From 922e2fd0ead0dadd93bc6fded9f4e26ce4df32e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20J=C3=B6rg?= Date: Wed, 7 Jan 2026 23:21:53 +0100 Subject: [PATCH] feat: Add forgejo --- helmfile.d/forgejo.yaml.gotmpl | 44 ++++++++++++++++ values/forgejo/env-hel1.yaml.gotmpl | 3 ++ values/forgejo/env.yaml.gotmpl | 4 ++ values/forgejo/manifests/backup.yaml | 33 ++++++++++++ values/forgejo/manifests/database.yaml | 11 ++++ values/forgejo/manifests/dragonfly.yaml | 14 +++++ values/forgejo/manifests/forgejo.yaml | 42 +++++++++++++++ values/forgejo/manifests/monitoring.yaml | 11 ++++ values/forgejo/values/values.yaml | 66 ++++++++++++++++++++++++ 9 files changed, 228 insertions(+) create mode 100644 helmfile.d/forgejo.yaml.gotmpl create mode 100644 values/forgejo/env-hel1.yaml.gotmpl create mode 100644 values/forgejo/env.yaml.gotmpl create mode 100644 values/forgejo/manifests/backup.yaml create mode 100644 values/forgejo/manifests/database.yaml create mode 100644 values/forgejo/manifests/dragonfly.yaml create mode 100644 values/forgejo/manifests/forgejo.yaml create mode 100644 values/forgejo/manifests/monitoring.yaml create mode 100644 values/forgejo/values/values.yaml diff --git a/helmfile.d/forgejo.yaml.gotmpl b/helmfile.d/forgejo.yaml.gotmpl new file mode 100644 index 00000000..dd7a478a --- /dev/null +++ b/helmfile.d/forgejo.yaml.gotmpl @@ -0,0 +1,44 @@ +bases: + - ../envs/environments.yaml.gotmpl + +repositories: +- name: forgejo + oci: true + url: code.forgejo.org/forgejo-helm + +commonLabels: + tier: system + +releases: +- name: {{ .Environment.Name }}-forgejo + namespace: forgejo + chart: forgejo/forgejo + version: 15.0.3 + condition: forgejo.enabled + values: + - ../values/forgejo/values/values.yaml + - ../values/forgejo/values/values-{{ .Environment.Name }}.yaml + postRenderer: ../bin/kustomizer + postRendererArgs: + - ../values/forgejo/kustomize/{{ .Environment.Name }} + missingFileHandler: Info +- name: manifests + namespace: forgejo + chart: manifests + condition: forgejo.enabled + missingFileHandler: Info + values: + - ../values/env.yaml + - ../values/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml + - ../values/forgejo/env.yaml.gotmpl + - ../values/forgejo/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml.gotmpl + hooks: + - events: [ prepare, cleanup ] + showlogs: true + command: ../bin/helmify + args: + - '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}' + - '{{`{{ .Release.Chart }}`}}' + - '{{`{{ .Environment.Name }}`}}' + - ../values/forgejo/manifests + - manifests diff --git a/values/forgejo/env-hel1.yaml.gotmpl b/values/forgejo/env-hel1.yaml.gotmpl new file mode 100644 index 00000000..baa11f54 --- /dev/null +++ b/values/forgejo/env-hel1.yaml.gotmpl @@ -0,0 +1,3 @@ +forgejo: + enabled: true + autosync: false diff --git a/values/forgejo/env.yaml.gotmpl b/values/forgejo/env.yaml.gotmpl new file mode 100644 index 00000000..c9add93f --- /dev/null +++ b/values/forgejo/env.yaml.gotmpl @@ -0,0 +1,4 @@ +forgejo: + enabled: false + autosync: {{ if eq .Environment.Name "prod" }} false {{ else }} true {{ end }} + env: {{ .Environment.Name }} diff --git a/values/forgejo/manifests/backup.yaml b/values/forgejo/manifests/backup.yaml new file mode 100644 index 00000000..f8c557bb --- /dev/null +++ b/values/forgejo/manifests/backup.yaml @@ -0,0 +1,33 @@ +apiVersion: barmancloud.cnpg.io/v1 +kind: ObjectStore +metadata: + name: hel-store + namespace: forgejo +spec: + retentionPolicy: "7d" + configuration: + destinationPath: s3://cnpg/forgejo-db + endpointURL: http://10.255.241.30:30080 + s3Credentials: + accessKeyId: + name: cnpg-s3 + key: access_key + secretAccessKey: + name: cnpg-s3 + key: access_secret + wal: + compression: snappy +--- +apiVersion: postgresql.cnpg.io/v1 +kind: ScheduledBackup +metadata: + name: forgejo-db + namespace: forgejo +spec: + schedule: "0 0 1 * * *" + backupOwnerReference: self + cluster: + name: forgejo-db + method: plugin + pluginConfiguration: + name: barman-cloud.cloudnative-pg.io diff --git a/values/forgejo/manifests/database.yaml b/values/forgejo/manifests/database.yaml new file mode 100644 index 00000000..88d6d3e9 --- /dev/null +++ b/values/forgejo/manifests/database.yaml @@ -0,0 +1,11 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: forgejo-db + namespace: forgejo +spec: + instances: 1 + imageName: ghcr.io/cloudnative-pg/postgresql:18-minimal-trixie + storage: + resizeInUseVolumes: true + size: 10Gi diff --git a/values/forgejo/manifests/dragonfly.yaml b/values/forgejo/manifests/dragonfly.yaml new file mode 100644 index 00000000..f717f0a2 --- /dev/null +++ b/values/forgejo/manifests/dragonfly.yaml @@ -0,0 +1,14 @@ +apiVersion: dragonflydb.io/v1alpha1 +kind: Dragonfly +metadata: + name: dragonfly-forgejo + namespace: forgejo +spec: + replicas: 1 + resources: + requests: + cpu: 50m + memory: 64Mi + limits: + cpu: 200m + memory: 256Mi diff --git a/values/forgejo/manifests/forgejo.yaml b/values/forgejo/manifests/forgejo.yaml new file mode 100644 index 00000000..09ae7664 --- /dev/null +++ b/values/forgejo/manifests/forgejo.yaml @@ -0,0 +1,42 @@ +{{- if .Values.clusterConfig.argo.enabled }} +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: {{ .Values.forgejo.env }}-forgejo + namespace: argocd + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + destination: + namespace: forgejo + server: https://kubernetes.default.svc + project: aux + sources: + - repoURL: {{ .Values.clusterConfig.manifests }} + targetRevision: HEAD + path: helmfile.d + plugin: + name: helmfile-cmp + env: + - name: CLUSTER_NAME + value: {{ .Values.clusterConfig.cluster }} + - name: HELMFILE_ENVIRONMENT + value: {{ .Values.forgejo.env }} + - name: HELMFILE_FILE_PATH + value: forgejo.yaml.gotmpl + syncPolicy: + managedNamespaceMetadata: + labels: + component: aux + syncOptions: + - CreateNamespace=true + - ApplyOutOfSyncOnly=true + # - ServerSideApply=true + {{- if .Values.forgejo.autosync }} + automated: + prune: true + # selfHeal: false + {{- end }} +{{- end }} diff --git a/values/forgejo/manifests/monitoring.yaml b/values/forgejo/manifests/monitoring.yaml new file mode 100644 index 00000000..0f9b6da6 --- /dev/null +++ b/values/forgejo/manifests/monitoring.yaml @@ -0,0 +1,11 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: forgejo-db-monitor + namespace: forgejo +spec: + selector: + matchLabels: + cnpg.io/cluster: forgejo-db + podMetricsEndpoints: + - port: metrics diff --git a/values/forgejo/values/values.yaml b/values/forgejo/values/values.yaml new file mode 100644 index 00000000..81d65961 --- /dev/null +++ b/values/forgejo/values/values.yaml @@ -0,0 +1,66 @@ +replicaCount: 1 + +image: + registry: code.forgejo.org + repository: forgejo/forgejo + rootless: true + +resources: + limits: + cpu: 1000m + memory: 2Gi + requests: + cpu: 200m + memory: 512Mi + +gitea: + config: + database: + DB_TYPE: postgres + HOST: forgejo-db-rw:5432 + NAME: app + USER: app + SCHEMA: public + cache: + ENABLED: true + ADAPTER: redis + HOST: redis://dragonfly-forgejo.forgejo.svc:6379/0 + session: + PROVIDER: redis + PROVIDER_CONFIG: redis://dragonfly-forgejo.forgejo.svc:6379/1 + queue: + TYPE: redis + CONN_STR: redis://dragonfly-forgejo.forgejo.svc:6379/2 + security: + INSTALL_LOCK: true + service: + DISABLE_REGISTRATION: false + server: + DOMAIN: git.svc.hel1.obx + ROOT_URL: https://git.svc.hel1.obx + +ingress: + enabled: true + className: nginx + annotations: + cert-manager.io/cluster-issuer: ca-issuer + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/proxy-body-size: "256m" + hosts: + - host: git.svc.hel1.obx + paths: + - path: / + pathType: Prefix + tls: + - secretName: forgejo-tls + hosts: + - git.svc.hel1.obx + +service: + ssh: + type: LoadBalancer + port: 22 + +persistence: + enabled: true + size: 10Gi