ci: 修复缓存卷冲突，添加 runner-default 缓存，隐藏 webhook token

gitea-runner-docker-compose.yml

@@ -0,0 +1,136 @@
+services:
+  gitea:
+    image: gitea/gitea:latest
+    container_name: gitea
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+      - GITEA__database__DB_TYPE=sqlite3
+      - GITEA__server__DOMAIN=git.dev.vifo.cc
+      - GITEA__server__ROOT_URL=https://git.dev.vifo.cc
+      - GITEA__server__SSH_DOMAIN=git.dev.vifo.cc
+      - GITEA__actions__ENABLED=true
+      - GITEA__webhook__ALLOWED_HOST_LIST=*
+        # 或者只允许特定网段：
+      # - GITEA__webhook__ALLOWED_HOST_LIST=172.22.0.0/16,172.17.0.0/16,localhost,127.0.0.1
+    restart: always
+    networks:
+      - gitea
+    volumes:
+      - ./gitea:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "3000:3000"
+      - "222:22"
+
+  # 可选：Gitea Actions Runner（执行 CI/CD 任务）
+  # 通用 Runner（保持默认）
+  runner-default:
+    image: gitea/act_runner:nightly
+    restart: always
+    container_name: runner-default
+    environment:
+      CONFIG_FILE: /config.yaml
+      GITEA_INSTANCE_URL: "https://git.dev.vifo.cc"
+      GITEA_RUNNER_REGISTRATION_TOKEN: "${GITEA_RUNNER_TOKEN}"
+      GITEA_RUNNER_NAME: "runner-default"
+      GITEA_RUNNER_LABELS: "ubuntu-latest:docker://node:20-slim"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /root/.docker:/root/.docker  # 共享 Docker 配置
+      - ./conf/config-default.yaml:/config.yaml
+      # npm/pnpm 缓存（用于前端任务）
+      - npm-cache:/root/.npm
+      - pnpm-store:/root/.local/share/pnpm/store
+      - pnpm-cache:/root/.cache/pnpm
+    networks:
+      - gitea
+
+  # Node.js 专用 Runner（前端项目）
+  runner-node:
+    image: gitea/act_runner:nightly
+    restart: always
+    container_name: runner-node
+    environment:
+      CONFIG_FILE: /config.yaml
+      GITEA_INSTANCE_URL: "https://git.dev.vifo.cc"
+      GITEA_RUNNER_REGISTRATION_TOKEN: "${GITEA_RUNNER_TOKEN}"
+      GITEA_RUNNER_NAME: "runner-node"
+      GITEA_RUNNER_LABELS: "node:docker://node:20-slim,ubuntu-latest:docker://node:20-slim"
+      HTTP_PROXY: http://192.168.31.125:7899
+      HTTPS_PROXY: http://192.168.31.125:7899
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /root/.docker:/root/.docker  # 共享 Docker 配置
+      - ./conf/config-node.yaml:/config.yaml
+      # npm 全局缓存（安装 pnpm 用）
+      - npm-cache:/root/.npm
+      # pnpm store 缓存（安装依赖用）
+      - pnpm-store:/root/.local/share/pnpm/store
+      # pnpm 全局包缓存
+      - pnpm-cache:/root/.cache/pnpm
+      # 构建产物输出目录（挂载到宿主机网站目录）
+      - /www/wwwroot/admin:/opt/builds
+
+    networks:
+      - gitea
+
+  # Java 专用 Runner（后端项目）
+  runner-java:
+    image: gitea/act_runner:nightly
+    container_name: runner-java
+    restart: always
+    environment:
+      CONFIG_FILE: /config.yaml
+      GITEA_INSTANCE_URL: "https://git.dev.vifo.cc"
+      GITEA_RUNNER_REGISTRATION_TOKEN: "${GITEA_RUNNER_TOKEN}"
+      GITEA_RUNNER_NAME: "runner-java"
+      GITEA_RUNNER_LABELS: "java:docker://maven:3.9-eclipse-temurin-17,ubuntu-latest:docker://maven:3.9-eclipse-temurin-17"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /root/.docker:/root/.docker  # 共享 Docker 配置
+      - ./conf/config-java.yaml:/config.yaml
+      - .cache:/root/.cache
+      # 缓存 Maven 依赖
+      - maven-repo:/root/.m2
+    networks:
+      - gitea
+
+  
+  
+  
+  
+  
+  
+  
+  webhook-bridge:
+    build:
+      context: ./webhook-bridge
+    container_name: gitea-dingtalk-bridge
+    restart: always
+    ports:
+      - "3001:3001"
+    environment:
+      - PORT=3001
+      - DINGTALK_WEBHOOK=${DINGTALK_WEBHOOK_URL}
+      # 如果需要加签，取消下面注释并设置密钥
+      # - DINGTALK_SECRET=your-secret
+    networks:
+      - gitea
+    healthcheck:
+      test: ["CMD", "wget", "-q", "--spider", "http://localhost:3001/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 10s
+
+
+volumes:
+  pnpm-store:
+  pnpm-cache:
+  npm-cache:
+  maven-repo:
+networks:
+  gitea:
+    external: false