diff --git a/clusters/ipv6/git-ops/gitea/gitea-db-secret.yml b/clusters/ipv6/git-ops/gitea/gitea-db-secret.yml new file mode 100644 index 0000000..642dc4e --- /dev/null +++ b/clusters/ipv6/git-ops/gitea/gitea-db-secret.yml @@ -0,0 +1,14 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: gitea-db-secret + namespace: git-ops +spec: + encryptedData: + password: AgBxCXaMOGkUefM9N5GG2Ref5/0yz2son/3Sq55dfL+AIE+3c2xcn2sG5GV4V5lTFVsxVfKULSc5n6YaIDmHhPJJOnhE3QAgYuje/LJrQ6aF/g3mRRB1kKGXuOg5MsA/2+cjfmF7MWSvRwsbX3GDEpbx2p5D6bky8nsa+zaafBcHbr6ZZ9CXbKmQ+r/6ccqDP7drOlsKq9bMiLDuvLmPZYV++aKrZ5taSNBUfVynmTQagT04dT6EI41mXJvwydkrUi8GbygsRTvZFEZte3kPgZzV+pBPraHg+21as/frcXyGHxpnrzFv3G68heSmNWl+Oa7tkibdMkbQ7Gkv9eCEZ973Gisko2/w6HMayR7tBKtVFvBo5xa3SsHBfJ6it/wAm+gywJjsUbDZjJHxf2xCrcqGEVoOq3NQ9D93L6gZBYbQZjgHgrOyIrgSnxoQbKPOBVP50BUlof0ih4bbTDAOsJ1MRUIBQGFUycJGjT144bFNFJi5YOf9sYe+hc+73e2ryO/nEkfAW1zYkgXcaDJJhWgKpKtvfbh+GU9B8unXFH0yUEqECxhvDHi8tDTD4dCbnpdkttfQostAdvizkpWoS620JdZlDCLrwJAYLMO2MKpoXZpC3IIZzzRSeDJTUXNRYKRdjcaqCGb/cUk1iF0SW0Eu09g58Ugn9miCtF1ytFCunv+1GkLcG1Y7BItxtRM4wBSJbHjD1TepPxEV + template: + metadata: + name: gitea-db-secret + namespace: git-ops + type: Opaque diff --git a/clusters/ipv6/git-ops/gitea/gitea-db.yml b/clusters/ipv6/git-ops/gitea/gitea-db.yml new file mode 100644 index 0000000..161b769 --- /dev/null +++ b/clusters/ipv6/git-ops/gitea/gitea-db.yml @@ -0,0 +1,51 @@ +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: gitea-db + namespace: git-ops +spec: + selector: + matchLabels: + app: gitea-db + serviceName: gitea-db + replicas: 1 + template: + metadata: + labels: + app: gitea-db + spec: + initContainers: + - name: init-cleanup + image: busybox + command: ["rm", "-rf", "/var/lib/postgresql/lost+found"] + volumeMounts: + - name: gitea-db + mountPath: /var/lib/postgresql + containers: + - name: gitea-db + image: postgres:18 + ports: + - containerPort: 5432 + env: + - name: POSTGRES_USER + value: "gitea" + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: gitea-db-secret + key: password + - name: POSTGRES_DB + value: "gitea" + volumeMounts: + - name: gitea-db + mountPath: /var/lib/postgresql + volumeClaimTemplates: + - metadata: + name: gitea-db + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: 2Gi + storageClassName: longhorn diff --git a/clusters/ipv6/git-ops/gitea/gitea-ingress.yml b/clusters/ipv6/git-ops/gitea/gitea-ingress.yml new file mode 100644 index 0000000..d420335 --- /dev/null +++ b/clusters/ipv6/git-ops/gitea/gitea-ingress.yml @@ -0,0 +1,27 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: gitea-ingress + namespace: arr-stack + annotations: + cert-manager.io/cluster-issuer: letsencrypt-cloudflare + traefik.ingress.kubernetes.io/router.middlewares: tools-authelia@kubernetescrd + traefik.ingress.kubernetes.io/router.entrypoints: websecure +spec: + ingressClassName: traefik + tls: + - hosts: + - gitea.akshun-lab.cc + secretName: gitea-tls + rules: + - host: gitea.akshun-lab.cc + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: gitea-int-service + port: + number: 3000 diff --git a/clusters/ipv6/git-ops/gitea/gitea-pvc.yml b/clusters/ipv6/git-ops/gitea/gitea-pvc.yml new file mode 100644 index 0000000..176f8e8 --- /dev/null +++ b/clusters/ipv6/git-ops/gitea/gitea-pvc.yml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: gitea-app-longhorn + namespace: git-ops +spec: + accessModes: + - ReadWriteOnce + volumeMode: Filesystem + resources: + requests: + storage: 2Gi + storageClassName: longhorn diff --git a/clusters/ipv6/git-ops/gitea/gitea-svc.yml b/clusters/ipv6/git-ops/gitea/gitea-svc.yml new file mode 100644 index 0000000..0bdc086 --- /dev/null +++ b/clusters/ipv6/git-ops/gitea/gitea-svc.yml @@ -0,0 +1,42 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: gitea-app + namespace: git-ops +spec: + type: LoadBalancer + selector: + app: gitea-app + ports: + - port: 222 + targetPort: 22 + name: ssh + +--- +apiVersion: v1 +kind: Service +metadata: + name: gitea-int-service + namespace: git-ops +spec: + selector: + app: gitea-app + ports: + - protocol: TCP + port: 3000 + targetPort: 3000 + +--- +apiVersion: v1 +kind: Service +metadata: + name: gitea-db + namespace: git-ops +spec: + ports: + - port: 5432 + targetPort: 5432 + selector: + app: gitea-db + clusterIP: None diff --git a/clusters/ipv6/git-ops/gitea/gitea.yml b/clusters/ipv6/git-ops/gitea/gitea.yml new file mode 100644 index 0000000..b8d4879 --- /dev/null +++ b/clusters/ipv6/git-ops/gitea/gitea.yml @@ -0,0 +1,67 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gitea-app + namespace: git-ops +spec: + strategy: + type: Recreate + replicas: 1 + selector: + matchLabels: + app: gitea-app + template: + metadata: + labels: + app: gitea-app + spec: + containers: + - name: gitea + image: gitea/gitea:1.25.3 + readinessProbe: + exec: + command: + - sh + - -c + - | + nc -z gitea-db.git-ops.svc.cluster.local 5432 + initialDelaySeconds: 5 + periodSeconds: 5 + failureThreshold: 3 + ports: + - containerPort: 22 + name: ssh + - containerPort: 3000 + name: http + env: + - name: USER_UID + value: "1000" + - name: USER_GID + value: "1000" + - name: GITEA__database__DB_TYPE + value: "postgres" + - name: GITEA__database__HOST + value: "gitea-db.git-ops.svc.cluster.local:5432" + - name: GITEA__database__NAME + value: "gitea" + - name: GITEA__database__USER + value: "gitea" + - name: GITEA__database__PASSWD + valueFrom: + secretKeyRef: + name: gitea-db-secret + key: password + volumeMounts: + - name: gitea-data + mountPath: /data + - name: localtime + mountPath: /etc/localtime + volumes: + - name: localtime + hostPath: + path: /etc/localtime + type: File + - name: gitea-data + persistentVolumeClaim: + claimName: gitea-app-longhorn