feat(ci): adiciona Forgejo Actions como alternativa ao GitHub Actions

Configura o Forgejo como plataforma de CI/CD self-hosted para evitar custos futuros do GitHub Actions (a partir de marco/2026). Arquivos adicionados: - .forgejo/workflows/ci-cd-web-desktop.yml: workflow principal de deploy - .forgejo/workflows/quality-checks.yml: lint, test e build - forgejo/stack.yml: stack Docker do Forgejo para Swarm - forgejo/setup-runner.sh: script de configuracao do runner - docs/FORGEJO-CI-CD.md: documentacao completa Forgejo rodando em: https://git.esdrasrenan.com.br 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-16 20:13:29 -03:00 · 2025-12-16 20:13:29 -03:00 · aaa64e339c
commit aaa64e339c
parent 771e25798d
5 changed files with 1037 additions and 0 deletions
--- a/forgejo/stack.yml
+++ b/forgejo/stack.yml
@ -0,0 +1,86 @@
+version: "3.8"
+
+# Forgejo para CI/CD self-hosted
+# Substitui o GitHub Actions sem perder a experiencia visual
+# NOTA: O runner roda como servico systemd, nao como container no Swarm
+
+services:
+  forgejo:
+    image: codeberg.org/forgejo/forgejo:11
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+      # Configuracoes do Forgejo
+      - FORGEJO__database__DB_TYPE=sqlite3
+      - FORGEJO__database__PATH=/data/gitea/forgejo.db
+      - FORGEJO__server__DOMAIN=git.esdrasrenan.com.br
+      - FORGEJO__server__ROOT_URL=https://git.esdrasrenan.com.br/
+      - FORGEJO__server__SSH_DOMAIN=git.esdrasrenan.com.br
+      - FORGEJO__server__SSH_PORT=2222
+      - FORGEJO__server__HTTP_PORT=3000
+      - FORGEJO__server__OFFLINE_MODE=false
+      # Actions habilitado
+      - FORGEJO__actions__ENABLED=true
+      - FORGEJO__actions__DEFAULT_ACTIONS_URL=https://code.forgejo.org
+      # Seguranca - INSTALL_LOCK=true apos instalacao inicial
+      - FORGEJO__security__INSTALL_LOCK=true
+      - FORGEJO__service__DISABLE_REGISTRATION=true
+      # Logs
+      - FORGEJO__log__MODE=console
+      - FORGEJO__log__LEVEL=Info
+    volumes:
+      - forgejo_data:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    networks:
+      - traefik_public
+      - forgejo_internal
+    ports:
+      # SSH para git clone via SSH (exposto diretamente)
+      - "2222:2222"
+    deploy:
+      mode: replicated
+      replicas: 1
+      update_config:
+        parallelism: 1
+        order: start-first
+        failure_action: rollback
+        delay: 10s
+        monitor: 30s
+      resources:
+        limits:
+          memory: "1G"
+        reservations:
+          memory: "256M"
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
+      placement:
+        constraints:
+          - node.role == manager
+      labels:
+        - traefik.enable=true
+        - traefik.docker.network=traefik_public
+        # Web UI
+        - traefik.http.routers.forgejo.rule=Host(`git.esdrasrenan.com.br`)
+        - traefik.http.routers.forgejo.entrypoints=websecure
+        - traefik.http.routers.forgejo.tls=true
+        - traefik.http.routers.forgejo.tls.certresolver=le
+        - traefik.http.services.forgejo.loadbalancer.server.port=3000
+    healthcheck:
+      test: ["CMD", "curl", "-fsSL", "http://localhost:3000/api/healthz"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 60s
+
+volumes:
+  forgejo_data:
+
+networks:
+  traefik_public:
+    external: true
+  forgejo_internal:
+    driver: overlay