2020-08-23 17:56:55 +00:00
# Default values for gitea.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
2022-06-09 19:21:25 +08:00
## @section Global
#
## @param global.imageRegistry global image registry override
## @param global.imagePullSecrets global image pull secrets override; can be extended by `imagePullSecrets`
## @param global.storageClass global storage class override
2023-02-22 01:53:25 +08:00
## @param global.hostAliases global hostAliases which will be added to the pod's hosts files
2022-06-09 18:55:08 +08:00
global :
imageRegistry : ""
## E.g.
## imagePullSecrets:
## - myRegistryKeySecretName
##
imagePullSecrets : [ ]
storageClass : ""
2023-02-22 01:53:25 +08:00
hostAliases : [ ]
# - ip: 192.168.137.2
# hostnames:
# - example.com
2019-12-12 13:38:31 -05:00
2022-06-09 19:21:25 +08:00
## @param replicaCount number of replicas for the statefulset
2020-08-23 17:56:55 +00:00
replicaCount : 1
2019-12-12 13:38:31 -05:00
2022-06-09 19:21:25 +08:00
## @param clusterDomain cluster domain
2020-10-30 01:08:58 +08:00
clusterDomain : cluster.local
2022-06-09 19:21:25 +08:00
## @section Image
## @param image.registry image registry, e.g. gcr.io,docker.io
## @param image.repository Image to start for this pod
2022-07-10 04:43:04 +08:00
## @param image.tag Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated). Defaults to `appVersion` within Chart.yaml.
2022-06-09 19:21:25 +08:00
## @param image.pullPolicy Image pull policy
## @param image.rootless Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher
2020-08-23 17:56:55 +00:00
image :
2022-06-09 19:21:25 +08:00
registry : ""
2020-08-23 17:56:55 +00:00
repository : gitea/gitea
2022-03-01 22:55:44 +08:00
# Overrides the image tag whose default is the chart appVersion.
tag : ""
2020-08-23 17:56:55 +00:00
pullPolicy : Always
2021-04-29 17:12:48 +08:00
rootless : false # only possible when running 1.14 or later
2019-12-12 13:38:31 -05:00
2022-06-09 19:21:25 +08:00
## @param imagePullSecrets Secret to use for pulling the image
2020-08-23 17:56:55 +00:00
imagePullSecrets : [ ]
2019-12-12 13:38:31 -05:00
2022-06-09 19:21:25 +08:00
## @section Security
2021-12-18 19:10:48 +08:00
# Security context is only usable with rootless image due to image design
2022-06-09 19:21:25 +08:00
## @param podSecurityContext.fsGroup Set the shared file system group for all containers in the pod.
2021-12-18 19:10:48 +08:00
podSecurityContext :
