alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

convert to dev domain

Browse Source
This commit is contained in:
Alex Lebens
2024-06-02 15:28:22 -05:00
parent 038543de2b
commit c5f609454f
3 changed files with 41 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
clusters/cl01tl/platform/gitea/Chart.yaml
View File

@@ -4,11 +4,16 @@ version: 1.0.0
sources: sources:
- https://github.com/go-gitea/gitea - https://github.com/go-gitea/gitea
- https://gitea.com/gitea/helm-chart - https://gitea.com/gitea/helm-chart
- https://github.com/cloudflare/cloudflared
- https://github.com/alexlebens/helm-charts/charts/postgres-cluster - https://github.com/alexlebens/helm-charts/charts/postgres-cluster
dependencies: dependencies:
- name: gitea - name: gitea
version: 10.1.4 version: 10.1.4
repository: https://dl.gitea.io/charts/ repository: https://dl.gitea.io/charts/
- name: cloudflared
alias: cloudflared
repository: http://alexlebens.github.io/helm-charts
version: 1.2.0
- name: postgres-cluster - name: postgres-cluster
alias: postgres-16-cluster alias: postgres-16-cluster
version: 3.1.0 version: 3.1.0

33
clusters/cl01tl/platform/gitea/templates/external-secret.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: gitea-admin-secret name: gitea-admin-secret
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/name: gitea-admin-secret
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web app.kubernetes.io/component: web
@@ -18,14 +18,14 @@ spec:
remoteRef: remoteRef:
conversionStrategy: Default conversionStrategy: Default
decodingStrategy: None decodingStrategy: None
key: /gitea/auth/admin key: /cl01tl/gitea/auth/admin
metadataPolicy: None metadataPolicy: None
property: username property: username
- secretKey: password - secretKey: password
remoteRef: remoteRef:
conversionStrategy: Default conversionStrategy: Default
decodingStrategy: None decodingStrategy: None
key: /gitea/auth/admin key: /cl01tl/gitea/auth/admin
metadataPolicy: None metadataPolicy: None
property: password property: password
@@ -36,7 +36,7 @@ metadata:
name: gitea-oidc-secret name: gitea-oidc-secret
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/name: gitea-oidc-secret
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web app.kubernetes.io/component: web
@@ -61,6 +61,31 @@ spec:
metadataPolicy: None metadataPolicy: None
property: client property: client
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: gitea-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/gitea
metadataPolicy: None
property: token
--- ---
apiVersion: external-secrets.io/v1beta1 apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret kind: ExternalSecret

22
clusters/cl01tl/platform/gitea/values.yaml
View File

@@ -1,20 +1,6 @@
gitea: gitea:
ingress: ingress:
enabled: true enabled: false
className: traefik
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: letsencrypt-issuer
hosts:
- host: gitea.alexlebens.net
paths:
- path: /
pathType: Prefix
tls:
- secretName: gitea-secret-tls
hosts:
- gitea.alexlebens.net
gitea: gitea:
admin: admin:
existingSecret: gitea-admin-secret existingSecret: gitea-admin-secret
@@ -25,7 +11,7 @@ gitea:
config: config:
server: server:
LANDING_PAGE: explore LANDING_PAGE: explore
ROOT_URL: https://gitea.alexlebens.net ROOT_URL: https://gitea.alexlebens.dev
ENABLE_PPROF: true ENABLE_PPROF: true
webhook: webhook:
ALLOWED_HOST_LIST: private ALLOWED_HOST_LIST: private
@@ -63,7 +49,7 @@ gitea:
- name: Authentik - name: Authentik
provider: openidConnect provider: openidConnect
existingSecret: gitea-oidc-secret existingSecret: gitea-oidc-secret
autoDiscoverUrl: "https://authentik.alexlebens.net/application/o/gitea/.well-known/openid-configuration" autoDiscoverUrl: https://auth.alexlebens.dev/application/o/gitea/.well-known/openid-configuration
iconUrl: https://goauthentik.io/img/icon.png iconUrl: https://goauthentik.io/img/icon.png
scopes: "email profile" scopes: "email profile"
persistence: persistence:
@@ -76,6 +62,8 @@ gitea:
enabled: true enabled: true
persistence: persistence:
enabled: false enabled: false
cloudflared:
existingSecretName: gitea-cloudflared-secret
postgres-16-cluster: postgres-16-cluster:
mode: standalone mode: standalone
cluster: cluster: