From ace5ee7ce5405436ac8cadf96aae96ac48e44516 Mon Sep 17 00:00:00 2001 From: Morten Olsen Date: Sat, 20 Dec 2025 23:04:46 +0100 Subject: [PATCH] add forgejo --- apps/charts/forgejo/Chart.yaml | 3 + apps/charts/forgejo/templates/client.yaml | 10 ++ apps/charts/forgejo/templates/database.yaml | 6 + apps/charts/forgejo/templates/deployment.yaml | 106 ++++++++++++++++++ .../templates/external-http-service.yaml | 11 ++ apps/charts/forgejo/templates/pvc.yaml | 11 ++ apps/charts/forgejo/templates/service.yaml | 32 ++++++ .../forgejo/templates/virtual-service.yaml | 18 +++ apps/charts/forgejo/values.yaml | 5 + 9 files changed, 202 insertions(+) create mode 100644 apps/charts/forgejo/Chart.yaml create mode 100644 apps/charts/forgejo/templates/client.yaml create mode 100644 apps/charts/forgejo/templates/database.yaml create mode 100644 apps/charts/forgejo/templates/deployment.yaml create mode 100644 apps/charts/forgejo/templates/external-http-service.yaml create mode 100644 apps/charts/forgejo/templates/pvc.yaml create mode 100644 apps/charts/forgejo/templates/service.yaml create mode 100644 apps/charts/forgejo/templates/virtual-service.yaml create mode 100644 apps/charts/forgejo/values.yaml diff --git a/apps/charts/forgejo/Chart.yaml b/apps/charts/forgejo/Chart.yaml new file mode 100644 index 0000000..fa3f030 --- /dev/null +++ b/apps/charts/forgejo/Chart.yaml @@ -0,0 +1,3 @@ +apiVersion: v2 +version: 1.0.0 +name: forgejo diff --git a/apps/charts/forgejo/templates/client.yaml b/apps/charts/forgejo/templates/client.yaml new file mode 100644 index 0000000..3f4410c --- /dev/null +++ b/apps/charts/forgejo/templates/client.yaml @@ -0,0 +1,10 @@ +apiVersion: homelab.mortenolsen.pro/v1 +kind: OidcClient +metadata: + name: '{{ .Release.Name }}' +spec: + environment: '{{ .Values.globals.environment }}' + redirectUris: + - path: /user/oauth2/Authentik/callback + subdomain: '{{ .Values.subdomain }}' + matchingMode: strict diff --git a/apps/charts/forgejo/templates/database.yaml b/apps/charts/forgejo/templates/database.yaml new file mode 100644 index 0000000..6a30b53 --- /dev/null +++ b/apps/charts/forgejo/templates/database.yaml @@ -0,0 +1,6 @@ +apiVersion: homelab.mortenolsen.pro/v1 +kind: PostgresDatabase +metadata: + name: '{{ .Release.Name }}' +spec: + environment: '{{ .Values.globals.environment }}' diff --git a/apps/charts/forgejo/templates/deployment.yaml b/apps/charts/forgejo/templates/deployment.yaml new file mode 100644 index 0000000..57a96ed --- /dev/null +++ b/apps/charts/forgejo/templates/deployment.yaml @@ -0,0 +1,106 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ .Release.Name }}" +spec: + strategy: + type: Recreate + replicas: 1 + revisionHistoryLimit: 0 + selector: + matchLabels: + app: "{{ .Release.Name }}" + template: + metadata: + labels: + app: "{{ .Release.Name }}" + spec: + containers: + - name: "{{ .Release.Name }}" + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: "{{ .Values.image.pullPolicy }}" + ports: + - name: http + containerPort: 3000 + protocol: TCP + - name: ssh + containerPort: 22 + protocol: TCP + livenessProbe: + tcpSocket: + port: http + readinessProbe: + tcpSocket: + port: http + volumeMounts: + - mountPath: /data + name: data + env: + - name: TZ + value: "{{ .Values.globals.timezone }}" + - name: USER_UID + value: "1000" + - name: USER_GID + value: "1000" + - name: FORGEJO__server__SSH_DOMAIN + value: "ssh-{{ .Values.subdomain }}.