Forgejo instead of gitea
parent
a958371e01
commit
999aa72993
@ -1,39 +1,39 @@
|
||||
# convention 4 kubernetes: c4k-gitea
|
||||
[![Clojars Project](https://img.shields.io/clojars/v/org.domaindrivenarchitecture/c4k-gitea.svg)](https://clojars.org/org.domaindrivenarchitecture/c4k-gitea) [![pipeline status](https://gitlab.com/domaindrivenarchitecture/c4k-gitea/badges/master/pipeline.svg)](https://gitlab.com/domaindrivenarchitecture/c4k-gitea/-/commits/main)
|
||||
# convention 4 kubernetes: c4k-forgejo
|
||||
[![Clojars Project](https://img.shields.io/clojars/v/org.domaindrivenarchitecture/c4k-forgejo.svg)](https://clojars.org/org.domaindrivenarchitecture/c4k-forgejo) [![pipeline status](https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/badges/master/pipeline.svg)](https://gitlab.com/domaindrivenarchitecture/c4k-forgejo/-/commits/main)
|
||||
|
||||
[<img src="https://domaindrivenarchitecture.org/img/delta-chat.svg" width=20 alt="DeltaChat"> chat over e-mail](mailto:buero@meissa-gmbh.de?subject=community-chat) | [<img src="https://meissa-gmbh.de/img/community/Mastodon_Logotype.svg" width=20 alt="team@social.meissa-gmbh.de"> team@social.meissa-gmbh.de](https://social.meissa-gmbh.de/@team) | [Website & Blog](https://domaindrivenarchitecture.org)
|
||||
|
||||
## Purpose
|
||||
|
||||
c4k-gitea provides a k8s deployment file for Gitea containing:
|
||||
* gitea
|
||||
c4k-forgejo provides a k8s deployment file for forgejo containing:
|
||||
|
||||
* forgejo
|
||||
* ingress having a letsencrypt managed certificate
|
||||
* postgres database
|
||||
|
||||
* encrypted backup on S3 & restore
|
||||
* monitoring on graphana-cloud
|
||||
|
||||
## Try out
|
||||
|
||||
Click on the image to try out live in your browser:
|
||||
|
||||
[![Try it out](doc/tryItOut.png "Try out yourself")](https://domaindrivenarchitecture.org/pages/dda-provision/c4k-gitea/)
|
||||
[![Try it out](doc/tryItOut.png "Try out yourself")](https://domaindrivenarchitecture.org/pages/dda-provision/c4k-forgejo/)
|
||||
|
||||
Your input will stay in your browser. No server interaction is required.
|
||||
|
||||
## Forgejo setup
|
||||
|
||||
## Gitea setup
|
||||
After having deployed the yaml-file generated by the c4k-forgejo module you need to complete the setup for forgejo:
|
||||
|
||||
After having deployed the yaml-file generated by the c4k-gitea module you need to complete the setup for gitea:
|
||||
|
||||
* Open the URL of your gitea-server, and you will be shown a configuration page.
|
||||
* Open the URL of your forgejo-server, and you will be shown a configuration page.
|
||||
* Adjust the settings according to your needs
|
||||
* Add the administrator's data (name, password and email) and submit the page.
|
||||
* The required database will be created and the Gitea setup will be completed.
|
||||
* The required database will be created and the forgejo setup will be completed.
|
||||
* The SSH-URL for a repo has the format: "ssh://git@domain:2222/[username]/[repo].git
|
||||
Example: "git clone ssh://git@repo.test.meissa.de:2222/myuser/c4k-gitea.git"
|
||||
|
||||
Example: "git clone ssh://git@repo.test.meissa.de:2222/myuser/c4k-forgejo.git"
|
||||
|
||||
## License
|
||||
|
||||
Copyright © 2022 meissa GmbH
|
||||
Copyright © 2023 meissa GmbH
|
||||
Licensed under the [Apache License, Version 2.0](LICENSE) (the "License")
|
||||
Pls. find licenses of our subcomponents [here](doc/SUBCOMPONENT_LICENSE)
|
@ -0,0 +1,14 @@
|
||||
(ns dda.c4k-forgejo.uberjar
|
||||
(:gen-class)
|
||||
(:require
|
||||
[dda.c4k-forgejo.core :as core]
|
||||
[dda.c4k-common.uberjar :as uberjar]))
|
||||
|
||||
(defn -main [& cmd-args]
|
||||
(uberjar/main-common
|
||||
"c4k-forgejo"
|
||||
core/config?
