use bitnami chart for gitea
This commit is contained in:
parent
82e4684d52
commit
1f42289025
GPG Key ID:
568F326C7EB33ACB
|
|
@ -1,60 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: gitea-appini-secret
|
||||
namespace: default
|
||||
stringData:
|
||||
app.ini: ENC[AES256_GCM,data:V4Od9odINfb6C+pTJj3vMeLrgA2r6GGsrZDV9ZugucZaOCidaRrcNpiSeCJIdpEOxW0P6kGI3o5FIH9JBSJkMTgmE0rQBfpTeR3PI+1S+2c2kfGL+DRFRaDUCtkp0NEu9bkDvrcFGYkkIvGly9XLue21Eq+vXO5yOQ86/N40N5YHNYixQmkmD5m8hpnYlatjUk41zHaSwbyo81W1JJLJLPHWbV7f8WjdpYNHBU23sOIWWBw2aHHc0QUYp2mrjIYWwXhRLkFl2qFTb4ptl6ogej13ZIfT37yv/qSUtDjADL9dgAPzDzGbwN5ZYQrILHIMaBsUWYWklwQolW+v9/sGMc+AoQSUad4kIVlZL3kt3gQvqZ9C2W/2/dkQaoEHJUzrR7CV0KhtpDYgmahf7nBq1PGl8xqp+IsnDgm7QLBXiwFMd1z7sVAhTFqxaMZSj3+QFBYgvUBdMPeOWdjObsHyNkAY2Hn6NcxAbtfGk9zbdCF1iw48fcSxXTr0DLtUo8y2Fr/y2pC2EbMDMrYBoZYIMI0PYri8nv2kPWpOvzHNpeico7ME3OIvE7csgDJQNtj1j3abZrkOvtmyRb/CZRTyP5ME4hWNMNSpY81bw/zVWiZ151NztcXpGOj2exlYFNHh14Uy3JW60vMu+eSxIGcqjBJmqKH2Y1eP/x8ZYodGz+7SiL/Y89igVElcUCAyEypmDhdhtFXZ4Agb+5T4dyLeZ7NRYqjethEt3A4d0H1ZXwtp0gJ6HjhWeeK+ouRM/+WyCmFqvqLgxDxqFeYbeIaAdLnoNQx+4rhKl/yJncfkbk9jCJEvQSDfAaZuoHJmjk5QlF4eyBUVqeNBwQtVJ4TG//LR9uP89IBr2C4tyhkOT0FG6P68O3Gaf04YDjwEmc2gfhBkH26ARzqhwHNZ6jO3zkCgtxNa4kVcgPPp/WIiD6nVpFuucUhcjypplenPTv9060HQ6fCxyiHLV7kETaykJFIIEPXIMfpIFHJi83CWt/yH2rbDDXb5eZfmezJETh+zM16TrfkumHwL5+kV96ccMrq9O6qnoI6fD0mlXa8npVGiBotfXfkEUdP5FRcxv4vzeimArPRRkBqMZCRT2tXrVFChrIABudxgkiSqJPWoIlRb4u/maN/UuyiE/wm09l0/ROkCd0yRqUvNJd8nHtZZpivJu/icNjERUNgvuO+x+Ssl4IkJ6utVqhUHSZa2M0VI/pe6j/zitYVZyIslzEAjqmO4oq389wdw1GaJrSffRNftIBdzsSx1JKlnQhH51tO2jL/tdbWX2XLMoK1tiRYkjZDKfSpEfdGVDZRtQg9C1gkAaB6/+4usmbjXRqQCoOyNXaTopXQ97pQoqnrfhMrgdu1rq6Bju0Zs4fTUcfTv4BtA7SAP7I1v2RZqcZuuanhKZRM8JuUJdJezLwcOlkkELPSODXiZZ0wlp+z3xEgk/tvNEnck7mEyFb8TB1ffYuFAC4/zJn1Dgo92jvCWXW6IRksDWIV5wzqjdDU5+2AA863C6ULHPIlpmXn4EQUWkxeF0OcZD0GQXhJUoSwBl8kpA9v6vQ952dME15nFTblr1TjfXjk5RK/0tgPD8NEVecmfShvyc9ncWmZlUZXgp0/C25yJYhyIgJYzPvNWqgB/Z3jBbWidejpxZ+8mGzf98IK7tLjLnZs7BvqmJ71HHU3O59s9ZMZ89bbAT3ExPjukD+8VetEZGsfMDUv3B5bnFxKyji5AYDzVZRJB8DYBGW0Fx+FgIyIyJwrQ8DMczCj/8h2MbsOznre4YcZ79JFuXlYJWpQN5lyyY1oCY+kVl+0SQrZY7Pb5VgZrsancu7/O2tnDZF9V2YuP82DZo/8ZBseOMtAbSs7+fCYNfmPBSSoeEP3MTrMqDj/kAkOiGXHfvoszRMlK73HlWKyqraGKO1SbfECE2