Initial commit
Signed-off-by: Charlie Drage <charlie@charliedrage.com>
This commit is contained in:
parent
9156c98a1a
commit
9061f0d470
|
@ -0,0 +1,6 @@
|
|||
dependencies:
|
||||
- name: mariadb
|
||||
repository: https://charts.bitnami.com
|
||||
version: 7.3.0
|
||||
digest: sha256:eac0df60131cc9aa4784d84693592d56c9f12ddf8272881b66c2cdcf34e305d7
|
||||
generated: "2019-12-09T16:07:28.17872647-05:00"
|
|
@ -0,0 +1,19 @@
|
|||
name: gitea
|
||||
version: 1.2.1
|
||||
apiVersion: v2
|
||||
appVersion: 1.9.3
|
||||
description: Git with a cup of tea
|
||||
icon: https://docs.gitea.io/images/gitea.png
|
||||
keywords:
|
||||
- git
|
||||
- issue tracker
|
||||
- code review
|
||||
- wiki
|
||||
- gitea
|
||||
- gogs
|
||||
sources:
|
||||
- https://github.com/go-gitea/gitea
|
||||
- https://hub.docker.com/r/gitea/gitea/
|
||||
maintainers:
|
||||
- name: Charlie Drage
|
||||
email: charlie@charliedrage.com
|
|
@ -0,0 +1,21 @@
|
|||
MIT License
|
||||
|
||||
Copyright (c) 2018 John Felten
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
190
README.md
190
README.md
|
@ -1,2 +1,188 @@
|
|||
# gitea-chart
|
||||
Gitea Helm Chart
|
||||
# Gitea
|
||||
|
||||
[Gitea](https://gitea.com/) is a lightweight GitHub clone. This is for those who wish to self host their own git repos on kubernetes.
|
||||
|
||||
This chart is based upon the work done by [@jfelten](https://github.com/jfelten/gitea-helm-chart)
|
||||
|
||||
## TLDR
|
||||
|
||||
```sh
|
||||
helm repo add cdrage https://charts.charliedrage.com
|
||||
helm install gitea cdrage/gitea
|
||||
```
|
||||
|
||||
## Introduction
|
||||
|
||||
This chart bootstraps both [Gitea](http://gitea.com) and MariaDB.
|
||||
|
||||
In this chart, the following are ran:
|
||||
- Gitea
|
||||
- Memcached
|
||||
- Mariadb
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes 1.12+
|
||||
- Helm 3.0+
|
||||
- PV provisioner for persistent data support
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
By default, we use ingress to expose the service.
|
||||
|
||||
To install WITHOUT persistent storage / development:
|
||||
|
||||
```bash
|
||||
helm repo add cdrage https://charts.charliedrage.com
|
||||
helm install gitea cdrage/gitea
|
||||
```
|
||||
|
||||
For production / installing with persistent data:
|
||||
|
||||
```sh
|
||||
helm show values cdrage/gitea > values.yaml
|
||||
vim values.yaml # Edit to enable persistent storage
|
||||
helm install gitea cdrage/gitea -f values.yaml
|
||||
```
|
||||
|
||||
### Database Configuration
|
||||
|
||||
By default, we will launch a Mariadb database:
|
||||
|
||||
```yaml
|
||||
mariadb:
|
||||
enabled: true
|
||||
```
|
||||
|
||||
To use an external database, disable the in-pod database and fill in the "externalDB" values:
|
||||
|
||||
```yaml
|
||||
mariadb:
|
||||
enabled: false
|
||||
|
||||
#Connect to an external database
|
||||
externalDB:
|
||||
dbUser: "postgres"
|
||||
dbPassword: "<MY_PASSWORD>"
|
||||
dbHost: "db-service-name.namespace.svc.cluster.local" # or some external host
|
||||
dbPort: "5432"
|
||||
dbDatabase: "gitea"
|
||||
```
|
||||
|
||||
## Persistent Data
|
||||
|
||||
By default, persistent data is not enabled and thus you'll have to enable it from within the `values.yaml`.
|
||||
|
||||
Unless otherwise set to true, data will be deleted when the Pod is restarted.
|
||||
|
||||
To prevent data loss, we will enable persistent data.
|
||||
|
||||
First, enable persistency:
|
||||
|
||||
```yaml
|
||||
persistence:
|
||||
enabled: true
|
||||
```
|
||||
|
||||
|
||||
If you wish for helm **NOT** to replace data when re-deploying (updating the chart), add the `resource-policy` annotation:
|
||||
|
||||
```yaml
|
||||
persistence:
|
||||
annotations:
|
||||
"helm.sh/resource-policy": keep
|
||||
```
|
||||
|
||||
To use a previously created PVC / volume, use the following:
|
||||
|
||||
```yaml
|
||||
existingGiteaClaim: gitea-gitea
|
||||
```
|
||||
|
||||
## Ingress And External Host/Ports
|
||||
|
||||
Gitea requires ports to be exposed for accessibility. The recommended way is using **ingress**, however, you can supply `LoadBalancer` to your values alternatively.
|
||||
|
||||
By default, we expose via an ingress:
|
||||
|
||||
To expose via an ingress:
|
||||
|
||||
```yaml
|
||||
ingress:
|
||||
enabled: true
|
||||
```
|
||||
|
||||
To expose the web application this chart will generate an ingress using the ingress controller of choice if specified. If an ingress is enabled services.http.externalHost must be specified. To expose SSH services it relies on either a LoadBalancer or NodePort.
|
||||
|
||||
## Upgrading
|
||||
|
||||
When upgrading, make sure you have the following enabled:
|
||||
|
||||
- Persistency for both mariadb + Gitea
|
||||
- Using `existingGiteaClaim`
|
||||
- Due to using the [bitnami/mariadb](https://github.com/helm/charts/tree/master/stable/mariadb) chart, make sure to HARDCODE your passwords within `values.yaml`. Or else you'll be unable to update mariadb
|
||||
|
||||
## Configuration
|
||||
|
||||
Refer to [values.yaml](values.yaml) for the full run-down on defaults.
|
||||
|
||||
The following table lists the configurable parameters of this chart and their default values.
