infrastructure/core-apps
3
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b2d42115838b86088169b03f74b35899b246e8aa
core-apps/gitea/values.yaml

184 lines
4.8 KiB
YAML
Raw Blame History

gitea:
replicaCount: 3
ingress:
enabled: true
hosts:
- host: git.dubyatp.xyz
paths:
- path: /
tls:
- secretName: cert-dubyatp-xyz
hosts:
- git.dubyatp.xyz
persistence:
enabled: true
create: true
mount: true
claimName: gitea-shared-storage
size: 50Gi
accessModes:
- ReadWriteMany
storageClass: weyma-shared
deployment:
annotations:
backup.velero.io/backup-volumes: data
env:
- name: GITEA__database__PASSWD
valueFrom:
secretKeyRef:
key: password
name: gitea-db-auth
- name: GITEA__mailer__PASSWD
valueFrom:
secretKeyRef:
key: smtp_smtp2go
name: gitea-secrets
- name: GITEA__security__INTERNAL_TOKEN
valueFrom:
secretKeyRef:
key: internal_token
name: gitea-secrets
- name: GITEA__security__SECRET_KEY
valueFrom:
secretKeyRef:
key: secret_key
name: gitea-secrets
- name: GITEA__oauth2__JWT_SECRET
valueFrom:
secretKeyRef:
key: oauth2_jwt
name: gitea-secrets
gitea:
admin:
passwordMode: initialOnlyNoReset
podAnnotations:
backup.velero.io/backup-volumes: data
config:
database:
DB_TYPE: postgres
HOST: pooler-weyma-rw.cloudnativepg.svc.cluster.local
NAME: gitea
USER: gitea
server:
DISABLE_SSH: false
DOMAIN: git.dubyatp.xyz
ENABLE_PPROF: false
ROOT_URL: https://git.dubyatp.xyz
SSH_DOMAIN: git-ssh.dubyatp.xyz
SSH_LISTEN_PORT: 22
SSH_PORT: 22
START_SSH_SERVER: true
OFFLINE_MODE: false
service:
DISABLE_REGISTRATION: false
webhook:
ALLOWED_HOST_LIST: "drone.infra.dubyatp.xyz,argocd.infra.dubyatp.xyz,discord.com,10.0.0.0/8"
mailer:
ENABLED: true
FROM: gitea@em924671.dubyatp.xyz
PROTOCOL: smtps
SMTP_ADDR: mail.smtp2go.com
SMTP_PORT: 465
USER: gitea_dubyatp
security:
INSTALL_LOCK: true
extraDeploy:
- apiVersion: traefik.io/v1alpha1
kind: IngressRouteTCP
metadata:
name: gitea-ssh
spec:
entryPoints:
- gitssh
routes:
- match: HostSNI(`*`)
priority: 1
services:
- name: gitea-ssh
port: 22
- apiVersion: v1
kind: Secret
metadata:
name: cert-dubyatp-xyz
annotations:
replicator.v1.mittwald.de/replicate-from: "cert-manager/cert-dubyatp-xyz"
replicator.v1.mittwald.de/replicated-keys: "tls.crt,tls.key"
data:
tls.crt: ""
tls.key: ""
- apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: gitea-db-auth
spec:
data:
- remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: cloudnativepg
metadataPolicy: None
property: gitea_pw
secretKey: password
refreshInterval: 1h
secretStoreRef:
kind: ClusterSecretStore
name: weyma-vault
target:
creationPolicy: Owner
deletionPolicy: Retain
name: gitea-db-auth
- apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: gitea-secrets
spec:
data:
- remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: gitea
metadataPolicy: None
property: internal_token
secretKey: internal_token
- remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: gitea
metadataPolicy: None
property: oauth2_jwt
secretKey: oauth2_jwt
- remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: gitea
metadataPolicy: None
property: secret_key
secretKey: secret_key
- remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: gitea
metadataPolicy: None
property: smtp_smtp2go
secretKey: smtp_smtp2go
- remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: gitea
metadataPolicy: None
property: gitea_admin
secretKey: gitea_admin
refreshInterval: 1h
secretStoreRef:
kind: ClusterSecretStore
name: weyma-vault
target:
creationPolicy: Owner
deletionPolicy: Retain
name: gitea-secrets
postgresql-ha:
enabled: false
valkey-cluster:
enabled: true
valkey:
resourcesPreset: "small"
Reference in New Issue View Git Blame Copy Permalink