feat: Add forgejo

2026-01-07 23:21:53 +01:00
parent 8c2f6d53c9
commit 922e2fd0ea
9 changed files with 228 additions and 0 deletions
@@ -0,0 +1,44 @@
+bases:
+ - ../envs/environments.yaml.gotmpl
+
+repositories:
+- name: forgejo
+  oci: true
+  url: code.forgejo.org/forgejo-helm
+
+commonLabels:
+  tier: system
+
+releases:
+- name: {{ .Environment.Name }}-forgejo
+  namespace: forgejo
+  chart: forgejo/forgejo
+  version: 15.0.3
+  condition: forgejo.enabled
+  values:
+  - ../values/forgejo/values/values.yaml
+  - ../values/forgejo/values/values-{{ .Environment.Name }}.yaml
+  postRenderer: ../bin/kustomizer
+  postRendererArgs:
+  - ../values/forgejo/kustomize/{{ .Environment.Name }}
+  missingFileHandler: Info
+- name: manifests
+  namespace: forgejo
+  chart: manifests
+  condition: forgejo.enabled
+  missingFileHandler: Info
+  values:
+  - ../values/env.yaml
+  - ../values/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml
+  - ../values/forgejo/env.yaml.gotmpl
+  - ../values/forgejo/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml.gotmpl
+  hooks:
+  - events: [ prepare, cleanup ]
+    showlogs: true
+    command: ../bin/helmify
+    args:
+    - '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
+    - '{{`{{ .Release.Chart }}`}}'
+    - '{{`{{ .Environment.Name }}`}}'
+    - ../values/forgejo/manifests
+    - manifests
@@ -0,0 +1,3 @@
+forgejo:
+  enabled: true
+  autosync: false
@@ -0,0 +1,4 @@
+forgejo:
+  enabled: false
+  autosync: {{ if eq .Environment.Name "prod" }} false {{ else }} true {{ end }}
+  env: {{ .Environment.Name }}
@@ -0,0 +1,33 @@
+apiVersion: barmancloud.cnpg.io/v1
+kind: ObjectStore
+metadata:
+  name: hel-store
+  namespace: forgejo
+spec:
+  retentionPolicy: "7d"
+  configuration:
+    destinationPath: s3://cnpg/forgejo-db
+    endpointURL: http://10.255.241.30:30080
+    s3Credentials:
+      accessKeyId:
+        name: cnpg-s3
+        key: access_key
+      secretAccessKey:
+        name: cnpg-s3
+        key: access_secret
+    wal:
+      compression: snappy
+---
+apiVersion: postgresql.cnpg.io/v1
+kind: ScheduledBackup
+metadata:
+  name: forgejo-db
+  namespace: forgejo
+spec:
+  schedule: "0 0 1 * * *"
+  backupOwnerReference: self
+  cluster:
+    name: forgejo-db
+  method: plugin
+  pluginConfiguration:
+    name: barman-cloud.cloudnative-pg.io
@@ -0,0 +1,11 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: forgejo-db
+  namespace: forgejo
+spec:
+  instances: 1
+  imageName: ghcr.io/cloudnative-pg/postgresql:18-minimal-trixie
+  storage:
+    resizeInUseVolumes: true
+    size: 10Gi
@@ -0,0 +1,14 @@
+apiVersion: dragonflydb.io/v1alpha1
+kind: Dragonfly
+metadata:
+  name: dragonfly-forgejo
+  namespace: forgejo
+spec:
+  replicas: 1
+  resources:
+    requests:
+      cpu: 50m
+      memory: 64Mi
+    limits:
+      cpu: 200m
+      memory: 256Mi
@@ -0,0 +1,42 @@
+{{- if .Values.clusterConfig.argo.enabled }}
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: {{ .Values.forgejo.env }}-forgejo
+  namespace: argocd
+  annotations:
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    namespace: forgejo
+    server: https://kubernetes.default.svc
+  project: aux
+  sources:
+  - repoURL: {{ .Values.clusterConfig.manifests }}
+    targetRevision: HEAD
+    path: helmfile.d
+    plugin:
+      name: helmfile-cmp
+      env:
+      - name: CLUSTER_NAME
+        value: {{ .Values.clusterConfig.cluster }}
+      - name: HELMFILE_ENVIRONMENT
+        value: {{ .Values.forgejo.env }}
+      - name: HELMFILE_FILE_PATH
+        value: forgejo.yaml.gotmpl
+  syncPolicy:
+    managedNamespaceMetadata:
+      labels:
+        component: aux
+    syncOptions:
+      - CreateNamespace=true
+      - ApplyOutOfSyncOnly=true
+      # - ServerSideApply=true
+    {{- if .Values.forgejo.autosync }}
+    automated:
+      prune: true
+      # selfHeal: false
+    {{- end }}
+{{- end }}
@@ -0,0 +1,11 @@
+apiVersion: monitoring.coreos.com/v1
+kind: PodMonitor
+metadata:
+  name: forgejo-db-monitor
+  namespace: forgejo
+spec:
+  selector:
+    matchLabels:
+      cnpg.io/cluster: forgejo-db
+  podMetricsEndpoints:
+    - port: metrics
@@ -0,0 +1,66 @@
+replicaCount: 1
+
+image:
+  registry: code.forgejo.org
+  repository: forgejo/forgejo
+  rootless: true
+
+resources:
+  limits:
+    cpu: 1000m
+    memory: 2Gi
+  requests:
+    cpu: 200m
+    memory: 512Mi
+
+gitea:
+  config:
+    database:
+      DB_TYPE: postgres
+      HOST: forgejo-db-rw:5432
+      NAME: app
+      USER: app
+      SCHEMA: public
+    cache:
+      ENABLED: true
+      ADAPTER: redis
+      HOST: redis://dragonfly-forgejo.forgejo.svc:6379/0
+    session:
+      PROVIDER: redis
+      PROVIDER_CONFIG: redis://dragonfly-forgejo.forgejo.svc:6379/1
+    queue:
+      TYPE: redis
+      CONN_STR: redis://dragonfly-forgejo.forgejo.svc:6379/2
+    security:
+      INSTALL_LOCK: true
+    service:
+      DISABLE_REGISTRATION: false
+    server:
+      DOMAIN: git.svc.hel1.obx
+      ROOT_URL: https://git.svc.hel1.obx
+
+ingress:
+  enabled: true
+  className: nginx
+  annotations:
+    cert-manager.io/cluster-issuer: ca-issuer
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/proxy-body-size: "256m"
+  hosts:
+    - host: git.svc.hel1.obx
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: forgejo-tls
+      hosts:
+        - git.svc.hel1.obx
+
+service:
+  ssh:
+    type: LoadBalancer
+    port: 22
+
+persistence:
+  enabled: true
+  size: 10Gi