|
||||
|
||||
| Parameter | Description | Default |
|
||||
|---------------------------------------|------------------------------------------------------------------------------------------------------------------------------|---------------------------|
|
||||
| `images.gitea` | `gitea` image | `gitea/gitea:1.9.3` |
|
||||
| `images.memcached` | `memcached` image | `memcached:1.5.19-alpine` |
|
||||
| `images.pullPolicy` | Image pull policy | `IfNotPresent` |
|
||||
| `images.pullSecrets` | Specify an array of pull secrets | `[]` |
|
||||
| `memcached.maxItemMemory` | Max item memory | `64` |
|
||||
| `memcached.verbosity` | Verbosity | `v` |
|
||||
| `memcached.extendedOptions` | Extended options for memcached | `modern` |
|
||||
| `ingress.enabled` | Switch to create ingress for this chart deployment | `true` |
|
||||
| `ingress.hostname ` | Hostname to be used for the ingress | `gitea.local` |
|
||||
| `ingress.certManager` | Asks if we want to use cert-manager or not (let's encrypt, etc.) | `true` |
|
||||
| `ingress.annotations` | Annotations used by the ingress | `[]` |
|
||||
| `ingress.hosts ` | Additional hosts to be used by the ingress | `[]` |
|
||||
| `ingress.tls ` | TLS secret keys to be used with Gitea | `[]` |
|
||||
| `service.http.serviceType` | type of kubernetes services used for http i.e. ClusterIP, NodePort or LoadBalancer | `ClusterIP` |
|
||||
| `service.http.port` | http port for web traffic | `3000` |
|
||||
| `service.http.NodePort` | Manual NodePort for web traffic | `nil` |
|
||||
| `service.http.externalPort` | Port exposed on the internet by a load balancer or firewall that redirects to the ingress or NodePort | `8280` |
|
||||
| `service.http.externalHost` | IP or DNS name exposed on the internet by a load balancer or firewall that redirects to the ingress or Node for http traffic | `gitea.local` |
|
||||
| `service.ssh.serviceType` | type of kubernetes services used for ssh i.e. ClusterIP, NodePort or LoadBalancer | `ClusterIP` |
|
||||
| `service.ssh.port` | http port for web traffic | `22` |
|
||||
| `service.ssh.NodePort` | Manual NodePort for ssh traffic | `nil` |
|
||||
| `service.ssh.externalPort` | Port exposed on the internet by a load balancer or firewall that redirects to the ingress or NodePort | `nil` |
|
||||
| `service.ssh.externalHost` | IP or DNS name exposed on the internet by a load balancer or firewall that redirects to the ingress or Node for http traffic | `gitea.local` |
|
||||
| `resources.gitea.requests.memory` | gitea container memory request | `500Mi` |
|
||||
| `resources.gitea.requests.cpu` | gitea container request cpu | `1000m` |
|
||||
| `resources.gitea.limits.memory` | gitea container memory limits | `2Gi` |
|
||||
| `resources.gitea.limits.cpu` | gitea container CPU/Memory resource requests/limits | `1` |
|
||||
| `resources.memcached.requests.memory` | memcached container memory request | `64Mi` |
|
||||
| `resources.memcached.requests.cpu` | memcached container request cpu | `50m` |
|
||||
| `persistence.enabled` | Create PVCs to store gitea data | `false` |
|
||||
| `persistence.existingGiteaClaim` | Already existing PVC that should be used for gitea data. | `nil` |
|
||||
| `persistence.giteaSize` | Size of gitea pvc to create | `10Gi` |
|
||||
| `persistence.annotations` | Annotations to set on created PVCs | `nil` |
|
||||
| `persistence.storageClass` | NStorageClass to use for dynamic provision if not 'default' | `nil` |
|
||||
| `mariadb.enabled` | Enable or diable mariadb | `true` |
|
||||
| `mariadb.replication.enabled` | Enable or diable replication | `false` |
|
||||
| `mariadb.db.name` | Default name | `gitea` |
|
||||
| `mariadb.db.user` | Default user | `gitea` |
|
||||
| `mariadb.persistence.enabled` | Enable or diable persistence | `true` |
|
||||
| `mariadb.persistence.accessMode` | What access mode to use | `ReadWriteOnce` |
|
||||
| `mariadb.persistence.size` | What size of database to use | `8Gi` |
|
||||
| `externalDB.dbUser` | external db user | ` unset` |
|
||||
| `externalDB.dbPassword` | external db password | ` unset` |
|
||||
| `externalDB.dbHost` | external db host | ` unset` |
|
||||
| `externalDB.dbPort` | external db port | ` unset` |
|
||||
| `externalDB.dbDatabase` | external db database name | ` unset` |
|
||||
| `config.disableInstaller` | Disable the installer | `false` |
|
||||
| `config.offlineMode` | Sets Gitea's Offline Mode. Values are `true` or `false`. | `false` |
|
||||
| `config.requireSignin` | Require Gitea user to be signed in to see any pages. Values are `true` or `false`. | `false` |
|
||||
| `config.disableRegistration` | Disable Gitea's user registration. Values are `true` or `false`. | `false` |
|
||||
| `config.openidSignin` | Allow login with OpenID. Values are `true` or `false`. | `true` |
|
||||
| `nodeSelector` | Node to be selected | `{}` |
|
||||
| `affinity` | Affinity settings for pod assignment | `{}` |
|
||||
| `tolerations` | Toleration labels for pod assignment | `[]` |
|
||||
| `deploymentAnnotations` | Deployment annotations to be used | `{}` |
|
||||
| `podAnnotations` | Pod deployment annotations to be used | `{}` |
|
||||
|
|
Binary file not shown.
|
@ -0,0 +1,7 @@
|
|||
dependencies:
|
||||
- name: mariadb
|
||||
version: 7.3.0
|
||||
repository: https://charts.bitnami.com
|
||||
condition: mariadb.enabled
|
||||
tags:
|
||||
- mariadb
|
|
@ -0,0 +1,45 @@
|
|||
1. Connect to your Gitea web URL by running:
|
||||
|
||||
{{- if .Values.ingress.enabled }}
|
||||
|
||||
Ingress is enabled for this chart deployment. Please access the web UI at {{ .Values.ingress.hostname }}
|
||||
|
||||
{{- else if contains "NodePort" .Values.service.http.serviceType }}
|
||||
|
||||
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
|
||||
echo http://$NODE_IP/
|
||||
|
||||
{{- else if contains "LoadBalancer" .Values.service.http.serviceType }}
|
||||
|
||||
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
|
||||
Watch the status with: 'kubectl get svc -w {{ template "fullname" . }}http'
|
||||
|
||||
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "fullname" . }}http -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
|
||||
echo http://$SERVICE_IP/
|
||||
{{- else if contains "ClusterIP" .Values.service.http.serviceType }}
|
||||
|
||||
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "fullname" . }}" -o jsonpath="{.items[0].metadata.name}")
|
||||
echo http://127.0.0.1:8080/
|
||||
kubectl port-forward $POD_NAME 8080:80
|
||||
{{- end }}
|
||||
|
||||
2. Connect to your Gitea ssh port:
|
||||
|
||||
{{- if contains "NodePort" .Values.service.ssh.serviceType }}
|
||||
|
||||
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
|
||||
echo http://$NODE_IP/
|
||||
|
||||
{{- else if contains "LoadBalancer" .Values.service.ssh.serviceType }}
|
||||
|
||||
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
|
||||
Watch the status with: 'kubectl get svc -w {{ template "fullname" . }}ssh'
|
||||
|
||||
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "fullname" . }}ssh -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
|
||||
echo http://$SERVICE_IP/
|
||||
{{- else if contains "ClusterIP" .Values.service.ssh.serviceType }}
|
||||
|
||||
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "fullname" . }}" -o jsonpath="{.items[0].metadata.name}")
|
||||
echo http://127.0.0.1:8080/
|
||||
kubectl port-forward $POD_NAME 8022:22
|
||||
{{- end }}
|
|
@ -0,0 +1,31 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 24 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "fullname" -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 24 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "mariadb.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "mariadb" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the appropriate apiVersion for ingress.
|
||||
*/}}
|
||||
{{- define "gitea.ingress.apiVersion" -}}
|
||||
{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
{{- print "extensions/v1beta1" -}}
|
||||
{{- else -}}
|
||||
{{- print "networking.k8s.io/v1beta1" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,45 @@
|
|||
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ template "fullname" . }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
spec:
|
||||
containers:
|
||||
{{ include "gitea" . | indent 6 }}
|
||||
{{ include "memcached" . | indent 6 }}
|
||||
initContainers:
|
||||
{{ include "init" . | indent 6 }}
|
||||
volumes:
|
||||
- name: gitea-data
|
||||
{{- if .Values.persistence.enabled }}
|
||||
{{- if .Values.persistence.directGiteaVolumeMount }}
|
||||
{{ tpl .Values.persistence.directGiteaVolumeMount . | indent 8 }}
|
||||
{{- else }}
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.persistence.existingGiteaClaim | default (include "fullname" .) }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
emptyDir: {}
|
||||
{{- end }}
|
||||
- name: gitea-config
|
||||
configMap:
|
||||
name: {{ template "fullname" . }}
|
||||
|
||||
{{- if .Values.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
- name: {{ .Values.imagePullSecrets }}
|
||||
{{- end }}
|
|
@ -0,0 +1,46 @@
|
|||
{{/*
|
||||
Create helm partial for gitea server
|
||||
*/}}
|
||||
{{- define "gitea" }}
|
||||
- name: gitea
|
||||
image: {{ .Values.images.gitea }}
|
||||
imagePullPolicy: {{ .Values.images.pullPolicy }}
|
||||
env:
|
||||
- name: DATABASE_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.mariadb.enabled }}
|
||||
name: {{ template "mariadb.fullname" . }}
|
||||
key: mariadb-password
|
||||
{{- else }}
|
||||
name: {{ printf "%s-%s" .Release.Name "externaldb" }}
|
||||
key: db-password
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: ssh
|
||||
containerPort: {{ .Values.service.ssh.port }}
|
||||
- name: http
|
||||
containerPort: {{ .Values.service.http.port }}
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: http
|
||||
initialDelaySeconds: 200
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
failureThreshold: 10
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: http
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
failureThreshold: 3
|
||||
resources:
|
||||
{{ toYaml .Values.resources.gitea | indent 10 }}
|
||||
volumeMounts:
|
||||
- name: gitea-data
|
||||
mountPath: /data
|
||||
- name: gitea-config
|
||||
mountPath: /etc/gitea
|
||||
{{- end }}
|
|
@ -0,0 +1,725 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
data:
|
||||
app.ini: |-
|
||||
; This file lists the default values used by Gitea
|
||||
; Copy required sections to your own app.ini (default is custom/conf/app.ini)
|
||||
; and modify as needed.
|
||||
|
||||
; see https://docs.gitea.io/en-us/config-cheat-sheet/ for additional documentation.
|
||||
|
||||
; App name that shows in every page title
|
||||
APP_NAME = Gitea: Git with a cup of tea
|
||||
; Change it if you run locally
|
||||
RUN_USER = git
|
||||
; Either "dev", "prod" or "test", default is "dev"
|
||||
RUN_MODE = dev
|
||||
|
||||
[repository]
|
||||
ROOT =
|
||||
SCRIPT_TYPE = bash
|
||||
; Default ANSI charset
|
||||
ANSI_CHARSET =
|
||||
; Force every new repository to be private
|
||||
FORCE_PRIVATE = false
|
||||
; Default privacy setting when creating a new repository, allowed values: last, private, public. Default is last which means the last setting used.
|
||||
DEFAULT_PRIVATE = last
|
||||
; Global limit of repositories per user, applied at creation time. -1 means no limit
|
||||
MAX_CREATION_LIMIT = -1
|
||||
; Mirror sync queue length, increase if mirror syncing starts hanging
|
||||
MIRROR_QUEUE_LENGTH = 1000
|
||||
; Patch test queue length, increase if pull request patch testing starts hanging
|
||||
PULL_REQUEST_QUEUE_LENGTH = 1000
|
||||
; Preferred Licenses to place at the top of the List
|
||||
; The name here must match the filename in conf/license or custom/conf/license
|
||||
PREFERRED_LICENSES = Apache License 2.0,MIT License
|
||||
; Disable the ability to interact with repositories using the HTTP protocol
|
||||
DISABLE_HTTP_GIT = false
|
||||
; Force ssh:// clone url instead of scp-style uri when default SSH port is used
|
||||
USE_COMPAT_SSH_URI = false
|
||||
|
||||
[repository.editor]
|
||||
; List of file extensions for which lines should be wrapped in the CodeMirror editor
|
||||
; Separate extensions with a comma. To line wrap files without an extension, just put a comma
|
||||
LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd,
|
||||
; Valid file modes that have a preview API associated with them, such as api/v1/markdown
|
||||
; Separate the values by commas. The preview tab in edit mode won't be displayed if the file extension doesn't match
|
||||
PREVIEWABLE_FILE_MODES = markdown
|
||||
|
||||
[repository.local]
|
||||
; Path for local repository copy. Defaults to `tmp/local-repo`
|
||||
LOCAL_COPY_PATH = tmp/local-repo
|
||||
; Path for local wiki copy. Defaults to `tmp/local-wiki`
|
||||
LOCAL_WIKI_PATH = tmp/local-wiki
|
||||
|
||||
[repository.upload]
|
||||
; Whether repository file uploads are enabled. Defaults to `true`
|
||||
ENABLED = true
|
||||
; Path for uploads. Defaults to `data/tmp/uploads` (tmp gets deleted on gitea restart)
|
||||
TEMP_PATH = data/tmp/uploads
|
||||
; One or more allowed types, e.g. image/jpeg|image/png. Nothing means any file type
|
||||
ALLOWED_TYPES =
|
||||
; Max size of each file in megabytes. Defaults to 3MB
|
||||
FILE_MAX_SIZE = 3
|
||||
; Max number of files per upload. Defaults to 5
|
||||
MAX_FILES = 5
|
||||
|
||||
[repository.pull-request]
|
||||
; List of prefixes used in Pull Request title to mark them as Work In Progress
|
||||
WORK_IN_PROGRESS_PREFIXES=WIP:,[WIP]
|
||||
|
||||
[ui]
|
||||
; Number of repositories that are displayed on one explore page
|
||||
EXPLORE_PAGING_NUM = 20
|
||||
; Number of issues that are displayed on one page
|
||||
ISSUE_PAGING_NUM = 10
|
||||
; Number of maximum commits displayed in one activity feed
|
||||
FEED_MAX_COMMIT_NUM = 5
|
||||
; Number of maximum commits displayed in commit graph.
|
||||
GRAPH_MAX_COMMIT_NUM = 100
|
||||
; Number of line of codes shown for a code comment
|
||||
CODE_COMMENT_LINES = 4
|
||||
; Value of `theme-color` meta tag, used by Android >= 5.0
|
||||
; An invalid color like "none" or "disable" will have the default style
|
||||
; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android
|
||||
THEME_COLOR_META_TAG = `#6cc644`
|
||||
; Max size of files to be displayed (default is 8MiB)
|
||||
MAX_DISPLAY_FILE_SIZE = 8388608
|
||||
; Whether the email of the user should be shown in the Explore Users page
|
||||
SHOW_USER_EMAIL = true
|
||||
; Set the default theme for the Gitea install
|
||||
DEFAULT_THEME = gitea
|
||||
|
||||
|
||||
[ui.admin]
|
||||
; Number of users that are displayed on one page
|
||||
USER_PAGING_NUM = 50
|
||||
; Number of repos that are displayed on one page
|
||||
REPO_PAGING_NUM = 50
|
||||
; Number of notices that are displayed on one page
|
||||
NOTICE_PAGING_NUM = 25
|
||||
; Number of organizations that are displayed on one page
|
||||
ORG_PAGING_NUM = 50
|
||||
|
||||
[ui.user]
|
||||
; Number of repos that are displayed on one page
|
||||
REPO_PAGING_NUM = 15
|
||||
|
||||
[ui.meta]
|
||||
AUTHOR = Gitea - Git with a cup of tea
|
||||
DESCRIPTION = Gitea (Git with a cup of tea) is a painless self-hosted Git service written in Go
|
||||
KEYWORDS = go,git,self-hosted,gitea
|
||||
|
||||
[markdown]
|
||||
; Enable hard line break extension
|
||||
ENABLE_HARD_LINE_BREAK = false
|
||||
; List of custom URL-Schemes that are allowed as links when rendering Markdown
|
||||
; for example git,magnet
|
||||
CUSTOM_URL_SCHEMES =
|
||||
; List of file extensions that should be rendered/edited as Markdown
|
||||
; Separate the extensions with a comma. To render files without any extension as markdown, just put a comma
|
||||
FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd
|
||||
|
||||
[server]
|
||||
; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'.
|
||||
|
||||
; PROTOCOL hardcoded to http since tls is delegated to ingress
|
||||
PROTOCOL = http
|
||||
{{- if .Values.service.http.externalHost }}
|
||||
DOMAIN = {{ .Values.service.http.externalHost }}
|
||||
{{- else if .Values.ingress.enabled }}
|
||||
DOMAIN = {{ .Values.ingress.hostname }}
|
||||
{{- else }}
|
||||
DOMAIN = {{ template "fullname" . }}-http.{{ .Release.Namespace }}.svc.cluster.local
|
||||
{{- end -}}
|
||||
{{ if .Values.ingress.tls }}
|
||||
{{- $proto := set . "proto" "https" }}
|
||||
{{- else -}}
|
||||
{{- $proto := set . "proto" "http" }}
|
||||
{{- end -}}
|
||||
{{- if and .Values.service.http.externalHost ( .Values.service.http.externalPort ) }}
|
||||
ROOT_URL = {{ .proto }}://{{ .Values.service.http.externalHost }}:{{ .Values.service.http.externalPort }}/
|
||||
{{- else if .Values.service.http.externalHost }}
|
||||
ROOT_URL = {{ .proto }}://{{ .Values.service.http.externalHost }}/
|
||||
{{- else if .Values.ingress.enabled }}
|
||||
ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s
|
||||
{{- else }}
|
||||
ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
|
||||
{{- end -}}
|
||||
; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
|
||||
HTTP_ADDR = 0.0.0.0
|
||||
HTTP_PORT = {{ .Values.service.http.port }}
|
||||
; If REDIRECT_OTHER_PORT is true, and PROTOCOL is set to https an http server
|
||||
; will be started on PORT_TO_REDIRECT and it will redirect plain, non-secure http requests to the main
|
||||
; ROOT_URL. Defaults are false for REDIRECT_OTHER_PORT and 80 for
|
||||
; PORT_TO_REDIRECT.
|
||||
REDIRECT_OTHER_PORT = false
|
||||
PORT_TO_REDIRECT = 80
|
||||
; Permission for unix socket
|
||||
UNIX_SOCKET_PERMISSION = 666
|
||||
; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
|
||||
; In most cases you do not need to change the default value.
|
||||
; Alter it only if your SSH server node is not the same as HTTP node.
|
||||
; Do not set this variable if PROTOCOL is set to 'unix'.
|
||||
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
|
||||
; Disable SSH feature when not available
|
||||
DISABLE_SSH = false
|
||||
; Whether to use the builtin SSH server or not.
|
||||
START_SSH_SERVER = false
|
||||
; Username to use for the builtin SSH server. If blank, then it is the value of RUN_USER.
|
||||
BUILTIN_SSH_SERVER_USER =
|
||||
; Domain name to be exposed in clone URL
|
||||
{{- if .Values.service.ssh.externalHost }}
|
||||
SSH_DOMAIN = {{ .Values.service.ssh.externalHost }}
|
||||
{{- else }}
|
||||
SSH_DOMAIN = {{ template "fullname" . }}-ssh.{{ .Release.Namespace }}.svc.cluster.local
|
||||
{{- end }}
|
||||
; THe network interface the builtin SSH server should listen on
|
||||
SSH_LISTEN_HOST =
|
||||
; Port number to be exposed in clone URL
|
||||
{{- if .Values.service.ssh.externalPort }}
|
||||
SSH_PORT = {{ .Values.service.ssh.externalPort }}
|
||||
{{- else }}
|
||||
SSH_PORT = {{ .Values.service.ssh.port }}
|
||||
{{- end }}
|
||||
; The port number the builtin SSH server should listen on
|
||||
SSH_LISTEN_PORT = {{ .Values.service.ssh.port }}
|
||||
; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
|
||||
SSH_ROOT_PATH =
|
||||
; Gitea will create a authorized_keys file by default when it is not using the internal ssh server
|
||||
; If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
|
||||
SSH_CREATE_AUTHORIZED_KEYS_FILE = true
|
||||
; For the built-in SSH server, choose the ciphers to support for SSH connections,
|
||||
; for system SSH this setting has no effect
|
||||
SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
|
||||
; For the built-in SSH server, choose the key exchange algorithms to support for SSH connections,
|
||||
; for system SSH this setting has no effect
|
||||
SSH_SERVER_KEY_EXCHANGES = diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256@libssh.org
|
||||
; For the built-in SSH server, choose the MACs to support for SSH connections,
|
||||
; for system SSH this setting has no effect
|
||||
SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1, hmac-sha1-96
|
||||
; Directory to create temporary files in when testing public keys using ssh-keygen,
|
||||
; default is the system temporary directory.
|
||||
SSH_KEY_TEST_PATH =
|
||||
; Path to ssh-keygen, default is 'ssh-keygen' which means the shell is responsible for finding out which one to call.
|
||||
SSH_KEYGEN_PATH = ssh-keygen
|
||||
; Enable SSH Authorized Key Backup when rewriting all keys, default is true
|
||||
SSH_BACKUP_AUTHORIZED_KEYS = true
|
||||
; Enable exposure of SSH clone URL to anonymous visitors, default is false
|
||||
SSH_EXPOSE_ANONYMOUS = false
|
||||
; Indicate whether to check minimum key size with corresponding type
|
||||
MINIMUM_KEY_SIZE_CHECK = false
|
||||
; Disable CDN even in "prod" mode
|
||||
OFFLINE_MODE = {{ .Values.config.offlineMode }}
|
||||
DISABLE_ROUTER_LOG = false
|
||||
; Generate steps:
|
||||
; $ ./gitea cert -ca=true -duration=8760h0m0s -host=myhost.example.com
|
||||
;
|
||||
; Or from a .pfx file exported from the Windows certificate store (do
|
||||
; not forget to export the private key):
|
||||
; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
|
||||
; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
|
||||
CERT_FILE = custom/https/cert.pem
|
||||
KEY_FILE = custom/https/key.pem
|
||||
; Root directory containing templates and static files.
|
||||
; default is the path where Gitea is executed
|
||||
STATIC_ROOT_PATH =
|
||||
; Default path for App data
|
||||
APP_DATA_PATH = data
|
||||
; Application level GZIP support
|
||||
ENABLE_GZIP = false
|
||||
; Application profiling (memory and cpu)
|
||||
; For "web" command it listens on localhost:6060
|
||||
; For "serve" command it dumps to disk at PPROF_DATA_PATH as (cpuprofile|memprofile)_<username>_<temporary id>
|
||||
ENABLE_PPROF = false
|
||||
; PPROF_DATA_PATH, use an absolute path when you start gitea as service
|
||||
PPROF_DATA_PATH = data/tmp/pprof
|
||||
; Landing page, can be "home", "explore", or "organizations"
|
||||
LANDING_PAGE = home
|
||||
; Enables git-lfs support. true or false, default is false.
|
||||
LFS_START_SERVER = false
|
||||
; Where your lfs files reside, default is data/lfs.
|
||||
LFS_CONTENT_PATH = data/lfs
|
||||
; LFS authentication secret, change this yourself
|
||||
LFS_JWT_SECRET =
|
||||
; LFS authentication validity period (in time.Duration), pushes taking longer than this may fail.
|
||||
LFS_HTTP_AUTH_EXPIRY = 20m
|
||||
|
||||
|
||||
; Define allowed algorithms and their minimum key length (use -1 to disable a type)
|
||||
[ssh.minimum_key_sizes]
|
||||
ED25519 = 256
|
||||
ECDSA = 256
|
||||
RSA = 2048
|
||||
DSA = 1024
|
||||
|
||||
[database]
|
||||
{{ if .Values.externalDB }}
|
||||
; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
|
||||
DB_TYPE = {{ .Values.dbType }}
|
||||
HOST = {{ .Values.externalDB.dbHost }}:{{ .Values.externalDB.dbPort }}
|
||||
NAME = {{ .Values.externalDB.dbDatabase }}
|
||||
USER = {{ .Values.externalDB.dbUser }}
|
||||
PASSWD = {{ .Values.externalDB.dbPassword }}
|
||||
{{ else if .Values.mariadb.enabled }}
|
||||
; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
|
||||
DB_TYPE = mysql
|
||||
HOST = {{ template "mariadb.fullname" . }}:3306
|
||||
NAME = {{ .Values.mariadb.db.name }}
|
||||
USER = {{ .Values.mariadb.db.user }}
|
||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||
{{ if .Values.mariadb.password }}
|
||||
PASSWD = {{ .Values.mariadb.db.password }}
|
||||
{{ else }}
|
||||
PASSWD = MARIADB_PASSWORD
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
; For "postgres" only, either "disable", "require" or "verify-full"
|
||||
SSL_MODE = disable
|
||||
; For "sqlite3" and "tidb", use an absolute path when you start gitea as service
|
||||
PATH = data/gitea.db
|
||||
; For "sqlite3" only. Query timeout
|
||||
SQLITE_TIMEOUT = 500
|
||||
; For iterate buffer, default is 50
|
||||
ITERATE_BUFFER_SIZE = 50
|
||||
; Show the database generated SQL
|
||||
LOG_SQL = true
|
||||
|
||||
[indexer]
|
||||
ISSUE_INDEXER_PATH = indexers/issues.bleve
|
||||
; repo indexer by default disabled, since it uses a lot of disk space
|
||||
REPO_INDEXER_ENABLED = false
|
||||
REPO_INDEXER_PATH = indexers/repos.bleve
|
||||
UPDATE_BUFFER_LEN = 20
|
||||
MAX_FILE_SIZE = 1048576
|
||||
|
||||
[admin]
|
||||
; Disallow regular (non-admin) users from creating organizations.
