git/homelab_gitops
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ci: redeploy forgejo via flux cd (git.patanix.de, 40GiB PVC, SOPS)

Browse source
This commit is contained in:
Patryk Hegenberg 2025-05-26 13:53:17 +02:00
parent a4e842a4e4
commit a4b390a2cc
11 changed files with 46 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

0
apps/forgejo_old/certificate.yaml → apps/forgejo/certificate.yaml
View file

37
apps/forgejo/forgejo-admin-secret.yaml Normal file
View file

@ -0,0 +1,37 @@
apiVersion: v1
kind: Secret
metadata:
name: forgejo-admin
namespace: forgejo
type: Opaque
stringData:
username: ENC[AES256_GCM,data:5U+NQFI=,iv:Hy4WQ1iSSDGY1/hZeqvUlUmbH2DzrFaIMRXHhPFFNao=,tag:ssIQ38hN5dqBamzKfqOntA==,type:str]
email: ENC[AES256_GCM,data:TkA4de0xPhpa6vNh8yqgUDxpTiFnQjbVcg==,iv:BCrKyx52wvCdXXKPDqQpCEt5LL3pe13MAb0SBx4cU2E=,tag:lnjjPIxSOMgqrhAeFCqI/w==,type:str]
password: ENC[AES256_GCM,data:m+UcNRE/KjJuZn4=,iv:FHE0gAQo+jJluWyjhDcxqKfxKsh2+MNCnU0oCBZJ15M=,tag:3TBBB9N4l1CkQPovPGzXNw==,type:str]
sops:
lastmodified: "2025-05-26T11:50:42Z"
mac: ENC[AES256_GCM,data:QCmUknliiOFBXfVNzYNjdtHMG+ZNC9WyQT7Q6+zhJAeFr2CbpsMmlqHFuKj68c7zlty6ZZpc58ZVMnp6l29n9YTPNKjNlIbtkVYcd3SPnAEOiiYXyxymJdPjWmRwi1XxsfVPkG8Vb0psWtRuHgJxpDsGWEPFMDw9B2pyRITBPEw=,iv:YsX7bSb5Exzb1fs/ZfVQiz5yFUkL1YDTag+1zHSYUk8=,tag:PR3/N9QdJ1X++6Og6FLWLQ==,type:str]
pgp:
- created_at: "2025-05-26T11:50:42Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxd/Yh1BfDklARAAk/2MvtyJYevYh6DMMdOlj+KwjAifju/T1a9/yEdVZEOA
8EC+zq49NIIkrpw3vy18TMSg0Sp4jDUatIjN06zrmPZp6p5x26VDjOcuNiyZIgp+
6IFs2yvPk7rqExC/4eOK3BS7YWcBPTrhFCMBLaeWOi+Ku1qmTmPNufogUp7/RcHF
Sk9lqtiGcGvV7nQs+SXakgxnI019AJ5y3DBkACJwLaTBZaCc8ebCVJpuBhQpBuql
ArtL7l8FEf5Yy8WZny9agK+sRZc3LugFS+XVlVKzfY53tPIanwYqdFQbXCAcKXXp
zAqR6f15+lpCIKjoPbBgrmun+OtyGHfFelaQFnLQwefAUFiS2lGlukgHdC8B9yjk
iw6uCM3NPAdtzDoHlE5AdkauXF2vfW0yvnaCOzh3ogsMsQG9VbcRXQUXx2SUW+2r
BNJUaiGnRMoMFjsms6TSY7EMFT7dnyRGOlhFZLocEDBzfjsCvvuvuOoyrw1gTiJw
tgT685+Su80qbtTrfWGx7tewhFn/ERklgLFWa3WrJxXmfajpI4ksardtB5EclnMb
b9uV95WroK5C3IbE2q8y2qpt51tizUZCMYHNOr0XdBGgkwkMtPRAdTnXABaiBgfk
dNOHL1sMngT7tfVuazPPV5KuCYJ47aKFNjTq7PyDkU+Y/5xqa2yOGn43wSjJXJ7U
aAEJAhDXjJgiE9z5Fms0y1Q6PJzZB40EKyOYidhV64YqOeNMb4rEwsr41t+jo5EY
x0HAkWPxAtcLGHn31jZtwGN0sMyHQ8wMjNFaGzIOFaLYHGB5mHWKcKPgItMp3rDR
5DZ8W+sMt4Df
=OK0Y
-----END PGP MESSAGE-----
fp: F20CF3DE0B4ACDFCAF07A9D76399FB237185E764
encrypted_regex: ^(data|stringData)$
version: 3.10.2

13
apps/forgejo_old/helmrelease.yaml → apps/forgejo/helmrelease.yaml
View file

@ -12,7 +12,8 @@ spec:
values:
persistence:
enabled: true
claimName: forgejo-data
size: 40Gi
storageClass: local-path
ingress:
enabled: true
className: traefik
@ -40,13 +41,3 @@ spec:
enabled: false
postgresql:
enabled: true
auth:
existingSecret: forgejo-postgres
usernameKey: username
passwordKey: password
databaseKey: database
primary:
persistence:
enabled: true
storageClass: local-path
size: 8Gi

