Migrate to generic config

.drone.yml

@@ -10,14 +10,14 @@ platform:
 steps:
 - name: helm lint
   pull: always
-  image: alpine:3.15
+  image: alpine:3.13
   commands:
   - apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing helm
   - helm lint
 
 - name: helm template
   pull: always
-  image: alpine:3.15
+  image: alpine:3.13
   commands:
   - apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing helm
   - helm dependency update
@@ -58,7 +58,7 @@ trigger:
 steps:
 - name: generate-chart
   pull: always
-  image: alpine:3.15
+  image: alpine:3.13
   commands:
     - apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing helm
     - apk add --no-cache curl
@@ -74,7 +74,8 @@ steps:
   image: plugins/s3:latest
   settings:
     bucket: gitea-artifacts
-    endpoint: https://ams3.digitaloceanspaces.com
+    endpoint: https://storage.gitea.io
+    path_style: true
     access_key:
       from_secret: aws_access_key_id
     secret_key:

Chart.yaml

@@ -3,7 +3,7 @@ name: gitea
 description: Gitea Helm chart for Kubernetes
 type: application
 version: 0.0.0
-appVersion: 1.16.5
+appVersion: 1.15.4
 icon: https://docs.gitea.io/images/gitea.png
 
 keywords:
@@ -34,6 +34,14 @@ dependencies:
   repository: https://charts.bitnami.com/bitnami
   version: 5.9.0
   condition: memcached.enabled
+- name: redis-cluster
+  repository: https://charts.bitnami.com/bitnami
+  version: 6.2.3
+  condition: redis-cluster.enabled
+- name: redis
+  repository: https://charts.bitnami.com/bitnami
+  version: 14.6.6
+  condition: redis.enabled
 - name: mysql
   repository: https://charts.bitnami.com/bitnami
   version: 6.14.10
@@ -42,6 +50,10 @@ dependencies:
   repository: https://charts.bitnami.com/bitnami
   version: 10.3.17
   condition: postgresql.enabled
+- name: postgresql-ha
+  repository: https://charts.bitnami.com/bitnami
+  version: 7.7.3
+  condition: postgresql-ha.enabled
 - name: mariadb
   repository: https://charts.bitnami.com/bitnami
   version: 9.3.6

README.md

@@ -109,13 +109,12 @@ gitea:
   podAnnotations: {}
 ```
 
-### Multiple OAuth and LDAP authentication sources
+### Multiple OAuth authentication sources
 
 With `5.0.0` of this Chart it is now possible to configure Gitea with multiple
-OAuth and LDAP sources. As a result, you need to update an existing OAuth/LDAP configuration
+OAuth sources. As a result, you need to update an existing OAuth configuration
 in your customized `values.yaml` by replacing the object with settings to a list
-of settings objects. See [OAuth2 Settings](#oauth-settings) and
+of settings objects. See [OAuth2 Settings](#oauth-settings) section for details.
-[LDAP Settings](#ldap-settings) section for details.
 
 ## Chart upgrade from 3.x.x to 4.0.0
 
@@ -214,6 +213,73 @@ signing:
   gpgHome: /data/git/.gnupg
 ```
 
+## Gitea - HA
+
+With Version 4.1.x the helm chart supports Gitea running in HA(High Availability)
+mode. To run Gitea in HA you'll need to set a few values in order to run successfully.
+
+### Redis
+
+HA requires a Queue to run, we're going to use redis as default for this.
+
+```yaml
+redis:
+  enabled: true
+```
+
+You can also run Redis in HA mode:
+
+```yaml
+redis-cluster:
+  enabled: true
+```
+
+Both variants can be found at [Bitnami](https://github.com/bitnami/charts).
+
+Once redis is enabled, the chart will automatically configure Gitea to run with
+redis queue, indexer and session. Running with Redis already provides a sticky
+session, which saves you the trouble from configuring your ingress running with
+a sticky session.
+The following values are autogenerated.
+However you can overwrite any setting in the config section of the chart.
+
+```bash
+[session]
+PROVIDER        = redis
+PROVIDER_CONFIG = redis://:gitea@gitea-redis-master.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s
+
+[queue]
+CONN_STR = redis://:gitea@gitea-redis-master.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s
+TYPE     = redis
+
+[queue.issue_indexer]
+TYPE = redis
+```
+
+### Persistence
+
+When running in HA you cannot use the default persistence for the chart.
+You'll need to setup an extra PVC running with access mode "RWX" - "ReadWriteMany".
+Otherwise the chart will create a PVC for every replica.
+
+```yaml
+persistence:
+  enabled: true
+  existingClaim: rwx-pvc-gitea
+```
+
+### PostgreSQL
+
+You can also run PostgreSQL in HA mode also provided by
+[Bitnami](https://github.com/bitnami/charts).
+:warning: Please disable the default PostgreSQL version,
+when you enabled the HA PostgreSQL.
+
+```yaml
+postgresql-ha:
+  enabled: true
+```
+
 ## Examples
 
