Add forgejo definitions

main
trivernis 1 year ago
parent 51c7e6080b
commit 79096d942a
Signed by: Trivernis
GPG Key ID: DFFFCC2C7A02DB45

@ -0,0 +1,14 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: miniflux
metadata:
name: miniflux
resources:
- app/namespace.yaml
- app/forgejo-sealedsecret.yaml
- app/admin-sealedsecret.yaml
- app/postgres-sealedsecret.yaml
- app/postgres.yaml
- app/repository.yaml
- app/release.yaml
- app/route.yaml

@ -0,0 +1,17 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: forgejo-admin-secret
namespace: forgejo
spec:
encryptedData:
password: AgBN+1xcD19wgIX7MHRdYG/OEBnLMjjXILufSIjUW06MLghc2EWlCrx6+p9zdI2WLTdyS53ZzOPTkXNi9pwA2zLH7jA8VmdZ6Y2mpnQddkzV77NOBQhqAQEzcV3050Z3Owv1hhV/h2nNS10/22U8ObZT5wd4dSqpZvdt7BgU2Hfn1jNw+57CNrA+W2I1iX0M3B6kHrXR/uWs7K1pWeEoAR3ZM+HuljNKIZlLjFMSVPldlB6Y57q3pmKCGE28i2PG4RdFzglc4pJjlZ7j8a1DDHPPWxIXFNGf4aW+jW/3e+jwsloK1qDloLFVIxQrLcWBiomMK6ZvabQchpsG+QK0Mz4lQAQCJOj/e4Pwn4qbcEzs8auK7eWKZ9nOHDVql0FIbB9FRvk5zr5IhCEMNqzynUiG7WsYQVrDbee1wC1VgP6APcdmnT1caCbvxnl9oQIssRr5aimmWneSPL119AVSSJZC6nZI+SGWZ5DgymXcyg4R6Kq6C9wRsHNfUdwr4sQBCjgjFkQB7tGEJOU0lZTXmKkXi9QzFrkC49+/lNqwR7wQBQXw1nwREWkPy9DKIWx22Y6UDE9kKTK/IVGtMeUw5g2mwuNoAp3Sm7cBH03QpMitILx5/BiF+lI/GTPxNTj3LIL5Ra1uRm4+jYCXKJtFMlEqqscEFDedxfwb4RLzICx3YiHY51ZWKScLpUgguwmJZCGMl/WD/c5B6gMu2799agVB
username: AgDAku85WN9Qa8CGaXTfaaq964nomk7xBSREtuO4Jd31a496GI4ISky8KwabelWLW08Fy0zG4lMy8kOlLEMZPd52P+mouPzKaRmDfv/pX57itM4QLfXoIszg66ppIjGW6JQj3EJ5PSs9jkKjoG5mEyOSJht2J/X9V93PTq6mjR/p0219ASyrQ7WoU13ULZi6A0ONIaLN9lT3q9Zd8yMq+fGYkAeRHWWAjtD7lLQi6ALS+IDN0X2iaKaW7g6K0YHTI7J+3TZmSA0j4fYuInQl1xp5NwurWcPm+THw+Koz/rheVId8i4wiksuuC7rL+M7OoCzngid03wIqzAJyh12zAhSAjEwtA5B6wzWFxUdyIp4JAXBh3nvRVXSy/kEuutVa71oAuAoGC+f8ov/j44cbyFAJ+yxlaZqAj8Ari9lSvpR6IIZJfMDB1MvNkIiwNfhKrxZWNP+wFkDl9TAwHCjm61MVUJMrqVWAMs3aEPybaN+RJnzbMOuUb13NeOSj8UDoKp1JRvluxnDfQIAi0PD5+3z0jp85dIewjBPKXPYHuWdRsW6J24q63v2rq0zLCpO3xn4cHxITqhtUZVZQbrme58fKqJL9rbDYrcCtv1rIfHg5sCs8I+pCx1L7CwbL5Ro/WZ2yUwUaGXVnfSC0XiIndHD71wS39aNMkmfDckCeJwwCgfnxIYBTQhrVnJpH6LT35irFjetgZyP4DjM=
template:
metadata:
creationTimestamp: null
name: forgejo-admin-secret
namespace: forgejo
type: Opaque

