176 lines
3.5 KiB
YAML
176 lines
3.5 KiB
YAML
# Gitea Helm Values
|
|
# Chart: https://gitea.com/gitea/helm-chart
|
|
# Self-hosted Git service
|
|
|
|
fullnameOverride: gitea
|
|
|
|
replicaCount: 1
|
|
|
|
image:
|
|
registry: docker.io
|
|
repository: gitea/gitea
|
|
tag: "1.25.2"
|
|
pullPolicy: IfNotPresent
|
|
rootless: false
|
|
|
|
# Gitea configuration
|
|
gitea:
|
|
admin:
|
|
# Admin credentials managed via environment variables
|
|
existingSecret: gitea-admin-secret
|
|
# Do not update password on every restart
|
|
passwordMode: initialOnlyNoReset
|
|
|
|
config:
|
|
server:
|
|
DOMAIN: gitea0213.kro.kr
|
|
ROOT_URL: https://gitea0213.kro.kr
|
|
SSH_DOMAIN: gitea0213.kro.kr
|
|
SSH_PORT: 2222
|
|
DISABLE_SSH: true
|
|
START_SSH_SERVER: false
|
|
SSH_LISTEN_PORT: 2222
|
|
|
|
database:
|
|
DB_TYPE: postgres
|
|
HOST: postgresql-cnpg-rw.postgresql-cnpg.svc.cluster.local:5432
|
|
NAME: gitea
|
|
USER: bluemayne
|
|
SCHEMA: public
|
|
SSL_MODE: disable
|
|
|
|
service:
|
|
DISABLE_REGISTRATION: false
|
|
REQUIRE_SIGNIN_VIEW: false
|
|
ENABLE_NOTIFY_MAIL: false
|
|
|
|
cache:
|
|
ENABLED: true
|
|
ADAPTER: memory
|
|
|
|
session:
|
|
PROVIDER: memory
|
|
|
|
git:
|
|
PATH: /usr/bin/git
|
|
|
|
actions:
|
|
ENABLED: true
|
|
DEFAULT_ACTIONS_URL: github
|
|
|
|
packages:
|
|
ENABLED: true
|
|
CHUNKED_UPLOAD_PATH: /data/packages/chunked-upload
|
|
|
|
container:
|
|
ENABLED: true
|
|
REGISTRY_HOST: gitea0213.kro.kr
|
|
|
|
# Health checks
|
|
livenessProbe:
|
|
enabled: true
|
|
tcpSocket:
|
|
port: http
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
successThreshold: 1
|
|
failureThreshold: 10
|
|
|
|
readinessProbe:
|
|
enabled: true
|
|
tcpSocket:
|
|
port: http
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
successThreshold: 1
|
|
failureThreshold: 3
|
|
|
|
# PostgreSQL dependency (using existing PostgreSQL instance)
|
|
postgresql:
|
|
enabled: false
|
|
|
|
# Use existing PostgreSQL
|
|
postgresql-ha:
|
|
enabled: false
|
|
|
|
# Valkey cluster (disabled, using memory for cache/session)
|
|
valkey-cluster:
|
|
enabled: false
|
|
|
|
# Redis (optional, for caching)
|
|
redis-cluster:
|
|
enabled: false
|
|
|
|
# Deployment strategy: Recreate to avoid leveldb lock conflicts
|
|
strategy:
|
|
type: Recreate
|
|
|
|
# Environment variables for database password
|
|
deployment:
|
|
env:
|
|
- name: GITEA__database__PASSWD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: gitea-postgres-password
|
|
key: password
|
|
|
|
# Persistence for Gitea data
|
|
persistence:
|
|
enabled: true
|
|
size: 10Gi
|
|
storageClass: longhorn # Migrated from local-path to Longhorn (replica=3)
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
|
|
# Service configuration
|
|
service:
|
|
http:
|
|
type: ClusterIP
|
|
port: 3000
|
|
ssh:
|
|
type: LoadBalancer
|
|
port: 2222
|
|
externalTrafficPolicy: Local
|
|
annotations:
|
|
metallb.universe.tf/allow-shared-ip: gitea
|
|
|
|
# Ingress configuration
|
|
ingress:
|
|
enabled: true
|
|
className: haproxy
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
# HAProxy handles large body sizes by default, no annotation needed
|
|
hosts:
|
|
- host: gitea0213.kro.kr
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- secretName: gitea-tls
|
|
hosts:
|
|
- gitea0213.kro.kr
|
|
|
|
# Resource limits
|
|
resources:
|
|
limits:
|
|
memory: 512Mi
|
|
requests:
|
|
cpu: 10m # Reduced from 50m based on actual usage (5m)
|
|
memory: 256Mi
|
|
|
|
# Security context
|
|
securityContext: {}
|
|
|
|
# Init containers for database setup
|
|
initPreScript: |
|
|
#!/bin/sh
|
|
echo "Waiting for PostgreSQL..."
|
|
until nc -z postgresql-cnpg-rw.postgresql-cnpg.svc.cluster.local 5432; do
|
|
echo "Waiting for PostgreSQL to be ready..."
|
|
sleep 2
|
|
done
|
|
echo "PostgreSQL is ready"
|