 ### Gitea Configuration
@@ -239,7 +305,7 @@ service and ingress settings. All defaults can be overwritten in `gitea.config`.
 INSTALL_LOCK is always set to true, since we want to configure Gitea with this
 helm chart and everything is taken care of.
 
-_All default settings are made directly in the generated app.ini, not in the Values._
+*All default settings are made directly in the generated app.ini, not in the Values.*
 
 #### Database defaults
 
@@ -341,55 +407,6 @@ data:
     ENABLED=true
 ```
 
-Or when using a Kubernetes secret, having the same data structure:
-
-```yaml
-apiVersion: v1
-kind: Secret
-metadata:
-  name: gitea-security-related-configuration
-type: Opaque
-stringData:
-  security: |
-    PASSWORD_COMPLEXITY=off
-  session: |
-    SAME_SITE=strict
-```
-
-#### User defined environment variables in app.ini
-
-Users are able to define their own environment variables,
-which are loaded into the containers. We also support to
-directly interact with the generated _app.ini_.
-
-To inject self defined variables into the _app.ini_ a
-certain format needs to be honored. This is
-described in detail on the [env-to-ini](https://github.com/go-gitea/gitea/tree/main/contrib/environment-to-ini)
-page.
-
-Note that the Prefix on this helm chart is `ENV_TO_INI`.
-
-For example a database setting needs to have the following
-format:
-
-```yaml
-gitea:
-  additionalConfigFromEnvs:
-    - name: ENV_TO_INI__DATABASE__HOST
-      value: my.own.host
-    - name: ENV_TO_INI__DATABASE__PASSWD
-      valueFrom:
-        secretKeyRef:
-          name: postgres-secret
-          key: password
-```
-
-Priority (highest to lowest) for defining app.ini variables:
-
-1. Environment variables prefixed with `ENV_TO_INI`
-2. Additional config sources
-3. Values defined in `gitea.config`
-
 ### External Database
 
 An external Database can be used instead of builtIn PostgreSQL or MySQL.
@@ -729,12 +746,12 @@ gitea:
 
 ### Image
 
-| Parameter          | Description                                                                               | Default                            |
+| Parameter          | Description                                                                               | Default       |
-| ------------------ | ----------------------------------------------------------------------------------------- | ---------------------------------- |
+| ------------------ | ----------------------------------------------------------------------------------------- | ------------- |
-| `image.repository` | Image to start for this pod                                                               | `gitea/gitea`                      |
+| `image.repository` | Image to start for this pod                                                               | `gitea/gitea` |
-| `image.tag`        | [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated)       | see [Chart.AppVersion](Chart.yaml) |
+| `image.tag`        | [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated)       | `1.14.6`      |
-| `image.pullPolicy` | Image pull policy                                                                         | `Always`                           |
+| `image.pullPolicy` | Image pull policy                                                                         | `Always`      |
-| `image.rootless`   | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `false`                            |
+| `image.rootless`   | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `false`       |
 
 ### Persistence
 
@@ -786,7 +803,6 @@ gitea:
 | `service.ssh.port`                     | Port for ssh traffic                                                                                        | `22`        |
 | `service.ssh.loadBalancerIP`           | LoadBalancer Ip setting                                                                                     |             |
 | `service.ssh.nodePort`                 | NodePort for ssh service                                                                                    |             |
