fixed geoip tag
This commit is contained in:
+175
-175
@@ -31,152 +31,152 @@ spec:
|
||||
app.kubernetes.io/name: gitea
|
||||
spec:
|
||||
initContainers:
|
||||
- name: init-directories
|
||||
image: busybox:1.36
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
mkdir -p /data/gitea/conf
|
||||
chown -R 1000:1000 /data
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /data
|
||||
- name: init-directories
|
||||
image: busybox:1.36
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
mkdir -p /data/gitea/conf
|
||||
chown -R 1000:1000 /data
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /data
|
||||
containers:
|
||||
- name: gitea
|
||||
image: gitea/gitea:1.25.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: USER_UID
|
||||
value: "1000"
|
||||
- name: USER_GID
|
||||
value: "1000"
|
||||
- name: GITEA__database__DB_TYPE
|
||||
value: postgres
|
||||
# Database - using shared PostgreSQL in database-system namespace
|
||||
- name: GITEA__database__HOST
|
||||
value: postgresql-rw.database-system.svc.cluster.local:5432
|
||||
- name: GITEA__database__NAME
|
||||
value: gitea
|
||||
- name: GITEA__database__USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-db
|
||||
key: username
|
||||
- name: GITEA__database__PASSWD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-db
|
||||
key: password
|
||||
- name: GITEA__server__DOMAIN
|
||||
value: gitea.dooplex.hu
|
||||
- name: GITEA__server__ROOT_URL
|
||||
value: https://gitea.dooplex.hu/
|
||||
- name: GITEA__server__HTTP_PORT
|
||||
value: "3000"
|
||||
- name: GITEA__server__SSH_DOMAIN
|
||||
value: gitea.dooplex.hu
|
||||
- name: GITEA__server__SSH_PORT
|
||||
value: "22"
|
||||
- name: GITEA__server__SSH_LISTEN_PORT
|
||||
value: "2222"
|
||||
- name: GITEA__server__LFS_START_SERVER
|
||||
value: "true"
|
||||
- name: GITEA__security__INSTALL_LOCK
|
||||
value: "true"
|
||||
- name: GITEA__security__SECRET_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-app
|
||||
key: secret-key
|
||||
- name: GITEA__security__INTERNAL_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-app
|
||||
key: internal-token
|
||||
- name: GITEA__server__LFS_JWT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-app
|
||||
key: lfs-jwt-secret
|
||||
- name: GITEA__service__DISABLE_REGISTRATION
|
||||
value: "true"
|
||||
- name: GITEA__mailer__ENABLED
|
||||
value: "true"
|
||||
- name: GITEA__mailer__PROTOCOL
|
||||
value: smtp+starttls
|
||||
- name: GITEA__mailer__SMTP_ADDR
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: smtp-credentials
|
||||
key: host
|
||||
- name: GITEA__mailer__SMTP_PORT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: smtp-credentials
|
||||
key: port
|
||||
- name: GITEA__mailer__USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: smtp-credentials
|
||||
key: username
|
||||
- name: GITEA__mailer__PASSWD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: smtp-credentials
|
||||
key: password
|
||||
- name: GITEA__mailer__FROM
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: smtp-credentials
|
||||
key: from-address
|
||||
- name: GITEA__time__DEFAULT_UI_LOCATION
|
||||
value: Europe/Budapest
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
name: http
|
||||
protocol: TCP
|
||||
- containerPort: 2222
|
||||
name: ssh
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /api/healthz
|
||||
port: http
|
||||
initialDelaySeconds: 60
|
||||
periodSeconds: 30
|
||||
timeoutSeconds: 10
|
||||
failureThreshold: 5
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /api/healthz
|
||||
port: http
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 5
|
||||
failureThreshold: 3
|
||||
resources:
|
||||
limits:
|
||||
cpu: "1"
|
||||
memory: 1Gi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 256Mi
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /data
|
||||
- name: repos
|
||||
mountPath: /data/git/repositories
|
||||
- name: gitea
|
||||
image: gitea/gitea:1.25.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: USER_UID
|
||||
value: "1000"
|
||||
- name: USER_GID
|
||||
value: "1000"
|
||||
- name: GITEA__database__DB_TYPE
|
||||
value: postgres
|
||||
# Database - using shared PostgreSQL in database-system namespace
|
||||
- name: GITEA__database__HOST
|
||||
value: postgresql-rw.database-system.svc.cluster.local:5432
|
||||
- name: GITEA__database__NAME
|
||||
value: gitea
|
||||
- name: GITEA__database__USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-db
|
||||
key: username
|
||||
- name: GITEA__database__PASSWD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-db
|
||||
key: password
|
||||
- name: GITEA__server__DOMAIN
|
||||
value: gitea.dooplex.hu
|
||||
- name: GITEA__server__ROOT_URL
|
||||
value: https://gitea.dooplex.hu/
|
||||
- name: GITEA__server__HTTP_PORT
|
||||
value: "3000"
|
||||
- name: GITEA__server__SSH_DOMAIN
|
||||
value: gitea.dooplex.hu
|
||||
- name: GITEA__server__SSH_PORT
|
||||
value: "22"
|
||||
- name: GITEA__server__SSH_LISTEN_PORT
|
||||
value: "2222"
|
||||
- name: GITEA__server__LFS_START_SERVER
|
||||
value: "true"
|
||||
- name: GITEA__security__INSTALL_LOCK
|
||||
value: "true"
|
||||
- name: GITEA__security__SECRET_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-app
|
||||
key: secret-key
|
||||
- name: GITEA__security__INTERNAL_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-app
|
||||
key: internal-token
|
||||
- name: GITEA__server__LFS_JWT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: gitea-app
|
||||
key: lfs-jwt-secret
|
||||
- name: GITEA__service__DISABLE_REGISTRATION
|
||||
value: "true"
|
||||
- name: GITEA__mailer__ENABLED
|
||||
value: "true"
|
||||
- name: GITEA__mailer__PROTOCOL
|
||||
value: smtp+starttls
|
||||
- name: GITEA__mailer__SMTP_ADDR
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: smtp-credentials
|
||||
key: host
|
||||
- name: GITEA__mailer__SMTP_PORT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: smtp-credentials
|
||||
key: port
|
||||
- name: GITEA__mailer__USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: smtp-credentials
|
||||
key: username
|
||||
- name: GITEA__mailer__PASSWD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: smtp-credentials
|
||||
key: password
|
||||
- name: GITEA__mailer__FROM
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: smtp-credentials
|
||||
key: from-address
|
||||
- name: GITEA__time__DEFAULT_UI_LOCATION
|
||||
value: Europe/Budapest
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
name: http
|
||||
protocol: TCP
|
||||
- containerPort: 2222
|
||||
name: ssh
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /api/healthz
|
||||
port: http
|
||||
initialDelaySeconds: 60
|
||||
periodSeconds: 30
|
||||
timeoutSeconds: 10
|
||||
failureThreshold: 5
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /api/healthz
|
||||
port: http
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 5
|
||||
failureThreshold: 3
|
||||
resources:
|
||||
limits:
|
||||
cpu: "1"
|
||||
memory: 1Gi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 256Mi
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /data
|
||||
- name: repos
|
||||
mountPath: /data/git/repositories
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
volumes:
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
claimName: gitea-data
|
||||
- name: repos
|
||||
hostPath:
|
||||
path: /mnt/4_hdd/data/gitea/repositories
|
||||
type: DirectoryOrCreate
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
claimName: gitea-data
|
||||
- name: repos
|
||||
hostPath:
|
||||
path: /mnt/4_hdd/data/gitea/repositories
|
||||
type: DirectoryOrCreate
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
@@ -190,14 +190,14 @@ spec:
|
||||
type: LoadBalancer
|
||||
loadBalancerIP: 192.168.0.203
|
||||
ports:
|
||||
- name: http
|
||||
port: 3000
|
||||
protocol: TCP
|
||||
targetPort: http
|
||||
- name: ssh
|
||||
port: 2222
|
||||
protocol: TCP
|
||||
targetPort: 22
|
||||
- name: http
|
||||
port: 3000
|
||||
protocol: TCP
|
||||
targetPort: http
|
||||
- name: ssh
|
||||
port: 2222
|
||||
protocol: TCP
|
||||
targetPort: 22
|
||||
selector:
|
||||
app.kubernetes.io/instance: gitea
|
||||
app.kubernetes.io/name: gitea
|
||||
@@ -211,7 +211,7 @@ metadata:
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||
nginx.ingress.kubernetes.io/configuration-snippet: |
|
||||
if ($geoip2_city_country_code != "HU") {
|
||||
if ($geoip2_country_code != "HU") {
|
||||
return 403 "Access restricted to Hungary";
|
||||
}
|
||||
labels:
|
||||
@@ -222,30 +222,30 @@ metadata:
|
||||
spec:
|
||||
ingressClassName: nginx-internal
|
||||
rules:
|
||||
- host: gitea.dooplex.hu
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
service:
|
||||
name: gitea
|
||||
port:
|
||||
number: 3000
|
||||
path: /
|
||||
pathType: Prefix
|
||||
- host: gitea.home
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
service:
|
||||
name: gitea
|
||||
port:
|
||||
number: 3000
|
||||
path: /
|
||||
pathType: Prefix
|
||||
- host: gitea.dooplex.hu
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
service:
|
||||
name: gitea
|
||||
port:
|
||||
number: 3000
|
||||
path: /
|
||||
pathType: Prefix
|
||||
- host: gitea.home
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
service:
|
||||
name: gitea
|
||||
port:
|
||||
number: 3000
|
||||
path: /
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- hosts:
|
||||
- gitea.dooplex.hu
|
||||
secretName: gitea-tls
|
||||
- hosts:
|
||||
- gitea.dooplex.hu
|
||||
secretName: gitea-tls
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
@@ -257,7 +257,7 @@ metadata:
|
||||
namespace: gitea-system
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
|
||||
Reference in New Issue
Block a user