119 lines
2.4 KiB
YAML

apiVersion: v1
kind: Secret
metadata:
name: gitea-secret-key
namespace: gitea
annotations:
kube-1password: 2j4lrhtz5k6eqiwato4pebu3r4
kube-1password/vault: Kubernetes
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
name: git
namespace: gitea
spec:
type: ClusterIP
ports:
- port: 80
targetPort: web
name: web
selector:
app: git
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: git
namespace: gitea
labels:
app: git
spec:
replicas: 1
selector:
matchLabels:
app: git
serviceName: "git"
template:
metadata:
labels:
app: git
spec:
containers:
- name: git
image: gitea/gitea:1.22.4
env:
- name: APP_NAME
value: "Git"
- name: RUN_MODE
value: prod
- name: DISABLE_SSH
value: "true"
- name: ROOT_URL
value: https://git.cluster.fun
- name: DISABLE_REGISTRATION
value: "true"
- name: DEFAULT_PRIVATE
value: private
- name: ENABLE_PUSH_CREATE_USER
value: "true"
- name: ENABLE_PUSH_CREATE_ORG
value: "true"
- name: ISSUE_PAGING_NUM
value: "20"
- name: DEFAULT_THEME
value: arc-green
- name: ALLOWED_HOST_LIST
value: "*"
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: gitea-secret-key
key: password
ports:
- containerPort: 3000
name: web
resources:
requests:
memory: 400Mi
volumeMounts:
- mountPath: /data
name: git-data
volumeClaimTemplates:
- metadata:
name: git-data
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: scw-bssd-retain
resources:
requests:
storage: 20Gi
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: git
namespace: gitea
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
spec:
ingressClassName: nginx
tls:
- hosts:
- git.cluster.fun
secretName: git
rules:
- host: git.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: git
port:
number: 80