一些容器服务的部署记录

本文记录了我常用的容器服务的部署配置，为便于服务迁移，所有持久化数据均存储在当前目录下。对于配置较为复杂的服务，会单独详细说明。

Alist

警告：alist 最后的安全版本为 v3.40.0，请勿部署更高版本

详情参考：https://github.com/AlistGo/alist/issues/8649

services:
  alist:
    image: xhofe/alist:v3.40.0
    container_name: alist
    volumes:
      - ./data/data:/opt/alist/data
      - ./data/mnt:/mnt/data  # 本机挂载目录，如果仅挂载网盘则不需要，大盘鸡可以加上
    environment:
      - USER_UID=${USER_UID}
      - USER_GID=${USER_GID}
    ports:
      - "5244:5244"
    restart: unless-stopped

Drone

Drone 是一个基于容器的持续集成平台，支持与 Gitea 等代码托管平台集成。

services:
  drone-server:
    container_name: ${DRONE_SERVER_CONTAINER_NAME}
    image: ${DRONE_SERVER_IMAGE}
    ports:
      - ${DRONE_SERVER_PORT_MAPPING}
    # 映射容器内/data目录到宿主机的/data/drone目录
    volumes:
      - ${DRONE_SERVER_DATA_VOLUME}
    environment:
      # Gitea 服务器地址
      - DRONE_GITEA_SERVER=${GITEA_SERVER_URL}
      # Gitea OAuth2客户端ID
      - DRONE_GITEA_CLIENT_ID=${GITEA_CLIENT_ID}
      # Gitea OAuth2客户端密钥
      - DRONE_GITEA_CLIENT_SECRET=${GITEA_CLIENT_SECRET}
      # drone的共享密钥
      - DRONE_RPC_SECRET=${DRONE_RPC_SECRET}
      # drone的主机名
      - DRONE_SERVER_HOST=${DRONE_SERVER_HOST}
      # 外部协议方案
      - DRONE_SERVER_PROTO=${DRONE_SERVER_PROTO}
      # 创建管理员账户，这里对应为gitea的用户名
      - DRONE_USER_CREATE=username:${DRONE_ADMIN_USERNAME},admin:true
    restart: ${RESTART_POLICY}

  docker-runner:
    container_name: ${DRONE_RUNNER_CONTAINER_NAME}
    image: ${DRONE_RUNNER_IMAGE}
    ports:
      - ${DRONE_RUNNER_PORT_MAPPING}
    depends_on:
      - drone-server
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      # 用于连接到Drone服务器的协议。该值必须是http或https。
      - DRONE_RPC_PROTO=${DRONE_RPC_PROTO}
      # 用于连接到Drone服务器的主机名
      - DRONE_RPC_HOST=${DRONE_RPC_HOST}
      # Drone服务器进行身份验证的共享密钥，和上面设置一样
      - DRONE_RPC_SECRET=${DRONE_RPC_SECRET}
      # 限制运行程序可以执行的并发管道数。运行程序默认情况下执行2个并发管道。
      - DRONE_RUNNER_CAPACITY=${DRONE_RUNNER_CAPACITY}
      # docker runner 名称
      - DRONE_RUNNER_NAME=${DRONE_RUNNER_NAME}
    restart: ${RESTART_POLICY}

# Drone Server Configuration
DRONE_SERVER_CONTAINER_NAME=drone-server
DRONE_SERVER_IMAGE=drone/drone:2
DRONE_SERVER_PORT_MAPPING=8082:80
DRONE_SERVER_DATA_VOLUME=./data:/data
RESTART_POLICY=unless-stopped

# Gitea Integration
GITEA_SERVER_URL=https://xxxx.com
GITEA_CLIENT_ID=xxxxx
GITEA_CLIENT_SECRET=xxxx

# Drone Server Settings
DRONE_RPC_SECRET=xxxx
DRONE_SERVER_HOST=xxxx
DRONE_SERVER_PROTO=https
DRONE_ADMIN_USERNAME=xxxx

# Drone Runner Configuration
DRONE_RUNNER_CONTAINER_NAME=docker-runner
DRONE_RUNNER_IMAGE=drone/drone-runner-docker:1
DRONE_RUNNER_PORT_MAPPING=7080:3000

# Drone Runner Settings
DRONE_RPC_PROTO=https
DRONE_RPC_HOST=xxxx
DRONE_RUNNER_CAPACITY=2
DRONE_RUNNER_NAME=docker-runner-1

Gitea

Gitea 是一个轻量级的 Git 代码托管服务，提供了完整的代码管理功能。

services:
  server:
    image: docker.io/gitea/gitea:1.22.6
    container_name: gitea
    env_file:
      - .env
    volumes:
      - ./data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    environment:
      - USER_UID=${USER_UID}
      - USER_GID=${USER_GID}
    ports:
      - "3000:3000"
      - "22:22"
    restart: unless-stopped

Vaultwarden

Vaultwarden 是 Bitwarden 服务器的非官方实现，提供密码管理服务。

services:
  vaultwarden:
    image: vaultwarden/server:1.33.2-alpine
    container_name: "vaultwarden"
    ports:
      - "10086:80"
    volumes:
      - ./data:/data
    environment:
      USER_UID: ${USER_UID}
      USER_GID: ${USER_GID}
      SIGNUPS_ALLOWED: "true" # 创建账户后改为 "false" 禁止陌生人注册
    restart: always