--- apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: name: gitea namespace: development spec: interval: 5m chart: spec: # renovate: registryUrl=https://dl.gitea.io/charts chart: gitea version: 5.0.9 sourceRef: kind: HelmRepository name: gitea-charts namespace: flux-system interval: 5m values: image: repository: gitea/gitea tag: 1.16.8 rootless: true containerSecurityContext: capabilities: add: ["SYS_CHROOT"] gitea: admin: email: ${SECRET_GITEA_ADMIN_EMAIL} username: auricom password: ${SECRET_GITEA_ADMIN_PASSWORD} config: APP_NAME: "Homelab Gitea" cron.resync_all_sshkeys: ENABLED: true RUN_AT_START: true database: DB_TYPE: postgres HOST: postgresql-kube.data.svc.cluster.local.:5432 NAME: gitea USER: gitea PASSWD: ${SECRET_GITEA_DB_PASSWORD} SCHEMA: public server: SSH_PORT: 22 SSH_LISTEN_PORT: 30322 SSH_DOMAIN: gitea.${SECRET_CLUSTER_DOMAIN_ROOT} ROOT_URL: https://gitea.${SECRET_CLUSTER_DOMAIN} respository: DEFAULT_PRIVATE: true admin: DISABLE_REGULAR_ORG_CREATION: true security: PASSWORD_COMPLEXITY: "lower,upper" MIN_PASSWORD_LENGTH: 12 service: DISABLE_REGISTRATION: true REQUIRE_SIGNIN_VIEW: true webhook: ALLOWED_HOST_LIST: "drone.k3s.xpander.ovh" postgresql: enabled: false memcached: image: repository: bitnami/memcached tag: 1.6.15 service: port: 11211 persistence: enabled: true size: 10Gi existingClaim: "gitea-config" service: annotations: prometheus.io/probe: "true" prometheus.io/protocol: "tcp" ssh: type: LoadBalancer port: 22 externalTrafficPolicy: Local externalIPs: - ${CLUSTER_LB_GITEA} ingress: enabled: true className: nginx hosts: - host: "gitea.${SECRET_CLUSTER_DOMAIN}" paths: - path: / pathType: Prefix tls: - hosts: - "gitea.${SECRET_CLUSTER_DOMAIN}" secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}"