-| `service.ssh.hostPort`                 | HostPort for ssh service                                                                                    |             |
 | `service.ssh.externalTrafficPolicy`    | If `service.ssh.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation |             |
 | `service.ssh.externalIPs`              | ssh service external IP addresses                                                                           |             |
 | `service.ssh.loadBalancerSourceRanges` | Source range filter for ssh loadbalancer                                                                    | `[]`        |
@@ -842,6 +858,40 @@ Configure Liveness, Readiness and Startup
 | `gitea.startupProbe.successThreshold`      | Minimum consecutive success probes                                   | `1`     |
 | `gitea.startupProbe.failureThreshold`      | Minimum consecutive error probes                                     | `10`    |
 
+### Redis BuiltIn
+
+Redis is loaded as a dependency from
+[Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/redis)
+if enabled in the values. Complete Configuration can be taken from their website.
+
+The following parameters are the defaults set by this chart
+
+| Parameter                  | Description                                      | Default                      |
+|----------------------------|--------------------------------------------------|------------------------------|
+|redis.enabled               | Enable or disable redis                          | `false`                      |
+|redis.global.redis.password | Redis default password                           | `gitea`                      |
+|redis.auth.password         | Redis default password needed for chart upgrades | `gitea`                      |
+| redis.master.service.port  | Redis default port                               | `6379`                       |
+| redis.replica.replicaCount | Redis replicaCount                               | `2`                          |
+
+### Redis-Cluster BuiltIn
+
+Redis-Cluster is loaded as a dependency from
+[Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/redis-cluster)
+if enabled in the values. Complete Configuration can be taken from their website.
+
+The following parameters are the defaults set by this chart
+
+| Parameter                          | Description                                      | Default   |
+|------------------------------------|--------------------------------------------------|-----------|
+|redis-cluster.enabled               | Enable or disable redis-cluster                  | `false`   |
+|redis-cluster.global.redis.password | Redis default password                           | `gitea`   |
+|redis-cluster.password              | Redis default password                           | `gitea`   |
+|redis.auth.password                 | Redis default password needed for chart upgrades | `gitea`   |
+| redis-cluster.service.port         | Redis default port                               | `6379`    |
+| redis-cluster.cluster.nodes        | Redis nodes                                      | `6`       |
+| redis-cluster.cluster.replicas     | Redis replicas                                   | `1`       |
+
 ### Memcached BuiltIn
 
 Memcached is loaded as a dependency from
@@ -890,6 +940,29 @@ The following parameters are the defaults set by this chart
 | `postgresql.persistence.size`                     | PVC Storage Request for PostgreSQL volume                | `10Gi`  |
 | `postgresql.enabled`                              | Enable PostgreSQL dependency                             | `true`  |
 
+### PostgreSQL-HA BuiltIn
+
+PostgreSQL-HA is loaded as a dependency from Bitnami. The chart configuration
+can be found in this
+[Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql) repository.
+
+The following parameters are the defaults set by this chart
+
+| Parameter                                       | Description                               | Default   |
+|-------------------------------------------------|-------------------------------------------|-----------|
+|`postgresql-ha.enabled`                          | Enable or disable PostgreSQL-HA           | `false`   |
+|`postgresql-ha.postgresql.password`              | PostgreSQL password                       | `gitea`   |
+|`postgresql-ha.postgresql.repmgrPassword`        | PostgreSQL repmgr password                | `gitea`   |
+|`postgresql-ha.pgpool.adminPassword`             | PostgreSQL pgpool password                | `gitea`   |
+|`postgresql-ha.global.postgresql.username`       | PostgreSQL username                       | `gitea`   |
+|`postgresql-ha.global.postgresql.password`       | PostgreSQL admin password                 | `gitea`   |
+|`postgresql-ha.global.postgresql.database`       | PostgreSQL default database               | `gitea`   |
+|`postgresql-ha.global.postgresql.repmgrPassword` | PostgreSQL repmgr password                | `gitea`   |
+|`postgresql-ha.global.postgresql.repmgrUsername` | PostgreSQL repmgr username                | `gitea`   |
+|`postgresql-ha.global.postgresql.repmgrDatabase` | PostgreSQL repmgr default database        | `gitea`   |
+|`postgresql-ha.service.port`                     | PostgreSQL port                           | `5432`    |
+|`postgresql-ha.persistence.size`                 | PVC Storage Request for PostgreSQL volume | `10Gi`    |
+
 ### MariaDB BuiltIn
 
 MariaDB is loaded as a dependency from bitnami. Configuration can be found in

templates/_helpers.tpl

@@ -36,7 +36,7 @@ Create image name and tag used by the deployment.
 */}}
 {{- define "gitea.image" -}}
 {{- $name := .Values.image.repository -}}
-{{- $tag := .Values.image.tag | default .Chart.AppVersion -}}
+{{- $tag := ternary .Values.image.version .Values.image.tag (hasKey .Values.image "version") -}}
 {{- $rootless := ternary "-rootless" "" (.Values.image.rootless) -}}
 {{- printf "%s:%s%s" $name $tag $rootless -}}
 {{- end -}}
@@ -48,8 +48,10 @@ Common labels
 helm.sh/chart: {{ include "gitea.chart" . }}
 app: {{ include "gitea.name" . }}
 {{ include "gitea.selectorLabels" . }}
-app.kubernetes.io/version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
+{{- if .Chart.AppVersion }}
-version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+version: {{ .Chart.AppVersion | quote }}
+{{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end -}}
 
@@ -61,8 +63,40 @@ app.kubernetes.io/name: {{ include "gitea.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end -}}
 
+{{- define "db.servicename" -}}
+{{- if .Values.postgresql.enabled -}}
+{{- printf "%s-postgresql" .Release.Name -}}
+{{- else if (index .Values "postgresql-ha").enabled -}}
+{{- printf "%s-postgresql-ha-pgpool" .Release.Name -}}
+{{- else if .Values.mysql.enabled -}}
+{{- printf "%s-mysql" .Release.Name -}}
+{{- else if .Values.mariadb.enabled -}}
+{{- printf "%s-mariadb" .Release.Name -}}
+{{- else if ne .Values.gitea.config.database.DB_TYPE "sqlite3" -}}
+{{- $parts := split ":" .Values.gitea.config.database.HOST -}}
+{{- printf "%s %s" $parts._0 $parts._1 -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "db.port" -}}
+{{- if .Values.postgresql.enabled -}}
+{{ .Values.postgresql.global.postgresql.servicePort }}
+{{- else if (index .Values "postgresql-ha").enabled -}}
+{{ (index .Values "postgresql-ha").service.port }}
+{{- else if .Values.mysql.enabled -}}
+{{ .Values.mysql.service.port }}
+{{- else if .Values.mariadb.enabled -}}
+{{ .Values.mariadb.primary.service.port }}
+{{- else -}}
+{{- end -}}
+{{- end -}}
+
 {{- define "postgresql.dns" -}}
+{{- if .Values.postgresql.enabled -}}
 {{- printf "%s-postgresql.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.postgresql.global.postgresql.servicePort -}}
+{{- else if (index .Values "postgresql-ha").enabled -}}
+{{- printf "%s-postgresql-ha-pgpool.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha").service.port -}}
+{{- end -}}
 {{- end -}}
 