fsGroup : 1000
2022-06-09 19:21:25 +08:00
## @param containerSecurityContext Security context
2021-12-18 19:10:48 +08:00
containerSecurityContext : {}
2021-07-01 23:02:56 +08:00
# allowPrivilegeEscalation: false
# capabilities:
# drop:
# - ALL
# # Add the SYS_CHROOT capability for root and rootless images if you intend to
# # run pods on nodes that use the container runtime cri-o. Otherwise, you will
# # get an error message from the SSH server that it is not possible to read from
# # the repository.
# # https://gitea.com/gitea/helm-chart/issues/161
# add:
# - SYS_CHROOT
# privileged: false
# readOnlyRootFilesystem: true
# runAsGroup: 1000
# runAsNonRoot: true
# runAsUser: 1000
2021-03-01 20:16:49 +08:00
2023-01-10 14:54:55 +08:00
## @deprecated The securityContext variable has been split two:
2022-06-09 19:21:25 +08:00
## - containerSecurityContext
## - podSecurityContext.
## @param securityContext Run init and Gitea containers as a specific securityContext
2021-12-18 19:10:48 +08:00
securityContext : {}
2022-06-09 19:21:25 +08:00
## @section Service
2019-12-12 13:38:31 -05:00
service :
2022-06-09 19:21:25 +08:00
## @param service.http.type Kubernetes service type for web traffic
## @param service.http.port Port number for web traffic
## @param service.http.clusterIP ClusterIP setting for http autosetup for statefulset is None
## @param service.http.loadBalancerIP LoadBalancer IP setting
## @param service.http.nodePort NodePort for http service
## @param service.http.externalTrafficPolicy If `service.http.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation
## @param service.http.externalIPs External IPs for service
## @param service.http.ipFamilyPolicy HTTP service dual-stack policy
## @param service.http.ipFamilies HTTP service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/).
## @param service.http.loadBalancerSourceRanges Source range filter for http loadbalancer
## @param service.http.annotations HTTP service annotations
2019-12-12 13:38:31 -05:00
http :
2020-08-23 17:56:55 +00:00
type : ClusterIP
2019-12-12 13:38:31 -05:00
port : 3000
2020-12-16 20:37:47 +08:00
clusterIP : None
2022-06-09 19:21:25 +08:00
loadBalancerIP :
nodePort :
externalTrafficPolicy :
externalIPs :
ipFamilyPolicy :
ipFamilies :
2021-06-08 01:53:01 +08:00
loadBalancerSourceRanges : [ ]
2022-06-09 19:21:25 +08:00
annotations : {}
## @param service.ssh.type Kubernetes service type for ssh traffic
## @param service.ssh.port Port number for ssh traffic
## @param service.ssh.clusterIP ClusterIP setting for ssh autosetup for statefulset is None
## @param service.ssh.loadBalancerIP LoadBalancer IP setting
## @param service.ssh.nodePort NodePort for ssh service
## @param service.ssh.externalTrafficPolicy If `service.ssh.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation
## @param service.ssh.externalIPs External IPs for service
## @param service.ssh.ipFamilyPolicy SSH service dual-stack policy
## @param service.ssh.ipFamilies SSH service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/).
## @param service.ssh.hostPort HostPort for ssh service
## @param service.ssh.loadBalancerSourceRanges Source range filter for ssh loadbalancer
## @param service.ssh.annotations SSH service annotations
2019-12-12 13:38:31 -05:00
ssh :
2020-08-23 17:56:55 +00:00
type : ClusterIP
2019-12-12 13:38:31 -05:00
port : 22
2020-12-16 20:37:47 +08:00
clusterIP : None
2022-06-09 19:21:25 +08:00
loadBalancerIP :
nodePort :
externalTrafficPolicy :
externalIPs :
ipFamilyPolicy :
ipFamilies :
hostPort :
2021-02-05 04:42:42 +08:00
loadBalancerSourceRanges : [ ]
2022-06-09 19:21:25 +08:00
annotations : {}
## @section Ingress
## @param ingress.enabled Enable ingress
## @param ingress.className Ingress class name
## @param ingress.annotations Ingress annotations
## @param ingress.hosts[0].host Default Ingress host
## @param ingress.hosts[0].paths[0].path Default Ingress path
## @param ingress.hosts[0].paths[0].pathType Ingress path type
## @param ingress.tls Ingress tls settings
## @extra ingress.apiVersion Specify APIVersion of ingress object. Mostly would only be used for argocd.
2020-08-23 17:56:55 +00:00
ingress :
2019-12-12 13:38:31 -05:00
enabled : false
2021-09-02 10:53:48 +08:00
# className: nginx
2022-06-09 19:21:25 +08:00
className :
2020-08-23 17:56:55 +00:00
annotations : {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts :
2021-06-25 02:28:45 +08:00
- host : git.example.com
paths :
- path : /
pathType : Prefix
2020-08-23 17:56:55 +00:00
tls : [ ]
# - secretName: chart-example-tls
# hosts:
# - git.example.com
2021-12-20 19:54:37 +08:00
# Mostly for argocd or any other CI that uses `helm template | kubectl apply` or similar
# If helm doesn't correctly detect your ingress API version you can set it here.
# apiVersion: networking.k8s.io/v1
2020-08-23 17:56:55 +00:00
2022-06-09 19:21:25 +08:00
## @section StatefulSet
#
## @param resources Kubernetes resources
2020-08-23 17:56:55 +00:00
resources : {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
2019-12-12 13:38:31 -05:00
2021-06-07 16:41:16 +08:00
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
2022-06-09 19:21:25 +08:00
## @param schedulerName Use an alternate scheduler, e.g. "stork"
schedulerName : ""
2021-06-07 16:41:16 +08:00
2022-06-09 19:21:25 +08:00
## @param nodeSelector NodeSelector for the statefulset
2019-12-12 13:38:31 -05:00
nodeSelector : {}
2020-08-23 17:56:55 +00:00
2022-06-09 19:21:25 +08:00
## @param tolerations Tolerations for the statefulset
2019-12-12 13:38:31 -05:00
tolerations : [ ]
2020-08-23 17:56:55 +00:00
2022-06-09 19:21:25 +08:00
## @param affinity Affinity for the statefulset
2019-12-12 13:38:31 -05:00
affinity : {}
2022-06-27 14:35:55 +08:00
## @param dnsConfig dnsConfig for the statefulset
dnsConfig : {}
2022-06-09 19:21:25 +08:00
## @param statefulset.env Additional environment variables to pass to containers
## @param statefulset.terminationGracePeriodSeconds How long to wait until forcefully kill the pod
## @param statefulset.labels Labels for the statefulset
## @param statefulset.annotations Annotations for the Gitea StatefulSet to be created
2020-08-23 17:56:55 +00:00
statefulset :
2020-09-10 10:15:34 +00:00
env : [ ]
# - name: VARIABLE
# value: my-value
2020-08-23 17:56:55 +00:00
terminationGracePeriodSeconds : 60
2021-03-17 08:07:42 +08:00
labels : {}
2022-04-21 23:55:53 +08:00
annotations : {}
2020-08-23 17:56:55 +00:00
2022-06-09 19:21:25 +08:00
## @section Persistence
#
## @param persistence.enabled Enable persistent storage
## @param persistence.existingClaim Use an existing claim to store repository information
## @param persistence.size Size for persistence to store repo information
## @param persistence.accessModes AccessMode for persistence
## @param persistence.labels Labels for the persistence volume claim to be created
## @param persistence.annotations Annotations for the persistence volume claim to be created
## @param persistence.storageClass Name of the storage class to use
## @param persistence.subPath Subdirectory of the volume to mount at
2020-08-23 17:56:55 +00:00
persistence :
enabled : true
2022-06-09 19:21:25 +08:00
existingClaim :
2020-08-23 17:56:55 +00:00
size : 10Gi
accessModes :
- ReadWriteOnce
2021-01-22 16:24:37 +08:00
labels : {}
annotations : {}
2022-06-09 19:21:25 +08:00
storageClass :
subPath :
2020-08-23 17:56:55 +00:00
2022-06-09 19:21:25 +08:00
## @param extraVolumes Additional volumes to mount to the Gitea statefulset
2022-08-08 03:32:19 +08:00
extraVolumes : [ ]
2021-01-20 19:28:39 +08:00
# - name: postgres-ssl-vol
# secret:
# secretName: gitea-postgres-ssl
2022-08-08 03:32:19 +08:00
## @param extraContainerVolumeMounts Mounts that are only mapped into the Gitea runtime/main container, to e.g. override custom templates.
extraContainerVolumeMounts : [ ]
2021-01-20 19:28:39 +08:00
2022-08-08 03:32:19 +08:00
## @param extraInitVolumeMounts Mounts that are only mapped into the init-containers. Can be used for additional preconfiguration.