hfNQacZYN8kFwqJKoTiRb3C5n0xkU1M2n19gF1BWRxFMM+rXkHKjNJ5/fODV+FLIeEsZ2WLYOKdAH0/745GPHdTx8O7xOb13CcL9mrLLWlVPg4tgERrG+4gahfjar7RIH18oI2+OX1ZiXQQYwcRaExQtlTFABomAoGxOsjQ+3Fzjj2pQbmMgQJuzJKw/ZOgllDHwQ8YuYwb0z4X93e331bg8pJVNsLlgA18/aoKiRM0O+9Sw0Bpd06ATM8gHE9eZpkJtrYbaFYXAvIBIUYqwDXxSLgMLzz3/MKRezC21cALv8MmDI0lkeGeYOC9JXZUSK2UPB8DkTbsyPy4npF0+omV4sBM2lleTWqFWB3aHpEXtOqYWGSZJvBjy9SY74slfnKZZaxwZhyE7JLZJLqQmtYvW5W2uXKmFD4aOZmrurn+q6TioIjruZ/wuIWuQuKw7ukcxKIt+fYQkJRIc/Qta0hRl58idZDlCjf1eL24MkKmdjvO2XzM8myhRaeKqCYunvYiSF/JcbSz4yhzFjCFNxVvQQ0BGizfHeqQYSaWpyuasecAXkvXPdgq+Lht0TK34BCuq2pC4aIIE3ZeR2XzHrJ7rAP+g4nws+HRlqVvIPE6gunrsrZy4L4UItrLBe1FZ/o8K3vPANCKMjrKZNU14Jn6dykhzwVG/6Yv3QWPUyCvD+zqNGD19F53Gc3Kp6dysMlYUruG9bq07UQyiz1Ue7/wEKc2g9QYDlMbG1AWT3EVb/KKyurvS0A9W9+rYC1c6m/oOkPtb5UIz8HVIic/AXxstUE+T6QNDcaUfpz8d1dQINq60bCwOex5TAUqBYjG87aUofdeyVSAE5Uvv6XEY7zrO9+ffzJA5W72MUtgfymr7/NVtnv1w2GY1ZrAr1YaqCJ54A90JCbzGiYMRInDmXdzFmTHCBxcFG88dDTi1MZiYbkwlofMpIBrpm9CcE1WdXNozmy/1PlwCPfTmAW2v7m+GIqh3i0PzL+OaHbH28hthdfWywoxYQwpCLtCtpqAIt71HdYD3pFrsNw6ncA3IHCc5V8M40HfAa9UnuqyDsovf8xzGsoWFD+dNDGpB0zwpA==,iv:DTW6aqHeXAwtC0TF1+omBsD7PIa2q5a+jQ3rKav29LA=,tag:bkRwn09eorKyN6TbPqDFcw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2023-06-03T18:27:51Z"
|
||||
mac: ENC[AES256_GCM,data:L/N8wCxBKJ+aMqoc+jKyq8femyQDry3hO0L6YL48EGVpvti7OajBG3lciL7P3xPb8Xl8T8Gb7MZ9pCzVPd11LyYwFDifR/eke77uvaQ5KBNMiuabkryG56eRTLpwOjhUBufcwdX4vIaz/RGe8BBputgBNJLS7nlPtlHxgXvJJ9k=,iv:FbeA9CHPl8E3h0+EiV43z7q9ma8IlaJitrHb55teha8=,tag:cFL0ldTyab3Bye4YUhv0cA==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-06-03T18:27:50Z"
|
||||
enc: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAzKleRwoSoixAQ//bFZnbddFfGqV2GblLjInM4qbBb59OZnZH07RyP+I1fFX
|
||||
vSASqWFR4dFOKUZ2rL4eC19jbWFG/a+0zUodTatuQ4lNmY4Q5g2fACv4KdZb87P5
|
||||
0hT8s3QuCKR6wZkTTl6y+k2JwYv/2ZsTF6ywMH53tc1X4wr5n+/Rhz+XeY8uEbyY
|
||||
lNoydGOxum7dHLoF0ARVfgmJH/OHkxlN4zemwMy/yu/MSYMJ/8ionB7Qi39kjtL4
|
||||
ixKjwYKwfZiO1DrxWz0bjppuQAEorJuFPerhHJROXJhgtLDEgoh+3rpqUCaASq6Q
|
||||
mGZehgrWC1hnZZ6jc4eZ4OQ0OhDFrXI7EwGoodrJFtqtFT4nP4jOzsAiHddFJWgD
|
||||
pONHnu3ZXWaQiEaSWQQGtevER6IDPSoxYQV5hgnYt5lajZRoNNI0BEqbYl+Ug3/j
|
||||
8uAZPvHkfVlFnvH1dVLZKFbreqRDLrP6dNNtDSphEO7Re1I+GEZt5Vjx0O0JrlbX