 {{- define "mysql.dns" -}}
@@ -77,6 +111,30 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 {{- printf "%s-memcached.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.memcached.service.port | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
+{{- define "redis.dns" -}}
+{{- if (index .Values "redis-cluster").enabled -}}
+{{- printf "redis+cluster://:%s@%s-redis-cluster-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis-cluster").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis-cluster").service.port -}}
+{{- else if .Values.redis.enabled -}}
+{{- printf "redis://:%s@%s-redis-master.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s" .Values.redis.global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain .Values.redis.master.service.port -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "redis.port" -}}
+{{- if (index .Values "redis-cluster").enabled -}}
+{{ (index .Values "redis-cluster").service.port }}
+{{- else if .Values.redis.enabled -}}
+{{ .Values.redis.master.service.port }}
+{{- end -}}
+{{- end -}}
+
+{{- define "redis.servicename" -}}
+{{- if (index .Values "redis-cluster").enabled -}}
+{{- printf "%s-redis-cluster-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
+{{- else if .Values.redis.enabled -}}
+{{- printf "%s-redis-master.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
+{{- end -}}
+{{- end -}}
+
 {{- define "gitea.default_domain" -}}
 {{- printf "%s-gitea.%s.svc.%s" (include "gitea.fullname" .) .Release.Namespace .Values.clusterDomain | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
@@ -181,6 +239,18 @@ app.kubernetes.io/instance: {{ .Release.Name }}
   {{- if not (hasKey .Values.gitea.config "oauth2") -}}
     {{- $_ := set .Values.gitea.config "oauth2" dict -}}
   {{- end -}}
+  {{- if not (hasKey .Values.gitea.config "session") -}}
+    {{- $_ := set .Values.gitea.config "session" dict -}}
+  {{- end -}}
+  {{- if not (hasKey .Values.gitea.config "queue") -}}
+    {{- $_ := set .Values.gitea.config "queue" dict -}}
+  {{- end -}}
+  {{- if not (hasKey .Values.gitea.config "queue.issue_indexer") -}}
+    {{- $_ := set .Values.gitea.config "queue.issue_indexer" dict -}}
+  {{- end -}}
+  {{- if not (hasKey .Values.gitea.config "indexer") -}}
+    {{- $_ := set .Values.gitea.config "indexer" dict -}}
+  {{- end -}}
 {{- end -}}
 
 {{- define "gitea.inline_configuration.defaults" -}}
@@ -196,13 +266,24 @@ app.kubernetes.io/instance: {{ .Release.Name }}
   {{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}}
     {{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}}
   {{- end -}}
-  {{- if .Values.memcached.enabled -}}
+  {{- if or .Values.memcached.enabled (index .Values "redis-cluster").enabled .Values.redis.enabled -}}
     {{- $_ := set .Values.gitea.config.cache "ENABLED" "true" -}}
-    {{- $_ := set .Values.gitea.config.cache "ADAPTER" "memcache" -}}
+    {{- $_ := set .Values.gitea.config.cache "ADAPTER" (ternary "memcache" "redis" .Values.memcached.enabled) -}}
     {{- if not (.Values.gitea.config.cache.HOST) -}}
-      {{- $_ := set .Values.gitea.config.cache "HOST" (include "memcached.dns" .) -}}
+      {{- $_ := set .Values.gitea.config.cache "HOST" (ternary (include "memcached.dns" .) (include "redis.dns" .) .Values.memcached.enabled) -}}
     {{- end -}}
   {{- end -}}
+  {{- /* redis queue */ -}}
+  {{- if or (index .Values "redis-cluster").enabled  .Values.redis.enabled -}}
+    {{- $_ := set .Values.gitea.config.queue "TYPE" "redis" -}}
+    {{- $_ := set .Values.gitea.config.queue "CONN_STR" (include "redis.dns" .) -}}
+    {{- $_ := set (index .Values.gitea.config "queue.issue_indexer") "TYPE" "redis" -}}
+  {{- end -}}
+  {{- /* multiple replicas */ -}}
+  {{- if gt .Values.replicaCount 1.0 -}}
+    {{- $_ := set .Values.gitea.config.session  "PROVIDER" "redis" -}}
+    {{- $_ := set .Values.gitea.config.session  "PROVIDER_CONFIG" (include "redis.dns" .) -}}
+  {{- end -}}
 {{- end -}}
 
 {{- define "gitea.inline_configuration.defaults.server" -}}
