basic forgejo in podman container on coreos

forgejo/main.tf

@@ -0,0 +1,67 @@
+terraform {
+  required_providers {
+    libvirt = {
+      source = "dmacvicar/libvirt"
+      version = "0.7.6"
+    }
+  }
+}
+
+provider "libvirt" {
+  uri = "qemu:///system"
+}
+
+resource "libvirt_volume" "fcos" {
+  name   = "fcos"
+  pool   = "default"
+  source = "fedora-coreos-39.20240128.3.0-qemu.x86_64.qcow2"
+  format = "qcow2"
+}
+resource "libvirt_volume" "forgejo_rootfs" {
+  name           = "forgejo_rootfs"
+  base_volume_id = libvirt_volume.fcos.id
+}
+
+resource "libvirt_volume" "data" {
+  name   = "data.qcow2"
+  pool   = "default"
+  size   = 354334801920
+  format = "qcow2"
+  lifecycle {
+    prevent_destroy = true
+  }
+}
+
+resource "libvirt_ignition" "ign" {
+  name    = "service.ign"
+  content = "service.ign"
+}
+
+resource "libvirt_domain" "default" {
+  name      = "forgejo"
+  autostart = true
+  memory    = "2048"
+  vcpu      = 2
+
+  coreos_ignition = libvirt_ignition.ign.id
+
+  disk {
+    volume_id = "${libvirt_volume.forgejo_rootfs.id}"
+  }
+  disk {
+    volume_id = "${libvirt_volume.data.id}"
+  }
+  network_interface {
+    network_name   = "default"
+    hostname       = "forgejo"
+    addresses      = ["192.168.122.150"]
+    mac            = "A6:3A:5E:C4:5A:C3"
+    wait_for_lease = true
+  }
+  console {
+    type        = "pty"
+    target_port = "0"
+    target_type = "virtio"
+    source_path = "/dev/pts/24"
+  }
+}

forgejo/service.bu

@@ -0,0 +1,57 @@
+variant: fcos
+version: 1.5.0
+passwd:
+  users:
+    - name: vladan
+      ssh_authorized_keys:
+        - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEFtUc2UvKFGSSlP3RRXUIToDYh8a8pg5DqDkJS+nBTG vladan@jenga
+      password_hash: "$y$j9T$kBtBBkINmXh6lxmBqCJkr1$bA1fjZ5pC4CUr6VUnRe2FAWrW5tb6lfX/7.38axa5S3"
+      groups:
+        - wheel
+      shell: /bin/bash
+storage:
+  disks:
+    - device: /dev/vdb
+      wipe_table: false
+      partitions:
+        - number: 1
+          label: forgejo
+          start_mib: 0
+          size_mib: 30000
+  filesystems:
+    - path: /var/lib/forgejo
+      device: /dev/disk/by-partlabel/forgejo
+      format: xfs
+      label: data
+      with_mount_unit: true
+      wipe_filesystem: false
+  files:
+    - path: /etc/hostname
+      mode: 0644
+      contents:
+        inline: forge.hklbgd.org
+    - path: /etc/forgejo/app.ini
+      contents:
+        local: app.ini
+    - path: /etc/containers/systemd/forgejo.container
+      contents:
+        inline: |
+          [Unit]
+          Description=Forgejo: Beyond coding. We forge.
+          After=network-online.target
+          Wants=network-online.target
+
+          [Service]
+          TimeoutStartSec=60
+
+          [Container]
+          ContainerName=forgejo
+          Image=codeberg.org/forgejo/forgejo:1.21.5-0
+          Volume=/var/lib/forgejo:/data:z
+          Volume=/etc/forgejo/app.ini:/data/gitea/conf/app.ini:z
+          PublishPort=3000:3000
+          PublishPort=3022:22
+
+          [Install]
+          # Start by default on boot
+          WantedBy=multi-user.target default.target