|
||||
KVJOUQksJljabIOVzOY0VX8pI/pAQjBPOTmOQ3MLOiN6ceWgeR21mAvHDqYxX9Oy
|
||||
e7u8tqQ+gfpePPW8Rf6Uf+mxkZAoAhfDyWOEn42+gVJWKwzSVQomnvDT4PdjesBl
|
||||
ZczhR9JQ9gEVu6Iw4jjhk5Py19TVw0nxhOfoxiWPyXTWoFXTQuiUPmTazd2f5VPU
|
||||
ZgEJAhB96XVANmNvvofAXAomeLaH9LXz39MXa8Jqwluf/lDFibDs7VWypk5fwzIa
|
||||
WTLg8J3wsNDVXE9i6mLakB8GNUOYMLPv/wQNkyxvYC2JNKrw464xosc9L0gmMU8s
|
||||
2LXQalo/Jg==
|
||||
=6a3k
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 2CC2B3631D5C3393901335DB68F95C5D753EE1E5
|
||||
- created_at: "2023-06-03T18:27:50Z"
|
||||
enc: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMA4WLYkVpP8xtARAAlPo3j7fnQDlqavKWY1PoYe4BiKlQUNtu1GSBThVhAygj
|
||||
jxe334RtyhrZN9oloj70I3w0tGxShMSQ+dZ3Bo6cxBvrXyP6yUKrnw55jwtD+d9J
|
||||
3Q+ibWIpgQDqHsNiSh7QgeQyHTO6Ymgtbrg8UjXgz2tDmg1xWx1UlvGgu6wZtQ1v
|
||||
9s/pW2fafNIIJRSy9liaKSmshoWrhJaKVwheT6r6g8xuLNOvoef2FaINi8vnWmuw
|
||||
ATt8Hew0WewRkvU9EV/pPszIkEV9WVkh6bpYKc/esHn6DVby+at+XY+oqEtoaRxp
|
||||
eKpOmfq9SG2yrGogFdDHA6/0eDsxBYHEhQuM42Af4y7I5yUQBowFNLTnvECvrhIW
|
||||
Y0KdDH1+YtWk/qMPak2RqCHrSUsbdoKMPobdQ34Jb9wPPIFz3y51ekwAX++xCB1J
|
||||
EcdPxwAPPiXFu0x8VME5t3TMpPzd2mqzrRjywUTwt099QzBdxfs7NWldoJGYxXSf
|
||||
SSjAgV4vLW8Ms+bUT3n5iIYr5Dv1XKtign0bkyBksW8lOW4j/foWm9Z2yRkV3Z0b
|
||||
tKLYUU5yJJ8JOttaiaAM6zWUAtiUAuB1G47yg7YcO9b05pCTo9CrdrjaSCJEvPEU
|
||||
lGiwzK8mDZxSYNL20vXA+bHRIz7unVM6K5S46GZ2vU/j2JSueorCtzGGQrscz8rU
|
||||
ZgEJAhBLWl6lG1nM6MaUhff6+jSw3SJBahVT/DRVNjZfD+U5PA5e5iiFYLRVD0W6
|
||||
bNlhQgN24TfvkMYpnLpNeLlpd8vp/IGhyL+SgWVY0v+gCBdov1Qa1eKoplxvgWpa
|
||||
pODUhRDgyw==
|
||||
=X5Og
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 8DF31C9F48A24F525FFB1815FC96C52B59328E95
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.7.3
|
||||
|
|
@ -4,19 +4,16 @@ metadata:
|
|||
name: gitea-secret
|
||||
namespace: default
|
||||
stringData:
|
||||
GITEA__database__DB_TYPE: ENC[AES256_GCM,data:CxKLDkwWDro=,iv:vMzk5XUyeiUog3uaNWQi3YKOpnhUTUbZLWi8aQe1GOI=,tag:cIa3sjnmZZeqf8RkHaHyCA==,type:str]
|
||||
GITEA__database__HOST: ENC[AES256_GCM,data:SPy0h0kvhTMzbx7IhmOrOZ2RfVF0h2E4,iv:YvrmhhZfPGzjuuppfBumrKjQzGAwmScZ4Kv88bTRTa4=,tag:xnrGbDv0XwhYrCeJ3l+Cvg==,type:str]
|
||||
