Integrate NOVUM-RGI chart into the official helm chart. #7
|
@ -1,46 +0,0 @@
|
|||
{{/*
|
||||
Create helm partial for gitea server
|
||||
*/}}
|
||||
{{- define "gitea" }}
|
||||
- name: gitea
|
||||
image: {{ .Values.images.gitea }}
|
||||
imagePullPolicy: {{ .Values.images.pullPolicy }}
|
||||
env:
|
||||
- name: DATABASE_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.mariadb.enabled }}
|
||||
name: {{ template "mariadb.fullname" . }}
|
||||
key: mariadb-password
|
||||
{{- else }}
|
||||
name: {{ printf "%s-%s" .Release.Name "externaldb" }}
|
||||
key: db-password
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: ssh
|
||||
containerPort: 22
|
||||
- name: http
|
||||
containerPort: 3000
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: http
|
||||
initialDelaySeconds: 200
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
failureThreshold: 10
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: http
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
failureThreshold: 3
|
||||
resources:
|
||||
{{ toYaml .Values.resources.gitea | indent 10 }}
|
||||
volumeMounts:
|
||||
- name: gitea-data
|
||||
mountPath: /data
|
||||
- name: gitea-config
|
||||
mountPath: /etc/gitea
|
||||
{{- end }}
|
881
templates/gitea/config.yaml
Normal file
881
templates/gitea/config.yaml
Normal file
|
@ -0,0 +1,881 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "gitea.fullname" . }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
data:
|
||||
app.ini: |-
|
||||
; This file lists the default values used by Gitea
|
||||
; Copy required sections to your own app.ini (default is custom/conf/app.ini)
|
||||
; and modify as needed.
|
||||
|
||||
; see https://docs.gitea.io/en-us/config-cheat-sheet/ for additional documentation.
|
||||
|
||||
; App name that shows in every page title
|
||||
APP_NAME = {{ .Values.gitea.config.appName }}
|
||||
; Change it if you run locally
|
||||
RUN_USER = {{ .Values.gitea.config.runUser }}
|
||||
; Either "dev", "prod" or "test", default is "dev"
|
||||
RUN_MODE = {{ .Values.gitea.config.runMode }}
|
||||
|
||||
[repository]
|
||||
ROOT = {{ .Values.gitea.repository.root }}
|
||||
SCRIPT_TYPE = bash
|
||||
; Default ANSI charset
|
||||
ANSI_CHARSET =
|
||||
; Force every new repository to be private
|
||||
FORCE_PRIVATE = {{ .Values.gitea.repository.forcePrivate }}
|
||||
; Default privacy setting when creating a new repository, allowed values: last, private, public. Default is last which means the last setting used.
|
||||
DEFAULT_PRIVATE = {{ .Values.gitea.repository.defaultPrivate }}
|
||||
; Global limit of repositories per user, applied at creation time. -1 means no limit
|
||||
MAX_CREATION_LIMIT = {{ .Values.gitea.repository.maxCreationLimit }}
|
||||
; Mirror sync queue length, increase if mirror syncing starts hanging
|
||||
MIRROR_QUEUE_LENGTH = {{ .Values.gitea.repository.mirrorQueueLength }}
|
||||
; Patch test queue length, increase if pull request patch testing starts hanging
|
||||
PULL_REQUEST_QUEUE_LENGTH = {{ .Values.gitea.repository.pullRequestQueueLength }}
|
||||
; Preferred Licenses to place at the top of the List
|
||||
; The name here must match the filename in conf/license or custom/conf/license
|
||||
PREFERRED_LICENSES = {{ .Values.gitea.repository.preferredLicenses }}
|
||||
; Disable the ability to interact with repositories using the HTTP protocol
|
||||
DISABLE_HTTP_GIT = {{ .Values.gitea.repository.disableHttpGit }}
|
||||
; Force ssh:// clone url instead of scp-style uri when default SSH port is used
|
||||
USE_COMPAT_SSH_URI = {{ .Values.gitea.repository.useCompatSSHUri }}
|
||||
|
||||
[repository.editor]
|
||||
; List of file extensions for which lines should be wrapped in the CodeMirror editor
|
||||
; Separate extensions with a comma. To line wrap files without an extension, just put a comma
|
||||
LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd,
|
||||
; Valid file modes that have a preview API associated with them, such as api/v1/markdown
|
||||
; Separate the values by commas. The preview tab in edit mode won't be displayed if the file extension doesn't match
|
||||
PREVIEWABLE_FILE_MODES = markdown
|
||||
|
||||
[repository.local]
|
||||
; Path for local repository copy. Defaults to `tmp/local-repo`
|
||||
LOCAL_COPY_PATH = {{ .Values.gitea.repository.local.copyPath }}
|
||||
; Path for local wiki copy. Defaults to `tmp/local-wiki`
|
||||
LOCAL_WIKI_PATH = {{ .Values.gitea.repository.local.wikiPath }}
|
||||
|
||||
[repository.upload]
|
||||
; Whether repository file uploads are enabled. Defaults to `true`
|
||||
ENABLED = {{ .Values.gitea.repository.upload.enabled }}
|
||||
; Path for uploads. Defaults to `data/tmp/uploads` (tmp gets deleted on gitea restart)
|
||||
TEMP_PATH = {{ .Values.gitea.repository.upload.tempPath }}
|
||||
; One or more allowed types, e.g. image/jpeg|image/png. Nothing means any file type
|
||||
ALLOWED_TYPES = {{ .Values.gitea.repository.upload.allowedTypes }}
|
||||
; Max size of each file in megabytes. Defaults to 3MB
|
||||
FILE_MAX_SIZE = {{ .Values.gitea.repository.upload.fileMaxSize }}
|
||||
; Max number of files per upload. Defaults to 5
|
||||
MAX_FILES = {{ .Values.gitea.repository.upload.maxFiles }}
|
||||
|
||||
[repository.pull-request]
|
||||
; List of prefixes used in Pull Request title to mark them as Work In Progress
|
||||
WORK_IN_PROGRESS_PREFIXES = {{ .Values.gitea.repository.pullRequest.workInProgressPrefixes }}
|
||||
; List of keywords used in Pull Request comments to automatically close a related issue
|
||||
CLOSE_KEYWORDS= {{ .Values.gitea.repository.pullRequest.closeKeywords }}
|
||||
; List of keywords used in Pull Request comments to automatically reopen a related issue
|
||||
REOPEN_KEYWORDS= {{ .Values.gitea.repository.pullRequest.reopenKeywords }}
|
||||
; In the default merge message for squash commits include at most this many commits
|
||||
DEFAULT_MERGE_MESSAGE_COMMITS_LIMIT= {{ .Values.gitea.repository.pullRequest.defaultMergeMessageCommitsLimit }}
|
||||
; In the default merge message for squash commits limit the size of the commit messages to this
|
||||
DEFAULT_MERGE_MESSAGE_SIZE = {{ .Values.gitea.repository.pullRequest.defaultMergeMessageSize }}
|
||||
; In the default merge message for squash commits walk all commits to include all authors in the Co-authored-by otherwise just use those in the limited list
|
||||
DEFAULT_MERGE_MESSAGE_ALL_AUTHORS = {{ .Values.gitea.repository.pullRequest.defaultMergeMessageAllAuthors }}
|
||||
; In default merge messages limit the number of approvers listed as Reviewed-by: to this many
|
||||
DEFAULT_MERGE_MESSAGE_MAX_APPROVERS = {{ .Values.gitea.repository.pullRequest.defaultMergeMessageMaxApprovers }}
|
||||
; In default merge messages only include approvers who are official
|
||||
DEFAULT_MERGE_MESSAGE_OFFICIAL_APPROVERS_ONLY = {{ .Values.gitea.repository.pullRequest.defaultMergeMessageOfficialApproversOnly }}
|
||||
|
||||
[repository.signing]
|
||||
; GPG key to use to sign commits, Defaults to the default - that is the value of git config --get user.signingkey
|
||||
; run in the context of the RUN_USER
|
||||
; Switch to none to stop signing completely
|
||||
SIGNING_KEY = {{ .Values.gitea.repository.signing.signingKey }}
|
||||
; If a SIGNING_KEY ID is provided and is not set to default, use the provided Name and Email address as the signer.
|
||||
; These should match a publicized name and email address for the key. (When SIGNING_KEY is default these are set to
|
||||
; the results of git config --get user.name and git config --get user.email respectively and can only be overrided
|
||||
; by setting the SIGNING_KEY ID to the correct ID.)
|
||||
SIGNING_NAME = {{ .Values.gitea.repository.signing.signingName }}
|
||||
SIGNING_EMAIL = {{ .Values.gitea.repository.signing.signingEmail }}
|
||||
; Determines when gitea should sign the initial commit when creating a repository
|
||||
; Either:
|
||||
; - never
|
||||
; - pubkey: only sign if the user has a pubkey
|
||||
; - twofa: only sign if the user has logged in with twofa
|
||||
; - always
|
||||
; options other than none and always can be combined as comma separated list
|
||||
INITIAL_COMMIT = {{ .Values.gitea.repository.signing.initialCommit }}
|
||||
; Determines when to sign for CRUD actions
|
||||
; - as above
|
||||
; - parentsigned: requires that the parent commit is signed.
|
||||
CRUD_ACTIONS = {{ .Values.gitea.repository.signing.crudActions }}
|
||||
; Determines when to sign Wiki commits
|
||||
; - as above
|
||||
WIKI = {{ .Values.gitea.repository.signing.wiki }}
|
||||
; Determines when to sign on merges
|
||||
; - basesigned: require that the parent of commit on the base repo is signed.
|
||||
; - commitssigned: require that all the commits in the head branch are signed.
|
||||
; - approved: only sign when merging an approved pr to a protected branch
|
||||
MERGES = {{ .Values.gitea.repository.signing.merges }}
|
||||
|
||||
[ui]
|
||||
; Number of repositories that are displayed on one explore page
|
||||
EXPLORE_PAGING_NUM = {{ .Values.gitea.ui.explorePagingNum }}
|
||||
; Number of issues that are displayed on one page
|
||||
ISSUE_PAGING_NUM = {{ .Values.gitea.ui.issuePagingNum }}
|
||||
MEMBERS_PAGING_NUM = {{ .Values.gitea.ui.membersPagingNum }}
|
||||
; Number of maximum commits displayed in one activity feed
|
||||
FEED_MAX_COMMIT_NUM = {{ .Values.gitea.ui.feedMaxCommitNum }}
|
||||
; Number of maximum commits displayed in commit graph.
|
||||
GRAPH_MAX_COMMIT_NUM = {{ .Values.gitea.ui.graphMaxCommitNum }}
|
||||
; Number of line of codes shown for a code comment
|
||||
CODE_COMMENT_LINES = {{ .Values.gitea.ui.codeCommentLines }}
|
||||
; Value of `theme-color` meta tag, used by Android >= 5.0
|
||||
; An invalid color like "none" or "disable" will have the default style
|
||||
; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android
|
||||
THEME_COLOR_META_TAG = {{ .Values.gitea.ui.themeColorMetaTag }}
|
||||
; Max size of files to be displayed (default is 8MiB)
|
||||
MAX_DISPLAY_FILE_SIZE = {{ .Values.gitea.ui.maxDisplayFileSize }}
|
||||
; Whether the email of the user should be shown in the Explore Users page
|
||||
SHOW_USER_EMAIL = {{ .Values.gitea.ui.showUserMail }}
|
||||
; Set the default theme for the Gitea install
|
||||
DEFAULT_THEME = {{ .Values.gitea.ui.defaultTheme }}
|
||||
; All available themes. Allow users select personalized themes regardless of the value of `DEFAULT_THEME`.
|
||||
THEMES = gitea,arc-green
|
||||
;All available reactions users can choose on issues/prs and comments.
|
||||
;Values can be emoji alias (:smile:) or a unicode emoji.
|
||||
;For custom reactions, add a tightly cropped square image to public/emoji/img/reaction_name.png
|
||||
REACTIONS = +1, -1, laugh, hooray, confused, heart, rocket, eyes
|
||||
; Whether the full name of the users should be shown where possible. If the full name isn't set, the username will be used.
|
||||
DEFAULT_SHOW_FULL_NAME = {{ .Values.gitea.ui.defaultShowFullName }}
|
||||
; Whether to search within description at repository search on explore page.
