Migrate gitea to gitea.nik4nao.com

2026-03-17 22:45:03 +09:00 · 2026-03-17 22:45:03 +09:00 · 26c4234dc6
commit 26c4234dc6
parent e49ea43596
8 changed files with 45 additions and 51 deletions
--- a/ansible/roles/gitea-runner/tasks/main.yaml
+++ b/ansible/roles/gitea-runner/tasks/main.yaml
@ -61,7 +61,7 @@
      After=network.target

      [Service]
-      Environment=GITEA_INSTANCE_URL=https://gitea.home.arpa
+      Environment=GITEA_INSTANCE_URL=https://gitea.nik4nao.com
      Environment=GITEA_RUNNER_REGISTRATION_TOKEN={{ gitea_runner_token }}
      Environment=GITEA_RUNNER_NAME=minisforum
      Environment=SSL_CERT_FILE=/etc/ssl/certs/homelab-ca.pem
--- a/ansible/roles/watch-party/defaults/main.yaml
+++ b/ansible/roles/watch-party/defaults/main.yaml
@ -3,5 +3,5 @@
 # Called by: ansible/playbooks/deploy-watch-party.yaml
 # Description: Default variables for the watch-party role including repo URL and local directory.

-watch_party_repo: https://gitea.home.arpa/nik/watch-party.git
+watch_party_repo: https://gitea.nik4nao.com/nik/watch-party.git
 watch_party_dir: /Users/nik/repo/watch-party
--- a/config/dashy/conf.yaml
+++ b/config/dashy/conf.yaml
@ -112,14 +112,9 @@ sections:
        id: 4_836_watchparty
      - title: Gitea
        icon: si-gitea
-        url: https://gitea.home.arpa
+        url: https://gitea.nik4nao.com
        target: newtab
        id: 5_836_gitea
-      - title: old-qBittorrent
-        icon: si-qbittorrent
-        url: http://192.168.7.183:8082
-        target: newtab
-        id: 1_836_qbittorrent
    displayData:
      cutToHeight: true
      rows: 1
--- a/manifests/gitea/gitea-public-ingress.yaml
+++ b/manifests/gitea/gitea-public-ingress.yaml
@ -0,0 +1,29 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: gitea-nik4nao-tls
+  namespace: gitea
+spec:
+  secretName: gitea-nik4nao-tls
+  issuerRef:
+    name: letsencrypt-prod
+    kind: ClusterIssuer
+  dnsNames:
+    - gitea.nik4nao.com
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: gitea-public
+  namespace: gitea
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`gitea.nik4nao.com`)
+      kind: Rule
+      services:
+        - name: gitea-http
+          port: 3000
+  tls:
+    secretName: gitea-nik4nao-tls
--- a/manifests/gitea/gitea-runner.yaml
+++ b/manifests/gitea/gitea-runner.yaml
@ -35,7 +35,7 @@ spec:
          image: gitea/act_runner:latest
          env:
            - name: GITEA_INSTANCE_URL
-              value: "https://gitea.home.arpa"
+              value: "https://gitea.nik4nao.com"
            - name: GITEA_RUNNER_REGISTRATION_TOKEN
              valueFrom:
                secretKeyRef:
@ -101,6 +101,6 @@ data:
    container:
      network: host
      privileged: true
-      options: "--add-host=gitea.home.arpa:192.168.7.77"
+      options: "--add-host=gitea.nik4nao.com:192.168.7.77"
      valid_volumes:
        - "**"
--- a/values/gitea.yaml
+++ b/values/gitea.yaml
@ -6,23 +6,6 @@ replicaCount: 1
 image:
  tag: "1.23"

-ingress:
-  enabled: true
-  className: traefik
-  annotations:
-    traefik.ingress.kubernetes.io/router.entrypoints: websecure
-    traefik.ingress.kubernetes.io/router.tls: "true"
-    cert-manager.io/cluster-issuer: internal-ca-issuer
-  hosts:
-    - host: gitea.home.arpa
-      paths:
-        - path: /
-          pathType: Prefix
-  tls:
-    - secretName: gitea-tls
-      hosts:
-        - gitea.home.arpa
-
 gitea:
  admin:
    username: nik
@ -31,9 +14,9 @@ gitea:

  config:
    server:
-      DOMAIN: gitea.home.arpa
-      ROOT_URL: https://gitea.home.arpa
-      SSH_DOMAIN: gitea.home.arpa
+      DOMAIN: gitea.nik4nao.com
+      ROOT_URL: https://gitea.nik4nao.com
+      SSH_DOMAIN: gitea.nik4nao.com
      SSH_PORT: 2222
    repository:
      DEFAULT_PRIVATE: true
@ -75,22 +58,3 @@ service:

 postgresql-ha:
  enabled: false
-
-deployment:
-  env:
-    - name: SSL_CERT_FILE
-      value: /etc/ssl/internal-ca/ca.crt
-
-extraVolumes:
-  - name: internal-ca
-    configMap:
-      name: internal-ca-cert
-
-extraVolumeMounts:
-  - name: internal-ca
-    mountPath: /etc/ssl/internal-ca
-    readOnly: true
-
-initPreScript: |
-  cp /etc/ssl/internal-ca/ca.crt /usr/local/share/ca-certificates/internal-ca.crt
-  update-ca-certificates
--- a/values/pihole-debian.yaml
+++ b/values/pihole-debian.yaml
@ -35,13 +35,18 @@ dnsmasq:
    - address=/gitea.home.arpa/192.168.7.77
    - address=/pihole.home.arpa/192.168.7.77
    - address=/home.arpa/192.168.7.77
+    - address=/nik4nao.home.arpa/192.168.7.183
    - address=/dashy.home.arpa/192.168.7.77
    - address=/jellyfin.home.arpa/192.168.7.77
    - address=/qbittorrent.home.arpa/192.168.7.77
    - address=/jdownloader.home.arpa/192.168.7.77
    - address=/glances.home.arpa/192.168.7.77
    - address=/glances-debian.home.arpa/192.168.7.77
-    - address=/watch-party.nik4nao.com/192.168.7.77
+    - address=/ca.home.arpa/192.168.7.77
+    - address=/auth.home.arpa/192.168.7.77
+    - address=/traefik.home.arpa/192.168.7.77
+    - address=/photoview.home.arpa/192.168.7.77
+    - address=/gitea.nik4nao.com/192.168.7.77

 persistentVolumeClaim:
  enabled: true
--- a/values/pihole.yaml
+++ b/values/pihole.yaml
@ -76,4 +76,5 @@ dnsmasq:
    - address=/ca.home.arpa/192.168.7.77
    - address=/auth.home.arpa/192.168.7.77
    - address=/traefik.home.arpa/192.168.7.77
-    - address=/photoview.home.arpa/192.168.7.77
+    - address=/photoview.home.arpa/192.168.7.77
+    - address=/gitea.nik4nao.com/192.168.7.77