|
||||
core/auth?
|
||||
core/config-defaults
|
||||
core/k8s-objects
|
||||
cmd-args))
|
@ -1,8 +0,0 @@
|
||||
(ns dda.c4k-gitea.uberjar
|
||||
(:gen-class)
|
||||
(:require
|
||||
[dda.c4k-gitea.core :as core]
|
||||
[dda.c4k-common.uberjar :as uberjar]))
|
||||
|
||||
(defn -main [& cmd-args]
|
||||
(uberjar/main-common "c4k-gitea" core/config? core/auth? core/config-defaults core/k8s-objects cmd-args))
|
@ -1,4 +1,4 @@
|
||||
(ns dda.c4k-gitea.backup
|
||||
(ns dda.c4k-forgejo.backup
|
||||
(:require
|
||||
[clojure.spec.alpha :as s]
|
||||
#?(:cljs [shadow.resource :as rc])
|
@ -0,0 +1,58 @@
|
||||
(ns dda.c4k-forgejo.core
|
||||
(:require
|
||||
[clojure.spec.alpha :as s]
|
||||
[dda.c4k-common.yaml :as yaml]
|
||||
[dda.c4k-common.common :as cm]
|
||||
[dda.c4k-common.monitoring :as mon]
|
||||
[dda.c4k-forgejo.forgejo :as forgejo]
|
||||
[dda.c4k-forgejo.backup :as backup]
|
||||
[dda.c4k-common.postgres :as postgres]))
|
||||
|
||||
(def config-defaults {:issuer "staging"})
|
||||
|
||||
(def config? (s/keys :req-un [::forgejo/fqdn
|
||||
::forgejo/mailer-from
|
||||
::forgejo/mailer-host-port
|
||||
::forgejo/service-noreply-address]
|
||||
:opt-un [::forgejo/issuer
|
||||
::forgejo/default-app-name
|
||||
::forgejo/service-domain-whitelist
|
||||
::backup/restic-repository
|
||||
::mon/mon-cfg]))
|
||||
|
||||
(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password
|
||||
::forgejo/mailer-user ::forgejo/mailer-pw
|
||||
::backup/aws-access-key-id ::backup/aws-secret-access-key]
|
||||
:opt-un [::backup/restic-password ; TODO gec: Is restic password opt or req?
|
||||
::mon/mon-cfg]))
|
||||
|
||||
(def vol? (s/keys :req-un [::forgejo/volume-total-storage-size]))
|
||||
|
||||
(defn k8s-objects [config auth]
|
||||
(let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)]
|
||||
(map yaml/to-string
|
||||
(filter #(not (nil? %))
|
||||
(cm/concat-vec
|
||||
[(postgres/generate-config {:postgres-size :2gb :db-name "forgejo"})
|
||||
(postgres/generate-secret auth)
|
||||
(when (contains? config :postgres-data-volume-path)
|
||||
(postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb])))
|
||||
(postgres/generate-pvc {:pv-storage-size-gb 5
|
||||
:pvc-storage-class-name storage-class})
|
||||
(postgres/generate-deployment {:postgres-image "postgres:14"
|
||||
:postgres-size :2gb})
|
||||
(postgres/generate-service)
|
||||
(forgejo/generate-deployment)
|
||||
(forgejo/generate-service)
|
||||
(forgejo/generate-service-ssh)
|
||||
(forgejo/generate-data-volume config)
|
||||
(forgejo/generate-appini-env config)
|
||||
(forgejo/generate-secrets auth)]
|
||||
(forgejo/generate-ingress-and-cert config)
|
||||
(when (contains? config :restic-repository)
|
||||
[(backup/generate-config config)
|
||||
(backup/generate-secret auth)
|
||||
(backup/generate-cron)
|
||||
(backup/generate-backup-restore-deployment config)])
|
||||
(when (:contains? config :mon-cfg)
|
||||
(mon/generate (:mon-cfg config) (:mon-auth auth))))))))
|
@ -1,54 +0,0 @@
|
||||
(ns dda.c4k-gitea.core
|
||||
(:require
|
||||
[clojure.spec.alpha :as s]
|
||||
[dda.c4k-common.yaml :as yaml]
|
||||
[dda.c4k-common.common :as cm]
|
||||
[dda.c4k-gitea.gitea :as gitea]
|
||||
[dda.c4k-gitea.backup :as backup]
|
||||
[dda.c4k-common.postgres :as postgres]))
|
||||
|
||||
(def config-defaults {:issuer "staging"})
|
||||
|
||||
(def config? (s/keys :req-un [::gitea/fqdn
|
||||
::gitea/mailer-from
|
||||
::gitea/mailer-host-port
|
||||
::gitea/service-noreply-address]
|
||||
:opt-un [::gitea/issuer
|
||||
::gitea/default-app-name
|
||||
::gitea/service-domain-whitelist
|
||||
::backup/restic-repository]))
|
||||
|
||||
(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password
|
||||
::gitea/mailer-user ::gitea/mailer-pw
|
||||
::backup/aws-access-key-id ::backup/aws-secret-access-key]
|
||||
:opt-un [::backup/restic-password])) ; TODO gec: Is restic password opt or req?
|
||||
|
||||
(def vol? (s/keys :req-un [::gitea/volume-total-storage-size]))
|
||||
|
||||
(defn k8s-objects [config]
|
||||
(let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)]
|
||||
(map yaml/to-string
|
||||
(filter #(not (nil? %))
|
||||
(cm/concat-vec
|
||||
[(postgres/generate-config {:postgres-size :2gb :db-name "gitea"})
|
||||
(postgres/generate-secret config)
|
||||
(when (contains? config :postgres-data-volume-path)
|
||||
(postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb])))
|
||||
(postgres/generate-pvc {:pv-storage-size-gb 5
|
||||
:pvc-storage-class-name storage-class})
|
||||
(postgres/generate-deployment {:postgres-image "postgres:14"
|
||||
:postgres-size :2gb})
|
||||
(postgres/generate-service)
|
||||
(gitea/generate-deployment)
|
||||
(gitea/generate-service)
|
||||
(gitea/generate-service-ssh)
|
||||
(gitea/generate-data-volume config)
|
||||
(gitea/generate-appini-env config)
|
||||
(gitea/generate-secrets config)
|
||||
(gitea/generate-ingress config)
|
||||
(gitea/generate-certificate config)]
|
||||
(when (contains? config :restic-repository)
|
||||
[(backup/generate-config config)
|
||||
(backup/generate-secret config)
|
||||
(backup/generate-cron)
|
||||
(backup/generate-backup-restore-deployment config)]))))))
|
@ -0,0 +1,90 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: forgejo-env
|
||||
namespace: default
|
||||
data:
|
||||
#[admin]
|
||||
FORGEJO__admin__DEFAULT_EMAIL_NOTIFICATIONS: "enabled" # Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled
|
||||
|
||||
#[attachments]
|
||||
FORGEJO__attachments__PATH: /data/gitea/attachments
|
||||
|
||||
#[database]
|
||||
FORGEJO__database__DB_TYPE: "postgres"
|
||||
FORGEJO__database__HOST: "postgresql-service:5432"
|
||||
FORGEJO__database__NAME: forgejo
|
||||
FORGEJO__database__LOG_SQL: "false"
|
||||
FORGEJO__database__SSL_MODE: disable
|
||||
FORGEJO__database__CHARSET: utf8
|
||||
|
||||
#[DEFAULT]
|
||||
APP_NAME: APPNAME
|
||||
RUN_MODE: prod
|
||||
RUN_USER: git
|
||||
|
||||
#[federation]
|
||||
FORGEJO__federation__ENABLED: "true"
|
||||
|
||||
#[indexer]
|
||||
FORGEJO__indexer__ISSUE_INDEXER_PATH: /data/gitea/indexers/issues.bleve
|
||||
|
||||
#[log]
|
||||
FORGEJO__log__MODE: "console, file"
|
||||
FORGEJO__log__LEVEL: Info
|
||||
FORGEJO__log__ROOT_PATH: /data/gitea/log
|
||||
|