|
||||
SEARCH_REPO_DESCRIPTION = {{ .Values.gitea.ui.searchRepoDescription }}
|
||||
; Whether to enable a Service Worker to cache frontend assets
|
||||
USE_SERVICE_WORKER = {{ .Values.gitea.ui.useServiceWorker }}
|
||||
|
||||
|
||||
[ui.admin]
|
||||
; Number of users that are displayed on one page
|
||||
USER_PAGING_NUM = 50
|
||||
; Number of repos that are displayed on one page
|
||||
REPO_PAGING_NUM = 50
|
||||
; Number of notices that are displayed on one page
|
||||
NOTICE_PAGING_NUM = 25
|
||||
; Number of organizations that are displayed on one page
|
||||
ORG_PAGING_NUM = 50
|
||||
|
||||
[ui.user]
|
||||
; Number of repos that are displayed on one page
|
||||
REPO_PAGING_NUM = 15
|
||||
|
||||
[ui.meta]
|
||||
AUTHOR = Gitea - Git with a cup of tea
|
||||
DESCRIPTION = Gitea (Git with a cup of tea) is a painless self-hosted Git service written in Go
|
||||
KEYWORDS = go,git,self-hosted,gitea
|
||||
|
||||
[markdown]
|
||||
; Enable hard line break extension
|
||||
ENABLE_HARD_LINE_BREAK = false
|
||||
; List of custom URL-Schemes that are allowed as links when rendering Markdown
|
||||
; for example git,magnet
|
||||
CUSTOM_URL_SCHEMES =
|
||||
; List of file extensions that should be rendered/edited as Markdown
|
||||
; Separate the extensions with a comma. To render files without any extension as markdown, just put a comma
|
||||
FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd
|
||||
|
||||
[server]
|
||||
; PROTOCOL hardcoded to http since tls is delegated to ingress
|
||||
PROTOCOL = http
|
||||
{{- if .Values.gitea.server.http.externalDomain }}
|
||||
DOMAIN = {{ .Values.gitea.server.http.externalDomain }}
|
||||
{{ else }}
|
||||
DOMAIN = {{ include "gitea.fullname" . }}-http.{{ .Release.Namespace }}.svc.cluster.local
|
||||
{{ end }}
|
||||
{{ if .Values.ingress.tls }}
|
||||
{{- $proto := set . "proto" "https" }}
|
||||
{{- else -}}
|
||||
{{- $proto := set . "proto" "http" }}
|
||||
{{- end -}}
|
||||
{{- if and .Values.gitea.server.http.externalDomain ( .Values.gitea.server.http.externalPort ) }}
|
||||
ROOT_URL = {{ .proto }}://{{ .Values.gitea.server.http.externalDomain }}:{{ .Values.gitea.server.http.externalPort }}/
|
||||
{{- else if .Values.gitea.server.http.externalDomain }}
|
||||
ROOT_URL = {{ .proto }}://{{ .Values.gitea.server.http.externalDomain }}/
|
||||
{{- else }}
|
||||
ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
|
||||
{{- end -}}
|
||||
; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
|
||||
HTTP_ADDR = 0.0.0.0
|
||||
HTTP_PORT = {{ .Values.service.http.port }}
|
||||
; If REDIRECT_OTHER_PORT is true, and PROTOCOL is set to https an http server
|
||||
; will be started on PORT_TO_REDIRECT and it will redirect plain, non-secure http requests to the main
|
||||
; ROOT_URL. Defaults are false for REDIRECT_OTHER_PORT and 80 for
|
||||
; PORT_TO_REDIRECT.
|
||||
REDIRECT_OTHER_PORT = false
|
||||
PORT_TO_REDIRECT = 80
|
||||
; Permission for unix socket
|
||||
UNIX_SOCKET_PERMISSION = 666
|
||||
; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
|
||||
; In most cases you do not need to change the default value.
|
||||
; Alter it only if your SSH server node is not the same as HTTP node.
|
||||
; Do not set this variable if PROTOCOL is set to 'unix'.
|
||||
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
|
||||
; Disable SSH feature when not available
|
||||
DISABLE_SSH = false
|
||||
; Whether to use the builtin SSH server or not.
|
||||
START_SSH_SERVER = false
|
||||
; Username to use for the builtin SSH server. If blank, then it is the value of RUN_USER.
|
||||
BUILTIN_SSH_SERVER_USER =
|
||||
; Domain name to be exposed in clone URL
|
||||
{{- if .Values.gitea.server.ssh.externalDomain }}
|
||||
SSH_DOMAIN = {{ .Values.gitea.server.ssh.externalDomain }}
|
||||
{{- else }}
|
||||
SSH_DOMAIN = {{ include "gitea.fullname" . }}-ssh.{{ .Release.Namespace }}.svc.cluster.local
|
||||
{{- end }}
|
||||
; THe network interface the builtin SSH server should listen on
|
||||
SSH_LISTEN_HOST =
|
||||
; Port number to be exposed in clone URL
|
||||
{{- if .Values.gitea.server.ssh.externalPort }}
|
||||
SSH_PORT = {{ .Values.gitea.server.ssh.externalPort }}
|
||||
{{- else }}
|
||||
SSH_PORT = {{ .Values.service.ssh.port }}
|
||||
{{- end }}
|
||||
; The port number the builtin SSH server should listen on
|
||||
SSH_LISTEN_PORT = {{ .Values.service.ssh.port }}
|
||||
; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
|
||||
SSH_ROOT_PATH =
|
||||
; Gitea will create a authorized_keys file by default when it is not using the internal ssh server
|
||||
; If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
|
||||
SSH_CREATE_AUTHORIZED_KEYS_FILE = true
|
||||
; For the built-in SSH server, choose the ciphers to support for SSH connections,
|
||||
; for system SSH this setting has no effect
|
||||
SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
|
||||
; For the built-in SSH server, choose the key exchange algorithms to support for SSH connections,
|
||||
; for system SSH this setting has no effect
|
||||
SSH_SERVER_KEY_EXCHANGES = diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256@libssh.org
|
||||
; For the built-in SSH server, choose the MACs to support for SSH connections,
|
||||
; for system SSH this setting has no effect
|
||||
SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1, hmac-sha1-96
|
||||
; Directory to create temporary files in when testing public keys using ssh-keygen,
|
||||
; default is the system temporary directory.
|
||||
SSH_KEY_TEST_PATH =
|
||||
; Path to ssh-keygen, default is 'ssh-keygen' which means the shell is responsible for finding out which one to call.
|
||||
SSH_KEYGEN_PATH = ssh-keygen
|
||||
; Enable SSH Authorized Key Backup when rewriting all keys, default is true
|
||||
SSH_BACKUP_AUTHORIZED_KEYS = true
|
||||
; Enable exposure of SSH clone URL to anonymous visitors, default is false
|
||||
SSH_EXPOSE_ANONYMOUS = false
|
||||
; Indicate whether to check minimum key size with corresponding type
|
||||
MINIMUM_KEY_SIZE_CHECK = false
|
||||
; Disable CDN even in "prod" mode
|
||||
OFFLINE_MODE = {{ .Values.gitea.server.offlineMode }}
|
||||
DISABLE_ROUTER_LOG = false
|
||||
; Generate steps:
|
||||
; $ ./gitea cert -ca=true -duration=8760h0m0s -host=myhost.example.com
|
||||
;
|
||||
; Or from a .pfx file exported from the Windows certificate store (do
|
||||
; not forget to export the private key):
|
||||
; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
|
||||
; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
|
||||
CERT_FILE = custom/https/cert.pem
|
||||
KEY_FILE = custom/https/key.pem
|
||||
; Root directory containing templates and static files.
|
||||
; default is the path where Gitea is executed
|
||||
STATIC_ROOT_PATH =
|
||||
; Default path for App data
|
||||
APP_DATA_PATH = data
|
||||
; Application level GZIP support
|
||||
ENABLE_GZIP = false
|
||||
; Application profiling (memory and cpu)
|
||||
; For "web" command it listens on localhost:6060
|
||||
; For "serve" command it dumps to disk at PPROF_DATA_PATH as (cpuprofile|memprofile)_<username>_<temporary id>
|
||||
ENABLE_PPROF = false
|
||||
; PPROF_DATA_PATH, use an absolute path when you start gitea as service
|
||||
PPROF_DATA_PATH = data/tmp/pprof
|
||||
; Landing page, can be "home", "explore", or "organizations"
|
||||
LANDING_PAGE = home
|
||||
; Enables git-lfs support. true or false, default is false.
|
||||
LFS_START_SERVER = false
|
||||
; Where your lfs files reside, default is data/lfs.
|
||||
LFS_CONTENT_PATH = data/lfs
|
||||
; LFS authentication secret, change this yourself
|
||||
LFS_JWT_SECRET =
|
||||
; LFS authentication validity period (in time.Duration), pushes taking longer than this may fail.
|
||||
LFS_HTTP_AUTH_EXPIRY = 20m
|
||||
|
||||
; Define allowed algorithms and their minimum key length (use -1 to disable a type)
|
||||
[ssh.minimum_key_sizes]
|
||||
ED25519 = 256
|
||||
ECDSA = 256
|
||||
RSA = 2048
|
||||
DSA = 1024
|
||||
|
||||
[database]
|
||||
{{- if .Values.gitea.database.builtIn.postgresql.enabled }}
|
||||
DB_TYPE = postgres
|
||||
HOST = {{ include "postgresql.dns" . }}
|
||||
NAME = {{ .Values.postgresql.global.postgresql.postgresqlDatabase }}
|
||||
USER = {{ .Values.postgresql.global.postgresql.postgresqlUsername }}
|
||||
PASSWD = {{ .Values.postgresql.global.postgresql.postgresqlPassword }}
|
||||
{{ else if .Values.gitea.database.builtIn.mysql.enabled }}
|
||||
DB_TYPE = mysql
|
||||
HOST = {{ include "mysql.dns" . }}
|
||||
NAME = {{ .Values.mysql.mysqlDatabase }}
|
||||
USER = {{ .Values.mysql.mysqlUser }}
|
||||
PASSWD = {{ .Values.mysql.mysqlPassword }}
|
||||
{{ else }}
|
||||
; Database to use. Either "mysql", "postgres", "mssql" or "sqlite3".
|
||||
DB_TYPE = {{ .Values.gitea.database.external.type }}
|
||||
HOST = {{ .Values.gitea.database.external.host }}:{{ .Values.gitea.database.external.port }}
|
||||
NAME = {{ .Values.gitea.database.external.name }}
|
||||
USER = {{ .Values.gitea.database.external.user }}
|
||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||
PASSWD = {{ .Values.gitea.database.external.password }}
|
||||
; For Postgres, schema to use if different from "public". The schema must exist beforehand,
|
||||
; the user must have creation privileges on it, and the user search path must be set
|
||||
; to the look into the schema first. e.g.:ALTER USER user SET SEARCH_PATH = schema_name,"$user",public;
|
||||
SCHEMA = {{ .Values.gitea.database.external.schema }}
|
||||
{{ end }}
|
||||
; For Postgres, either "disable" (default), "require", or "verify-full"
|
||||
; For MySQL, either "false" (default), "true", or "skip-verify"
|
||||
SSL_MODE = {{ .Values.gitea.database.sslMode }}
|
||||
; For MySQL only, either "utf8" or "utf8mb4", default is "utf8mb4".
|
||||
; NOTICE: for "utf8mb4" you must use MySQL InnoDB > 5.6. Gitea is unable to check this.
|
||||
CHARSET = {{ .Values.gitea.database.charset }}
|
||||
; For "sqlite3" and "tidb", use an absolute path when you start gitea as service
|
||||
PATH = {{ .Values.gitea.database.path }}
|
||||
; For "sqlite3" only. Query timeout
|
||||
SQLITE_TIMEOUT = {{ .Values.gitea.database.sqlLiteTimeout }}
|
||||
; For iterate buffer, default is 50
|
||||
ITERATE_BUFFER_SIZE = {{ .Values.gitea.database.iterateBufferSize }}
|
||||
; Show the database generated SQL
|
||||
LOG_SQL = {{ .Values.gitea.database.logSql }}
|
||||
; Maximum number of DB Connect retries
|
||||
DB_RETRIES = {{ .Values.gitea.database.dbRetries }}
|
||||
; Backoff time per DB retry (time.Duration)
|
||||
DB_RETRY_BACKOFF = {{ .Values.gitea.database.dbRetryBackoff }}
|
||||
; Max idle database connections on connnection pool, default is 2
|
||||
MAX_IDLE_CONNS = {{ .Values.gitea.database.maxIdleConns }}
|
||||
; Database connection max life time, default is 0 or 3s mysql (See #6804 & #7071 for reasoning)
|
||||
CONN_MAX_LIFETIME = {{ .Values.gitea.database.connMaxLifetime }}
|
||||
; Database maximum number of open connections, default is 0 meaning no maximum
|
||||
MAX_OPEN_CONNS = {{ .Values.gitea.database.maxOpenConns }}
|
||||
|
||||
[indexer]
|
||||
ISSUE_INDEXER_PATH = indexers/issues.bleve
|
||||
; repo indexer by default disabled, since it uses a lot of disk space
|
||||
REPO_INDEXER_ENABLED = false
|
||||
REPO_INDEXER_PATH = indexers/repos.bleve
|
||||
UPDATE_BUFFER_LEN = 20
|
||||
MAX_FILE_SIZE = 1048576
|
||||
|
||||
[admin]
|
||||
; Disallow regular (non-admin) users from creating organizations.
