initial installation of forgejo
This commit is contained in:
parent
ea7b723f67
commit
b67321c44b
9
apps/zurrli/forgejo/configmap.yaml
Normal file
9
apps/zurrli/forgejo/configmap.yaml
Normal file
|
@ -0,0 +1,9 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: forgejo-app-ini
|
||||
data:
|
||||
session: |
|
||||
SAME_SITE=strict
|
||||
cron.archive_cleanup: |
|
||||
ENABLED=true
|
6
apps/zurrli/forgejo/kustomization.yaml
Normal file
6
apps/zurrli/forgejo/kustomization.yaml
Normal file
|
@ -0,0 +1,6 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- configmap.yaml
|
||||
generators:
|
||||
- secret-generator.yaml
|
28
apps/zurrli/forgejo/secret-admin-user.sops.yaml
Normal file
28
apps/zurrli/forgejo/secret-admin-user.sops.yaml
Normal file
|
@ -0,0 +1,28 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
type: Opaque
|
||||
metadata:
|
||||
name: forgejo-admin-secret
|
||||
stringData:
|
||||
username: ENC[AES256_GCM,data:lDqVAq9ljbMQQg==,iv:Q24F14CFgbcpb7uVERbUOWt+uAjt4/LgzrxmHcPZiPA=,tag:uaO+YseYsJdm1UZgEAk/sw==,type:str]
|
||||
password: ENC[AES256_GCM,data:wum4id+XB6pWh3wrHrbwLpIdltRDJWimXhLVgiXFdSPua4RoRWeBD6ypDyA=,iv:U/cmBfJL/DZQH5dJMjpqIkqUbPbpYkdCcLwAfbb47Qg=,tag:G3WnuBeESgA+lPMNydWVhQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1dfk8euu7afvw7ge5l2qek45z23hdq5anjd56cy4d7kcsf0e0e5pqfjylx8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlbFN3Yi9SbHZVNzRWUXhB
|
||||
cDh1Q1R4MmJMdFVmR1p0NEM4WWNFdzBxT0hzCnlibzN1cDJjeFJ1cjUrQzlWSC9s
|
||||
WGg2S0hvc3lCME9kdW9LdlZVZ0JvZ00KLS0tIEFOMzkxcWdCcmtNK0YwaTFlTWdk
|
||||
ZkhMeS84Wlh6dlkrMVlKU0xMNlBHUXMK+MfIYb9O4DtattlQUWzY041N7aiPZG57
|
||||
FJXLnIJnCzE9LLzwRbPRdHn+9VBp4v8T0Gno2Vlr7FAKrka6S14fxA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-01-29T19:15:12Z"
|
||||
mac: ENC[AES256_GCM,data:wZEOGX30tdlz+uRT73oWuaI1GQsuAXyewQv2/iUZoneLBRZUZlbQDNjBr5wi5qAA7svwrh/txV5s1pzohkY/Fep+quTSUuZrsL5obuW8GTgb3IlCKd7JoDTUOWhnUClN9pBfnxp/fDwJQxbA+aqWRUGqcJMlPQFeT4C7BkA0MdE=,iv:F4sPLuvtNmV/KlJFYaw1NejtSJwsovRcD4KAD8H4K3E=,tag:8M40ZERWJI0a06naNsXNZA==,type:str]
|
||||
pgp: []
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.8.1
|
7
apps/zurrli/forgejo/secret-generator.yaml
Normal file
7
apps/zurrli/forgejo/secret-generator.yaml
Normal file
|
@ -0,0 +1,7 @@
|
|||
apiVersion: viaduct.ai/v1
|
||||
kind: ksops
|
||||
metadata:
|
||||
name: secret-generator
|
||||
files:
|
||||
- secret-oauth.sops.yaml
|
||||
- secret-admin-user.sops.yaml
|
28
apps/zurrli/forgejo/secret-oauth.sops.yaml
Normal file
28
apps/zurrli/forgejo/secret-oauth.sops.yaml
Normal file
|
@ -0,0 +1,28 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
type: Opaque
|
||||
metadata:
|
||||
name: foregjo-oauth-secret
|
||||
stringData:
|
||||
