Migrate Gitea
This commit is contained in:
5
gitea/README.md
Normal file
5
gitea/README.md
Normal file
@@ -0,0 +1,5 @@
|
||||
# Gitea
|
||||
|
||||
```
|
||||
kubectl apply -n gitea -f application.yaml
|
||||
```
|
||||
207
gitea/application.yaml
Normal file
207
gitea/application.yaml
Normal file
@@ -0,0 +1,207 @@
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: gitea
|
||||
namespace: gitea
|
||||
spec:
|
||||
dnsNames:
|
||||
- git.k-space.ee
|
||||
issuerRef:
|
||||
kind: ClusterIssuer
|
||||
name: default
|
||||
secretName: git-tls
|
||||
---
|
||||
apiVersion: codemowers.io/v1alpha1
|
||||
kind: OIDCGWClient
|
||||
metadata:
|
||||
name: gitea
|
||||
spec:
|
||||
displayName: Gitea
|
||||
uri: https://git.k-space.ee
|
||||
redirectUris:
|
||||
- https://git.k-space.ee/user/oauth2/OpenID/callback
|
||||
allowedGroups:
|
||||
- k-space:floor
|
||||
grantTypes:
|
||||
- authorization_code
|
||||
- refresh_token
|
||||
responseTypes:
|
||||
- code
|
||||
availableScopes:
|
||||
- openid
|
||||
- profile
|
||||
pkce: false
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
name: gitea
|
||||
labels:
|
||||
app.kubernetes.io/name: gitea
|
||||
spec:
|
||||
serviceName: gitea
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: gitea
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: gitea
|
||||
spec:
|
||||
containers:
|
||||
- name: gitea
|
||||
image: gitea/gitea:1.20.1
|
||||
command:
|
||||
- /bin/bash
|
||||
- -c
|
||||
- '/etc/s6/gitea/setup && /etc/s6/gitea/run'
|
||||
env:
|
||||
- name: GITEA_____APP_NAME
|
||||
value: Gitea
|
||||
- name: GITEA_____RUN_USER
|
||||
value: git
|
||||
- name: GITEA_____RUN_MODE
|
||||
value: prod
|
||||
- name: GITEA__SERVER__SSH_SERVER_HOST_KEYS
|
||||
value: ssh/gitea.rsa,ssh/gitea.ecdsa,ssh/gitea.ed25519
|
||||
- name: GITEA__SERVER__START_SSH_SERVER
|
||||
value: "true"
|
||||
- name: GITEA__SERVER__CERT_FILE
|
||||
value: "/cert/tls.crt"
|
||||
- name: GITEA__SERVER__KEY_FILE
|
||||
value: "/cert/tls.key"
|
||||
- name: GITEA__SERVER__SSH_LISTEN_PORT
|
||||
value: "2222"
|
||||
- name: GITEA__U2F__APP_ID
|
||||
value: https://git.k-space.ee
|
||||
- name: GITEA__SERVER__PROTOCOL
|
||||
value: https
|
||||
- name: REDIRECT_OTHER_PORT
|
||||
value: "true"
|
||||
- name: PORT_TO_REDIRECT
|
||||
value: "8080"
|
||||
- name: GITEA__SERVER__DOMAIN
|
||||
value: git.k-space.ee
|
||||
- name: GITEA__SERVER__HTTP_ADDR
|
||||
value: 0.0.0.0
|
||||
- name: GITEA__SERVER__ROOT_URL
|
||||
value: https://git.k-space.ee
|
||||
- name: GITEA__SSH.MINIMUM_KEY_SIZES__DSA
|
||||
value: "-1"
|
||||
- name: GITEA__DATABASE__DB_TYPE
|
||||
value: mysql
|
||||
- name: GITEA__DATABASE__HOST
|
||||
value: mariadb.infra.k-space.ee:3306
|
||||
- name: GITEA__DATABASE__NAME
|
||||
value: kspace_git
|
||||
- name: GITEA__DATABASE__USER
|
||||
value: kspace_git
|
||||
- name: GITEA__DATABASE__SSL_MODE
|
||||
value: disable
|
||||
- name: GITEA__DATABASE__LOG_SQL
|
||||
value: "false"
|
||||
- name: GITEA__SECURITY__INSTALL_LOCK
|
||||
value: "true"
|
||||
- name: GITEA__SECURITY__SECRET_KEY
|
||||
value: t2RrFCn4Q22MFPc
|
||||
- name: GITEA__SECURITY__LOGIN_REMEMBER_DAYS
|
||||
value: "30"
|
||||
- name: GITEA__SERVICE__REGISTER_EMAIL_CONFIRM
|
||||
value: "true"
|
||||
- name: GITEA__SERVICE__DISABLE_REGISTRATION
|
||||
value: "true"
|
||||
- name: GITEA__SERVICE__ENABLE_NOTIFY_MAIL
|
||||
value: "true"
|
||||
- name: GITEA__MAILER__ENABLED
|
||||
value: "true"
|
||||
- name: GITEA__MAILER__HOST
|
||||
value: mail.k-space.ee:465
|
||||
- name: GITEA__MAILER__FROM
|
||||
value: Gitea <git@k-space.ee>
|
||||
- name: GITEA__MAILER__USER
|
||||
value: git
|
||||
- name: GITEA__MAILER__USE_PLAIN_TEXT
|
||||
value: "false"
|
||||
- name: GITEA__SESSION__PROVIDER
|
||||
value: file
|
||||
- name: GITEA__SESSION__COOKIE_SECURE
|
||||
value: "true"
|
||||
- name: GITEA__LOG__ENABLE_XORM_LOG
|
||||
value: "false"
|
||||
- name: GITEA__CRON__ENABLED
|
||||
value: "true"
|
||||
- name: GITEA__I18N__LANGS
|
||||
value: en-US
|
||||
- name: GITEA__I18N__NAMES
|
||||
value: English
|
||||
- name: GITEA__DATABASE__PASSWD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-secrets
|
||||
key: GITEA__DATABASE__PASSWD
|
||||
- name: GITEA__MAILER__PASSWD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-secrets
|
||||
key: GITEA__MAILER__PASSWD
|
||||
- name: GITEA__OAUTH2__JWT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-secrets
|
||||
key: GITEA__OAUTH2__JWT_SECRET
|
||||
- name: GITEA__SECURITY__INTERNAL_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-secrets
|
||||
key: GITEA__SECURITY__INTERNAL_TOKEN
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
name: http
|
||||
- containerPort: 3000
|
||||
name: https
|
||||
- containerPort: 2222
|
||||
name: ssh
|
||||
volumeMounts:
|
||||
- mountPath: /cert
|
||||
name: cert
|
||||
- mountPath: /data
|
||||
name: data
|
||||
volumes:
|
||||
- name: cert
|
||||
secret:
|
||||
secretName: git-tls
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: data
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
storageClassName: gitea
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: gitea
|
||||
namespace: gitea
|
||||
annotations:
|
||||
external-dns.alpha.kubernetes.io/hostname: git.k-space.ee
|
||||
spec:
|
||||
type: LoadBalancer
|
||||
externalTrafficPolicy: Local
|
||||
selector:
|
||||
app.kubernetes.io/name: gitea
|
||||
ports:
|
||||
- port: 22
|
||||
name: ssh
|
||||
targetPort: 2222
|
||||
- port: 80
|
||||
name: http
|
||||
targetPort: 8080
|
||||
- port: 443
|
||||
name: https
|
||||
targetPort: 3000
|
||||
Reference in New Issue
Block a user