feat(init): Add initial installation for admin user

This commit is contained in:
Tanguy Herbron 2023-07-04 17:15:04 +02:00
parent c61680ebf8
commit 5452633f37
5 changed files with 128 additions and 73 deletions

4
README.md Normal file
View File

@ -0,0 +1,4 @@
# Gitea
Front end for Git, with integrated Container Registry and CI/CD capabilities.
This repository only contains configuration used for Kubernetes.

View File

@ -0,0 +1,16 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: gitea-admin-creator
namespace: gitea
data:
admin-creator.sh: |
#!/bin/sh
gitea admin user list --admin | grep $(echo ' ' $ADMIN_USER ' ') >/dev/null 2>&1
if [ $? -eq 1 ];
then
gitea admin user create --username $ADMIN_USER --password $ADMIN_PASSWORD --email $ADMIN_MAIL --admin
fi

View File

@ -4,88 +4,91 @@ metadata:
name: gitea-config
namespace: gitea
data:
app.ini: "|
APP_NAME = Migration playground for Halia gitlab
RUN_MODE = prod
RUN_USER = git
APP_NAME: Halia hosted git solution
RUN_MODE: prod
GITEA__server__DISABLE_SSH: "true"
GITEA__security__INSTALL_LOCK: "true"
GITEA__service__DISABLE_REGISTRATION: "true"
#app.ini: |
# APP_NAME = K8s implementation
# RUN_MODE = prod
# RUN_USER = git
[repository]
ROOT = /data/git/repositories
# [repository]
# ROOT = /data/git/repositories
[repository.local]
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
# [repository.local]
# LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
[repository.upload]
TEMP_PATH = /data/gitea/uploads
# [repository.upload]
# TEMP_PATH = /data/gitea/uploads
[server]
APP_DATA_PATH = /data/gitea
DOMAIN = localhost
SSH_DOMAIN = localhost
HTTP_PORT = 3000
ROOT_URL = http://localhost:3000/
DISABLE_SSH = false
SSH_PORT = 22
SSH_LISTEN_PORT = 22
LFS_START_SERVER = true
OFFLINE_MODE = false
# [server]
# APP_DATA_PATH = /data/gitea
# DOMAIN = localhost
# SSH_DOMAIN = localhost
# HTTP_PORT = 3000
# ROOT_URL = http://localhost:3000/
# SSH_PORT = 22
# SSH_LISTEN_PORT = 22
# LFS_START_SERVER = true
# OFFLINE_MODE = false
[indexer]
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
# [indexer]
# ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
[session]
PROVIDER_CONFIG = /data/gitea/sessions
PROVIDER = file
# [session]
# PROVIDER_CONFIG = /data/gitea/sessions
# PROVIDER = file
[picture]
AVATAR_UPLOAD_PATH = /data/gitea/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
# [picture]
# AVATAR_UPLOAD_PATH = /data/gitea/avatars
# REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
[attachment]
PATH = /data/gitea/attachments
# [attachment]
# PATH = /data/gitea/attachments
[log]
MODE = console
LEVEL = info
ROUTER = console
ROOT_PATH = /data/gitea/log
# [log]
# MODE = console
# LEVEL = info
# ROUTER = console
# ROOT_PATH = /data/gitea/log
[security]
INSTALL_LOCK = true
SECRET_KEY =
REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_TRUSTED_PROXIES = *
INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2ODUzNTc4ODZ9.TWDx6Xj8JIHFAajS-V6PdHNdofUcFfxPnAlBbxBXDl0
PASSWORD_HASH_ALGO = pbkdf2
# [security]
# SECRET_KEY = NONE
# REVERSE_PROXY_LIMIT = 1
# REVERSE_PROXY_TRUSTED_PROXIES = *
# PASSWORD_HASH_ALGO = pbkdf2
[service]
DISABLE_REGISTRATION = false
REQUIRE_SIGNIN_VIEW = false
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.localhost
# [service]
# REQUIRE_SIGNIN_VIEW = false
# REGISTER_EMAIL_CONFIRM = false
# ENABLE_NOTIFY_MAIL = false
# ALLOW_ONLY_EXTERNAL_REGISTRATION = false
# ENABLE_CAPTCHA = false
# DEFAULT_KEEP_EMAIL_PRIVATE = false
# DEFAULT_ALLOW_CREATE_ORGANIZATION = true
# DEFAULT_ENABLE_TIMETRACKING = true
# NO_REPLY_ADDRESS = noreply.localhost
[lfs]
PATH = /data/git/lfs
# [lfs]
# PATH = /data/git/lfs
[mailer]
ENABLED = false
# [mailer]
# ENABLED = false
[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true
# [openid]
# ENABLE_OPENID_SIGNIN = true
# ENABLE_OPENID_SIGNUP = true
[cron.update_checker]
ENABLED = false
# [cron.update_checker]
# ENABLED = false
[repository.pull-request]
DEFAULT_MERGE_STYLE = merge
# [repository.pull-request]
# DEFAULT_MERGE_STYLE = merge
[repository.signing]
DEFAULT_TRUST_MODEL = committer
"
# [repository.signing]
# DEFAULT_TRUST_MODEL = committer
# [oauth2]
# ENABLE = false

View File

@ -15,11 +15,16 @@ spec:
spec:
hostname: gitea
subdomain: gitea
nodeName: hb-wide-1
containers:
- name: gitea
image: gitea/gitea:1.19.3
ports:
- containerPort: 3000
lifecycle:
postStart:
exec:
command: ["sh", "-c", "sleep 1 && su git -c 'sh /admin-creator.sh'"]
env:
- name: GITEA__database__DB_TYPE
value: "postgres"
@ -27,8 +32,13 @@ spec:
value: "gitea.gitea.svc.cluster.local:5432"
- name: GITEA__database__NAME
value: "gitea"
- name: GITEA__database__SSL_MODE
value: "require"
- name: GITEA__database__USER
value: "gitea"
valueFrom:
secretKeyRef:
name: gitea.gitea.credentials.postgresql.acid.zalan.do
key: username
- name: GITEA__database__PASSWD
valueFrom:
secretKeyRef:
@ -42,12 +52,30 @@ spec:
- name: GITEA__security__INTERNAL_TOKEN
valueFrom:
secretKeyRef:
name: gitea-lfs-jwt-secret
name: gitea-internal-token
key: token
- name: ADMIN_USER
valueFrom:
secretKeyRef:
name: gitea-admin-user
key: token
- name: ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: gitea-admin-password
key: token
- name: ADMIN_MAIL
valueFrom:
secretKeyRef:
name: gitea-admin-mail
key: token
envFrom:
- configMapRef:
name: gitea-config
volumeMounts:
- mountPath: "/data/gitea/conf/app.ini"
name: gitea-config-volume
subPath: app.ini
- mountPath: "/admin-creator.sh"
name: gitea-admin-creator
subPath: admin-creator.sh
volumes:
- name: gitea-pv
hostPath:
@ -55,3 +83,6 @@ spec:
- name: gitea-config-volume
configMap:
name: gitea-config
- name: gitea-admin-creator
configMap:
name: gitea-admin-creator

View File

@ -7,4 +7,5 @@ resources:
- service.yaml
- ingress.yaml
- configmap.yaml
- admin-creator.yaml
- deployment.yaml