@ -0,0 +1,16 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: forgejo-secret
namespace: forgejo
spec:
encryptedData:
database: AgDbUHZcALsdkIMHs6wTdKpUzma4ugEuGxeV2zIwhqsMrEyMk0Ud6f020/Hdr2zB+kz1Zj+zot7hItSEcIHS9Olxbqyr3drBii4n9+kMHB/cMQ4CBSuGSaylqI66I8zDWtLxRESi6JKcwH/p1/4VyYiVA9oqzqklki0UZGucB2flEAKRbTfuxHmXxCo8JQYGEMBBpYaIjVsGEgJ6QyWGJkUKaopSyZtCInf//D/Nt8X38HU1UQVrlXbeKwnnExk9Zg80hNV0uFZaBNPfaSSn8fiLU9ck4aZf+s2qJX3uYemvZuaieOcrX89gVcYsN9zbk9ADSLbak7eeuSwFdzK1rteEqHdHcNC3L8N7ssemRX9gCKUEuE/gmW7YdfbevjyUlArAcEillrCatZ92IXZFr5YQL2rhLraCUI7Pq58Qrza3Yz7/+8bhVvAl8ocTUggua6qwPpEbxDW7w4f/j8VpJMeLQ9Y/L1ASHmw+71tdGwuWsif42gqOUW0kS/nZwiLDae1xY3p+gRv9oN0zCZYhX8+MuRq4zPrj9zYoq2+5Iee2390jm55/qPd6K3nmmOGjR93Up5Y37jWP0Is9mLIX0xjvrym9DwUQFDLQZy5iIYRBmoTR4jJxhQp4BDiWZwAIUvW2gPWcujiQCwAQcXRf239xL/Lpcolh/eSNUp7zsdCJ4Xq5NSi4p7S2dAd2zg1Z5hC6NItTnNoWh/MpR3dvPAX3a3SzZ1JtLNuwjYyd+EPlRpwhIK4YXFcW1RwPilH3+euzD6O8o8FkOGuw5I2a9RMSEURmk5wUQkeUqBotIFTYzIcTLJk26DivYlnA2NBOK7ZXpZ8=
template:
metadata:
creationTimestamp: null
name: forgejo-secret
namespace: forgejo
type: Opaque

@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
name: forgejo
labels:
name: forgejo

