shahab/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bb02f48d9a9ed3548ae065ecffa3d9f34237c442
homelab/helm/values/gitea.values.yaml
Shahab Dogar 0d4f700b89 feat: NixOS | use LUKS and proper hostname for k3s domain 
feat: NixOS | move cluster config to /master

fix: update all stuff for office network

feat: PiHole | set up DHCP server

chore: Cloudflare | delete api token secret

chore: remove external-dns annotations from ingressed services

fix: PiHole | turn off liveness checks due to host ip

fix: GiteaActions | use encrypted storage for runner

fix: ElasticSearch | use encrypted volumes for storage

fix: Pihole | static mac addresses all caps

feat: NixOS | manual network configuration

fix: NixOS | k3s cluster init point to static ip with tls-san

chore: Postgres | move certificate resources into own file + reduce volume size

fix: Pihole | add ingress class name

sec: NixOS | remove token from git
2024-10-24 13:49:41 +05:00

96 lines
2.3 KiB
YAML
Raw Blame History

service:
http:
annotations:
metallb.universe.tf/allow-shared-ip: gitea
ssh:
annotations:
metallb.universe.tf/allow-shared-ip: gitea
ingress:
enabled: true
className: nginx-internal
annotations:
cert-manager.io/cluster-issuer: cloudflare-issuer
cert-manager.io/acme-challenge-type: dns01
cert-manager.io/private-key-size: "4096"
hosts:
- host: git.dogar.dev
paths:
- path: /
pathType: Prefix
tls:
- secretName: gitea-tls
hosts:
- git.dogar.dev
gitea:
podAnnotations:
prometheus.io/scrape: "true"
prometheus.io/port: "6060"
admin:
existingSecret: gitea-admin
metrics:
enabled: true
serviceMonitor:
enabled: true
config:
server:
ENABLE_PPROF: true
ENABLE_GZIP: true
LFS_START_SERVER: true
SSH_DOMAIN: git.dogar.dev
database:
DB_TYPE: postgres
HOST: postgres-cluster-rw.postgres-system.svc.cluster.local:5432
NAME: giteadb
USER: gitea
cache:
ADAPTER: memcache
HOST: memcached.memcached-system.svc.cluster.local:11211
session:
PROVIDER: db
PROVIDER_CONFIG: ""
queue:
TYPE: redis
lfs:
STORAGE_TYPE: local
service:
DISABLE_REGISTRATION: true
oauth2_client:
ENABLE_AUTO_REGISTRATION: true
mailer:
ENABLED: true
PROTOCOL: smtp+starttls
SMTP_ADDR: smtp.protonmail.ch
SMTP_PORT: 587
oauth:
- name: "authentik"
provider: "openidConnect"
existingSecret: gitea-oauth
autoDiscoverUrl: "https://auth.dogar.dev/application/o/gitea/.well-known/openid-configuration"
iconUrl: "https://goauthentik.io/img/icon.png"
scopes: "email profile"
additionalConfigFromEnvs:
- name: GITEA__DATABASE__PASSWD
valueFrom:
secretKeyRef:
name: gitea-postgres
key: password
- name: GITEA__QUEUE__CONN_STR
valueFrom:
secretKeyRef:
name: gitea-redis
key: password
- name: GITEA__MAILER__PASSWD
valueFrom:
secretKeyRef:
name: smtp-token
key: password
persistence:
enabled: true
storageClass: longhorn-crypto
accessModes:
- ReadWriteMany
postgresql-ha:
enabled: false
redis-cluster:
enabled: false
Reference in New Issue View Git Blame Copy Permalink