|
||||
DISABLE_REGULAR_ORG_CREATION = {{ .Values.gitea.admin.disableRegularOrgCreation }}
|
||||
; Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled
|
||||
DEFAULT_EMAIL_NOTIFICATIONS = {{ .Values.gitea.admin.defaultEmailNotifications }}
|
||||
|
||||
[security]
|
||||
; Whether the installer is disabled
|
||||
INSTALL_LOCK = {{ .Values.gitea.security.installLock }}
|
||||
; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
|
||||
SECRET_KEY = {{ .Values.gitea.security.secretKey }}
|
||||
; How long to remember that a user is logged in before requiring relogin (in days)
|
||||
LOGIN_REMEMBER_DAYS = {{ .Values.gitea.security.loginRememberDays }}
|
||||
COOKIE_USERNAME = {{ .Values.gitea.security.cookieUsername }}
|
||||
COOKIE_REMEMBER_NAME = {{ .Values.gitea.security.cookieRememberName }}
|
||||
; Reverse proxy authentication header name of user name
|
||||
REVERSE_PROXY_AUTHENTICATION_USER = {{ .Values.gitea.security.reverseProxyAuthUser }}
|
||||
REVERSE_PROXY_AUTHENTICATION_EMAIL = {{ .Values.gitea.security.reverseProxyAuthEmail }}
|
||||
; The minimum password length for new Users
|
||||
MIN_PASSWORD_LENGTH = {{ .Values.gitea.security.minPasswordLength }}
|
||||
; Set to true to allow users to import local server paths
|
||||
IMPORT_LOCAL_PATHS = {{ .Values.gitea.security.importLocalPaths }}
|
||||
; Set to true to prevent all users (including admin) from creating custom git hooks
|
||||
DISABLE_GIT_HOOKS = {{ .Values.gitea.security.disabledGitHooks }}
|
||||
; Set to false to allow pushes to gitea repositories despite having an incomplete environment - NOT RECOMMENDED
|
||||
ONLY_ALLOW_PUSH_IF_GITEA_ENVIRONMENT_SET = {{ .Values.gitea.security.onlyAllowPushIfGiteaEnvSet }}
|
||||
;Comma separated list of character classes required to pass minimum complexity.
|
||||
;If left empty or no valid values are specified, the default values ("lower,upper,digit,spec") will be used.
|
||||
;Use "off" to disable checking.
|
||||
PASSWORD_COMPLEXITY = {{ .Values.gitea.security.passwordComplexity }}
|
||||
; Password Hash algorithm, either "pbkdf2", "argon2", "scrypt" or "bcrypt"
|
||||
PASSWORD_HASH_ALGO = {{ .Values.gitea.security.passwordHashAlgo }}
|
||||
; Set false to allow JavaScript to read CSRF cookie
|
||||
CSRF_COOKIE_HTTP_ONLY = {{ .Values.gitea.security.crsfCookieHttpOnly }}
|
||||
|
||||
[openid]
|
||||
;
|
||||
; OpenID is an open, standard and decentralized authentication protocol.
|
||||
; Your identity is the address of a webpage you provide, which describes
|
||||
; how to prove you are in control of that page.
|
||||
;
|
||||
; For more info: https://en.wikipedia.org/wiki/OpenID
|
||||
;
|
||||
; Current implementation supports OpenID-2.0
|
||||
;
|
||||
; Tested to work providers at the time of writing:
|
||||
; - Any GNUSocial node (your.hostname.tld/username)
|
||||
; - Any SimpleID provider (http://simpleid.koinic.net)
|
||||
; - http://openid.org.cn/
|
||||
; - openid.stackexchange.com
|
||||
; - login.launchpad.net
|
||||
; - <username>.livejournal.com
|
||||
;
|
||||
; Whether to allow signin in via OpenID
|
||||
ENABLE_OPENID_SIGNIN = {{ .Values.gitea.openid.enableOpenidSignin }}
|
||||
; Whether to allow registering via OpenID
|
||||
; Do not include to rely on rhw DISABLE_REGISTRATION setting
|
||||
;ENABLE_OPENID_SIGNUP = {{ .Values.gitea.openid.enableOpenidSignup }}
|
||||
; Allowed URI patterns (POSIX regexp).
|
||||
; Space separated.
|
||||
; Only these would be allowed if non-blank.
|
||||
; Example value: trusted.domain.org trusted.domain.net
|
||||
WHITELISTED_URIS = {{ .Values.gitea.openid.whitelistedUris }}
|
||||
; Forbidden URI patterns (POSIX regexp).
|
||||
; Space separated.
|
||||
; Only used if WHITELISTED_URIS is blank.
|
||||
; Example value: loadaverage.org/badguy stackexchange.com/.*spammer
|
||||
BLACKLISTED_URIS = {{ .Values.gitea.openid.blacklistedUris }}
|
||||
|
||||
[service]
|
||||
; Time limit to confirm account/email registration
|
||||
ACTIVE_CODE_LIVE_MINUTES = {{ .Values.gitea.service.activeCodeLiveMinutes }}
|
||||
; Time limit to perform the reset of a forgotten password
|
||||
RESET_PASSWD_CODE_LIVE_MINUTES = {{ .Values.gitea.service.resetPasswordCodeLiveMinutes }}
|
||||
; Whether a new user needs to confirm their email when registering.
|
||||
REGISTER_EMAIL_CONFIRM = {{ .Values.gitea.service.registerEmailConfirm }}
|
||||
; List of domain names that are allowed to be used to register on a Gitea instance
|
||||
; gitea.io,example.com
|
||||
EMAIL_DOMAIN_WHITELIST= {{ .Values.gitea.service.emailDomainWhitelist }}
|
||||
; Disallow registration, only allow admins to create accounts.
|
||||
DISABLE_REGISTRATION = {{ .Values.gitea.service.disableRegistration }}
|
||||
; Allow registration only using third-party services, it works only when DISABLE_REGISTRATION is false
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ .Values.gitea.service.allowOnlyExternalRegistration }}
|
||||
; User must sign in to view anything.
|
||||
REQUIRE_SIGNIN_VIEW = {{ .Values.gitea.service.requireSigninView }}
|
||||
; Mail notification
|
||||
ENABLE_NOTIFY_MAIL = {{ .Values.gitea.service.enableNotifyMail }}
|
||||
; This setting enables gitea to be signed in with HTTP BASIC Authentication using the user's password
|
||||
; If you set this to false you will not be able to access the tokens endpoints on the API with your password
|
||||
; Please note that setting this to false will not disable OAuth Basic or Basic authentication using a token
|
||||
ENABLE_BASIC_AUTHENTICATION = {{ .Values.gitea.service.enableBasicAuth }}
|
||||
; More detail: https://github.com/gogits/gogs/issues/165
|
||||
ENABLE_REVERSE_PROXY_AUTHENTICATION = {{ .Values.gitea.service.enableReverseProxyAuth }}
|
||||
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = {{ .Values.gitea.service.enableReverseProxyAutoRegistration }}
|
||||
ENABLE_REVERSE_PROXY_EMAIL = {{ .Values.gitea.service.enableReverseProxyEmail }}
|
||||
; Enable captcha validation for registration
|
||||
ENABLE_CAPTCHA = {{ .Values.gitea.service.enableCaptcha }}
|
||||
; Type of captcha you want to use. Options: image, recaptcha
|
||||
CAPTCHA_TYPE = {{ .Values.gitea.service.captchaType }}
|
||||
; Enable recaptcha to use Google's recaptcha service
|
||||
; Go to https://www.google.com/recaptcha/admin to sign up for a key
|
||||
RECAPTCHA_SECRET = {{ .Values.gitea.service.recaptchaSecret }}
|
||||
RECAPTCHA_SITEKEY = {{ .Values.gitea.service.recaptchaSiteKey }}
|
||||
; Change this to use recaptcha.net or other recaptcha service
|
||||
RECAPTCHA_URL = {{ .Values.gitea.service.racaptchaUrl }}
|
||||
; Default value for KeepEmailPrivate
|
||||
; Each new user will get the value of this setting copied into their profile
|
||||
DEFAULT_KEEP_EMAIL_PRIVATE = {{ .Values.gitea.service.defaultKeepEmailPrivate }}
|
||||
; Default value for AllowCreateOrganization
|
||||
; Every new user will have rights set to create organizations depending on this setting
|
||||
DEFAULT_ALLOW_CREATE_ORGANIZATION = {{ .Values.gitea.service.deaultAllowCreateOrg }}
|
||||
; Either "public", "limited" or "private", default is "public"
|
||||
; Limited is for signed user only
|
||||
; Private is only for member of the organization
|
||||
; Public is for everyone
|
||||
DEFAULT_ORG_VISIBILITY = {{ .Values.gitea.service.defaultOrgVisibility }}
|
||||
; Default value for DefaultOrgMemberVisible
|
||||
; True will make the membership of the users visible when added to the organisation
|
||||
DEFAULT_ORG_MEMBER_VISIBLE = {{ .Values.gitea.service.defaultOrgMemberVisible }}
|
||||
; Default value for EnableDependencies
|
||||
; Repositories will use dependencies by default depending on this setting
|
||||
DEFAULT_ENABLE_DEPENDENCIES = {{ .Values.gitea.service.defaultEnableDependencies }}
|
||||
; Dependencies can be added from any repository where the user is granted access or only from the current repository depending on this setting.
|
||||
ALLOW_CROSS_REPOSITORY_DEPENDENCIES = {{ .Values.gitea.service.allowCrossRepositoryDependencies }}
|
||||
; Enable heatmap on users profiles.
|
||||
ENABLE_USER_HEATMAP = {{ .Values.gitea.service.enableUserHeatmap }}
|
||||
; Enable Timetracking
|
||||
ENABLE_TIMETRACKING = {{ .Values.gitea.service.enableTimeTracking }}
|
||||
; Default value for EnableTimetracking
|
||||
; Repositories will use timetracking by default depending on this setting
|
||||
DEFAULT_ENABLE_TIMETRACKING = {{ .Values.gitea.service.defaultEnableTimeTracking}}
|
||||
; Default value for AllowOnlyContributorsToTrackTime
|
||||
; Only users with write permissions can track time if this is true
|
||||
DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = {{ .Values.gitea.service.defaultAllowOnlyContributorsToTrackTime }}
|
||||
; Default value for the domain part of the user's email address in the git log
|
||||
; if he has set KeepEmailPrivate to true. The user's email will be replaced with a
|
||||
; concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.
|
||||
NO_REPLY_ADDRESS = {{ .Values.gitea.service.noReplyAddress }}
|
||||
; Show Registration button
|
||||
SHOW_REGISTRATION_BUTTON = {{ .Values.gitea.service.showRegistrationButton }}
|
||||
; Show milestones dashboard page - a view of all the user's milestones
|
||||
SHOW_MILESTONES_DASHBOARD_PAGE = {{ .Values.gitea.service.showMilestonesDashboardPage }}
|
||||
; Default value for AutoWatchNewRepos
|
||||
; When adding a repo to a team or creating a new repo all team members will watch the
|
||||
; repo automatically if enabled
|
||||
AUTO_WATCH_NEW_REPOS = {{ .Values.gitea.service.autoWatchNewRepos }}
|
||||
; Default value for AutoWatchOnChanges
|
||||
; Make the user watch a repository When they commit for the first time
|
||||
AUTO_WATCH_ON_CHANGES = {{ .Values.gitea.service.autoWatchOnChanges }}
|
||||
|
||||
[webhook]
|
||||
; Hook task queue length, increase if webhook shooting starts hanging
|
||||
QUEUE_LENGTH = {{ .Values.gitea.webhook.queueLength }}
|
||||
; Deliver timeout in seconds
|
||||
DELIVER_TIMEOUT = {{ .Values.gitea.webhook.deliverTimeout }}
|
||||
; Allow insecure certification
|
||||
SKIP_TLS_VERIFY = {{ .Values.gitea.webhook.skipTlsVerify }}
|
||||
; Number of history information in each page
|
||||
PAGING_NUM = {{ .Values.gitea.webhook.pagingNum }}
|
||||
|
||||
[mailer]
|
||||
ENABLED = {{ .Values.gitea.mailer.enabled }}
|
||||
; Buffer length of channel, keep it as it is if you don't know what it is.
|
||||
SEND_BUFFER_LEN = {{ .Values.gitea.mailer.sendBufferLen }}
|
||||
; Prefix displayed before subject in mail
|
||||
SUBJECT_PREFIX = {{ .Values.gitea.mailer.subjectPrefix }}
|
||||
; Mail server
|
||||
; Gmail: smtp.gmail.com:587
|
||||
; QQ: smtp.qq.com:465
|
||||
; Using STARTTLS on port 587 is recommended per RFC 6409.
|
||||
; Note, if the port ends with "465", SMTPS will be used.
|
||||
HOST = {{ .Values.gitea.mailer.host }}
|
||||
; Disable HELO operation when hostnames are different.
|
||||
DISABLE_HELO = {{ .Values.gitea.mailer.disableHelo }}
|
||||
; Custom hostname for HELO operation, if no value is provided, one is retrieved from system.
|
||||
HELO_HOSTNAME = {{ .Values.gitea.mailer.heloHostname }}
|
||||
; Do not verify the certificate of the server. Only use this for self-signed certificates
|
||||
SKIP_VERIFY = {{ .Values.gitea.mailer.skipVerify }}
|
||||
; Use client certificate
|
||||
USE_CERTIFICATE = {{ .Values.gitea.mailer.useCertificate }}
|
||||
CERT_FILE = {{ .Values.gitea.mailer.certFile }}
|
||||
KEY_FILE = {{ .Values.gitea.mailer.keyFile }}
|
||||
; Should SMTP connect with TLS, (if port ends with 465 TLS will always be used.)
|
||||
; If this is false but STARTTLS is supported the connection will be upgraded to TLS opportunistically.
|
||||
IS_TLS_ENABLED = {{ .Values.gitea.mailer.isTlsEnabled }}
|
||||
; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
|
||||
FROM = {{ .Values.gitea.mailer.from }}
|
||||
; Mailer user name and password
|
||||
; Please Note: Authentication is only supported when the SMTP server communication is encrypted with TLS (this can be via STARTTLS) or `HOST=localhost`.
|
||||
USER = {{ .Values.gitea.mailer.user }}
|
||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||
PASSWD = {{ .Values.gitea.mailer.password }}
|
||||
; Send mails as plain text
|
||||
SEND_AS_PLAIN_TEXT = {{ .Values.gitea.mailer.sendAsPlainText }}
|
||||
; Set Mailer Type (either SMTP, sendmail or dummy to just send to the log)
|
||||
MAILER_TYPE = {{ .Values.gitea.mailer.mailerType }}
|
||||
; Specify an alternative sendmail binary
|
||||
SENDMAIL_PATH = {{ .Values.gitea.mailer.sendMailPath }}
|
||||
; Specify any extra sendmail arguments
|
||||
SENDMAIL_ARGS = {{ .Values.gitea.mailer.sendMailArgs }}
|
||||
; Timeout for Sendmail
|
||||
SENDMAIL_TIMEOUT = {{ .Values.gitea.mailer.sendMailTimeout }}
|
||||
|
||||
[cache]
|
||||
; if the cache enabled
|
||||
ENABLED = {{ .Values.gitea.cache.enabled }}
|
||||
{{- if .Values.gitea.cache.builtIn.enabled }}
|
||||
; Either "memory", "redis", or "memcache", default is "memory"
|
||||
ADAPTER = memcache
|
||||
; For "redis" and "memcache", connection host address
|
||||
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
|
||||
; memcache: `127.0.0.1:11211`
|
||||
HOST = {{ include "memcached.dns" . }}
|
||||
{{ else }}
|
||||
ADAPTER = {{ .Values.gitea.cache.external.adapter }}
|
||||
; For "redis" and "memcache", connection host address
|
||||
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
|
||||
; memcache: `127.0.0.1:11211`
|
||||
HOST = {{ .Values.gitea.cache.external.host }}
|
||||
{{ end }}
|
||||
; For "memory" only, GC interval in seconds, default is 60
|
||||
INTERVAL = {{ .Values.gitea.cache.interval }}
|
||||
; Time to keep items in cache if not used, default is 16 hours.
|
||||
; Setting it to 0 disables caching
|
||||
ITEM_TTL = {{ .Values.gitea.cache.itemTTL }}
|
||||
|
||||
; Last commit cache
|
||||
[cache.last_commit]
|
||||
; if the cache enabled
|
||||
ENABLED = {{ .Values.gitea.cache.lastCommit.enabled }}
|
||||
; Time to keep items in cache if not used, default is 8760 hours.
|
||||
; Setting it to 0 disables caching
|
||||
ITEM_TTL = {{ .Values.gitea.cache.lastCommit.itemTTL }}
|
||||
; Only enable the cache when repository's commits count great than
|
||||
COMMITS_COUNT = {{ .Values.gitea.cache.lastCommit.commitCount }}
|
||||
|
||||
[session]
|
||||
; Either "memory", "file", or "redis", default is "memory"
|
||||
PROVIDER = memory
|
||||
; Provider config options
|
||||
; memory: doesn't have any config yet
|
||||
; file: session file path, e.g. `data/sessions`
|
||||
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
|
||||
; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
|
||||
PROVIDER_CONFIG = data/sessions
|
||||
; Session cookie name
|
||||
COOKIE_NAME = i_like_gitea
|
||||
; If you use session in https only, default is false
|
||||
COOKIE_SECURE = false
|
||||
; Enable set cookie, default is true
|
||||
ENABLE_SET_COOKIE = true
|
||||
; Session GC time interval in seconds, default is 86400 (1 day)
|
||||
GC_INTERVAL_TIME = 86400
|
||||
; Session life time in seconds, default is 86400 (1 day)
|
||||
SESSION_LIFE_TIME = 86400
|
||||
|
||||
[picture]
|
||||
AVATAR_UPLOAD_PATH = data/avatars
|
||||
; Max Width and Height of uploaded avatars. This is to limit the amount of RAM
|
||||
; used when resizing the image.
|
||||
AVATAR_MAX_WIDTH = 4096
|
||||
AVATAR_MAX_HEIGHT = 3072
|
||||
; Chinese users can choose "duoshuo"
|
||||
; or a custom avatar source, like: http://cn.gravatar.com/avatar/
|
||||
GRAVATAR_SOURCE = gravatar
|
||||
; This value will always be true in offline mode.
|
||||
DISABLE_GRAVATAR = false
|
||||
; Federated avatar lookup uses DNS to discover avatar associated
|
||||
; with emails, see https://www.libravatar.org
|
||||
; This value will always be false in offline mode or when Gravatar is disabled.
|
||||
ENABLE_FEDERATED_AVATAR = false
|
||||
|
||||
[attachment]
|
||||
; Whether attachments are enabled. Defaults to `true`
|
||||
ENABLED = {{ .Values.gitea.attachment.enabled }}
|
||||
; Path for attachments. Defaults to `data/attachments`
|
||||
PATH = {{ .Values.gitea.attachment.path }}
|
||||
; One or more allowed types, e.g. image/jpeg|image/png
|
||||
ALLOWED_TYPES = {{ .Values.gitea.attachment.allowedTypes }}
|
||||
; Max size of each file. Defaults to 4MB
|
||||
MAX_SIZE = {{ .Values.gitea.attachment.maxSize }}
|
||||
; Max number of files per upload. Defaults to 5
|
||||
MAX_FILES = {{ .Values.gitea.attachment.maxFiles }}
|
||||
|
||||
[log]
|
||||
ROOT_PATH = {{ .Values.gitea.log.rootPath }}
|
||||
; Either "console", "file", "conn", "smtp" or "database", default is "console"
|
||||
; Use comma to separate multiple modes, e.g. "console, file"
|
||||
MODE = {{ .Values.gitea.log.mode }}
|
||||
; Buffer length of the channel, keep it as it is if you don't know what it is.
|
||||
BUFFER_LEN = {{ .Values.gitea.log.bufferLen }}
|
||||
REDIRECT_MACARON_LOG = {{ .Values.gitea.log.redirectMacaronLog }}
|
||||
MACARON = {{ .Values.gitea.log.macaron }}
|
||||
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Info"
|
||||
ROUTER_LOG_LEVEL = {{ .Values.gitea.log.routerLogLevel }}
|
||||
ROUTER = {{ .Values.gitea.log.router }}
|
||||
ENABLE_ACCESS_LOG = {{ .Values.gitea.log.enableAccessLog }}
|
||||
ACCESS = {{ .Values.gitea.log.access }}
|
||||
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
|
||||
LEVEL = {{ .Values.gitea.log.level }}
|
||||
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "None"
|
||||
STACKTRACE_LEVEL = {{ .Values.gitea.log.stackTraceLevel }}
|
||||
|
||||
; Generic log modes
|
||||
[log.x]
|
||||
FLAGS = {{ .Values.gitea.log.x.flags }}
|
||||
EXPRESSION = {{ .Values.gitea.log.x.expression }}
|
||||
PREFIX = {{ .Values.gitea.log.x.prefix }}
|
||||
COLORIZE = {{ .Values.gitea.log.x.colorize }}
|
||||
|
||||
; For "console" mode only
|
||||
[log.console]
|
||||
LEVEL = {{ .Values.gitea.log.console.level }}
|
||||
luhahn marked this conversation as resolved
Outdated
|
||||
STDERR = {{ .Values.gitea.log.console.stderr }}
|
||||
|
||||
; For "file" mode only
|
||||
[log.file]
|
||||
LEVEL = {{ .Values.gitea.log.file.level }}
|
||||
; Set the file_name for the logger. If this is a relative path this
|
||||
; will be relative to ROOT_PATH
|
||||
FILE_NAME = {{ .Values.gitea.log.file.fileName }}
|
||||
; This enables automated log rotate(switch of following options), default is true
|
||||
LOG_ROTATE = {{ .Values.gitea.log.file.logRotate }}
|
||||
; Max number of lines in a single file, default is 1000000
|
||||
MAX_LINES = {{ .Values.gitea.log.file.maxLines }}
|
||||
; Max size shift of a single file, default is 28 means 1 << 28, 256MB
|
||||
MAX_SIZE_SHIFT = {{ .Values.gitea.log.file.maxSizeShift }}
|
||||
; Segment log daily, default is true
|
||||
DAILY_ROTATE = {{ .Values.gitea.log.file.dailyRotate }}
|
||||
; delete the log file after n days, default is 7
|
||||
MAX_DAYS = {{ .Values.gitea.log.file.maxDays }}
|
||||
; compress logs with gzip
|
||||
COMPRESS = {{ .Values.gitea.log.file.compress }}
|
||||
; compression level see godoc for compress/gzip
|
||||
COMPRESSION_LEVEL = {{ .Values.gitea.log.file.compressionLeveL }}
|
||||
|
||||
; For "conn" mode only
|
||||
[log.conn]
|
||||
LEVEL = {{ .Values.gitea.log.conn.level }}
|
||||
; Reconnect host for every single message, default is false
|
||||
RECONNECT_ON_MSG = {{ .Values.gitea.log.conn.reconnOnMsg }}
|
||||
; Try to reconnect when connection is lost, default is false
|
||||
RECONNECT = {{ .Values.gitea.log.conn.reconnect }}
|
||||
; Either "tcp", "unix" or "udp", default is "tcp"
|
||||
PROTOCOL = {{ .Values.gitea.log.conn.protocol }}
|
||||
; Host address
|
||||
ADDR = {{ .Values.gitea.log.conn.addr }}
|
||||
|
||||
; For "smtp" mode only
|
||||
[log.smtp]
|
||||
LEVEL = {{ .Values.gitea.log.smtp.level }}
|
||||
; Name displayed in mail title, default is "Diagnostic message from server"
|
||||
SUBJECT = {{ .Values.gitea.log.smtp.subject }}
|
||||
; Mail server
|
||||
HOST = {{ .Values.gitea.log.smtp.host }}
|
||||
; Mailer user name and password
|
||||
USER = {{ .Values.gitea.log.smtp.user }}
|
||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||
PASSWD = {{ .Values.gitea.log.smtp.password }}
|
||||
; Receivers, can be one or more, e.g. 1@example.com,2@example.com
|
||||
RECEIVERS = {{ .Values.gitea.log.smtp.receivers }}
|
||||
|
||||
[cron]
|
||||
; Enable running cron tasks periodically.
|
||||
ENABLED = true
|
||||
; Run cron tasks when Gitea starts.
|
||||
RUN_AT_START = false
|
||||
|
||||
; Update mirrors
|
||||
[cron.update_mirrors]
|
||||
SCHEDULE = @every 10m
|
||||
|
||||
; Repository health check
|
||||
[cron.repo_health_check]
|
||||
SCHEDULE = @every 24h
|
||||
TIMEOUT = 60s
|
||||
; Arguments for command 'git fsck', e.g. "--unreachable --tags"
|
||||
; see more on http://git-scm.com/docs/git-fsck
|
||||
ARGS =
|
||||
|
||||
; Check repository statistics
|
||||
[cron.check_repo_stats]
|
||||
RUN_AT_START = true
|
||||
SCHEDULE = @every 24h
|
||||
|
||||
; Clean up old repository archives
|
||||
[cron.archive_cleanup]
|
||||
; Whether to enable the job
|
||||
ENABLED = true
|
||||
; Whether to always run at least once at start up time (if ENABLED)
|
||||
RUN_AT_START = true
|
||||
; Time interval for job to run
|
||||
SCHEDULE = @every 24h
|
||||
; Archives created more than OLDER_THAN ago are subject to deletion
|
||||
OLDER_THAN = 24h
|
||||
|
||||
; Synchronize external user data (only LDAP user synchronization is supported)
|
||||
[cron.sync_external_users]
|
||||
; Synchronize external user data when starting server (default false)
|
||||
RUN_AT_START = false
|
||||
; Interval as a duration between each synchronization (default every 24h)
|
||||
SCHEDULE = @every 24h
|
||||
; Create new users, update existing user data and disable users that are not in external source anymore (default)
|
||||
; or only create new users if UPDATE_EXISTING is set to false
|
||||
UPDATE_EXISTING = true
|
||||
|
||||
[git]
|
||||
; The path of git executable. If empty, Gitea searches through the PATH environment.
