hive-apps/projects/forgejo/values/gitea.yaml

# Gitea
image:
  registry: "codeberg.org"
  repository: forgejo/forgejo
  # Overrides the image tag whose default is the chart appVersion.
  tag: "1.21.10-0"
  pullPolicy: Always
  rootless: true

#statefulset:
  #env:
  #  - name: HTTP_PROXY
  #    value: http://proxy-squid.proxy.svc.cluster.local:3128
  #  - name: HTTPS_PROXY
  #    value: http://proxy-squid.proxy.svc.cluster.local:3128
  #  - name: http_proxy
  #    value: http://proxy-squid.proxy.svc.cluster.local:3128
  #  - name: https_proxy
  #    value: http://proxy-squid.proxy.svc.cluster.local:3128
  #  - name: NO_PROXY
  #    value: argocd-server.argocd.svc.cluster.local,10.43.0.0/16
  #  - name: no_proxy
  #    value: argocd-server.argocd.svc.cluster.local,10.43.0.0/16

containerSecurityContext:
  allowPrivilegeEscalation: false
  capabilities:
    drop:
      - ALL
#   # https://gitea.com/gitea/helm-chart/issues/161
    add:
      - SYS_CHROOT
  privileged: false
  readOnlyRootFilesystem: true
  runAsNonRoot: true

podSecurityContext:
  runAsUser: 1000
  runAsGroup: 1000
  fsGroup: 1000

service:
  http:
    type: ClusterIP
    port: 3000
  ssh:
    type: LoadBalancer
    port: 2222

ingress:
  enabled: true
  className: ingress-external
  labels:
    environment: external
  annotations:
    kubernetes.io/tls-acme: "true"
    cert-manager.io/cluster-issuer: letsencrypt
    external-dns.alpha.kubernetes.io/hostname: git.nold.in
    external-dns.alpha.kubernetes.io/target: nold.in
    external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
  hosts:
    - host: git.nold.in
      paths:
        - path: /
          pathType: Prefix
  tls:
    - secretName: gitea-tls
      hosts:
        - git.nold.in

resources:
  limits:
    cpu: 4000m
    memory: 2048Mi
  # requests:
  #   cpu: 100m
  #   memory: 128Mi

persistence:
  enabled: true
  size: 10Gi
  #storageClass: slow

gitea:
  admin:
    existingSecret: admin

  metrics:
    enabled: false
    serviceMonitor:
      enabled: false
      #  additionalLabels:
      #    prometheus-release: prom1

  oauth: []
    #name:
    #provider:
    #key:
    #secret:
    #autoDiscoverUrl:
    #useCustomUrls:
    #customAuthUrl:
    #customTokenUrl:
    #customProfileUrl:
    #customEmailUrl:

  config:
    APP_NAME: "Let's forge some forks"
    webhook:
      ALLOWED_HOST_LIST: argocd-server.argocd.svc.cluster.local
    ui:
      DEFAULT_THEME: arc-green
    repository:
      DEFAULT_BRANCH: main
    server:
      LFS_START_SERVER: true
      PROTOCOL: http
      DOMAIN: git.nold.in
      ROOT_URL: https://git.nold.in
    database:
      NAME: app
      HOST: gitea-db-rw.gitea.svc.cluster.local:5432
    service:
      DISABLE_REGISTRATION: true
    lfs:
      STORAGE_TYPE: local
    picture:
      DISABLE_GRAVATAR: true
    metrics:
      ENABLED: false
    api:
      ENABLE_SWAGGER: false
    oauth:
      ENABLE: false
    proxy:
      PROXY_ENABLED: true
      PROXY_URL: "http://proxy-squid.proxy.svc.cluster.local:3128"
      PROXY_HOSTS: "github.com"

  additionalConfigFromEnvs:
    - name: FORGEJO__database__PASSWD
      valueFrom:
        secretKeyRef:
          name: gitea-db-app
          key: password
    - name: FORGEJO__database__USER
      valueFrom:
        secretKeyRef:
          name: gitea-db-app
          key: username