|
||||
DISABLE_REGULAR_ORG_CREATION = false
|
||||
|
||||
[security]
|
||||
; Whether the installer is disabled
|
||||
INSTALL_LOCK = {{ .Values.config.disableInstaller }}
|
||||
; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
|
||||
{{ if .Values.config.secretKey }}
|
||||
SECRET_KEY = {{ .Values.config.secretKey }}
|
||||
{{ else }}
|
||||
SECRET_KEY = {{ randAlphaNum 64 | quote }}
|
||||
{{ end }}
|
||||
|
||||
|
||||
; How long to remember that an user is logged in before requiring relogin (in days)
|
||||
LOGIN_REMEMBER_DAYS = 7
|
||||
COOKIE_USERNAME = gitea_awesome
|
||||
COOKIE_REMEMBER_NAME = gitea_incredible
|
||||
; Reverse proxy authentication header name of user name
|
||||
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
|
||||
; The minimum password length for new Users
|
||||
MIN_PASSWORD_LENGTH = 6
|
||||
; Set to true to allow users to import local server paths
|
||||
IMPORT_LOCAL_PATHS = false
|
||||
; Set to true to prevent all users (including admin) from creating custom git hooks
|
||||
DISABLE_GIT_HOOKS = false
|
||||
|
||||
[openid]
|
||||
;
|
||||
; OpenID is an open, standard and decentralized authentication protocol.
|
||||
; Your identity is the address of a webpage you provide, which describes
|
||||
; how to prove you are in control of that page.
|
||||
;
|
||||
; For more info: https://en.wikipedia.org/wiki/OpenID
|
||||
;
|
||||
; Current implementation supports OpenID-2.0
|
||||
;
|
||||
; Tested to work providers at the time of writing:
|
||||
; - Any GNUSocial node (your.hostname.tld/username)
|
||||
; - Any SimpleID provider (http://simpleid.koinic.net)
|
||||
; - http://openid.org.cn/
|
||||
; - openid.stackexchange.com
|
||||
; - login.launchpad.net
|
||||
; - <username>.livejournal.com
|
||||
;
|
||||
; Whether to allow signin in via OpenID
|
||||
ENABLE_OPENID_SIGNIN = {{ .Values.config.openidSignin }}
|
||||
; Whether to allow registering via OpenID
|
||||
; Do not include to rely on rhw DISABLE_REGISTRATION setting
|
||||
;ENABLE_OPENID_SIGNUP = true
|
||||
; Allowed URI patterns (POSIX regexp).
|
||||
; Space separated.
|
||||
; Only these would be allowed if non-blank.
|
||||
; Example value: trusted.domain.org trusted.domain.net
|
||||
WHITELISTED_URIS =
|
||||
; Forbidden URI patterns (POSIX regexp).
|
||||
; Space separated.
|
||||
; Only used if WHITELISTED_URIS is blank.
|
||||
; Example value: loadaverage.org/badguy stackexchange.com/.*spammer
|
||||
BLACKLISTED_URIS =
|
||||
|
||||
[service]
|
||||
; Time limit to confirm account/email registration
|
||||
ACTIVE_CODE_LIVE_MINUTES = 180
|
||||
; Time limit to perform the reset of a forgotten password
|
||||
RESET_PASSWD_CODE_LIVE_MINUTES = 180
|
||||
; Whether a new user needs to confirm their email when registering.
|
||||
REGISTER_EMAIL_CONFIRM = false
|
||||
; List of domain names that are allowed to be used to register on a Gitea instance
|
||||
; gitea.io,example.com
|
||||
EMAIL_DOMAIN_WHITELIST=
|
||||
; Disallow registration, only allow admins to create accounts.
|
||||
DISABLE_REGISTRATION = {{ .Values.config.disableRegistration }}
|
||||
; Allow registration only using third-party services, it works only when DISABLE_REGISTRATION is false
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
||||
; User must sign in to view anything.
|
||||
REQUIRE_SIGNIN_VIEW = {{ .Values.config.requireSignin }}
|
||||
; Mail notification
|
||||
ENABLE_NOTIFY_MAIL = false
|
||||
; More detail: https://github.com/gogits/gogs/issues/165
|
||||
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
|
||||
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
|
||||
; Enable captcha validation for registration
|
||||
ENABLE_CAPTCHA = false
|
||||
; Type of captcha you want to use. Options: image, recaptcha
|
||||
CAPTCHA_TYPE = image
|
||||
; Enable recaptcha to use Google's recaptcha service
|
||||
; Go to https://www.google.com/recaptcha/admin to sign up for a key
|
||||
RECAPTCHA_SECRET =
|
||||
RECAPTCHA_SITEKEY =
|
||||
; Default value for KeepEmailPrivate
|
||||
; Each new user will get the value of this setting copied into their profile
|
||||
DEFAULT_KEEP_EMAIL_PRIVATE = false
|
||||
; Default value for AllowCreateOrganization
|
||||
; Every new user will have rights set to create organizations depending on this setting
|
||||
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
|
||||
; Default value for EnableDependencies
|
||||
; Repositories will use dependencies by default depending on this setting
|
||||
DEFAULT_ENABLE_DEPENDENCIES = true
|
||||
; Enable heatmap on users profiles.
|
||||
ENABLE_USER_HEATMAP = true
|
||||
; Enable Timetracking
|
||||
ENABLE_TIMETRACKING = true
|
||||
; Default value for EnableTimetracking
|
||||
; Repositories will use timetracking by default depending on this setting
|
||||
DEFAULT_ENABLE_TIMETRACKING = true
|
||||
; Default value for AllowOnlyContributorsToTrackTime
|
||||
; Only users with write permissions can track time if this is true
|
||||
DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true
|
||||
; Default value for the domain part of the user's email address in the git log
|
||||
; if he has set KeepEmailPrivate to true. The user's email will be replaced with a
|
||||
; concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.
|
||||
NO_REPLY_ADDRESS = noreply.example.org
|
||||
|
||||
[webhook]
|
||||
; Hook task queue length, increase if webhook shooting starts hanging
|
||||
QUEUE_LENGTH = 1000
|
||||
; Deliver timeout in seconds
|
||||
DELIVER_TIMEOUT = 5
|
||||
; Allow insecure certification
|
||||
SKIP_TLS_VERIFY = false
|
||||
; Number of history information in each page
|
||||
PAGING_NUM = 10
|
||||
|
||||
[mailer]
|
||||
ENABLED = false
|
||||
; Buffer length of channel, keep it as it is if you don't know what it is.
|
||||
SEND_BUFFER_LEN = 100
|
||||
; Name displayed in mail title
|
||||
SUBJECT = %(APP_NAME)s
|
||||
; Mail server
|
||||
; Gmail: smtp.gmail.com:587
|
||||
; QQ: smtp.qq.com:465
|
||||
; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
|
||||
HOST =
|
||||
; Disable HELO operation when hostnames are different.
|
||||
DISABLE_HELO =
|
||||
; Custom hostname for HELO operation, if no value is provided, one is retrieved from system.
|
||||
HELO_HOSTNAME =
|
||||
; Do not verify the certificate of the server. Only use this for self-signed certificates
|
||||
SKIP_VERIFY =
|
||||
; Use client certificate
|
||||
USE_CERTIFICATE = false
|
||||
CERT_FILE = custom/mailer/cert.pem
|
||||
KEY_FILE = custom/mailer/key.pem
|
||||
; Should SMTP connection use TLS
|
||||
IS_TLS_ENABLED = false
|
||||
; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
|
||||
FROM =
|
||||
; Mailer user name and password
|
||||
USER =
|
||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||
PASSWD =
|
||||
; Send mails as plain text
|
||||
SEND_AS_PLAIN_TEXT = false
|
||||
; Enable sendmail (override SMTP)
|
||||
USE_SENDMAIL = false
|
||||
; Specify an alternative sendmail binary
|
||||
SENDMAIL_PATH = sendmail
|
||||
; Specify any extra sendmail arguments
|
||||
SENDMAIL_ARGS =
|
||||
|
||||
[cache]
|
||||
; Either "memory", "redis", or "memcache", default is "memory"
|
||||
ADAPTER = memcache
|
||||
; For "memory" only, GC interval in seconds, default is 60
|
||||
INTERVAL = 60
|
||||
; For "redis" and "memcache", connection host address
|
||||
;redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
|
||||
HOST = 127.0.0.1:11211
|
||||
; Time to keep items in cache if not used, default is 16 hours.
|
||||
; Setting it to 0 disables caching
|
||||
ITEM_TTL = 16h
|
||||
|
||||
[session]
|
||||
; Either "memory", "file", or "redis", default is "memory"
|
||||
PROVIDER = memory
|
||||
; Provider config options
|
||||
; memory: doesn't have any config yet
|
||||
; file: session file path, e.g. `data/sessions`
|
||||
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
|
||||
; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
|
||||
PROVIDER_CONFIG = data/sessions
|
||||
; Session cookie name
|
||||
COOKIE_NAME = i_like_gitea
|
||||
; If you use session in https only, default is false
|
||||
COOKIE_SECURE = false
|
||||
; Enable set cookie, default is true
|
||||
ENABLE_SET_COOKIE = true
|
||||
; Session GC time interval in seconds, default is 86400 (1 day)
|
||||
GC_INTERVAL_TIME = 86400
|
||||
; Session life time in seconds, default is 86400 (1 day)
|
||||
SESSION_LIFE_TIME = 86400
|
||||
|
||||
[picture]
|
||||
AVATAR_UPLOAD_PATH = data/avatars
|
||||
; Max Width and Height of uploaded avatars. This is to limit the amount of RAM
|
||||
; used when resizing the image.
|
||||
AVATAR_MAX_WIDTH = 4096
|
||||
AVATAR_MAX_HEIGHT = 3072
|
||||
; Chinese users can choose "duoshuo"
|
||||
; or a custom avatar source, like: http://cn.gravatar.com/avatar/
|
||||
GRAVATAR_SOURCE = gravatar
|
||||
; This value will always be true in offline mode.
|
||||
DISABLE_GRAVATAR = false
|
||||
; Federated avatar lookup uses DNS to discover avatar associated
|
||||
; with emails, see https://www.libravatar.org
|
||||
; This value will always be false in offline mode or when Gravatar is disabled.
|
||||
ENABLE_FEDERATED_AVATAR = false
|
||||
|
||||
[attachment]
|
||||
; Whether attachments are enabled. Defaults to `true`
|
||||
ENABLED = true
|
||||
; Path for attachments. Defaults to `data/attachments`
|
||||
PATH = data/attachments
|
||||
; One or more allowed types, e.g. image/jpeg|image/png
|
||||
ALLOWED_TYPES = image/jpeg|image/png|application/zip|application/gzip
|
||||
; Max size of each file. Defaults to 4MB
|
||||
MAX_SIZE = 4
|
||||
; Max number of files per upload. Defaults to 5
|
||||
MAX_FILES = 5
|
||||
|
||||
[log]
|
||||
ROOT_PATH =
|
||||
; Either "console", "file", "conn", "smtp" or "database", default is "console"
|
||||
; Use comma to separate multiple modes, e.g. "console, file"
|
||||
MODE = console
|
||||
; Buffer length of the channel, keep it as it is if you don't know what it is.
|
||||
BUFFER_LEN = 10000
|
||||
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
|
||||
LEVEL = Critical
|
||||
|
||||
; For "console" mode only
|
||||
[log.console]
|
||||
LEVEL =
|
||||
|
||||
; For "file" mode only
|
||||
[log.file]
|
||||
LEVEL =
|
||||
; This enables automated log rotate(switch of following options), default is true
|
||||
LOG_ROTATE = true
|
||||
; Max number of lines in a single file, default is 1000000
|
||||
MAX_LINES = 1000000
|
||||
; Max size shift of a single file, default is 28 means 1 << 28, 256MB
|
||||
MAX_SIZE_SHIFT = 28
|
||||
; Segment log daily, default is true
|
||||
DAILY_ROTATE = true
|
||||
; delete the log file after n days, default is 7
|
||||
MAX_DAYS = 7
|
||||
|
||||
; For "conn" mode only
|
||||
[log.conn]
|
||||
LEVEL =
|
||||
; Reconnect host for every single message, default is false
|
||||
RECONNECT_ON_MSG = false
|
||||
; Try to reconnect when connection is lost, default is false
|
||||
RECONNECT = false
|
||||
; Either "tcp", "unix" or "udp", default is "tcp"
|
||||
PROTOCOL = tcp
|
||||
; Host address
|
||||
ADDR =
|
||||
|
||||
; For "smtp" mode only
|
||||
[log.smtp]
|
||||
LEVEL =
|
||||
; Name displayed in mail title, default is "Diagnostic message from server"
|
||||
SUBJECT = Diagnostic message from server
|
||||
; Mail server
|
||||
HOST =
|
||||
; Mailer user name and password
|
||||
USER =
|
||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||
PASSWD =
|
||||
; Receivers, can be one or more, e.g. 1@example.com,2@example.com
|
||||
RECEIVERS =
|
||||
|
||||
; For "database" mode only
|
||||
[log.database]
|
||||
LEVEL =
|
||||
; Either "mysql" or "postgres"
|
||||
DRIVER =
|
||||
; Based on xorm, e.g.: root:root@localhost/gitea?charset=utf8
|
||||
CONN =
|
||||
|
||||
[cron]
|
||||
; Enable running cron tasks periodically.
|
||||
ENABLED = true
|
||||
; Run cron tasks when Gitea starts.
|
||||
RUN_AT_START = false
|
||||
|
||||
; Update mirrors
|
||||
[cron.update_mirrors]
|
||||
SCHEDULE = @every 10m
|
||||
|
||||
; Repository health check
|
||||
[cron.repo_health_check]
|
||||
SCHEDULE = @every 24h
|
||||
TIMEOUT = 60s
|
||||
; Arguments for command 'git fsck', e.g. "--unreachable --tags"
|
||||
; see more on http://git-scm.com/docs/git-fsck
|
||||
ARGS =
|
||||
|
||||
; Check repository statistics
|
||||
[cron.check_repo_stats]
|
||||
RUN_AT_START = true
|
||||
SCHEDULE = @every 24h
|
||||
|
||||
; Clean up old repository archives
|
||||
[cron.archive_cleanup]
|
||||
; Whether to enable the job
|
||||
ENABLED = true
|
||||
; Whether to always run at least once at start up time (if ENABLED)
|
||||
RUN_AT_START = true
|
||||
; Time interval for job to run
|
||||
SCHEDULE = @every 24h
|
||||
; Archives created more than OLDER_THAN ago are subject to deletion
|
||||
OLDER_THAN = 24h
|
||||
|
||||
; Synchronize external user data (only LDAP user synchronization is supported)
|
||||
[cron.sync_external_users]
|
||||
; Synchronize external user data when starting server (default false)
|
||||
RUN_AT_START = false
|
||||
; Interval as a duration between each synchronization (default every 24h)
|
||||
SCHEDULE = @every 24h
|
||||
; Create new users, update existing user data and disable users that are not in external source anymore (default)
|
||||
; or only create new users if UPDATE_EXISTING is set to false
|
||||
UPDATE_EXISTING = true
|
||||
|
||||
[git]
|
||||
; Disables highlight of added and removed changes
|
||||
DISABLE_DIFF_HIGHLIGHT = false
|
||||
; Max number of lines allowed in a single file in diff view
|
||||
MAX_GIT_DIFF_LINES = 1000
|
||||
; Max number of allowed characters in a line in diff view
|
||||
MAX_GIT_DIFF_LINE_CHARACTERS = 5000
|
||||
; Max number of files shown in diff view
|
||||
MAX_GIT_DIFF_FILES = 100
|
||||
; Arguments for command 'git gc', e.g. "--aggressive --auto"
|
||||
; see more on http://git-scm.com/docs/git-gc/
|
||||
GC_ARGS =
|
||||
|
||||
; Operation timeout in seconds
|
||||
[git.timeout]
|
||||
MIGRATE = 600
|
||||
MIRROR = 300
|
||||
CLONE = 300
|
||||
PULL = 300
|
||||
GC = 60
|
||||
|
||||
[mirror]
|
||||
; Default interval as a duration between each check
|
||||
DEFAULT_INTERVAL = 8h
|
||||
; Min interval as a duration must be > 1m
|
||||
MIN_INTERVAL = 10m
|
||||
|
||||
[api]
|
||||
; Enables Swagger. True or false; default is true.
