3821f45d63
All checks were successful
Update Automation Tests / Integration Tests (pull_request) Successful in 33s
4.1 KiB
4.1 KiB
Application Stack Diagram
This diagram shows the Docker containers running on the EC2 instance and their relationships.
%%{init: {'theme':'base', 'themeVariables': { 'primaryColor':'#e5e7eb','primaryTextColor':'#111827','primaryBorderColor':'#9ca3af','lineColor':'#111827','secondaryColor':'#d1d5db','tertiaryColor':'#f3f4f6','edgeLabelBackground':'#ffffff','mainBkg':'#f5f5f4','nodeBorder':'#9ca3af','background':'#f5f5f4','clusterBkg':'transparent'},'themeCSS':'.node rect, .node circle, .node ellipse, .node polygon, .node path { filter: none !important; box-shadow: none !important; } .cluster rect { filter: none !important; box-shadow: none !important; } svg { background-color: #f5f5f4 !important; } .cluster-label { background-color: #ffffff !important; padding: 6px 12px !important; border-radius: 4px !important; font-size: 16px !important; font-weight: 700 !important; box-shadow: 0 1px 3px rgba(0,0,0,0.12) !important; border: 1px solid #d1d5db !important; } .edgePath, .edgePath path, .flowchart-link { z-index: 1 !important; }'}}%%
graph TB
User([User])
LetsEncrypt[Let's Encrypt<br/>SSL Certs]
subgraph EC2["EC2 Instance"]
subgraph Docker["Docker Compose"]
Nginx[Nginx<br/>Port 80, 443]
Gitea[Gitea<br/>Port 3000, 2222]
Postgres[(PostgreSQL<br/>Port 5432)]
Certbot[Certbot<br/>SSL Renewal]
DIUN[DIUN<br/>Update Monitor]
Nginx -->|Reverse Proxy| Gitea
Gitea -->|Database Connection| Postgres
DIUN -.->|Monitors for Updates| Nginx
DIUN -.->|Monitors for Updates| Gitea
DIUN -.->|Monitors for Updates| Postgres
Certbot -.->|Renews Certificates| Nginx
end
subgraph Systemd["Systemd Services"]
Runner1[act_runner-1<br/>CI/CD Runner]
Runner2[act_runner-2<br/>CI/CD Runner]
Runner1 -.->|Executes Workflows| Gitea
Runner2 -.->|Executes Workflows| Gitea
end
end
User -->|HTTPS| Nginx
User -->|Git SSH| Gitea
LetsEncrypt -.->|Certificate Authority| Certbot
style EC2 fill:#e5e7eb,stroke:#4b5563,stroke-width:2px,stroke-dasharray: 5 5
style Docker fill:#d1d5db,stroke:#4b5563,stroke-width:2px,stroke-dasharray: 5 5
style Systemd fill:#d1d5db,stroke:#4b5563,stroke-width:2px,stroke-dasharray: 5 5
style Nginx fill:#10B981,stroke:#333,stroke-width:1px,color:#fff
style Gitea fill:#3B82F6,stroke:#333,stroke-width:1px,color:#fff
style Postgres fill:#8B5CF6,stroke:#333,stroke-width:1px,color:#fff
style DIUN fill:#F59E0B,stroke:#333,stroke-width:1px,color:#fff
style Certbot fill:#6366F1,stroke:#333,stroke-width:1px,color:#fff
style Runner1 fill:#EF4444,stroke:#333,stroke-width:1px,color:#fff
style Runner2 fill:#EF4444,stroke:#333,stroke-width:1px,color:#fff
Components
Docker Containers
- Nginx: Reverse proxy handling SSL termination and routing to Gitea
- Gitea: Git server application with Actions enabled (HTTP: 3000, SSH: 2222)
- PostgreSQL: Database storing repositories metadata, users, issues
- DIUN: Monitors Docker Hub for image updates, sends email notifications
- Certbot: Handles Let's Encrypt SSL certificate renewal
Systemd Services
- act_runner-1: First Gitea Actions runner for CI/CD workflows
- act_runner-2: Second Gitea Actions runner for CI/CD workflows
Container Communication
- All containers in the same Docker network (
gitea-network) - Nginx proxies HTTPS requests to Gitea's internal port 3000
- Gitea connects to PostgreSQL via container name (
postgres) - DIUN monitors containers based on labels (
diun.enable=true) - Certbot shares volumes with nginx for certificate storage
- Runners connect to Gitea via
http://localhost:3000
Data Persistence
Docker volumes ensure data survives container restarts:
gitea-data: Git repositories and uploadsgitea_postgres-data: PostgreSQL database filescertbot-etc: Let's Encrypt certificatescertbot-var: Certbot working directoryweb-root: ACME challenge files for SSL verification