memcached:
  enabled: true
  service:
    port: 11211

postgresql:
  enabled: false
redis-cluster:
  enabled: false
postgresql-ha:
  enabled: false
App Migration 2021-11-28 10:16:31 +00:00			`# Gitea`
			`image:`
fix(gitea): values for forgejo 2023-07-25 09:42:54 +00:00			`registry: "codeberg.org"`
			`repository: forgejo/forgejo`
			`# Overrides the image tag whose default is the chart appVersion.`
chore(deps): update docker image codeberg.org/forgejo/forgejo to v1.21.10 2024-04-04 23:23:17 +00:00			`tag: "1.21.10-0"`
fix(gitea): values for forgejo 2023-07-25 09:42:54 +00:00			`pullPolicy: Always`
App Migration 2021-11-28 10:16:31 +00:00			`rootless: true`

allow(gitea): argocd webhook 2022-12-13 21:01:06 +00:00			`#statefulset:`
			`#env:`
			`# - name: HTTP_PROXY`
			`# value: http://proxy-squid.proxy.svc.cluster.local:3128`
			`# - name: HTTPS_PROXY`
			`# value: http://proxy-squid.proxy.svc.cluster.local:3128`
			`# - name: http_proxy`
			`# value: http://proxy-squid.proxy.svc.cluster.local:3128`
			`# - name: https_proxy`
			`# value: http://proxy-squid.proxy.svc.cluster.local:3128`
			`# - name: NO_PROXY`
			`# value: argocd-server.argocd.svc.cluster.local,10.43.0.0/16`
			`# - name: no_proxy`
			`# value: argocd-server.argocd.svc.cluster.local,10.43.0.0/16`
App Migration 2021-11-28 10:16:31 +00:00
fix(gitea): values for forgejo 2023-07-25 09:42:54 +00:00			`containerSecurityContext:`
App Migration 2021-11-28 10:16:31 +00:00			`allowPrivilegeEscalation: false`
			`capabilities:`
			`drop:`
			`- ALL`
			`# # https://gitea.com/gitea/helm-chart/issues/161`
add(gitea): postgres 2022-12-13 20:35:35 +00:00			`add:`
			`- SYS_CHROOT`
App Migration 2021-11-28 10:16:31 +00:00			`privileged: false`
			`readOnlyRootFilesystem: true`
			`runAsNonRoot: true`
fix(gitea): values for forgejo 2023-07-25 09:42:54 +00:00
			`podSecurityContext:`
App Migration 2021-11-28 10:16:31 +00:00			`runAsUser: 1000`
fix(gitea): values for forgejo 2023-07-25 09:42:54 +00:00			`runAsGroup: 1000`
			`fsGroup: 1000`
App Migration 2021-11-28 10:16:31 +00:00
			`service:`
			`http:`
			`type: ClusterIP`
			`port: 3000`
			`ssh:`
			`type: LoadBalancer`
			`port: 2222`

			`ingress:`
			`enabled: true`
change(ingress-external): switched to nginx 2023-02-28 08:55:44 +00:00			`className: ingress-external`
Add: Ingress External labelSelector 2022-01-06 10:17:45 +00:00			`labels:`
			`environment: external`
App Migration 2021-11-28 10:16:31 +00:00			`annotations:`
			`kubernetes.io/tls-acme: "true"`
			`cert-manager.io/cluster-issuer: letsencrypt`
fix(gitea): ingress class name 2023-02-28 06:54:18 +00:00			`external-dns.alpha.kubernetes.io/hostname: git.nold.in`
			`external-dns.alpha.kubernetes.io/target: nold.in`
			`external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"`
App Migration 2021-11-28 10:16:31 +00:00			`hosts:`
			`- host: git.nold.in`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`tls:`
			`- secretName: gitea-tls`
			`hosts:`
			`- git.nold.in`

fix(gitea): values for forgejo 2023-07-25 09:42:54 +00:00			`resources:`
			`limits:`
			`cpu: 4000m`
			`memory: 2048Mi`
App Migration 2021-11-28 10:16:31 +00:00			`# requests:`
			`# cpu: 100m`
			`# memory: 128Mi`