GITEA__database__NAME: ENC[AES256_GCM,data:K1lM4P8=,iv:5sN41GkSZ4sPLwIyVjiy6JNm20WFq3qNYFZ1gWfqG/4=,tag:hBoBRIgae5QRoMirGgEWmg==,type:str]
|
||||
GITEA__database__USER: ENC[AES256_GCM,data:aQvMk8Y=,iv:SaDZ5fWWbhu66BqYJ+KKs6/zMrdTDoDZvBQKd2IyLck=,tag:4z7jRIT158aUxaOmYWewAQ==,type:str]
|
||||
GITEA__database__PASSWD: ENC[AES256_GCM,data:n6ywTKo/Eb8JU9/MBvwlbLxcPJp1VRRrMKniktMZjS4=,iv:c7DSl3ReYNWoRN2TPeGkxIUo/OXz7EtKr416nBtFUxA=,tag:zEf7GhN3RNkfbSn13WA1Yg==,type:str]
|
||||
admin-password: ENC[AES256_GCM,data:IjukgfqqKKmFzOA=,iv:pbkG9/pRDveNksDJJU8ujje56xLTUFAFHDuaX2Te7yg=,tag:dMXUc4wQ1n6U0jmFmDdR9Q==,type:str]
|
||||
db-password: ENC[AES256_GCM,data:V7tDCRPEbYrSLbgwZgU7yVOPh/kUH0cK4aFkmvEiFgI=,iv:u8dgHSPrIYY7kBjiWTEmgYnQzh157iPpC0d0j2KWOZ4=,tag:IbY2UumxQhANDF7lEcEEig==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2023-04-27T23:49:11Z"
|
||||
mac: ENC[AES256_GCM,data:tAs7ev9V8nwDlpUeYC6D79gpT2IztnIppycM3GSmiLwock9XrJilAyaahd+OdmLQXjEqqqOZjLKVCm67xf+3jiPFkmCsIfP9A0incrySEJBVsum9/7i3nbUTf2tJyhj7mlex33KG3Arsinx3oPfY1U5QykYBBLR6dEan69Vg6Fc=,iv:IrrJnQgpyGW6B2Nu2IKetT279/WRDU9yG/A6r+5gtXo=,tag:ZXdVSvVsP3IJECSCguSdVw==,type:str]
|
||||
lastmodified: "2023-06-04T04:02:52Z"
|
||||
mac: ENC[AES256_GCM,data:Rfp9jgDr4b35rwTmX9EfOGgPSdYGSwoK096cDz2MFFzp3akUyeRQposFJ/M1JtcYLseg+XCKCLNSd/yVxwhNGMcA+lF4kgHHXAZyjYGHqOuo4RaylaYuAavdFmC8LL0f0fUX3P5L1AHH1JuqW9EJK60/IxqxD1/d/qJdhwaLH7k=,iv:fwLlG5BsTf70IyeXkWfHwfB3phjJTLYLZoYWFMo6qJ4=,tag:ZJLMIGRW4OUKauvOyaO8AQ==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-04-07T01:57:22Z"
|
||||
enc: |
|
||||
|
|
|
|||
|
|
@ -7,30 +7,36 @@ spec:
|
|||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: app-template
|
||||
version: 1.3.x
|
||||
chart: gitea
|
||||
version: 0.3.2
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bjws-charts
|
||||
name: bitnami-charts
|
||||
namespace: flux-system
|
||||
|
||||
values:
|
||||
image:
|
||||
repository: gitea/gitea
|
||||
tag: 1.19.3-rootless
|
||||
existingSecret: gitea-secret
|
||||
existingSecretKey: admin-password
|
||||
|
||||
podLabels:
|
||||
needsDatabase: "yes"
|
||||
needsAuthentik: "yes"
|
||||
persistence:
|
||||
enabled: true
|
||||
hostPath: /mnt/MainPool/Kubernetes/gitea
|
||||
|
||||
env:
|
||||
USER: git
|
||||
USER_UID: 10000
|
||||
USER_GID: 10000
