Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 28e94f96e3 | |||
| b5ab7201d1 | |||
| 4ad5cf1d19 | |||
| 7f828e87f6 | |||
| 57479bdf37 |
@ -3,7 +3,7 @@ name: gitea
|
||||
description: Gitea Helm chart for Kubernetes
|
||||
type: application
|
||||
version: 0.0.0
|
||||
appVersion: 1.13.1
|
||||
appVersion: 1.13.2
|
||||
icon: https://docs.gitea.io/images/gitea.png
|
||||
|
||||
keywords:
|
||||
|
||||
44
README.md
44
README.md
@ -95,6 +95,16 @@ ROOT_URL = http://git.example.com
|
||||
SSH_DOMAIN = git.example.com
|
||||
SSH_LISTEN_PORT = 22
|
||||
SSH_PORT = 22
|
||||
ENABLE_PPROF = false
|
||||
```
|
||||
|
||||
#### Metrics defaults
|
||||
|
||||
The Prometheus `/metrics` endpoint is disabled by default.
|
||||
|
||||
```ini
|
||||
[metrics]
|
||||
ENABLED = false
|
||||
```
|
||||
|
||||
### External Database
|
||||
@ -257,6 +267,7 @@ camelCase:
|
||||
bindDn: CN=ldap read,OU=Spezial,DC=example,DC=com
|
||||
bindPassword: JustAnotherBindPw
|
||||
usernameAttribute: CN
|
||||
sshPublicKeyAttribute: sshPublicKey
|
||||
```
|
||||
|
||||
kebab-case:
|
||||
@ -278,6 +289,24 @@ kebab-case:
|
||||
username-attribute: CN
|
||||
```
|
||||
|
||||
### Metrics and profiling
|
||||
|
||||
A Prometheus `/metrics` endpoint on the `HTTP_PORT` and `pprof` profiling endpoints on port 6060 can be enabled under `gitea`. Beware that the metrics endpoint is exposed via the ingress, manage access using ingress annotations for example.
|
||||
|
||||
To deploy the `ServiceMonitor`, you first need to ensure that you have deployed `prometheus-operator` and its CRDs: https://github.com/prometheus-operator/prometheus-operator#customresourcedefinitions.
|
||||
|
||||
```yaml
|
||||
gitea:
|
||||
metrics:
|
||||
enabled: true
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
|
||||
config:
|
||||
server:
|
||||
PPROF_ENABLED: true
|
||||
```
|
||||
|
||||
### Pod Annotations
|
||||
|
||||
Annotations can be added to the Gitea pod.
|
||||
@ -291,17 +320,20 @@ Annotations can be added to the Gitea pod.
|
||||
|
||||
### Others
|
||||
|
||||
| Parameter | Description | Default |
|
||||
|---------------------|-----------------------------------|------------------------------|
|
||||
|statefulset.terminationGracePeriodSeconds| Image to start for this pod | gitea/gitea |
|
||||
|statefulset.env | Additional environment variables to pass to containers | [] |
|
||||
| Parameter | Description | Default |
|
||||
|-------------------------------------------|--------------------------------------------------------|-------------|
|
||||
| statefulset.terminationGracePeriodSeconds | Image to start for this pod | gitea/gitea |
|
||||
| statefulset.env | Additional environment variables to pass to containers | [] |
|
||||
| extraVolumes | Additional volumes to mount to the Gitea statefulset | {} |
|
||||
| extraVolumeMounts | Additional volumes mounts for the Gitea containers | {} |
|
||||
| initPreScript | Bash script copied verbatim to start of init container | |
|
||||
|
||||
### Image
|
||||
|
||||
| Parameter | Description | Default |
|
||||
|---------------------|-----------------------------------|------------------------------|
|
||||
|image.repository| Image to start for this pod | gitea/gitea |
|
||||
|image.tag| [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated) | 1.13.1 |
|
||||
|image.tag| [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated) | 1.13.2 |
|
||||
|image.pullPolicy| Image pull policy | Always |
|
||||
|
||||
### Persistence
|
||||
@ -313,6 +345,8 @@ Annotations can be added to the Gitea pod.
