self/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: self:master
Branches Tags
self:master self:prod self:dev self:gitea-migration
..
compare: self:624eddee2ab7822d2e85d7d62ae114f216ae728c
Branches Tags
self:prod self:master self:dev self:gitea-migration

56 Commits
master ... 624eddee2a

Author SHA1 Message Date
emmatveev
624eddee2a Merge pull request 'fix' (#144) from master into prod 
Reviewed-on: #144
 2025-09-15 01:12:17 +03:00
emmatveev
ba43261482 Merge pull request 'fix' (#142) from master into prod 
Reviewed-on: #142
 2025-09-15 00:06:57 +03:00
emmatveev
59287f8240 Merge pull request 'master' (#141) from master into prod 
Reviewed-on: #141
 2025-09-14 23:57:24 +03:00
emmatveev
8f823afc21 Merge pull request 'fix' (#139) from master into prod 
Reviewed-on: #139
 2025-07-12 10:28:33 +03:00
emmatveev
489b5d00cc Merge pull request 'fix' (#138) from master into prod 
Reviewed-on: #138
 2025-07-12 10:22:15 +03:00
emmatveev
073ee88a84 Merge pull request 'fix' (#137) from master into prod 
Reviewed-on: #137
 2025-07-12 10:17:55 +03:00
emmatveev
054186bfcd Merge pull request 'fix' (#136) from master into prod 
Reviewed-on: #136
 2025-07-12 10:12:23 +03:00
emmatveev
2d66d20e41 Merge pull request 'fix' (#135) from master into prod 
Reviewed-on: #135
 2025-07-12 10:09:55 +03:00
emmatveev
49e99f2721 Merge pull request 'fix' (#134) from master into prod 
Reviewed-on: #134
 2025-07-11 22:46:40 +03:00
emmatveev
a6273a24dc Merge pull request 'fix' (#133) from master into prod 
Reviewed-on: #133
 2025-07-11 22:29:14 +03:00
emmatveev
5da9bc072b Merge pull request 'fix' (#132) from master into prod 
Reviewed-on: #132
 2025-07-11 22:23:22 +03:00
emmatveev
767ea96b31 Merge pull request 'fix' (#131) from master into prod 
Reviewed-on: #131
 2025-07-11 22:19:01 +03:00
emmatveev
9c8df2d4d4 Merge pull request 'fix' (#130) from master into prod 
Reviewed-on: #130
 2025-07-11 22:07:25 +03:00
emmatveev
e076d505f1 Merge pull request 'fix' (#129) from master into prod 
Reviewed-on: #129
 2025-07-11 21:50:17 +03:00
emmatveev
5a8e6cfa76 Merge pull request 'fix' (#128) from master into prod 
Reviewed-on: #128
 2025-07-11 21:28:33 +03:00
emmatveev
6647b0df21 Merge pull request 'fix' (#127) from master into prod 
Reviewed-on: #127
 2025-07-11 21:20:37 +03:00
emmatveev
0e0b2e57da Merge pull request 'fix' (#126) from master into prod 
Reviewed-on: #126
 2025-07-11 21:05:40 +03:00
emmatveev
cac1e5c4e0 Merge pull request 'fix' (#125) from master into prod 
Reviewed-on: #125
 2025-07-11 20:36:23 +03:00
emmatveev
45201de406 Merge pull request 'fix' (#124) from master into prod 
Reviewed-on: #124
 2025-07-11 20:24:33 +03:00
emmatveev
74a45eb95c Merge pull request 'fix' (#123) from master into prod 
Reviewed-on: #123
 2025-07-11 19:57:57 +03:00
emmatveev
26159bd068 Merge pull request 'fix' (#122) from master into prod 
Reviewed-on: #122
 2025-07-11 19:52:26 +03:00
emmatveev
f963a7e196 Merge pull request 'fix' (#121) from master into prod 
Reviewed-on: #121
 2025-07-10 18:43:34 +03:00
emmatveev
60d65bfd10 Merge pull request 'fix' (#120) from master into prod 
Reviewed-on: #120
 2025-07-10 18:19:12 +03:00
emmatveev
7c16255c61 Merge pull request 'fix' (#119) from master into prod 
Reviewed-on: #119
 2025-07-10 18:12:17 +03:00
emmatveev
ee6e9b7d12 Merge pull request 'Update .deploy-infra/deploy-prod.yaml' (#118) from master into prod 
Reviewed-on: #118
 2025-06-20 17:29:59 +03:00
emmatveev
1851bc0652 Merge pull request 'master' (#117) from master into prod 
Reviewed-on: #117
 2025-06-20 17:19:38 +03:00
emmatveev
0ba08e4a6d Merge pull request 'fix' (#115) from master into prod 
Reviewed-on: #115
 2025-06-14 23:01:18 +03:00
emmatveev
3e12bf6fe0 Merge pull request 'fix' (#114) from master into prod 
Reviewed-on: #114
 2025-06-14 22:55:18 +03:00
emmatveev
7fc4e7f086 Merge pull request 'master' (#113) from master into prod 
Reviewed-on: #113
