use bitnami chart for gitea

This commit is contained in:
SeanOMik 2023-06-04 00:27:24 -04:00
parent 82e4684d52
commit 1f42289025
Signed by: SeanOMik
GPG Key ID: 568F326C7EB33ACB
3 changed files with 47 additions and 139 deletions

View File

@ -1,60 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: gitea-appini-secret
namespace: default
stringData:
app.ini: ENC[AES256_GCM,data:V4Od9odINfb6C+pTJj3vMeLrgA2r6GGsrZDV9ZugucZaOCidaRrcNpiSeCJIdpEOxW0P6kGI3o5FIH9JBSJkMTgmE0rQBfpTeR3PI+1S+2c2kfGL+DRFRaDUCtkp0NEu9bkDvrcFGYkkIvGly9XLue21Eq+vXO5yOQ86/N40N5YHNYixQmkmD5m8hpnYlatjUk41zHaSwbyo81W1JJLJLPHWbV7f8WjdpYNHBU23sOIWWBw2aHHc0QUYp2mrjIYWwXhRLkFl2qFTb4ptl6ogej13ZIfT37yv/qSUtDjADL9dgAPzDzGbwN5ZYQrILHIMaBsUWYWklwQolW+v9/sGMc+AoQSUad4kIVlZL3kt3gQvqZ9C2W/2/dkQaoEHJUzrR7CV0KhtpDYgmahf7nBq1PGl8xqp+IsnDgm7QLBXiwFMd1z7sVAhTFqxaMZSj3+QFBYgvUBdMPeOWdjObsHyNkAY2Hn6NcxAbtfGk9zbdCF1iw48fcSxXTr0DLtUo8y2Fr/y2pC2EbMDMrYBoZYIMI0PYri8nv2kPWpOvzHNpeico7ME3OIvE7csgDJQNtj1j3abZrkOvtmyRb/CZRTyP5ME4hWNMNSpY81bw/zVWiZ151NztcXpGOj2exlYFNHh14Uy3JW60vMu+eSxIGcqjBJmqKH2Y1eP/x8ZYodGz+7SiL/Y89igVElcUCAyEypmDhdhtFXZ4Agb+5T4dyLeZ7NRYqjethEt3A4d0H1ZXwtp0gJ6HjhWeeK+ouRM/+WyCmFqvqLgxDxqFeYbeIaAdLnoNQx+4rhKl/yJncfkbk9jCJEvQSDfAaZuoHJmjk5QlF4eyBUVqeNBwQtVJ4TG//LR9uP89IBr2C4tyhkOT0FG6P68O3Gaf04YDjwEmc2gfhBkH26ARzqhwHNZ6jO3zkCgtxNa4kVcgPPp/WIiD6nVpFuucUhcjypplenPTv9060HQ6fCxyiHLV7kETaykJFIIEPXIMfpIFHJi83CWt/yH2rbDDXb5eZfmezJETh+zM16TrfkumHwL5+kV96ccMrq9O6qnoI6fD0mlXa8npVGiBotfXfkEUdP5FRcxv4vzeimArPRRkBqMZCRT2tXrVFChrIABudxgkiSqJPWoIlRb4u/maN/UuyiE/wm09l0/ROkCd0yRqUvNJd8nHtZZpivJu/icNjERUNgvuO+x+Ssl4IkJ6utVqhUHSZa2M0VI/pe6j/zitYVZyIslzEAjqmO4oq389wdw1GaJrSffRNftIBdzsSx1JKlnQhH51tO2jL/tdbWX2XLMoK1tiRYkjZDKfSpEfdGVDZRtQg9C1gkAaB6/+4usmbjXRqQCoOyNXaTopXQ97pQoqnrfhMrgdu1rq6Bju0Zs4fTUcfTv4BtA7SAP7I1v2RZqcZuuanhKZRM8JuUJdJezLwcOlkkELPSODXiZZ0wlp+z3xEgk/tvNEnck7mEyFb8TB1ffYuFAC4/zJn1Dgo92jvCWXW6IRksDWIV5wzqjdDU5+2AA863C6ULHPIlpmXn4EQUWkxeF0OcZD0GQXhJUoSwBl8kpA9v6vQ952dME15nFTblr1TjfXjk5RK/0tgPD8NEVecmfShvyc9ncWmZlUZXgp0/C25yJYhyIgJYzPvNWqgB/Z3jBbWidejpxZ+8mGzf98IK7tLjLnZs7BvqmJ71HHU3O59s9ZMZ89bbAT3ExPjukD+8VetEZGsfMDUv3B5bnFxKyji5AYDzVZRJB8DYBGW0Fx+FgIyIyJwrQ8DMczCj/8h2MbsOznre4YcZ79JFuXlYJWpQN5lyyY1oCY+kVl+0SQrZY7Pb5VgZrsancu7/O2tnDZF9V2YuP82DZo/8ZBseOMtAbSs7+fCYNfmPBSSoeEP3MTrMqDj/kAkOiGXHfvoszRMlK73HlWKyqraGKO1SbfECE2hfNQacZYN8kFwqJKoTiRb3C5n0xkU1M2n19gF1BWRxFMM+rXkHKjNJ5/fODV+FLIeEsZ2WLYOKdAH0/745GPHdTx8O7xOb13CcL9mrLLWlVPg4tgERrG+4gahfjar7RIH18oI2+OX1ZiXQQYwcRaExQtlTFABomAoGxOsjQ+3Fzjj2pQbmMgQJuzJKw/ZOgllDHwQ8YuYwb0z4X93e331bg8pJVNsLlgA18/aoKiRM0O+9Sw0Bpd06ATM8gHE9eZpkJtrYbaFYXAvIBIUYqwDXxSLgMLzz3/MKRezC21cALv8MmDI0lkeGeYOC9JXZUSK2UPB8DkTbsyPy4npF0+omV4sBM2lleTWqFWB3aHpEXtOqYWGSZJvBjy9SY74slfnKZZaxwZhyE7JLZJLqQmtYvW5W2uXKmFD4aOZmrurn+q6TioIjruZ/wuIWuQuKw7ukcxKIt+fYQkJRIc/Qta0hRl58idZDlCjf1eL24MkKmdjvO2XzM8myhRaeKqCYunvYiSF/JcbSz4yhzFjCFNxVvQQ0BGizfHeqQYSaWpyuasecAXkvXPdgq+Lht0TK34BCuq2pC4aIIE3ZeR2XzHrJ7rAP+g4nws+HRlqVvIPE6gunrsrZy4L4UItrLBe1FZ/o8K3vPANCKMjrKZNU14Jn6dykhzwVG/6Yv3QWPUyCvD+zqNGD19F53Gc3Kp6dysMlYUruG9bq07UQyiz1Ue7/wEKc2g9QYDlMbG1AWT3EVb/KKyurvS0A9W9+rYC1c6m/oOkPtb5UIz8HVIic/AXxstUE+T6QNDcaUfpz8d1dQINq60bCwOex5TAUqBYjG87aUofdeyVSAE5Uvv6XEY7zrO9+ffzJA5W72MUtgfymr7/NVtnv1w2GY1ZrAr1YaqCJ54A90JCbzGiYMRInDmXdzFmTHCBxcFG88dDTi1MZiYbkwlofMpIBrpm9CcE1WdXNozmy/1PlwCPfTmAW2v7m+GIqh3i0PzL+OaHbH28hthdfWywoxYQwpCLtCtpqAIt71HdYD3pFrsNw6ncA3IHCc5V8M40HfAa9UnuqyDsovf8xzGsoWFD+dNDGpB0zwpA==,iv:DTW6aqHeXAwtC0TF1+omBsD7PIa2q5a+jQ3rKav29LA=,tag:bkRwn09eorKyN6TbPqDFcw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2023-06-03T18:27:51Z"
mac: ENC[AES256_GCM,data:L/N8wCxBKJ+aMqoc+jKyq8femyQDry3hO0L6YL48EGVpvti7OajBG3lciL7P3xPb8Xl8T8Gb7MZ9pCzVPd11LyYwFDifR/eke77uvaQ5KBNMiuabkryG56eRTLpwOjhUBufcwdX4vIaz/RGe8BBputgBNJLS7nlPtlHxgXvJJ9k=,iv:FbeA9CHPl8E3h0+EiV43z7q9ma8IlaJitrHb55teha8=,tag:cFL0ldTyab3Bye4YUhv0cA==,type:str]
pgp:
- created_at: "2023-06-03T18:27:50Z"
enc: |
-----BEGIN PGP MESSAGE-----
