dev-tools/manifests/gitea/values.yaml

global:
  security:
    allowInsecureImages: true

nodeSelector:
  workload: general

ingress:
  enabled: true
  className: traefik
  annotations:
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    traefik.ingress.kubernetes.io/router.tls: "true"
  hosts:
    - host: git.dvirlabs.com
      paths:
        - path: /
          pathType: Prefix
  tls:
    - hosts:
        - git.dvirlabs.com
      secretName: git-dvirlabs-cert

gitea:
  admin:
    username: admin
    password: admin1234
    email: admin@dvirlabs.com
    passwordMode: keepUpdated

  config:
    server:
      DOMAIN: git.dvirlabs.com
      ROOT_URL: https://git.dvirlabs.com/
      SSH_DOMAIN: git.dvirlabs.com
      SSH_LISTEN_PORT: 2222
      SSH_PORT: 22
      PROTOCOL: http
    metrics:
      ENABLED: true
      TOKEN: prometheusmetricstoken
    security:
      INSTALL_LOCK: true
      SECRET_KEY: somesecret
      INTERNAL_TOKEN: somesecret

  oauth:
    - name: "Keycloak"
      provider: "openidConnect"
      key: "gitea"
      secret: "gIA3YXhesiyIbKkMMtasCVTd7CvUyLwA"
      autoDiscoverUrl: "https://keycloak.dvirlabs.com/realms/lab/.well-known/openid-configuration"
      scopes: "openid profile email"
      groupClaimName: "groups"
      adminGroup: "gitea-admins"
      restrictedGroup: "gitea-users"

  livenessProbe:
    enabled: true
    tcpSocket:
      port: http
    initialDelaySeconds: 200

  readinessProbe:
    enabled: true
    tcpSocket:
      port: http
    initialDelaySeconds: 5

postgresql-ha:
  enabled: false

postgresql:
  enabled: true
  image:
    registry: docker.io
    repository: bitnamilegacy/postgresql
    tag: 17.5.0-debian-12-r3
  global:
    postgresql:
      auth:
        username: gitea
        password: gitea
        database: gitea
  primary:
    nodeSelector:
      workload: general
    persistence:
      enabled: true
      storageClass: nfs-client
      size: 50Gi
      accessModes:
        - ReadWriteOnce

persistence:
  enabled: true
  storageClass: nfs-client
  size: 50Gi
  accessModes:
    - ReadWriteOnce

valkey-cluster:
  enabled: true
  image:
    registry: docker.io
    repository: bitnamilegacy/valkey-cluster
    tag: 8.1.1-debian-12-r2
  
  global:
    storageClass: nfs-client
  
  persistence:
    enabled: true
    storageClass: nfs-client
    accessModes:
      - ReadWriteOnce
  
  valkey:
    nodeSelector:
      workload: general
    affinity:
      nodeAffinity:
        requiredDuringSchedulingIgnoredDuringExecution:
          nodeSelectorTerms:
            - matchExpressions:
                - key: workload
                  operator: In
                  values:
                    - general
                - key: node-role.kubernetes.io/control-plane
                  operator: DoesNotExist