2
apps/forgejo_old/kustomization.yaml → apps/forgejo/kustomization.yaml
View file

@ -2,8 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- pvc.yaml
- forgejo-admin-secret.yaml
- forgejo-postgres-secret.yaml
- helmrelease.yaml
- certificate.yaml

0
apps/forgejo_old/namespace.yaml → apps/forgejo/namespace.yaml
View file

37
apps/forgejo_old/forgejo-admin-secret.yaml
View file

@ -1,37 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: forgejo-admin
namespace: forgejo
type: Opaque
stringData:
username: ENC[AES256_GCM,data:fMYot9k=,iv:pYWAXZJwbeGkVYqkkCwy+mt2+C/nV0htJTLElbCsC9w=,tag:uHCY5wXI2Hw5evHmLvjGGA==,type:str]
email: ENC[AES256_GCM,data:qmtRbInJDiFatiZ9/+UfqzLThgEAZHXG+g==,iv:jLL8HQOlp26DucUd6926FiddgdXAgPlRg0Bh/TYSFGg=,tag:jFwn/W4yim/FAS8Inh0/fw==,type:str]
password: ENC[AES256_GCM,data:/H3kA+soznxZAME=,iv:pCtsO6HWYXYu7hbhQw+8dnHbBztmsQc2jDfMztZMY/g=,tag:4eUxzfwuBOF3fG3dUqMPkw==,type:str]
sops:
lastmodified: "2025-05-26T05:35:31Z"
mac: ENC[AES256_GCM,data:P1dvbZRm3YtrV1Xj8WuvTVWbmyaj3Grejlrs8QqmNawFyetAQo0by0iGsYvWzPhTbLbrK6GS/WOfc+hW85asRuresXDaJCzfuYcJX0wav5z4P5hrTDZDV/Mi1jgZ3v75ZVHqTqV7m0kCY0tgRCDyGL0FKi9gqLO2SPjPgMUKCHM=,iv:BARvvC59BgmghzunnihyVIiNenA+hd0k8XRh5H7QL9c=,tag:E05gPL7F+RfMyFX1qUrpog==,type:str]
pgp:
- created_at: "2025-05-26T05:35:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxd/Yh1BfDklAQ//QOjSRd8bXDBaiCel1n5BnudTkPcZuHNeR0HQtAVG4eHh
FT32Zq18mdaIDyLFuDHbyERICBZFs4d/JuXOblbmg2FvIUhR4a/egiaAGSdu6kqZ
VUYmDZyVkE2pdHb47wKazzQ6/QVQ3LTWDBMOMCS2svMrVcMskw6qAVT3nqTXWTT0
P6qwCCbNF+SMtn6K8QR8ihbF0nbjvVgafyKVFU/jmagu4P9th2nhpeePpc0HXAii
+PnTi88TJ/OH0qPtZsqP90WICQkJ9IbHKH7cNf/Q4qn2K2KtfgUZJJJLDuqDwsKL
4h34T3U+QOZUVgmEeyfGAvgVN95sIvnXjcab0TTtZCajjTy4RvjJ19x3iRYKEMwW
vAsuztDUFb7PYk2xOxCQHUf8eZVKL4immIIkQ5+ERKGGjV3lWakeiVfIGjqHy3U3
I1tEpQ+fT/aQGx7UyIeu1Aa/s9yhBWwpcwddXG5P52f2CagzjqvIE+qFKtrDyyUm
PR1/dIi1lhbCkMMr9q93y06xOLvxgvWedV4prtOCQnsadbZoCFOgGJFrAXZ3nQmo
iu5UG4cZU29kuN4GLItXpowusLXXquGH9lXF0MKrDIyOhf3k9b1DNoF1Vir2K7jg
+XkN+T2n+GfOswp4WJx7am2P/jK0/4WuwWhCq+t/I80u/jKuttytKqXrZ+nHBanU
aAEJAhDihxbI/EkSjsK7yMXrF2oA/s8eRSrh9t3FtdbkSLPPjp2pNR80CrcBW1+5
74S1hKyv637XyIDdG61ELiJ0Rz6YolshZo2g37+Y7udX0F9exVZX5GcosEpWzjzE
UCRfv3bJp/E4
=oQ/p
-----END PGP MESSAGE-----
fp: F20CF3DE0B4ACDFCAF07A9D76399FB237185E764
encrypted_regex: ^(data|stringData)$
version: 3.10.2

