feat(init): Add initial installation for admin user

This commit is contained in:
Tanguy Herbron 2023-07-04 17:15:04 +02:00
parent c61680ebf8
commit 5452633f37
5 changed files with 128 additions and 73 deletions

4
README.md Normal file
View File

@ -0,0 +1,4 @@
# Gitea
Front end for Git, with integrated Container Registry and CI/CD capabilities.
This repository only contains configuration used for Kubernetes.

View File

@ -0,0 +1,16 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: gitea-admin-creator
namespace: gitea
data:
admin-creator.sh: |
#!/bin/sh
gitea admin user list --admin | grep $(echo ' ' $ADMIN_USER ' ') >/dev/null 2>&1
if [ $? -eq 1 ];
then
gitea admin user create --username $ADMIN_USER --password $ADMIN_PASSWORD --email $ADMIN_MAIL --admin
fi

View File

@ -4,88 +4,91 @@ metadata:
name: gitea-config name: gitea-config
namespace: gitea namespace: gitea
data: data:
app.ini: "| APP_NAME: Halia hosted git solution
APP_NAME = Migration playground for Halia gitlab RUN_MODE: prod
RUN_MODE = prod GITEA__server__DISABLE_SSH: "true"
RUN_USER = git GITEA__security__INSTALL_LOCK: "true"
GITEA__service__DISABLE_REGISTRATION: "true"
#app.ini: |
# APP_NAME = K8s implementation
# RUN_MODE = prod
# RUN_USER = git
[repository] # [repository]
ROOT = /data/git/repositories # ROOT = /data/git/repositories
[repository.local] # [repository.local]
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo # LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
[repository.upload] # [repository.upload]
TEMP_PATH = /data/gitea/uploads # TEMP_PATH = /data/gitea/uploads
[server] # [server]
APP_DATA_PATH = /data/gitea # APP_DATA_PATH = /data/gitea
DOMAIN = localhost # DOMAIN = localhost
SSH_DOMAIN = localhost # SSH_DOMAIN = localhost
HTTP_PORT = 3000 # HTTP_PORT = 3000
ROOT_URL = http://localhost:3000/ # ROOT_URL = http://localhost:3000/
DISABLE_SSH = false # SSH_PORT = 22
SSH_PORT = 22 # SSH_LISTEN_PORT = 22
SSH_LISTEN_PORT = 22 # LFS_START_SERVER = true
LFS_START_SERVER = true # OFFLINE_MODE = false
OFFLINE_MODE = false
[indexer] # [indexer]
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve # ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
[session] # [session]
PROVIDER_CONFIG = /data/gitea/sessions # PROVIDER_CONFIG = /data/gitea/sessions
PROVIDER = file # PROVIDER = file
[picture] # [picture]
AVATAR_UPLOAD_PATH = /data/gitea/avatars # AVATAR_UPLOAD_PATH = /data/gitea/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars # REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
[attachment] # [attachment]
PATH = /data/gitea/attachments # PATH = /data/gitea/attachments
[log] # [log]
MODE = console # MODE = console
LEVEL = info # LEVEL = info
ROUTER = console # ROUTER = console
ROOT_PATH = /data/gitea/log # ROOT_PATH = /data/gitea/log
[security] # [security]
INSTALL_LOCK = true # SECRET_KEY = NONE
SECRET_KEY = # REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_LIMIT = 1 # REVERSE_PROXY_TRUSTED_PROXIES = *
REVERSE_PROXY_TRUSTED_PROXIES = * # PASSWORD_HASH_ALGO = pbkdf2
INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2ODUzNTc4ODZ9.TWDx6Xj8JIHFAajS-V6PdHNdofUcFfxPnAlBbxBXDl0
PASSWORD_HASH_ALGO = pbkdf2
[service] # [service]
DISABLE_REGISTRATION = false # REQUIRE_SIGNIN_VIEW = false
REQUIRE_SIGNIN_VIEW = false # REGISTER_EMAIL_CONFIRM = false
REGISTER_EMAIL_CONFIRM = false # ENABLE_NOTIFY_MAIL = false
ENABLE_NOTIFY_MAIL = false # ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false # ENABLE_CAPTCHA = false
ENABLE_CAPTCHA = false # DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_KEEP_EMAIL_PRIVATE = false # DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ALLOW_CREATE_ORGANIZATION = true # DEFAULT_ENABLE_TIMETRACKING = true
DEFAULT_ENABLE_TIMETRACKING = true # NO_REPLY_ADDRESS = noreply.localhost
NO_REPLY_ADDRESS = noreply.localhost
[lfs] # [lfs]
PATH = /data/git/lfs # PATH = /data/git/lfs
[mailer] # [mailer]
ENABLED = false # ENABLED = false
[openid] # [openid]
ENABLE_OPENID_SIGNIN = true # ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true # ENABLE_OPENID_SIGNUP = true
[cron.update_checker] # [cron.update_checker]
ENABLED = false # ENABLED = false
[repository.pull-request] # [repository.pull-request]
DEFAULT_MERGE_STYLE = merge # DEFAULT_MERGE_STYLE = merge
[repository.signing] # [repository.signing]
DEFAULT_TRUST_MODEL = committer # DEFAULT_TRUST_MODEL = committer
"
# [oauth2]
# ENABLE = false

