v2 app deployment--templating mainly in manifest now.

2025-12-31 06:53:17 +00:00
parent 8818d822cf
commit d1304a2630
84 changed files with 630 additions and 607 deletions
--- a/gitea/db-init-job.yaml
+++ b/gitea/db-init-job.yaml
@@ -12,7 +12,7 @@ spec:
    spec:
      containers:
        - name: db-init
-          image: {{ .apps.postgres.image }}
+          image: postgres:17
          command: ["/bin/bash", "-c"]
          args:
            - |
@@ -36,16 +36,16 @@ spec:
              valueFrom:
                secretKeyRef:
                  name: postgres-secrets
-                  key: apps.postgres.password
+                  key: password
            - name: DB_HOSTNAME
-              value: "{{ .apps.gitea.dbHost }}"
+              value: "{{ .dbHost }}"
            - name: DB_DATABASE_NAME
-              value: "{{ .apps.gitea.dbName }}"
+              value: "{{ .dbName }}"
            - name: DB_USERNAME
-              value: "{{ .apps.gitea.dbUser }}"
+              value: "{{ .dbUser }}"
            - name: DB_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: gitea-secrets
-                  key: apps.gitea.dbPassword
+                  key: dbPassword
      restartPolicy: OnFailure
--- a/gitea/deployment.yaml
+++ b/gitea/deployment.yaml
@@ -23,7 +23,7 @@ spec:
      terminationGracePeriodSeconds: 60
      containers:
        - name: gitea
-          image: "{{ .apps.gitea.image }}"
+          image: "{{ .image }}"
          imagePullPolicy: IfNotPresent
          envFrom:
            - configMapRef:
@@ -33,27 +33,27 @@ spec:
              valueFrom:
                secretKeyRef:
                  name: gitea-secrets
-                  key: apps.gitea.adminPassword
+                  key: adminPassword
            - name: GITEA__security__SECRET_KEY
              valueFrom:
                secretKeyRef:
                  name: gitea-secrets
-                  key: apps.gitea.secretKey
+                  key: secretKey
            - name: GITEA__security__INTERNAL_TOKEN
              valueFrom:
                secretKeyRef:
                  name: gitea-secrets
-                  key: apps.gitea.jwtSecret
+                  key: jwtSecret
            - name: GITEA__database__PASSWD
              valueFrom:
                secretKeyRef:
                  name: gitea-secrets
-                  key: apps.gitea.dbPassword
+                  key: dbPassword
            - name: GITEA__mailer__PASSWD
              valueFrom:
                secretKeyRef:
                  name: gitea-secrets
-                  key: apps.gitea.smtpPassword
+                  key: smtpPassword
          ports:
            - name: ssh
              containerPort: 2222
--- a/gitea/gitea.env
+++ b/gitea/gitea.env
@@ -3,12 +3,12 @@ SSH_PORT=22
 GITEA_WORK_DIR=/data
 GITEA_TEMP=/tmp/gitea
 TMPDIR=/tmp/gitea
-GITEA_ADMIN_USERNAME={{ .apps.gitea.adminUser }}
+GITEA_ADMIN_USERNAME={{ .adminUser }}
 GITEA_ADMIN_PASSWORD_MODE=keepUpdated

 # Core app settings
-GITEA____APP_NAME={{ .apps.gitea.appName }}
-GITEA____RUN_MODE={{ .apps.gitea.runMode }}  
+GITEA____APP_NAME={{ .appName }}
+GITEA____RUN_MODE={{ .runMode }}  
 GITEA____RUN_USER=git

 # Security settings
@@ -17,19 +17,19 @@ GITEA__security__PASSWORD_HASH_ALGO=pbkdf2

 # Database settings (except password which comes from secret)
 GITEA__database__DB_TYPE=postgres
-GITEA__database__HOST={{ .apps.gitea.dbHost }}:{{ .apps.gitea.dbPort }}
-GITEA__database__NAME={{ .apps.gitea.dbName }}
-GITEA__database__USER={{ .apps.gitea.dbUser }}
+GITEA__database__HOST={{ .dbHost }}:{{ .dbPort }}
+GITEA__database__NAME={{ .dbName }}
+GITEA__database__USER={{ .dbUser }}
 GITEA__database__SSL_MODE=disable
 GITEA__database__LOG_SQL=false

 # Server settings
-GITEA__server__DOMAIN={{ .apps.gitea.domain }}
-GITEA__server__HTTP_PORT={{ .apps.gitea.port }}
-GITEA__server__ROOT_URL=https://{{ .apps.gitea.domain }}/
+GITEA__server__DOMAIN={{ .domain }}
+GITEA__server__HTTP_PORT={{ .port }}
+GITEA__server__ROOT_URL=https://{{ .domain }}/
 GITEA__server__DISABLE_SSH=false
-GITEA__server__SSH_DOMAIN={{ .apps.gitea.domain }}
-GITEA__server__SSH_PORT={{ .apps.gitea.sshPort }}
+GITEA__server__SSH_DOMAIN={{ .domain }}
+GITEA__server__SSH_PORT={{ .sshPort }}
 GITEA__server__SSH_LISTEN_PORT=2222
 GITEA__server__LFS_START_SERVER=true
 GITEA__server__OFFLINE_MODE=true
@@ -53,8 +53,8 @@ GITEA__webhook__ALLOWED_HOST_LIST=*

 # Mailer settings (enabled via env vars, password from secret)
 GITEA__mailer__ENABLED=true
-GITEA__mailer__SMTP_ADDR={{ .apps.gitea.smtp.host }}
-GITEA__mailer__SMTP_PORT={{ .apps.gitea.smtp.port }}
-GITEA__mailer__FROM={{ .apps.gitea.smtp.from }}
-GITEA__mailer__USER={{ .apps.gitea.smtp.user }}
+GITEA__mailer__SMTP_ADDR={{ .smtp.host }}
+GITEA__mailer__SMTP_PORT={{ .smtp.port }}
+GITEA__mailer__FROM={{ .smtp.from }}
+GITEA__mailer__USER={{ .smtp.user }}

--- a/gitea/ingress.yaml
+++ b/gitea/ingress.yaml
@@ -5,10 +5,10 @@ metadata:
  namespace: gitea
  annotations:
    external-dns.alpha.kubernetes.io/cloudflare-proxied: "false"
-    external-dns.alpha.kubernetes.io/target: "{{ .cloud.domain }}"
+    external-dns.alpha.kubernetes.io/target: "{{ .externalDnsDomain }}"
 spec:
  rules:
-    - host: "{{ .apps.gitea.domain }}"
+    - host: "{{ .domain }}"
      http:
        paths:
          - path: /
@@ -19,6 +19,6 @@ spec:
                port:
                  number: 3000
  tls:
-    - secretName: "{{ .apps.gitea.tlsSecretName }}"
+    - secretName: "{{ .tlsSecretName }}"
      hosts:
-        - "{{ .apps.gitea.domain }}"
+        - "{{ .domain }}"
--- a/gitea/manifest.yaml
+++ b/gitea/manifest.yaml
@@ -1,10 +1,12 @@
 name: gitea
 description: Gitea is a painless self-hosted Git service written in Go
 version: 1.24.3
-icon: https://github.com/go-gitea/gitea/raw/main/assets/logo.png
+icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/gitea.svg
 requires:
-  - name: postgres
+- name: postgres
 defaultConfig:
+  namespace: gitea
+  externalDnsDomain: '{{ .cloud.domain }}'
  image: gitea/gitea:1.24.3
  appName: Gitea
  domain: gitea.{{ .cloud.domain }}
@@ -16,18 +18,20 @@ defaultConfig:
  dbUser: gitea
  dbHost: postgres.postgres.svc.cluster.local
  adminUser: admin
-  adminEmail: "admin@{{ .cloud.domain }}"
+  adminEmail: "{{ .operator.email }}"
  dbPort: 5432
  timezone: UTC
  runMode: prod
  smtp:
-    host: "{{ .cloud.smtp.host }}"
-    port: "{{ .cloud.smtp.port }}"
-    user: "{{ .cloud.smtp.user }}"
-    from: "{{ .cloud.smtp.from }}"
+    host: '{{ .cloud.smtp.host }}'
+    port: '{{ .cloud.smtp.port }}'
+    user: '{{ .cloud.smtp.user }}'
+    from: '{{ .cloud.smtp.from }}'
 defaultSecrets:
-  - key: apps.gitea.adminPassword
-  - key: apps.gitea.dbPassword
-  - key: apps.gitea.secretKey
-  - key: apps.gitea.jwtSecret
-  - key: apps.gitea.smtpPassword
+- key: adminPassword
+- key: dbPassword
+- key: secretKey
+- key: jwtSecret
+- key: smtpPassword
+requiredSecrets:
+- postgres.password
--- a/gitea/namespace.yaml
+++ b/gitea/namespace.yaml
@@ -1,4 +1,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: gitea
+  name: "{{ .namespace }}"
--- a/gitea/pvc.yaml
+++ b/gitea/pvc.yaml
@@ -9,4 +9,4 @@ spec:
  storageClassName: longhorn
  resources:
    requests:
-      storage: "{{ .apps.gitea.storage }}"
+      storage: "{{ .storage }}"
--- a/gitea/service.yaml
+++ b/gitea/service.yaml
@@ -8,7 +8,7 @@ spec:
  ports:
  - name: http
    port: 3000
-    targetPort: {{ .apps.gitea.port }}
+    targetPort: {{ .port }}
  selector:
    component: web
 ---
@@ -21,7 +21,7 @@ spec:
  type: LoadBalancer
  ports:
  - name: ssh
-    port: {{ .apps.gitea.sshPort }}
+    port: {{ .sshPort }}
    targetPort: 2222
    protocol: TCP
  selector: