kimjunte/juntekim.com
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 5
juntekim.com/forgejo/forgejo.yaml
Jun-te Kim dcd0d6a589 added rook and git
2026-03-11 23:27:13 +00:00

211 lines
4.5 KiB
YAML
Raw Blame History

# ================================
# FORGEJO - SELF-HOSTED GIT
# https://forgejo.org/
# ================================
---
apiVersion: v1
kind: Secret
metadata:
name: forgejo-db-secret
type: Opaque
stringData:
POSTGRES_USER: forgejo
POSTGRES_PASSWORD: changeMePleaseOtherwiseSomeoneWillKnow
POSTGRES_DB: forgejo
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: forgejo-db-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: rook-ceph-block
resources:
requests:
storage: 10Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: forgejo-postgres
labels:
app: forgejo-postgres
spec:
replicas: 1
selector:
matchLabels:
app: forgejo-postgres
template:
metadata:
labels:
app: forgejo-postgres
spec:
containers:
- name: postgres
image: postgres:16-alpine
ports:
- containerPort: 5432
env:
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
envFrom:
- secretRef:
name: forgejo-db-secret
volumeMounts:
- name: forgejo-db-data
mountPath: /var/lib/postgresql/data
volumes:
- name: forgejo-db-data
persistentVolumeClaim:
claimName: forgejo-db-pvc
---
apiVersion: v1
kind: Service
metadata:
name: forgejo-postgres
spec:
selector:
app: forgejo-postgres
ports:
- port: 5432
targetPort: 5432
# -------------------------
# FORGEJO APP
# -------------------------
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: forgejo-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: rook-ceph-block
resources:
requests:
storage: 20Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: forgejo
labels:
app: forgejo
spec:
replicas: 1
selector:
matchLabels:
app: forgejo
template:
metadata:
labels:
app: forgejo
spec:
initContainers:
- name: fix-permissions
image: busybox
command: ["sh", "-c", "chown -R 1000:1000 /data"]
volumeMounts:
- name: forgejo-data
mountPath: /data
containers:
- name: forgejo
image: codeberg.org/forgejo/forgejo:10
ports:
- containerPort: 3000
name: http
- containerPort: 22
name: ssh
env:
- name: FORGEJO__server__DOMAIN
value: git.juntekim.com
- name: FORGEJO__server__ROOT_URL
value: https://git.juntekim.com
- name: FORGEJO__server__HTTP_PORT
value: "3000"
- name: FORGEJO__server__SSH_PORT
value: "2222"
- name: FORGEJO__server__SSH_DOMAIN
value: git.juntekim.com
- name: FORGEJO__database__DB_TYPE
value: postgres
- name: FORGEJO__database__HOST
value: forgejo-postgres:5432
- name: FORGEJO__database__NAME
valueFrom:
secretKeyRef:
name: forgejo-db-secret
key: POSTGRES_DB
- name: FORGEJO__database__USER
valueFrom:
secretKeyRef:
name: forgejo-db-secret
key: POSTGRES_USER
- name: FORGEJO__database__PASSWD
valueFrom:
secretKeyRef:
name: forgejo-db-secret
key: POSTGRES_PASSWORD
- name: FORGEJO__security__INSTALL_LOCK
value: "true"
volumeMounts:
- name: forgejo-data
mountPath: /data
volumes:
- name: forgejo-data
persistentVolumeClaim:
claimName: forgejo-pvc
---
apiVersion: v1
kind: Service
metadata:
name: forgejo
spec:
selector:
app: forgejo
ports:
- name: http
port: 3000
targetPort: 3000
---
# SSH exposed via LoadBalancer on port 2222 (MetalLB)
apiVersion: v1
kind: Service
metadata:
name: forgejo-ssh
spec:
type: LoadBalancer
selector:
app: forgejo
ports:
- name: ssh
port: 2222
targetPort: 22
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: forgejo-ingressroute
spec:
entryPoints:
- websecure
routes:
- match: Host(`git.juntekim.com`)
kind: Rule
services:
- name: forgejo
port: 3000
tls:
certResolver: myresolver
domains:
- main: git.juntekim.com
Reference in a new issue View git blame Copy permalink