View File

@ -15,11 +15,16 @@ spec:
spec: spec:
hostname: gitea hostname: gitea
subdomain: gitea subdomain: gitea
nodeName: hb-wide-1
containers: containers:
- name: gitea - name: gitea
image: gitea/gitea:1.19.3 image: gitea/gitea:1.19.3
ports: ports:
- containerPort: 3000 - containerPort: 3000
lifecycle:
postStart:
exec:
command: ["sh", "-c", "sleep 1 && su git -c 'sh /admin-creator.sh'"]
env: env:
- name: GITEA__database__DB_TYPE - name: GITEA__database__DB_TYPE
value: "postgres" value: "postgres"
@ -27,8 +32,13 @@ spec:
value: "gitea.gitea.svc.cluster.local:5432" value: "gitea.gitea.svc.cluster.local:5432"
- name: GITEA__database__NAME - name: GITEA__database__NAME
value: "gitea" value: "gitea"
- name: GITEA__database__SSL_MODE
value: "require"
- name: GITEA__database__USER - name: GITEA__database__USER
value: "gitea" valueFrom:
secretKeyRef:
name: gitea.gitea.credentials.postgresql.acid.zalan.do
key: username
- name: GITEA__database__PASSWD - name: GITEA__database__PASSWD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
@ -42,12 +52,30 @@ spec:
- name: GITEA__security__INTERNAL_TOKEN - name: GITEA__security__INTERNAL_TOKEN
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gitea-lfs-jwt-secret name: gitea-internal-token
key: token key: token
- name: ADMIN_USER
valueFrom:
secretKeyRef:
name: gitea-admin-user
key: token
- name: ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: gitea-admin-password
key: token
- name: ADMIN_MAIL
valueFrom:
secretKeyRef:
name: gitea-admin-mail
key: token
envFrom:
- configMapRef:
name: gitea-config
volumeMounts: volumeMounts:
- mountPath: "/data/gitea/conf/app.ini" - mountPath: "/admin-creator.sh"
name: gitea-config-volume name: gitea-admin-creator
subPath: app.ini subPath: admin-creator.sh
volumes: volumes:
- name: gitea-pv - name: gitea-pv
hostPath: hostPath:
@ -55,3 +83,6 @@ spec:
- name: gitea-config-volume - name: gitea-config-volume
configMap: configMap:
name: gitea-config name: gitea-config
- name: gitea-admin-creator
configMap:
name: gitea-admin-creator

View File

@ -7,4 +7,5 @@ resources:
- service.yaml - service.yaml
- ingress.yaml - ingress.yaml
- configmap.yaml - configmap.yaml
- admin-creator.yaml
- deployment.yaml - deployment.yaml