gitea: ingress: enabled: true className: traefik annotations: traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" cert-manager.io/cluster-issuer: letsencrypt-issuer hosts: - host: gitea.alexlebens.net paths: - path: / pathType: Prefix tls: - secretName: gitea-secret-tls hosts: - gitea.alexlebens.net gitea: admin: existingSecret: gitea-admin-secret metrics: enabled: true serviceMonitor: enabled: true config: server: LANDING_PAGE: explore ROOT_URL: https://gitea.alexlebens.net ENABLE_PPROF: true webhook: ALLOWED_HOST_LIST: private scopes: email profile service: DISABLE_REGISTRATION: true SHOW_REGISTRATION_BUTTON: false explore: REQUIRE_SIGNIN_VIEW: true database: DB_TYPE: postgres SCHEMA: public additionalConfigFromEnvs: - name: GITEA__DATABASE__HOST valueFrom: secretKeyRef: name: gitea-postgresql-16-cluster-app key: host - name: GITEA__DATABASE__NAME valueFrom: secretKeyRef: name: gitea-postgresql-16-cluster-app key: dbname - name: GITEA__DATABASE__USER valueFrom: secretKeyRef: name: gitea-postgresql-16-cluster-app key: user - name: GITEA__DATABASE__PASSWD valueFrom: secretKeyRef: name: gitea-postgresql-16-cluster-app key: password oauth: - name: Authentik provider: openidConnect existingSecret: gitea-oidc-secret autoDiscoverUrl: "https://authentik.alexlebens.net/application/o/gitea/.well-known/openid-configuration" iconUrl: https://goauthentik.io/img/icon.png scopes: "email profile" persistence: storageClass: ceph-block postgresql: enabled: false postgresql-ha: enabled: false redis-cluster: enabled: true persistence: enabled: false postgres-16-cluster: mode: standalone cluster: walStorage: storageClass: local-path storage: storageClass: local-path monitoring: enabled: true prometheusRule: enabled: false backup: enabled: true endpointURL: https://s3.us-east-2.amazonaws.com destinationPath: s3://cl01tl-postgresql-backups/gitea endpointCredentials: gitea-postgresql-16-cluster-backup-secret backupIndex: 1 retentionPolicy: 14d