# Gitea image: repository: gitea/gitea tag: "1.20" rootless: true #statefulset: #env: # - name: HTTP_PROXY # value: http://proxy-squid.proxy.svc.cluster.local:3128 # - name: HTTPS_PROXY # value: http://proxy-squid.proxy.svc.cluster.local:3128 # - name: http_proxy # value: http://proxy-squid.proxy.svc.cluster.local:3128 # - name: https_proxy # value: http://proxy-squid.proxy.svc.cluster.local:3128 # - name: NO_PROXY # value: argocd-server.argocd.svc.cluster.local,10.43.0.0/16 # - name: no_proxy # value: argocd-server.argocd.svc.cluster.local,10.43.0.0/16 securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL # # https://gitea.com/gitea/helm-chart/issues/161 add: - SYS_CHROOT privileged: false readOnlyRootFilesystem: true runAsGroup: 1000 runAsNonRoot: true runAsUser: 1000 service: http: type: ClusterIP port: 3000 ssh: type: LoadBalancer port: 2222 ingress: enabled: true className: ingress-external labels: environment: external annotations: # kubernetes.io/ingress.class: ingress-external kubernetes.io/tls-acme: "true" cert-manager.io/cluster-issuer: letsencrypt traefik.ingress.kubernetes.io/router.tls: 'true' external-dns.alpha.kubernetes.io/hostname: git.nold.in external-dns.alpha.kubernetes.io/target: nold.in external-dns.alpha.kubernetes.io/cloudflare-proxied: "true" hosts: - host: git.nold.in paths: - path: / pathType: Prefix tls: - secretName: gitea-tls hosts: - git.nold.in resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi persistence: enabled: true size: 10Gi #storageClass: slow gitea: admin: existingSecret: admin metrics: enabled: false serviceMonitor: enabled: false # additionalLabels: # prometheus-release: prom1 oauth: [] #name: #provider: #key: #secret: #autoDiscoverUrl: #useCustomUrls: #customAuthUrl: #customTokenUrl: #customProfileUrl: #customEmailUrl: config: APP_NAME: "Git with a lot of coffee" webhook: ALLOWED_HOST_LIST: argocd-server.argocd.svc.cluster.local ui: DEFAULT_THEME: arc-green repository: DEFAULT_BRANCH: main server: LFS_START_SERVER: true PROTOCOL: http DOMAIN: git.nold.in ROOT_URL: https://git.nold.in database: NAME: app HOST: gitea-db-rw.gitea.svc.cluster.local:5432 service: DISABLE_REGISTRATION: true lfs: STORAGE_TYPE: local picture: DISABLE_GRAVATAR: true metrics: ENABLED: false api: ENABLE_SWAGGER: false oauth: ENABLE: false proxy: PROXY_ENABLED: true PROXY_URL: "http://proxy-squid.proxy.svc.cluster.local:3128" PROXY_HOSTS: "github.com" queue: CONN_STR: "redis+cluster://rfs-gitea-redis.gitea.svc.cluster.local:6379/0" additionalConfigFromEnvs: - name: GITEA__DATABASE__PASSWD valueFrom: secretKeyRef: name: gitea-db-superuser key: password - name: GITEA__DATABASE__USER valueFrom: secretKeyRef: name: gitea-db-superuser key: username memcached: enabled: true service: port: 11211 postgresql: enabled: false redis-cluster: enabled: false postgresql-ha: enabled: false