apps: remove gitea because forgejo is fine

This commit is contained in:
xeruf 2024-04-04 12:32:41 +02:00
parent f1514e1929
commit e1fc192dbb
15 changed files with 2 additions and 230 deletions

View File

@ -1,25 +0,0 @@
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
name: gitea
namespace: flux-system
spec:
interval: 10m
retryInterval: 2m
wait: true
timeout: 3m
dependsOn:
- name: single-sign-on
sourceRef:
kind: GitRepository
name: stackspout
path: ./apps/code
prune: true
postBuild:
substituteFrom:
#- kind: Secret
# name: stackspin-gitea-variables
- kind: Secret
name: stackspin-gitea-oauth-variables
- kind: Secret
name: stackspin-cluster-variables

View File

@ -1,12 +0,0 @@
---
apiVersion: secretgenerator.mittwald.de/v1alpha1
kind: StringSecret
metadata:
name: stackspin-gitea-oauth-variables
namespace: flux-system
spec:
data:
client_id: gitea
fields:
- fieldName: client_secret
length: "32"

View File

@ -1,11 +0,0 @@
---
apiVersion: secretgenerator.mittwald.de/v1alpha1
kind: StringSecret
metadata:
name: stackspin-gitea-variables
namespace: flux-system
spec:
fields:
- fieldName: gitea_mariadb_password
- fieldName: gitea_mariadb_root_password
- fieldName: gitea_session_secret

View File

@ -1,15 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gitea-data
namespace: stackspout
labels:
stackspin.net/backupSet: "gitea"
spec:
accessModes:
- ReadWriteOnce
volumeMode: Filesystem
resources:
requests:
storage: 2Gi
storageClassName: local-path

View File

@ -1,21 +0,0 @@
apiVersion: hydra.ory.sh/v1alpha1
kind: OAuth2Client
metadata:
name: gitea-oauth-client
# Has to live in the same namespace as the stackspin-*-oauth-variables secret
namespace: flux-system
spec:
# TODO copied from wekan: https://github.com/wekan/wekan/wiki/Keycloak
grantTypes:
- authorization_code
- refresh_token
- client_credentials
- implicit
responseTypes:
- id_token
- code
scope: "openid profile email stackspin_roles"
secretName: stackspin-gitea-oauth-variables
redirectUris:
- https://code.${domain}/user/oauth2/Stackspin/callback
tokenEndpointAuthMethod: client_secret_post

View File

@ -1,15 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gitea-postgres
namespace: stackspout
labels:
stackspin.net/backupSet: "gitea"
spec:
accessModes:
- ReadWriteOnce
volumeMode: Filesystem
resources:
requests:
storage: 2Gi
storageClassName: local-path

View File

@ -1,28 +0,0 @@
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: gitea
namespace: stackspout
spec:
releaseName: gitea
chart:
spec:
# https://gitea.com/gitea/helm-chart/tags
chart: gitea
version: 6.0.5
sourceRef:
kind: HelmRepository
name: gitea
namespace: flux-system
interval: 5m
valuesFrom:
- kind: ConfigMap
name: stackspin-gitea-values
optional: false
# Allow overriding values by ConfigMap or Secret
- kind: ConfigMap
name: stackspin-gitea-override
optional: true
- kind: Secret
name: stackspin-gitea-override
optional: true

View File

@ -1,56 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: stackspin-gitea-values
namespace: stackspout
data:
values.yaml: |
ingress:
enabled: true
annotations:
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "50m"
hosts:
- host: "code.${domain}"
paths:
- path: /
pathType: Prefix
tls:
- secretName: gitea-tls
hosts:
- "code.${domain}"
gitea:
# https://gitea.com/gitea/helm-chart/src/branch/main#oauth2-settings
oauth:
- name: Stackspin
provider: "openidConnect"
key: "${client_id}"
secret: "${client_secret}"
autoDiscoverUrl: "https://${hydra_domain}/.well-known/openid-configuration"
iconUrl: "https://dashboard.${domain}/favicon-32x32.png"
# https://docs.gitea.io/en-us/config-cheat-sheet
config:
repository:
DEFAULT_PUSH_CREATE_PRIVATE: false
ENABLE_PUSH_CREATE_USER: true
ENABLE_PUSH_CREATE_ORG: true
server:
ROOT_URL: "https://code.${domain}"
LANDING_PAGE: login
openid:
ENABLE_OPENID_SIGNUP: true
service:
DISABLE_REGISTRATION: false
ALLOW_ONLY_EXTERNAL_REGISTRATION: true
log:
LEVEL: "Trace"
persistence:
enabled: true
existingClaim: gitea-data
postgresql:
persistence:
enabled: true
existingClaim: gitea-postgres
service:
ssh:
hostPort: 22

View File

@ -1,7 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-services
namespace: stackspout
data:
22: "gitea:22"

View File

@ -1,9 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- gitea-release.yaml
- gitea-values-configmap.yaml
- metallb-gitea.yaml
- gitea-oauth-client.yaml
- gitea-data-pvc.yaml
- gitea-postgres-pvc.yaml

View File

@ -1,18 +0,0 @@
# https://metallb.org/usage/
apiVersion: v1
kind: Service
metadata:
name: gitea-ssh
namespace: stackspout
annotations:
metallb.universe.tf/allow-shared-ip: "share-ipv4"
spec:
type: LoadBalancer
loadBalancerIP: "${ip_address}"
ports:
- name: ssh
protocol: TCP
port: 22
targetPort: 22
selector:
app: gitea

View File

@ -1,4 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- gitea-kustomization.yaml

View File

@ -140,4 +140,4 @@ data:
type: 'RollingUpdate' type: 'RollingUpdate'
rollingUpdate: rollingUpdate:
maxSurge: '25%' maxSurge: '25%'
maxUnavailable: '25%' maxUnavailable: '100%'

View File

@ -5,6 +5,7 @@ metadata:
namespace: stackspout namespace: stackspout
data: data:
values.yaml: | values.yaml: |
# https://git.lecygnenoir.info/LecygneNoir/peertube-helm/src/branch/master/values.yaml
commonLabels: commonLabels:
stackspin.net/backupSet: "peertube" stackspin.net/backupSet: "peertube"
podLabels: podLabels:

View File

@ -1,8 +0,0 @@
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: gitea
namespace: flux-system
spec:
interval: 60m
url: https://dl.gitea.io/charts/