|
||||
ENABLE_SWAGGER = true
|
||||
; Max number of items in a page
|
||||
MAX_RESPONSE_ITEMS = 50
|
||||
|
||||
[i18n]
|
||||
LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR
|
||||
NAMES = English,简体中文,繁體中文(香港),繁體中文(台灣),Deutsch,français,Nederlands,latviešu,русский,Українська,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어
|
||||
|
||||
; Used for datetimepicker
|
||||
[i18n.datelang]
|
||||
en-US = en
|
||||
zh-CN = zh
|
||||
zh-HK = zh-HK
|
||||
zh-TW = zh-TW
|
||||
de-DE = de
|
||||
fr-FR = fr
|
||||
nl-NL = nl
|
||||
lv-LV = lv
|
||||
ru-RU = ru
|
||||
uk-UA = uk
|
||||
ja-JP = ja
|
||||
es-ES = es
|
||||
pt-BR = pt-BR
|
||||
pl-PL = pl
|
||||
bg-BG = bg
|
||||
it-IT = it
|
||||
fi-FI = fi
|
||||
tr-TR = tr
|
||||
cs-CZ = cs-CZ
|
||||
sr-SP = sr
|
||||
sv-SE = sv
|
||||
ko-KR = ko
|
||||
|
||||
[U2F]
|
||||
; Two Factor authentication with security keys
|
||||
; https://developers.yubico.com/U2F/App_ID.html
|
||||
;APP_ID = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
|
||||
; Comma seperated list of truisted facets
|
||||
;TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
|
||||
|
||||
; Extension mapping to highlight class
|
||||
; e.g. .toml=ini
|
||||
[highlight.mapping]
|
||||
|
||||
[other]
|
||||
SHOW_FOOTER_BRANDING = false
|
||||
; Show version information about Gitea and Go in the footer
|
||||
SHOW_FOOTER_VERSION = true
|
||||
; Show template execution time in the footer
|
||||
SHOW_FOOTER_TEMPLATE_LOAD_TIME = true
|
||||
|
||||
[markup.asciidoc]
|
||||
ENABLED = false
|
||||
; List of file extensions that should be rendered by an external command
|
||||
FILE_EXTENSIONS = .adoc,.asciidoc
|
||||
; External command to render all matching extensions
|
||||
RENDER_COMMAND = "asciidoc --out-file=- -"
|
||||
; Don't pass the file on STDIN, pass the filename as argument instead.
|
||||
IS_INPUT_FILE = false
|
||||
|
||||
[metrics]
|
||||
; Enables metrics endpoint. True or false; default is false.
|
||||
ENABLED = false
|
||||
; If you want to add authorization, specify a token here
|
||||
TOKEN =
|
|
@ -0,0 +1,20 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}-http
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
type: {{ .Values.service.http.serviceType }}
|
||||
ports:
|
||||
- name: http
|
||||
port: {{ .Values.service.http.port }}
|
||||
{{- if .Values.service.http.nodePort }}
|
||||
nodePort: {{ .Values.service.http.nodePort }}
|
||||
{{- end }}
|
||||
targetPort: {{ .Values.service.http.port }}
|
||||
selector:
|
||||
app: {{ template "fullname" . }}
|
|
@ -0,0 +1,29 @@
|
|||
{{- if and .Values.persistence.enabled (not .Values.persistence.existingGiteaClaim) (not .Values.persistence.directGiteaVolumeMount) -}}
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: gitea
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
{{- if .Values.persistence.annotations }}
|
||||
annotations:
|
||||
{{ toYaml .Values.persistence.annotations | indent 4 }}
|
||||
{{- end }}
|
||||
|
||||
spec:
|
||||
accessModes:
|
||||
- {{ .Values.persistence.accessMode | quote }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.giteaSize | quote }}
|
||||
{{- if .Values.persistence.storageClass }}
|
||||
{{- if (eq "-" .Values.persistence.storageClass) }}
|
||||
storageClassName: ""
|
||||
{{- else }}
|
||||
storageClassName: "{{ .Values.persistence.storageClass }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,20 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}-ssh
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
type: {{ .Values.service.ssh.serviceType }}
|
||||
ports:
|
||||
- name: ssh
|
||||
port: {{ .Values.service.ssh.port }}
|
||||
targetPort: ssh
|
||||
{{- if .Values.service.ssh.nodePort }}
|
||||
nodePort: {{ .Values.service.ssh.nodePort }}
|
||||
{{- end }}
|
||||
selector:
|
||||
app: {{ template "fullname" . }}
|
|
@ -0,0 +1,42 @@
|
|||
{{- if .Values.ingress.enabled }}
|
||||
apiVersion: {{ template "gitea.ingress.apiVersion" . }}
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: "{{ template "fullname" . }}"
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: {{ .Release.Name | quote }}
|
||||
heritage: {{ .Release.Service | quote }}
|
||||
annotations:
|
||||
{{- if .Values.ingress.certManager }}
|
||||
kubernetes.io/tls-acme: "true"
|
||||
{{- end }}
|
||||
{{- range $key, $value := .Values.ingress.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
spec:
|
||||
rules:
|
||||
{{- if .Values.ingress.hostname }}
|
||||
- host: {{ .Values.ingress.hostname }}
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: {{ template "fullname" . }}-http
|
||||
servicePort: {{ .Values.service.http.port }}
|
||||
{{- end }}
|
||||
{{- range .Values.ingress.hosts }}
|
||||
- host: {{ .name }}
|
||||
http:
|
||||
paths:
|
||||
- path: {{ default "/" .path }}
|
||||
backend:
|
||||
serviceName: "{{ template "fullname" $ }}"-http
|
||||
servicePort: {{ .Values.service.http.port }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingress.tls }}
|
||||
tls:
|
||||
{{ toYaml .Values.ingress.tls | indent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,26 @@
|
|||
{{/*
|
||||
Create helm partial for gitea server
|
||||
*/}}
|
||||
{{- define "init" }}
|
||||
- name: init
|
||||
image: {{ .Values.images.gitea }}
|
||||
imagePullPolicy: {{ .Values.images.pullPolicy }}
|
||||
env:
|
||||
- name: MARIADB_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "mariadb.fullname" . }}
|
||||
key: mariadb-password
|
||||
- name: SCRIPT
|
||||
value: &script |-
|
||||
mkdir -p /datatmp/gitea/conf
|
||||
if [ ! -f /datatmp/gitea/conf/app.ini ]; then
|
||||
sed "s/MARIADB_PASSWORD/${MARIADB_PASSWORD}/g" < /etc/gitea/app.ini > /datatmp/gitea/conf/app.ini
|
||||
fi
|
||||
command: ["/bin/sh",'-c', *script]
|
||||
volumeMounts:
|
||||
- name: gitea-data
|
||||
mountPath: /datatmp
|
||||
- name: gitea-config
|
||||
mountPath: /etc/gitea
|
||||
{{- end }}
|
|
@ -0,0 +1,35 @@
|
|||
{{/*
|
||||
Create helm partial for memcached
|
||||
*/}}
|
||||
{{- define "memcached" }}
|
||||
- name: memcached
|
||||
image: {{ .Values.images.memcached }}
|
||||
imagePullPolicy: {{ .Values.images.pullPolicy }}
|
||||
command:
|
||||
- memcached
|
||||
- -m {{ .Values.memcached.maxItemMemory }}
|
||||
{{- if .Values.memcached.extendedOptions }}
|
||||
- -o
|
||||
- {{ .Values.memcached.extendedOptions }}
|
||||
{{- end }}
|
||||
{{- if .Values.memcached.verbosity }}
|
||||
- -{{ .Values.memcached.verbosity }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: memcache
|
||||
containerPort: 11211
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: memcache
|
||||
initialDelaySeconds: 30
|
||||
timeoutSeconds: 5
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: memcache
|
||||
initialDelaySeconds: 5
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
resources:
|
||||
{{ toYaml .Values.resources.memcached | indent 10 }}
|
||||
{{- end }}
|
|
@ -0,0 +1,217 @@
|
|||
## Gitea image
|
||||
## ref: https://hub.docker.com/r/gitea/gitea/tags/
|
||||
##
|
||||
|
||||
tags:
|
||||
mariadb: true
|
||||
|
||||
images:
|
||||
registry: docker.io
|
||||
gitea: "gitea/gitea:1.10.1"
|
||||
memcached: "memcached:1.5.19-alpine"
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets.