||||
#[mailer]
|
||||
FORGEJO__mailer__ENABLED: "true"
|
||||
FORGEJO__mailer__FROM: FROM
|
||||
FORGEJO__mailer__MAILER_TYPE: smtp+startls
|
||||
# TODO: jem 2022-08-02: outdated with v1.18, use SMTP_ADDR & SMTP_PORT instead
|
||||
FORGEJO__mailer__HOST: HOSTANDPORT
|
||||
|
||||
#[oauth2]
|
||||
FORGEJO__oauth2__ENABLE: "true"
|
||||
|
||||
#[openid]
|
||||
FORGEJO__openid__ENABLE_OPENID: "true"
|
||||
FORGEJO__openid__ENABLE_OPENID_SIGNIN: "true"
|
||||
FORGEJO__openid__ENABLE_OPENID_SIGNUP: "true"
|
||||
|
||||
#[picture]
|
||||
FORGEJO__picture__AVATAR_UPLOAD_PATH: /data/gitea/avatars
|
||||
FORGEJO__picture__REPOSITORY_AVATAR_UPLOAD_PATH: /data/gitea/repo-avatars
|
||||
FORGEJO__picture__DISABLE_GRAVATAR: "false"
|
||||
FORGEJO__picture__ENABLE_FEDERATED_AVATAR: "true" # Enable support for federated avatars (see http://www.libravatar.org).
|
||||
|
||||
#[repository]
|
||||
FORGEJO__repository__ROOT: /data/git/repositories
|
||||
FORGEJO__repository__DEFAULT_PRIVATE: last
|
||||
FORGEJO__repository__LOCAL_COPY_PATH: /data/gitea/tmp/local-repo
|
||||
FORGEJO__repository__TEMP_PATH: /data/gitea/uploads
|
||||
|
||||
#[security]
|
||||
FORGEJO__security__INSTALL_LOCK: "true"
|
||||
|
||||
#[server]
|
||||
FORGEJO__server__DOMAIN: FQDN
|
||||
FORGEJO__server__SSH_DOMAIN: FQDN
|
||||
FORGEJO__server__ROOT_URL: URL
|
||||
FORGEJO__server__HTTP_PORT: "3000" # HTTP listen port of the server (in the pod)
|
||||
FORGEJO__server__SSH_PORT: "2222" # SSH port displayed in clone URL
|
||||
|
||||
#[service]
|
||||
FORGEJO__service__DISABLE_REGISTRATION: "false"
|
||||
FORGEJO__service__REQUIRE_SIGNIN_VIEW: "false"
|
||||
FORGEJO__service__REGISTER_EMAIL_CONFIRM: "true"
|
||||
FORGEJO__service__ENABLE_NOTIFY_MAIL: "true"
|
||||
FORGEJO__service__EMAIL_DOMAIN_WHITELIST: WHITELISTDOMAINS
|
||||
FORGEJO__service__ALLOW_ONLY_EXTERNAL_REGISTRATION: "false"
|
||||
FORGEJO__service__ENABLE_BASIC_AUTHENTICATION: "true"
|
||||
FORGEJO__service__ENABLE_CAPTCHA: "false"
|
||||
FORGEJO__service__DEFAULT_KEEP_EMAIL_PRIVATE: "true"
|
||||
FORGEJO__service__DEFAULT_ALLOW_CREATE_ORGANIZATION: "true"
|
||||
FORGEJO__service__DEFAULT_ENABLE_TIMETRACKING: "true"
|
||||
FORGEJO__service__NO_REPLY_ADDRESS: NOREPLY
|
||||
|
||||
#[session]
|
||||
FORGEJO__session__PROVIDER_CONFIG: /data/gitea/sessions
|
||||
FORGEJO__session__PROVIDER: file
|
@ -1,10 +1,10 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: gitea-data-pvc
|
||||
name: forgejo-data-pvc
|
||||
namespace: default
|
||||
labels:
|
||||
app: gitea
|
||||
app: forgejo
|
||||
spec:
|
||||
storageClassName: local-path
|
||||
accessModes:
|
@ -1,41 +1,41 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: gitea
|
||||
name: forgejo
|
||||
namespace: default
|
||||
labels:
|
||||
app: gitea
|
||||
app: forgejo
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: gitea
|
||||
app: forgejo
|
||||
template:
|
||||
metadata:
|
||||
name: gitea
|
||||
name: forgejo
|
||||
labels:
|
||||
app: gitea
|
||||
app: forgejo
|
||||
spec:
|
||||
containers:
|
||||
- name: gitea
|
||||
image: gitea/gitea:1.17.3
|
||||
- name: forgejo
|
||||