			`persistence:`
			`enabled: true`
			`size: 10Gi`
			`#storageClass: slow`

			`gitea:`
			`admin:`
			`existingSecret: admin`

			`metrics:`
			`enabled: false`
			`serviceMonitor:`
			`enabled: false`
			`# additionalLabels:`
			`# prometheus-release: prom1`

Fix: gitea values 2022-01-02 15:37:35 +00:00			`oauth: []`
App Migration 2021-11-28 10:16:31 +00:00			`#name:`
			`#provider:`
			`#key:`
			`#secret:`
			`#autoDiscoverUrl:`
			`#useCustomUrls:`
			`#customAuthUrl:`
			`#customTokenUrl:`
			`#customProfileUrl:`
			`#customEmailUrl:`

			`config:`
fix(gitea): forgeo migration 2023-07-25 19:48:23 +00:00			`APP_NAME: "Let's forge some forks"`
add(gitea): postgres 2022-12-13 20:35:35 +00:00			`webhook:`
			`ALLOWED_HOST_LIST: argocd-server.argocd.svc.cluster.local`
App Migration 2021-11-28 10:16:31 +00:00			`ui:`
			`DEFAULT_THEME: arc-green`
			`repository:`
			`DEFAULT_BRANCH: main`
			`server:`
			`LFS_START_SERVER: true`
			`PROTOCOL: http`
Fix(gitea) ROOT_URL 2022-07-20 08:56:02 +00:00			`DOMAIN: git.nold.in`
			`ROOT_URL: https://git.nold.in`
App Migration 2021-11-28 10:16:31 +00:00			`database:`
add(gitea): postgres 2022-12-13 20:35:35 +00:00			`NAME: app`
			`HOST: gitea-db-rw.gitea.svc.cluster.local:5432`
App Migration 2021-11-28 10:16:31 +00:00			`service:`
			`DISABLE_REGISTRATION: true`
			`lfs:`
			`STORAGE_TYPE: local`
			`picture:`
			`DISABLE_GRAVATAR: true`
			`metrics:`
			`ENABLED: false`
			`api:`
			`ENABLE_SWAGGER: false`
			`oauth:`
			`ENABLE: false`
allow(gitea): argocd webhook 2022-12-13 21:01:06 +00:00			`proxy:`
			`PROXY_ENABLED: true`
			`PROXY_URL: "http://proxy-squid.proxy.svc.cluster.local:3128"`
			`PROXY_HOSTS: "github.com"`
App Migration 2021-11-28 10:16:31 +00:00
add(gitea): postgres 2022-12-13 20:35:35 +00:00			`additionalConfigFromEnvs:`
fix(forgejo) 2024-01-16 14:34:07 +00:00			`- name: FORGEJO__database__PASSWD`
add(gitea): postgres 2022-12-13 20:35:35 +00:00			`valueFrom:`
			`secretKeyRef:`
fix(forgejo) 2024-01-15 10:16:44 +00:00			`name: gitea-db-app`
add(gitea): postgres 2022-12-13 20:35:35 +00:00			`key: password`
fix(forgejo) 2024-01-16 14:34:07 +00:00			`- name: FORGEJO__database__USER`
add(gitea): postgres 2022-12-13 20:35:35 +00:00			`valueFrom:`
			`secretKeyRef:`
fix(forgejo) 2024-01-15 10:16:44 +00:00			`name: gitea-db-app`
add(gitea): postgres 2022-12-13 20:35:35 +00:00			`key: username`

Fix: gitea values 2022-01-02 15:37:35 +00:00			`memcached:`
			`enabled: true`
			`service:`
			`port: 11211`
App Migration 2021-11-28 10:16:31 +00:00
			`postgresql:`
add(gitea): postgres 2022-12-13 20:35:35 +00:00			`enabled: false`
fix(gitea): dont deploy postgres/redis clusters on a single node, dude! 2023-07-24 13:05:12 +00:00			`redis-cluster:`
			`enabled: false`
			`postgresql-ha:`
			`enabled: false`