNNER_LABELS: prod