Gitea repo init; Woodpecker pipeline init; much CI/CD structure outlined in ./infra, incl. docker-compose.yaml, cicd-playbook.yaml, new cicd vault, & config files for gitea, woodpecker & ansible

2026-02-10 21:16:00 -05:00
parent 4e1feddb45
commit fec1cfcb30
12 changed files with 245 additions and 26 deletions
--- a/infra/cicd/docker-compose.yaml
+++ b/infra/cicd/docker-compose.yaml
@@ -0,0 +1,58 @@
+services:
+  gitea:
+    image: docker.gitea.com/gitea:1.24
+    restart: unless-stopped
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+      - GITEA__server__ROOT_URL=https://gitea.earthmanrpg.me/
+      - GITEA__server__DOMAIN=gitea.earthmanrpg.me
+      - GITEA__server__SSH_DOMAIN=gitea.earthmanrpg.me
+      - GITEA__webhook__ALLOWED_HOST_LIST=external,loopback
+    volumes:
+      - ./data/gitea:/data # Gitea stores repos, db, config here
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "127.0.0.1:3000:3000" # http (only localhost, nginx proxies)
+      - "222:22" # ssh (public, for git push)
+    networks:
+      - cicd
+
+  woodpecker-server:
+    image: woodpeckerci/woodpecker-server:v3
+    restart: unless-stopped
+    depends_on: 
+      - gitea
+    environment:
+      - WOODPECKER_HOST=https://ci.earthmanrpg.me
+      - WOODPECKER_OPEN=false
+      - WOODPECKER_ADMIN=${WOODPECKER_ADMIN}
+      - WOODPECKER_GITEA=true
+      - WOODPECKER_GITEA_URL=https://gitea.earthmanrpg.me
+      - WOODPECKER_GITEA_CLIENT=${WOODPECKER_GITEA_CLIENT}
+      - WOODPECKER_GITEA_SECRET=${WOODPECKER_GITEA_SECRET}
+      - WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}
+    volumes:
+      - ./data/woodpecker-server:/var/lib/woodpecker
+    ports:
+      - "127.0.0.1:8000:8000" # (only nginx proxies)
+    networks:
+      - cicd
+  
+  woodpecker-agent:
+    image: woodpeckerci/woodpecker-agent:v3
+    restart: unless-stopped
+    depends_on:
+      - woodpecker-server
+    environment:
+      - WOODPECKER_SERVER=woodpecker-server:9000
+      - WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}
+      - WOODPECKER_MAX_WORKFLOWS=2
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    networks:
+      - cicd
+  
+networks:
+  cicd: