stacks-instances/otc/ssh-test.t09.de/stacks/forgejo/forgejo-server/values.yaml

# We use recreate to make sure only one instance with one version is running, because Forgejo might break or data gets inconsistant. 
strategy:
  type: Recreate

redis-cluster:
  enabled: false

redis:
  enabled: false

postgresql:
  enabled: false

postgresql-ha:
  enabled: false

persistence:
  enabled: true
  size: 200Gi
  annotations:
    everest.io/crypt-key-id: 4ca109df-c449-4ebe-9796-ebaf6ad382a0

test:
  enabled: false

deployment:
  env:
    - name: SSL_CERT_DIR
      value: /etc/ssl/forgejo

extraVolumeMounts:
  - mountPath: /etc/ssl/forgejo
    name: custom-database-certs-volume
    readOnly: true

extraVolumes:
  - name: custom-database-certs-volume
    secret:
      secretName: custom-database-certs

gitea:
  additionalConfigFromEnvs:
    - name: FORGEJO__storage__MINIO_ACCESS_KEY_ID
      valueFrom:
        secretKeyRef:
          name: forgejo-cloud-credentials
          key: access-key
    - name: FORGEJO__storage__MINIO_SECRET_ACCESS_KEY
      valueFrom:
        secretKeyRef:
          name: forgejo-cloud-credentials
          key: secret-key
    - name: FORGEJO__queue__CONN_STR
      valueFrom:
        secretKeyRef:
          name: redis-forgejo-cloud-credentials
          key: connection-string
    - name: FORGEJO__session__PROVIDER_CONFIG
      valueFrom:
        secretKeyRef:
          name: redis-forgejo-cloud-credentials
          key: connection-string
    - name: FORGEJO__cache__HOST
      valueFrom:
        secretKeyRef:
          name: redis-forgejo-cloud-credentials
          key: connection-string
    - name: FORGEJO__database__HOST
      valueFrom:
        secretKeyRef:
          name: postgres-forgejo-cloud-credentials
          key: host_port
    - name: FORGEJO__database__NAME
      valueFrom:
        secretKeyRef:
          name: postgres-forgejo-cloud-credentials
          key: database
    - name: FORGEJO__database__USER
      valueFrom:
        secretKeyRef:
          name: postgres-forgejo-cloud-credentials
          key: username
    - name: FORGEJO__database__PASSWD
      valueFrom:
        secretKeyRef:
          name: postgres-forgejo-cloud-credentials
          key: password
    - name: FORGEJO__indexer__ISSUE_INDEXER_CONN_STR
      valueFrom:
        secretKeyRef:
          name: elasticsearch-cloud-credentials
          key: connection-string
    - name: FORGEJO__mailer__PASSWD
      valueFrom:
        secretKeyRef:
          name: email-user-credentials
          key: connection-string

  admin:
    existingSecret: gitea-credential

  config:
    APP_NAME: 'EDP'
    APP_SLOGAN: 'Build your thing in minutes'
    indexer:
      ISSUE_INDEXER_ENABLED: true
      ISSUE_INDEXER_TYPE: elasticsearch
      # TODO next
      REPO_INDEXER_ENABLED: false
      # REPO_INDEXER_TYPE: meilisearch # not yet working

    storage:
      MINIO_ENDPOINT: obs.eu-de.otc.t-systems.com:443
      STORAGE_TYPE: minio
      MINIO_LOCATION: eu-de
      MINIO_BUCKET: edp-forgejo-ssh-test
      MINIO_USE_SSL: true

    queue:
      TYPE: redis

    session:
      PROVIDER: redis

    cache:
      ENABLED: true
      ADAPTER: redis

    service:
      DISABLE_REGISTRATION: true

    other:
      SHOW_FOOTER_VERSION: false
      SHOW_FOOTER_TEMPLATE_LOAD_TIME: false

    database:
      DB_TYPE: postgres
      SSL_MODE: verify-ca

    server:
      DOMAIN: 'ssh-test.t09.de'
      ROOT_URL: 'https://ssh-test.t09.de:443'

    mailer:
      ENABLED: true
      USER: ipcei-cis-devfw@mms-support.de
      PROTOCOL: smtps
      FROM: '"IPCEI CIS DevFW" <ipcei-cis-devfw@mms-support.de>'
      SMTP_ADDR: mail.mms-support.de
      SMTP_PORT: 465

service:
  ssh:
    type: LoadBalancer
    nodePort: 32222
    externalTrafficPolicy: Cluster
    annotations:
      kubernetes.io/elb.id: e31569e5-e137-430c-a60b-d1e8f629a05c  

image:
  pullPolicy: "IfNotPresent"
  # Overrides the image tag whose default is the chart appVersion.
  #tag: "8.0.3"
  # Adds -rootless suffix to image name
  # rootless: true
  fullOverride: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/edp-forgejo:prerelease-v11-0-1-rootless

forgejo:
  runner:
    enabled: true
    image:
      tag: latest
    # replicas: 3
    config:
      runner:
        labels:
          - docker:docker://node:16-bullseye
          - self-hosted:docker://ghcr.io/catthehacker/ubuntu:act-22.04
          - ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04
          - ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-22.04
Initial upload 2025-07-04 08:11:43 +00:00			`# We use recreate to make sure only one instance with one version is running, because Forgejo might break or data gets inconsistant.`
			`strategy:`
			`type: Recreate`

