From 7aca7c5fe2e3759b379edbab1577c9a33a72c4e9 Mon Sep 17 00:00:00 2001
From: Shahab Dogar <shahab@dogar.dev>
Date: Sun, 23 Nov 2025 20:59:44 +0500
Subject: [PATCH] fix: Gitea | use gitea ssh server instead of built in ssh

---
 utility-services/gitea/values.yaml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/utility-services/gitea/values.yaml b/utility-services/gitea/values.yaml
index 8c6d939..eb86545 100644
--- a/utility-services/gitea/values.yaml
+++ b/utility-services/gitea/values.yaml
@@ -1,5 +1,8 @@
 global:
   storageClass: longhorn
+podSecurityContext:
+  fsGroup: 1000
+  fsGroupChangePolicy: "OnRootMismatch"
 image:
   rootless: false
 service:
@@ -28,6 +31,9 @@ gitea:
       LFS_START_SERVER: true
       ROOT_URL: https://git.dogar.dev/
       SSH_DOMAIN: git.dogar.dev
+      START_SSH_SERVER: true
+      SSH_LISTEN_PORT: 2222
+      SSH_PORT: 22
     database:
       DB_TYPE: postgres
       HOST: postgres-cluster-rw
@@ -95,6 +101,20 @@ persistence:
   size: 50Gi
   accessModes:
     - ReadWriteMany
+postExtraInitContainers:
+  - name: fix-gitea-ssh-perms
+    image: alpine:3
+    command:
+      - sh
+      - -c
+      - |
+        echo "Fixing /data/ssh permissions..."
+        mkdir -p /data/ssh
+        chown -R 1000:1000 /data/ssh
+        chmod 700 /data/ssh
+    volumeMounts:
+      - name: data
+        mountPath: /data
 deployment:
   env:
     - name: PGSSLMODE