From 8fc72e31649c687b846aaf363210204600a68c51 Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Fri, 4 Oct 2024 16:35:24 +0200 Subject: [PATCH] add cnpg to gitea --- apps/dendrite/ingress.yaml | 18 +++++++++++ infrastructure/gitea/gitea.values.yaml | 32 ++++--------------- infrastructure/gitea/kustomization.yaml | 9 ++++-- .../gitea/postgres-password.sealedsecret.yaml | 17 ++++++++++ infrastructure/gitea/postgres.yaml | 12 +++---- 5 files changed, 54 insertions(+), 34 deletions(-) create mode 100644 apps/dendrite/ingress.yaml create mode 100644 infrastructure/gitea/postgres-password.sealedsecret.yaml diff --git a/apps/dendrite/ingress.yaml b/apps/dendrite/ingress.yaml new file mode 100644 index 0000000..ed2dc21 --- /dev/null +++ b/apps/dendrite/ingress.yaml @@ -0,0 +1,18 @@ +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: dendrite-ingressroute + +spec: + entryPoints: + - websecure + routes: + - match: Host(`dendrite.kluster.moll.re`) + kind: Rule + services: + - name: dendrite + port: 8008 + # scheme: https + + tls: + certResolver: default-tls diff --git a/infrastructure/gitea/gitea.values.yaml b/infrastructure/gitea/gitea.values.yaml index 9cc3a9f..4b84dcf 100644 --- a/infrastructure/gitea/gitea.values.yaml +++ b/infrastructure/gitea/gitea.values.yaml @@ -54,17 +54,12 @@ ingress: ## @param resources Kubernetes resources resources: - {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 100m + memory: 128Mi ## @section Persistence @@ -123,11 +118,6 @@ gitea: - ## @param gitea.ssh.logLevel Configure OpenSSH's log level. Only available for root-based Gitea image. - ssh: - logLevel: "INFO" - - ## @section PostgreSQL # @@ -164,15 +154,5 @@ postgresql: redis-cluster: enabled: false - postgresql-ha: enabled: false - -# By default, removed or moved settings that still remain in a user defined values.yaml will cause Helm to fail running the install/update. -# Set it to false to skip this basic validation check. -## @section Advanced -## @param checkDeprecation Set it to false to skip this basic validation check. -## @param test.enabled Set it to false to disable test-connection Pod. -## @param test.image.name Image name for the wget container used in the test-connection Pod. -## @param test.image.tag Image tag for the wget container used in the test-connection Pod. -checkDeprecation: true diff --git a/infrastructure/gitea/kustomization.yaml b/infrastructure/gitea/kustomization.yaml index 9806013..c4d1c0f 100644 --- a/infrastructure/gitea/kustomization.yaml +++ b/infrastructure/gitea/kustomization.yaml @@ -1,13 +1,18 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: +resources: - namespace.yaml + # postgres values + - postgres-password.sealedsecret.yaml + - postgres.yaml + # gitea values - gitea.pvc.yaml - gitea.ingress.yaml - gitea.servicemonitor.yaml + # actions runner values - actions.deployment.yaml - actions.sealedsecret.yaml - # - actions.rbac.yaml + namespace: gitea diff --git a/infrastructure/gitea/postgres-password.sealedsecret.yaml b/infrastructure/gitea/postgres-password.sealedsecret.yaml new file mode 100644 index 0000000..b83fabd --- /dev/null +++ b/infrastructure/gitea/postgres-password.sealedsecret.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: postgres-password + namespace: gitea +spec: + encryptedData: + database: AgB8FeAX7Dx/SO/deoqeIRNPMe7DwgKtwFznjntm9TNnEJQDLVVu+D80eolcrTTOhlZJZgtKvpM9xgw7DLtKG+ARACaPYgaMW2m4V/B87Z3xAU0DCF16sv9LVIfNA8KyQZWYthEcWLpqoB0zVFBrb2PxI8QIV22QkNG4oITMCv/Xjf7P+pTa6iWWSLdPcR2tQVfkHsdWWJvtLcrLkI7i+sWjQOW8tgV8QAcQr5JcxEjSgb3X1J3R1EEVHsPAqQcdpUB7eQ7T9SbIaIpTXw05Tant42GMgALVx2J5TAzqLPdaVaUlKVRoN26eVthYhY9qKbskXkXZp/0Sa/RxXoVHt1jMyZFicMzp5w5yC3DZd9gTtsZOrn21NS1QAVh6twB2bxtf7EHjpS5AyvhaF9qbbGkZtUh4IhFSOpd6bMGZLZqQMcH+Ih9b+jv0j3cLBLY0Bzsj4u5yLvoqhOBcxLoVnW3N3x248y3ZUWkO7hPwP+Lo5FOX/cmK9VHvn5ZhNWNNO9xv0LYSzhqnAvVyTgvAGLDTrZbnp36Q+JkqlhrhFQoQkXRQ2HHNU5CC+o59OL0RnshJg4UUed1ETmOPCJmcPZdKNvfUiW1PUB2AwDeWhRyN6wjwzreioSN6qHrxctXpEQohTwzGeG+rgG0tj9V3yHn1Er1j0pR6S9VJBkaQ0qnaInSthxSC5MkXTKXFmW8YfHQqXKmQcQ== + password: AgB+i/mSHnQJnBpRu1cGwKzqrqoSzKfbGkxWTv57ozmiVkEendzudwKu+3MJQh9fHrBwUa0Cu2OqIzGqMQIwDKC5+LDiYAnDOfacu/VBX6mWVABIeg8fqU/PRqym/sGxJtcmwPdo8H8zJm+/vyPpLv4dkYYjHFkAhF3QShq1qMhfeaB/vd6ZNjQEfvCWX14V2F/RTq8skuwQkVQJoz9OsaF+KiTmKC7R1aeZaTUUCFIWGGIq9V2k3O7VAITGJanAT5IYo+epQf2HLsC2xyIUs9prk1rF0yUishgc2bsb4joPULl/G2VUgafH9SKQ37TFqZi2z20gVutrkLyuCMk25tW7m+z4+YCC/dJ9aW/31sFUwSnVhdYh6gwsnNP5GzSguAoOq+6izVD8hV2QzfdIYPrIZyADI7HY9o4LK8YuRS5KgJdaCU3kWYY+tVTSvkGFCWu5q/pBihBG2bN83asTHZcnkocMEvCaTsbPq2CN8/WCRZJs84M6CEzCioNmuGAmUU+fEF/MVEZtTI+6yCrJkOEHdVywtdLufNPGFut97XF+YvJZ1UZ6AW546JGmlmEMFukNHi1XDBm/mWL8e1H6xwLe6I9rwL6YTDrji3IixdERS+a6tq2vcksU5EjW9x9WYt6ctZD/cfhEFAvpssJLCs2vmjNgMhmilPoTppvXyUYnE4bCZuVFRrO/a+ogjXUU2nkqnyKQsA== + username: AgCS0tZPssPP8LFwMdTWrXd64oYKb/vmEH8ir+fnc7MgnPkW9kop+hF2X7/KIWTVNe1MAkreW40DxZ6/T4UO7gGTGv52BItcQp87Rr+RMZ5Y720bhivBC33zmDXlWR7TQDMqo733cdcWRnMDvCSvzKV1Mn18iF0VqhOlDZITcyConmKIWcuzzElt90iYtC9o3UIYw6crBD6l9ikrFwU1wH9mL+FdvM8fWG83qkbJGoaqjxj5FEgMXwXFUWVzUqC8dEe8wiHcyq7eeFpyXrF7/WtAiZOwPBy6EG4zFQoRSihR+qme+pZdXP+fHVzGrcBsMxjW4l16R1MmyS9PLpA3r+LdX81K7XHPEctNihrV4U1Dmb2fkANcP2SV95Moftb160WRkfR1cElHxOJs0kaKbZ0P4k74U2UFaZSVIEw85fYm1TE0C5qnpFKktOhOhSKcia+XGG58TQLuosQCYH+P1OZ1LbFfj9O/NBmqWnH2dBIRCC5Ba6b+nNpOQaSztMeEOCSCdYmglS9MmP34zzFjusZ8hAj7ebe25gCo1UCSxYR/xEjrGQsyXY9VB9IPjVO8F7Ms9ex3KITYoib5HcMFCvDUOKl3SOmsJmzf/ahufHXRr/NdPFAoqLU6sehcNAx8LKp/795h3N3PBqol/y9Kv4xbAquz8/qY0giHJfaWcKP/LuVZ81s6MvQlnqn/UWXWzQgNo/RbZw== + template: + metadata: + creationTimestamp: null + name: postgres-password + namespace: gitea diff --git a/infrastructure/gitea/postgres.yaml b/infrastructure/gitea/postgres.yaml index 5697795..471dc79 100644 --- a/infrastructure/gitea/postgres.yaml +++ b/infrastructure/gitea/postgres.yaml @@ -4,15 +4,15 @@ metadata: name: gitea-postgres spec: instances: 1 - imageName: ghcr.io/tensorchord/cloudnative-pgvecto.rs:16.2 + imageName: ghcr.io/cloudnative-pg/postgresql:11 bootstrap: initdb: - import: - type: monolith - databases: - + owner: gitea + database: gitea + secret: + name: postgres-password + - # Persistent storage configuration storage: size: 10Gi pvcTemplate: