apiVersion: v1 kind: Secret metadata: name: gitea-secret-key namespace: gitea annotations: kube-1password: 2j4lrhtz5k6eqiwato4pebu3r4 kube-1password/vault: Kubernetes type: Opaque --- apiVersion: v1 kind: Service metadata: name: git namespace: gitea spec: type: ClusterIP ports: - port: 80 targetPort: web name: web selector: app: git --- apiVersion: apps/v1 kind: StatefulSet metadata: name: git namespace: gitea labels: app: git spec: replicas: 1 selector: matchLabels: app: git serviceName: "git" template: metadata: labels: app: git spec: containers: - name: git image: gitea/gitea:1.22.6 env: - name: APP_NAME value: "Git" - name: RUN_MODE value: prod - name: DISABLE_SSH value: "true" - name: ROOT_URL value: https://git.cluster.fun - name: DISABLE_REGISTRATION value: "true" - name: DEFAULT_PRIVATE value: private - name: ENABLE_PUSH_CREATE_USER value: "true" - name: ENABLE_PUSH_CREATE_ORG value: "true" - name: ISSUE_PAGING_NUM value: "20" - name: DEFAULT_THEME value: arc-green - name: ALLOWED_HOST_LIST value: "*" - name: SECRET_KEY valueFrom: secretKeyRef: name: gitea-secret-key key: password ports: - containerPort: 3000 name: web resources: requests: memory: 400Mi volumeMounts: - mountPath: /data name: git-data volumeClaimTemplates: - metadata: name: git-data spec: accessModes: [ "ReadWriteOnce" ] storageClassName: scw-bssd-retain resources: requests: storage: 20Gi --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: git namespace: gitea annotations: cert-manager.io/cluster-issuer: letsencrypt nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/proxy-body-size: "0" spec: ingressClassName: nginx tls: - hosts: - git.cluster.fun secretName: git rules: - host: git.cluster.fun http: paths: - path: / pathType: ImplementationSpecific backend: service: name: git port: number: 80