fix(containers): use volumes where possible

2026-02-09 05:44:23 +00:00 · 2024-05-18 22:40:00 +02:00
parent ae046ebdec
commit e6e1e24cb6
8 changed files with 17 additions and 15 deletions
--- a/containers/gitea/.gitignore
+++ b/containers/gitea/.gitignore
@@ -1,6 +0,0 @@
-/config/*
-!/config/*.defaults.ini
-!/config/*.example.ini
-
-/data/*
-!/data/.gitkeep
--- a/containers/gitea/Makefile
+++ b/containers/gitea/Makefile
@@ -1,8 +1,5 @@
 #!/usr/bin/env make

-pre-flight:
-	@mkdir -pv 'config' 'data'
-
 firewalld-open: override service_name ?= gitea
 firewalld-open: override webui_port ?= 3000
 firewalld-open: override ssh_port ?= 2222
@@ -16,5 +13,5 @@ firewalld-open: ${shell which 'firewall-cmd'}
 	@sudo firewall-cmd --permanent --add-service '${service_name}'
 	@sudo firewall-cmd --reload

-composition-go-brrr: ${shell which 'docker-compose'} pre-flight
+composition-go-brrr: ${shell which 'docker-compose'}
 	@docker-compose up -d
--- a/containers/gitea/config/app.defaults.ini
+++ b/containers/gitea/config/app.defaults.ini
@@ -1,98 +0,0 @@
-APP_NAME = Gitea: Git with a cup of tea
-RUN_USER = git
-RUN_MODE = prod
-WORK_PATH = /var/lib/gitea
-
-[repository]
-ROOT = /var/lib/gitea/git/repositories
-
-[repository.local]
-LOCAL_COPY_PATH = /tmp/gitea/local-repo
-
-[repository.upload]
-TEMP_PATH = /tmp/gitea/uploads
-
-[server]
-APP_DATA_PATH = /var/lib/gitea
-SSH_DOMAIN = localhost
-HTTP_PORT = 3000
-ROOT_URL = http://localhost:3000/
-DISABLE_SSH = false
-; In rootless gitea container only internal ssh server is supported
-START_SSH_SERVER = true
-SSH_PORT = 2222
-SSH_LISTEN_PORT = 2222
-BUILTIN_SSH_SERVER_USER = git
-LFS_START_SERVER = true
-DOMAIN = localhost
-LFS_JWT_SECRET = Aa6-Offr7khQxK5XxEI2PhCahmnuWkp5uC3e7v4F4uI
-OFFLINE_MODE = false
-
-[database]
-PATH = /var/lib/gitea/data/gitea.db
-DB_TYPE = sqlite3
-HOST = localhost:3306
-NAME = gitea
-USER = root
-PASSWD =
-SCHEMA =
-SSL_MODE = disable
-LOG_SQL = false
-
-[session]
-PROVIDER_CONFIG = /var/lib/gitea/data/sessions
-PROVIDER = file
-
-[picture]
-AVATAR_UPLOAD_PATH = /var/lib/gitea/data/avatars
-REPOSITORY_AVATAR_UPLOAD_PATH = /var/lib/gitea/data/repo-avatars
-
-[attachment]
-PATH = /var/lib/gitea/data/attachments
-
-[log]
-ROOT_PATH = /var/lib/gitea/data/log
-MODE = console
-LEVEL = info
-
-[security]
-INSTALL_LOCK = true
-SECRET_KEY =
-REVERSE_PROXY_LIMIT = 1
-REVERSE_PROXY_TRUSTED_PROXIES = *
-INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3MTUyNjc0NDh9.3ozgswOlcbE5Xxe0cnaPVjY3OgBKWm7MPnHwqv8DOrI
-PASSWORD_HASH_ALGO = pbkdf2
-
-[service]
-DISABLE_REGISTRATION = false
-REQUIRE_SIGNIN_VIEW = false
-REGISTER_EMAIL_CONFIRM = false
-ENABLE_NOTIFY_MAIL = false
-ALLOW_ONLY_EXTERNAL_REGISTRATION = false
-ENABLE_CAPTCHA = false
-DEFAULT_KEEP_EMAIL_PRIVATE = false
-DEFAULT_ALLOW_CREATE_ORGANIZATION = true
-DEFAULT_ENABLE_TIMETRACKING = true
-NO_REPLY_ADDRESS = noreply.localhost
-
-[lfs]
-PATH = /var/lib/gitea/git/lfs
-
-[mailer]
-ENABLED = false
-
-[openid]
-ENABLE_OPENID_SIGNIN = true
-ENABLE_OPENID_SIGNUP = true
-
-[cron.update_checker]
-ENABLED = true
-
-[repository.pull-request]
-DEFAULT_MERGE_STYLE = merge
-
-[repository.signing]
-DEFAULT_TRUST_MODEL = committer
-
-[oauth2]
-JWT_SECRET = MdHkCwxVnBDYhcJ0nlu0qmfgX-oX18WXagcFlIkWYmg
--- a/containers/gitea/data/.gitkeep
+++ b/containers/gitea/data/.gitkeep
--- a/containers/gitea/docker-compose.yml
+++ b/containers/gitea/docker-compose.yml
@@ -10,10 +10,14 @@ services:
    image: gitea/gitea:1.21.11-rootless
    restart: unless-stopped
    volumes:
-      - ${PWD}/data:/var/lib/gitea
-      - ${PWD}/config:/etc/gitea
+      - data:/var/lib/gitea
+      - config:/etc/gitea
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - 3000:3000
      - 2222:2222
+
+volumes:
+  config:
+  data:
--- a/containers/paperless-ngx/Makefile
+++ b/containers/paperless-ngx/Makefile
@@ -1,14 +1,15 @@
 #!/usr/bin/env make

 pre-flight:
-	@mkdir -pv 'config' 'data'
+	@mkdir -pv 'consume' 'export'

 firewalld-open: override service_name ?= paperless-ngx
+firewalld-open: override service_port ?= 8000
 firewalld-open: ${shell which 'firewall-cmd'}
 	@sudo firewall-cmd --permanent --new-service '${service_name}'
 	@sudo firewall-cmd --permanent --service '${service_name}' --set-description 'FIXME'
 	@sudo firewall-cmd --permanent --service '${service_name}' --set-short 'FIXME'
-	@sudo firewall-cmd --permanent --service '${service_name}' --add-port '8000/tcp'
+	@sudo firewall-cmd --permanent --service '${service_name}' --add-port '${service_port}/tcp'
 	@sudo firewall-cmd --permanent --add-service '${service_name}'
 	@sudo firewall-cmd --reload

--- a/containers/syncthing/config/.gitkeep
+++ b/containers/syncthing/config/.gitkeep
--- a/containers/syncthing/docker-compose.yml
+++ b/containers/syncthing/docker-compose.yml
@@ -10,7 +10,10 @@ services:
      - PUID=1000
      - PGID=100
    volumes:
-      - ${PWD}/config:/var/syncthing/config
+      - config:/var/syncthing/config
      - ${PWD}/data:/var/syncthing/data
    network_mode: host
    restart: unless-stopped
+
+volumes:
+  config: