From 4968cb04c31cd24379ee7f13ac8f98b27b6321fa Mon Sep 17 00:00:00 2001 From: Malin Date: Tue, 24 Feb 2026 10:36:04 +0100 Subject: [PATCH] feat: Gitea Actions CI/CD pipeline with container registry builds MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - .gitea/workflows/docker.yml: builds and pushes image to devops.cloudhost.es/malin/paste.es on every push to main, tags as :latest and :, uses GHA layer cache - docker-compose.yml: updated to pull pre-built image from Gitea container registry instead of building locally - docker-compose.build.yml: new override file for local dev builds (docker compose -f docker-compose.yml -f docker-compose.build.yml up --build) - docker-compose.runner.yml: act_runner service — mount docker socket, auto-registers with RUNNER_REGISTRATION_TOKEN from .env - .env.example: added RUNNER_REGISTRATION_TOKEN section - README.md: document CI/CD setup, runner registration, and updated quick-start to use registry pull workflow Co-Authored-By: Claude Sonnet 4.6 --- .env.example | 9 +++++ .gitea/workflows/docker.yml | 44 +++++++++++++++++++++ README.md | 76 +++++++++++++++++++++++++++---------- docker-compose.build.yml | 11 ++++++ docker-compose.runner.yml | 26 +++++++++++++ docker-compose.yml | 4 +- 6 files changed, 148 insertions(+), 22 deletions(-) create mode 100644 .gitea/workflows/docker.yml create mode 100644 docker-compose.build.yml create mode 100644 docker-compose.runner.yml diff --git a/.env.example b/.env.example index b770f77..1477521 100644 --- a/.env.example +++ b/.env.example @@ -117,3 +117,12 @@ HEMMELIG_ANALYTICS_ENABLED=false # ----------------------------------------------------------------------------- # (Los webhooks se configuran desde el panel de administración en /dashboard/instance) + + +# ----------------------------------------------------------------------------- +# GITEA ACTIONS RUNNER — Solo necesario si ejecutas el runner en este servidor +# Obtén el token en: https://devops.cloudhost.es/Malin/paste.es/settings/actions/runners +# Luego arranca con: docker compose -f docker-compose.runner.yml up -d +# ----------------------------------------------------------------------------- + +# RUNNER_REGISTRATION_TOKEN= diff --git a/.gitea/workflows/docker.yml b/.gitea/workflows/docker.yml new file mode 100644 index 0000000..363b9c6 --- /dev/null +++ b/.gitea/workflows/docker.yml @@ -0,0 +1,44 @@ +name: Build and Push Docker Image + +on: + push: + branches: + - main + workflow_dispatch: + +jobs: + build: + name: Build & push to Gitea registry + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to Gitea Container Registry + uses: docker/login-action@v3 + with: + registry: devops.cloudhost.es + username: ${{ gitea.actor }} + password: ${{ secrets.GITEA_TOKEN }} + + - name: Extract image metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: devops.cloudhost.es/malin/paste.es + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=sha,prefix=,format=short + + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + cache-from: type=gha + cache-to: type=gha,mode=max diff --git a/README.md b/README.md index 850b8f3..f36e9a6 100644 --- a/README.md +++ b/README.md @@ -34,37 +34,43 @@ Servicio de compartición de secretos efímeros y cifrados para el público hisp ## Inicio rápido -### Docker Compose (recomendado) +### Docker Compose — imagen desde el registro (recomendado en producción) + +Cada push a `main` construye y publica automáticamente la imagen en el registro de contenedores de Gitea. En el servidor de producción solo necesitas hacer pull: ```bash git clone https://devops.cloudhost.es/Malin/paste.es.git cd paste.es +# Autentícate en el registro de Gitea +docker login devops.cloudhost.es + # Copia y edita el fichero de entorno cp .env.example .env -# Edita .env con tus valores (ver sección Configuración) -# Construye y arranca -docker compose up -d --build +# Descarga la imagen y arranca +docker compose pull +docker compose up -d +``` + +Para actualizar a la última versión: + +```bash +docker compose pull && docker compose up -d +``` + +### Docker Compose — compilación local (desarrollo) + +```bash +git clone https://devops.cloudhost.es/Malin/paste.es.git +cd paste.es +cp .env.example .env + +docker compose -f docker-compose.yml -f docker-compose.build.yml up -d --build ``` El servicio quedará disponible en `http://localhost:3000`. -### Docker (imagen directa) - -```bash -docker run -d \ - --name paste-es \ - -p 3000:3000 \ - -v paste-data:/app/database \ - -v paste-uploads:/app/uploads \ - -e DATABASE_URL="file:/app/database/paste.db" \ - -e BETTER_AUTH_SECRET="$(openssl rand -base64 32)" \ - -e BETTER_AUTH_URL="https://paste.es" \ - -e HEMMELIG_INSTANCE_NAME="paste.es" \ - ghcr.io/cloudhost-es/paste.es:latest -``` - --- ## Configuración @@ -106,6 +112,38 @@ npm run dev # Terminal 2 — cliente Vite con HMR --- +## CI/CD — Gitea Actions + registro de contenedores + +El repositorio incluye un pipeline en `.gitea/workflows/docker.yml` que: + +1. Se activa en cada push a `main` (o manualmente desde la UI de Gitea) +2. Construye la imagen Docker con caché de capas +3. La publica en el registro de contenedores de Gitea como `devops.cloudhost.es/malin/paste.es:latest` y `devops.cloudhost.es/malin/paste.es:` + +### Requisitos previos + +**1. Habilitar Gitea Actions** en el repositorio: +> Settings → Actions → Enable repository actions + +**2. Arrancar un act_runner** (ejecutor del pipeline). Obtén el token en: +> Settings → Actions → Runners → Create Runner Token + +Añádelo a `.env` y arranca el runner: + +```bash +# En .env: +RUNNER_REGISTRATION_TOKEN= + +docker compose -f docker-compose.runner.yml up -d +``` + +El runner se registra automáticamente y queda disponible para ejecutar workflows. + +**3. El siguiente push a `main`** disparará la build automáticamente. Puedes seguirla en: +> Gitea → Actions → Workflows + +--- + ## Despliegue en producción ### Detrás de un proxy inverso (Nginx / Caddy) diff --git a/docker-compose.build.yml b/docker-compose.build.yml new file mode 100644 index 0000000..153c67d --- /dev/null +++ b/docker-compose.build.yml @@ -0,0 +1,11 @@ +# Local build override — use this during development instead of pulling from the registry. +# +# Usage: +# docker compose -f docker-compose.yml -f docker-compose.build.yml up -d --build + +services: + paste-es: + build: + context: . + dockerfile: Dockerfile + image: devops.cloudhost.es/malin/paste.es:latest diff --git a/docker-compose.runner.yml b/docker-compose.runner.yml new file mode 100644 index 0000000..9ba96eb --- /dev/null +++ b/docker-compose.runner.yml @@ -0,0 +1,26 @@ +# Gitea act_runner — CI/CD executor for Gitea Actions +# +# Setup steps: +# 1. Get a runner registration token from: +# https://devops.cloudhost.es/Malin/paste.es/settings/actions/runners +# 2. Add it to your .env file: +# RUNNER_REGISTRATION_TOKEN= +# 3. Start the runner: +# docker compose -f docker-compose.runner.yml up -d +# +# The runner registers itself automatically on first start. +# After that, push to main and the docker.yml workflow will fire. + +services: + act-runner: + image: gitea/act_runner:latest + container_name: paste-es-act-runner + restart: unless-stopped + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ./data/runner:/data + environment: + - GITEA_INSTANCE_URL=https://devops.cloudhost.es + - GITEA_RUNNER_REGISTRATION_TOKEN=${RUNNER_REGISTRATION_TOKEN} + - GITEA_RUNNER_NAME=paste-es-runner + - GITEA_RUNNER_LABELS=ubuntu-latest:docker://node:20-bullseye diff --git a/docker-compose.yml b/docker-compose.yml index 5743e9d..0881ad0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,8 +1,6 @@ services: paste-es: - build: - context: . - dockerfile: Dockerfile + image: devops.cloudhost.es/malin/paste.es:latest container_name: paste-es restart: unless-stopped env_file: