# gitea-bitnami values.yaml

ingress:
  enabled: true
  className: traefik
  annotations:
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    traefik.ingress.kubernetes.io/router.tls: "true"
  hostname: git.dvirlabs.com
  extraHosts: []
  tls: []
  pathType: ImplementationSpecific


postgresql-ha:
  enabled: false

postgresql:
  enabled: true
  auth:
    username: gitea
    password: gitea
    database: gitea
  primary:
    persistence:
      size: 10Gi
    tolerations:
      - key: "node.kubernetes.io/disk-pressure"
        operator: "Exists"
        effect: "NoSchedule"
  namespaceOverride: dev-tools

persistence:
  enabled: true
  size: 5Gi
  accessModes:
    - ReadWriteOnce

gitea:
  config:
    OAUTH2_JWT_SECRET: "randomstring"
  additionalEnvVars:
    - name: GITEA__oauth__0__client_secret
      valueFrom:
        secretKeyRef:
          name: gitea-keycloak-secret
          key: client-secret
  oauth:
    - name: Keycloak
      provider: openidConnect
      key: gitea
      autoDiscoverUrl: https://keycloak.dvirlabs.com/realms/lab/.well-known/openid-configuration
      scopes: openid profile email
      groupClaimName: groups
      adminGroup: gitea-admins
      restrictedGroup: gitea-users


service:
  type: ClusterIP

  readinessProbe:
    enabled: false

namespace:
  enabled: false

nodeSelector:
  node-role.kubernetes.io/worker: "true"