shahab/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Gitea | set up minio storage pointing at R2

Browse Source
This commit is contained in:
Shahab Dogar
2025-11-16 12:30:27 +05:00
parent 0d6c5d4a98
commit cfe7830606
3 changed files with 39 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
gitea/index.ts
View File

@@ -7,6 +7,7 @@ type GiteaServerOptions = {
provider: HelmProvider; provider: HelmProvider;
name: string; name: string;
namespace: string; namespace: string;
r2Endpoint: string;
}; };
export class GiteaServer extends Construct { export class GiteaServer extends Construct {
@@ -18,6 +19,12 @@ export class GiteaServer extends Construct {
repository: "https://dl.gitea.com/charts", repository: "https://dl.gitea.com/charts",
chart: "gitea", chart: "gitea",
createNamespace: true, createNamespace: true,
set: [
{
name: "gitea.config.storage.MINIO_ENDPOINT",
value: options.r2Endpoint,
},
],
values: [ values: [
fs.readFileSync("helm/values/gitea.values.yaml", { fs.readFileSync("helm/values/gitea.values.yaml", {
encoding: "utf8", encoding: "utf8",

33
helm/values/gitea.values.yaml
View File

@@ -67,8 +67,11 @@ gitea:
PROVIDER_CONFIG: "" PROVIDER_CONFIG: ""
queue: queue:
TYPE: channel TYPE: channel
lfs: storage:
STORAGE_TYPE: local STORAGE_TYPE: minio
MINIO_USE_SSL: true
MINIO_BUCKET_LOOKUP_STYLE: path
MINIO_LOCATION: auto
service: service:
DISABLE_REGISTRATION: true DISABLE_REGISTRATION: true
oauth2_client: oauth2_client:
@@ -78,6 +81,7 @@ gitea:
PROTOCOL: smtp+starttls PROTOCOL: smtp+starttls
SMTP_ADDR: smtp.protonmail.ch SMTP_ADDR: smtp.protonmail.ch
SMTP_PORT: 587 SMTP_PORT: 587
FROM: git@dogar.dev
oauth: oauth:
- name: "authentik" - name: "authentik"
provider: "openidConnect" provider: "openidConnect"
@@ -85,6 +89,21 @@ gitea:
autoDiscoverUrl: "https://auth.dogar.dev/application/o/gitea/.well-known/openid-configuration" autoDiscoverUrl: "https://auth.dogar.dev/application/o/gitea/.well-known/openid-configuration"
iconUrl: "https://goauthentik.io/img/icon.png" iconUrl: "https://goauthentik.io/img/icon.png"
scopes: "email profile" scopes: "email profile"
livenessProbe:
enabled: true
scheme: HTTPS
tcpSocket:
port: http
readinessProbe:
enabled: true
scheme: HTTPS
tcpSocket:
port: http
startupProbe:
enabled: true
scheme: HTTPS
tcpSocket:
port: http
additionalConfigFromEnvs: additionalConfigFromEnvs:
- name: GITEA__MAILER__PASSWD - name: GITEA__MAILER__PASSWD
valueFrom: valueFrom:
@@ -95,6 +114,16 @@ gitea:
value: "/tmp/gitea-uploads" value: "/tmp/gitea-uploads"
- name: GITEA__PACKAGES__CHUNKED_UPLOAD_CONCURRENCY - name: GITEA__PACKAGES__CHUNKED_UPLOAD_CONCURRENCY
value: "4" value: "4"
- name: GITEA__STORAGE__MINIO_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: cloudflare-token
key: access_key_id
- name: GITEA__STORAGE__MINIO_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: cloudflare-token
key: secret_access_key
persistence: persistence:
labels: labels:
recurring-job.longhorn.io/source: "enabled" recurring-job.longhorn.io/source: "enabled"

4
main.ts
View File

@@ -21,10 +21,7 @@ import { ExternalDNS } from "./external-dns";
dotenv.config(); dotenv.config();
const env = cleanEnv(process.env, { const env = cleanEnv(process.env, {
R2_ACCESS_KEY_ID: str(),
R2_SECRET_ACCESS_KEY: str(),
ACCOUNT_ID: str({ desc: "Cloudflare account id." }), ACCOUNT_ID: str({ desc: "Cloudflare account id." }),
BUCKET: str({ desc: "The name of the R2 bucket." }),
}); });
const r2Endpoint = `https://${env.ACCOUNT_ID}.r2.cloudflarestorage.com`; const r2Endpoint = `https://${env.ACCOUNT_ID}.r2.cloudflarestorage.com`;
@@ -139,6 +136,7 @@ class Homelab extends TerraformStack {
name: "gitea", name: "gitea",
namespace, namespace,
provider: helm, provider: helm,
r2Endpoint: `${env.ACCOUNT_ID}.r2.cloudflarestorage.com`,
}); });
gitea.node.addDependency(authentik); gitea.node.addDependency(authentik);