78 lines
2.6 KiB
HCL
78 lines
2.6 KiB
HCL
resource "kubernetes_secret_v1" "gitea_inline_config" {
|
|
metadata {
|
|
name = "gitea-inline-config"
|
|
namespace = var.namespace
|
|
labels = local.common-labels
|
|
}
|
|
|
|
data = {
|
|
"_generals_" = ""
|
|
metrics = "ENABLED=true"
|
|
security = "INSTALL_LOCK=true"
|
|
service = "DISABLE_REGISTRATION=${var.disable-registration}"
|
|
cache = <<-EOF
|
|
ADAPTER=redis
|
|
ENABLED=true
|
|
HOST=redis://:@${var.instance}-${var.component}-redis-headless.${var.namespace}.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
|
|
EOF
|
|
queue = <<-EOF
|
|
CONN_STR=redis://:@${var.instance}-${var.component}-redis-headless.${var.namespace}.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
|
|
TYPE=redis
|
|
EOF
|
|
session = <<-EOF
|
|
PROVIDER=redis
|
|
PROVIDER_CONFIG=redis://:@${var.instance}-${var.component}-redis-headless.${var.namespace}.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
|
|
EOF
|
|
indexer = <<-EOF
|
|
ISSUE_INDEXER_TYPE=bleve
|
|
REPO_INDEXER_ENABLED=true
|
|
EOF
|
|
database = <<-EOF
|
|
DB_TYPE=postgres
|
|
HOST=${var.instance}-${var.component}-pg-rw.${var.namespace}.svc:5432
|
|
NAME=${var.component}
|
|
PASSWD=${data.kubernetes_secret_v1.postgresql_password.data["password"]}
|
|
USER=${data.kubernetes_secret_v1.postgresql_password.data["username"]}
|
|
EOF
|
|
repository = <<-EOF
|
|
DEFAULT_BRANCH=${var.default-branch}
|
|
DEFAULT_PUSH_CREATE_PRIVATE=${var.push-create.private}
|
|
ENABLE_PUSH_CREATE_ORG=${var.push-create.org}
|
|
ENABLE_PUSH_CREATE_USER=${var.push-create.user}
|
|
ROOT=/data/git/gitea-repositories
|
|
EOF
|
|
server = <<-EOF
|
|
APP_DATA_PATH=/data
|
|
DOMAIN=${var.sub_domain}.${var.domain_name}
|
|
ENABLE_PPROF=false
|
|
HTTP_PORT=3000
|
|
PROTOCOL=http
|
|
ROOT_URL=https://${var.sub_domain}.${var.domain_name}
|
|
SSH_DOMAIN=${var.sub_domain}.${var.domain_name}
|
|
SSH_LISTEN_PORT=2222
|
|
SSH_PORT=${var.ssh-port}
|
|
SSH_DOMAIN=${var.ssh-sub_domain}.${var.domain_name}
|
|
START_SSH_SERVER=true
|
|
EOF
|
|
ui = <<-EOF
|
|
DEFAULT_THEME=${var.theme}
|
|
SHOW_USER_EMAIL=false
|
|
THEMES=auto,gitea,arc-green,edge-auto,edge-dark,edge-light,everforest-auto,everforest-dark,everforest-light,gitea-modern,gruvbox-auto,gruvbox-dark,gruvbox-light,gruvbox-material-auto,gruvbox-material-dark,gruvbox-material-light,palenight,soft-era,sonokai-andromeda,sonokai-atlantis,sonokai-espresso,sonokai-maia,sonokai-shusia,sonokai,theme-nord
|
|
EOF
|
|
webhook = <<-EOF
|
|
ALLOWED_HOST_LIST=${var.webhook.allowed-hosts}
|
|
SKIP_TLS_VERIFY=${var.webhook.skip-tls-verify}
|
|
EOF
|
|
openid = <<-EOF
|
|
ENABLE_OPENID_SIGNIN=true
|
|
ENABLE_OPENID_SIGNUP=true
|
|
EOF
|
|
oauth2_client = <<-EOF
|
|
REGISTER_EMAIL_CONFIRM=false
|
|
ENABLE_AUTO_REGISTRATION=true
|
|
ACCOUNT_LINKING=auto
|
|
OPENID_CONNECT_SCOPES=openid email profile
|
|
EOF
|
|
}
|
|
}
|