diff --git a/apps/forgejo/admin-sealedsecret.yaml b/apps/forgejo/admin-sealedsecret.yaml new file mode 100644 index 0000000..797790b --- /dev/null +++ b/apps/forgejo/admin-sealedsecret.yaml @@ -0,0 +1,17 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: forgejo-admin-secret + namespace: forgejo +spec: + encryptedData: + password: AgBN+1xcD19wgIX7MHRdYG/OEBnLMjjXILufSIjUW06MLghc2EWlCrx6+p9zdI2WLTdyS53ZzOPTkXNi9pwA2zLH7jA8VmdZ6Y2mpnQddkzV77NOBQhqAQEzcV3050Z3Owv1hhV/h2nNS10/22U8ObZT5wd4dSqpZvdt7BgU2Hfn1jNw+57CNrA+W2I1iX0M3B6kHrXR/uWs7K1pWeEoAR3ZM+HuljNKIZlLjFMSVPldlB6Y57q3pmKCGE28i2PG4RdFzglc4pJjlZ7j8a1DDHPPWxIXFNGf4aW+jW/3e+jwsloK1qDloLFVIxQrLcWBiomMK6ZvabQchpsG+QK0Mz4lQAQCJOj/e4Pwn4qbcEzs8auK7eWKZ9nOHDVql0FIbB9FRvk5zr5IhCEMNqzynUiG7WsYQVrDbee1wC1VgP6APcdmnT1caCbvxnl9oQIssRr5aimmWneSPL119AVSSJZC6nZI+SGWZ5DgymXcyg4R6Kq6C9wRsHNfUdwr4sQBCjgjFkQB7tGEJOU0lZTXmKkXi9QzFrkC49+/lNqwR7wQBQXw1nwREWkPy9DKIWx22Y6UDE9kKTK/IVGtMeUw5g2mwuNoAp3Sm7cBH03QpMitILx5/BiF+lI/GTPxNTj3LIL5Ra1uRm4+jYCXKJtFMlEqqscEFDedxfwb4RLzICx3YiHY51ZWKScLpUgguwmJZCGMl/WD/c5B6gMu2799agVB + username: AgDAku85WN9Qa8CGaXTfaaq964nomk7xBSREtuO4Jd31a496GI4ISky8KwabelWLW08Fy0zG4lMy8kOlLEMZPd52P+mouPzKaRmDfv/pX57itM4QLfXoIszg66ppIjGW6JQj3EJ5PSs9jkKjoG5mEyOSJht2J/X9V93PTq6mjR/p0219ASyrQ7WoU13ULZi6A0ONIaLN9lT3q9Zd8yMq+fGYkAeRHWWAjtD7lLQi6ALS+IDN0X2iaKaW7g6K0YHTI7J+3TZmSA0j4fYuInQl1xp5NwurWcPm+THw+Koz/rheVId8i4wiksuuC7rL+M7OoCzngid03wIqzAJyh12zAhSAjEwtA5B6wzWFxUdyIp4JAXBh3nvRVXSy/kEuutVa71oAuAoGC+f8ov/j44cbyFAJ+yxlaZqAj8Ari9lSvpR6IIZJfMDB1MvNkIiwNfhKrxZWNP+wFkDl9TAwHCjm61MVUJMrqVWAMs3aEPybaN+RJnzbMOuUb13NeOSj8UDoKp1JRvluxnDfQIAi0PD5+3z0jp85dIewjBPKXPYHuWdRsW6J24q63v2rq0zLCpO3xn4cHxITqhtUZVZQbrme58fKqJL9rbDYrcCtv1rIfHg5sCs8I+pCx1L7CwbL5Ro/WZ2yUwUaGXVnfSC0XiIndHD71wS39aNMkmfDckCeJwwCgfnxIYBTQhrVnJpH6LT35irFjetgZyP4DjM= + template: + metadata: + creationTimestamp: null + name: forgejo-admin-secret + namespace: forgejo + type: Opaque + diff --git a/apps/forgejo/forgejo-sealedsecret.yaml b/apps/forgejo/forgejo-sealedsecret.yaml new file mode 100644 index 0000000..dac7ef3 --- /dev/null +++ b/apps/forgejo/forgejo-sealedsecret.yaml @@ -0,0 +1,16 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: forgejo-secret + namespace: forgejo +spec: + encryptedData: + database: AgDbUHZcALsdkIMHs6wTdKpUzma4ugEuGxeV2zIwhqsMrEyMk0Ud6f020/Hdr2zB+kz1Zj+zot7hItSEcIHS9Olxbqyr3drBii4n9+kMHB/cMQ4CBSuGSaylqI66I8zDWtLxRESi6JKcwH/p1/4VyYiVA9oqzqklki0UZGucB2flEAKRbTfuxHmXxCo8JQYGEMBBpYaIjVsGEgJ6QyWGJkUKaopSyZtCInf//D/Nt8X38HU1UQVrlXbeKwnnExk9Zg80hNV0uFZaBNPfaSSn8fiLU9ck4aZf+s2qJX3uYemvZuaieOcrX89gVcYsN9zbk9ADSLbak7eeuSwFdzK1rteEqHdHcNC3L8N7ssemRX9gCKUEuE/gmW7YdfbevjyUlArAcEillrCatZ92IXZFr5YQL2rhLraCUI7Pq58Qrza3Yz7/+8bhVvAl8ocTUggua6qwPpEbxDW7w4f/j8VpJMeLQ9Y/L1ASHmw+71tdGwuWsif42gqOUW0kS/nZwiLDae1xY3p+gRv9oN0zCZYhX8+MuRq4zPrj9zYoq2+5Iee2390jm55/qPd6K3nmmOGjR93Up5Y37jWP0Is9mLIX0xjvrym9DwUQFDLQZy5iIYRBmoTR4jJxhQp4BDiWZwAIUvW2gPWcujiQCwAQcXRf239xL/Lpcolh/eSNUp7zsdCJ4Xq5NSi4p7S2dAd2zg1Z5hC6NItTnNoWh/MpR3dvPAX3a3SzZ1JtLNuwjYyd+EPlRpwhIK4YXFcW1RwPilH3+euzD6O8o8FkOGuw5I2a9RMSEURmk5wUQkeUqBotIFTYzIcTLJk26DivYlnA2NBOK7ZXpZ8= + template: + metadata: + creationTimestamp: null + name: forgejo-secret + namespace: forgejo + type: Opaque + diff --git a/apps/forgejo/namespace.yaml b/apps/forgejo/namespace.yaml new file mode 100644 index 0000000..d6d6a59 --- /dev/null +++ b/apps/forgejo/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: forgejo + labels: + name: forgejo diff --git a/apps/forgejo/postgres-sealedsecret.yaml b/apps/forgejo/postgres-sealedsecret.yaml new file mode 100644 index 0000000..97aafb7 --- /dev/null +++ b/apps/forgejo/postgres-sealedsecret.yaml @@ -0,0 +1,17 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: postgres-secret + namespace: forgejo +spec: + encryptedData: + replicationUserPassword: AgBg3d2CHxZPtbOb61OKFJIf8pOA0xkJdWGlWaUigss1ESZBBaycqP0EHo2E1tuX+YOuOnodQ2qPSDyF8qlAa40bVtmTH1guZffCGELsA3iUY7hzN/mxExWbZbzZle5RaQvKoNtUXiMuNkZbqV3mQUCaK+ilj26b0CWmyDnRL5ls2ZqdqNPNTVZv5oWENjRIxyH6BGwc9cjrUQr9+tEHqHoy67QvD07nGDfyBydYVi74NvefDW+LEG8DtTuJYG4dzJkNsEYgXWErfCRxRUTFD9O8HXLsJHuxW4P48QYBWIzpCHilvIk2dIHD8PYsIcp+5d0qMty2A4o1nHT7xSqR2ufQMGQTke5LcJ27nAbnOigbxbtTbKDaOKhNQGfXo87JPKyDu7GQCevolaLnaalyTkPvZ2I+9/vPvO9xJ+iXsNkiu/4ZZnoZkLfdm2k5a1VPZxK1jnXhkRr+G1rCwbRP6XUQjCFCXpPXnwJixRp/rGnsVu3WnL89dEutXxu2+yyeP6xhSCYKH8voxbSnp+DqH9WWf32/qRZG7OMKc7W69j6BMfp3twYosyJaboVxFEWaxRELsoxIznFS5azumT738z2S3jeRw8ewdCmg9QJv2SraDtkYeqoLhEv+CaTVFwMKKbdVsxYYHL09/PzxvNFC4F8GxXuk8ok1/aKuRYhqDGbSHnc4g1W7G6D2a8UMZPMYsYRhd6vty+mo4EDBGNdHuggm + superUserPassword: AgAQlm8rpIaHTu7D9n4kt5iVlS/XLHK7Msf4Ox/64hpZuzKrm5dPqeUrbT5e+JjdVvQUmMloTozH4C/iuAJvobLRrJ0A0CLMi+DQBsw/Rs/NUtyjsuLybVf3hdDFKEUApetSsyIQBEtWiDRXnJwevyclMhrzAMQeAaTCXffA3p8HHz0PIlvLu51ZGkewXROwWLP1QQyl/eeR3lnWdEVsWlPADhD1EzivInekC0YT2O+xRYLFnNtaAyam8YS8oGXaCkmXRL86dKNQskniVsO7Y7hU6FS5YWTlyNaQOSeA1P+tf3gQy/mTp/T6uV8HvffLkUlIRzsH5XI3qit5bGjq5m0/2H5gOU26m2RiV1RLxhcGcpeg2VNSJlllDEW7QVCHpwnJ0AlLYS36Wd9f/HAjPq5NkDYuGGgOILCvfYikYXGYKmYFCFybzyDzexhM0wkEjRNZFkXYzAu2dvt6k6iCxr8uRAJOtGUKDeGBAr48d5Kdh97zXHFdhPRog6r7dk8VGlaKV0wX0UhLZ/SlQCXaw5vr/m+pdlWuaWx6jCCBUb6jIlvmQNOQzbpSOCb2bpfK4K4BcOgA10jXEW18Nv+ih1an8g1Jb1tgJ0ohn6V6yYDTAUQYZjfy/RrOYIwhddwYNO7ddqgtjmhTsSDroHhVX7ov9L+QX2tMw328Ulaxy0DYthN/kPleX+8+F4sCsGQrA8kgvyJRa2F3uqHHaPe0Z4+R + template: + metadata: + creationTimestamp: null + name: postgres-secret + namespace: forgejo + type: Opaque + diff --git a/apps/forgejo/postgres.yaml b/apps/forgejo/postgres.yaml new file mode 100644 index 0000000..adce735 --- /dev/null +++ b/apps/forgejo/postgres.yaml @@ -0,0 +1,26 @@ +apiVersion: kubegres.reactive-tech.io/v1 +kind: Kubegres +metadata: + name: forgejo-db + namespace: forgejo + +spec: + + replicas: 2 + image: postgres:16-alpine + + database: + size: 10Gi + + env: + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-secret + key: superUserPassword + + - name: POSTGRES_REPLICATION_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-secret + key: replicationUserPassword diff --git a/apps/forgejo/route.yaml b/apps/forgejo/route.yaml new file mode 100644 index 0000000..a89a9ad --- /dev/null +++ b/apps/forgejo/route.yaml @@ -0,0 +1,28 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: forgejo-route-http + namespace: forgejo +spec: + entryPoints: + - web + routes: + - match: Host(`git.trivernis.dev`) + kind: Rule + services: + - name: forgejo-http + port: 3000 +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRouteTCP +metadata: + name: forgejo-route-ssh + namespace: forgejo +spec: + entryPoints: + - ssh + routes: + - match: HostSNI(`*`) + services: + - name: forgejo-ssh + port: 22 diff --git a/apps/forgejo/values.yaml b/apps/forgejo/values.yaml index 40a1430..2749ded 100644 --- a/apps/forgejo/values.yaml +++ b/apps/forgejo/values.yaml @@ -1,11 +1,18 @@ gitea: + admin: + existingSecret: forgejo-admin-secret additionalConfigSources: - secret: secretName: forgejo-secret config: - APP_NAME: 'Forgejo: My super awesome Git Server.' - database: - + APP_NAME: 'Forgejo: My super awesome Git Server.' + server: + DOMAIN: git.trivernis.dev + SSH_DOMAIN: git.trivernis.dev + ROOT_URL: https://git.trivernis.dev memcached: - enabled: true \ No newline at end of file + enabled: true + +postgresql: + enabled: false \ No newline at end of file diff --git a/apps/traefik/traefik-config.yaml b/apps/traefik/traefik-config.yaml index 86f5221..8dc72bd 100644 --- a/apps/traefik/traefik-config.yaml +++ b/apps/traefik/traefik-config.yaml @@ -12,4 +12,9 @@ spec: web: exposedPort: 8000 websecure: - exposedPort: 8443 \ No newline at end of file + exposedPort: 8443 + ssh: + port: 8022 + expose: true + exposedPort: 8022 + protocoL: TCP \ No newline at end of file