{{ .Values.globals.domain }}" + - name: FORGEJO__server__SSH_PORT + value: "2206" + - name: FORGEJO__service__REQUIRE_EXTERNAL_REGISTRATION_PASSWORD + value: "true" + #- name: FORGEJO__service__ENABLE_BASIC_AUTHENTICATION + # value: 'true' + - name: FORGEJO__service__ENABLE_PASSWORD_SIGNIN_FORM + value: "false" + - name: FORGEJO__service__DEFAULT_KEEP_EMAIL_PRIVATE + value: "true" + - name: FORGEJO__service__DEFAULT_USER_IS_RESTRICTED + value: "true" + - name: FORGEJO__service__DEFAULT_USER_VISIBILITY + value: "private" + - name: FORGEJO__service__DEFAULT_ORG_VISIBILITY + value: "private" + - name: FORGEJO__service__ALLOW_ONLY_EXTERNAL_REGISTRATION + value: "true" + - name: FORGEJO__other__SHOW_FOOTER_POWERED_BY + value: "false" + - name: FORGEJO__other__SHOW_FOOTER_TEMPLATE_LOAD_TIME + value: "false" + - name: FORGEJO__other__SHOW_FOOTER_VERSION + value: "false" + - name: FORGEJO__repository__ENABLE_PUSH_CREATE_USER + value: "true" + - name: FORGEJO__repository__ENABLE_PUSH_CREATE_ORG + value: "true" + - name: FORGEJO__openid__ENABLE_OPENID_SIGNIN + value: "false" + - name: FORGEJO__openid__ENABLE_OPENID_SIGNUP + value: "false" + - name: FORGEJO__database__DB_TYPE + value: postgres + - name: FORGEJO__database__NAME + valueFrom: + secretKeyRef: + name: "{{ .Release.Name }}-pg-connection" + key: database + - name: FORGEJO__database__HOST + valueFrom: + secretKeyRef: + name: "{{ .Release.Name }}-pg-connection" + key: host + - name: FORGEJO__database__DB_PORT + value: "5432" + - name: FORGEJO__database__USER + valueFrom: + secretKeyRef: + name: "{{ .Release.Name }}-pg-connection" + key: user + - name: FORGEJO__database__PASSWD + valueFrom: + secretKeyRef: + name: "{{ .Release.Name }}-pg-connection" + key: password + volumes: + - name: data + persistentVolumeClaim: + claimName: "{{ .Release.Name }}-data" diff --git a/apps/charts/forgejo/templates/external-http-service.yaml b/apps/charts/forgejo/templates/external-http-service.yaml new file mode 100644 index 0000000..e28916d --- /dev/null +++ b/apps/charts/forgejo/templates/external-http-service.yaml @@ -0,0 +1,11 @@ +apiVersion: homelab.mortenolsen.pro/v1 +kind: ExternalHttpService +metadata: + name: '{{ .Release.Name }}' +spec: + environment: '{{ .Values.globals.environment }}' + subdomain: '{{ .Values.subdomain }}' + destination: + host: '{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local' + port: + number: 80 diff --git a/apps/charts/forgejo/templates/pvc.yaml b/apps/charts/forgejo/templates/pvc.yaml new file mode 100644 index 0000000..bc1d0a6 --- /dev/null +++ b/apps/charts/forgejo/templates/pvc.yaml @@ -0,0 +1,11 @@ +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: '{{ .Release.Name }}-data' +spec: + accessModes: + - 'ReadWriteOnce' + resources: + requests: + storage: '1Gi' + storageClassName: '{{ .Values.globals.environment }}' diff --git a/apps/charts/forgejo/templates/service.yaml b/apps/charts/forgejo/templates/service.yaml new file mode 100644 index 0000000..bfade59 --- /dev/null +++ b/apps/charts/forgejo/templates/service.yaml @@ -0,0 +1,32 @@ +apiVersion: v1 +kind: Service +metadata: + name: "{{ .Release.Name }}" + labels: + app: "{{ .Release.Name }}" +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: 3000 + protocol: TCP + name: http + selector: + app: "{{ .Release.Name }}" + +--- +apiVersion: v1 +kind: Service +metadata: + name: "{{ .Release.Name }}-ssh" + labels: + app: "{{ .Release.Name }}" +spec: + type: LoadBalancer + ports: + - port: 2206 + targetPort: 22 + protocol: TCP + name: ssh + selector: + app: "{{ .Release.Name }}" diff --git a/apps/charts/forgejo/templates/virtual-service.yaml b/apps/charts/forgejo/templates/virtual-service.yaml new file mode 100644 index 0000000..0af9b24 --- /dev/null +++ b/apps/charts/forgejo/templates/virtual-service.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.istio.io/v1 +kind: VirtualService +metadata: + name: "{{ .Release.Name }}" + namespace: "{{ .Release.Namespace }}" +spec: + gateways: + - "{{ .Values.globals.istio.gateway }}" + - mesh + hosts: + - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" + - mesh + http: + - route: + - destination: + host: "{{ .Release.Name }}" + port: + number: 80 diff --git a/apps/charts/forgejo/values.yaml b/apps/charts/forgejo/values.yaml new file mode 100644 index 0000000..1e74bc6 --- /dev/null +++ b/apps/charts/forgejo/values.yaml @@ -0,0 +1,5 @@ +image: + repository: codeberg.org/forgejo/forgejo + tag: 13 + pullPolicy: IfNotPresent +subdomain: code