hQIMAzKleRwoSoixAQ//bFZnbddFfGqV2GblLjInM4qbBb59OZnZH07RyP+I1fFX
vSASqWFR4dFOKUZ2rL4eC19jbWFG/a+0zUodTatuQ4lNmY4Q5g2fACv4KdZb87P5
0hT8s3QuCKR6wZkTTl6y+k2JwYv/2ZsTF6ywMH53tc1X4wr5n+/Rhz+XeY8uEbyY
lNoydGOxum7dHLoF0ARVfgmJH/OHkxlN4zemwMy/yu/MSYMJ/8ionB7Qi39kjtL4
ixKjwYKwfZiO1DrxWz0bjppuQAEorJuFPerhHJROXJhgtLDEgoh+3rpqUCaASq6Q
mGZehgrWC1hnZZ6jc4eZ4OQ0OhDFrXI7EwGoodrJFtqtFT4nP4jOzsAiHddFJWgD
pONHnu3ZXWaQiEaSWQQGtevER6IDPSoxYQV5hgnYt5lajZRoNNI0BEqbYl+Ug3/j
8uAZPvHkfVlFnvH1dVLZKFbreqRDLrP6dNNtDSphEO7Re1I+GEZt5Vjx0O0JrlbX
KVJOUQksJljabIOVzOY0VX8pI/pAQjBPOTmOQ3MLOiN6ceWgeR21mAvHDqYxX9Oy
e7u8tqQ+gfpePPW8Rf6Uf+mxkZAoAhfDyWOEn42+gVJWKwzSVQomnvDT4PdjesBl
ZczhR9JQ9gEVu6Iw4jjhk5Py19TVw0nxhOfoxiWPyXTWoFXTQuiUPmTazd2f5VPU
ZgEJAhB96XVANmNvvofAXAomeLaH9LXz39MXa8Jqwluf/lDFibDs7VWypk5fwzIa
WTLg8J3wsNDVXE9i6mLakB8GNUOYMLPv/wQNkyxvYC2JNKrw464xosc9L0gmMU8s
2LXQalo/Jg==
=6a3k
-----END PGP MESSAGE-----
fp: 2CC2B3631D5C3393901335DB68F95C5D753EE1E5
- created_at: "2023-06-03T18:27:50Z"
enc: |
-----BEGIN PGP MESSAGE-----
hQIMA4WLYkVpP8xtARAAlPo3j7fnQDlqavKWY1PoYe4BiKlQUNtu1GSBThVhAygj
jxe334RtyhrZN9oloj70I3w0tGxShMSQ+dZ3Bo6cxBvrXyP6yUKrnw55jwtD+d9J
3Q+ibWIpgQDqHsNiSh7QgeQyHTO6Ymgtbrg8UjXgz2tDmg1xWx1UlvGgu6wZtQ1v
9s/pW2fafNIIJRSy9liaKSmshoWrhJaKVwheT6r6g8xuLNOvoef2FaINi8vnWmuw
ATt8Hew0WewRkvU9EV/pPszIkEV9WVkh6bpYKc/esHn6DVby+at+XY+oqEtoaRxp
eKpOmfq9SG2yrGogFdDHA6/0eDsxBYHEhQuM42Af4y7I5yUQBowFNLTnvECvrhIW
Y0KdDH1+YtWk/qMPak2RqCHrSUsbdoKMPobdQ34Jb9wPPIFz3y51ekwAX++xCB1J
EcdPxwAPPiXFu0x8VME5t3TMpPzd2mqzrRjywUTwt099QzBdxfs7NWldoJGYxXSf
SSjAgV4vLW8Ms+bUT3n5iIYr5Dv1XKtign0bkyBksW8lOW4j/foWm9Z2yRkV3Z0b
tKLYUU5yJJ8JOttaiaAM6zWUAtiUAuB1G47yg7YcO9b05pCTo9CrdrjaSCJEvPEU
lGiwzK8mDZxSYNL20vXA+bHRIz7unVM6K5S46GZ2vU/j2JSueorCtzGGQrscz8rU
ZgEJAhBLWl6lG1nM6MaUhff6+jSw3SJBahVT/DRVNjZfD+U5PA5e5iiFYLRVD0W6
bNlhQgN24TfvkMYpnLpNeLlpd8vp/IGhyL+SgWVY0v+gCBdov1Qa1eKoplxvgWpa
pODUhRDgyw==
=X5Og
-----END PGP MESSAGE-----
fp: 8DF31C9F48A24F525FFB1815FC96C52B59328E95
