# ------------------------------------------ # -- Kubernetes related values # ------------------------------------------ ingress: enabled: true annotations: kubernetes.io/ingress.class: traefik kubernetes.io/tls-acme: "true" kubernetes.io/ingress.allow-http: "false" kubernetes.io/ingress.global-static-ip-name: "" cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 traefik.ingress.kubernetes.io/router.entrypoints: web,websecure external-dns.alpha.kubernetes.io/ingress-hostname-source: defined-hosts-only hosts: - host: gitea.badhouseplants.net paths: - path: / pathType: Prefix tls: - secretName: gitea.badhouseplants.net hosts: - gitea.badhouseplants.net replicaCount: 1 clusterDomain: cluster.local resources: limits: memory: 1024Mi cpu: 1 requests: cpu: 1 memory: 1024Mi persistence: enabled: true size: 15Gi accessModes: - ReadWriteOnce # ------------------------------------------ # -- Main Gitea settings # ------------------------------------------ gitea: metrics: enabled: true serviceMonitor: enabled: true config: database: DB_TYPE: postgres HOST: postgres17-postgresql.databases.svc.cluster.local NAME: org-badhouseplants-app-gitea USER: org-badhouseplants-app-gitea APP_NAME: Bad Houseplants Gitea ui: meta: AUTHOR: Bad Houseplants DESCRIPTION: '...by allanger' repository: DEFAULT_BRANCH: main MAX_CREATION_LIMIT: 0 DISABLED_REPO_UNITS: repo.wiki service: DISABLE_REGISTRATION: true server: DOMAIN: gitea.badhouseplants.net ROOT_URL: https://gitea.badhouseplants.net LFS_START_SERVER: true LANDING_PAGE: explore START_SSH_SERVER: true ENABLE_PPROF: true storage: STORAGE_TYPE: minio MINIO_ENDPOINT: "s3.badhouseplants.net:443" MINIO_ACCESS_KEY_ID: gitea MINIO_BUCKET: gitea MINIO_LOCATION: us-east-1 MINIO_USE_SSL: true admin: DISABLE_REGULAR_ORG_CREATION: true packages: ENABLED: true cron: enabled: true attachment: MAX_SIZE: 100 actions: ENABLED: true oauth2_client: REGISTER_EMAIL_CONFIRM: false ENABLE_AUTO_REGISTRATION: true session: PROVIDER: redis cache: ENABLED: true ADAPTER: redis queue: TYPE: redis mailer: ENABLED: true FROM: bot@badhouseplants.net PROTOCOL: smtp+startls SMTP_ADDR: stalwart.badhouseplants.net SMTP_PORT: 587 USER: bot indexer: REPO_INDEXER_ENABLED: true REPO_INDEXER_PATH: indexers/repos.bleve MAX_FILE_SIZE: 1048576 REPO_INDEXER_EXCLUDE: resources/bin/** picture: ENABLE_FEDERATED_AVATAR: false service: ssh: type: ClusterIP port: 22 clusterIP: extraDeploy: - |- apiVersion: kinda.rocks/v1beta1 kind: Database metadata: generation: 1 labels: app.kubernetes.io/managed-by: Helm name: {{ include "gitea.fullname" $ }} spec: backup: cron: 0 0 * * * enable: false credentials: templates: - name: CONNECTION_STRING secret: true template: {{` '{{ .Protocol }}://{{ .Username }}:{{ .Password }}@{{ .Hostname }}:{{.Port }}/{{ .Database }}' `}} deletionProtected: true instance: postgres17 postgres: {} secretName: {{ include "gitea.fullname" $ }}-db-creds - |- apiVersion: traefik.io/v1alpha1 kind: IngressRouteTCP metadata: name: {{ include "gitea.fullname" $ }}-ssh spec: entryPoints: - ssh routes: - match: HostSNI(`*`) services: - name: {{ include "gitea.fullname" $ }}-ssh nativeLB: true port: 22 # ------------------------------------------ # -- Disabled dependencies # ------------------------------------------ postgresql-ha: enabled: false redis-cluster: enabled: false # extraDeploy: # - | # {{- if $.Capabilities.APIVersions.Has "traefik.io/v1alpha1/IngressRouteTCP" }} # apiVersion: traefik.io/v1alpha1 # kind: IngressRouteTCP # metadata: # name: {{ include "gitea.fullname" . }}-ssh # spec: # entryPoints: # - ssh # routes: # - match: HostSNI('*') # services: # - name: "{{ include "gitea.fullname" . }}-ssh" # port: 22 # nativeLB: true # {{- end }}