add memcache and gitea

1password/secrets.yaml

@@ -0,0 +1,40 @@
+---
+apiVersion: onepassword.com/v1
+kind: OnePasswordItem
+metadata:
+  name: gitea-admin
+  namespace: gitea-system
+  annotations:
+    operator.1password.io/auto-restart: "true"
+spec:
+  itemPath: "vaults/Lab/items/gitea-admin"
+---
+apiVersion: onepassword.com/v1
+kind: OnePasswordItem
+metadata:
+  name: gitea-postgres
+  namespace: gitea-system
+  annotations:
+    operator.1password.io/auto-restart: "true"
+spec:
+  itemPath: "vaults/Lab/items/gitea-postgres"
+---
+apiVersion: onepassword.com/v1
+kind: OnePasswordItem
+metadata:
+  name: pihole-admin
+  namespace: pihole-system
+  annotations:
+    operator.1password.io/auto-restart: "true"
+spec:
+  itemPath: "vaults/Lab/items/pihole"
+---
+apiVersion: onepassword.com/v1
+kind: OnePasswordItem
+metadata:
+  name: postgres-password
+  namespace: postgres-system
+  annotations:
+    operator.1password.io/auto-restart: "true"
+spec:
+  itemPath: "vaults/Lab/items/Postgres"

helm/helmfile.yaml

@@ -11,6 +11,8 @@ repositories:
     url: https://charts.bitnami.com/bitnami
   - name: postgres
     url: https://cloudnative-pg.github.io/charts
+  - name: gitea
+    url: https://dl.gitea.com/charts/
 ---
 releases:
   # Distributed Storage
@@ -54,3 +56,17 @@ releases:
     namespace: postgres-system
     chart: cnpg/cloudnative-pg
     version: 0.21.6
+
+  # Memcached
+  - name: memcached
+    namespace: memcached-system
+    chart: bitnami/memcached
+    version: 7.4.11
+
+  # Gitea
+  - name: gitea
+    namespace: gitea-system
+    chart: gitea/gitea
+    version: 10.4.0
+    values:
+      - ./values/gitea.values.yaml

helm/values/externaldns.values.yaml

@@ -7,7 +7,7 @@ extraEnvVars:
   - name: EXTERNAL_DNS_PIHOLE_PASSWORD
     valueFrom:
       secretKeyRef:
-        name: pihole-password
+        name: pihole-admin
         key: password
 serviceAccount:
   create: true

helm/values/gitea.values.yaml

@@ -0,0 +1,45 @@
+service:
+  http:
+    annotations:
+      external-dns.alpha.kubernetes.io/hostname: gitea.home
+  ssh:
+    annotations:
+      external-dns.alpha.kubernetes.io/hostname: gitea.home
+ingress:
+  enabled: true
+  className: nginx-internal
+  hosts:
+    - host: gitea.home
+      paths:
+        - path: /
+          pathType: Prefix
+  tls: []
+gitea:
+  admin:
+    existingSecret: gitea-admin
+  config:
+    database:
+      DB_TYPE: postgres
+      HOST: postgres-cluster-rw.postgres-system.svc.cluster.local:5432
+      NAME: giteadb
+      USER: gitea
+    cache:
+      ADAPTER: memcache
+      HOST: memcached.memcached-system.svc.cluster.local:11211
+    session:
+      PROVIDER: db
+      PROVIDER_CONFIG: ""
+    lfs:
+      STORAGE_TYPE: local
+  additionalConfigFromEnvs:
+    - name: GITEA__DATABASE__PASSWD
+      valueFrom:
+        secretKeyRef:
+          name: gitea-postgres
+          key: password
+    - name: GITEA__SERVER__LFS_START_SERVER
+      value: "true"
+postgresql-ha:
+  enabled: false
+redis-cluster:
+  enabled: false

helm/values/pihole.values.yaml

@@ -1,6 +1,12 @@
 ---
 DNS1:
   192.168.0.1
+DNS2:
+  1.1.1.1
+admin:
+  enabled: true
+  existingSecret: pihole-admin
+  passwordKey: password
 persistentVolumeClaim:
   enabled: true
 ingress:

postgres/cluster.yaml

@@ -1,12 +1,3 @@
----
-apiVersion: onepassword.com/v1
-kind: OnePasswordItem
-metadata:
-  name: postgres-password
-  namespace: postgres-system
-spec:
-  itemPath: "vaults/Lab/items/Postgres"
----
 apiVersion: postgresql.cnpg.io/v1
 kind: Cluster
 metadata:
@@ -22,7 +13,9 @@ spec:
     pg_hba:
       - host all all all md5
 
-  enableSuperuserAccess: false
+  enableSuperuserAccess: true
+  superuserSecret:
+    name: postgres-password
 
   bootstrap:
     initdb: