K3S-HOME/applications
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FEAT(gitea): add self-contained Gitea deployment

Browse Source 
- Replace GitHub redirect with actual Gitea server
- SQLite database (no CNPG dependency)
- local-path StorageClass (no Longhorn dependency)
- Manual secret creation (no Vault dependency)
- Ingress at gitea0213.kro.kr
This commit is contained in:
Mayne0213
2026-01-07 12:40:59 +09:00
parent 2bb0b693db
commit 96637c5146
4 changed files with 141 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
gitea/argocd.yaml
View File

@@ -7,8 +7,17 @@ metadata:
- resources-finalizer.argocd.argoproj.io - resources-finalizer.argocd.argoproj.io
spec: spec:
project: default project: default
source: sources:
repoURL: https://github.com/K3S-HOME/applications.git - repoURL: https://dl.gitea.com/charts/
chart: gitea
targetRevision: 12.4.0
helm:
valueFiles:
- $values/gitea/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/applications.git
targetRevision: main
ref: values
- repoURL: https://github.com/K3S-HOME/applications.git
targetRevision: main targetRevision: main
path: gitea path: gitea
destination: destination:
@@ -29,4 +38,7 @@ spec:
duration: 5s duration: 5s
factor: 2 factor: 2
maxDuration: 3m maxDuration: 3m
managedNamespaceMetadata:
labels:
goldilocks.fairwinds.com/enabled: 'true'
revisionHistoryLimit: 10 revisionHistoryLimit: 10

125
gitea/helm-values.yaml Normal file
View File

@@ -0,0 +1,125 @@
# Gitea Helm Chart Values
# Self-contained deployment with SQLite and local-path storage
# =============================================================================
# DISABLE ALL EXTERNAL DEPENDENCIES
# =============================================================================
postgresql-ha:
enabled: false
postgresql:
enabled: false
valkey-cluster:
enabled: false
valkey:
enabled: false
# =============================================================================
# PERSISTENCE - local-path StorageClass
# =============================================================================
persistence:
enabled: true
create: true
mount: true
size: 10Gi
accessModes:
- ReadWriteOnce
storageClass: local-path
annotations:
helm.sh/resource-policy: keep
# =============================================================================
# ADMIN USER
# =============================================================================
gitea:
admin:
existingSecret: gitea-admin-secret
username: gitea_admin
email: admin@gitea.local
passwordMode: keepUpdated
# Gitea configuration (app.ini)
config:
APP_NAME: Gitea - K3S-HOME
server:
DOMAIN: gitea0213.kro.kr
ROOT_URL: https://gitea0213.kro.kr
HTTP_PORT: 3000
SSH_DOMAIN: gitea0213.kro.kr
SSH_PORT: 22
SSH_LISTEN_PORT: 2222
LFS_START_SERVER: true
database:
DB_TYPE: sqlite3
PATH: /data/gitea/gitea.db
SQLITE_TIMEOUT: 500
SQLITE_JOURNAL_MODE: WAL
session:
PROVIDER: memory
cache:
ADAPTER: memory
queue:
TYPE: level
security:
INSTALL_LOCK: true
service:
DISABLE_REGISTRATION: false
REQUIRE_SIGNIN_VIEW: false
DEFAULT_KEEP_EMAIL_PRIVATE: true
log:
MODE: console
LEVEL: info
# =============================================================================
# INGRESS
# =============================================================================
ingress:
enabled: true
className: traefik
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: gitea0213.kro.kr
paths:
- path: /
pathType: Prefix
tls:
- secretName: gitea-tls
hosts:
- gitea0213.kro.kr
# =============================================================================
# RESOURCES
# =============================================================================
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
memory: 512Mi
# =============================================================================
# POD CONFIGURATION
# =============================================================================
tolerations:
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoExecute
# =============================================================================
# SSH SERVICE
# =============================================================================
service:
ssh:
type: ClusterIP
port: 22

5
gitea/kustomization.yaml
View File

@@ -1,5 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: # Secret is created manually via kubectl
- redirect.yaml resources: []
namespace: gitea

70
gitea/redirect.yaml
View File

@@ -1,70 +0,0 @@
# Traefik Middleware for GitHub redirect
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: redirect-to-github
namespace: gitea
spec:
redirectRegex:
regex: ".*"
replacement: "https://github.com/mayne0213"
permanent: true
---
# IngressRoute for HTTPS
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: gitea-redirect-https
namespace: gitea
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
entryPoints:
- websecure
routes:
- match: Host(`gitea0213.kro.kr`) || Host(`www.gitea0213.kro.kr`)
kind: Rule
middlewares:
- name: redirect-to-github
services:
- name: noop@internal
kind: TraefikService
tls:
secretName: gitea-tls
domains:
- main: gitea0213.kro.kr
sans:
- www.gitea0213.kro.kr
---
# IngressRoute for HTTP (redirect to HTTPS first, then to GitHub)
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: gitea-redirect-http
namespace: gitea
spec:
entryPoints:
- web
routes:
- match: Host(`gitea0213.kro.kr`) || Host(`www.gitea0213.kro.kr`)
kind: Rule
middlewares:
- name: redirect-to-github
services:
- name: noop@internal
kind: TraefikService
---
# Certificate for TLS
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: gitea-certificate
namespace: gitea
spec:
secretName: gitea-tls
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
dnsNames:
- gitea0213.kro.kr
- www.gitea0213.kro.kr