# Gitea image: registry: "codeberg.org" repository: forgejo/forgejo # Overrides the image tag whose default is the chart appVersion. tag: "1.21.7-0" pullPolicy: Always rootless: true #statefulset: #env: # - name: HTTP_PROXY # value: http://proxy-squid.proxy.svc.cluster.local:3128 # - name: HTTPS_PROXY # value: http://proxy-squid.proxy.svc.cluster.local:3128 # - name: http_proxy # value: http://proxy-squid.proxy.svc.cluster.local:3128 # - name: https_proxy # value: http://proxy-squid.proxy.svc.cluster.local:3128 # - name: NO_PROXY # value: argocd-server.argocd.svc.cluster.local,10.43.0.0/16 # - name: no_proxy # value: argocd-server.argocd.svc.cluster.local,10.43.0.0/16 containerSecurityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL # # https://gitea.com/gitea/helm-chart/issues/161 add: - SYS_CHROOT privileged: false readOnlyRootFilesystem: true runAsNonRoot: true podSecurityContext: runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 service: http: type: ClusterIP port: 3000 ssh: type: LoadBalancer port: 2222 ingress: enabled: true className: ingress-external labels: environment: external annotations: kubernetes.io/tls-acme: "true" cert-manager.io/cluster-issuer: letsencrypt external-dns.alpha.kubernetes.io/hostname: git.nold.in external-dns.alpha.kubernetes.io/target: nold.in external-dns.alpha.kubernetes.io/cloudflare-proxied: "true" hosts: - host: git.nold.in paths: - path: / pathType: Prefix tls: - secretName: gitea-tls hosts: - git.nold.in resources: limits: cpu: 4000m memory: 2048Mi # requests: # cpu: 100m # memory: 128Mi persistence: enabled: true size: 10Gi #storageClass: slow gitea: admin: existingSecret: admin metrics: enabled: false serviceMonitor: enabled: false # additionalLabels: # prometheus-release: prom1 oauth: [] #name: #provider: #key: #secret: #autoDiscoverUrl: #useCustomUrls: #customAuthUrl: #customTokenUrl: #customProfileUrl: #customEmailUrl: config: APP_NAME: "Let's forge some forks" webhook: ALLOWED_HOST_LIST: argocd-server.argocd.svc.cluster.local ui: DEFAULT_THEME: arc-green repository: DEFAULT_BRANCH: main server: LFS_START_SERVER: true PROTOCOL: http DOMAIN: git.nold.in ROOT_URL: https://git.nold.in database: NAME: app HOST: gitea-db-rw.gitea.svc.cluster.local:5432 service: DISABLE_REGISTRATION: true lfs: STORAGE_TYPE: local picture: DISABLE_GRAVATAR: true metrics: ENABLED: false api: ENABLE_SWAGGER: false oauth: ENABLE: false proxy: PROXY_ENABLED: true PROXY_URL: "http://proxy-squid.proxy.svc.cluster.local:3128" PROXY_HOSTS: "github.com" additionalConfigFromEnvs: - name: FORGEJO__database__PASSWD valueFrom: secretKeyRef: name: gitea-db-app key: password - name: FORGEJO__database__USER valueFrom: secretKeyRef: name: gitea-db-app key: username memcached: enabled: true service: port: 11211 postgresql: enabled: false redis-cluster: enabled: false postgresql-ha: enabled: false