Move to rootless
To enhance security I moved the Forgejo container to rootless; Port is changed because rootless cant use 22
This commit is contained in:
parent
36889e29a7
commit
53c22af8ff
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
podman pod create --name=forgejo \
|
podman pod create --name=forgejo \
|
||||||
-p 127.0.0.1:3000:3000 \
|
-p 127.0.0.1:3000:3000 \
|
||||||
-p 2222:22
|
-p 2222:2222
|
||||||
|
|
||||||
# PORTS:
|
# PORTS:
|
||||||
# - 3000 = WEB
|
# - 3000 = WEB
|
||||||
|
|
@ -23,15 +23,15 @@ podman create \
|
||||||
--pod=forgejo \
|
--pod=forgejo \
|
||||||
--name=forgejo_forgejo \
|
--name=forgejo_forgejo \
|
||||||
--volume=./data/forgejo:/data:Z \
|
--volume=./data/forgejo:/data:Z \
|
||||||
--cap-add=CAP_SYS_CHROOT \
|
-e 'GITEA_APP_INI=/data/gitea/conf/app.ini' \
|
||||||
|
-e 'GITEA_TEMP=/data/gitea/tmp' \
|
||||||
|
-e 'GITEA_CUSTOM=/data/gitea' \
|
||||||
|
-e 'GITEA_WORK_DIR=/app/gitea/gitea' \
|
||||||
-e 'GITEA__database__DB_TYPE=postgres' \
|
-e 'GITEA__database__DB_TYPE=postgres' \
|
||||||
-e 'GITEA__database__HOST=localhost' \
|
-e 'GITEA__database__HOST=localhost' \
|
||||||
-e 'GITEA__database__NAME=forgejo' \
|
-e 'GITEA__database__NAME=forgejo' \
|
||||||
-e 'GITEA__database__USER=forgejouser' \
|
-e 'GITEA__database__USER=forgejouser' \
|
||||||
--env-file=forgejo.env \
|
--env-file=forgejo.env \
|
||||||
codeberg.org/forgejo/forgejo:1.19
|
codeberg.org/forgejo/forgejo:1.19-rootless
|
||||||
|
|
||||||
# -e 'GITEA__database__PASSWD=YOUR_DB_PASSWORD' \
|
# -e 'GITEA__database__PASSWD=YOUR_DB_PASSWORD' \
|
||||||
|
|
||||||
# NOTE:
|
|
||||||
# --cap-add exists because of https://codeberg.org/forgejo/forgejo/issues/627
|
|
||||||
Loading…
Reference in a new issue