gitea: image: repository: gitea/gitea tag: 1.23.4 service: http: type: ClusterIP port: 3000 clusterIP: 10.103.160.139 ssh: type: ClusterIP port: 2222 clusterIP: 10.103.160.140 ingress: enabled: false persistence: storageClass: ceph-block extraVolumes: - name: gitea-nfs-storage-backup persistentVolumeClaim: claimName: gitea-nfs-storage-backup extraVolumeMounts: - mountPath: /opt/backup name: gitea-nfs-storage-backup readOnly: false gitea: # admin: # existingSecret: gitea-admin-secret metrics: enabled: true serviceMonitor: enabled: true oauth: - name: Authentik provider: openidConnect existingSecret: gitea-oidc-secret autoDiscoverUrl: https://auth.alexlebens.dev/application/o/gitea/.well-known/openid-configuration iconUrl: https://goauthentik.io/img/icon.png scopes: "email profile" config: APP_NAME: Gitea server: PROTOCOL: http DOMAIN: gitea.alexlebens.dev ROOT_URL: https://gitea.alexlebens.dev LOCAL_ROOT_URL: http://gitea-http.gitea.svc.cluster.local:3000 START_SSH_SERVER: true SSH_DOMAIN: gitea-ssh.gitea SSH_PORT: 2222 SSH_LISTEN_PORT: 2222 ENABLE_PPROF: true LANDING_PAGE: explore database: DB_TYPE: postgres SCHEMA: public oauth2_client: ENABLE_AUTO_REGISTRATION: true service: REGISTER_MANUAL_CONFIRM: true SHOW_REGISTRATION_BUTTON: false ALLOW_ONLY_EXTERNAL_REGISTRATION: true explore: REQUIRE_SIGNIN_VIEW: true webhook: ALLOWED_HOST_LIST: private mirror: DEFAULT_INTERVAL: 10m additionalConfigFromEnvs: - name: GITEA__DATABASE__HOST valueFrom: secretKeyRef: name: gitea-postgresql-17-cluster-app key: host - name: GITEA__DATABASE__NAME valueFrom: secretKeyRef: name: gitea-postgresql-17-cluster-app key: dbname - name: GITEA__DATABASE__USER valueFrom: secretKeyRef: name: gitea-postgresql-17-cluster-app key: user - name: GITEA__DATABASE__PASSWD valueFrom: secretKeyRef: name: gitea-postgresql-17-cluster-app key: password memcached: enabled: true redis: enabled: false redis-cluster: enabled: false postgresql: enabled: false postgresql-ha: enabled: false mysql: enabled: false mariadb: enabled: false cloudflared: existingSecretName: gitea-cloudflared-secret backup: global: fullnameOverride: gitea-backup controllers: backup: type: cronjob cronjob: suspend: false concurrencyPolicy: Forbid timeZone: US/Central schedule: 0 4 * * * startingDeadlineSeconds: 90 successfulJobsHistory: 3 failedJobsHistory: 3 backoffLimit: 3 parallelism: 1 initContainers: backup: image: repository: bitnami/kubectl tag: 1.32.2 pullPolicy: IfNotPresent command: - sh args: - -ec - | kubectl exec -it deploy/gitea -n gitea -- rm -f /opt/backup/gitea-backup.zip; kubectl exec -it deploy/gitea -n gitea -- /app/gitea/gitea dump -c /data/gitea/conf/app.ini --file /opt/backup/gitea-backup.zip; resources: requests: cpu: 100m memory: 128Mi containers: s3: image: repository: d3fk/s3cmd tag: latest@sha256:4bdc8e5817cbdd048e6dc487f42e3d96a6b58af69b4be6f256de5e2416da90e9 pullPolicy: IfNotPresent command: - /bin/sh args: - -ec - | s3cmd put --no-check-md5 --no-check-certificate /opt/backup/gitea-backup.zip s3://gitea-backups-8ba8dae3674a2f53354c600e/cl01tl/cl01tl-gitea-backups/gitea-backup-$(date +"%Y%m%d-%H-%M").zip; mv /opt/backup/gitea-backup.zip /opt/backup/gitea-backup-$(date +"%Y%m%d-%H-%M").zip; envFrom: - secretRef: name: gitea-backup-s3 resources: requests: cpu: 100m memory: 128Mi serviceAccount: create: true persistence: config: existingClaim: gitea-nfs-storage-backup advancedMounts: backup: s3: - path: /opt/backup readOnly: false s3cmd-config: enabled: true type: secret name: gitea-s3cmd-config advancedMounts: backup: s3: - path: /root/.s3cfg readOnly: true mountPropagation: None subPath: .s3cfg postgres-17-cluster: mode: standalone cluster: walStorage: storageClass: local-path storage: storageClass: local-path monitoring: enabled: true backup: enabled: true endpointURL: https://nyc3.digitaloceanspaces.com destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/gitea/gitea-postgresql-17-cluster endpointCredentials: gitea-postgresql-17-cluster-backup-secret backupIndex: 2