key: ENC[AES256_GCM,data:RB0j5Qc=,iv:/krpnTgqgR0pIF/o0WbwL5lrjfpWJyiPSJ3rUAAFc6c=,tag:aTIoUaO/MYMuWVu/ldExTg==,type:str]
|
||||
secret: ENC[AES256_GCM,data:moDK9ms=,iv:NcSCjIyzlUcBQfVkE1yqMg0zT2lcf+zIDcPyhHOG9Fs=,tag:qzH9kLOfUk6qHoQeHGEDKg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1dfk8euu7afvw7ge5l2qek45z23hdq5anjd56cy4d7kcsf0e0e5pqfjylx8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhbmxSVE9FejN6N2JTbXFn
|
||||
V0tMTTNBUDcyQWJOMHBMZDIzVkV5SVJ6djNnClV3WS9xazZlQ3BwSUdXWm1mQ3Z1
|
||||
UC9tMFE0c2Rpamo4eEhJbjZ6TnZQQ00KLS0tIE9QYlp3M0NuZVB4M1FuUzRSaFRy
|
||||
cmZHZDdDOXljN1d1VHB3N3I3UnpkUDgKb52IMEIUlF7O098WYrsFKz5Vcb95WrKO
|
||||
gQ7No+2rDGppkw1Wj7Pkp98UDI+gP0lgQBtdqSmafbhJddVN+H7fdQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-01-29T19:14:19Z"
|
||||
mac: ENC[AES256_GCM,data:mEYAUWP3uJetXf9Ha99egHL40MLqbvLM8GXb4hTlb44VwJJvqRrBB0Ez2/3IULq0mNw2ot7+Zda7c4g0H3Y+1dgcAoyf0wHUn/N2PD6tEl8WrqqTwRW86ITrhPPgsBMXiq/ovci8Z3zMkAr0DbVQuJSOxZRzWO0H9jkyu3b7OXs=,iv:hooqxH3IoKMeSG2gRXfj2aK+rl2SopeCBzaKZ3EhLjo=,tag:0Ap4Z0fVCVCnm1v952SHJQ==,type:str]
|
||||
pgp: []
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.8.1
|
65
argoapps/zurrli/forgejo.yaml
Normal file
65
argoapps/zurrli/forgejo.yaml
Normal file
|
@ -0,0 +1,65 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: forgejo
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: apps
|
||||
sources:
|
||||
- chart: forgejo
|
||||
repoURL: oci://codeberg.org/forgejo-contrib/forgejo
|
||||
targetRevision: 1.1.6
|
||||
helm:
|
||||
values: |
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
postgresql:
|
||||
enabled: true
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: local-path
|
||||
postgresql-ha:
|
||||
enabled: false
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: local-path
|
||||
|
||||
gitea:
|
||||
admin:
|
||||
existingSecret: forgejo-admin-secret
|
||||
oauth:
|
||||
- name: 'tbrnt ID'
|
||||
provider: 'openidConnect'
|
||||
autoDiscoverUrl: https://id.tobru.ch/
|
||||
existingSecret: forgejo-oauth-secret
|
||||
config:
|
||||
database:
|
||||
DB_TYPE: postgres
|
||||
session:
|
||||
PROVIDER: db
|
||||
cache:
|
||||
ADAPTER: memory
|
||||
queue:
|
||||
TYPE: level
|
||||
indexer:
|
||||
ISSUE_INDEXER_TYPE: bleve
|
||||
REPO_INDEXER_ENABLED: true
|
||||
additionalConfigSources:
|
||||
- secret:
|
||||
secretName: forgejo-app-ini-secret
|
||||
- configMap:
|
||||
name: forgejo-app-ini
|
||||
- path: apps/zurrli/forgejo
|
||||
repoURL: https://git.tbrnt.ch/tobru/gitops-zurrli.git
|
||||
targetRevision: HEAD
|
||||
destination:
|
||||
namespace: forgejo
|
||||
server: https://kubernetes.default.svc
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
automated:
|
||||
prune: true
|
Loading…
Reference in a new issue