apiVersion: v1
kind: ConfigMap
metadata:
  name: stackspin-forgejo-values
  namespace: stackspout
data:
  values.yaml: |
    ingress:
      enabled: true
      annotations:
        kubernetes.io/tls-acme: "true"
        nginx.ingress.kubernetes.io/proxy-body-size: "50m"
      hosts:
        - host: "forge.${domain}"
          paths:
             - path: /
               pathType: Prefix
      tls:
        - secretName: forgejo-tls
          hosts:
            - "forge.${domain}"
    gitea:
      admin:
        username: "forgejo"
        email: "${admin_email}"
        password: "${password}"
      # https://codeberg.org/forgejo-contrib/forgejo-helm#oauth2-settings
      oauth:
        - name: Stackspin
          provider: "openidConnect"
          key: "${client_id}"
          secret: "${client_secret}"
          autoDiscoverUrl: "https://${hydra_domain}/.well-known/openid-configuration"
          iconUrl: "https://${dashboard_domain}/favicon-32x32.png"
      # https://forgejo.org/docs/latest/admin/config-cheat-sheet/
      config:
        database:
          DB_TYPE: postgres
        session:
          PROVIDER: db
        cache:
          ADAPTER: memory
        queue:
          TYPE: level
        indexer:
          ISSUE_INDEXER_TYPE: bleve
          REPO_INDEXER_ENABLED: true

        APP_NAME: "Forge for ${company_name}"
        repository:
          DEFAULT_PUSH_CREATE_PRIVATE: false
          ENABLE_PUSH_CREATE_USER: true
          ENABLE_PUSH_CREATE_ORG: true
          DEFAULT_REPO_UNITS: [repo.code,repo.releases,repo.issues,repo.pulls]
          MAX_CREATION_LIMIT: 99
        server:
          ROOT_URL: "https://forge.${domain}"
          LANDING_PAGE: login
        openid:
          ENABLE_OPENID_SIGNUP: true
        service:
          DISABLE_REGISTRATION: false
          ALLOW_ONLY_EXTERNAL_REGISTRATION: true
        log:
          LEVEL: "Debug"
      podAnnotations:
        backup.velero.io/backup-volumes: "data"
    persistence:
      enabled: true
      mount: true
      create: false
      claimName: forgejo-data
      labels:
        stackspin.net/backupSet: "forgejo"
    deployment:
      labels:
        stackspin.net/backupSet: "forgejo"
    podLabels:
      stackspin.net/backupSet: "forgejo"

    redis-cluster:
      enabled: false
    postgresql-ha:
      enabled: false
    postgresql:
      enabled: true
      commonLabels:
        stackspin.net/backupSet: "forgejo"
      global:
        postgresql:
          auth:
            database: gitea
            username: gitea
            password: gitea # "${postgresql_password}"
            postgresPassword: "${postgresql_admin_password}"
      primary:
        podAnnotations:
          backup.velero.io/backup-volumes: "data"
        persistence:
          existingClaim: forgejo-postgres

    service:
      ssh:
        type: LoadBalancer
        hostPort: 22
        externalTrafficPolicy: "Local"
        loadBalancerIP: "${ip_address}"
        annotations:
          metallb.universe.tf/allow-shared-ip: "share-ipv4"