migrate forgejo

2026-02-08 01:36:28 +01:00 · 2026-01-02 09:03:37 +01:00
parent 8f3f96a685
commit faaad9dac4
24 changed files with 26 additions and 342 deletions
--- a/apps/charts/forgejo/templates/client.yaml
+++ b/apps/charts/forgejo/templates/client.yaml
@@ -1,10 +0,0 @@
-apiVersion: homelab.mortenolsen.pro/v1
-kind: OidcClient
-metadata:
-  name: '{{ .Release.Name }}'
-spec:
-  environment: '{{ .Values.globals.environment }}'
-  redirectUris:
-    - path: /user/oauth2/Authentik/callback
-      subdomain: '{{ .Values.subdomain }}'
-      matchingMode: strict
--- a/apps/charts/forgejo/templates/database.yaml
+++ b/apps/charts/forgejo/templates/database.yaml
@@ -1,6 +1,2 @@
-apiVersion: homelab.mortenolsen.pro/v1
-kind: PostgresDatabase
-metadata:
-  name: '{{ .Release.Name }}'
-spec:
-  environment: '{{ .Values.globals.environment }}'
+{{ include "common.database" . }}
+
--- a/apps/charts/forgejo/templates/dns.yaml
+++ b/apps/charts/forgejo/templates/dns.yaml
@@ -0,0 +1 @@
+{{ include "common.dns" . }}
--- a/apps/charts/forgejo/templates/oidc.yaml
+++ b/apps/charts/forgejo/templates/oidc.yaml
@@ -0,0 +1 @@
+{{ include "common.oidc" . }}
--- a/apps/charts/forgejo/values.yaml
+++ b/apps/charts/forgejo/values.yaml
@@ -24,6 +24,23 @@ container:
    type: tcpSocket
    port: http # Use named port

+# DNS configuration
+dns:
+  enabled: true
+  type: A
+  dnsClassRef:
+    name: private-dns
+
+# OIDC/Authentik configuration
+oidc:
+  enabled: true
+  redirectUris:
+    - "/user/oauth2/Authentik/callback"
+
+# Database configuration
+database:
+  enabled: true
+
 # Service configuration - multiple services
 service:
  ports:
@@ -84,22 +101,22 @@ env:
  FORGEJO__database__NAME:
    valueFrom:
      secretKeyRef:
-        name: "{release}-pg-connection"
+        name: "{release}-connection"
        key: database
  FORGEJO__database__HOST:
    valueFrom:
      secretKeyRef:
-        name: "{release}-pg-connection"
+        name: "{release}-connection"
        key: host
  FORGEJO__database__USER:
    valueFrom:
      secretKeyRef:
-        name: "{release}-pg-connection"
+        name: "{release}-connection"
        key: user
  FORGEJO__database__PASSWD:
    valueFrom:
      secretKeyRef:
-        name: "{release}-pg-connection"
+        name: "{release}-connection"
        key: password
  # Actions configuration
  FORGEJO__actions__ENABLED: "true"
--- a/apps/common/templates/_helpers.tpl
+++ b/apps/common/templates/_helpers.tpl
@@ -286,9 +286,7 @@ spec:
  strategy:
    type: {{ include "common.deploymentStrategy" . }}
  replicas: {{ .Values.deployment.replicas | default 1 }}
-  {{- if .Values.deployment.revisionHistoryLimit }}
-  revisionHistoryLimit: {{ .Values.deployment.revisionHistoryLimit }}
-  {{- end }}
+  revisionHistoryLimit: {{ .Values.deployment.revisionHistoryLimit | default 2 }}
  selector:
    matchLabels:
      {{- include "common.selectorLabels" . | nindent 6 }}
--- a/foundation/charts/monitor/Chart.yaml
+++ b/foundation/charts/monitor/Chart.yaml
@@ -1,3 +0,0 @@
-apiVersion: v2
-version: 1.0.0
-name: monitor
--- a/foundation/charts/monitor/templates/falco.yaml
+++ b/foundation/charts/monitor/templates/falco.yaml
@@ -1,23 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: falco-operator
-  namespace: argocd
-spec:
-  project: foundation
-  source:
-    repoURL: https://falcosecurity.github.io/charts
-    targetRevision: 7.0.2
-    chart: falco
-    helm:
-      releaseName: falco
-  destination:
-    server: https://kubernetes.default.svc
-    namespace: foundation
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    syncOptions:
-      - CreateNamespace=true
-      - ServerSideApply=true
--- a/foundation/charts/monitor/templates/kyverno.yaml
+++ b/foundation/charts/monitor/templates/kyverno.yaml
@@ -1,23 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: kyverno-operator
-  namespace: argocd
-spec:
-  project: foundation
-  source:
-    repoURL: https://kyverno.github.io/kyverno
-    targetRevision: 3.6.1
-    chart: kyverno
-    helm:
-      releaseName: kyverno
-  destination:
-    server: https://kubernetes.default.svc
-    namespace: foundation
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    syncOptions:
