fix(gitea): Add admin secret and nodeport

2026-01-22 14:50:07 +01:00
parent ad258bf3fe
commit e467799bd6
1 changed files with 28 additions and 20 deletions
@@ -1,3 +1,4 @@
+# yaml-language-server: $schema=https://gitea.com/gitea/helm-gitea/src/branch/main/values.yaml
 replicaCount: 1
 image:
  registry: "docker.gitea.com"
@@ -20,7 +21,10 @@ gitea:
    serviceMonitor:
      enabled: true
  config:
-    APP_NAME: 'Gitea: With a cup of tea.'
+    APP_NAME: "Gitea: With a cup of tea."
+    admin:
+      existingSecret: gitea-admin-secret
+      email: admin@oceanbox.io
    cache:
      ENABLED: true
      ADAPTER: redis
@@ -46,7 +50,7 @@ gitea:
      APP_DATA_PATH: "/data/gitea"
      DOMAIN: git.svc.hel1.obx
      ROOT_URL: https://git.svc.hel1.obx
-      SSH_DOMAIN: git.svc.hel1.obx
+      SSH_DOMAIN: git.obx
      SSH_PORT: 22
      SSH_SERVER_USE_PROXY_PROTOCOL: true
      LANDING_PAGE: "explore"
@@ -62,14 +66,14 @@ gitea:
      ENABLE_OPENID_SIGNIN: false
      ENABLE_OPENID_SIGNUP: false
  oauth:
-    - name: 'Oceanbox'
-      provider: 'openidConnect'
+    - name: "Oceanbox"
+      provider: "openidConnect"
      existingSecret: gitea-oauth-oceanbox
-      autoDiscoverUrl: 'https://login.microsoftonline.com/3f737008-e9a0-4485-9d27-40329d288089/.well-known/openid-configuration'
-      scopes: 'openid profile email groups'
-      groupClaimName: 'groups'
-      adminGroup: '/oceanbox/devel'
-      restrictedGroup: ''
+      autoDiscoverUrl: "https://login.microsoftonline.com/3f737008-e9a0-4485-9d27-40329d288089/.well-known/openid-configuration"
+      scopes: "openid profile email groups"
+      groupClaimName: "groups"
+      adminGroup: "/oceanbox/devel"
+      restrictedGroup: ""
  additionalConfigFromEnvs:
    - name: GITEA__STORAGE__MINIO_ACCESS_KEY_ID
      valueFrom:
@@ -117,25 +121,29 @@ ingress:
  hosts:
    - host: git.svc.hel1.obx
      paths:
-      - backend:
-          service:
-            name: gitea-http
-            port:
-              number: 3000
-        path: /
-        pathType: ImplementationSpecific
+        - backend:
+            service:
+              name: gitea-http
+              port:
+                number: 3000
+          path: /
+          pathType: ImplementationSpecific
  tls:
    - secretName: gitea-tls
      hosts:
        - git.svc.hel1.obx

-# service:
-  # ssh:
+service:
+  ssh:
+    enabled: true
+    type: NodePort
+    nodePort: 22
+    port: 22
    # type: LoadBalancer
    # port: 22
    # annotations:
-      # load-balancer.hetzner.cloud/location: hel1
-      # load-balancer.hetzner.cloud/uses-proxyprotocol: 'false'
+    # load-balancer.hetzner.cloud/location: hel1
+    # load-balancer.hetzner.cloud/uses-proxyprotocol: 'false'

 postgresql-ha:
  enabled: false