mthomson/fleet-infra
1
0
Fork 0
mirror of https://github.com/michaelthomson0797/fleet-infra.git synced 2026-02-04 04:59:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

initial refactor

Browse Source
This commit is contained in:
Michael Thomson
2025-06-07 16:33:55 -04:00
parent 5ac011f02b
commit b09446668d
249 changed files with 74 additions and 186 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
apps/gitea/admin-secret.yaml Normal file
View File

@@ -0,0 +1,15 @@
kind: SealedSecret
apiVersion: bitnami.com/v1alpha1
metadata:
name: gitea-admin-secret
namespace: gitea
creationTimestamp:
spec:
template:
metadata:
name: gitea-admin-secret
namespace: gitea
creationTimestamp:
encryptedData:
password: AgAajDLwVR0AFIKlQLIQU12BIKOu4qYIBIdhTJCPYrA5fj4yZZQBnAukYevTJYf76B0dYR6VzTg3uRVqHm1ve3iM73izGKR3Vab6EuWsXpS+JtqBzPuTuZCL0E+8Q+5JPacn/mOEhk97C1oUv4ZJJgPOPE88ySti+tN0T2UqUp2c1Umys4ZEuRQfESAmgwe08HV30XvkB5EZW68mjzwEry/tYKNLFnon2njNvm3/jObaWDjHeKl0pjFRoyKcTqZHgk92y+jU78ubDQlcsQiP8PRlcHKLxjEexguLYJzZGnTUVMCOMn64FN2H4mW2bBi0Apx/FsrNZQeHf1/WcLTci4ccObnhFi6kjrdZFBc/YBcXviyLrDw+CzUz1ZFSIdGxOHhJm09yJ2YmssuhxeLQ/Y8g6UUSSf2cwcAC4e7gl7EIAayod7wFQySTur7MCuKduV/e50l0OOLYHuB7DwEEhG0LONQ54FF3yrqUhOwn6C3qYPSB10ibbVFuiTreROosIpDoaZ/2TLkjcmHRiRRD7XxXusEjjvd6MH0dCrMc4NM9Dflrf3uZNuuY+tvpAr6bOnOFAN+k7+ttuskuwHmFiuy1UGkFwAs1zMcCStAYdv6+qtwi6+xIAih0XOLV43cQ3R+bZiT8yQZb3wj7oBW6rR6xJ9MpI1fexbedtJWJywfOzdCuopFV9JZWVlXurmPFoSVzEZ7CRvVvRlgS2p2PFsIzpytDW2lvlc9DwBtrrGw=
username: AgBtjjUFVdKLXE6/+MxXhBjRkUwqg1wAvw5Sl8W8FYYBLV56PzvSl8OqWPcpNwiquvYHZTdv2/vLyVEkk3YuhxYK5SGaIb8Ap4q8OJcdK5xFKKjLCx8kzkJ5Rwa11VfqWOTqwjgrSRgfjRI3Sc9xyrAMkQUgXbI3qdj5WfP6o6YDy6fK0Qm4bTD6F/+qj3xRkonWGY54268xdlHhzNR72Cqu4Wfl6BbiLafEU4U1mrxsSzJlno5LYyCC/g8WkkIrX3JrIYUt3wuTUheA/mhqCuLPH66iW6+lSyKoH2ruUn6p8i5uRltQNI8rYLxa3zdH7Ju3AXlUSv1FHv4zanCsG1SBaWrNsiKCAvEODB2IKGNENpkBkD7Uw51TvqZFoSZyyMbQIZLeCwcaRGtAPPGz2rKG7LcWIBpjy+J7dekmT0M1ObwbjyacluLmt/zw1FBL3JHPBv5RRBVGOmNFztmBobErRcBaOam9jg3SBAdOJfDuAcWOE68CKAUcRJ6wR+dqoP5zOwYtmFva7YRb35gO5XmwbNuCKlsR7ZOl3323aJ3Ill1A329XcPgsB2YmlXXHN9xAtsodDRKnT+t2pxVk1DtRWh+M8Ixy+QlYzhQBdb878G/ZKb5PI67S1RcGU7DROld/9bQBYfIxa2+F3JC+IjUJFVRrHn87BbE16OCPKgOaq+P3n0R8jwwcDDEwSssjVrC3VvcelBsj3aOUvg==

16
apps/gitea/dns-endpoint.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: externaldns.k8s.io/v1alpha1
kind: DNSEndpoint
metadata:
name: gitea.michaelthomson.dev
namespace: gitea
spec:
endpoints:
- dnsName: gitea.michaelthomson.dev
recordTTL: 180
recordType: CNAME
targets:
- michaelthomson.ddns.net
providerSpecific:
- name: external-dns.alpha.kubernetes.io/cloudflare-proxied
value: "false"

22
apps/gitea/mailer-config-secret.yaml Normal file
View File

@@ -0,0 +1,22 @@
{
"kind": "SealedSecret",
"apiVersion": "bitnami.com/v1alpha1",
"metadata": {
"name": "gitea-mailer-config-secret",
"namespace": "gitea",
"creationTimestamp": null
},
"spec": {
"template": {
"metadata": {
"name": "gitea-mailer-config-secret",
"namespace": "gitea",
"creationTimestamp": null
},
"type": "Opaque"
},
"encryptedData": {
"mailer": "AgDViQgjYRiW3AjnwQZWKauZKoSMmf/LqaOiAZTE1yxULaIE3quXZjm6vkZTtvYqT2eDkKe20O5iTDyBdsO3+29LRnnOm6kF/y4cZ/JOiWfh6nJ0hx6g+MybG3rq4GcWQj7C5OQCi97ctHYemDaWoNKkjwSvNpt+pKcEaBgaqyWQ1knLxP8BaPg51R8CnIe5opn7+AsQwiwi9JX4ucrU46QqLVTg3KT+CobRlEFqtU3jd2CQuj1CN4Y/XgtQFHh3hLB+c05HV6sd0xwo9zMKUSQe2k++5Z5esGj4Hu25UXn36iwmJCfueMor2Y0yOBndPNNviRMMgKjE383retjL1o6n8HkIo5YTrKd18EyuQcq/EdhA8kb3uKX4N1EtOrFLlMGAUKliV42e+3w3IfXtFC9bvTpHivmKIQwZSlPQbF1SVFIbhiBdvNClYJpR61P7ZS6h0D57Tf3vmRpKTSlrHH01sbaKDd9+/kVGUQ0Lk4XRXK0JyTJkNDIiEBuiBB3H/GEZ27k4heBFav6w06gp3zhoOhmhq4XJcFWcselOJeY5cqSUzhLx440zMwwPWvEDH+/nrbhanx6KGFU5Lm6qX7tMn54+P4Ch/vAcnPs/0sXNx0xleGsRVEis+2/EmbdSDwe42+orKxbpQU1bEj7Rqtwiwk4VsTKXgPfzKXcgMMXo+4vvP4t8rCRo1hMkx1EXhKascwntdOb1Nz52QZvij02eNiQhDA2exuG8Room1Ox9Sb4="
}
}
}

4
apps/gitea/namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: gitea

95
apps/gitea/release.yaml Normal file
View File

@@ -0,0 +1,95 @@
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: gitea
namespace: gitea
spec:
chart:
spec:
chart: gitea
version: 11.x
sourceRef:
kind: HelmRepository
name: gitea
interval: 15m
timeout: 5m
releaseName: gitea
values:
global:
storageClass: longhorn
replicaCount: 1
service:
ssh:
type: LoadBalancer
port: 2222
clusterIP:
annotations:
metallb.universe.tf/loadBalancerIPs: 192.168.2.248
ingress:
enabled: true
className: traefik
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
hosts:
- host: gitea.michaelthomson.dev
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- gitea.michaelthomson.dev
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
persistence:
claimName: gitea-shared-storage
size: 10Gi
storageClass: longhorn
gitea:
config:
server:
SSH_PORT: 2222
service:
DISABLE_REGISTRATION: true
REGISTER_EMAIL_CONFIRM: true
ENABLE_NOTIFY_MAIL: true
webhook:
ALLOWED_HOST_LIST: external,loopback,private
mailer:
ENABLED: true
FROM: gitea@michaelthomson.dev
PROTOCOL: smtps
SMTP_ADDR: mail.michaelthomson.dev
SMTP_PORT: 465
USER: gitea@michaelthomson.dev
admin:
existingSecret: gitea-admin-secret
email: "gitea@michaelthomson.dev"
additionalConfigSources:
- secret:
secretName: gitea-mailer-config-secret
redis-cluster:
enabled: false
postgresql-ha:
enabled: false
postgresql:
enabled: true
global:
postgresql:
auth:
password: gitea
database: gitea
username: gitea
service:
ports:
postgresql: 5432
primary:
persistence:
size: 10Gi

8
apps/gitea/repository.yaml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: gitea
namespace: gitea
spec:
interval: 15m
url: https://dl.gitea.io/charts