services:
  gitea:
    image: docker.gitea.com/gitea:1.25.4@sha256:17d18218be2dad1f8ed402a4f906989505c90ab8b66ee9befcecfb5d470133e7
    container_name: gitea
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - GITEA__server__DOMAIN=git.kaleschke.info
      - GITEA__server__ROOT_URL=https://git.kaleschke.info/
      - GITEA__database__DB_TYPE=sqlite3
      - GITEA__service__DISABLE_REGISTRATION=true
      - GITEA__service__REGISTER_EMAIL_CONFIRM=true
      - GITEA__openid__ENABLE_OPENID_SIGNIN=false
      - GITEA__openid__ENABLE_OPENID_SIGNUP=false
      - GITEA__migrations__ALLOWED_DOMAINS=github.com
      - GITEA__webhook__ALLOWED_HOST_LIST=komodo-core,localhost,127.0.0.1,192.168.178.0/24
    volumes:
      - /mnt/user/services/gitea/data:/data
    ports:
      - "222:22"
    networks:
      - frontend_net
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=frontend_net"
      - "traefik.http.routers.gitea.rule=Host(`git.kaleschke.info`)"
      - "traefik.http.routers.gitea.entrypoints=websecure"
      - "traefik.http.routers.gitea.tls=true"
      - "traefik.http.routers.gitea.tls.certresolver=le"
      - "traefik.http.services.gitea.loadbalancer.server.port=3000"
      
networks:
  frontend_net:
    external: true