@@ -265,6 +346,14 @@ app.kubernetes.io/instance: {{ .Release.Name }}
     {{- $_ := set .Values.gitea.config.database "NAME"      .Values.postgresql.global.postgresql.postgresqlDatabase -}}
     {{- $_ := set .Values.gitea.config.database "USER"      .Values.postgresql.global.postgresql.postgresqlUsername -}}
     {{- $_ := set .Values.gitea.config.database "PASSWD"    .Values.postgresql.global.postgresql.postgresqlPassword -}}
+  {{- else if (index .Values "postgresql-ha").enabled -}}
+    {{- $_ := set .Values.gitea.config.database "DB_TYPE"   "postgres" -}}
+    {{- if not (.Values.gitea.config.database.HOST) -}}
+      {{- $_ := set .Values.gitea.config.database "HOST"      (include "postgresql.dns" .) -}}
+    {{- end -}}
+    {{- $_ := set .Values.gitea.config.database "NAME"      (index .Values "postgresql-ha").global.postgresql.database -}}
+    {{- $_ := set .Values.gitea.config.database "USER"      (index .Values "postgresql-ha").global.postgresql.username -}}
+    {{- $_ := set .Values.gitea.config.database "PASSWD"    (index .Values "postgresql-ha").global.postgresql.password -}}
   {{- else if .Values.mysql.enabled -}}
     {{- $_ := set .Values.gitea.config.database "DB_TYPE"   "mysql" -}}
     {{- if not (.Values.gitea.config.database.HOST) -}}

templates/gitea/config.yaml

@@ -63,41 +63,6 @@ stringData:
       export "ENV_TO_INI__${masked_section^^}__${setting^^}=${value}"        # '^^' makes the variable content uppercase
     }
 
-    function env2ini::reload_preset_envs() {
-      env2ini::log "Reloading preset envs..."
-
-      while read -r line; do
-        if [[ -z "${line}" ]]; then
-          # skip empty line
-          return
-        fi
-
-        # 'xargs echo -n' trims all leading/trailing whitespaces and a trailing new line
-        local setting="$(awk -F '=' '{print $1}' <<< "${line}" | xargs echo -n)"
-
-        if [[ -z "${setting}" ]]; then
-          env2ini::log '  ! invalid setting'
-          exit 1
-        fi
-
-        local value=''
-        local regex="^${setting}(\s*)=(\s*)(.*)"
-        if [[ $line =~ $regex ]]; then
-          value="${BASH_REMATCH[3]}"
-        else
-          env2ini::log '  ! invalid setting'
-          exit 1
-        fi
-
-        env2ini::log "  + '${setting}'"
-
-        export "${setting^^}=${value}"                           # '^^' makes the variable content uppercase
-      done < "/tmp/existing-envs"
-
-      rm /tmp/existing-envs
-    }
-
-
     function env2ini::process_config_file() {
       local config_file="${1}"
       local section="$(basename "${config_file}")"
@@ -139,17 +104,12 @@ stringData:
       env2ini::log "...Initial secrets generated\n"
     }
 
-    env | (grep ENV_TO_INI || [[ $? == 1 ]]) > /tmp/existing-envs
-    
     # MUST BE CALLED BEFORE OTHER CONFIGURATION
     env2ini::generate_initial_secrets
 
     env2ini::load_config_sources '/env-to-ini-mounts/inlines/'
     env2ini::load_config_sources '/env-to-ini-mounts/additionals/'
 
-    # load existing envs to override auto generated envs
-    env2ini::reload_preset_envs
-
     env2ini::log "=== All configuration sources loaded ===\n"
 
     # safety to prevent rewrite of secret keys if an app.ini already exists
@@ -165,3 +125,4 @@ stringData:
     fi
 
     environment-to-ini -o $GITEA_APP_INI -p ENV_TO_INI
+    

templates/gitea/init.yaml

@@ -30,9 +30,7 @@ stringData:
 
     # prepare temp directory structure
     mkdir -p "${GITEA_TEMP}"
-    {{- if not .Values.image.rootless }}
     chown 1000:1000 "${GITEA_TEMP}"
-    {{- end }}
     chmod ug+rwx "${GITEA_TEMP}"
 
   configure_gitea.sh: |-
@@ -40,15 +38,52 @@ stringData:
 
     set -euo pipefail
 
+    {{- if include "db.servicename" . }}
+    # Connection retry inspired by https://gist.github.com/dublx/e99ea94858c07d2ca6de
+    function test_db_connection() {
+      local RETRY=0
+      local MAX=30
+
+      echo 'Wait for database to become avialable...'
+      until [ "${RETRY}" -ge "${MAX}" ]; do
+        nc -vz -w2 {{ include "db.servicename" . }} {{ include "db.port" . }} && break
