--- # tasks file for gitea - name: Add gitea repo kubernetes.core.helm_repository: name: gitea repo_url: https://dl.gitea.com/charts/ register: repo_update - name: Update Helm repos command: helm repo update when: repo_update.changed - name: Deploy Gitea kubernetes.core.helm: name: gitea chart_ref: gitea/gitea release_namespace: gitea create_namespace: true values: service: ssh: type: LoadBalancer ingress: enabled: true className: nginx annotations: cert-manager.io/cluster-issuer: ca-issuer hosts: - host: gitea.eom.dev paths: - path: / pathType: Prefix tls: - hosts: - gitea.eom.dev secretName: gitea-tls persistence: size: 2Ti actions: enabled: true provisioning: enabled: true gitea: metrics: enabled: true admin: username: gitea password: "{{ gitea_admin_password }}" email: gitea@postfix.eom.dev ldap: - name: OpenLDAP securityProtocol: unencrypted host: openldap.openldap.svc.cluster.local port: 389 userSearchBase: dc=eom,dc=dev userFilter: (&(objectClass=posixAccount)(uid=%s)(memberOf=cn=Gitea Users,ou=Gitea,ou=Services,dc=eom,dc=dev)) adminFilter: (memberOf=cn=Gitea Administrators,ou=Gitea,ou=Services,dc=eom,dc=dev) emailAttribute: mail bindDn: cn=readonly,dc=eom,dc=dev bindPassword: "{{ openldap_readonly_password }}" usernameAttribute: uid publicSSHKeyAttribute: sshPublicKey config: APP_NAME: "Gitea" service: DISABLE_REGISTRATION: true DEFAULT_ALLOW_CREATE_ORGANIZATION: false redis: enabled: true global: redis: password: "{{ gitea_admin_password }}" master: persistence: size: 32Gi replica: persistence: size: 32Gi redis-cluster: enabled: false postgresql: enabled: true global: postgresql: auth: password: "{{ gitea_admin_password }}" primary: persistence: size: 256Gi readReplicas: persistence: size: 256Gi postgresql-ha: enabled: false