b324ff09ef
Some checks failed
CI/CD Pipeline / Code Quality & Linting (push) Has been cancelled
CI/CD Pipeline / Policy Validation (push) Has been cancelled
CI/CD Pipeline / Test Suite (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-coverage) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-extract) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-firm-connectors) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-forms) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-hmrc) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-ingestion) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-kg) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-normalize-map) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-ocr) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-rag-indexer) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-rag-retriever) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-reason) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (svc-rpa) (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (ui-review) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (svc-coverage) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (svc-extract) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (svc-kg) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (svc-rag-retriever) (push) Has been cancelled
CI/CD Pipeline / Security Scanning (ui-review) (push) Has been cancelled
CI/CD Pipeline / Generate SBOM (push) Has been cancelled
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
CI/CD Pipeline / Notifications (push) Has been cancelled
153 lines
4.5 KiB
Bash
Executable File
153 lines
4.5 KiB
Bash
Executable File
#!/bin/bash
|
|
# Enable Gitea Container Registry
|
|
# This script configures Gitea to support Docker container registry
|
|
|
|
set -e
|
|
|
|
REMOTE_HOST="deploy@141.136.35.199"
|
|
GITEA_PATH="/opt/compose/gitea"
|
|
|
|
echo "🔧 Enabling Gitea Container Registry..."
|
|
|
|
# Step 1: Add packages configuration to Gitea
|
|
echo "📝 Step 1: Configuring Gitea packages..."
|
|
|
|
ssh $REMOTE_HOST << 'EOF'
|
|
# Create custom configuration directory if it doesn't exist
|
|
sudo mkdir -p /opt/compose/gitea/custom/conf
|
|
|
|
# Create or update custom app.ini with packages enabled
|
|
sudo tee /opt/compose/gitea/custom/conf/app.ini > /dev/null << 'GITEA_CONFIG'
|
|
[packages]
|
|
ENABLED = true
|
|
CHUNKED_UPLOAD_PATH = /data/gitea/tmp/package-upload
|
|
|
|
[packages.container]
|
|
ENABLED = true
|
|
GITEA_CONFIG
|
|
|
|
echo "✅ Gitea configuration created"
|
|
EOF
|
|
|
|
# Step 2: Update Gitea compose file to mount custom config and add registry labels
|
|
echo "📝 Step 2: Updating Gitea compose file..."
|
|
|
|
ssh $REMOTE_HOST << 'EOF'
|
|
cd /opt/compose/gitea
|
|
|
|
# Backup current compose file
|
|
sudo cp compose.yaml compose.yaml.backup
|
|
|
|
# Create updated compose file with registry support
|
|
sudo tee compose.yaml > /dev/null << 'COMPOSE_FILE'
|
|
---
|
|
services:
|
|
server:
|
|
image: docker.io/gitea/gitea:1.24.5
|
|
container_name: gitea-server
|
|
env_file:
|
|
- ./.env
|
|
environment:
|
|
- USER_UID=1000
|
|
- USER_GID=1000
|
|
- GITEA__database__DB_TYPE=postgres
|
|
- GITEA__database__HOST=${POSTGRES_HOST:-db}:${POSTGRES_PORT:-5432}
|
|
- GITEA__database__NAME=${POSTGRES_DB:-gitea}
|
|
- GITEA__database__USER=${POSTGRES_USER:-gitea}
|
|
- GITEA__database__PASSWD=${POSTGRES_PASSWORD:?POSTGRES_PASSWORD not set}
|
|
- GITEA__server__SSH_PORT=2221
|
|
- GITEA__server__ROOT_URL=https://gitea.harkon.co.uk
|
|
- GITEA__packages__ENABLED=true
|
|
- GITEA__packages__CHUNKED_UPLOAD_PATH=/data/gitea/tmp/package-upload
|
|
networks:
|
|
- frontend
|
|
- backend
|
|
volumes:
|
|
- gitea-data:/data
|
|
- ./custom/conf/app.ini:/data/gitea/conf/app.ini.custom:ro
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
ports:
|
|
- "2221:22"
|
|
depends_on:
|
|
- db
|
|
labels:
|
|
# Main Gitea web interface
|
|
- traefik.enable=true
|
|
- traefik.http.services.gitea.loadbalancer.server.port=3000
|
|
- traefik.http.services.gitea.loadbalancer.server.scheme=http
|
|
- traefik.http.routers.gitea-https.entrypoints=websecure
|
|
- traefik.http.routers.gitea-https.rule=Host(`gitea.harkon.co.uk`)
|
|
- traefik.http.routers.gitea-https.tls=true
|
|
- traefik.http.routers.gitea-https.tls.certresolver=godaddy
|
|
- traefik.http.routers.gitea-https.service=gitea
|
|
# Container Registry (same port, different subdomain)
|
|
- traefik.http.routers.gitea-registry.entrypoints=websecure
|
|
- traefik.http.routers.gitea-registry.rule=Host(`registry.harkon.co.uk`)
|
|
- traefik.http.routers.gitea-registry.tls=true
|
|
- traefik.http.routers.gitea-registry.tls.certresolver=godaddy
|
|
- traefik.http.routers.gitea-registry.service=gitea
|
|
restart: unless-stopped
|
|
|
|
db:
|
|
image: docker.io/library/postgres:17.5
|
|
container_name: gitea-db
|
|
environment:
|
|
- POSTGRES_USER=${POSTGRES_USER:-gitea}
|
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:?POSTGRES_PASSWORD not set}
|
|
- POSTGRES_DB=${POSTGRES_DB:-gitea}
|
|
networks:
|
|
- backend
|
|
volumes:
|
|
- gitea-db:/var/lib/postgresql/data
|
|
restart: unless-stopped
|
|
|
|
volumes:
|
|
gitea-data:
|
|
driver: local
|
|
gitea-db:
|
|
driver: local
|
|
|
|
networks:
|
|
frontend:
|
|
external: true
|
|
backend:
|
|
external: true
|
|
COMPOSE_FILE
|
|
|
|
echo "✅ Gitea compose file updated"
|
|
EOF
|
|
|
|
# Step 3: Restart Gitea to apply changes
|
|
echo "📝 Step 3: Restarting Gitea..."
|
|
|
|
ssh $REMOTE_HOST << 'EOF'
|
|
cd /opt/compose/gitea
|
|
docker compose down
|
|
docker compose up -d
|
|
|
|
echo "⏳ Waiting for Gitea to start..."
|
|
sleep 15
|
|
|
|
echo "✅ Gitea restarted"
|
|
EOF
|
|
|
|
echo ""
|
|
echo "✅ Gitea Container Registry enabled successfully!"
|
|
echo ""
|
|
echo "📋 Next steps:"
|
|
echo "1. Verify DNS: dig registry.harkon.co.uk (should point to 141.136.35.199)"
|
|
echo "2. Wait for SSL certificate (Traefik will auto-generate)"
|
|
echo "3. Create Gitea access token:"
|
|
echo " - Login to https://gitea.harkon.co.uk"
|
|
echo " - Settings → Applications → Generate New Token"
|
|
echo " - Select scope: write:package"
|
|
echo "4. Login to registry:"
|
|
echo " docker login registry.harkon.co.uk"
|
|
echo " Username: <your-gitea-username>"
|
|
echo " Password: <your-access-token>"
|
|
echo ""
|
|
echo "🔍 Check Gitea logs:"
|
|
echo " ssh deploy@141.136.35.199 'docker logs gitea-server'"
|
|
|