image: codeberg.org/forgejo/forgejo:1.19
|
||||
imagePullPolicy: IfNotPresent
|
||||
# config settings
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: gitea-env
|
||||
name: forgejo-env
|
||||
- secretRef:
|
||||
name: gitea-secrets
|
||||
name: forgejo-secrets
|
||||
volumeMounts:
|
||||
- name: gitea-data-volume
|
||||
- name: forgejo-data-volume
|
||||
mountPath: "/data"
|
||||
ports:
|
||||
- containerPort: 22
|
||||
name: git-ssh
|
||||
- containerPort: 3000
|
||||
name: gitea
|
||||
name: forgejo
|
||||
volumes:
|
||||
- name: gitea-data-volume
|
||||
- name: forgejo-data-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: gitea-data-pvc
|
||||
claimName: forgejo-data-pvc
|
||||
|
@ -0,0 +1,11 @@
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: forgejo-secrets
|
||||
data:
|
||||
FORGEJO__database__USER: DBUSER
|
||||
FORGEJO__database__PASSWD: DBPW
|
||||
|
||||
FORGEJO__mailer__USER: MAILERUSER
|
||||
FORGEJO__mailer__PASSWD: MAILERPW
|
||||
|
@ -1,12 +1,12 @@
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: gitea-service
|
||||
name: forgejo-service
|
||||
namespace: default
|
||||
spec:
|
||||
selector:
|
||||
app: gitea
|
||||
app: forgejo
|
||||
ports:
|
||||
- name: gitea-http
|
||||
- name: forgejo-http
|
||||
port: 3000
|
||||
|
@ -1,90 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: gitea-env
|
||||
namespace: default
|
||||
data:
|
||||
#[admin]
|
||||
GITEA__admin__DEFAULT_EMAIL_NOTIFICATIONS: "enabled" # Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled
|
||||
|
||||
#[attachments]
|
||||
GITEA__attachments__PATH: /data/gitea/attachments
|
||||
|
||||
#[database]
|
||||
GITEA__database__DB_TYPE: "postgres"
|
||||
GITEA__database__HOST: "postgresql-service:5432"
|
||||
GITEA__database__NAME: gitea
|
||||
GITEA__database__LOG_SQL: "false"
|
||||
GITEA__database__SSL_MODE: disable
|
||||
GITEA__database__CHARSET: utf8
|
||||
|
||||
#[DEFAULT]
|
||||
APP_NAME: APPNAME
|
||||
RUN_MODE: prod
|
||||
RUN_USER: git
|
||||
|
||||
#[federation]
|
||||
GITEA__federation__ENABLED: "true"
|
||||
|
||||
#[indexer]
|
||||
GITEA__indexer__ISSUE_INDEXER_PATH: /data/gitea/indexers/issues.bleve
|
||||
|
||||
#[log]
|
||||
GITEA__log__MODE: "console, file"
|
||||
GITEA__log__LEVEL: Info
|
||||
GITEA__log__ROOT_PATH: /data/gitea/log
|
||||
|
||||
#[mailer]
|
||||
GITEA__mailer__ENABLED: "true"
|
||||
GITEA__mailer__FROM: FROM
|
||||
GITEA__mailer__MAILER_TYPE: smtp+startls
|
||||
# TODO: jem 2022-08-02: outdated with v1.18, use SMTP_ADDR & SMTP_PORT instead
|
||||
GITEA__mailer__HOST: HOSTANDPORT
|
||||
|
||||
#[oauth2]
|
||||
GITEA__oauth2__ENABLE: "true"
|
||||
|
||||
#[openid]
|
||||
GITEA__openid__ENABLE_OPENID: "true"
|
||||
GITEA__openid__ENABLE_OPENID_SIGNIN: "true"
|
||||
GITEA__openid__ENABLE_OPENID_SIGNUP: "true"
|
||||
|
||||
#[picture]
|
||||
GITEA__picture__AVATAR_UPLOAD_PATH: /data/gitea/avatars
|
||||
GITEA__picture__REPOSITORY_AVATAR_UPLOAD_PATH: /data/gitea/repo-avatars
|
||||
GITEA__picture__DISABLE_GRAVATAR: "false"
|
||||
GITEA__picture__ENABLE_FEDERATED_AVATAR: "true" # Enable support for federated avatars (see http://www.libravatar.org).
