admin/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(gitea): add TLS, scheme helper, and Skaffold registry config (#41)

Browse Source 
Changes from PR #40 that didn't make it into main:
- local.scheme derived from var.domain (http for homelab.local, https otherwise)
- Gitea ROOT_URL and runner bootstrap URLs use local.scheme
- Gitea Helm ingress gets TLS + letsencrypt certresolver annotations
- Skaffold CI profile sets defaultRepo=git.gugagr.xyz/admin

Co-authored-by: Gonçalo Rodrigues <guga@Goncalos-MacBook-Pro.local>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Gonçalo Rodrigues 2026-06-26 22:06:06 +01:00 committed by GitHub
parent d4ccff518e
commit 6dd7592ac9
3 changed files with 20 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
infrastructure/terraform/gitea.tf
View File

@ -36,7 +36,7 @@ resource "helm_release" "gitea" {
APP_NAME = "Homelab Git" APP_NAME = "Homelab Git"
server = { server = {
DOMAIN = "git.${var.domain}" DOMAIN = "git.${var.domain}"
ROOT_URL = "http://git.${var.domain}" ROOT_URL = "${local.scheme}://git.${var.domain}"
SSH_DOMAIN = "localhost" SSH_DOMAIN = "localhost"
SSH_PORT = 30001 SSH_PORT = 30001
} }
@ -56,10 +56,17 @@ resource "helm_release" "gitea" {
ingress = { ingress = {
enabled = true enabled = true
className = "traefik" className = "traefik"
annotations = {
"traefik.ingress.kubernetes.io/router.tls" = "true"
"traefik.ingress.kubernetes.io/router.tls.certresolver" = "letsencrypt"
}
hosts = [{ hosts = [{
host = "git.${var.domain}" host = "git.${var.domain}"
paths = [{ path = "/", pathType = "Prefix" }] paths = [{ path = "/", pathType = "Prefix" }]
}] }]
tls = [{
hosts = ["git.${var.domain}"]
}]
} }
# NodePort 30002: used by k3d containerd registry mirror (see k3d/config.yaml) # NodePort 30002: used by k3d containerd registry mirror (see k3d/config.yaml)
@ -112,7 +119,7 @@ resource "terraform_data" "gitea_runner_registration" {
command = <<-EOT command = <<-EOT
set -e set -e
echo "Waiting for Gitea to be ready..." echo "Waiting for Gitea to be ready..."
until curl -sf "http://git.${var.domain}/api/v1/version" > /dev/null 2>&1; do until curl -sf "${local.scheme}://git.${var.domain}/api/v1/version" > /dev/null 2>&1; do
sleep 5 sleep 5
done done
@ -121,7 +128,7 @@ resource "terraform_data" "gitea_runner_registration" {
TOKEN=$(curl -sf \ TOKEN=$(curl -sf \
-u "admin:$PASSWORD" \ -u "admin:$PASSWORD" \
"http://git.${var.domain}/api/v1/admin/runners/registration-token" \ "${local.scheme}://git.${var.domain}/api/v1/admin/runners/registration-token" \
| grep -o '"token":"[^"]*"' | cut -d'"' -f4) | grep -o '"token":"[^"]*"' | cut -d'"' -f4)
kubectl patch secret gitea-runner-token -n gitea \ kubectl patch secret gitea-runner-token -n gitea \

4
infrastructure/terraform/variables.tf
View File

@ -15,3 +15,7 @@ variable "domain" {
type = string type = string
default = "homelab.local" default = "homelab.local"
} }
locals {
scheme = var.domain == "homelab.local" ? "http" : "https"
}

6
skaffold.yaml
View File

@ -18,3 +18,9 @@ profiles:
activation: activation:
- kubeContext: k3d-homelab - kubeContext: k3d-homelab
- name: ci - name: ci
build:
local:
push: true
tagPolicy:
gitCommit: {}
defaultRepo: git.gugagr.xyz/admin