encrypted_regex: ^(data|stringData)$
version: 3.7.3

View File

@ -4,19 +4,16 @@ metadata:
name: gitea-secret
namespace: default
stringData:
GITEA__database__DB_TYPE: ENC[AES256_GCM,data:CxKLDkwWDro=,iv:vMzk5XUyeiUog3uaNWQi3YKOpnhUTUbZLWi8aQe1GOI=,tag:cIa3sjnmZZeqf8RkHaHyCA==,type:str]
GITEA__database__HOST: ENC[AES256_GCM,data:SPy0h0kvhTMzbx7IhmOrOZ2RfVF0h2E4,iv:YvrmhhZfPGzjuuppfBumrKjQzGAwmScZ4Kv88bTRTa4=,tag:xnrGbDv0XwhYrCeJ3l+Cvg==,type:str]
GITEA__database__NAME: ENC[AES256_GCM,data:K1lM4P8=,iv:5sN41GkSZ4sPLwIyVjiy6JNm20WFq3qNYFZ1gWfqG/4=,tag:hBoBRIgae5QRoMirGgEWmg==,type:str]
GITEA__database__USER: ENC[AES256_GCM,data:aQvMk8Y=,iv:SaDZ5fWWbhu66BqYJ+KKs6/zMrdTDoDZvBQKd2IyLck=,tag:4z7jRIT158aUxaOmYWewAQ==,type:str]
GITEA__database__PASSWD: ENC[AES256_GCM,data:n6ywTKo/Eb8JU9/MBvwlbLxcPJp1VRRrMKniktMZjS4=,iv:c7DSl3ReYNWoRN2TPeGkxIUo/OXz7EtKr416nBtFUxA=,tag:zEf7GhN3RNkfbSn13WA1Yg==,type:str]
admin-password: ENC[AES256_GCM,data:IjukgfqqKKmFzOA=,iv:pbkG9/pRDveNksDJJU8ujje56xLTUFAFHDuaX2Te7yg=,tag:dMXUc4wQ1n6U0jmFmDdR9Q==,type:str]
db-password: ENC[AES256_GCM,data:V7tDCRPEbYrSLbgwZgU7yVOPh/kUH0cK4aFkmvEiFgI=,iv:u8dgHSPrIYY7kBjiWTEmgYnQzh157iPpC0d0j2KWOZ4=,tag:IbY2UumxQhANDF7lEcEEig==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2023-04-27T23:49:11Z"
mac: ENC[AES256_GCM,data:tAs7ev9V8nwDlpUeYC6D79gpT2IztnIppycM3GSmiLwock9XrJilAyaahd+OdmLQXjEqqqOZjLKVCm67xf+3jiPFkmCsIfP9A0incrySEJBVsum9/7i3nbUTf2tJyhj7mlex33KG3Arsinx3oPfY1U5QykYBBLR6dEan69Vg6Fc=,iv:IrrJnQgpyGW6B2Nu2IKetT279/WRDU9yG/A6r+5gtXo=,tag:ZXdVSvVsP3IJECSCguSdVw==,type:str]
lastmodified: "2023-06-04T04:02:52Z"
mac: ENC[AES256_GCM,data:Rfp9jgDr4b35rwTmX9EfOGgPSdYGSwoK096cDz2MFFzp3akUyeRQposFJ/M1JtcYLseg+XCKCLNSd/yVxwhNGMcA+lF4kgHHXAZyjYGHqOuo4RaylaYuAavdFmC8LL0f0fUX3P5L1AHH1JuqW9EJK60/IxqxD1/d/qJdhwaLH7k=,iv:fwLlG5BsTf70IyeXkWfHwfB3phjJTLYLZoYWFMo6qJ4=,tag:ZJLMIGRW4OUKauvOyaO8AQ==,type:str]
pgp:
- created_at: "2023-04-07T01:57:22Z"
enc: |

View File