|
||||
PATH = {{ .Values.gitea.git.path }}
|
||||
; Disables highlight of added and removed changes
|
||||
DISABLE_DIFF_HIGHLIGHT = {{ .Values.gitea.git.disableDiffHighlight }}
|
||||
; Max number of lines allowed in a single file in diff view
|
||||
MAX_GIT_DIFF_LINES = {{ .Values.gitea.git.maxGitDiffLines }}
|
||||
; Max number of allowed characters in a line in diff view
|
||||
MAX_GIT_DIFF_LINE_CHARACTERS = {{ .Values.gitea.git.maxGitDiffLineChars }}
|
||||
; Max number of files shown in diff view
|
||||
MAX_GIT_DIFF_FILES = {{ .Values.gitea.git.maxGitDiffFiles }}
|
||||
; Arguments for command 'git gc', e.g. "--aggressive --auto"
|
||||
; see more on http://git-scm.com/docs/git-gc/
|
||||
GC_ARGS = {{ .Values.gitea.git.gcArgs }}
|
||||
; If use git wire protocol version 2 when git version >= 2.18, default is true, set to false when you always want git wire protocol version 1
|
||||
ENABLE_AUTO_GIT_WIRE_PROTOCOL = {{ .Values.gitea.git.enableAutoGitWireProt }}
|
||||
; Respond to pushes to a non-default branch with a URL for creating a Pull Request (if the repository has them enabled)
|
||||
PULL_REQUEST_PUSH_MESSAGE = {{ .Values.gitea.git.pullRequestPushMessage }}
|
||||
|
||||
; Operation timeout in seconds
|
||||
[git.timeout]
|
||||
DEFAULT = {{ .Values.gitea.git.timeout.default }}
|
||||
MIGRATE = {{ .Values.gitea.git.timeout.migrate }}
|
||||
MIRROR = {{ .Values.gitea.git.timeout.mirror }}
|
||||
CLONE = {{ .Values.gitea.git.timeout.clone }}
|
||||
PULL = {{ .Values.gitea.git.timeout.pull }}
|
||||
GC = {{ .Values.gitea.git.timeout.gc }}
|
||||
|
||||
[mirror]
|
||||
; Default interval as a duration between each check
|
||||
DEFAULT_INTERVAL = 8h
|
||||
; Min interval as a duration must be > 1m
|
||||
MIN_INTERVAL = 10m
|
||||
|
||||
[api]
|
||||
; Enables Swagger. True or false; default is true.
|
||||
ENABLE_SWAGGER = true
|
||||
; Max number of items in a page
|
||||
MAX_RESPONSE_ITEMS = 50
|
||||
|
||||
[i18n]
|
||||
LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR
|
||||
NAMES = English,简体中文,繁體中文(香港),繁體中文(台灣),Deutsch,français,Nederlands,latviešu,русский,Українська,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어
|
||||
|
||||
; Used for datetimepicker
|
||||
[i18n.datelang]
|
||||
en-US = en
|
||||
zh-CN = zh
|
||||
zh-HK = zh-HK
|
||||
zh-TW = zh-TW
|
||||
de-DE = de
|
||||
fr-FR = fr
|
||||
nl-NL = nl
|
||||
lv-LV = lv
|
||||
ru-RU = ru
|
||||
uk-UA = uk
|
||||
ja-JP = ja
|
||||
es-ES = es
|
||||
pt-BR = pt-BR
|
||||
pl-PL = pl
|
||||
bg-BG = bg
|
||||
it-IT = it
|
||||
fi-FI = fi
|
||||
tr-TR = tr
|
||||
cs-CZ = cs-CZ
|
||||
sr-SP = sr
|
||||
sv-SE = sv
|
||||
ko-KR = ko
|
||||
|
||||
[U2F]
|
||||
; Two Factor authentication with security keys
|
||||
; https://developers.yubico.com/U2F/App_ID.html
|
||||
;APP_ID = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
|
||||
; Comma seperated list of truisted facets
|
||||
;TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
|
||||
|
||||
; Extension mapping to highlight class
|
||||
; e.g. .toml=ini
|
||||
[highlight.mapping]
|
||||
|
||||
[other]
|
||||
SHOW_FOOTER_BRANDING = false
|
||||
; Show version information about Gitea and Go in the footer
|
||||
SHOW_FOOTER_VERSION = true
|
||||
; Show template execution time in the footer
|
||||
SHOW_FOOTER_TEMPLATE_LOAD_TIME = true
|
||||
|
||||
[markup.asciidoc]
|
||||
ENABLED = false
|
||||
; List of file extensions that should be rendered by an external command
|
||||
FILE_EXTENSIONS = .adoc,.asciidoc
|
||||
; External command to render all matching extensions
|
||||
RENDER_COMMAND = "asciidoc --out-file=- -"
|
||||
; Don't pass the file on STDIN, pass the filename as argument instead.
|
||||
IS_INPUT_FILE = false
|
||||
|
||||
[metrics]
|
||||
; Enables metrics endpoint. True or false; default is false.
|
||||
ENABLED = {{ .Values.gitea.metrics.enabled }}
|
||||
; If you want to add authorization, specify a token here
|
||||
TOKEN = {{ .Values.gitea.metrics.token }}
|
||||
{{- if .Values.gitea.extraConfig }}
|
||||
|
||||
{{ .Values.gitea.extraConfig | indent 4 }}
|
||||
{{ end }}
|
|
@ -1,725 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
data:
|
||||
app.ini: |-
|
||||
; This file lists the default values used by Gitea
|
||||
; Copy required sections to your own app.ini (default is custom/conf/app.ini)
|
||||
; and modify as needed.
|
||||
|
||||
; see https://docs.gitea.io/en-us/config-cheat-sheet/ for additional documentation.
|
||||
|
||||
; App name that shows in every page title
|
||||
APP_NAME = Gitea: Git with a cup of tea
|
||||
; Change it if you run locally
|
||||
RUN_USER = git
|
||||
; Either "dev", "prod" or "test", default is "dev"
|
||||
RUN_MODE = dev
|
||||
|
||||
[repository]
|
||||
ROOT =
|
||||
SCRIPT_TYPE = bash
|
||||
; Default ANSI charset
|
||||
ANSI_CHARSET =
|
||||
; Force every new repository to be private
|
||||
FORCE_PRIVATE = false
|
||||
; Default privacy setting when creating a new repository, allowed values: last, private, public. Default is last which means the last setting used.
|
||||
DEFAULT_PRIVATE = last
|
||||
; Global limit of repositories per user, applied at creation time. -1 means no limit
|
||||
MAX_CREATION_LIMIT = -1
|
||||
; Mirror sync queue length, increase if mirror syncing starts hanging
|
||||
MIRROR_QUEUE_LENGTH = 1000
|
||||
; Patch test queue length, increase if pull request patch testing starts hanging
|
||||
PULL_REQUEST_QUEUE_LENGTH = 1000
|
||||
; Preferred Licenses to place at the top of the List
|
||||
; The name here must match the filename in conf/license or custom/conf/license
|
||||
PREFERRED_LICENSES = Apache License 2.0,MIT License
|
||||
; Disable the ability to interact with repositories using the HTTP protocol
|
||||
DISABLE_HTTP_GIT = false
|
||||
; Force ssh:// clone url instead of scp-style uri when default SSH port is used
|
||||
USE_COMPAT_SSH_URI = false
|
||||
|
||||
[repository.editor]
|
||||
; List of file extensions for which lines should be wrapped in the CodeMirror editor
|
||||
; Separate extensions with a comma. To line wrap files without an extension, just put a comma
|
||||
LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd,
|
||||
; Valid file modes that have a preview API associated with them, such as api/v1/markdown
|
||||
; Separate the values by commas. The preview tab in edit mode won't be displayed if the file extension doesn't match
|
||||
PREVIEWABLE_FILE_MODES = markdown
|
||||
|
||||
[repository.local]
|
||||
; Path for local repository copy. Defaults to `tmp/local-repo`
|
||||
LOCAL_COPY_PATH = tmp/local-repo
|
||||
; Path for local wiki copy. Defaults to `tmp/local-wiki`
|
||||
LOCAL_WIKI_PATH = tmp/local-wiki
|
||||
|
||||
[repository.upload]
|
||||
; Whether repository file uploads are enabled. Defaults to `true`
|
||||
ENABLED = true
|
||||
; Path for uploads. Defaults to `data/tmp/uploads` (tmp gets deleted on gitea restart)
|
||||
TEMP_PATH = data/tmp/uploads
|
||||
; One or more allowed types, e.g. image/jpeg|image/png. Nothing means any file type
|
||||
ALLOWED_TYPES =
|
||||
; Max size of each file in megabytes. Defaults to 3MB
|
||||
FILE_MAX_SIZE = 3
|
||||
; Max number of files per upload. Defaults to 5
|
||||
MAX_FILES = 5
|
||||
|
||||
[repository.pull-request]
|
||||
; List of prefixes used in Pull Request title to mark them as Work In Progress
|
||||
WORK_IN_PROGRESS_PREFIXES=WIP:,[WIP]
|
||||
|
||||
[ui]
|
||||
; Number of repositories that are displayed on one explore page
|
||||
EXPLORE_PAGING_NUM = 20
|
||||
; Number of issues that are displayed on one page
|
||||
ISSUE_PAGING_NUM = 10
|
||||
; Number of maximum commits displayed in one activity feed
|
||||
FEED_MAX_COMMIT_NUM = 5
|
||||
; Number of maximum commits displayed in commit graph.
|
||||
GRAPH_MAX_COMMIT_NUM = 100
|
||||
; Number of line of codes shown for a code comment
|
||||
CODE_COMMENT_LINES = 4
|
||||
; Value of `theme-color` meta tag, used by Android >= 5.0
|
||||
; An invalid color like "none" or "disable" will have the default style
|
||||
; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android
|
||||
THEME_COLOR_META_TAG = `#6cc644`
|
||||
; Max size of files to be displayed (default is 8MiB)
|
||||
MAX_DISPLAY_FILE_SIZE = 8388608
|
||||
; Whether the email of the user should be shown in the Explore Users page
|
||||
SHOW_USER_EMAIL = true
|
||||
; Set the default theme for the Gitea install
|
||||
DEFAULT_THEME = gitea
|
||||
|
||||
|
||||
[ui.admin]
|
||||
; Number of users that are displayed on one page
|
||||
USER_PAGING_NUM = 50
|
||||
; Number of repos that are displayed on one page
|
||||
REPO_PAGING_NUM = 50
|
||||
; Number of notices that are displayed on one page
|
||||
NOTICE_PAGING_NUM = 25
|
||||
; Number of organizations that are displayed on one page
|
||||
ORG_PAGING_NUM = 50
|
||||
|
||||
[ui.user]
|
||||
; Number of repos that are displayed on one page
|
||||
REPO_PAGING_NUM = 15
|
||||
|
||||
[ui.meta]
|
||||
AUTHOR = Gitea - Git with a cup of tea
|
||||
DESCRIPTION = Gitea (Git with a cup of tea) is a painless self-hosted Git service written in Go
|
||||
KEYWORDS = go,git,self-hosted,gitea
|
||||
|
||||
[markdown]
|
||||
; Enable hard line break extension
|
||||
ENABLE_HARD_LINE_BREAK = false
|
||||
; List of custom URL-Schemes that are allowed as links when rendering Markdown
|
||||
; for example git,magnet
|
||||
CUSTOM_URL_SCHEMES =
|
||||
; List of file extensions that should be rendered/edited as Markdown
|
||||
; Separate the extensions with a comma. To render files without any extension as markdown, just put a comma
|
||||
FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd
|
||||
|
||||
[server]
|
||||
; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'.
