{% if not values.forgejo.root_url.startswith("http") %} {% do ix_lib.base.utils.throw_error("Expected [forgejo.root_url] to have the following format [http(s)://(sub).domain.tld(:port)] or [http://IP_ADDRESS:port], got [%s]" | format(values.forgejo.root_url)) %} {% endif %} {% set tpl = ix_lib.base.render.Render(values) %} {% set c1 = tpl.add_container(values.consts.forgejo_container_name, "image") %} {% set perm_container = tpl.deps.perms(values.consts.perms_container_name) %} {% set pg_config = { "user": values.consts.db_user, "password": values.forgejo.db_password, "database": values.consts.db_name, "volume": values.storage.postgres_data, } %} {% set postgres = tpl.deps.postgres( values.consts.postgres_container_name, values.forgejo.postgres_image_selector, pg_config, perm_container ) %} {% set proto = "https" if values.network.certificate_id else "http" %} {% do c1.set_user(values.run_as.user, values.run_as.group) %} {% do c1.depends.add_dependency(values.consts.postgres_container_name, "service_healthy") %} {% do c1.healthcheck.set_test("curl", {"port": values.network.web_port.port_number, "path": "/api/healthz", "scheme": proto}) %} {% if values.network.certificate_id %} {% do c1.environment.add_env("FORGEJO__server__CERT_FILE", values.consts.cert_file_path) %} {% do c1.environment.add_env("FORGEJO__server__KEY_FILE", values.consts.key_file_path) %} {% set cert = values.ix_certificates[values.network.certificate_id] %} {% do c1.configs.add("private", cert.privatekey, values.consts.key_file_path) %} {% do c1.configs.add("public", cert.certificate, values.consts.cert_file_path) %} {% endif %} {% do c1.environment.add_env("FORGEJO__database__DB_TYPE", "postgres") %} {% do c1.environment.add_env("FORGEJO__database__PASSWD", values.forgejo.db_password) %} {% do c1.environment.add_env("FORGEJO__database__HOST", values.consts.postgres_container_name) %} {% do c1.environment.add_env("FORGEJO__database__NAME", values.consts.db_name) %} {% do c1.environment.add_env("FORGEJO__database__USER", values.consts.db_user) %} {% do c1.environment.add_env("FORGEJO__server__HTTP_PORT", values.network.web_port.port_number) %} {% do c1.environment.add_env("FORGEJO__server__SSH_PORT", tpl.funcs.or_default(values.network.external_ssh_port, values.network.ssh_port.port_number)) %} {% do c1.environment.add_env("FORGEJO__server__SSH_LISTEN_PORT", values.network.ssh_port.port_number) %} {% do c1.environment.add_env("FORGEJO__server__ROOT_URL", values.forgejo.root_url) %} {% do c1.environment.add_env("FORGEJO__server__PROTOCOL", proto) %} {% do c1.environment.add_user_envs(values.forgejo.additional_envs) %} {% do c1.add_port(values.network.web_port) %} {% do c1.add_port(values.network.ssh_port) %} {% set perms_config = {"uid": values.run_as.user, "gid": values.run_as.group, "mode": "check"} %} {# Rootless image, still uses gitea directories #} {% do c1.add_storage("/etc/gitea", values.storage.config) %} {% do perm_container.add_or_skip_action("config", values.storage.config, perms_config) %} {% do c1.add_storage("/var/lib/gitea", values.storage.data) %} {% do perm_container.add_or_skip_action("data", values.storage.data, perms_config) %} {% set tmp_config = {"type": "temporary", "volume_config": {"volume_name": "tmp-forgejo"}} %} {% do c1.add_storage("/tmp/gitea", tmp_config) %} {% do c1.add_storage("/tmp/forgejo", tmp_config) %} {% do perm_container.add_or_skip_action("temp", tmp_config, perms_config) %} {% for store in values.storage.additional_storage %} {% do c1.add_storage(store.mount_path, store) %} {% do perm_container.add_or_skip_action(store.mount_path, store, perms_config) %} {% endfor %} {% if perm_container.has_actions() %} {% do perm_container.activate() %} {% do c1.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %} {% do postgres.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %} {% endif %} {% do tpl.portals.add(values.network.web_port, {"scheme": proto}) %} {{ tpl.render() | tojson }}