|
||||
|persistence.size| Size for persistence to store repo information | 10Gi |
|
||||
|persistence.accessModes|AccessMode for persistence||
|
||||
|persistence.storageClass|Storage class for repository persistence||
|
||||
|persistence.labels|Labels for the persistence volume claim to be created|{}|
|
||||
|persistence.annotations|Annotations for the persistence volume claim to be created|{}|
|
||||
|
||||
### Ingress
|
||||
|
||||
|
||||
@ -15,6 +15,10 @@ stringData:
|
||||
{{- $_ := set .Values.gitea.config "server" dict -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if not (hasKey .Values.gitea.config "metrics") -}}
|
||||
{{- $_ := set .Values.gitea.config "metrics" dict -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if not (hasKey .Values.gitea.config "database") -}}
|
||||
{{- $_ := set .Values.gitea.config "database" dict -}}
|
||||
{{- end -}}
|
||||
@ -65,6 +69,14 @@ stringData:
|
||||
{{- if not (hasKey .Values.gitea.config.server "APP_DATA_PATH") -}}
|
||||
{{- $_ := set .Values.gitea.config.server "APP_DATA_PATH" "/data" -}}
|
||||
{{- end -}}
|
||||
{{- if not (hasKey .Values.gitea.config.server "PPROF_ENABLED") -}}
|
||||
{{- $_ := set .Values.gitea.config.server "PPROF_ENABLED" false -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- /* metrics default settings */ -}}
|
||||
{{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}}
|
||||
{{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- /* database default settings */ -}}
|
||||
{{- if .Values.gitea.database.builtIn.postgresql.enabled -}}
|
||||
|
||||
@ -8,6 +8,14 @@ type: Opaque
|
||||
stringData:
|
||||
init_gitea.sh: |-
|
||||
#!/bin/bash
|
||||
{{- if .Values.initPreScript }}
|
||||
# BEGIN: initPreScript
|
||||
{{- with .Values.initPreScript -}}
|
||||
{{ . | nindent 4}}
|
||||
{{- end -}}
|
||||
# END: initPreScript
|
||||
{{- end }}
|
||||
|
||||
mkdir -p /data/git/.ssh
|
||||
chmod -R 700 /data/git/.ssh
|
||||
mkdir -p /data/gitea/conf
|
||||
@ -32,4 +40,4 @@ stringData:
|
||||
{{- include "gitea.ldap_settings" . | nindent 6 }} \
|
||||
) \
|
||||
{{- end }}
|
||||
'
|
||||
'
|
||||
|
||||
14
templates/gitea/servicemonitor.yaml
Normal file
14
templates/gitea/servicemonitor.yaml
Normal file
@ -0,0 +1,14 @@
|
||||
{{- if .Values.gitea.metrics.serviceMonitor.enabled -}}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ include "gitea.fullname" . }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "gitea.selectorLabels" . | nindent 6 }}
|
||||
endpoints:
|
||||
- port: http
|
||||
{{- end -}}
|
||||
@ -8,8 +8,16 @@ metadata:
|
||||
{{- toYaml .Values.service.ssh.annotations | nindent 4 }}
|
||||
spec:
|
||||
type: {{ .Values.service.ssh.type }}
|
||||
{{- if and .Values.service.ssh.loadBalancerIP (eq .Values.service.ssh.type "LoadBalancer") }}
|
||||
{{- if eq .Values.service.ssh.type "LoadBalancer" }}
|
||||
{{- if .Values.service.ssh.loadBalancerIP }}
|
||||
loadBalancerIP: {{ .Values.service.ssh.loadBalancerIP }}
|
||||
{{- end -}}
|
||||
{{- if .Values.service.ssh.loadBalancerSourceRanges }}
|
||||
loadBalancerSourceRanges:
|
||||
{{- range .Values.service.ssh.loadBalancerSourceRanges }}
|
||||
- {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if and .Values.service.ssh.clusterIP (eq .Values.service.ssh.type "ClusterIP") }}
|
||||
clusterIP: {{ .Values.service.ssh.clusterIP }}
|
||||
|
||||
@ -31,6 +31,11 @@ spec:
|
||||
- name: init
|
||||
image: "{{ .Values.image.repository }}:{{ ternary .Values.image.version .Values.image.tag (hasKey .Values.image "version") }}"
|
||||
command: ["/usr/sbin/init_gitea.sh"]
|
||||
env:
|
||||
{{- range .Values.statefulset.env }}
|
||||
- name: {{ .name | quote | nospace }}
|
||||
value: {{ .value | quote }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: init
|
||||
mountPath: /usr/sbin
|
||||
@ -38,6 +43,9 @@ spec:
|
||||
mountPath: /etc/gitea/conf
|
||||
- name: data
|
||||
mountPath: /data
