lingyuzeng/gitea
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c08211a99cedc6296565beea37f44616c2a37911
gitea/woodpecker/docker-compose.yml
hotwa c08211a99c update registrar.sh
2025-10-05 19:02:44 +08:00

102 lines
3.5 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
version: "3.8"
services:
woodpecker-server:
image: woodpeckerci/woodpecker-server:v3.10.0
container_name: woodpecker-server
restart: unless-stopped
cpus: 0.5
mem_limit: 512m
networks:
- woodpecker
environment:
- WOODPECKER_OPEN=true
- WOODPECKER_HOST=${WOODPECKER_HOST}
- WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}
- WOODPECKER_ADMIN=${WOODPECKER_ADMIN}
- WOODPECKER_GITEA=true
- WOODPECKER_GITEA_URL=${WOODPECKER_GITEA_URL}
- WOODPECKER_GITEA_CLIENT=${WOODPECKER_GITEA_CLIENT}
- WOODPECKER_GITEA_SECRET=${WOODPECKER_GITEA_SECRET}
- WOODPECKER_GITEA_SKIP_VERIFY=true
# 只把 gRPC(容器 9000) 绑定到本机 Tailscale IP 的 8419
ports:
- "${LOCAL_TS_IP}:8419:9000"
- "${LOCAL_TS_IP}:8420:8000"
volumes:
- "./data:/var/lib/woodpecker"
woodpecker-agent:
container_name: woodpecker-agent
image: woodpeckerci/woodpecker-agent:v3.10.0
restart: unless-stopped
# cpus: 0.5
# mem_limit: 1024m
depends_on:
- woodpecker-server
networks:
- woodpecker
environment:
# 内网 agent 仍然走容器网络直连 server:9000
# - "WOODPECKER_SERVER=woodpecker-server:9000"
- WOODPECKER_SERVER=ci-agent.jmsu.top:4443
- WOODPECKER_GRPC_SECURE=true
- WOODPECKER_GRPC_VERIFY=true
- "WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET}"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
# === gRPC TCP 注册HostSNI(`${WOODPECKER_GRPC_HOST}`) -> tcp -> LOCAL_TS_IP:8419 ===
woodpecker-grpc-registrar:
image: hashicorp/consul:1.21
container_name: woodpecker-grpc-registrar
restart: unless-stopped
networks:
- woodpecker
environment:
- CONSUL_HTTP_ADDR=http://${CONSUL_SERVER_IP}:8500
- SERVICE_NAME=woodpecker-grpc
- SERVICE_ADDR=${LOCAL_TS_IP}
- SERVICE_PORT=8419 # 对外注册用 8419
- SERVICE_PROTOCOL=tcp
- CHECK_TYPE=tcp
- CHECK_INTERVAL=${CHECK_INTERVAL}
- CHECK_TIMEOUT=${CHECK_TIMEOUT}
- DEREG_AFTER=${DEREG_AFTER}
- TRAEFIK_TCP_ENTRYPOINT=${TRAEFIK_TCP_ENTRYPOINT} # 你在 traefik.yml 里把 :4443 命名为 tcp.env 已经配置为 tcp
- SERVICE_PROTOCOL=tcp
- ROUTE_HOST=${WOODPECKER_GRPC_HOST} # ci-agent.jmsu.top
- TLS_MODE=terminating # ★ A 方案Traefik 终止 TLS
- TRAEFIK_CERT_RESOLVER=alidns # ★ 用你已有的 alidns ACME
volumes:
- ./registrar.sh:/registrar.sh:ro
entrypoint: ["/bin/sh","/registrar.sh"]
# === 可选Web(HTTP) 注册(默认注释掉;若需要对外暴露 Web再开启 ===
woodpecker-web-registrar:
image: hashicorp/consul:1.21
container_name: woodpecker-web-registrar
restart: unless-stopped
networks:
- woodpecker
environment:
- CONSUL_HTTP_ADDR=http://${CONSUL_SERVER_IP}:8500
- SERVICE_NAME=woodpecker-web
- SERVICE_ADDR=${LOCAL_TS_IP}
- SERVICE_PORT=8420 # 若要暴露 Web请同时在 woodpecker-server 里把 8420:8000 也映射
- ROUTE_HOST=${WOODPECKER_HOSTNAME}
- SERVICE_PROTOCOL=http
- CHECK_TYPE=http
- CHECK_PATH=${CHECK_PATH}
- CHECK_INTERVAL=${CHECK_INTERVAL}
- CHECK_TIMEOUT=${CHECK_TIMEOUT}
- DEREG_AFTER=${DEREG_AFTER}
- TRAEFIK_HTTP_ENTRYPOINT=${TRAEFIK_HTTP_ENTRYPOINT}
volumes:
- ./registrar.sh:/registrar.sh:ro
entrypoint: ["/bin/sh","/registrar.sh"]
networks:
woodpecker:
driver: bridge
Reference in New Issue View Git Blame Copy Permalink