|
||||
|
||||
#[repository]
|
||||
GITEA__repository__ROOT: /data/git/repositories
|
||||
GITEA__repository__DEFAULT_PRIVATE: last
|
||||
GITEA__repository__LOCAL_COPY_PATH: /data/gitea/tmp/local-repo
|
||||
GITEA__repository__TEMP_PATH: /data/gitea/uploads
|
||||
|
||||
#[security]
|
||||
GITEA__security__INSTALL_LOCK: "true"
|
||||
|
||||
#[server]
|
||||
GITEA__server__DOMAIN: FQDN
|
||||
GITEA__server__SSH_DOMAIN: FQDN
|
||||
GITEA__server__ROOT_URL: URL
|
||||
GITEA__server__HTTP_PORT: "3000" # HTTP listen port of the server (in the pod)
|
||||
GITEA__server__SSH_PORT: "2222" # SSH port displayed in clone URL
|
||||
|
||||
#[service]
|
||||
GITEA__service__DISABLE_REGISTRATION: "false"
|
||||
GITEA__service__REQUIRE_SIGNIN_VIEW: "false"
|
||||
GITEA__service__REGISTER_EMAIL_CONFIRM: "true"
|
||||
GITEA__service__ENABLE_NOTIFY_MAIL: "true"
|
||||
GITEA__service__EMAIL_DOMAIN_WHITELIST: WHITELISTDOMAINS
|
||||
GITEA__service__ALLOW_ONLY_EXTERNAL_REGISTRATION: "false"
|
||||
GITEA__service__ENABLE_BASIC_AUTHENTICATION: "true"
|
||||
GITEA__service__ENABLE_CAPTCHA: "false"
|
||||
GITEA__service__DEFAULT_KEEP_EMAIL_PRIVATE: "true"
|
||||
GITEA__service__DEFAULT_ALLOW_CREATE_ORGANIZATION: "true"
|
||||
GITEA__service__DEFAULT_ENABLE_TIMETRACKING: "true"
|
||||
GITEA__service__NO_REPLY_ADDRESS: NOREPLY
|
||||
|
||||
#[session]
|
||||
GITEA__session__PROVIDER_CONFIG: /data/gitea/sessions
|
||||
GITEA__session__PROVIDER: file
|
@ -1,15 +0,0 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: gitea-cert
|
||||
namespace: default
|
||||
spec:
|
||||
secretName: gitea-cert
|
||||
commonName: FQDN
|
||||
duration: 2160h # 90d
|
||||
renewBefore: 360h # 15d
|
||||
dnsNames:
|
||||
- FQDN
|
||||
issuerRef:
|
||||
name: staging
|
||||
kind: ClusterIssuer
|
@ -1,24 +0,0 @@
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: ingress-gitea
|
||||
namespace: default
|
||||
annotations:
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- FQDN
|
||||
secretName: gitea-cert
|
||||
rules:
|
||||
- host: FQDN
|
||||
http:
|
||||
paths:
|
||||
- pathType: Prefix
|
||||
path: "/"
|
||||
backend:
|
||||
service:
|
||||
name: gitea-service
|
||||
port:
|
||||
number: 3000
|
@ -1,11 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: gitea-secrets
|
||||
data:
|
||||
GITEA__database__USER: DBUSER
|
||||
GITEA__database__PASSWD: DBPW
|
||||
|
||||
GITEA__mailer__USER: MAILERUSER
|
||||
GITEA__mailer__PASSWD: MAILERPW