 2025-06-14 22:45:41 +03:00
emmatveev
becb5c3aac Merge pull request 'fix' (#112) from master into prod 
Reviewed-on: #112
 2025-06-14 22:40:51 +03:00
emmatveev
a54f4a6eee Merge pull request 'fix' (#111) from master into prod 
Reviewed-on: #111
 2025-06-14 22:35:16 +03:00
emmatveev
fb4fcf5b27 Merge pull request 'fix' (#110) from master into prod 
Reviewed-on: #110
 2025-06-14 22:30:25 +03:00
emmatveev
45a035897d Merge pull request 'Update .deploy-infra/deploy-prod.yaml' (#109) from master into prod 
Reviewed-on: #109
 2025-06-14 20:21:54 +03:00
emmatveev
4da8e8e6e5 Merge pull request 'Update .deploy-infra/deploy-prod.yaml' (#108) from master into prod 
Reviewed-on: #108
 2025-06-14 20:12:41 +03:00
emmatveev
2a09bb0f48 Merge pull request 'Update .deploy-infra/deploy-prod.yaml' (#107) from master into prod 
Reviewed-on: #107
 2025-06-14 20:10:36 +03:00
emmatveev
d456e2d083 Merge pull request 'Update .deploy-infra/deploy-prod.yaml' (#106) from master into prod 
Reviewed-on: #106
 2025-06-14 20:07:01 +03:00
emmatveev
3f07d0ad84 Merge pull request 'Update .deploy-infra/deploy-prod.yaml' (#105) from master into prod 
Reviewed-on: #105
 2025-06-14 19:55:57 +03:00
emmatveev
f8488d72e7 Merge pull request 'Update .deploy-infra/deploy-prod.yaml' (#104) from master into prod 
Reviewed-on: #104
 2025-06-14 19:53:17 +03:00
emmatveev
7b0a5ca568 Merge pull request 'fix' (#103) from master into prod 
Reviewed-on: #103
 2025-06-14 13:02:27 +03:00
emmatveev
cab9ef5d08 Merge pull request 'fix' (#102) from master into prod 
Reviewed-on: #102
 2025-06-14 12:42:45 +03:00
emmatveev
e4f6078e63 Merge pull request 'fix' (#101) from master into prod 
Reviewed-on: #101
 2025-06-14 04:44:16 +03:00
emmatveev
8ebf434fb2 Merge pull request 'master' (#100) from master into prod 
Reviewed-on: #100
 2025-06-14 03:37:48 +03:00
emmatveev
2b0fc2dee3 Merge pull request 'master' (#96) from master into prod 
Reviewed-on: #96
 2025-06-13 02:48:50 +03:00
emmatveev
f72974a593 Merge pull request 'fix' (#92) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/92
 2025-06-12 22:14:37 +03:00
emmatveev
13518e77d6 Merge pull request 'fix' (#90) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/90
 2025-06-12 13:52:39 +03:00
emmatveev
a424d7950e Merge pull request 'master' (#88) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/88
 2025-06-12 13:27:18 +03:00
emmatveev
fe415f0bd8 Merge pull request 'master' (#84) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/84
 2025-06-12 01:13:26 +03:00
emmatveev
07008122a8 Merge pull request 'master' (#73) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/73
 2025-06-04 21:20:54 +03:00
emmatveev
031960c451 Merge pull request 'master' (#71) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/71
 2025-06-04 03:43:12 +03:00
emmatveev
a1fcd98eba Merge pull request 'master' (#69) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/69
 2025-06-04 02:47:18 +03:00
emmatveev
4e4bdf12cb Merge pull request 'fix' (#42) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/42
 2025-03-28 21:49:37 +03:00
emmatveev
e1b8bdb230 Merge pull request 'keycloak' (#41) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/41
 2025-03-28 21:45:31 +03:00
emmatveev
893a357eca Merge pull request 'keycloak' (#40) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/40
 2025-03-28 21:43:05 +03:00
emmatveev
feee9ffb6d Merge pull request 'keycloak' (#39) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/39
 2025-03-28 21:34:56 +03:00
emmatveev
dd63cf69cd Merge pull request 'master' (#38) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/38
 2025-03-28 21:28:13 +03:00
emmatveev
829d978ac8 Merge pull request 'master' (#36) from master into prod 
Reviewed-on: https://gitea.sprinthub.ru/self/infra/pulls/36
 2025-02-14 01:10:55 +03:00
6 changed files with 8 additions and 36 deletions
Expand all files Collapse all files

