homeserver/docker-compose/woodpecker/docker-compose.yml.j2

# https://woodpecker-ci.org/docs/administration/setup
version: '3'

services:
  woodpecker-server:
    restart: always
    container_name: woodpecker-server
    image: "woodpeckerci/woodpecker-server:v2.2.2@sha256:4717456849b41b6a0d3a429c062eab9eee9616839c24a67174dd812d9693b34c"
    ports:
      - 8000:8000
    volumes:
      - server-data:/var/lib/woodpecker/
    environment:
      WOODPECKER_OPEN: false
      WOODPECKER_HOST: https://ci.mgrote.net
      WOODPECKER_WEBHOOK_HOST: http://docker10.mgrote.net:8000
      WOODPECKER_GITEA: true
      WOODPECKER_GITEA_URL: https://git.mgrote.net
      WOODPECKER_GITEA_CLIENT: "{{ lookup('keepass', 'woodpecker-oauth2-client-id', 'password') }}"
      WOODPECKER_GITEA_SECRET: "{{ lookup('keepass', 'woodpecker-oauth2-client-secret', 'password') }}"
      WOODPECKER_AGENT_SECRET: "{{ lookup('keepass', 'woodpecker-agent-secret', 'password') }}"
      WOODPECKER_ADMIN: mg
      WOODPECKER_LOG_LEVEL: info
      WOODPECKER_DEBUG_PRETTY: true
    networks:
      - intern
      - traefik
    labels:
      com.centurylinklabs.watchtower.enable: true

      traefik.http.routers.woodpecker.rule: Host(`ci.mgrote.net`)
      traefik.enable: true
      traefik.http.routers.woodpecker.tls: true
      traefik.http.routers.woodpecker.tls.certresolver: resolver_letsencrypt
      traefik.http.routers.woodpecker.entrypoints: entry_https
      traefik.http.services.woodpecker.loadbalancer.server.port: 8000

      traefik.http.routers.woodpecker.middlewares: woodpecker-ipwhitelist

      traefik.http.middlewares.woodpecker-ipwhitelist.ipwhitelist.sourcerange: "192.168.2.0/24,10.25.25.0/24"
      traefik.http.middlewares.woodpecker-ipwhitelist.ipwhitelist.ipstrategy.depth: 0 # https://doc.traefik.io/traefik/middlewares/http/ipwhitelist/#ipstrategydepth


  woodpecker-agent:
    container_name: woodpecker-agent
    image: "woodpeckerci/woodpecker-agent:v2.2.2@sha256:26744e51b989b3885ffbcd8f1292fa1c47d1825c801973ea9aa714ad59003374"
    command: agent
    restart: always
    depends_on:
      - woodpecker-server
    ports:
      - 3032:3000
    volumes:
      - agent-config:/etc/woodpecker
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      WOODPECKER_SERVER: woodpecker-server:9000
      WOODPECKER_AGENT_SECRET: "{{ lookup('keepass', 'woodpecker-agent-secret', 'password') }}"
      WOODPECKER_MAX_WORKFLOWS: 20
      WOODPECKER_DEBUG_PRETTY: true
      WOODPECKER_LOG_LEVEL: info
      WOODPECKER_HEALTHCHECK: true
      WOODPECKER_BACKEND: docker
    labels:
      com.centurylinklabs.watchtower.enable: true
    networks:
      - intern


volumes:
  server-data:
  agent-config:

# git.mgrote.net -> Settings -> Applications -> woodpecker
# WOODPECKER_GITEA_CLIENT: "{{ lookup('keepass', 'woodpecker-oauth2-client-id', 'password') }}"
# WOODPECKER_GITEA_SECRET: "{{ lookup('keepass', 'woodpecker-oauth2-client-secret', 'password') }}"
# Redirect URL: https://ci.mgrote.net/authorize

######## Networks ########
networks:
  traefik:
    external: true
  intern:
    driver: bridge
drone -> woodpecker (#593) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/593 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-07 16:35:27 +01:00			`# https://woodpecker-ci.org/docs/administration/setup`
			`version: '3'`

