init

clusters/cl01tl/platform/gitea/values.yaml

@@ -0,0 +1,96 @@
+gitea:
+  ingress:
+    enabled: true
+    className: traefik
+    annotations:
+      traefik.ingress.kubernetes.io/router.entrypoints: websecure
+      traefik.ingress.kubernetes.io/router.tls: "true"
+      cert-manager.io/cluster-issuer: letsencrypt-issuer
+    hosts:
+      - host: gitea.alexlebens.net
+        paths:
+          - path: /
+            pathType: Prefix
+    tls:
+      - secretName: gitea-secret-tls
+        hosts:
+          - gitea.alexlebens.net
+  gitea:
+    admin:
+      existingSecret: gitea-admin-secret
+    metrics:
+      enabled: true
+      serviceMonitor:
+        enabled: true
+    config:
+      server:
+        LANDING_PAGE: explore
+        ROOT_URL: https://gitea.alexlebens.net
+        ENABLE_PPROF: true
+      webhook:
+        ALLOWED_HOST_LIST: private
+        scopes: email profile
+      service:
+        DISABLE_REGISTRATION: true
+        SHOW_REGISTRATION_BUTTON: false
+        explore:
+          REQUIRE_SIGNIN_VIEW: true
+      database:
+        DB_TYPE: postgres
+        SCHEMA: public
+    additionalConfigFromEnvs:
+      - name: GITEA__DATABASE__HOST
+        valueFrom:
+          secretKeyRef:
+            name: gitea-postgresql-16-cluster-app
+            key: host
+      - name: GITEA__DATABASE__NAME
+        valueFrom:
+          secretKeyRef:
+            name: gitea-postgresql-16-cluster-app
+            key: dbname
+      - name: GITEA__DATABASE__USER
+        valueFrom:
+          secretKeyRef:
+            name: gitea-postgresql-16-cluster-app
+            key: user
+      - name: GITEA__DATABASE__PASSWD
+        valueFrom:
+          secretKeyRef:
+            name: gitea-postgresql-16-cluster-app
+            key: password
+    oauth:
+      - name: Authentik
+        provider: openidConnect
+        existingSecret: gitea-oidc-secret
+        autoDiscoverUrl: "https://authentik.alexlebens.net/application/o/gitea/.well-known/openid-configuration"
+        iconUrl: https://goauthentik.io/img/icon.png
+        scopes: "email profile"
+  persistence:
+    storageClass: ceph-block
+  postgresql:
+    enabled: false
+  postgresql-ha:
+    enabled: false
+  redis-cluster:
+    enabled: true
+    persistence:
+      enabled: false
+postgres-16-cluster:
+  mode: standalone
+  cluster:
+    walStorage:
+      storageClass: local-path
+    storage:
+      storageClass: local-path
+    monitoring:
+      enabled: true
+      prometheusRule:
+        enabled: false
+  backup:
+    enabled: true
+    endpointURL: https://s3.us-east-2.amazonaws.com
+    destinationPath: s3://cl01tl-postgresql-backups/gitea
+    endpointCredentials: gitea-postgresql-16-cluster-backup-secret
+    backupIndex: 1
+    retentionPolicy: 14d