1
.deploy-infra/deploy-dev.yaml
View File

@@ -7,7 +7,6 @@ services:
networks: networks:
- common-infra-nginx-development - common-infra-nginx-development
- configurator - configurator
- minio-development
environment: environment:
MINIO_SECRET_KEY: $MINIO_SECRET_KEY_DEV MINIO_SECRET_KEY: $MINIO_SECRET_KEY_DEV
ports: ports:

10
.deploy-infra/deploy-prod.yaml
View File

@@ -7,7 +7,6 @@ services:
networks: networks:
- common-infra-nginx - common-infra-nginx
- configurator - configurator
- minio
environment: environment:
MINIO_SECRET_KEY: $MINIO_SECRET_KEY_PROD MINIO_SECRET_KEY: $MINIO_SECRET_KEY_PROD
ports: ports:
@@ -178,9 +177,7 @@ services:
order: start-first order: start-first
gitea: gitea:
image: gitea/gitea:1.25 image: gitea/gitea:1.22.3
networks:
- postgres
volumes: volumes:
- /sprint-data/gitea:/data - /sprint-data/gitea:/data
- /etc/timezone:/etc/timezone - /etc/timezone:/etc/timezone
@@ -192,12 +189,10 @@ services:
USER_UID: 1000 USER_UID: 1000
USER_GID: 1000 USER_GID: 1000
GITEA__database__DB_TYPE: postgres GITEA__database__DB_TYPE: postgres
GITEA__database__HOST: postgres:5432 GITEA__database__HOST: pg.chocomarsh.com:5432
GITEA__database__NAME: gitea GITEA__database__NAME: gitea
GITEA__database__USER: postgres GITEA__database__USER: postgres
GITEA__database__PASSWD: $DB_PASSWORD_PROD GITEA__database__PASSWD: $DB_PASSWORD_PROD
GITEA__service__DISABLE_REGISTRATION: "true"
GITEA__server__ROOT_URL: "https://gitea.chocomarsh.com/"
deploy: deploy:
mode: replicated mode: replicated
placement: placement:
@@ -213,7 +208,6 @@ services:
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
- /sprint-data:/sprint-data - /sprint-data:/sprint-data
- /root/.cache/act:/root/.cache/act
environment: environment:
GITEA_INSTANCE_URL: https://gitea.chocomarsh.com/ GITEA_INSTANCE_URL: https://gitea.chocomarsh.com/
GITEA_RUNNER_REGISTRATION_TOKEN: $REGISTRATION_TOKEN GITEA_RUNNER_REGISTRATION_TOKEN: $REGISTRATION_TOKEN

