alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

convert to dev domain

Browse Source
This commit is contained in:
Alex Lebens
2024-06-02 15:28:22 -05:00
parent 038543de2b
commit c5f609454f
3 changed files with 41 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
clusters/cl01tl/platform/gitea/Chart.yaml
View File

@@ -4,13 +4,18 @@ version: 1.0.0
sources:
- https://github.com/go-gitea/gitea
- https://gitea.com/gitea/helm-chart
- https://github.com/cloudflare/cloudflared
- https://github.com/alexlebens/helm-charts/charts/postgres-cluster
dependencies:
- name: gitea
version: 10.1.4
repository: https://dl.gitea.io/charts/
- name: cloudflared
alias: cloudflared
repository: http://alexlebens.github.io/helm-charts
version: 1.2.0
- name: postgres-cluster
alias: postgres-16-cluster
version: 3.1.0
repository: http://alexlebens.github.io/helm-charts
repository: http://alexlebens.github.io/helm-charts
appVersion: "1.21.7"

35
clusters/cl01tl/platform/gitea/templates/external-secret.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: gitea-admin-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/name: gitea-admin-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
@@ -18,14 +18,14 @@ spec:
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /gitea/auth/admin
key: /cl01tl/gitea/auth/admin
metadataPolicy: None
property: username
property: username
- secretKey: password
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /gitea/auth/admin
key: /cl01tl/gitea/auth/admin
metadataPolicy: None
property: password
@@ -36,7 +36,7 @@ metadata:
name: gitea-oidc-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/name: gitea-oidc-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
@@ -61,6 +61,31 @@ spec:
metadataPolicy: None
property: client
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: gitea-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/gitea
metadataPolicy: None
property: token
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret

22
clusters/cl01tl/platform/gitea/values.yaml
View File

@@ -1,20 +1,6 @@
gitea:
ingress:
enabled: true
className: traefik
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: letsencrypt-issuer
hosts:
- host: gitea.alexlebens.net
paths:
- path: /
pathType: Prefix
tls:
- secretName: gitea-secret-tls
hosts:
- gitea.alexlebens.net
enabled: false
gitea:
admin:
existingSecret: gitea-admin-secret
@@ -25,7 +11,7 @@ gitea:
config:
server:
LANDING_PAGE: explore
ROOT_URL: https://gitea.alexlebens.net
ROOT_URL: https://gitea.alexlebens.dev
ENABLE_PPROF: true
webhook:
ALLOWED_HOST_LIST: private
@@ -63,7 +49,7 @@ gitea:
- name: Authentik
provider: openidConnect
existingSecret: gitea-oidc-secret
autoDiscoverUrl: "https://authentik.alexlebens.net/application/o/gitea/.well-known/openid-configuration"
autoDiscoverUrl: https://auth.alexlebens.dev/application/o/gitea/.well-known/openid-configuration
iconUrl: https://goauthentik.io/img/icon.png
scopes: "email profile"
persistence:
@@ -76,6 +62,8 @@ gitea:
enabled: true
persistence:
enabled: false
cloudflared:
existingSecretName: gitea-cloudflared-secret
postgres-16-cluster:
mode: standalone
cluster: