add memcache and gitea

2024-08-25 07:26:20 +05:00
parent 2731af1bfe
commit 3e9d4003d8
6 changed files with 111 additions and 11 deletions
--- a/1password/secrets.yaml
+++ b/1password/secrets.yaml
@@ -0,0 +1,40 @@
+---
+apiVersion: onepassword.com/v1
+kind: OnePasswordItem
+metadata:
+  name: gitea-admin
+  namespace: gitea-system
+  annotations:
+    operator.1password.io/auto-restart: "true"
+spec:
+  itemPath: "vaults/Lab/items/gitea-admin"
+---
+apiVersion: onepassword.com/v1
+kind: OnePasswordItem
+metadata:
+  name: gitea-postgres
+  namespace: gitea-system
+  annotations:
+    operator.1password.io/auto-restart: "true"
+spec:
+  itemPath: "vaults/Lab/items/gitea-postgres"
+---
+apiVersion: onepassword.com/v1
+kind: OnePasswordItem
+metadata:
+  name: pihole-admin
+  namespace: pihole-system
+  annotations:
+    operator.1password.io/auto-restart: "true"
+spec:
+  itemPath: "vaults/Lab/items/pihole"
+---
+apiVersion: onepassword.com/v1
+kind: OnePasswordItem
+metadata:
+  name: postgres-password
+  namespace: postgres-system
+  annotations:
+    operator.1password.io/auto-restart: "true"
+spec:
+  itemPath: "vaults/Lab/items/Postgres"
--- a/helm/helmfile.yaml
+++ b/helm/helmfile.yaml
@@ -11,6 +11,8 @@ repositories:
    url: https://charts.bitnami.com/bitnami
  - name: postgres
    url: https://cloudnative-pg.github.io/charts
+  - name: gitea
+    url: https://dl.gitea.com/charts/
 ---
 releases:
  # Distributed Storage
@@ -54,3 +56,17 @@ releases:
    namespace: postgres-system
    chart: cnpg/cloudnative-pg
    version: 0.21.6
+
+  # Memcached
+  - name: memcached
+    namespace: memcached-system
+    chart: bitnami/memcached
+    version: 7.4.11
+
+  # Gitea
+  - name: gitea
+    namespace: gitea-system
+    chart: gitea/gitea
+    version: 10.4.0
+    values:
+      - ./values/gitea.values.yaml
--- a/helm/values/externaldns.values.yaml
+++ b/helm/values/externaldns.values.yaml
@@ -7,7 +7,7 @@ extraEnvVars:
  - name: EXTERNAL_DNS_PIHOLE_PASSWORD
    valueFrom:
      secretKeyRef:
-        name: pihole-password
+        name: pihole-admin
        key: password
 serviceAccount:
  create: true
--- a/helm/values/gitea.values.yaml
+++ b/helm/values/gitea.values.yaml
@@ -0,0 +1,45 @@
+service:
+  http:
+    annotations:
+      external-dns.alpha.kubernetes.io/hostname: gitea.home
+  ssh:
+    annotations:
+      external-dns.alpha.kubernetes.io/hostname: gitea.home
+ingress:
+  enabled: true
+  className: nginx-internal
+  hosts:
+    - host: gitea.home
+      paths:
+        - path: /
+          pathType: Prefix
+  tls: []
+gitea:
+  admin:
+    existingSecret: gitea-admin
+  config:
+    database:
+      DB_TYPE: postgres
+      HOST: postgres-cluster-rw.postgres-system.svc.cluster.local:5432
+      NAME: giteadb
+      USER: gitea
+    cache:
+      ADAPTER: memcache
+      HOST: memcached.memcached-system.svc.cluster.local:11211
+    session:
+      PROVIDER: db
+      PROVIDER_CONFIG: ""
+    lfs:
+      STORAGE_TYPE: local
+  additionalConfigFromEnvs:
+    - name: GITEA__DATABASE__PASSWD
+      valueFrom:
+        secretKeyRef:
+          name: gitea-postgres
+          key: password
+    - name: GITEA__SERVER__LFS_START_SERVER
+      value: "true"
+postgresql-ha:
+  enabled: false
+redis-cluster:
+  enabled: false
--- a/helm/values/pihole.values.yaml
+++ b/helm/values/pihole.values.yaml
@@ -1,6 +1,12 @@
 ---
 DNS1:
  192.168.0.1
+DNS2:
+  1.1.1.1
+admin:
+  enabled: true
+  existingSecret: pihole-admin
+  passwordKey: password
 persistentVolumeClaim:
  enabled: true
 ingress:
--- a/postgres/cluster.yaml
+++ b/postgres/cluster.yaml
@@ -1,12 +1,3 @@
---
-apiVersion: onepassword.com/v1
-kind: OnePasswordItem
-metadata:
-  name: postgres-password
-  namespace: postgres-system
-spec:
-  itemPath: "vaults/Lab/items/Postgres"
---
 apiVersion: postgresql.cnpg.io/v1
 kind: Cluster
 metadata:
@@ -22,7 +13,9 @@ spec:
    pg_hba:
      - host all all all md5

-  enableSuperuserAccess: false
+  enableSuperuserAccess: true
+  superuserSecret:
+    name: postgres-password

  bootstrap:
    initdb: