initial commit
This commit is contained in:
12
.env.sample
Normal file
12
.env.sample
Normal file
@@ -0,0 +1,12 @@
|
||||
# Domain name for your OneDev instance
|
||||
DOMAIN=git.yourdomain.com
|
||||
|
||||
# Email for Let's Encrypt certificate recovery.
|
||||
# LEAVE BLANK if you do not want HTTPS/SSL and just want plain HTTP.
|
||||
EMAIL=
|
||||
|
||||
# OneDev version tag
|
||||
ONEDEV_VERSION=latest
|
||||
|
||||
# Port exposed to the host for Git SSH connections
|
||||
SSH_PORT=6611
|
||||
10
.gitignore
vendored
Normal file
10
.gitignore
vendored
Normal file
@@ -0,0 +1,10 @@
|
||||
.env
|
||||
.DS_Store
|
||||
Thumbs.db
|
||||
|
||||
# Ignore generated proxy config
|
||||
Caddyfile
|
||||
|
||||
# Ignore custom certificates
|
||||
certs/*
|
||||
!certs/.gitkeep
|
||||
36
README.md
Normal file
36
README.md
Normal file
@@ -0,0 +1,36 @@
|
||||
# OneDev Auto-Deployer
|
||||
|
||||
A production-ready Docker Compose setup for [OneDev](https://onedev.io/), utilizing Docker volumes for data management and Caddy for automatic SSL and reverse proxying.
|
||||
|
||||
## Prerequisites
|
||||
- Docker & Docker Compose installed.
|
||||
- Ports `80`, `443`, and `6611` open on your firewall.
|
||||
- Your domain's DNS A-Record pointing to your server's IP address.
|
||||
|
||||
## Deployment
|
||||
|
||||
1. Clone this repository and enter the directory.
|
||||
2. Run the initial setup:
|
||||
```bash
|
||||
chmod +x run.sh
|
||||
./run.sh
|
||||
```
|
||||
3. The script will create a `.env` file. Edit this file and set your `DOMAIN` and `EMAIL`.
|
||||
4. Run `./run.sh` again to start the services.
|
||||
|
||||
## SSL & HTTP Configuration
|
||||
This deployment handles routing automatically via Caddy:
|
||||
1. **Auto SSL (Let's Encrypt):** If you provide an `EMAIL` in the `.env` file, Caddy will automatically fetch and renew an SSL certificate.
|
||||
2. **Custom SSL:** If you place `cert.pem` and `key.pem` inside the `certs/` folder, Caddy will use those instead.
|
||||
3. **Plain HTTP:** If you leave `EMAIL` completely blank in the `.env` file and provide no custom certificates, Caddy will serve the site over plain HTTP on port 80.
|
||||
|
||||
## Custom SSL Certificates (Optional)
|
||||
By default, the script will automatically obtain a Let's Encrypt certificate for your domain.
|
||||
|
||||
If you want to use your own certificates:
|
||||
1. Place your certificate and key inside the `certs/` folder.
|
||||
2. Rename them to exactly `cert.pem` and `key.pem`.
|
||||
3. Run `./run.sh`. The script will detect them and use them instead of Let's Encrypt.
|
||||
|
||||
## Managing Data
|
||||
Data is stored securely in Docker managed volumes. To back up your OneDev data, you need to back up the `onedev_data` docker volume.
|
||||
0
certs/.gitkeep
Normal file
0
certs/.gitkeep
Normal file
35
docker-compose.yml
Normal file
35
docker-compose.yml
Normal file
@@ -0,0 +1,35 @@
|
||||
version: '3.8'
|
||||
|
||||
services:
|
||||
caddy:
|
||||
image: caddy:2-alpine
|
||||
container_name: onedev-proxy
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
environment:
|
||||
- DOMAIN=${DOMAIN}
|
||||
- EMAIL=${EMAIL}
|
||||
volumes:
|
||||
- ./Caddyfile:/etc/caddy/Caddyfile:ro
|
||||
- ./certs:/certs:ro
|
||||
- caddy_data:/data
|
||||
- caddy_config:/config
|
||||
depends_on:
|
||||
- onedev
|
||||
|
||||
onedev:
|
||||
image: 1dev/server:${ONEDEV_VERSION:-latest}
|
||||
container_name: onedev
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "${SSH_PORT:-6611}:6611"
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- onedev_data:/opt/onedev
|
||||
|
||||
volumes:
|
||||
onedev_data:
|
||||
caddy_data:
|
||||
caddy_config:
|
||||
66
run.sh
Normal file
66
run.sh
Normal file
@@ -0,0 +1,66 @@
|
||||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
echo "🚀 Starting OneDev Deployment..."
|
||||
|
||||
# 1. Handle Environment Variables
|
||||
if [ ! -f .env ]; then
|
||||
echo "📄 .env file not found. Creating one from .env.example..."
|
||||
cp .env.example .env
|
||||
echo "⚠️ Please edit the .env file with your DOMAIN (and EMAIL for SSL), then run this script again."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Load environment variables
|
||||
source .env
|
||||
|
||||
# 2. Handle Reverse Proxy and SSL Configuration
|
||||
mkdir -p certs
|
||||
echo "🔒 Configuring Reverse Proxy..."
|
||||
|
||||
if [ -f "certs/cert.pem" ] && [ -f "certs/key.pem" ]; then
|
||||
echo "✅ Custom SSL certificates detected. Configuring Caddy to use custom TLS."
|
||||
cat <<EOF > Caddyfile
|
||||
{\$DOMAIN} {
|
||||
tls /certs/cert.pem /certs/key.pem
|
||||
reverse_proxy onedev:6610
|
||||
}
|
||||
EOF
|
||||
elif [ -n "$EMAIL" ]; then
|
||||
echo "🌐 No custom certs found, but EMAIL is set. Auto-provisioning Let's Encrypt SSL."
|
||||
cat <<EOF > Caddyfile
|
||||
{\$DOMAIN} {
|
||||
tls {\$EMAIL}
|
||||
reverse_proxy onedev:6610
|
||||
}
|
||||
EOF
|
||||
else
|
||||
echo "⚠️ No custom certs and no EMAIL provided. Configuring for plain HTTP."
|
||||
cat <<EOF > Caddyfile
|
||||
http://{\$DOMAIN} {
|
||||
reverse_proxy onedev:6610
|
||||
}
|
||||
EOF
|
||||
fi
|
||||
|
||||
# 3. Determine docker compose command
|
||||
if command -v docker-compose &> /dev/null; then
|
||||
COMPOSE_CMD="docker-compose"
|
||||
elif docker --help | grep -q "compose"; then
|
||||
COMPOSE_CMD="docker compose"
|
||||
else
|
||||
echo "❌ Error: Docker Compose not found."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# 4. Deploy
|
||||
echo "🐳 Pulling images and starting containers..."
|
||||
$COMPOSE_CMD pull
|
||||
$COMPOSE_CMD up -d
|
||||
|
||||
echo "✅ Deployment complete!"
|
||||
if [ -n "$EMAIL" ] || ([ -f "certs/cert.pem" ] && [ -f "certs/key.pem" ]); then
|
||||
echo "🌐 Access your server securely at: https://${DOMAIN}"
|
||||
else
|
||||
echo "🌐 Access your server at: http://${DOMAIN}"
|
||||
fi
|
||||
Reference in New Issue
Block a user