37
apps/forgejo_old/forgejo-postgres-secret.yaml
View file

@ -1,37 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: forgejo-postgres
namespace: forgejo
type: Opaque
stringData:
username: ENC[AES256_GCM,data:SrsQroRI4Q==,iv:60++AtrrZQg276MWhkMNSRvUKZt9sSNdEsN4XLxYs9A=,tag:wEaLWyRuzubtwIL8nREMag==,type:str]
password: ENC[AES256_GCM,data:1sztMSfu3eUHGrgd7e1y/J43iA==,iv:03exRVv/gtUtT7LhtFddABcfqcAPzq5dp+BjMdhkcNw=,tag:kOfD4z2RZ8He+M7qTTolbA==,type:str]
database: ENC[AES256_GCM,data:sfHkbJou7g==,iv:8lAo1twQaK49im+aPf6MUCkO1b9dhEK2fqV36nUl4pA=,tag:Dio2jAtTN6tr22GB6SmsjA==,type:str]
sops:
lastmodified: "2025-05-26T06:41:42Z"
mac: ENC[AES256_GCM,data:SbXg8wCo/FYUF+yZyq5L27ZdKwlT9B1KlJF7ZDGZw3X2IEJ6LaEba7ZD02Vz51x9Ii9l1pUjk5dkn3R63tnd0NLvvN3VbVgGU26C25VBV5wETQLHmiPnNhyhfWV1IKJ1DheN4b16QaEaRx1Ul2PFzeRMoVHnHVc/tJE1CDZfcqE=,iv:CjJAqZIj5xVOMZxsSL/JfiiJyU9Ho5dNilseQtvr5fM=,tag:21sK5zO6z8uEP8LyDmyWbw==,type:str]
pgp:
- created_at: "2025-05-26T06:41:42Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxd/Yh1BfDklAQ/8CCD+vpiYa48qNhWsBOwRvxaXYjbR7UC2vKvZmWKpLm4i
v30/t2MsPMcbxzYuvzNJPvuyz5ItHahimdnYGfBPx3RK0I77s5pRHCnMi/tArdjF
gidZEhk4XtGIvpqiMgrjKLmJrGxINeBXjoAW0WQJdaiFFfVZkTnm5iKQfd+AYXZ3
DHQw5prU8xQPLpMz7BqOxw9XtsVWdlDJ258Kv3+rTW7ddUB2seawA/PiLCr2sMEV
iruz69ivHQvX+vc5EKOlzWUIQBeVrP5qYdisx6LBspxcxOXTil/mN4bXNsjSolJ4
iR3z4B+bM2APgrri8UT3Lmg44TmhfvTtZ9YGl7OqMmY0e7hPHFsWCF1WMNo7XQ6q
tJtgHNTu0+HPWF21a5u0ZqqDEaqU6vvZUnVvSv7f5RvqP6TGUI71uP3C4SddE+kJ
do+g2KxHy63Orc30eReja9aDiBFaJwhfFtZAT2/1+y1sFG2FMS+2d50O+OdEBE1j
RRHV+bXgCk9eLaXSGFlbLF/Ck/jRrg+USRg9/wr5sy7JugVaVMBdmtqw1Ndf6ALj
ozrJ9VaDlL4tiICnFY9rKF7dRfodcZjlmvjsoc8wU5tE0TTSQsmk0i+d09q23C8C
Cd26E6NzaxZYPsD7NFYhxoSTggfsjwGxxKhvdtkpkfoe8wn7YhrKQqFXViipSXTU
aAEJAhC7KIYN6CQ2Gsppjk4z5JwtPQ1dWbMX02vXjKA4xiThOP3nw5mXYmODY8l7
3DYGMrNyixXnRsxhCRg8B+68h/wq6yoR6MhPogJBEthRY+ABnUI1fOI5Ba1/akSU
83ka8/BfPZdu
=LoCO
-----END PGP MESSAGE-----
fp: F20CF3DE0B4ACDFCAF07A9D76399FB237185E764
encrypted_regex: ^(data|stringData)$
version: 3.10.2

12
apps/forgejo_old/pvc.yaml
View file

@ -1,12 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: forgejo-data
namespace: forgejo
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 40Gi
storageClassName: local-path

3
apps/kustomization.yaml
View file

@ -3,5 +3,4 @@ kind: Kustomization
resources:
- home-assistant/
- kitchenowl/
# - gitea/
# - forgejo/
- forgejo/

4
clusters/production/kustomization.yaml
View file

@ -3,7 +3,7 @@ kind: Kustomization
resources:
- cert-manager.yaml
- kitchenowl.yaml
# - gitea.yaml
# - ocirepository.yaml
- forgejo.yaml
- ocirepository.yaml
- ../../infrastructure
- ../../apps

6
apps/forgejo_old/helmrepository.yaml → infrastructure/ocirepositories/forgejo.yaml
View file

@ -1,8 +1,10 @@
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
kind: OCIRepository
metadata:
name: forgejo
namespace: flux-system
spec:
interval: 30m
url: https://codeberg.org/forgejo-contrib/forgejo-helm/raw/branch/main/charts/
url: oci://code.forgejo.org/forgejo-helm/forgejo
ref:
tag: "12.5.1"