Nik Afiq
83f46c9748
feat(gitea): create PersistentVolume and PersistentVolumeClaim for Gitea feat(gitea): add script to create Gitea runner registration token secret feat(gitea): deploy Gitea Actions runner with Docker socket access feat(media): deploy JDownloader with Ingress configuration feat(media): set up Jellyfin media server with NFS and Ingress feat(media): configure qBittorrent deployment with Ingress feat(monitoring): add Grafana Loki datasource ConfigMap feat(monitoring): create Grafana admin credentials secret feat(monitoring): define PersistentVolumes for monitoring stack feat(network): implement DDNS CronJob for Porkbun DNS updates feat(network): create secret for Porkbun DDNS API credentials feat(network): set up Glances service and Ingress for Debian node fix(network): patch Pi-hole DNS services with external IPs feat(network): configure Traefik dashboard Ingress with Authentik auth feat(network): set up Watch Party service and Ingress for Mac Mini refactor(values): update Helm values files for various services
96 lines
1.9 KiB
YAML
96 lines
1.9 KiB
YAML
# Apply: helm upgrade --install gitea gitea-charts/gitea -f values/gitea.yaml -n gitea --create-namespace
|
|
# Description: Helm values for Gitea git server and Docker registry
|
|
|
|
replicaCount: 1
|
|
|
|
image:
|
|
tag: "1.23"
|
|
|
|
ingress:
|
|
enabled: true
|
|
className: traefik
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
cert-manager.io/cluster-issuer: internal-ca-issuer
|
|
hosts:
|
|
- host: gitea.home.arpa
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- secretName: gitea-tls
|
|
hosts:
|
|
- gitea.home.arpa
|
|
|
|
gitea:
|
|
admin:
|
|
username: nik
|
|
password: changeme123
|
|
email: nik.afiq98@ymail.com
|
|
|
|
config:
|
|
server:
|
|
DOMAIN: gitea.home.arpa
|
|
ROOT_URL: https://gitea.home.arpa
|
|
SSH_DOMAIN: gitea.home.arpa
|
|
SSH_PORT: 2222
|
|
repository:
|
|
DEFAULT_PRIVATE: true
|
|
service:
|
|
DISABLE_REGISTRATION: true
|
|
ALLOW_ONLY_EXTERNAL_SELF_REGISTRATION: false
|
|
auth:
|
|
LOCAL_REGISTRATION_DISABLED: true
|
|
|
|
persistence:
|
|
enabled: true
|
|
storageClass: ""
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
size: 10Gi
|
|
volumeName: ""
|
|
existingClaim: ""
|
|
annotations:
|
|
helm.sh/resource-policy: keep
|
|
|
|
postgresql:
|
|
enabled: true
|
|
primary:
|
|
persistence:
|
|
annotations:
|
|
helm.sh/resource-policy: keep
|
|
global:
|
|
postgresql:
|
|
auth:
|
|
password: gitea-db-password
|
|
username: gitea
|
|
database: gitea
|
|
|
|
service:
|
|
ssh:
|
|
type: LoadBalancer
|
|
port: 2222
|
|
loadBalancerIP: 192.168.7.77
|
|
|
|
postgresql-ha:
|
|
enabled: false
|
|
|
|
deployment:
|
|
env:
|
|
- name: SSL_CERT_FILE
|
|
value: /etc/ssl/internal-ca/ca.crt
|
|
|
|
extraVolumes:
|
|
- name: internal-ca
|
|
configMap:
|
|
name: internal-ca-cert
|
|
|
|
extraVolumeMounts:
|
|
- name: internal-ca
|
|
mountPath: /etc/ssl/internal-ca
|
|
readOnly: true
|
|
|
|
initPreScript: |
|
|
cp /etc/ssl/internal-ca/ca.crt /usr/local/share/ca-certificates/internal-ca.crt
|
|
update-ca-certificates |