hive-apps/projects/forgejo/values/gitea.yaml

163 lines
3.4 KiB
YAML
Raw Normal View History

2021-11-28 11:16:31 +01:00
# Gitea
image:
2023-07-25 11:42:54 +02:00
registry: "codeberg.org"
repository: forgejo/forgejo
# Overrides the image tag whose default is the chart appVersion.
tag: "1.21.11-0"
2023-07-25 11:42:54 +02:00
pullPolicy: Always
2021-11-28 11:16:31 +01:00
rootless: true
2022-12-13 22:01:06 +01:00
#statefulset:
#env:
# - name: HTTP_PROXY
# value: http://proxy-squid.proxy.svc.cluster.local:3128
# - name: HTTPS_PROXY
# value: http://proxy-squid.proxy.svc.cluster.local:3128
# - name: http_proxy
# value: http://proxy-squid.proxy.svc.cluster.local:3128
# - name: https_proxy
# value: http://proxy-squid.proxy.svc.cluster.local:3128
# - name: NO_PROXY
# value: argocd-server.argocd.svc.cluster.local,10.43.0.0/16
# - name: no_proxy
# value: argocd-server.argocd.svc.cluster.local,10.43.0.0/16
2021-11-28 11:16:31 +01:00
2023-07-25 11:42:54 +02:00
containerSecurityContext:
2021-11-28 11:16:31 +01:00
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
# # https://gitea.com/gitea/helm-chart/issues/161
2022-12-13 21:35:35 +01:00
add:
- SYS_CHROOT
2021-11-28 11:16:31 +01:00
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
2023-07-25 11:42:54 +02:00
podSecurityContext:
2021-11-28 11:16:31 +01:00
runAsUser: 1000
2023-07-25 11:42:54 +02:00
runAsGroup: 1000
fsGroup: 1000
2021-11-28 11:16:31 +01:00
service:
http:
type: ClusterIP
port: 3000
ssh:
type: LoadBalancer
port: 2222
ingress:
enabled: true
className: ingress-external
2022-01-06 11:17:45 +01:00
labels:
environment: external
2021-11-28 11:16:31 +01:00
annotations:
kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: letsencrypt
2023-02-28 07:54:18 +01:00
external-dns.alpha.kubernetes.io/hostname: git.nold.in
external-dns.alpha.kubernetes.io/target: nold.in
external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
2021-11-28 11:16:31 +01:00
hosts:
- host: git.nold.in
paths:
- path: /
pathType: Prefix
tls:
- secretName: gitea-tls
hosts:
- git.nold.in
2023-07-25 11:42:54 +02:00
resources:
limits:
cpu: 4000m
memory: 2048Mi
2021-11-28 11:16:31 +01:00
# requests:
# cpu: 100m
# memory: 128Mi
persistence:
enabled: true
size: 10Gi
#storageClass: slow
gitea:
admin:
existingSecret: admin
metrics:
enabled: false
serviceMonitor:
enabled: false
# additionalLabels:
# prometheus-release: prom1
2022-01-02 16:37:35 +01:00
oauth: []
2021-11-28 11:16:31 +01:00
#name:
#provider:
#key:
#secret:
#autoDiscoverUrl:
#useCustomUrls:
#customAuthUrl:
#customTokenUrl:
#customProfileUrl:
#customEmailUrl:
config:
2023-07-25 21:48:23 +02:00
APP_NAME: "Let's forge some forks"
2022-12-13 21:35:35 +01:00
webhook:
ALLOWED_HOST_LIST: argocd-server.argocd.svc.cluster.local
2021-11-28 11:16:31 +01:00
ui:
DEFAULT_THEME: arc-green
repository:
DEFAULT_BRANCH: main
server:
LFS_START_SERVER: true
PROTOCOL: http
2022-07-20 10:56:02 +02:00
DOMAIN: git.nold.in
ROOT_URL: https://git.nold.in
2021-11-28 11:16:31 +01:00
database:
2022-12-13 21:35:35 +01:00
NAME: app
HOST: gitea-db-rw.gitea.svc.cluster.local:5432
2021-11-28 11:16:31 +01:00
service:
DISABLE_REGISTRATION: true
lfs:
STORAGE_TYPE: local
picture:
DISABLE_GRAVATAR: true
metrics:
ENABLED: false
api:
ENABLE_SWAGGER: false
oauth:
ENABLE: false
2022-12-13 22:01:06 +01:00
proxy:
PROXY_ENABLED: true
PROXY_URL: "http://proxy-squid.proxy.svc.cluster.local:3128"
PROXY_HOSTS: "github.com"
2021-11-28 11:16:31 +01:00
2022-12-13 21:35:35 +01:00
additionalConfigFromEnvs:
2024-01-16 15:34:07 +01:00
- name: FORGEJO__database__PASSWD
2022-12-13 21:35:35 +01:00
valueFrom:
secretKeyRef:
2024-01-15 11:16:44 +01:00
name: gitea-db-app
2022-12-13 21:35:35 +01:00
key: password
2024-01-16 15:34:07 +01:00
- name: FORGEJO__database__USER
2022-12-13 21:35:35 +01:00
valueFrom:
secretKeyRef:
2024-01-15 11:16:44 +01:00
name: gitea-db-app
2022-12-13 21:35:35 +01:00
key: username
2022-01-02 16:37:35 +01:00
memcached:
enabled: true
service:
port: 11211
2021-11-28 11:16:31 +01:00
postgresql:
2022-12-13 21:35:35 +01:00
enabled: false
redis-cluster:
enabled: false
postgresql-ha:
enabled: false