extraInitVolumeMounts : [ ]
2023-01-10 14:54:55 +08:00
## @deprecated The extraVolumeMounts variable has been split two:
2022-08-08 03:32:19 +08:00
## - extraContainerVolumeMounts
## - extraInitVolumeMounts
## As an example, can be used to mount a client cert when connecting to an external Postgres server.
## @param extraVolumeMounts **DEPRECATED** Additional volume mounts for init containers and the Gitea main container
extraVolumeMounts : [ ]
2021-01-20 19:28:39 +08:00
# - name: postgres-ssl-vol
# readOnly: true
# mountPath: "/pg-ssl"
2022-06-09 19:21:25 +08:00
## @section Init
## @param initPreScript Bash shell script copied verbatim to the start of the init-container.
2021-01-20 19:28:39 +08:00
initPreScript : ""
#
# initPreScript: |
# mkdir -p /data/git/.postgresql
# cp /pg-ssl/* /data/git/.postgresql/
# chown -R git:git /data/git/.postgresql/
# chmod 400 /data/git/.postgresql/postgresql.key
2021-06-30 03:23:32 +08:00
# Configure commit/action signing prerequisites
2022-06-09 19:21:25 +08:00
## @section Signing
#
## @param signing.enabled Enable commit/action signing
## @param signing.gpgHome GPG home directory
2023-01-18 00:58:10 +08:00
## @param signing.privateKey Inline private gpg key for signed Gitea actions
## @param signing.existingSecret Use an existing secret to store the value of `signing.privateKey`
2021-06-30 03:23:32 +08:00
signing :
enabled : false
gpgHome : /data/git/.gnupg
2023-01-18 00:58:10 +08:00
privateKey : ""
# privateKey: |-
# -----BEGIN PGP PRIVATE KEY BLOCK-----
# ...
# -----END PGP PRIVATE KEY BLOCK-----
existingSecret : ""
2021-01-20 19:28:39 +08:00
2022-06-09 19:21:25 +08:00
## @section Gitea
#
2020-08-23 17:56:55 +00:00
gitea :
2022-06-09 19:21:25 +08:00
## @param gitea.admin.username Username for the Gitea admin user
## @param gitea.admin.existingSecret Use an existing secret to store admin user credentials
## @param gitea.admin.password Password for the Gitea admin user
## @param gitea.admin.email Email for the Gitea admin user
2020-08-23 17:56:55 +00:00
admin :
2021-06-10 19:13:33 +08:00
#existingSecret: gitea-admin-secret
2022-06-09 19:21:25 +08:00
existingSecret :
2020-08-23 17:56:55 +00:00
username : gitea_admin
password : r8sA8CPHD9!bt6d
email : "gitea@local.domain"
2022-06-09 19:21:25 +08:00
## @param gitea.metrics.enabled Enable Gitea metrics
## @param gitea.metrics.serviceMonitor.enabled Enable Gitea metrics service monitor
2021-01-21 23:45:26 +08:00
metrics :
enabled : false
serviceMonitor :
enabled : false
2021-06-07 22:28:28 +08:00
# additionalLabels:
# prometheus-release: prom1
2021-01-21 23:45:26 +08:00
2022-06-09 19:21:25 +08:00