|
||||
|
||||
; PROTOCOL hardcoded to http since tls is delegated to ingress
|
||||
PROTOCOL = http
|
||||
{{- if .Values.service.http.externalHost }}
|
||||
DOMAIN = {{ .Values.service.http.externalHost }}
|
||||
{{- else if .Values.ingress.enabled }}
|
||||
DOMAIN = {{ .Values.ingress.hostname }}
|
||||
{{- else }}
|
||||
DOMAIN = {{ template "fullname" . }}-http.{{ .Release.Namespace }}.svc.cluster.local
|
||||
{{- end -}}
|
||||
{{ if .Values.ingress.tls }}
|
||||
{{- $proto := set . "proto" "https" }}
|
||||
{{- else -}}
|
||||
{{- $proto := set . "proto" "http" }}
|
||||
{{- end -}}
|
||||
{{- if and .Values.service.http.externalHost ( .Values.service.http.externalPort ) }}
|
||||
ROOT_URL = {{ .proto }}://{{ .Values.service.http.externalHost }}:{{ .Values.service.http.externalPort }}/
|
||||
{{- else if .Values.service.http.externalHost }}
|
||||
ROOT_URL = {{ .proto }}://{{ .Values.service.http.externalHost }}/
|
||||
{{- else if .Values.ingress.enabled }}
|
||||
ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s
|
||||
{{- else }}
|
||||
ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
|
||||
{{- end -}}
|
||||
; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
|
||||
HTTP_ADDR = 0.0.0.0
|
||||
HTTP_PORT = {{ .Values.service.http.port }}
|
||||
; If REDIRECT_OTHER_PORT is true, and PROTOCOL is set to https an http server
|
||||
; will be started on PORT_TO_REDIRECT and it will redirect plain, non-secure http requests to the main
|
||||
; ROOT_URL. Defaults are false for REDIRECT_OTHER_PORT and 80 for
|
||||
; PORT_TO_REDIRECT.
|
||||
REDIRECT_OTHER_PORT = false
|
||||
PORT_TO_REDIRECT = 80
|
||||
; Permission for unix socket
|
||||
UNIX_SOCKET_PERMISSION = 666
|
||||
; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
|
||||
; In most cases you do not need to change the default value.
|
||||
; Alter it only if your SSH server node is not the same as HTTP node.
|
||||
; Do not set this variable if PROTOCOL is set to 'unix'.
|
||||
LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
|
||||
; Disable SSH feature when not available
|
||||
DISABLE_SSH = false
|
||||
; Whether to use the builtin SSH server or not.
|
||||
START_SSH_SERVER = false
|
||||
; Username to use for the builtin SSH server. If blank, then it is the value of RUN_USER.
|
||||
BUILTIN_SSH_SERVER_USER =
|
||||
; Domain name to be exposed in clone URL
|
||||
{{- if .Values.service.ssh.externalHost }}
|
||||
SSH_DOMAIN = {{ .Values.service.ssh.externalHost }}
|
||||
{{- else }}
|
||||
SSH_DOMAIN = {{ template "fullname" . }}-ssh.{{ .Release.Namespace }}.svc.cluster.local
|
||||
{{- end }}
|
||||
; THe network interface the builtin SSH server should listen on
|
||||
SSH_LISTEN_HOST =
|
||||
; Port number to be exposed in clone URL
|
||||
{{- if .Values.service.ssh.externalPort }}
|
||||
SSH_PORT = {{ .Values.service.ssh.externalPort }}
|
||||
{{- else }}
|
||||
SSH_PORT = {{ .Values.service.ssh.port }}
|
||||
{{- end }}
|
||||
; The port number the builtin SSH server should listen on
|
||||
SSH_LISTEN_PORT = {{ .Values.service.ssh.port }}
|
||||
; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
|
||||
SSH_ROOT_PATH =
|
||||
; Gitea will create a authorized_keys file by default when it is not using the internal ssh server
|
||||
; If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
|
||||
SSH_CREATE_AUTHORIZED_KEYS_FILE = true
|
||||
; For the built-in SSH server, choose the ciphers to support for SSH connections,
|
||||
; for system SSH this setting has no effect
|
||||
SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
|
||||
; For the built-in SSH server, choose the key exchange algorithms to support for SSH connections,
|
||||
; for system SSH this setting has no effect
|
||||
SSH_SERVER_KEY_EXCHANGES = diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256@libssh.org
|
||||
; For the built-in SSH server, choose the MACs to support for SSH connections,
|
||||
; for system SSH this setting has no effect
|
||||
SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1, hmac-sha1-96
|
||||
; Directory to create temporary files in when testing public keys using ssh-keygen,
|
||||
; default is the system temporary directory.
|
||||
SSH_KEY_TEST_PATH =
|
||||
; Path to ssh-keygen, default is 'ssh-keygen' which means the shell is responsible for finding out which one to call.
|
||||
SSH_KEYGEN_PATH = ssh-keygen
|
||||
; Enable SSH Authorized Key Backup when rewriting all keys, default is true
|
||||
SSH_BACKUP_AUTHORIZED_KEYS = true
|
||||
; Enable exposure of SSH clone URL to anonymous visitors, default is false
|
||||
SSH_EXPOSE_ANONYMOUS = false
|
||||
; Indicate whether to check minimum key size with corresponding type
|
||||
MINIMUM_KEY_SIZE_CHECK = false
|
||||
; Disable CDN even in "prod" mode
|
||||
OFFLINE_MODE = {{ .Values.config.offlineMode }}
|
||||
DISABLE_ROUTER_LOG = false
|
||||
; Generate steps:
|
||||
; $ ./gitea cert -ca=true -duration=8760h0m0s -host=myhost.example.com
|
||||
;
|
||||
; Or from a .pfx file exported from the Windows certificate store (do
|
||||
; not forget to export the private key):
|
||||
; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
|
||||
; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
|
||||
CERT_FILE = custom/https/cert.pem
|
||||
KEY_FILE = custom/https/key.pem
|
||||
; Root directory containing templates and static files.
|
||||
; default is the path where Gitea is executed
|
||||
STATIC_ROOT_PATH =
|
||||
; Default path for App data
|
||||
APP_DATA_PATH = data
|
||||
; Application level GZIP support
|
||||
ENABLE_GZIP = false
|
||||
; Application profiling (memory and cpu)
|
||||
; For "web" command it listens on localhost:6060
|
||||
; For "serve" command it dumps to disk at PPROF_DATA_PATH as (cpuprofile|memprofile)_<username>_<temporary id>
|
||||
ENABLE_PPROF = false
|
||||
; PPROF_DATA_PATH, use an absolute path when you start gitea as service
|
||||
PPROF_DATA_PATH = data/tmp/pprof
|
||||
; Landing page, can be "home", "explore", or "organizations"
|
||||
LANDING_PAGE = home
|
||||
; Enables git-lfs support. true or false, default is false.
|
||||
LFS_START_SERVER = false
|
||||
; Where your lfs files reside, default is data/lfs.
|
||||
LFS_CONTENT_PATH = data/lfs
|
||||
; LFS authentication secret, change this yourself
|
||||
LFS_JWT_SECRET =
|
||||
; LFS authentication validity period (in time.Duration), pushes taking longer than this may fail.
|
||||
LFS_HTTP_AUTH_EXPIRY = 20m
|
||||
|
||||
|
||||
; Define allowed algorithms and their minimum key length (use -1 to disable a type)
|
||||
[ssh.minimum_key_sizes]
|
||||
ED25519 = 256
|
||||
ECDSA = 256
|
||||
RSA = 2048
|
||||
DSA = 1024
|
||||
|
||||
[database]
|
||||
{{ if .Values.externalDB }}
|
||||
; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
|
||||
DB_TYPE = {{ .Values.dbType }}
|
||||
HOST = {{ .Values.externalDB.dbHost }}:{{ .Values.externalDB.dbPort }}
|
||||
NAME = {{ .Values.externalDB.dbDatabase }}
|
||||
USER = {{ .Values.externalDB.dbUser }}
|
||||
PASSWD = {{ .Values.externalDB.dbPassword }}
|
||||
{{ else if .Values.mariadb.enabled }}
|
||||
; Either "mysql", "postgres", "mssql" or "sqlite3", it's your choice
|
||||
DB_TYPE = mysql
|
||||
HOST = {{ template "mariadb.fullname" . }}:3306
|
||||
NAME = {{ .Values.mariadb.db.name }}
|
||||
USER = {{ .Values.mariadb.db.user }}
|
||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||
{{ if .Values.mariadb.password }}
|
||||
PASSWD = {{ .Values.mariadb.db.password }}
|
||||
{{ else }}
|
||||
PASSWD = MARIADB_PASSWORD
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
; For "postgres" only, either "disable", "require" or "verify-full"
|
||||
SSL_MODE = disable
|
||||
; For "sqlite3" and "tidb", use an absolute path when you start gitea as service
|
||||
PATH = data/gitea.db
|
||||
; For "sqlite3" only. Query timeout
|
||||
SQLITE_TIMEOUT = 500
|
||||
; For iterate buffer, default is 50
|
||||
ITERATE_BUFFER_SIZE = 50
|
||||
; Show the database generated SQL
|
||||
LOG_SQL = true
|
||||
|
||||
[indexer]
|
||||
ISSUE_INDEXER_PATH = indexers/issues.bleve
|
||||
; repo indexer by default disabled, since it uses a lot of disk space
|
||||
REPO_INDEXER_ENABLED = false
|
||||
REPO_INDEXER_PATH = indexers/repos.bleve
|
||||
UPDATE_BUFFER_LEN = 20
|
||||
MAX_FILE_SIZE = 1048576
|
||||
|
||||
[admin]
|
||||
; Disallow regular (non-admin) users from creating organizations.
|
||||
DISABLE_REGULAR_ORG_CREATION = false
|
||||
|
||||
[security]
|
||||
; Whether the installer is disabled
|
||||
INSTALL_LOCK = {{ .Values.config.disableInstaller }}
|
||||
; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
|
||||
{{ if .Values.config.secretKey }}
|
||||
SECRET_KEY = {{ .Values.config.secretKey }}
|
||||
{{ else }}
|
||||
SECRET_KEY = {{ randAlphaNum 64 | quote }}
|
||||
{{ end }}
|
||||
|
||||
|
||||
; How long to remember that an user is logged in before requiring relogin (in days)
|
||||
LOGIN_REMEMBER_DAYS = 7
|
||||
COOKIE_USERNAME = gitea_awesome
|
||||
COOKIE_REMEMBER_NAME = gitea_incredible
|
||||
; Reverse proxy authentication header name of user name
|
||||
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
|
||||
; The minimum password length for new Users
|
||||
MIN_PASSWORD_LENGTH = 6
|
||||
; Set to true to allow users to import local server paths
|
||||
IMPORT_LOCAL_PATHS = false
|
||||
; Set to true to prevent all users (including admin) from creating custom git hooks
|
||||
DISABLE_GIT_HOOKS = false
|
||||
|
||||
[openid]
|
||||
;
|
||||
; OpenID is an open, standard and decentralized authentication protocol.
|
||||
; Your identity is the address of a webpage you provide, which describes
|
||||
; how to prove you are in control of that page.
|
||||
;
|
||||
; For more info: https://en.wikipedia.org/wiki/OpenID
|
||||
;
|
||||
; Current implementation supports OpenID-2.0
|
||||
;
|
||||
; Tested to work providers at the time of writing:
|
||||
; - Any GNUSocial node (your.hostname.tld/username)
|
||||
; - Any SimpleID provider (http://simpleid.koinic.net)
|
||||
; - http://openid.org.cn/
|
||||
; - openid.stackexchange.com
|
||||
; - login.launchpad.net
|
||||
; - <username>.livejournal.com
|
||||
;
|
||||
; Whether to allow signin in via OpenID
|
||||
ENABLE_OPENID_SIGNIN = {{ .Values.config.openidSignin }}
|
||||
; Whether to allow registering via OpenID
|
||||
; Do not include to rely on rhw DISABLE_REGISTRATION setting
|
||||
;ENABLE_OPENID_SIGNUP = true
|
||||
; Allowed URI patterns (POSIX regexp).
|
||||
; Space separated.
|
||||
; Only these would be allowed if non-blank.
|
||||
; Example value: trusted.domain.org trusted.domain.net
|
||||
WHITELISTED_URIS =
|
||||
; Forbidden URI patterns (POSIX regexp).
|
||||
; Space separated.
|
||||
; Only used if WHITELISTED_URIS is blank.
|
||||
; Example value: loadaverage.org/badguy stackexchange.com/.*spammer
|
||||
BLACKLISTED_URIS =
|
||||
|
||||
[service]
|
||||
; Time limit to confirm account/email registration
|
||||
ACTIVE_CODE_LIVE_MINUTES = 180
|
||||
; Time limit to perform the reset of a forgotten password
|
||||
RESET_PASSWD_CODE_LIVE_MINUTES = 180
|
||||
; Whether a new user needs to confirm their email when registering.
|
||||
REGISTER_EMAIL_CONFIRM = false
|
||||
; List of domain names that are allowed to be used to register on a Gitea instance
|
||||
; gitea.io,example.com
|
||||
EMAIL_DOMAIN_WHITELIST=
|
||||
; Disallow registration, only allow admins to create accounts.
|
||||
DISABLE_REGISTRATION = {{ .Values.config.disableRegistration }}
|
||||
; Allow registration only using third-party services, it works only when DISABLE_REGISTRATION is false
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
||||
; User must sign in to view anything.
|
||||
REQUIRE_SIGNIN_VIEW = {{ .Values.config.requireSignin }}
|
||||
; Mail notification
|
||||
ENABLE_NOTIFY_MAIL = false
|
||||
; More detail: https://github.com/gogits/gogs/issues/165
|
||||
ENABLE_REVERSE_PROXY_AUTHENTICATION = false
|
||||
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
|
||||
; Enable captcha validation for registration
|
||||
ENABLE_CAPTCHA = false
|
||||
; Type of captcha you want to use. Options: image, recaptcha
|
||||
CAPTCHA_TYPE = image
|
||||
; Enable recaptcha to use Google's recaptcha service
|
||||
; Go to https://www.google.com/recaptcha/admin to sign up for a key
|
||||
RECAPTCHA_SECRET =
|
||||
RECAPTCHA_SITEKEY =
|
||||
; Default value for KeepEmailPrivate
|
||||
; Each new user will get the value of this setting copied into their profile
|
||||
DEFAULT_KEEP_EMAIL_PRIVATE = false
|
||||
; Default value for AllowCreateOrganization
|
||||
; Every new user will have rights set to create organizations depending on this setting
|
||||
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
|
||||
; Default value for EnableDependencies
|
||||
; Repositories will use dependencies by default depending on this setting
|
||||
DEFAULT_ENABLE_DEPENDENCIES = true
|
||||
; Enable heatmap on users profiles.
|
||||
ENABLE_USER_HEATMAP = true
|
||||
; Enable Timetracking
|
||||
ENABLE_TIMETRACKING = true
|
||||
; Default value for EnableTimetracking
|
||||
; Repositories will use timetracking by default depending on this setting
|
||||
DEFAULT_ENABLE_TIMETRACKING = true
|
||||
; Default value for AllowOnlyContributorsToTrackTime
|
||||
; Only users with write permissions can track time if this is true
|
||||
DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true
|
||||
; Default value for the domain part of the user's email address in the git log
|
||||
; if he has set KeepEmailPrivate to true. The user's email will be replaced with a
|
||||
; concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.
|
||||
NO_REPLY_ADDRESS = noreply.example.org
|
||||
|
||||
[webhook]
|
||||
; Hook task queue length, increase if webhook shooting starts hanging
|
||||
QUEUE_LENGTH = 1000
|
||||
; Deliver timeout in seconds
|
||||
DELIVER_TIMEOUT = 5
|
||||
; Allow insecure certification
|
||||
SKIP_TLS_VERIFY = false
|
||||
; Number of history information in each page
|
||||
PAGING_NUM = 10
|
||||
|
||||
[mailer]
|
||||
ENABLED = false
|
||||
; Buffer length of channel, keep it as it is if you don't know what it is.
|
||||
SEND_BUFFER_LEN = 100
|
||||
; Name displayed in mail title
|
||||
SUBJECT = %(APP_NAME)s
|
||||
; Mail server
|
||||
; Gmail: smtp.gmail.com:587
|
||||
; QQ: smtp.qq.com:465
|
||||
; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
|
||||
HOST =
|
||||
; Disable HELO operation when hostnames are different.
|
||||
DISABLE_HELO =
|
||||
; Custom hostname for HELO operation, if no value is provided, one is retrieved from system.
|
||||
HELO_HOSTNAME =
|
||||
; Do not verify the certificate of the server. Only use this for self-signed certificates
|
||||
SKIP_VERIFY =
|
||||
; Use client certificate
|
||||
USE_CERTIFICATE = false
|
||||
CERT_FILE = custom/mailer/cert.pem
|
||||
KEY_FILE = custom/mailer/key.pem
|
||||
; Should SMTP connection use TLS
|
||||
IS_TLS_ENABLED = false
|
||||
; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
|
||||
FROM =
|
||||
; Mailer user name and password
|
||||
USER =
|
||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||
PASSWD =
|
||||
; Send mails as plain text
|
||||
SEND_AS_PLAIN_TEXT = false
|
||||
; Enable sendmail (override SMTP)
|
||||
USE_SENDMAIL = false
|
||||
; Specify an alternative sendmail binary
|
||||
SENDMAIL_PATH = sendmail
|
||||
; Specify any extra sendmail arguments
|
||||
SENDMAIL_ARGS =
|
||||
|
||||
[cache]
|
||||
; Either "memory", "redis", or "memcache", default is "memory"
|
||||
ADAPTER = memcache
|
||||
; For "memory" only, GC interval in seconds, default is 60
|
||||
INTERVAL = 60
|
||||
; For "redis" and "memcache", connection host address
|
||||
;redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
|
||||
HOST = 127.0.0.1:11211
|
||||
; Time to keep items in cache if not used, default is 16 hours.
|
||||
; Setting it to 0 disables caching
|
||||
ITEM_TTL = 16h
|
||||
|
||||
[session]
|
||||
; Either "memory", "file", or "redis", default is "memory"
|
||||
PROVIDER = memory
|
||||
; Provider config options
|
||||
; memory: doesn't have any config yet
|
||||
; file: session file path, e.g. `data/sessions`
|
||||
; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
|
||||
; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
|
||||
PROVIDER_CONFIG = data/sessions
|
||||
; Session cookie name
|
||||
COOKIE_NAME = i_like_gitea
|
||||
; If you use session in https only, default is false
|
||||
COOKIE_SECURE = false
|
||||
; Enable set cookie, default is true
|
||||
ENABLE_SET_COOKIE = true
|
||||
; Session GC time interval in seconds, default is 86400 (1 day)
|
||||
GC_INTERVAL_TIME = 86400
|
||||
; Session life time in seconds, default is 86400 (1 day)
|
||||
SESSION_LIFE_TIME = 86400
|
||||
|
||||
[picture]
|
||||
AVATAR_UPLOAD_PATH = data/avatars
|
||||
; Max Width and Height of uploaded avatars. This is to limit the amount of RAM
|
||||
; used when resizing the image.
|
||||
AVATAR_MAX_WIDTH = 4096
|
||||
AVATAR_MAX_HEIGHT = 3072
|
||||
; Chinese users can choose "duoshuo"
|
||||
; or a custom avatar source, like: http://cn.gravatar.com/avatar/
|
||||
GRAVATAR_SOURCE = gravatar
|
||||
; This value will always be true in offline mode.
|
||||
DISABLE_GRAVATAR = false
|
||||
; Federated avatar lookup uses DNS to discover avatar associated
|
||||
; with emails, see https://www.libravatar.org
|
||||
; This value will always be false in offline mode or when Gravatar is disabled.
|
||||
ENABLE_FEDERATED_AVATAR = false
|
||||
|
||||
[attachment]
|
||||
; Whether attachments are enabled. Defaults to `true`
|
||||
ENABLED = true
|
||||
; Path for attachments. Defaults to `data/attachments`
|
||||
PATH = data/attachments
|
||||
; One or more allowed types, e.g. image/jpeg|image/png
|
||||
ALLOWED_TYPES = image/jpeg|image/png|application/zip|application/gzip
|
||||
; Max size of each file. Defaults to 4MB
|
||||
MAX_SIZE = 4
|
||||
; Max number of files per upload. Defaults to 5
|
||||
MAX_FILES = 5
|
||||
|
||||
[log]
|
||||
ROOT_PATH =
|
||||
; Either "console", "file", "conn", "smtp" or "database", default is "console"
|
||||
; Use comma to separate multiple modes, e.g. "console, file"
|
||||
MODE = console
|
||||
; Buffer length of the channel, keep it as it is if you don't know what it is.
|
||||
BUFFER_LEN = 10000
|
||||
; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
|
||||
LEVEL = Critical
|
||||
|
||||
; For "console" mode only
|
||||
[log.console]
|
||||
LEVEL =
|
||||
|
||||
; For "file" mode only
|
||||
[log.file]
|
||||
LEVEL =
|
||||
; This enables automated log rotate(switch of following options), default is true
|
||||
LOG_ROTATE = true
|
||||
; Max number of lines in a single file, default is 1000000
|
||||
MAX_LINES = 1000000
|
||||
; Max size shift of a single file, default is 28 means 1 << 28, 256MB
|
||||
MAX_SIZE_SHIFT = 28
|
||||
; Segment log daily, default is true
|
||||
DAILY_ROTATE = true
|
||||
; delete the log file after n days, default is 7
|
||||
MAX_DAYS = 7
|
||||
|
||||
; For "conn" mode only
|
||||
[log.conn]
|
||||
LEVEL =
|
||||
; Reconnect host for every single message, default is false
|
||||
RECONNECT_ON_MSG = false
|
||||
; Try to reconnect when connection is lost, default is false
|
||||
RECONNECT = false
|
||||
; Either "tcp", "unix" or "udp", default is "tcp"
|
||||
PROTOCOL = tcp
|
||||
; Host address
|
||||
ADDR =
|
||||
|
||||
; For "smtp" mode only
|
||||
[log.smtp]
|
||||
LEVEL =
|
||||
; Name displayed in mail title, default is "Diagnostic message from server"
|
||||
SUBJECT = Diagnostic message from server
|
||||
; Mail server
|
||||
HOST =
|
||||
; Mailer user name and password
|
||||
USER =
|
||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||
PASSWD =
|
||||
; Receivers, can be one or more, e.g. 1@example.com,2@example.com
|
||||
RECEIVERS =
|
||||
|
||||
; For "database" mode only
|
||||
[log.database]
|
||||
LEVEL =
|
||||
; Either "mysql" or "postgres"
|
||||
DRIVER =
|
||||
; Based on xorm, e.g.: root:root@localhost/gitea?charset=utf8
|
||||
CONN =
|
||||
|
||||
[cron]
|
||||
; Enable running cron tasks periodically.
|
||||
ENABLED = true
|
||||
; Run cron tasks when Gitea starts.
|
||||
RUN_AT_START = false
|
||||
|
||||
; Update mirrors
|
||||
[cron.update_mirrors]
|
||||
SCHEDULE = @every 10m
|
||||
|
||||
; Repository health check
|
||||
[cron.repo_health_check]
|
||||
SCHEDULE = @every 24h
|
||||
TIMEOUT = 60s
|
||||
; Arguments for command 'git fsck', e.g. "--unreachable --tags"
|
||||
; see more on http://git-scm.com/docs/git-fsck
|
||||
ARGS =
|
||||
|
||||
; Check repository statistics
|
||||
[cron.check_repo_stats]
|
||||
RUN_AT_START = true
|
||||
SCHEDULE = @every 24h
|
||||
|
||||
; Clean up old repository archives
|
||||
[cron.archive_cleanup]
|
||||
; Whether to enable the job
|
||||
ENABLED = true
|
||||
; Whether to always run at least once at start up time (if ENABLED)
|
||||
RUN_AT_START = true
|
||||
; Time interval for job to run
|
||||
SCHEDULE = @every 24h
|
||||
; Archives created more than OLDER_THAN ago are subject to deletion
|
||||
OLDER_THAN = 24h
|
||||
|
||||
; Synchronize external user data (only LDAP user synchronization is supported)
|
||||
[cron.sync_external_users]
|
||||
; Synchronize external user data when starting server (default false)
|
||||
RUN_AT_START = false
|
||||
; Interval as a duration between each synchronization (default every 24h)
|
||||
SCHEDULE = @every 24h
|
||||
; Create new users, update existing user data and disable users that are not in external source anymore (default)
|
||||
; or only create new users if UPDATE_EXISTING is set to false
|
||||
UPDATE_EXISTING = true
|
||||
|
||||
[git]
|
||||
; Disables highlight of added and removed changes
|
||||
DISABLE_DIFF_HIGHLIGHT = false
|
||||
; Max number of lines allowed in a single file in diff view
|
||||
MAX_GIT_DIFF_LINES = 1000
|
||||
; Max number of allowed characters in a line in diff view
|
||||
MAX_GIT_DIFF_LINE_CHARACTERS = 5000
|
||||
; Max number of files shown in diff view
|
||||
MAX_GIT_DIFF_FILES = 100
|
||||
; Arguments for command 'git gc', e.g. "--aggressive --auto"
|
||||
; see more on http://git-scm.com/docs/git-gc/
|
||||
GC_ARGS =
|
||||
|
||||
; Operation timeout in seconds
|
||||
[git.timeout]
|
||||
MIGRATE = 600
|
||||
MIRROR = 300
|
||||
CLONE = 300
|
||||
PULL = 300
|
||||
GC = 60
|
||||
|
||||
[mirror]
|
||||
; Default interval as a duration between each check
|
||||
DEFAULT_INTERVAL = 8h
|
||||
; Min interval as a duration must be > 1m
|
||||
MIN_INTERVAL = 10m
|
||||
|
||||
[api]
|
||||
; Enables Swagger. True or false; default is true.