-      - CreateNamespace=true
-      - ServerSideApply=true
--- a/foundation/charts/monitor/templates/nuclei.yaml
+++ b/foundation/charts/monitor/templates/nuclei.yaml
@@ -1,21 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: nuclei-operator
-  namespace: argocd
-spec:
-  project: foundation
-  source:
-    repoURL: https://morten-olsen.github.io/homelab-nuclei-operator
-    targetRevision: 0.2.7
-    chart: nuclei-operator
-  destination:
-    server: https://kubernetes.default.svc
-    namespace: foundation
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    syncOptions:
-      - CreateNamespace=true
-      - ServerSideApply=true
--- a/foundation/charts/monitor/templates/trivy.yaml
+++ b/foundation/charts/monitor/templates/trivy.yaml
@@ -1,25 +0,0 @@
---
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: trivy-operator
-  namespace: argocd
-  finalizers:
-    - resources-finalizer.argocd.argoproj.io
-spec:
-  destination:
-    namespace: foundation
-    server: https://kubernetes.default.svc
-  project: foundation
-  source:
-    repoURL: https://aquasecurity.github.io/helm-charts/
-    targetRevision: 0.31.0
-    chart: trivy-operator
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    syncOptions:
-      - ServerSideApply=true
-      - ApplyOutOfSyncOnly=true
-      - CreateNamespace=true
--- a/foundation/charts/monitor/values.yaml
+++ b/foundation/charts/monitor/values.yaml
@@ -1,3 +0,0 @@
-globals:
-  timezone: Europe/Amsterdam
-  storageClass: prod
--- a/foundation/charts/operators/Chart.yaml
+++ b/foundation/charts/operators/Chart.yaml
@@ -1,3 +0,0 @@
-apiVersion: v2
-version: 1.0.0
-name: operators
--- a/foundation/charts/operators/templates/authentik.yaml
+++ b/foundation/charts/operators/templates/authentik.yaml
@@ -1,25 +0,0 @@
---
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: authentik-operator
-  namespace: argocd
-  finalizers:
-    - resources-finalizer.argocd.argoproj.io
-spec:
-  destination:
-    namespace: foundation
-    server: https://kubernetes.default.svc
-  project: foundation
-  source:
-    repoURL: https://mortenolsen.pro/homelab-authentik-operator/
-    targetRevision: 0.0.11
-    chart: authentik-operator
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    syncOptions:
-      - ServerSideApply=true
-      - ApplyOutOfSyncOnly=true
-      - CreateNamespace=true
--- a/foundation/charts/operators/templates/cluster-issuer.yaml
+++ b/foundation/charts/operators/templates/cluster-issuer.yaml
@@ -1,16 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
-  name: cloudflare-dns
-spec:
-  acme:
-    server: https://acme-v02.api.letsencrypt.org/directory
-    email: admin@demo.olsen.cloud
-    privateKeySecretRef:
-      name: cloudflare-dns-issuer-key
-    solvers:
-      - dns01:
-          cloudflare:
-            apiTokenSecretRef:
-              name: cloudflare-api-token
-              key: api-token
--- a/foundation/charts/operators/templates/homelab.yaml
+++ b/foundation/charts/operators/templates/homelab.yaml
@@ -1,25 +0,0 @@
---
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: homelab-operator
-  namespace: argocd
-  finalizers:
-    - resources-finalizer.argocd.argoproj.io
-spec:
-  destination:
-    namespace: foundation
-    server: https://kubernetes.default.svc
-  project: foundation
-  source:
-    repoURL: https://github.com/morten-olsen/homelab-operator.git
-    path: charts/operator
-    targetRevision: main
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    syncOptions:
-      - ServerSideApply=true
-      - ApplyOutOfSyncOnly=true
-      - CreateNamespace=true
--- a/foundation/charts/operators/templates/redis-operator.yaml
+++ b/foundation/charts/operators/templates/redis-operator.yaml
@@ -1,28 +0,0 @@
---
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: redis-operator
-  namespace: argocd
-  finalizers:
-    - resources-finalizer.argocd.argoproj.io
-spec:
-  destination:
-    namespace: foundation
-    server: https://kubernetes.default.svc
-  project: foundation
-  source:
-    repoURL: https://ot-container-kit.github.io/helm-charts/
-    targetRevision: 0.22.2
-    chart: redis-operator
