apiVersion: v1
kind: Namespace
metadata:
  name: @{config_values.namespace}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gitea-data
  namespace: @{config_values.namespace}
spec:
  accessModes: [ "ReadWriteOnce" ]
  resources: { requests: { storage: @{config_values.storage_size} } }
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: gitea
  namespace: @{config_values.namespace}
spec:
  replicas: 1
  selector:
    matchLabels: { app: gitea }
  template:
    metadata:
      labels: { app: gitea }
    spec:
      securityContext:
        fsGroup: 1000
      containers:
        - name: gitea
          image: gitea/gitea:1.22-rootless
          imagePullPolicy: IfNotPresent
          ports:
            - name: http
              containerPort: @{config_values.http_port}
          env:
            - name: GITEA__server__ROOT_URL
              value: "@{config_values.root_url}"
            - name: GITEA__server__PROTOCOL
              value: "http"
            - name: GITEA__server__HTTP_PORT
              value: "@{config_values.http_port}"
            - name: GITEA__server__DOMAIN
              value: "@{config_values.domain}"
            - name: GITEA__server__START_SSH_SERVER
              value: "false"
            - name: GITEA__database__DB_TYPE
              value: "@{config_values.db_type}"
@if config_values.db_type == 'sqlite3'
            - name: GITEA__database__PATH
              value: "@{config_values.db_path}"
@end
@if config_values.db_type == 'postgres'
            - name: GITEA__database__HOST
              value: "@{config_values.db_host}"
            - name: GITEA__database__NAME
              value: "@{config_values.db_name}"
            - name: GITEA__database__USER
              value: "@{config_values.db_user}"
            - name: GITEA__database__PASSWD
              value: "@{config_values.db_password}"
@end
            - name: GITEA__service__DISABLE_REGISTRATION
              value: "@{config_values.disable_registration}"
          volumeMounts:
            - name: data
              mountPath: /data
          readinessProbe:
            httpGet: { path: /, port: @{config_values.http_port} }
            initialDelaySeconds: 20
            periodSeconds: 10
      volumes:
        - name: data
          persistentVolumeClaim:
            claimName: gitea-data
---
apiVersion: v1
kind: Service
metadata:
  name: gitea
  namespace: @{config_values.namespace}
spec:
  selector: { app: gitea }
  ports:
    - name: http
      port: @{config_values.http_port}
      targetPort: @{config_values.http_port}
  type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: gitea
  namespace: @{config_values.namespace}
spec:
  ingressClassName: traefik
  rules:
    - host: @{config_values.domain}
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: gitea
                port:
                  number: @{config_values.http_port}