107 lines
2.3 KiB
Nix
107 lines
2.3 KiB
Nix
{
|
|
lib,
|
|
config,
|
|
globals,
|
|
...
|
|
}: {
|
|
options.forgejo.enable = lib.mkEnableOption "forgejo";
|
|
|
|
config = lib.mkIf config.forgejo.enable {
|
|
kubernetes.resources = {
|
|
secrets.forgejo.stringData.config = lib.generators.toINI {} (import ./config.nix);
|
|
|
|
deployments.server.spec = {
|
|
selector.matchLabels.app = "forgejo";
|
|
|
|
strategy = {
|
|
type = "RollingUpdate";
|
|
|
|
rollingUpdate = {
|
|
maxSurge = 0;
|
|
maxUnavailable = 1;
|
|
};
|
|
};
|
|
|
|
template = {
|
|
metadata.labels.app = "forgejo";
|
|
|
|
spec = {
|
|
# This disables services from becoming environmental variables
|
|
# to prevent SSH_PORT clashing with Forgejo config.
|
|
enableServiceLinks = false;
|
|
|
|
containers.forgejo = {
|
|
image = globals.images.forgejo;
|
|
imagePullPolicy = "IfNotPresent";
|
|
|
|
env = {
|
|
USER_UID.value = "1000";
|
|
USER_GID.value = "1000";
|
|
};
|
|
|
|
ports = {
|
|
web.containerPort = 3000;
|
|
ssh.containerPort = 22;
|
|
};
|
|
|
|
volumeMounts = [
|
|
{
|
|
name = "data";
|
|
mountPath = "/data";
|
|
}
|
|
{
|
|
name = "config";
|
|
mountPath = "/data/gitea/conf/app.ini";
|
|
subPath = "config";
|
|
}
|
|
];
|
|
};
|
|
|
|
volumes = {
|
|
data.persistentVolumeClaim.claimName = "data";
|
|
config.secret.secretName = "forgejo";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
services = {
|
|
web.spec = {
|
|
selector.app = "forgejo";
|
|
|
|
ports.web = {
|
|
port = 80;
|
|
targetPort = "web";
|
|
};
|
|
};
|
|
|
|
ssh.spec = {
|
|
type = "LoadBalancer";
|
|
loadBalancerIP = globals.gitIPv4;
|
|
selector.app = "forgejo";
|
|
|
|
ports.ssh = {
|
|
port = 56287;
|
|
targetPort = "ssh";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
lab = {
|
|
ingresses.web = {
|
|
host = "git.kun.is";
|
|
|
|
service = {
|
|
name = "web";
|
|
portName = "web";
|
|
};
|
|
};
|
|
|
|
longhorn.persistentVolumeClaim.data = {
|
|
volumeName = "forgejo";
|
|
storage = "20Gi";
|
|
};
|
|
};
|
|
};
|
|
}
|