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    syncOptions:
-      - ServerSideApply=true
-      - ApplyOutOfSyncOnly=true
-      - CreateNamespace=true
-  info:
-    - name: "Documentation: "
-      value: "https://redis-operator.opstree.dev/"
--- a/foundation/charts/operators/templates/reloader.yaml
+++ b/foundation/charts/operators/templates/reloader.yaml
@@ -1,25 +0,0 @@
---
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: reloader-operator
-  namespace: argocd
-  finalizers:
-    - resources-finalizer.argocd.argoproj.io
-spec:
-  destination:
-    namespace: foundation
-    server: https://kubernetes.default.svc
-  project: foundation
-  source:
-    repoURL: https://stakater.github.io/stakater-charts
-    targetRevision: 2.2.5
-    chart: reloader
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    syncOptions:
-      - ServerSideApply=true
-      - ApplyOutOfSyncOnly=true
-      - CreateNamespace=true
--- a/foundation/charts/operators/templates/sealed-secrets.yaml
+++ b/foundation/charts/operators/templates/sealed-secrets.yaml
@@ -1,25 +0,0 @@
---
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: sealed-secrets-operator
-  namespace: argocd
-  finalizers:
-    - resources-finalizer.argocd.argoproj.io
-spec:
-  destination:
-    namespace: foundation
-    server: https://kubernetes.default.svc
-  project: foundation
-  source:
-    repoURL: https://bitnami-labs.github.io/sealed-secrets
-    targetRevision: 2.17.9
-    chart: sealed-secrets
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    syncOptions:
-      - ServerSideApply=true
-      - ApplyOutOfSyncOnly=true
-      - CreateNamespace=true
--- a/foundation/charts/operators/values.yaml
+++ b/foundation/charts/operators/values.yaml
@@ -1,2 +0,0 @@
-globals:
-  timezone: Europe/Amsterdam
--- a/foundation/root/Chart.yaml
+++ b/foundation/root/Chart.yaml
@@ -1,6 +0,0 @@
-apiVersion: v2
-name: foundation
-description: A Helm chart for the foundation of the homelab
-type: application
-version: 0.1.0
-appVersion: "1.0.0"
--- a/foundation/root/templates/applicationset.yaml
+++ b/foundation/root/templates/applicationset.yaml
@@ -1,39 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: ApplicationSet
-metadata:
-  name: foundation
-  namespace: argocd
-spec:
-  generators:
-  - git:
-      repoURL: {{ .Values.repoURL }}
-      revision: {{ .Values.targetRevision }}
-      directories:
-      - path: {{ .Values.path }}/*
-      - path: {{ .Values.path }}/*{{ .Values.exclude }}
-        exclude: true
-  template:
-    metadata:
-      name: '{{ .Values.project }}-{{`{{path.basename}}`}}'
-    spec:
-      project: {{ .Values.project }}
-      source:
-        repoURL: {{ .Values.repoURL }}
-        targetRevision: {{ .Values.targetRevision }}
-        path: '{{`{{path}}`}}'
-        helm:
-          valueFiles:
-          - values.yaml
-          values: |
-            globals:
-              timezone: {{ .Values.globals.timezone }}
-              storageClass: {{ .Values.globals.storageClass }}
-      destination:
-        server: https://kubernetes.default.svc
-        namespace: foundation
-      syncPolicy:
-        automated:
-          prune: true
-          selfHeal: true
-        syncOptions:
-        - CreateNamespace=true
--- a/foundation/root/templates/project.yaml
+++ b/foundation/root/templates/project.yaml
@@ -1,19 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: AppProject
-metadata:
-  name: "{{ .Values.project }}"
-  namespace: argocd
-spec:
-  description: "Project for homelab apps"
-  sourceRepos:
-    - "*"
-  destinations:
-    - namespace: "{{ .Values.project }}"
-      server: https://kubernetes.default.svc
-    - namespace: argocd
-      server: https://kubernetes.default.svc
-    - namespace: kube-system
-      server: https://kubernetes.default.svc
-  clusterResourceWhitelist:
-    - group: "*"
-      kind: "*"
--- a/foundation/root/values.yaml
+++ b/foundation/root/values.yaml
@@ -1,8 +0,0 @@
-repoURL: "https://github.com/morten-olsen/homelab-apps"
-targetRevision: "main"
-path: "foundation/charts"
-exclude: "*.disabled"
-project: "foundation"
-globals:
-  timezone: Europe/Amsterdam
-  storageClass: prod