			`redis-cluster:`
			`enabled: false`

			`redis:`
			`enabled: false`

			`postgresql:`
			`enabled: false`

			`postgresql-ha:`
			`enabled: false`

			`persistence:`
			`enabled: true`
			`size: 200Gi`
			`annotations:`
			`everest.io/crypt-key-id: 4ca109df-c449-4ebe-9796-ebaf6ad382a0`

			`test:`
			`enabled: false`

			`deployment:`
			`env:`
			`- name: SSL_CERT_DIR`
			`value: /etc/ssl/forgejo`

			`extraVolumeMounts:`
			`- mountPath: /etc/ssl/forgejo`
			`name: custom-database-certs-volume`
			`readOnly: true`

			`extraVolumes:`
			`- name: custom-database-certs-volume`
			`secret:`
			`secretName: custom-database-certs`

			`gitea:`
			`additionalConfigFromEnvs:`
			`- name: FORGEJO__storage__MINIO_ACCESS_KEY_ID`
			`valueFrom:`
			`secretKeyRef:`
			`name: forgejo-cloud-credentials`
			`key: access-key`
			`- name: FORGEJO__storage__MINIO_SECRET_ACCESS_KEY`
			`valueFrom:`
			`secretKeyRef:`
			`name: forgejo-cloud-credentials`
			`key: secret-key`
			`- name: FORGEJO__queue__CONN_STR`
			`valueFrom:`
			`secretKeyRef:`
			`name: redis-forgejo-cloud-credentials`
			`key: connection-string`
			`- name: FORGEJO__session__PROVIDER_CONFIG`
			`valueFrom:`
			`secretKeyRef:`
			`name: redis-forgejo-cloud-credentials`
			`key: connection-string`
			`- name: FORGEJO__cache__HOST`
			`valueFrom:`
			`secretKeyRef:`
			`name: redis-forgejo-cloud-credentials`
			`key: connection-string`
			`- name: FORGEJO__database__HOST`
			`valueFrom:`
			`secretKeyRef:`
			`name: postgres-forgejo-cloud-credentials`
			`key: host_port`
			`- name: FORGEJO__database__NAME`
			`valueFrom:`
			`secretKeyRef:`
			`name: postgres-forgejo-cloud-credentials`
			`key: database`
			`- name: FORGEJO__database__USER`
			`valueFrom:`
			`secretKeyRef:`
			`name: postgres-forgejo-cloud-credentials`
			`key: username`
			`- name: FORGEJO__database__PASSWD`
			`valueFrom:`
			`secretKeyRef:`
			`name: postgres-forgejo-cloud-credentials`
			`key: password`
			`- name: FORGEJO__indexer__ISSUE_INDEXER_CONN_STR`
			`valueFrom:`
			`secretKeyRef:`
			`name: elasticsearch-cloud-credentials`
			`key: connection-string`
			`- name: FORGEJO__mailer__PASSWD`
			`valueFrom:`
			`secretKeyRef:`
			`name: email-user-credentials`
			`key: connection-string`

			`admin:`
			`existingSecret: gitea-credential`

			`config:`
			`APP_NAME: 'EDP'`
			`APP_SLOGAN: 'Build your thing in minutes'`
			`indexer:`
			`ISSUE_INDEXER_ENABLED: true`
			`ISSUE_INDEXER_TYPE: elasticsearch`
			`# TODO next`
			`REPO_INDEXER_ENABLED: false`
			`# REPO_INDEXER_TYPE: meilisearch # not yet working`

			`storage:`
			`MINIO_ENDPOINT: obs.eu-de.otc.t-systems.com:443`
			`STORAGE_TYPE: minio`
			`MINIO_LOCATION: eu-de`
			`MINIO_BUCKET: edp-forgejo-ssh-test`
			`MINIO_USE_SSL: true`

			`queue:`
			`TYPE: redis`

			`session:`
			`PROVIDER: redis`

			`cache:`
			`ENABLED: true`
			`ADAPTER: redis`

			`service:`
			`DISABLE_REGISTRATION: true`

			`other:`
			`SHOW_FOOTER_VERSION: false`
			`SHOW_FOOTER_TEMPLATE_LOAD_TIME: false`

			`database:`
			`DB_TYPE: postgres`
			`SSL_MODE: verify-ca`

			`server:`
			`DOMAIN: 'ssh-test.t09.de'`
			`ROOT_URL: 'https://ssh-test.t09.de:443'`

			`mailer:`
			`ENABLED: true`
			`USER: ipcei-cis-devfw@mms-support.de`
			`PROTOCOL: smtps`
			`FROM: '"IPCEI CIS DevFW" <ipcei-cis-devfw@mms-support.de>'`
			`SMTP_ADDR: mail.mms-support.de`
			`SMTP_PORT: 465`

			`service:`
			`ssh:`
			`type: LoadBalancer`
			`nodePort: 32222`
			`externalTrafficPolicy: Cluster`
			`annotations:`
			`kubernetes.io/elb.id: e31569e5-e137-430c-a60b-d1e8f629a05c`

			`image:`
			`pullPolicy: "IfNotPresent"`
			`# Overrides the image tag whose default is the chart appVersion.`
			`#tag: "8.0.3"`
			`# Adds -rootless suffix to image name`
			`# rootless: true`
			`fullOverride: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/edp-forgejo:prerelease-v11-0-1-rootless`

			`forgejo:`
			`runner:`
			`enabled: true`
			`image:`
			`tag: latest`
			`# replicas: 3`
			`config:`
			`runner:`
			`labels:`
			`- docker:docker://node:16-bullseye`
			`- self-hosted:docker://ghcr.io/catthehacker/ubuntu:act-22.04`
			`- ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04`
			`- ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-22.04`