shahab/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fba7ac98b7250c7929cc4b79e70bb2e153904311
homelab/helm/values/gitea.values.yaml
Shahab Dogar fba7ac98b7 fix: Gitea | use ephemeral storage for package chunk uploads 
This helps speed up uploads since we use ephemeral storage for the
chunks rather than eating the overhead of encrypted persistant storage
for chunks, followed by copying over chunks to the final package.
2025-10-12 07:46:26 +05:00

157 lines
4.0 KiB
YAML
Raw Blame History

global:
storageClass: longhorn-crypto
image:
rootless: false
service:
http:
annotations:
metallb.universe.tf/allow-shared-ip: gitea
ssh:
annotations:
metallb.universe.tf/allow-shared-ip: gitea
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: cloudflare-issuer
cert-manager.io/acme-challenge-type: dns01
cert-manager.io/private-key-size: 4096
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
nginx.ingress.kubernetes.io/proxy-request-buffering: off
nginx.ingress.kubernetes.io/proxy-buffering: off
nginx.ingress.kubernetes.io/proxy-body-size: 0
nginx.ingress.kubernetes.io/proxy-read-timeout: 3600
nginx.ingress.kubernetes.io/proxy-send-timeout: 3600
nginx.ingress.kubernetes.io/client-body-timeout: 3600
nginx.ingress.kubernetes.io/proxy-connect-timeout: 3600
className: nginx-internal
hosts:
- host: git.dogar.dev
paths:
- path: /
pathType: Prefix
tls:
- secretName: gitea-tls
hosts:
- git.dogar.dev
gitea:
podAnnotations:
prometheus.io/scrape: "true"
prometheus.io/port: "6060"
admin:
existingSecret: gitea-admin
metrics:
enabled: true
serviceMonitor:
enabled: true
config:
server:
ENABLE_PPROF: true
ENABLE_GZIP: true
LFS_START_SERVER: true
SSH_DOMAIN: git.dogar.dev
PROTOCOL: https
CERT_FILE: /opt/gitea/tls/cert.pem
KEY_FILE: /opt/gitea/tls/key.pem
database:
DB_TYPE: postgres
HOST: postgres-cluster-rw
NAME: gitea
USER: gitea
SSL_MODE: require
cache:
ADAPTER: memory
session:
PROVIDER: db
PROVIDER_CONFIG: ""
queue:
TYPE: channel
lfs:
STORAGE_TYPE: local
service:
DISABLE_REGISTRATION: true
oauth2_client:
ENABLE_AUTO_REGISTRATION: true
mailer:
ENABLED: true
PROTOCOL: smtp+starttls
SMTP_ADDR: smtp.protonmail.ch
SMTP_PORT: 587
oauth:
- name: "authentik"
provider: "openidConnect"
existingSecret: gitea-oauth
autoDiscoverUrl: "https://auth.dogar.dev/application/o/gitea/.well-known/openid-configuration"
iconUrl: "https://goauthentik.io/img/icon.png"
scopes: "email profile"
additionalConfigFromEnvs:
- name: GITEA__MAILER__PASSWD
valueFrom:
secretKeyRef:
name: smtp-token
key: gitea-password
- name: GITEA__PACKAGES__CHUNKED_UPLOAD_PATH
value: "/tmp/gitea-uploads"
- name: GITEA__PACKAGES__CHUNKED_UPLOAD_CONCURRENCY
value: "4"
persistence:
enabled: true
size: 50Gi
accessModes:
- ReadWriteMany
deployment:
env:
- name: PGSSLMODE
value: verify-full
- name: PGSSLROOTCERT
value: /opt/gitea/.postgresql/root.crt
- name: PGSSLCERT
value: /opt/gitea/.postgresql/postgresql.crt
- name: PGSSLKEY
value: /opt/gitea/.postgresql/postgresql.key
extraVolumes:
- name: ssl-bundle
projected:
sources:
- secret:
name: gitea-client-cert
items:
- key: tls.crt
path: postgresql.crt
- key: tls.key
path: postgresql.key
mode: 0600
- secret:
name: postgres-server-cert
items:
- key: ca.crt
path: root.crt
- name: tls-bundle
projected:
sources:
- secret:
name: gitea-tls
items:
- key: tls.crt
path: cert.pem
- key: tls.key
path: key.pem
- name: gitea-temp
emptyDir: {}
extraInitVolumeMounts:
- name: ssl-bundle
mountPath: /opt/gitea/.postgresql
readOnly: true
extraContainerVolumeMounts:
- name: ssl-bundle
mountPath: /opt/gitea/.postgresql
readOnly: true
- name: tls-bundle
mountPath: /opt/gitea/tls
readOnly: true
- name: gitea-temp
mountPath: /tmp/gitea-uploads
postgresql-ha:
enabled: false
valkey-cluster:
enabled: false
Reference in New Issue View Git Blame Copy Permalink