strategy:
  type: Recreate


## @section Service
service:
  ## @param service.http.type Kubernetes service type for web traffic
  ## @param service.http.port Port number for web traffic
  ## @param service.http.clusterIP ClusterIP setting for http autosetup for statefulset is None
  ## @param service.http.loadBalancerIP LoadBalancer IP setting
  ## @param service.http.nodePort NodePort for http service
  ## @param service.http.externalTrafficPolicy If `service.http.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation
  ## @param service.http.externalIPs External IPs for service
  ## @param service.http.ipFamilyPolicy HTTP service dual-stack policy
  ## @param service.http.ipFamilies HTTP service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/).
  ## @param service.http.loadBalancerSourceRanges Source range filter for http loadbalancer
  ## @param service.http.annotations HTTP service annotations
  http:
    type: ClusterIP
    port: 3000
    clusterIP: None
    nodePort:
    externalTrafficPolicy:
    externalIPs:
    ipFamilyPolicy:
    ipFamilies:
    loadBalancerSourceRanges: []
    annotations: {}
  ## @param service.ssh.type Kubernetes service type for ssh traffic
  ## @param service.ssh.port Port number for ssh traffic
  ## @param service.ssh.clusterIP ClusterIP setting for ssh autosetup for statefulset is None
  ## @param service.ssh.loadBalancerIP LoadBalancer IP setting
  ## @param service.ssh.nodePort NodePort for ssh service
  ## @param service.ssh.externalTrafficPolicy If `service.ssh.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation
  ## @param service.ssh.externalIPs External IPs for service
  ## @param service.ssh.ipFamilyPolicy SSH service dual-stack policy
  ## @param service.ssh.ipFamilies SSH service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/).
  ## @param service.ssh.hostPort HostPort for ssh service
  ## @param service.ssh.loadBalancerSourceRanges Source range filter for ssh loadbalancer
  ## @param service.ssh.annotations SSH service annotations
  ssh:
    type: LoadBalancer
    port: 2222
    loadBalancerIP: 192.168.3.3
    nodePort:
    externalTrafficPolicy:
    externalIPs:
    ipFamilyPolicy:
    ipFamilies:
    hostPort:
    loadBalancerSourceRanges: []
    annotations: {}

## @section Ingress
ingress:
  enabled: false

## @param resources Kubernetes resources
resources:
  limits:
    cpu: 1
    memory: 5Gi
    # high memory should be allowed to handle package uploads
  requests:
    cpu: 100m
    memory: 128Mi


## @section Persistence
persistence:
  enabled: true
  create: false
  mount: true
  claimName: gitea-data



# Configure commit/action signing prerequisites
## @section Signing
#
## @param signing.enabled Enable commit/action signing
## @param signing.gpgHome GPG home directory
## @param signing.privateKey Inline private gpg key for signed Gitea actions
## @param signing.existingSecret Use an existing secret to store the value of `signing.privateKey`
signing:
  enabled: false

    
## @section Gitea
#
gitea:
  ## @param gitea.admin.username Username for the Gitea admin user
  ## @param gitea.admin.existingSecret Use an existing secret to store admin user credentials
  ## @param gitea.admin.password Password for the Gitea admin user
  ## @param gitea.admin.email Email for the Gitea admin user
  admin:
    username: gitea_admin
    # this user needs to stay admin, and active. But we change its password to be unusable
    password: changedalready
    email: "gitea@delete.me"
  
  metrics:
    # service monitor is configured manually
    enabled: true

  ## @param gitea.config  Configuration for the Gitea server,ref: [config-cheat-sheet](https://docs.gitea.io/en-us/config-cheat-sheet/)
  config:
    APP_NAME: "Remy's personal git hosting"
    server:
      DOMAIN: git.kluster.moll.re
      ROOT_URL: https://git.kluster.moll.re
      SSH_PORT: 2222
    actions:
      ENABLED: true
    session:
      PROVIDER: db
    cache:
      ADAPTER: memory
    queue:
      TYPE: level
    indexer:
      ISSUE_INDEXER_TYPE: bleve
      REPO_INDEXER_ENABLED: false
    service:
      DISABLE_REGISTRATION: true
    oauth2_client:
      ENABLE_AUTO_REGISTRATION: true

  oauth:
    - name: authelia
      provider: openidConnect
      autoDiscoverUrl: https://auth.kluster.moll.re/.well-known/openid-configuration
      scopes: openid email profile groups
      existingSecret: gitea-oauth
      required-claim-name: groups
      required-claim-value: gitea
      group-claim-name: groups
      admin-group: apps_admin
  

  
  # since we want to reuse the postgres secret, we cannot directly use it in
  # additionalConfigSources:
  #   - secret:
  #       secretName: postgres-password
  # but instead set the ENV variables
  additionalConfigFromEnvs:
    - name: GITEA__DATABASE__DB_TYPE
      value: postgres
    - name: GITEA__DATABASE__HOST
      value: gitea-postgres-rw:5432
    - name: GITEA__DATABASE__NAME
      valueFrom:
        secretKeyRef:
          name: postgres-password
          key: database
    - name: GITEA__DATABASE__PASSWD
      valueFrom:
        secretKeyRef:
          name: postgres-password
          key: password
    - name: GITEA__DATABASE__USER
      valueFrom:
        secretKeyRef:
          name: postgres-password
          key: username


postgresql:
  enabled: false
postgresql-ha:
  enabled: false
redis-cluster:
  enabled: false