# After deployment create admin user with below command in gitea container: # # su git # gitea admin user create --username admin --password '' --email --admin --- apiVersion: v1 kind: Namespace metadata: name: gitea-system --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: gitea name: gitea namespace: gitea-system spec: replicas: 1 selector: matchLabels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: gitea strategy: type: Recreate template: metadata: labels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: gitea spec: initContainers: - name: init-directories image: busybox:1.36 command: - sh - -c - | mkdir -p /data/gitea/conf chown -R 1000:1000 /data volumeMounts: - name: data mountPath: /data containers: - name: gitea image: gitea/gitea:1.25.3 imagePullPolicy: IfNotPresent env: - name: USER_UID value: "1000" - name: USER_GID value: "1000" - name: GITEA__database__DB_TYPE value: postgres - name: GITEA__database__HOST value: gitea-postgres:5432 - name: GITEA__database__NAME value: gitea - name: GITEA__database__USER valueFrom: secretKeyRef: name: gitea-db key: username - name: GITEA__database__PASSWD valueFrom: secretKeyRef: name: gitea-db key: password - name: GITEA__server__DOMAIN value: gitea.dooplex.hu - name: GITEA__server__ROOT_URL value: https://gitea.dooplex.hu/ - name: GITEA__server__HTTP_PORT value: "3000" - name: GITEA__server__SSH_DOMAIN value: gitea.dooplex.hu - name: GITEA__server__SSH_PORT value: "22" - name: GITEA__server__SSH_LISTEN_PORT value: "2222" - name: GITEA__server__LFS_START_SERVER value: "true" - name: GITEA__security__INSTALL_LOCK value: "true" - name: GITEA__security__SECRET_KEY valueFrom: secretKeyRef: name: gitea-app key: secret-key - name: GITEA__security__INTERNAL_TOKEN valueFrom: secretKeyRef: name: gitea-app key: internal-token - name: GITEA__server__LFS_JWT_SECRET valueFrom: secretKeyRef: name: gitea-app key: lfs-jwt-secret - name: GITEA__service__DISABLE_REGISTRATION value: "true" - name: GITEA__mailer__ENABLED value: "true" - name: GITEA__mailer__PROTOCOL value: smtp+starttls - name: GITEA__mailer__SMTP_ADDR valueFrom: secretKeyRef: name: smtp-credentials key: host - name: GITEA__mailer__SMTP_PORT valueFrom: secretKeyRef: name: smtp-credentials key: port - name: GITEA__mailer__USER valueFrom: secretKeyRef: name: smtp-credentials key: username - name: GITEA__mailer__PASSWD valueFrom: secretKeyRef: name: smtp-credentials key: password - name: GITEA__mailer__FROM valueFrom: secretKeyRef: name: smtp-credentials key: from-address - name: GITEA__time__DEFAULT_UI_LOCATION value: Europe/Budapest ports: - containerPort: 3000 name: http protocol: TCP - containerPort: 2222 name: ssh protocol: TCP livenessProbe: httpGet: path: /api/healthz port: http initialDelaySeconds: 60 periodSeconds: 30 timeoutSeconds: 10 failureThreshold: 5 readinessProbe: httpGet: path: /api/healthz port: http initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 resources: limits: cpu: "1" memory: 1Gi requests: cpu: 100m memory: 256Mi volumeMounts: - name: data mountPath: /data - name: repos mountPath: /data/git/repositories securityContext: fsGroup: 1000 volumes: - name: data persistentVolumeClaim: claimName: gitea-data - name: repos hostPath: path: /mnt/4_hdd/data/gitea/repositories type: DirectoryOrCreate --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: postgres name: gitea-postgres namespace: gitea-system spec: replicas: 1 selector: matchLabels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: postgres strategy: type: Recreate template: metadata: labels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: postgres spec: containers: - name: postgres image: postgres:16-alpine imagePullPolicy: IfNotPresent env: - name: POSTGRES_USER valueFrom: secretKeyRef: name: gitea-db key: username - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: gitea-db key: password - name: POSTGRES_DB value: gitea - name: PGDATA value: /var/lib/postgresql/data/pgdata ports: - containerPort: 5432 name: postgres protocol: TCP resources: limits: cpu: 500m memory: 512Mi requests: cpu: 100m memory: 128Mi volumeMounts: - name: data mountPath: /var/lib/postgresql/data subPath: data securityContext: fsGroup: 999 volumes: - name: data persistentVolumeClaim: claimName: gitea-postgres --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: gitea name: gitea namespace: gitea-system spec: type: ClusterIP ports: - name: http port: 3000 protocol: TCP targetPort: http - name: ssh port: 22 protocol: TCP targetPort: ssh selector: app.kubernetes.io/instance: gitea app.kubernetes.io/name: gitea --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: postgres name: gitea-postgres namespace: gitea-system spec: type: ClusterIP ports: - name: postgres port: 5432 protocol: TCP targetPort: postgres selector: app.kubernetes.io/instance: gitea app.kubernetes.io/name: postgres --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/cluster-issuer: letsencrypt-prod external-dns.alpha.kubernetes.io/hostname: gitea.dooplex.hu,gitea.home nginx.ingress.kubernetes.io/proxy-body-size: "0" nginx.ingress.kubernetes.io/ssl-redirect: "true" labels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: gitea name: gitea namespace: gitea-system spec: ingressClassName: nginx-internal rules: - host: gitea.dooplex.hu http: paths: - backend: service: name: gitea port: number: 3000 path: / pathType: Prefix - host: gitea.home http: paths: - backend: service: name: gitea port: number: 3000 path: / pathType: Prefix tls: - hosts: - gitea.dooplex.hu secretName: gitea-tls --- apiVersion: v1 kind: PersistentVolumeClaim metadata: labels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: gitea name: gitea-data namespace: gitea-system spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi storageClassName: longhorn --- apiVersion: v1 kind: PersistentVolumeClaim metadata: labels: app.kubernetes.io/instance: gitea app.kubernetes.io/name: postgres name: gitea-postgres namespace: gitea-system spec: accessModes: - ReadWriteOnce resources: requests: storage: 5Gi storageClassName: longhorn