seth
/
video-iac
mirror of https://bitbucket.org/jamkazam/video-iac.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
video-iac/k8s/jam-cloud-infra/gitea.yaml

195 lines
4.3 KiB
YAML
Raw Blame History

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gitea-data
namespace: jam-cloud-infra
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: linode-block-storage-retain
---
apiVersion: v1
kind: ConfigMap
metadata:
name: gitea-config
namespace: jam-cloud-infra
data:
app.ini: |
APP_NAME = Gitea: Git with a cup of tea
RUN_MODE = prod
WORK_PATH = /data/gitea
[repository]
ROOT = /data/git/repositories
ALLOWED_SCHEMES = http,https,ssh,git
[repository.local]
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
[repository.upload]
TEMP_PATH = /data/gitea/uploads
[server]
APP_DATA_PATH = /data/gitea
DOMAIN = git.staging.jamkazam.com
SSH_DOMAIN = localhost
HTTP_PORT = 3000
ROOT_URL = https://git.staging.jamkazam.com/
DISABLE_SSH = false
SSH_PORT = 22
SSH_LISTEN_PORT = 22
LFS_START_SERVER = false
[database]
PATH = /data/gitea/gitea.db
DB_TYPE = sqlite3
HOST = localhost:3306
NAME = gitea
USER = root
PASSWD =
LOG_SQL = false
[indexer]
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
[session]
PROVIDER_CONFIG = /data/gitea/sessions
[picture]
AVATAR_UPLOAD_PATH = /data/gitea/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
[attachment]
PATH = /data/gitea/attachments
[log]
MODE = console
LEVEL = info
ROOT_PATH = /data/gitea/log
[security]
INSTALL_LOCK = true
SECRET_KEY =
REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_TRUSTED_PROXIES = *
INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3NzMwMDMyODN9.c3kDP5f7-lo3yR-Z8mPiaAsSEsohWc-LxZksIqTcPWw
[service]
DISABLE_REGISTRATION = false
REQUIRE_SIGNIN_VIEW = false
[lfs]
PATH = /data/git/lfs
[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true
[oauth2]
ENABLE = true
JWT_SECRET = HDi5Td6dRBC240L6ryMI4eMnowcwQVpfKrmIPNrEeAI
[actions]
ENABLED = true
[migrations]
ALLOW_SSH_MIGRATIONS = true
ALLOWED_DOMAINS = *
ALLOW_LOCALNETWORKS = true
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: gitea
namespace: jam-cloud-infra
labels:
app: gitea
spec:
replicas: 1
selector:
matchLabels:
app: gitea
template:
metadata:
labels:
app: gitea
spec:
containers:
- name: gitea
image: gitea/gitea:1.21.7
ports:
- containerPort: 3000
name: http
- containerPort: 22
name: ssh
env:
- name: GITEA_CUSTOM
value: /etc/gitea
volumeMounts:
- name: data
mountPath: /data
- name: config
mountPath: /etc/gitea/conf/
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "sleep 5; /sbin/su-exec git gitea admin user create --admin --username seth --password changeme123 --email seth@jamkazam.com --must-change-password=false || true"]
volumes:
- name: data
persistentVolumeClaim:
claimName: gitea-data
- name: config
configMap:
name: gitea-config
---
apiVersion: v1
kind: Service
metadata:
name: gitea
namespace: jam-cloud-infra
spec:
selector:
app: gitea
ports:
- port: 80
targetPort: 3000
name: http
- port: 22
targetPort: 22
name: ssh
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: gitea
namespace: jam-cloud-infra
annotations:
cert-manager.io/cluster-issuer: letsencrypt-nginx-production
nginx.ingress.kubernetes.io/proxy-body-size: "512m"
spec:
ingressClassName: nginx
tls:
- secretName: gitea-tls
hosts:
- git.staging.jamkazam.com
- idp.staging.jamkazam.com
- console.staging.jamkazam.com
rules:
- host: git.staging.jamkazam.com
http: &gitea_path
paths:
- path: /
pathType: Prefix
backend:
service:
name: gitea
port:
number: 80
- host: idp.staging.jamkazam.com
http: *gitea_path
- host: console.staging.jamkazam.com
http: *gitea_path
Reference in New Issue View Git Blame Copy Permalink