			`services:`
			`woodpecker-server:`
docker_networks: replace self-written code with module (#599) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/599 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-12 21:53:11 +01:00			`restart: always`
drone -> woodpecker (#593) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/593 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-07 16:35:27 +01:00			`container_name: woodpecker-server`
chore(deps): pin dependencies (#660) This PR contains the following updates: \| Package \| Update \| Change \| \|---\|---\|---\| \| adamboutcher/statping-ng \| pinDigest \| -> `e32bd2e` \| \| docker.io/mongo \| pinDigest \| -> `656781d` \| \| httpd \| pinDigest \| -> `5201524` \| \| joxit/docker-registry-ui \| pinDigest \| -> `1cf12d4` \| \| [lscr.io/linuxserver/unifi-network-application](https://github.com/linuxserver/docker-unifi-network-application/packages) ([source](https://github.com/linuxserver/docker-unifi-network-application)) \| pinDigest \| -> `e673a61` \| \| mariadb \| pinDigest \| -> `e22328f` \| \| nextcloud \| pinDigest \| -> `4fdf4ee` \| \| nosduco/nforwardauth \| pinDigest \| -> `08fdb71` \| \| [photoprism/photoprism](https://github.com/photoprism/photoprism) \| pinDigest \| -> `cf45026` \| \| redis \| pinDigest \| -> `5372f30` \| \| [registry](https://github.com/distribution/distribution) \| pinDigest \| -> `bcece5d` \| \| registry.mgrote.net/nextcloud-cronjob \| pinDigest \| -> `9836e31` \| \| registry.mgrote.net/postfix \| pinDigest \| -> `8e0b6d8` \| \| registry.mgrote.net/python-api-server \| pinDigest \| -> `524c567` \| \| [traefik](https://github.com/containous/traefik) \| pinDigest \| -> `c5181dd` \| \| [woodpeckerci/woodpecker-agent](https://github.com/woodpecker-ci/woodpecker) \| pinDigest \| -> `b21c89a` \| \| [woodpeckerci/woodpecker-server](https://github.com/woodpecker-ci/woodpecker) \| pinDigest \| -> `4717456` \| --- > ⚠ Warning > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 Immortal: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNTIuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE1Mi4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=--> Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/660 Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> 2024-01-26 22:38:41 +01:00			`image: "woodpeckerci/woodpecker-server:v2.2.2@sha256:4717456849b41b6a0d3a429c062eab9eee9616839c24a67174dd812d9693b34c"`
drone -> woodpecker (#593) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/593 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-07 16:35:27 +01:00			`ports:`
			`- 8000:8000`
			`volumes:`
			`- server-data:/var/lib/woodpecker/`
			`environment:`
			`WOODPECKER_OPEN: false`
Woodpecker: finetuning (#595) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/595 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-08 13:20:55 +01:00			`WOODPECKER_HOST: https://ci.mgrote.net`
Domainumstellung: grote.lan -> mgrote.net (#613) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/613 2023-11-25 19:08:24 +01:00			`WOODPECKER_WEBHOOK_HOST: http://docker10.mgrote.net:8000`
drone -> woodpecker (#593) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/593 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-07 16:35:27 +01:00			`WOODPECKER_GITEA: true`
			`WOODPECKER_GITEA_URL: https://git.mgrote.net`
fix lookup syntax in docker-compose (#659) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/659 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2024-01-26 22:37:25 +01:00			`WOODPECKER_GITEA_CLIENT: "{{ lookup('keepass', 'woodpecker-oauth2-client-id', 'password') }}"`
			`WOODPECKER_GITEA_SECRET: "{{ lookup('keepass', 'woodpecker-oauth2-client-secret', 'password') }}"`
			`WOODPECKER_AGENT_SECRET: "{{ lookup('keepass', 'woodpecker-agent-secret', 'password') }}"`
drone -> woodpecker (#593) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/593 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-07 16:35:27 +01:00			`WOODPECKER_ADMIN: mg`
			`WOODPECKER_LOG_LEVEL: info`
			`WOODPECKER_DEBUG_PRETTY: true`
Woodpecker: finetuning (#595) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/595 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-08 13:20:55 +01:00			`networks:`
			`- intern`
			`- traefik`
drone -> woodpecker (#593) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/593 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-07 16:35:27 +01:00			`labels:`
			`com.centurylinklabs.watchtower.enable: true`

Woodpecker: finetuning (#595) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/595 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-08 13:20:55 +01:00			traefik.http.routers.woodpecker.rule: Host(`ci.mgrote.net`)
			`traefik.enable: true`
			`traefik.http.routers.woodpecker.tls: true`
			`traefik.http.routers.woodpecker.tls.certresolver: resolver_letsencrypt`
			`traefik.http.routers.woodpecker.entrypoints: entry_https`
			`traefik.http.services.woodpecker.loadbalancer.server.port: 8000`