|
||||
|
@ -0,0 +1,19 @@
|
||||
(ns dda.c4k-forgejo.core-test
|
||||
(:require
|
||||
#?(:cljs [shadow.resource :as rc])
|
||||
#?(:clj [clojure.test :refer [deftest is are testing run-tests]]
|
||||
:cljs [cljs.test :refer-macros [deftest is are testing run-tests]])
|
||||
[clojure.spec.alpha :as s]
|
||||
[dda.c4k-common.yaml :as yaml]
|
||||
[dda.c4k-forgejo.core :as cut]))
|
||||
|
||||
#?(:cljs
|
||||
(defmethod yaml/load-resource :forgejo-test [resource-name]
|
||||
(case resource-name
|
||||
"forgejo-test/valid-auth.yaml" (rc/inline "forgejo-test/valid-auth.yaml")
|
||||
"forgejo-test/valid-config.yaml" (rc/inline "forgejo-test/valid-config.yaml")
|
||||
(throw (js/Error. "Undefined Resource!")))))
|
||||
|
||||
(deftest validate-valid-resources
|
||||
(is (s/valid? cut/config? (yaml/load-as-edn "forgejo-test/valid-config.yaml")))
|
||||
(is (s/valid? cut/auth? (yaml/load-as-edn "forgejo-test/valid-auth.yaml"))))
|
@ -0,0 +1,10 @@
|
||||
postgres-db-user: "forgejo"
|
||||
postgres-db-password: "forgejo-db-password"
|
||||
mailer-user: ""
|
||||
mailer-pw: ""
|
||||
aws-access-key-id: "AWS_KEY_ID"
|
||||
aws-secret-access-key: "AWS_KEY_SECRET"
|
||||
restic-password: ""
|
||||
mon-auth:
|
||||
grafana-cloud-user: "user"
|
||||
grafana-cloud-password: "password"
|
@ -0,0 +1,13 @@
|
||||
default-app-name: "Meissas awesome forgejo"
|
||||
fqdn: "test.de"
|
||||
issuer: "staging"
|
||||
mailer-from: "test@test.de"
|
||||
mailer-host-port: "test.de:123"
|
||||
service-whitelist-domains: "test.de"
|
||||
service-noreply-address: "noreply@test.de"
|
||||
volume-total-storage-size: 6
|
||||
restic-repository: "repo-path"
|
||||
mon-cfg:
|
||||
grafana-cloud-url: "url-for-your-prom-remote-write-endpoint"
|
||||
cluster-name: "forgejo"
|
||||
cluster-stage: "test"
|
@ -1,7 +0,0 @@
|
||||
{:postgres-db-user "gitea"
|
||||
:postgres-db-password "gitea-db-password"
|
||||
:mailer-user ""
|
||||
:mailer-pw ""
|
||||
:aws-access-key-id "AWS_KEY_ID"
|
||||
:aws-secret-access-key "AWS_KEY_SECRET"
|
||||
:restic-password ""}
|
@ -1,9 +0,0 @@
|
||||
{:default-app-name "Meissas awesome gitea"
|
||||
:fqdn "test.de"
|
||||
:issuer "staging"
|
||||
:mailer-from "test@test.de"
|
||||
:mailer-host-port "test.de:123"
|
||||
:service-whitelist-domains "test.de"
|
||||
:service-noreply-address "noreply@test.de"
|
||||
:volume-total-storage-size 6
|
||||
:restic-repository "repo-path"}
|
Loading…
Reference in New Issue