4
.deploy-portainer/deploy-prod.yaml
View File

@@ -2,7 +2,7 @@ version: '3.2'
services: services:
agent: agent:
image: portainer/agent:2.33.1 image: portainer/agent:2.11.1
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes - /var/lib/docker/volumes:/var/lib/docker/volumes
@@ -14,7 +14,7 @@ services:
constraints: [node.platform.os == linux] constraints: [node.platform.os == linux]
portainer: portainer:
image: portainer/portainer-ce:2.33.1 image: portainer/portainer-ce:2.11.1
command: -H tcp://tasks.agent:9001 --tlsskipverify command: -H tcp://tasks.agent:9001 --tlsskipverify
ports: ports:
- "9443:9443" - "9443:9443"

1
gitea-runner/Dockerfile
View File

@@ -3,4 +3,3 @@ FROM gitea/act_runner:nightly
RUN apk add docker RUN apk add docker
RUN apk add git RUN apk add git
RUN apk add --no-cache nodejs RUN apk add --no-cache nodejs
RUN apk add --no-cache make

26
nginx/nginx-dev/prepare.py
View File

@@ -6,7 +6,7 @@ from json import loads
minio_client = Minio( minio_client = Minio(
"minio:9000", "minio.dev.chocomarsh.com:9000",
access_key="serviceminioadmin", access_key="serviceminioadmin",
secret_key=os.getenv("MINIO_SECRET_KEY", "minioadmin"), secret_key=os.getenv("MINIO_SECRET_KEY", "minioadmin"),
secure=False, secure=False,
@@ -30,22 +30,6 @@ except Exception as e:
config = "" config = ""
for host, params in hosts.items(): for host, params in hosts.items():
websocket = ""
for url in params.get("websocket", []):
websocket += """
location {url} {{
resolver 127.0.0.11;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 86400;
proxy_send_timeout 86400;
proxy_pass http://{target_host}:{port};
}}
""".format(url=url, target_host=params["host"], port=params["port"])
config += """ config += """
server {{ server {{
listen 443 ssl http2; listen 443 ssl http2;
@@ -55,7 +39,6 @@ for host, params in hosts.items():
ssl_certificate /etc/nginx/{host}/fullchain.pem; ssl_certificate /etc/nginx/{host}/fullchain.pem;
ssl_certificate_key /etc/nginx/{host}/privkey.pem; ssl_certificate_key /etc/nginx/{host}/privkey.pem;
proxy_http_version 1.1;
add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always; add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always; add_header X-Content-Type-Options "nosniff" always;
@@ -65,16 +48,13 @@ for host, params in hosts.items():
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
{websocket}
location / {{ location / {{
resolver 127.0.0.11; resolver 127.0.0.11;
proxy_pass http://{target_host}:{port}; proxy_pass http://{target_host}:{port}$request_uri;
}} }}
}}\n\n }}\n\n
""".format( """.format(
host=host, target_host=params["host"], port=params["port"], websocket=websocket host=host, target_host=params["host"], port=params["port"]
) )
try: try:
fullchain = minio_client.get_object( fullchain = minio_client.get_object(

2
nginx/nginx-prod/prepare.py
View File

@@ -6,7 +6,7 @@ from json import loads
minio_client = Minio( minio_client = Minio(
"minio:9000", "minio.chocomarsh.com:9000",
access_key="serviceminioadmin", access_key="serviceminioadmin",
secret_key=os.getenv("MINIO_SECRET_KEY", "minioadmin"), secret_key=os.getenv("MINIO_SECRET_KEY", "minioadmin"),
secure=False, secure=False,