@ -7,30 +7,36 @@ spec:
interval: 5m
chart:
spec:
chart: app-template
version: 1.3.x
chart: gitea
version: 0.3.2
sourceRef:
kind: HelmRepository
name: bjws-charts
name: bitnami-charts
namespace: flux-system
values:
image:
repository: gitea/gitea
tag: 1.19.3-rootless
existingSecret: gitea-secret
existingSecretKey: admin-password
podLabels:
needsDatabase: "yes"
needsAuthentik: "yes"
persistence:
enabled: true
hostPath: /mnt/MainPool/Kubernetes/gitea
env:
USER: git
USER_UID: 10000
USER_GID: 10000
resources:
requests:
cpu: 1m
memory: 340Mi
limits:
memory: 1Gi
envFrom:
- secretRef:
name: gitea-secret
podSecurityContext:
enabled: true
fsGroup: 10000
containerSecurityContext:
enabled: true
runAsUser: 10000
runAsNonRoot: true
# Sidecar used for mirroring GitHub repos to gitea
sidecars:
@ -42,64 +48,29 @@ spec:
name: gitea-sidecar-secret
service:
main:
ports:
http:
port: 3000
ssh:
enabled: true
type: NodePort
ports:
ssh:
enabled: true
port: 22
protocol: TCP
nodePort: 30022
probes:
liveness:
enabled: false
type: ClusterIP
nodePorts:
ssh: 30022
ingress:
main:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
traefik.ingress.kubernetes.io/router.entrypoints: websecure
hosts:
- host: &host "git.${SECRET_NEW_DOMAIN}"
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- *host
secretName: wildcard-main-tls
hostname: "budget.${SECRET_NEW_DOMAIN}"
secrets:
- wildcard-main-tls
persistence:
storage:
postgresql:
enabled: false
externalDatabase:
host: postgresql.database
port: 5432
user: gitea
database: gitea
existingSecret: gitea-secret
existingSecretPasswordKey: db-password
volumePermissions:
enabled: true
type: hostPath
hostPath: /mnt/MainPool/Kubernetes/gitea
mountPath: /data
config:
enabled: true
type: secret
name: gitea-appini-secret
mountPath: /etc/gitea
podSecurityContext:
runAsNonRoot: true
runAsUser: 10000
runAsGroup: 10000
fsGroup: 10000
fsGroupChangePolicy: OnRootMismatch
resources:
requests:
cpu: 1m
memory: 340Mi
limits:
memory: 1Gi