From fa7da060852f846774a8ae5db76a7d9f089731da Mon Sep 17 00:00:00 2001 From: Danny Bessems Date: Fri, 3 Feb 2023 12:48:43 +0100 Subject: [PATCH] Upgrade Gitea --- services/Gitea/_namespace-Gitea.yml | 4 + services/Gitea/deploy-Gitea.yml | 142 ------------------ services/Gitea/deployment-Gitea.yml | 50 ++++++ services/Gitea/ingressRoute-Gitea.yml | 17 +++ services/Gitea/persistentVolume-Gitea.yml | 37 +++++ .../Gitea/persistentVolumeClaim-Gitea.yml | 25 +++ services/Gitea/sealedSecret-SMBSecret.yml | 18 +++ services/Gitea/service-Gitea.yml | 12 ++ 8 files changed, 163 insertions(+), 142 deletions(-) create mode 100644 services/Gitea/_namespace-Gitea.yml delete mode 100644 services/Gitea/deploy-Gitea.yml create mode 100644 services/Gitea/deployment-Gitea.yml create mode 100644 services/Gitea/ingressRoute-Gitea.yml create mode 100644 services/Gitea/persistentVolume-Gitea.yml create mode 100644 services/Gitea/persistentVolumeClaim-Gitea.yml create mode 100644 services/Gitea/sealedSecret-SMBSecret.yml create mode 100644 services/Gitea/service-Gitea.yml diff --git a/services/Gitea/_namespace-Gitea.yml b/services/Gitea/_namespace-Gitea.yml new file mode 100644 index 0000000..09a988f --- /dev/null +++ b/services/Gitea/_namespace-Gitea.yml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: gitea diff --git a/services/Gitea/deploy-Gitea.yml b/services/Gitea/deploy-Gitea.yml deleted file mode 100644 index 6621003..0000000 --- a/services/Gitea/deploy-Gitea.yml +++ /dev/null @@ -1,142 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: gitea -spec: - ports: - - protocol: TCP - name: ui - port: 3000 - selector: - app: gitea ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: gitea - labels: - app: gitea -spec: - replicas: 1 - selector: - matchLabels: - app: gitea - template: - metadata: - labels: - app: gitea - spec: - containers: - - name: gitea - image: bv11-cr01.bessems.eu/proxy/gitea/gitea:1.17 - imagePullPolicy: Always - env: - - name: DB_TYPE - value: 'sqlite3' - - name: ROOT_URL - value: 'https://code.spamasaurus.com' - - name: USER_UID - value: "1000" - - name: USER_GID - value: "1000" - ports: - - name: ui - containerPort: 3000 - volumeMounts: - - mountPath: /data - name: flexvolsmb-gitea-data - - mountPath: /data/ssh - name: flexvolsmb-gitea-ssh - subPath: ssh -# securityContext: -# runAsUser: 1000 -# runAsGroup: 1000 -# fsGroup: 1000 - volumes: - - name: flexvolsmb-gitea-data - persistentVolumeClaim: - claimName: flexvolsmb-gitea-data - - name: flexvolsmb-gitea-ssh - persistentVolumeClaim: - claimName: flexvolsmb-gitea-ssh ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: gitea -spec: - entryPoints: - - websecure - routes: - - match: Host(`code.spamasaurus.com`) - kind: Rule - services: - - name: gitea - port: 3000 - middlewares: - - name: security-headers@file - - name: compression@file ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: flexvolsmb-gitea-data -spec: - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-gitea-data - flexVolume: - driver: mount/smb - secretRef: - name: smb-secret - options: - opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,uid=1000,gid=1000,iocharset=utf8,nobrl - server: 192.168.11.225 - share: /K3s.Volumes/gitea/data ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: flexvolsmb-gitea-data - namespace: default -spec: - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-gitea-data - resources: - requests: - storage: 1Gi ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: flexvolsmb-gitea-ssh -spec: - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-gitea-ssh - flexVolume: - driver: mount/smb - secretRef: - name: smb-secret - options: - opts: domain=bessems.eu,file_mode=0600,dir_mode=0600,iocharset=utf8 - server: 192.168.11.225 - share: /K3s.Volumes/gitea/ssh ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: flexvolsmb-gitea-ssh - namespace: default -spec: - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-gitea-ssh - resources: - requests: - storage: 1Gi diff --git a/services/Gitea/deployment-Gitea.yml b/services/Gitea/deployment-Gitea.yml new file mode 100644 index 0000000..9330add --- /dev/null +++ b/services/Gitea/deployment-Gitea.yml @@ -0,0 +1,50 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gitea + namespace: gitea + labels: + app: gitea +spec: + replicas: 1 + selector: + matchLabels: + app: gitea + template: + metadata: + labels: + app: gitea + spec: + containers: + - name: gitea + image: bv11-cr01.bessems.eu/proxy/gitea/gitea:1.18 + imagePullPolicy: Always + env: + - name: DB_TYPE + value: 'sqlite3' + - name: ROOT_URL + value: 'https://code.spamasaurus.com' + - name: USER_UID + value: "1000" + - name: USER_GID + value: "1000" + ports: + - name: ui + containerPort: 3000 + volumeMounts: + - mountPath: /data + name: flexvolsmb-gitea-data + - mountPath: /data/ssh + name: flexvolsmb-gitea-ssh + subPath: ssh +# securityContext: +# runAsUser: 1000 +# runAsGroup: 1000 +# fsGroup: 1000 + volumes: + - name: flexvolsmb-gitea-data + persistentVolumeClaim: + claimName: flexvolsmb-gitea-data + - name: flexvolsmb-gitea-ssh + persistentVolumeClaim: + claimName: flexvolsmb-gitea-ssh diff --git a/services/Gitea/ingressRoute-Gitea.yml b/services/Gitea/ingressRoute-Gitea.yml new file mode 100644 index 0000000..f799857 --- /dev/null +++ b/services/Gitea/ingressRoute-Gitea.yml @@ -0,0 +1,17 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: gitea + namespace: gitea +spec: + entryPoints: + - websecure + routes: + - match: Host(`code.spamasaurus.com`) + kind: Rule + services: + - name: gitea + port: 3000 + middlewares: + - name: security-headers@file + - name: compression@file diff --git a/services/Gitea/persistentVolume-Gitea.yml b/services/Gitea/persistentVolume-Gitea.yml new file mode 100644 index 0000000..babdb76 --- /dev/null +++ b/services/Gitea/persistentVolume-Gitea.yml @@ -0,0 +1,37 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: flexvolsmb-gitea-data +spec: + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + storageClassName: flexvolsmb-gitea-data + flexVolume: + driver: mount/smb + secretRef: + name: smb-secret + options: + opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,uid=1000,gid=1000,iocharset=utf8,nobrl + server: 192.168.11.225 + share: /K3s.Volumes/gitea/data +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: flexvolsmb-gitea-ssh +spec: + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + storageClassName: flexvolsmb-gitea-ssh + flexVolume: + driver: mount/smb + secretRef: + name: smb-secret + options: + opts: domain=bessems.eu,file_mode=0600,dir_mode=0600,iocharset=utf8 + server: 192.168.11.225 + share: /K3s.Volumes/gitea/ssh diff --git a/services/Gitea/persistentVolumeClaim-Gitea.yml b/services/Gitea/persistentVolumeClaim-Gitea.yml new file mode 100644 index 0000000..a40eff5 --- /dev/null +++ b/services/Gitea/persistentVolumeClaim-Gitea.yml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: flexvolsmb-gitea-data + namespace: gitea +spec: + accessModes: + - ReadWriteMany + storageClassName: flexvolsmb-gitea-data + resources: + requests: + storage: 1Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: flexvolsmb-gitea-ssh + namespace: gitea +spec: + accessModes: + - ReadWriteMany + storageClassName: flexvolsmb-gitea-ssh + resources: + requests: + storage: 1Gi diff --git a/services/Gitea/sealedSecret-SMBSecret.yml b/services/Gitea/sealedSecret-SMBSecret.yml new file mode 100644 index 0000000..668836a --- /dev/null +++ b/services/Gitea/sealedSecret-SMBSecret.yml @@ -0,0 +1,18 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: smb-secret + namespace: gitea +spec: + encryptedData: + password: AgA2RNwf1Lv5KZQ3QrzNpwN0Bi1reMjEdeE6W+H86DGmHebic3yayuucntVBn3JFzBAd0yzFuAjpWSiJRhUiXDSz3Z+QvBiokXTYD14BQ2zTI11H0K3q3lbz9GWhZ7947rViRNIqjKDppZ2DHm+HbLpf5TnYVAqT2JBRoZYku0kDQ/xEDlLxOQ4l+ZCmJY1LGfxMrwo/pWcng1UdbiEF/zkeyAe+18fgrfDkG/kbeFKpX0TpO0fDvWxYt/QoQa2Ei5YNLCHHrZQz+y3MTrPpLdPkVK1ooBFxVNfVjdWbhHHlCbEAoPMcG1+TxOE4o9s8h0AgHUYTr992Cw0k4md3iHuRg7PeObweaa57LDASMLDfTymW8UFmDvpsurV/sB9CrBtmGE5vJzZ06NOU7UKqjWCjpWZ5uL1JUM54IgqJIqgWbmboM0NpLrinDLg/qvVKnndLzhgRGudFdqPzde/UqXebFd8BdFCnmXus/xPESOvl8gw7ucpVUHwJb8kFBTesMkYClDrGPHxLAqDQ3EkCEINxIGBZz6ycMirKYvsXPyB45/y/gGcbetgerWJ2j6nyjP3GtMpVuvw28oZW+lLRscSEoXd0fAgaKM83dJqfI025CKSYnY4ckpSiOvHr5xUs8o70PHCB8zHbeY1nhdzuc3qyCMP47tQOzqorz4YVqx8S3UwpbSU6wxXfXeJ2gZG6BwPgf/CRCdfjRcfGTHsico/o + username: AgBHQNeci3xoZ4ePihMM/EXK06kaUbrstRWqFJM67AnZuw66f8mAZWDYqpF8QynmaxwhyoTsS5vagFBh8KlfpNEVhl30w73+vb8j/xeq/32+d9ae++6q2CcbLAvn9Ezv6Y0PV3REbrlY5eGCMrc9AOIXZfNucZNcfZEbM547IEpxYTfmZLO7pwG0/c18IP6v/Lz2IdP80jkFK6yt0c7/x68v00UMDJ73RkpP0oKToQgAfmJrdXQTUfyA187Jr37umvnJW5gy5VPWaMzJ2B+sonkEGTCWWTji+P3dfBrHYa/kCYJwJqLoAuBbbkG3/NpbrdCnc35oOdmQOWVPj8fJdMDHE57F2dgWq3bnp23X05TDRaeSFSu24XDN2FWA/60jIE0ElX+e9oGgGainWEvOV9ekY6UZFhk1RzurvcUUGa9cilTiMtlnkLVWlLCEuI9tbwDVx2/bvAWuvmuwtyJhsl2cbu6ZHKMa+WF3K+Obrw4gWDHW+bmskw50fCZoQ0FK0b7Kdb+3qi5kBWaL006mXqJGHLnlNi2UA6F8SUPMcYYa34mv+IskBNrC/evxeaJ/3mC/sw3mBMwIOOzHWX/gMQRaghXZMks9X5ICpWodNPkizREy7Gc2yGnsHBX/FDhLmcCP2qzZ/352lQc0a5PKz2ZSYslULqjtbLUMqR/Td3ed017R7JSkbGNZeFYNO7was979jDRRuZA= + template: + data: null + metadata: + creationTimestamp: null + name: smb-secret + namespace: gitea + type: mount/smb + diff --git a/services/Gitea/service-Gitea.yml b/services/Gitea/service-Gitea.yml new file mode 100644 index 0000000..22dd228 --- /dev/null +++ b/services/Gitea/service-Gitea.yml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: gitea + namespace: gitea +spec: + ports: + - protocol: TCP + name: ui + port: 3000 + selector: + app: gitea