# sx-gitea live service — the federated git forge (lib/gitea) served by the # native http-listen server via lib/gitea/serve.sh. Joins externalnet so Caddy # can reverse_proxy sx.sx-web.org to it. Durable state on a host dir. # # Usage: # sudo mkdir -p /root/sx-gitea-persist && sudo chown 10001:10001 /root/sx-gitea-persist # docker compose -p sx-gitea -f docker-compose.dev-sx-gitea.yml up -d # docker compose -p sx-gitea -f docker-compose.dev-sx-gitea.yml logs -f # docker compose -p sx-gitea -f docker-compose.dev-sx-gitea.yml down services: sx_gitea: image: registry.rose-ash.com:5000/sx_docs:latest container_name: sx-gitea-1 entrypoint: ["bash", "/app/lib/gitea/serve.sh"] working_dir: /app environment: SX_PROJECT_DIR: /app SX_SERVER: /app/bin/sx_server HOST_PORT: "8000" # Bind all interfaces so Caddy (on externalnet) can reach it. SX_HTTP_HOST: "0.0.0.0" # Durable persist store root — repos/issues/PRs/tokens survive restarts. SX_PERSIST_DIR: /data/persist # Forge identity + admin. The token gates every mutation (repo create, # push, issues, PRs) — rotate by editing here and recreating. SX_INSTANCE: "sx.sx-web.org" SX_GITEA_ADMIN: "giles" SX_GITEA_TOKEN: "sxg-9f2e6c81a4d35b07" OCAMLRUNPARAM: "b" # Serving JIT stays OFF for the forge until validated under it. volumes: - ./spec:/app/spec:ro - ./lib:/app/lib:ro - ./hosts/ocaml/_build/default/bin/sx_server.exe:/app/bin/sx_server:ro - /root/sx-gitea-persist:/data/persist networks: - externalnet - default restart: unless-stopped networks: externalnet: external: true