|
||||
## Secrets must be manually created in the namespace.
|
||||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
||||
##
|
||||
# pullSecrets:
|
||||
# - myRegistryKeySecretName
|
||||
|
||||
## Cache settings for memcache
|
||||
memcached:
|
||||
maxItemMemory: 64
|
||||
verbosity: v
|
||||
extendedOptions: modern
|
||||
|
||||
## Configure the ingress resource that allows you to access the
|
||||
## Gitea installation. Set up the URL
|
||||
## ref: http://kubernetes.io/docs/user-guide/ingress/
|
||||
##
|
||||
ingress:
|
||||
## Set to true to enable ingress record generation
|
||||
enabled: true
|
||||
|
||||
## Set this to true in order to add the corresponding annotations for cert-manager
|
||||
certManager: false
|
||||
|
||||
## When the ingress is enabled, a host pointing to this will be created
|
||||
hostname: gitea.local
|
||||
|
||||
## Ingress annotations done as key:value pairs
|
||||
## For a full list of possible ingress annotations, please see
|
||||
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md
|
||||
##
|
||||
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
|
||||
## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set
|
||||
annotations: {}
|
||||
# certmanager.k8s.io/cluster-issuer: letsencrypt-prod
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
|
||||
## The list of additional hostnames to be covered with this ingress record.
|
||||
## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array
|
||||
# hosts:
|
||||
# - name: gitea.local
|
||||
# path: /
|
||||
|
||||
## The tls configuration for the ingress
|
||||
## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
|
||||
## Uncomment below to enable tls / https for let's encrypt / cert-manager
|
||||
# tls:
|
||||
# - hosts:
|
||||
# - gitea.local
|
||||
# secretName: gitea.tls
|
||||
|
||||
secrets:
|
||||
## If you're providing your own certificates, please use this to add the certificates as secrets
|
||||
## key and certificate should start with -----BEGIN CERTIFICATE----- or
|
||||
## -----BEGIN RSA PRIVATE KEY-----
|
||||
##
|
||||
## name should line up with a tlsSecret set further up
|
||||
## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
|
||||
##
|
||||
## It is also possible to create and manage the certificates outside of this helm chart
|
||||
## Please see README.md for more information
|
||||
# - name: gitea.local-tls
|
||||
# key:
|
||||
# certificate:
|
||||
#
|
||||
|
||||
## This chart defaults to using an ingress for http, but change to LoadBalancer if using you cluster supports it
|
||||
service:
|
||||
|
||||
## This can stay as ClusterIP as (by default) we use ingress
|
||||
http:
|
||||
serviceType: ClusterIP
|
||||
port: 3000
|
||||
## Make the external port available
|
||||
# externalPort: 8280
|
||||
# externalHost: gitea.local
|
||||
|
||||
## SSH is commonly on port 22.. however.. you most likely already have port 22 being used by your node.
|
||||
## so we use port 8022.
|
||||
ssh:
|
||||
serviceType: LoadBalancer
|
||||
port: 22
|
||||
#nodePort: 30222
|
||||
## If serving on a different external port used for determining the ssh url in the gui
|
||||
externalPort: 8022
|
||||
externalHost: gitea.local
|
||||
|
||||
## Configure resource requests and limits
|
||||
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
|
||||
##
|
||||
resources:
|
||||
gitea:
|
||||
requests:
|
||||
memory: 500Mi
|
||||
cpu: 1000m
|
||||
limits:
|
||||
memory: 2Gi
|
||||
cpu: 1
|
||||
memcached:
|
||||
requests:
|
||||
memory: 64Mi
|
||||
cpu: 50m
|
||||
|
||||
## Enable persistence using Persistent Volume Claims
|
||||
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
|
||||
## ref:
|
||||
##
|
||||
persistence:
|
||||
enabled: false
|
||||
# existingGiteaClaim: gitea-gitea
|
||||
giteaSize: 10Gi
|
||||
# storageClass: glusterfs
|
||||
accessMode: ReadWriteMany
|
||||
## addtional annotations for PVCs. Uncommenting will prevent the PVC from being deleted.
|
||||
annotations:
|
||||
"helm.sh/resource-policy": keep
|
||||
|
||||
## if you want to mount a volume directly without using a storageClass or pvcs
|
||||
# directGiteaVolumeMount:
|
||||
# glusterfs:
|
||||
# endpoints: "192.168.1.1 192.168.1.2 192.168.1.3"
|
||||
# path: giteaData
|
||||
# directPostgresVolumeMount:
|
||||
# glusterfs:
|
||||
# endpoints: "192.168.1.1 192.168.1.2 192.168.1.3"
|
||||
# path: giteaPostgresData
|
||||
|
||||
|
||||
|
||||
##
|
||||
## MariaDB chart configuration
|
||||
##
|
||||
## https://github.com/helm/charts/blob/master/stable/mariadb/values.yaml
|
||||
##
|
||||
mariadb:
|
||||
## Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database set this to false and configure the externalDatabase parameters
|
||||
enabled: true
|
||||
## Disable MariaDB replication
|
||||
replication:
|
||||
enabled: false
|
||||
|
||||
## Create a database and a database user
|
||||
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-user-on-first-run
|
||||
##
|
||||
db:
|
||||
name: gitea
|
||||
user: gitea
|
||||
## If the password is not specified, mariadb will generates a random password
|
||||
##
|
||||
# password: ThisIsMySuperSecretPassword
|
||||
|
||||
## MariaDB admin password
|
||||
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#setting-the-root-password-on-first-run
|
||||
##
|
||||
rootUser:
|
||||
# password: ThisIsMySuperSecretPassword
|
||||
|
||||
## Enable persistence using Persistent Volume Claims
|
||||
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
|
||||
##
|
||||
master:
|
||||
persistence:
|
||||
enabled: false
|
||||
## mariadb data Persistent Volume Storage Class
|
||||
## If defined, storageClassName: <storageClass>
|
||||
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
||||
## If undefined (the default) or set to null, no storageClassName spec is
|
||||
## set, choosing the default provisioner. (gp2 on AWS, standard on
|
||||
## GKE, AWS & OpenStack)
|
||||
##
|
||||
# storageClass: "-"
|
||||
accessMode: ReadWriteOnce
|
||||
size: 8Gi
|
||||
|
||||
## Connect to an external database instead
|
||||
# externalDB:
|
||||
# dbUser: "postgres"
|
||||
# dbPassword: "<MY_PASSWORD>"
|
||||
# dbHost: "service-name.namespace.svc.cluster.local" # or some external host
|
||||
# dbPort: "5432"
|
||||
# dbDatabase: "gitea"
|
||||
|
||||
|
||||
## Actual Gitea configuration (modified the default .ini file for Gitea)
|
||||
## This will skip the initial installation screen. You must have a secretKey already defined
|
||||
## and disableInstaller set to True
|
||||
config:
|
||||
## secretKey: ThisIsMySuperSecretKeyThatsUsedInterally
|
||||
disableInstaller: false
|
||||
offlineMode: false
|
||||
requireSignin: false
|
||||
disableRegistration: false
|
||||
openidSignin: true
|
||||
|
||||
## Common helm annotations
|
||||
## Node labels and tolerations for pod assignment
|
||||
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
||||
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
|
||||
nodeSelector: {}
|
||||
tolerations: []
|
||||
affinity: {}
|
||||
|
||||
## Annotations for the deployment and nodes.
|
||||
deploymentAnnotations: {}
|
||||
podAnnotations: {}
|
Loading…
Reference in New Issue