|
||||
{{- if .Values.extraVolumeMounts }}
|
||||
{{- toYaml .Values.extraVolumeMounts | nindent 12 }}
|
||||
{{- end }}
|
||||
terminationGracePeriodSeconds: {{ .Values.statefulset.terminationGracePeriodSeconds }}
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}
|
||||
@ -58,6 +66,10 @@ spec:
|
||||
containerPort: {{ .Values.gitea.config.server.SSH_LISTEN_PORT }}
|
||||
- name: http
|
||||
containerPort: {{ .Values.gitea.config.server.HTTP_PORT }}
|
||||
{{- if .Values.gitea.config.server.PPROF_ENABLED }}
|
||||
- name: profiler
|
||||
containerPort: 6060
|
||||
{{- end }}
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: http
|
||||
@ -78,6 +90,9 @@ spec:
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /data
|
||||
{{- if .Values.extraVolumeMounts }}
|
||||
{{- toYaml .Values.extraVolumeMounts | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
@ -98,6 +113,9 @@ spec:
|
||||
- name: config
|
||||
secret:
|
||||
secretName: {{ include "gitea.fullname" . }}
|
||||
{{- if .Values.extraVolumes }}
|
||||
{{- toYaml .Values.extraVolumes | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if and .Values.persistence.enabled .Values.persistence.existingClaim }}
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
@ -109,6 +127,18 @@ spec:
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: data
|
||||
{{- with .Values.persistence.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := . }}
|
||||
{{ $key }}: {{ $value }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.persistence.labels }}
|
||||
labels:
|
||||
{{- range $key, $value := . }}
|
||||
{{ $key }}: {{ $value }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
accessModes:
|
||||
{{- range .Values.persistence.accessModes }}
|
||||
|
||||
42
values.yaml
42
values.yaml
@ -8,7 +8,7 @@ clusterDomain: cluster.local
|
||||
|
||||
image:
|
||||
repository: gitea/gitea
|
||||
tag: 1.13.1
|
||||
tag: 1.13.2
|
||||
pullPolicy: Always
|
||||
|
||||
imagePullSecrets: []
|
||||
@ -29,6 +29,7 @@ service:
|
||||
#nodePort:
|
||||
#externalTrafficPolicy:
|
||||
#externalIPs:
|
||||
loadBalancerSourceRanges: []
|
||||
annotations:
|
||||
|
||||
ingress:
|
||||
@ -69,10 +70,37 @@ statefulset:
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
# existingClaim:
|
||||
# existingClaim:
|
||||
size: 10Gi
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
labels: {}
|
||||
annotations: {}
|
||||
|
||||
# additional volumes to add to the Gitea statefulset.
|
||||
extraVolumes:
|
||||
# - name: postgres-ssl-vol
|
||||
# secret:
|
||||
# secretName: gitea-postgres-ssl
|
||||
|
||||
|
||||
# additional volumes to mount, both to the init container and to the main
|
||||
# container. As an example, can be used to mount a client cert when connecting
|
||||
# to an external Postgres server.
|
||||
extraVolumeMounts:
|
||||
# - name: postgres-ssl-vol
|
||||
# readOnly: true
|
||||
# mountPath: "/pg-ssl"
|
||||
|
||||
# bash shell script copied verbatim to the start of the init-container.
|
||||
initPreScript: ""
|
||||
#
|
||||
# initPreScript: |
|
||||
# mkdir -p /data/git/.postgresql
|
||||
# cp /pg-ssl/* /data/git/.postgresql/
|
||||
# chown -R git:git /data/git/.postgresql/
|
||||
# chmod 400 /data/git/.postgresql/postgresql.key
|
||||
|
||||
|
||||
gitea:
|
||||
admin:
|
||||
@ -80,6 +108,11 @@ gitea:
|
||||
password: r8sA8CPHD9!bt6d
|
||||
email: "gitea@local.domain"
|
||||
|
||||
metrics:
|
||||
enabled: false
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
|
||||
ldap:
|
||||
enabled: false
|
||||
#name:
|
||||
@ -93,11 +126,12 @@ gitea:
|
||||
#bindDn:
|
||||
#bindPassword:
|
||||
#usernameAttribute:
|
||||
#sshPublicKeyAttribute:
|
||||
|
||||
config: {}
|
||||
# APP_NAME: "Gitea: Git with a cup of tea"
|
||||
# RUN_MODE: dev
|
||||
#
|
||||
# RUN_MODE: dev
|
||||
#
|
||||
# server:
|
||||
# SSH_PORT: 22
|
||||
#
|
||||
|
||||
Reference in New Issue
Block a user