nold/hive-apps
1
0
Fork 0
mirror of https://github.com/nold360/hive-apps synced 2024-07-05 16:03:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(gitea): values for forgejo

Browse source
This commit is contained in:
Nold 2023-07-25 11:42:54 +02:00 committed by nold
parent 25fcc693ed
commit 32ae9eae5a
2 changed files with 17 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
projects/gitea/project.yml
View file

@ -13,7 +13,7 @@ config:
apps: apps:
- name: gitea - name: gitea
repoURL: oci://codeberg.org/forgejo-contrib/forgejo repoURL: codeberg.org/forgejo-contrib
chart: forgejo chart: forgejo
targetRevision: 0.9.2 targetRevision: 0.9.2
secrets: secrets:

34
projects/gitea/values/gitea.yaml
View file

@ -1,7 +1,10 @@
# Gitea # Gitea
image: image:
repository: gitea/gitea registry: "codeberg.org"
tag: "1.20" repository: forgejo/forgejo
# Overrides the image tag whose default is the chart appVersion.
tag: ""
pullPolicy: Always
rootless: true rootless: true
#statefulset: #statefulset:
@ -19,7 +22,7 @@ image:
# - name: no_proxy # - name: no_proxy
# value: argocd-server.argocd.svc.cluster.local,10.43.0.0/16 # value: argocd-server.argocd.svc.cluster.local,10.43.0.0/16
securityContext: containerSecurityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
capabilities: capabilities:
drop: drop:
@ -29,9 +32,12 @@ securityContext:
- SYS_CHROOT - SYS_CHROOT
privileged: false privileged: false
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
runAsGroup: 1000
runAsNonRoot: true runAsNonRoot: true
podSecurityContext:
runAsUser: 1000 runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
service: service:
http: http:
@ -47,10 +53,8 @@ ingress:
labels: labels:
environment: external environment: external
annotations: annotations:
# kubernetes.io/ingress.class: ingress-external
kubernetes.io/tls-acme: "true" kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: letsencrypt cert-manager.io/cluster-issuer: letsencrypt
traefik.ingress.kubernetes.io/router.tls: 'true'
external-dns.alpha.kubernetes.io/hostname: git.nold.in external-dns.alpha.kubernetes.io/hostname: git.nold.in
external-dns.alpha.kubernetes.io/target: nold.in external-dns.alpha.kubernetes.io/target: nold.in
external-dns.alpha.kubernetes.io/cloudflare-proxied: "true" external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
@ -64,14 +68,10 @@ ingress:
hosts: hosts:
- git.nold.in - git.nold.in
resources: {} resources:
# We usually recommend not to specify default resources and to leave this as a conscious limits:
# choice for the user. This also increases chances charts run on environments with little cpu: 4000m
# resources, such as Minikube. If you do want to specify resources, uncomment the following memory: 2048Mi
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests: # requests:
# cpu: 100m # cpu: 100m
# memory: 128Mi # memory: 128Mi
@ -136,16 +136,14 @@ gitea:
PROXY_ENABLED: true PROXY_ENABLED: true
PROXY_URL: "http://proxy-squid.proxy.svc.cluster.local:3128" PROXY_URL: "http://proxy-squid.proxy.svc.cluster.local:3128"
PROXY_HOSTS: "github.com" PROXY_HOSTS: "github.com"
queue:
CONN_STR: "redis+cluster://rfs-gitea-redis.gitea.svc.cluster.local:6379/0"
additionalConfigFromEnvs: additionalConfigFromEnvs:
- name: GITEA__DATABASE__PASSWD - name: FORGEJO__DATABASE__PASSWD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gitea-db-superuser name: gitea-db-superuser
key: password key: password
- name: GITEA__DATABASE__USER - name: FORGEJO__DATABASE__USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gitea-db-superuser name: gitea-db-superuser