|
||||
ENABLE_SWAGGER = true
|
||||
; Max number of items in a page
|
||||
MAX_RESPONSE_ITEMS = 50
|
||||
|
||||
[i18n]
|
||||
LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR
|
||||
NAMES = English,简体中文,繁體中文(香港),繁體中文(台灣),Deutsch,français,Nederlands,latviešu,русский,Українська,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어
|
||||
|
||||
; Used for datetimepicker
|
||||
[i18n.datelang]
|
||||
en-US = en
|
||||
zh-CN = zh
|
||||
zh-HK = zh-HK
|
||||
zh-TW = zh-TW
|
||||
de-DE = de
|
||||
fr-FR = fr
|
||||
nl-NL = nl
|
||||
lv-LV = lv
|
||||
ru-RU = ru
|
||||
uk-UA = uk
|
||||
ja-JP = ja
|
||||
es-ES = es
|
||||
pt-BR = pt-BR
|
||||
pl-PL = pl
|
||||
bg-BG = bg
|
||||
it-IT = it
|
||||
fi-FI = fi
|
||||
tr-TR = tr
|
||||
cs-CZ = cs-CZ
|
||||
sr-SP = sr
|
||||
sv-SE = sv
|
||||
ko-KR = ko
|
||||
|
||||
[U2F]
|
||||
; Two Factor authentication with security keys
|
||||
; https://developers.yubico.com/U2F/App_ID.html
|
||||
;APP_ID = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
|
||||
; Comma seperated list of truisted facets
|
||||
;TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
|
||||
|
||||
; Extension mapping to highlight class
|
||||
; e.g. .toml=ini
|
||||
[highlight.mapping]
|
||||
|
||||
[other]
|
||||
SHOW_FOOTER_BRANDING = false
|
||||
; Show version information about Gitea and Go in the footer
|
||||
SHOW_FOOTER_VERSION = true
|
||||
; Show template execution time in the footer
|
||||
SHOW_FOOTER_TEMPLATE_LOAD_TIME = true
|
||||
|
||||
[markup.asciidoc]
|
||||
ENABLED = false
|
||||
; List of file extensions that should be rendered by an external command
|
||||
FILE_EXTENSIONS = .adoc,.asciidoc
|
||||
; External command to render all matching extensions
|
||||
RENDER_COMMAND = "asciidoc --out-file=- -"
|
||||
; Don't pass the file on STDIN, pass the filename as argument instead.
|
||||
IS_INPUT_FILE = false
|
||||
|
||||
[metrics]
|
||||
; Enables metrics endpoint. True or false; default is false.
|
||||
ENABLED = false
|
||||
; If you want to add authorization, specify a token here
|
||||
TOKEN =
|
|
@ -1,29 +0,0 @@
|
|||
{{- if and .Values.persistence.enabled (not .Values.persistence.existingGiteaClaim) (not .Values.persistence.directGiteaVolumeMount) -}}
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: gitea
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
{{- if .Values.persistence.annotations }}
|
||||
annotations:
|
||||
{{ toYaml .Values.persistence.annotations | indent 4 }}
|
||||
{{- end }}
|
||||
|
||||
spec:
|
||||
accessModes:
|
||||
- {{ .Values.persistence.accessMode | quote }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.giteaSize | quote }}
|
||||
{{- if .Values.persistence.storageClass }}
|
||||
{{- if (eq "-" .Values.persistence.storageClass) }}
|
||||
storageClassName: ""
|
||||
{{- else }}
|
||||
storageClassName: "{{ .Values.persistence.storageClass }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -1,24 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}-ssh
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
type: {{ .Values.service.ssh.serviceType }}
|
||||
{{- with .Values.service.ssh.externalIPs }}
|
||||
externalIPs:
|
||||
{{ toYaml . | indent 2 | trim }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: ssh
|
||||
port: {{ .Values.service.ssh.port }}
|
||||
targetPort: ssh
|
||||
{{- if .Values.service.ssh.nodePort }}
|
||||
nodePort: {{ .Values.service.ssh.nodePort }}
|
||||
{{- end }}
|
||||
selector:
|
||||
app: {{ template "fullname" . }}
|
|
@ -1,14 +1,12 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}-http
|
||||
name: {{ include "gitea.fullname" . }}-http
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
spec:
|
||||
type: {{ .Values.service.http.serviceType }}
|
||||
type: {{ .Values.service.http.type }}
|
||||
clusterIP: None
|
||||
ports:
|
||||
- name: http
|
||||
port: {{ .Values.service.http.port }}
|
||||
|
@ -17,4 +15,4 @@ spec:
|
|||
{{- end }}
|
||||
targetPort: {{ .Values.service.http.port }}
|
||||
selector:
|
||||
app: {{ template "fullname" . }}
|
||||
{{- include "gitea.selectorLabels" . | nindent 4 }}
|
39
templates/gitea/ingress.yaml
Normal file
39
templates/gitea/ingress.yaml
Normal file
|
@ -0,0 +1,39 @@
|
|||
{{- if .Values.ingress.enabled -}}
|
||||
{{- $fullName := include "gitea.fullname" . -}}
|
||||
{{- $httpPort := .Values.service.http.port -}}
|
||||
{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
apiVersion: networking.k8s.io/v1beta1
|
||||
{{- else -}}
|
||||
apiVersion: extensions/v1beta1
|
||||
{{- end }}
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ $fullName }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
{{- with .Values.ingress.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if .Values.ingress.tls }}
|
||||
tls:
|
||||
{{- range .Values.ingress.tls }}
|
||||
- hosts:
|
||||
{{- range .hosts }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
secretName: {{ .secretName }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- range .Values.ingress.hosts }}
|
||||
- host: {{ . | quote }}
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: {{ $fullName }}-http
|
||||
servicePort: {{ $httpPort }}
|
||||
{{- end }}
|
||||
{{- end }}
|
24
templates/gitea/ssh-svc.yaml
Normal file
24
templates/gitea/ssh-svc.yaml
Normal file
|
@ -0,0 +1,24 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "gitea.fullname" . }}-ssh
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
annotations:
|
||||
{{ toYaml .Values.service.ssh.annotations | indent 4 }}
|
||||
spec:
|
||||
type: {{ .Values.service.ssh.type }}
|
||||
{{- if (.Values.service.ssh.loadBalancerIP) and eq .Values.service.ssh.serviceType "LoadBalancer" }}
|
||||
loadBalancerIP: {{ .Values.service.ssh.loadBalancerIP }}
|
||||
{{- end }}
|
||||
clusterIP: None
|
||||
ports:
|
||||
- name: ssh
|
||||
port: {{ .Values.service.ssh.port }}
|
||||
targetPort: ssh
|
||||
protocol: TCP
|
||||
{{- if .Values.service.ssh.nodePort }}
|
||||
nodePort: {{ .Values.service.ssh.nodePort }}
|
||||
{{- end }}
|
||||
selector:
|
||||
{{- include "gitea.selectorLabels" . | nindent 4 }}
|
146
templates/gitea/statefulset.yaml
Normal file
146
templates/gitea/statefulset.yaml
Normal file
|
@ -0,0 +1,146 @@
|
|||
apiVersion: apps/v1
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
name: {{ include "gitea.fullname" . }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
spec:
|
||||
replicas: {{ .Values.replicaCount }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "gitea.selectorLabels" . | nindent 6 }}
|
||||
serviceName: {{ include "gitea.fullname" . }}
|
||||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
checksum/config: {{ include (print $.Template.BasePath "/gitea/config.yaml") . | sha256sum }}
|
||||
labels:
|
||||
{{- include "gitea.selectorLabels" . | nindent 8 }}
|
||||
spec:
|
||||
initContainers:
|
||||
- name: init
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.version }}"
|
||||
env:
|
||||
- name: SCRIPT
|
||||
value: &script |-
|
||||
mkdir -p /data/gitea/conf
|
||||
cp /etc/gitea/conf/app.ini /data/gitea/conf/app.ini
|
||||
chmod a+rwx /data/gitea/conf/app.ini
|
||||
nc -v -w2 -z {{ include "postgresql.servicename" . }} {{ .Values.postgresql.global.postgresql.servicePort }} && \
|
||||
su git -c ' \
|
||||
gitea migrate; \
|
||||
{{- if and .Values.gitea.config.adminUser (.Values.gitea.config.adminPassword) }}
|
||||
gitea admin create-user --username {{ .Values.gitea.config.adminUser }} --password '{{ .Values.gitea.config.adminPassword }}' --email {{ .Values.gitea.config.adminEmail }} --admin \
|
||||
|| \
|
||||
gitea admin change-password --username {{ .Values.gitea.config.adminUser }} --password '{{ .Values.gitea.config.adminPassword }}'; \
|
||||
{{- end }}
|
||||
{{- if .Values.gitea.ldap.enabled }}
|
||||
gitea admin auth add-ldap \
|
||||
--name {{ .Values.gitea.ldap.name | quote }} \
|
||||
--security-protocol {{ .Values.gitea.ldap.securityProtocol | quote }} \
|
||||
--host {{ .Values.gitea.ldap.host | quote }} \
|
||||
--port {{ .Values.gitea.ldap.port | int}} \
|
||||
--user-search-base {{ .Values.gitea.ldap.userSearchBase | quote }} \
|
||||
--user-filter {{ .Values.gitea.ldap.userFilter | quote }} \
|
||||
--admin-filter {{ .Values.gitea.ldap.adminFilter | quote }} \
|
||||
--email-attribute {{ .Values.gitea.ldap.emailAttribute | quote }} \
|
||||
--bind-dn {{ .Values.gitea.ldap.bindDn | quote }} \
|
||||
--bind-password {{ .Values.gitea.ldap.bindPassword | quote }} \
|
||||
--synchronize-users \
|
||||
--username-attribute {{ .Values.gitea.ldap.usernameAttribute | quote }} \
|
||||
|| \
|
||||
( \
|
||||
export GITEA_AUTH_ID=$(gitea admin auth list | grep {{ .Values.gitea.ldap.name | quote }} | awk -F " " "{print \$1}"); \
|
||||
gitea admin auth update-ldap --id ${GITEA_AUTH_ID} \
|
||||
--name {{ .Values.gitea.ldap.name | quote }} \
|
||||
--security-protocol {{ .Values.gitea.ldap.securityProtocol | quote }} \
|
||||
--host {{ .Values.gitea.ldap.host | quote }} \
|
||||
--port {{ .Values.gitea.ldap.port | int}} \
|
||||
--user-search-base {{ .Values.gitea.ldap.userSearchBase | quote }} \
|
||||
--user-filter {{ .Values.gitea.ldap.userFilter | quote }} \
|
||||
--admin-filter {{ .Values.gitea.ldap.adminFilter | quote }} \
|
||||
--email-attribute {{ .Values.gitea.ldap.emailAttribute | quote }} \
|
||||
--bind-dn {{ .Values.gitea.ldap.bindDn | quote }} \
|
||||
--bind-password {{ .Values.gitea.ldap.bindPassword | quote }} \
|
||||
--synchronize-users \
|
||||
--username-attribute {{ .Values.gitea.ldap.usernameAttribute | quote }} \
|
||||
) \
|
||||
{{- end }}
|
||||
'
|
||||
command: ["/bin/sh",'-c', *script]
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /etc/gitea/conf
|
||||
- name: data
|
||||
mountPath: /data
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.version }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
env:
|
||||
- name: SCRIPT
|
||||
value: &script |-
|
||||
sleep 30
|
||||
gitea migrate
|
||||
ports:
|
||||
- name: ssh
|
||||
containerPort: {{ .Values.service.ssh.port }}
|
||||
- name: http
|
||||
containerPort: {{ .Values.service.http.port }}
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: http
|
||||
initialDelaySeconds: 200
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
failureThreshold: 10
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: http
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
failureThreshold: 3
|
||||
resources:
|
||||
{{- toYaml .Values.resources | nindent 12 }}
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /data
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: config
|
||||
configMap:
|
||||
name: {{ include "gitea.fullname" . }}
|
||||
{{- if and .Values.persistence.enabled .Values.persistence.existingClaim }}
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.persistence.existingClaim }}
|
||||
{{- else if not .Values.persistence.enabled }}
|
||||
- name: data
|
||||
emptyDir: {}
|
||||
{{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: data
|
||||
spec:
|
||||
accessModes:
|
||||
{{- range .Values.persistence.accessModes }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
storageClassName: {{ .Values.persistence.storageClass | default "standard" | quote }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.size | quote }}
|
||||
{{- end }}
|
Loading…
Reference in New Issue
Block a user
[log.x] is not a logger - this configuration section does not make sense.