|
||||
resources:
|
||||
requests:
|
||||
cpu: 1m
|
||||
memory: 340Mi
|
||||
limits:
|
||||
memory: 1Gi
|
||||
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: gitea-secret
|
||||
podSecurityContext:
|
||||
enabled: true
|
||||
fsGroup: 10000
|
||||
|
||||
containerSecurityContext:
|
||||
enabled: true
|
||||
runAsUser: 10000
|
||||
runAsNonRoot: true
|
||||
|
||||
# Sidecar used for mirroring GitHub repos to gitea
|
||||
sidecars:
|
||||
|
|
@ -42,64 +48,29 @@ spec:
|
|||
name: gitea-sidecar-secret
|
||||
|
||||
service:
|
||||
main:
|
||||
ports:
|
||||
http:
|
||||
port: 3000
|
||||
|
||||
ssh:
|
||||
enabled: true
|
||||
type: NodePort
|
||||
ports:
|
||||
ssh:
|
||||
enabled: true
|
||||
port: 22
|
||||
protocol: TCP
|
||||
nodePort: 30022
|
||||
|
||||
probes:
|
||||
liveness:
|
||||
enabled: false
|
||||
type: ClusterIP
|
||||
nodePorts:
|
||||
ssh: 30022
|
||||
|
||||
ingress:
|
||||
main:
|
||||
enabled: true
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
hosts:
|
||||
- host: &host "git.${SECRET_NEW_DOMAIN}"
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- hosts:
|
||||
- *host
|
||||
secretName: wildcard-main-tls
|
||||
enabled: true
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
hostname: "budget.${SECRET_NEW_DOMAIN}"
|
||||
secrets:
|
||||
- wildcard-main-tls
|
||||
|
||||
persistence:
|
||||
storage:
|
||||
enabled: true
|
||||
type: hostPath
|
||||
hostPath: /mnt/MainPool/Kubernetes/gitea
|
||||
mountPath: /data
|
||||
postgresql:
|
||||
enabled: false
|
||||
|
||||
config:
|
||||
enabled: true
|
||||
type: secret
|
||||
name: gitea-appini-secret
|
||||
mountPath: /etc/gitea
|
||||
externalDatabase:
|
||||
host: postgresql.database
|
||||
port: 5432
|
||||
user: gitea
|
||||
database: gitea
|
||||
existingSecret: gitea-secret
|
||||
existingSecretPasswordKey: db-password
|
||||
|
||||
podSecurityContext:
|
||||
runAsNonRoot: true
|
||||
runAsUser: 10000
|
||||
runAsGroup: 10000
|
||||
fsGroup: 10000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
resources:
|
||||
requests:
|
||||
cpu: 1m
|
||||
memory: 340Mi
|
||||
limits:
|
||||
memory: 1Gi
|
||||
volumePermissions:
|
||||
enabled: true
|
||||
Loading…
Reference in New Issue