1
0
forked from k-space/kube

Migrate Gitea

This commit is contained in:
Lauri Võsandi 2023-07-28 17:11:37 +03:00
parent 5c8a166218
commit b56376624e
3 changed files with 225 additions and 0 deletions

5
gitea/README.md Normal file
View File

@ -0,0 +1,5 @@
# Gitea
```
kubectl apply -n gitea -f application.yaml
```

207
gitea/application.yaml Normal file
View File

@ -0,0 +1,207 @@
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: gitea
namespace: gitea
spec:
dnsNames:
- git.k-space.ee
issuerRef:
kind: ClusterIssuer
name: default
secretName: git-tls
---
apiVersion: codemowers.io/v1alpha1
kind: OIDCGWClient
metadata:
name: gitea
spec:
displayName: Gitea
uri: https://git.k-space.ee
redirectUris:
- https://git.k-space.ee/user/oauth2/OpenID/callback
allowedGroups:
- k-space:floor
grantTypes:
- authorization_code
- refresh_token
responseTypes:
- code
availableScopes:
- openid
- profile
pkce: false
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: gitea
labels:
app.kubernetes.io/name: gitea
spec:
serviceName: gitea
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: gitea
template:
metadata:
labels:
app.kubernetes.io/name: gitea
spec:
containers:
- name: gitea
image: gitea/gitea:1.20.1
command:
- /bin/bash
- -c
- '/etc/s6/gitea/setup && /etc/s6/gitea/run'
env:
- name: GITEA_____APP_NAME
value: Gitea
- name: GITEA_____RUN_USER
value: git
- name: GITEA_____RUN_MODE
value: prod
- name: GITEA__SERVER__SSH_SERVER_HOST_KEYS
value: ssh/gitea.rsa,ssh/gitea.ecdsa,ssh/gitea.ed25519
- name: GITEA__SERVER__START_SSH_SERVER
value: "true"
- name: GITEA__SERVER__CERT_FILE
value: "/cert/tls.crt"
- name: GITEA__SERVER__KEY_FILE
value: "/cert/tls.key"
- name: GITEA__SERVER__SSH_LISTEN_PORT
value: "2222"
- name: GITEA__U2F__APP_ID
value: https://git.k-space.ee
- name: GITEA__SERVER__PROTOCOL
value: https
- name: REDIRECT_OTHER_PORT
value: "true"
- name: PORT_TO_REDIRECT
value: "8080"
- name: GITEA__SERVER__DOMAIN
value: git.k-space.ee
- name: GITEA__SERVER__HTTP_ADDR
value: 0.0.0.0
- name: GITEA__SERVER__ROOT_URL
value: https://git.k-space.ee
- name: GITEA__SSH.MINIMUM_KEY_SIZES__DSA
value: "-1"
- name: GITEA__DATABASE__DB_TYPE
value: mysql
- name: GITEA__DATABASE__HOST
value: mariadb.infra.k-space.ee:3306
- name: GITEA__DATABASE__NAME
value: kspace_git
- name: GITEA__DATABASE__USER
value: kspace_git
- name: GITEA__DATABASE__SSL_MODE
value: disable
- name: GITEA__DATABASE__LOG_SQL
value: "false"
- name: GITEA__SECURITY__INSTALL_LOCK
value: "true"
- name: GITEA__SECURITY__SECRET_KEY
value: t2RrFCn4Q22MFPc
- name: GITEA__SECURITY__LOGIN_REMEMBER_DAYS
value: "30"
- name: GITEA__SERVICE__REGISTER_EMAIL_CONFIRM
value: "true"
- name: GITEA__SERVICE__DISABLE_REGISTRATION
value: "true"
- name: GITEA__SERVICE__ENABLE_NOTIFY_MAIL
value: "true"
- name: GITEA__MAILER__ENABLED
value: "true"
- name: GITEA__MAILER__HOST
value: mail.k-space.ee:465
- name: GITEA__MAILER__FROM
value: Gitea <git@k-space.ee>
- name: GITEA__MAILER__USER
value: git
- name: GITEA__MAILER__USE_PLAIN_TEXT
value: "false"
- name: GITEA__SESSION__PROVIDER
value: file
- name: GITEA__SESSION__COOKIE_SECURE
value: "true"
- name: GITEA__LOG__ENABLE_XORM_LOG
value: "false"
- name: GITEA__CRON__ENABLED
value: "true"
- name: GITEA__I18N__LANGS
value: en-US
- name: GITEA__I18N__NAMES
value: English
- name: GITEA__DATABASE__PASSWD
valueFrom:
secretKeyRef:
name: gitea-secrets
key: GITEA__DATABASE__PASSWD
- name: GITEA__MAILER__PASSWD
valueFrom:
secretKeyRef:
name: gitea-secrets
key: GITEA__MAILER__PASSWD
- name: GITEA__OAUTH2__JWT_SECRET
valueFrom:
secretKeyRef:
name: gitea-secrets
key: GITEA__OAUTH2__JWT_SECRET
- name: GITEA__SECURITY__INTERNAL_TOKEN
valueFrom:
secretKeyRef:
name: gitea-secrets
key: GITEA__SECURITY__INTERNAL_TOKEN
ports:
- containerPort: 8080
name: http
- containerPort: 3000
name: https
- containerPort: 2222
name: ssh
volumeMounts:
- mountPath: /cert
name: cert
- mountPath: /data
name: data
volumes:
- name: cert
secret:
secretName: git-tls
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
storageClassName: gitea
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: Service
metadata:
name: gitea
namespace: gitea
annotations:
external-dns.alpha.kubernetes.io/hostname: git.k-space.ee
spec:
type: LoadBalancer
externalTrafficPolicy: Local
selector:
app.kubernetes.io/name: gitea
ports:
- port: 22
name: ssh
targetPort: 2222
- port: 80
name: http
targetPort: 8080
- port: 443
name: https
targetPort: 3000

View File

@ -66,3 +66,16 @@ parameters:
dataLocality: best-effort
numberOfReplicas: "1"
fsType: "xfs"
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: gitea
provisioner: driver.longhorn.io
reclaimPolicy: Retain
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
dataLocality: best-effort
numberOfReplicas: "3"
fsType: "xfs"