			`traefik.http.routers.woodpecker.middlewares: woodpecker-ipwhitelist`

housekeeping (#641) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/641 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2024-01-22 22:01:08 +01:00			`traefik.http.middlewares.woodpecker-ipwhitelist.ipwhitelist.sourcerange: "192.168.2.0/24,10.25.25.0/24"`
Woodpecker: finetuning (#595) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/595 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-08 13:20:55 +01:00			`traefik.http.middlewares.woodpecker-ipwhitelist.ipwhitelist.ipstrategy.depth: 0 # https://doc.traefik.io/traefik/middlewares/http/ipwhitelist/#ipstrategydepth`


drone -> woodpecker (#593) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/593 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-07 16:35:27 +01:00			`woodpecker-agent:`
			`container_name: woodpecker-agent`
chore(deps): update woodpeckerci/woodpecker-agent docker tag to v2.2.2 (#668) This PR contains the following updates: \| Package \| Update \| Change \| \|---\|---\|---\| \| [woodpeckerci/woodpecker-agent](https://github.com/woodpecker-ci/woodpecker) \| patch \| `v2.2.1` -> `v2.2.2` \| --- > ⚠ Warning > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>woodpecker-ci/woodpecker (woodpeckerci/woodpecker-agent)</summary> ### [`v2.2.2`](https://github.com/woodpecker-ci/woodpecker/releases/tag/v2.2.2): 2.2.2 [Compare Source](https://github.com/woodpecker-ci/woodpecker/compare/v2.2.1...v2.2.2) #### [2.2.2](https://github.com/woodpecker-ci/woodpecker/releases/tag/2.2.2) - 2024-01-21 ##### Misc - build: fix nfpm path for server binary \[[#3246](https://github.com/woodpecker-ci/woodpecker/pull/3246)] </details> --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNTIuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE1Mi4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=--> Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/668 Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net> 2024-01-26 23:05:44 +01:00			`image: "woodpeckerci/woodpecker-agent:v2.2.2@sha256:26744e51b989b3885ffbcd8f1292fa1c47d1825c801973ea9aa714ad59003374"`
drone -> woodpecker (#593) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/593 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-07 16:35:27 +01:00			`command: agent`
			`restart: always`
			`depends_on:`
			`- woodpecker-server`
			`ports:`
			`- 3032:3000`
			`volumes:`
			`- agent-config:/etc/woodpecker`
			`- /var/run/docker.sock:/var/run/docker.sock`
			`environment:`
			`WOODPECKER_SERVER: woodpecker-server:9000`
fix lookup syntax in docker-compose (#659) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/659 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2024-01-26 22:37:25 +01:00			`WOODPECKER_AGENT_SECRET: "{{ lookup('keepass', 'woodpecker-agent-secret', 'password') }}"`
renovate: ignore friedhof (#678) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/678 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2024-01-26 23:22:12 +01:00			`WOODPECKER_MAX_WORKFLOWS: 20`
drone -> woodpecker (#593) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/593 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-07 16:35:27 +01:00			`WOODPECKER_DEBUG_PRETTY: true`
			`WOODPECKER_LOG_LEVEL: info`
			`WOODPECKER_HEALTHCHECK: true`
			`WOODPECKER_BACKEND: docker`
			`labels:`
			`com.centurylinklabs.watchtower.enable: true`
Woodpecker: finetuning (#595) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/595 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-08 13:20:55 +01:00			`networks:`
			`- intern`

drone -> woodpecker (#593) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/593 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-07 16:35:27 +01:00
			`volumes:`
			`server-data:`
			`agent-config:`

			`# git.mgrote.net -> Settings -> Applications -> woodpecker`
fix lookup syntax in docker-compose (#659) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/659 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2024-01-26 22:37:25 +01:00			`# WOODPECKER_GITEA_CLIENT: "{{ lookup('keepass', 'woodpecker-oauth2-client-id', 'password') }}"`
			`# WOODPECKER_GITEA_SECRET: "{{ lookup('keepass', 'woodpecker-oauth2-client-secret', 'password') }}"`
Woodpecker: finetuning (#595) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/595 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-11-08 13:20:55 +01:00			`# Redirect URL: https://ci.mgrote.net/authorize`

			`######## Networks ########`
			`networks:`
			`traefik:`
			`external: true`
			`intern:`
			`driver: bridge`