@ -0,0 +1,17 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: postgres-secret
namespace: forgejo
spec:
encryptedData:
replicationUserPassword: AgBg3d2CHxZPtbOb61OKFJIf8pOA0xkJdWGlWaUigss1ESZBBaycqP0EHo2E1tuX+YOuOnodQ2qPSDyF8qlAa40bVtmTH1guZffCGELsA3iUY7hzN/mxExWbZbzZle5RaQvKoNtUXiMuNkZbqV3mQUCaK+ilj26b0CWmyDnRL5ls2ZqdqNPNTVZv5oWENjRIxyH6BGwc9cjrUQr9+tEHqHoy67QvD07nGDfyBydYVi74NvefDW+LEG8DtTuJYG4dzJkNsEYgXWErfCRxRUTFD9O8HXLsJHuxW4P48QYBWIzpCHilvIk2dIHD8PYsIcp+5d0qMty2A4o1nHT7xSqR2ufQMGQTke5LcJ27nAbnOigbxbtTbKDaOKhNQGfXo87JPKyDu7GQCevolaLnaalyTkPvZ2I+9/vPvO9xJ+iXsNkiu/4ZZnoZkLfdm2k5a1VPZxK1jnXhkRr+G1rCwbRP6XUQjCFCXpPXnwJixRp/rGnsVu3WnL89dEutXxu2+yyeP6xhSCYKH8voxbSnp+DqH9WWf32/qRZG7OMKc7W69j6BMfp3twYosyJaboVxFEWaxRELsoxIznFS5azumT738z2S3jeRw8ewdCmg9QJv2SraDtkYeqoLhEv+CaTVFwMKKbdVsxYYHL09/PzxvNFC4F8GxXuk8ok1/aKuRYhqDGbSHnc4g1W7G6D2a8UMZPMYsYRhd6vty+mo4EDBGNdHuggm
superUserPassword: AgAQlm8rpIaHTu7D9n4kt5iVlS/XLHK7Msf4Ox/64hpZuzKrm5dPqeUrbT5e+JjdVvQUmMloTozH4C/iuAJvobLRrJ0A0CLMi+DQBsw/Rs/NUtyjsuLybVf3hdDFKEUApetSsyIQBEtWiDRXnJwevyclMhrzAMQeAaTCXffA3p8HHz0PIlvLu51ZGkewXROwWLP1QQyl/eeR3lnWdEVsWlPADhD1EzivInekC0YT2O+xRYLFnNtaAyam8YS8oGXaCkmXRL86dKNQskniVsO7Y7hU6FS5YWTlyNaQOSeA1P+tf3gQy/mTp/T6uV8HvffLkUlIRzsH5XI3qit5bGjq5m0/2H5gOU26m2RiV1RLxhcGcpeg2VNSJlllDEW7QVCHpwnJ0AlLYS36Wd9f/HAjPq5NkDYuGGgOILCvfYikYXGYKmYFCFybzyDzexhM0wkEjRNZFkXYzAu2dvt6k6iCxr8uRAJOtGUKDeGBAr48d5Kdh97zXHFdhPRog6r7dk8VGlaKV0wX0UhLZ/SlQCXaw5vr/m+pdlWuaWx6jCCBUb6jIlvmQNOQzbpSOCb2bpfK4K4BcOgA10jXEW18Nv+ih1an8g1Jb1tgJ0ohn6V6yYDTAUQYZjfy/RrOYIwhddwYNO7ddqgtjmhTsSDroHhVX7ov9L+QX2tMw328Ulaxy0DYthN/kPleX+8+F4sCsGQrA8kgvyJRa2F3uqHHaPe0Z4+R
template:
metadata:
creationTimestamp: null
name: postgres-secret
namespace: forgejo
type: Opaque

@ -0,0 +1,22 @@
apiVersion: kubegres.reactive-tech.io/v1
kind: Kubegres
metadata:
name: forgejo-db
namespace: forgejo
spec:
replicas: 1
image: postgres:16-alpine
database:
size: 10Gi
env:
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-secret
key: superUserPassword
- name: POSTGRES_REPLICATION_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-secret
key: replicationUserPassword

@ -0,0 +1,34 @@
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: forgejo
namespace: forgejo
spec:
releaseName: forgejo
chart:
spec:
chart: forgejo
sourceRef:
kind: HelmRepository
name: forgejo
interval: 60m
install:
remediation:
retries: 3
values:
gitea:
admin:
existingSecret: forgejo-admin-secret
additionalConfigSources:
- secret:
secretName: forgejo-secret
config:
APP_NAME: 'Forgejo: My super awesome Git Server.'
server:
DOMAIN: git.trivernis.dev
SSH_DOMAIN: git.trivernis.dev
ROOT_URL: https://git.trivernis.dev
memcached:
enabled: true
postgresql:
enabled: false

@ -0,0 +1,9 @@
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: forgejo
namespace: forgejo
spec:
type: oci
interval: 60m
url: oci://codeberg.org/forgejo-contrib

@ -0,0 +1,28 @@
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: forgejo-route-http
namespace: forgejo
spec:
entryPoints:
- web
routes:
- match: Host(`git.trivernis.dev`)
kind: Rule
services:
- name: forgejo-http
port: 3000
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
name: forgejo-route-ssh
namespace: forgejo
spec:
entryPoints:
- ssh
routes:
- match: HostSNI(`*`)
services:
- name: forgejo-ssh
port: 22

@ -15,6 +15,21 @@ spec:
--- ---
apiVersion: kustomize.toolkit.fluxcd.io/v1 apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization kind: Kustomization
metadata:
name: apps-forgejo
namespace: flux-system
spec:
interval: 5m
sourceRef:
kind: GitRepository
name: flux-system
path: ./apps/forgejo
prune: true
wait: true
timeout: 5m0s
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata: metadata:
name: apps-longhorn name: apps-longhorn
namespace: flux-system namespace: flux-system

Loading…
Cancel
Save