+        RETRY=$[${RETRY}+1]
+        echo "...not ready yet (${RETRY}/${MAX})"
+      done
+
+      if [ "${RETRY}" -ge "${MAX}" ]; then
+        echo "Database not reachable after '${MAX}' attempts!"
+        exit 1
+      fi
+    }
+
+    test_db_connection
+    {{- end }}
+
+    {{- if include "redis.servicename" . }}
+    function test_redis_connection() {
+      local RETRY=0
+      local MAX=30
+      
+      echo 'Wait for redis to become avialable...'
+      until [ "${RETRY}" -ge "${MAX}" ]; do
+        nc -vz -w2 {{ include "redis.servicename" . }} {{ include "redis.port" . }} && break
+        RETRY=$[${RETRY}+1]
+        echo "...not ready yet (${RETRY}/${MAX})"
+      done
+
+      if [ "${RETRY}" -ge "${MAX}" ]; then
+        echo "Redis not reachable after '${MAX}' attempts!"
+        exit 1
+      fi
+    }
+
+    test_redis_connection
+    {{- end }}
+
     echo '==== BEGIN GITEA CONFIGURATION ===='
 
-    { # try
+    gitea migrate
-      gitea migrate
-    } || { # catch
-      echo "Gitea migrate might fail due to database connection...This init-container will try again in a few seconds"
-      exit 1
-    }
-    
 
     {{- if or .Values.gitea.admin.existingSecret (and .Values.gitea.admin.username .Values.gitea.admin.password) }}
     function configure_admin_user() {

templates/gitea/statefulset.yaml

@@ -87,9 +87,6 @@ spec:
             {{- if .Values.statefulset.env }}
             {{- toYaml .Values.statefulset.env | nindent 12 }}
             {{- end }}
-            {{- if .Values.gitea.additionalConfigFromEnvs }}
-            {{- toYaml .Values.gitea.additionalConfigFromEnvs | nindent 12 }}
-            {{- end }}
           volumeMounts:
             - name: config
               mountPath: /usr/sbin
@@ -231,9 +228,6 @@ spec:
           ports:
             - name: ssh
               containerPort: {{ .Values.gitea.config.server.SSH_LISTEN_PORT }}
-            {{- if .Values.service.ssh.hostPort }}
-              hostPort: {{ .Values.service.ssh.hostPort }}
-            {{- end }}
             - name: http
               containerPort: {{ .Values.gitea.config.server.HTTP_PORT }}
             {{- if .Values.gitea.config.server.ENABLE_PPROF }}

values.yaml

@@ -8,8 +8,7 @@ clusterDomain: cluster.local
 
 image:
   repository: gitea/gitea
-  # Overrides the image tag whose default is the chart appVersion.
+  tag: 1.15.4
-  tag: ""
   pullPolicy: Always
   rootless: false # only possible when running 1.14 or later
 
@@ -61,7 +60,6 @@ service:
     #nodePort:
     #externalTrafficPolicy:
     #externalIPs:
-    #hostPort:
     loadBalancerSourceRanges: []
     annotations:
 
@@ -125,6 +123,7 @@ persistence:
   # storageClass:
   # subPath:
 
+
 # additional volumes to add to the Gitea statefulset.
 extraVolumes:
 # - name: postgres-ssl-vol
@@ -213,8 +212,6 @@ gitea:
   #   - configMap:
   #       name: gitea-app-ini-plaintext
 
-  additionalConfigFromEnvs: []
-
   podAnnotations: {}
 
   # Modify the liveness probe for your needs or completely disable it by commenting out.
@@ -252,6 +249,31 @@ memcached:
   service:
     port: 11211
 
+redis:
+  enabled: false
+  global:
+    redis:
+      password: gitea
+  auth:
+    password: gitea
+  master:
+    service:
+      port: 6379
+  replica:
+    replicaCount: 2
+
+redis-cluster:
+  enabled: false
+  password: gitea
+  global:
+    redis:
+      password: gitea
+  cluster:
+    nodes: 6
+    replicas: 1
+  service:
+    port: 6379
+
 postgresql:
   enabled: true
   global:
@@ -263,6 +285,26 @@ postgresql:
   persistence:
     size: 10Gi
 
+postgresql-ha:
+  enabled: false
+  postgresql:
+    password: gitea
+    repmgrPassword: gitea
+  pgpool:
+    adminPassword: gitea
+  global:
+    postgresql:
+      database: gitea
+      username: gitea
+      password: gitea
+      repmgrPassword: postgresql
+      repmgrUsername: postgresql
+      repmgrDatabase: repr
+  service:
+    port: 5432
+  persistence:
+    size: 10Gi
+
 mysql:
   enabled: false
   root: