admin/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
homelab/infrastructure/terraform/gitea.tf
Gonçalo Rodrigues 3c981b6ba4 fix(infra): bump Gitea chart 10.x → 12.x to fix ImagePullBackOff 
Chart 10.x pinned bitnami/redis-cluster:7.2.3-debian-11 and
bitnami/postgresql-repmgr:16.1.0-debian-11 — both removed from
Docker Hub by Bitnami. Chart 12.x replaces Redis with Valkey and
uses bitnamilegacy/ images that are still available.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-20 15:29:37 +01:00

96 lines
2.4 KiB
HCL
Raw Blame History

resource "kubernetes_secret" "gitea_admin" {
metadata {
name = "gitea-admin"
namespace = kubernetes_namespace.domains["gitea"].metadata[0].name
}
data = {
username = "admin"
password = var.gitea_admin_password
email = "admin@homelab.local"
}
}
resource "helm_release" "gitea" {
name = "gitea"
namespace = kubernetes_namespace.domains["gitea"].metadata[0].name
repository = "https://dl.gitea.com/charts/"
chart = "gitea"
version = "~> 12.0"
atomic = true
timeout = 300
values = [yamlencode({
gitea = {
admin = {
existingSecret = kubernetes_secret.gitea_admin.metadata[0].name
}
config = {
APP_NAME = "Homelab Git"
server = {
DOMAIN = "git.homelab.local"
ROOT_URL = "http://git.homelab.local"
SSH_DOMAIN = "localhost"
SSH_PORT = 30001
}
packages = { ENABLED = "true" }
service = { DISABLE_REGISTRATION = "true" }
log = { LEVEL = "Warn" }
}
}
ingress = {
enabled = true
className = "traefik"
hosts = [{
host = "git.homelab.local"
paths = [{ path = "/", pathType = "Prefix" }]
}]
}
# NodePort 30002: used by k3d containerd registry mirror (see k3d/config.yaml)
service = {
http = {
type = "NodePort"
port = 3000
nodePort = 30002
}
ssh = {
type = "NodePort"
port = 22
nodePort = 30001
}
}
persistence = {
enabled = true
size = "10Gi"
storageClass = "local-path"
}
resources = {
requests = { cpu = "100m", memory = "256Mi" }
limits = { cpu = "500m", memory = "512Mi" }
}
})]
}
# imagePullSecret for finance namespace — allows k8s to pull images from Gitea registry.
# Containerd mirrors "git.homelab.local" to localhost:30002 (see k3d/config.yaml) and
# forwards these credentials to authenticate against the Gitea NodePort.
resource "kubernetes_secret" "gitea_registry_finance" {
metadata {
name = "gitea-registry"
namespace = kubernetes_namespace.domains["finance"].metadata[0].name
}
type = "kubernetes.io/dockerconfigjson"
data = {
".dockerconfigjson" = jsonencode({
auths = {
"git.homelab.local" = {
auth = base64encode("admin:${var.gitea_admin_password}")
}
}
})
}
}
Reference in New Issue View Git Blame Copy Permalink