## @param gitea.ldap LDAP configuration
2021-10-08 20:16:24 +08:00
ldap : [ ]
# - name: "LDAP 1"
# existingSecret:
# securityProtocol:
# host:
# port:
# userSearchBase:
# userFilter:
# adminFilter:
# emailAttribute:
# bindDn:
# bindPassword:
# usernameAttribute:
# publicSSHKeyAttribute:
2020-08-23 17:56:55 +00:00
2021-12-20 22:43:55 +08:00
# Either specify inline `key` and `secret` or refer to them via `existingSecret`
2022-06-09 19:21:25 +08:00
## @param gitea.oauth OAuth configuration
2021-12-20 22:43:55 +08:00
oauth : [ ]
# - name: 'OAuth 1'
# provider:
# key:
# secret:
# existingSecret:
# autoDiscoverUrl:
# useCustomUrls:
# customAuthUrl:
# customTokenUrl:
# customProfileUrl:
# customEmailUrl:
2021-03-01 20:24:11 +08:00
2022-06-09 19:21:25 +08:00
## @param gitea.config Configuration for the Gitea server,ref: [config-cheat-sheet](https://docs.gitea.io/en-us/config-cheat-sheet/)
2020-08-23 17:56:55 +00:00
config : {}
# APP_NAME: "Gitea: Git with a cup of tea"
2021-01-20 19:28:39 +08:00
# RUN_MODE: dev
#
2020-08-23 17:56:55 +00:00
# server:
# SSH_PORT: 22
#
# security:
# PASSWORD_COMPLEXITY: spec
2022-06-09 19:21:25 +08:00
## @param gitea.additionalConfigSources Additional configuration from secret or configmap
2021-12-22 18:44:04 +08:00
additionalConfigSources : [ ]
# - secret:
# secretName: gitea-app-ini-oauth
# - configMap:
# name: gitea-app-ini-plaintext
2022-06-09 19:21:25 +08:00
## @param gitea.additionalConfigFromEnvs Additional configuration sources from environment variables
2022-03-09 14:47:55 +08:00
additionalConfigFromEnvs : [ ]
2022-06-09 19:21:25 +08:00
## @param gitea.podAnnotations Annotations for the Gitea pod
2020-09-24 16:32:11 +00:00
podAnnotations : {}
2023-03-22 16:13:31 +08:00
## @param gitea.ssh.logLevel Configure OpenSSH's log level. Only available for root-based Gitea image.
ssh :
logLevel : "INFO"
2022-06-09 19:21:25 +08:00
## @section LivenessProbe
#
## @param gitea.livenessProbe.enabled Enable liveness probe
## @param gitea.livenessProbe.tcpSocket.port Port to probe for liveness
## @param gitea.livenessProbe.initialDelaySeconds Initial delay before liveness probe is initiated
## @param gitea.livenessProbe.timeoutSeconds Timeout for liveness probe
## @param gitea.livenessProbe.periodSeconds Period for liveness probe
## @param gitea.livenessProbe.successThreshold Success threshold for liveness probe
## @param gitea.livenessProbe.failureThreshold Failure threshold for liveness probe
2021-12-13 16:50:08 +08:00
# Modify the liveness probe for your needs or completely disable it by commenting out.
2021-03-01 22:46:05 +08:00
livenessProbe :
2022-06-09 19:21:25 +08:00
enabled : true
2021-12-13 16:50:08 +08:00
tcpSocket :
port : http
2021-03-01 22:46:05 +08:00
initialDelaySeconds : 200
timeoutSeconds : 1
periodSeconds : 10
successThreshold : 1
failureThreshold : 10
2021-12-13 16:50:08 +08:00
2022-06-09 19:21:25 +08:00
## @section ReadinessProbe
#
## @param gitea.readinessProbe.enabled Enable readiness probe
## @param gitea.readinessProbe.tcpSocket.port Port to probe for readiness
## @param gitea.readinessProbe.initialDelaySeconds Initial delay before readiness probe is initiated
## @param gitea.readinessProbe.timeoutSeconds Timeout for readiness probe
## @param gitea.readinessProbe.periodSeconds Period for readiness probe
## @param gitea.readinessProbe.successThreshold Success threshold for readiness probe
## @param gitea.readinessProbe.failureThreshold Failure threshold for readiness probe
2021-12-13 16:50:08 +08:00
# Modify the readiness probe for your needs or completely disable it by commenting out.
2021-03-01 22:46:05 +08:00
readinessProbe :
2022-06-09 19:21:25 +08:00
enabled : true
2021-12-13 16:50:08 +08:00
tcpSocket :
port : http
2021-03-01 22:46:05 +08:00
initialDelaySeconds : 5
timeoutSeconds : 1
periodSeconds : 10
successThreshold : 1
failureThreshold : 3
2021-12-13 16:50:08 +08:00
# # Uncomment the startup probe to enable and modify it for your needs.
2022-06-09 19:21:25 +08:00
## @section StartupProbe
#
## @param gitea.startupProbe.enabled Enable startup probe
## @param gitea.startupProbe.tcpSocket.port Port to probe for startup
## @param gitea.startupProbe.initialDelaySeconds Initial delay before startup probe is initiated
## @param gitea.startupProbe.timeoutSeconds Timeout for startup probe
## @param gitea.startupProbe.periodSeconds Period for startup probe
## @param gitea.startupProbe.successThreshold Success threshold for startup probe
## @param gitea.startupProbe.failureThreshold Failure threshold for startup probe
startupProbe :
enabled : false
tcpSocket :
port : http
initialDelaySeconds : 60
timeoutSeconds : 1
periodSeconds : 10
successThreshold : 1
failureThreshold : 10
2021-03-01 22:46:05 +08:00
2022-06-09 19:21:25 +08:00
## @section Memcached
#
## @param memcached.enabled Memcached is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/memcached) if enabled in the values. Complete Configuration can be taken from their website.
2023-03-29 05:11:33 +08:00
## ref: https://hub.docker.com/r/bitnami/memcached/tags/
## @param memcached.service.ports.memcached Port for Memcached
2020-08-23 17:56:55 +00:00
memcached :
2021-12-22 23:41:35 +08:00
enabled : true
2023-03-29 05:11:33 +08:00
# image:
# registry: docker.io
# repository: bitnami/memcached
# tag: ""
# digest: ""
# pullPolicy: IfNotPresent
# pullSecrets: []
2020-08-23 17:56:55 +00:00
service :
2023-03-29 05:11:33 +08:00
ports :
memcached : 11211
2020-08-23 17:56:55 +00:00
2022-06-09 19:21:25 +08:00
## @section PostgreSQL
#
## @param postgresql.enabled Enable PostgreSQL
2023-03-28 01:12:29 +08:00
## @param postgresql.global.postgresql.auth.password Password for the "gitea" user (overrides `auth.password`)
## @param postgresql.global.postgresql.auth.database Name for a custom database to create (overrides `auth.database`)
## @param postgresql.global.postgresql.auth.username Name for a custom user to create (overrides `auth.username`)
## @param postgresql.global.postgresql.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`)
## @param postgresql.primary.persistence.size PVC Storage Request for PostgreSQL volume
2020-08-23 17:56:55 +00:00
postgresql :
2021-12-22 23:41:35 +08:00
enabled : true
2020-08-23 17:56:55 +00:00
global :
postgresql :
2023-03-28 01:12:29 +08:00
auth :
password : gitea
database : gitea
username : gitea
service :
ports :
postgresql : 5432
primary :
persistence :
size : 10Gi
2020-08-23 17:56:55 +00:00
2021-12-23 00:25:32 +08:00
# By default, removed or moved settings that still remain in a user defined values.yaml will cause Helm to fail running the install/update.
# Set it to false to skip this basic validation check.
2022-06-09 19:21:25 +08:00
## @section Advanced
## @param checkDeprecation Set it to false to skip this basic validation check.
2023-03-09 23:25:45 +08:00
## @param test.enabled Set it to false to disable test-connection Pod.
## @param test.image.name Image name for the wget container used in the test-connection Pod.
## @param test.image.tag Image tag for the wget container used in the test-connection Pod.
2021-12-23 00:25:32 +08:00
checkDeprecation : true
2023-03-09 23:25:45 +08:00
test :
enabled : true
image :
name : busybox
tag : latest