Woodpecker CI:简单而强大的 CI/CD 引擎
woodpecker 的 docker-compose.yml 文件内容为:
# https://github.com/woodpecker-ci/woodpecker
version: '3'
volumes:
woodpecker-data:
services:
woodpecker-server:
image: woodpeckerci/woodpecker-server:latest
container_name: woodpecker-server
restart: unless-stopped
ports:
- 8000:8000
volumes:
- woodpecker-data:/var/lib/woodpecker/
env_file:
- ./.env
woodpecker-agent:
image: woodpeckerci/woodpecker-agent:latest
container_name: woodpecker-agent
restart: unless-stopped
command: agent
depends_on:
- woodpecker-server
volumes:
- /var/run/docker.sock:/var/run/docker.sock
env_file:
- ./.env
.env
# server
WOODPECKER_OPEN=true
## format: <scheme>://<hostname>
WOODPECKER_HOST=
WOODPECKER_AGENT_SECRET=
WOODPECKER_GITEA=true
WOODPECKER_GITEA_URL=
WOODPECKER_GITEA_CLIENT=
WOODPECKER_GITEA_SECRET=
# client
WOODPECKER_SERVER=woodpecker-server:9000
# CUSTOM
TZ=Asia/Shanghai
nginx 代理
server {
listen 80;
listen 443 ssl http2;
server_name woodpecker.mydomain.com;
if ($server_port !~ 443){
rewrite ^(/.*)$ https://$host$1 permanent;
}
index index.php index.html index.htm default.php default.htm default.html;
#禁止访问的文件或目录
location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)
{
return 404;
}
#一键申请SSL证书验证目录相关设置
location ~ \.well-known{
allow all;
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://127.0.0.1:30009;
}
#HTTP_TO_HTTPS_END
ssl_certificate ssl/mydomain.com.fullchain.cer;
ssl_certificate_key ssl/mydomain.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5:!EXP;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:2m;
ssl_session_timeout 10m;
error_page 497 https://$host$request_uri;
#HTTP_TO_HTTPS_END
access_log /data/wwwlogs/woodpecker.mydomain.com_access.log;
error_log /data/wwwlogs/woodpecker.mydomain.com_error.log;
}
参考内容: