Thanks to visit codestin.com
Credit goes to github.com

Skip to content

kevchu3/openshift-gitea

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
gitea
gitea
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Gitea Deployment on OpenShift

The following documentation is based off of instructions for a Gitea installation on Kubernetes and adapted for Red Hat OpenShift.

Installation

Install Helm chart:

$ oc create ns gitea
$ oc config set-context --current --namespace=gitea
$ helm repo add gitea-charts https://dl.gitea.io/charts/
$ helm install gitea gitea-charts/gitea -f values.yaml
$ helm repo list
$ helm list

# Customizations on Gitea Helm chart gitea-10.1.3
$ oc adm policy add-scc-to-user nonroot-v2 -z gitea-postgresql

Update the Postgresql StatefulSet to address this issue: bitnami/charts#22511

$ oc edit statefulset gitea-postgresql

spec.template.spec.containers[0].securityContext.seLinuxOptions: null

Apply custom Gitea configurations:

$ oc edit secret gitea-inline-config -n gitea
### or ###
$ oc apply -f gitea/gitea-inline-config.secret.yaml

Create a route via either method:

$ oc create route passthrough gitea-http --hostname=gitea.example.com \
  --service gitea-http --insecure-policy='Redirect' --port='http'
### or ###
$ oc apply -f gitea-http.route.yaml

Gitea’s deployments run as a known user and PodSecurityStandards should be set to baseline for the pods to run.

$ oc label --overwrite ns gitea pod-security.kubernetes.io/enforce=baseline
$ oc adm policy add-scc-to-user privileged -z default -n gitea

Upload certificate to data directory in pod (backed by persistent volume):

$ oc rsh gitea-7cc448d79f-72s5p
Defaulted container "gitea" out of: gitea, init-directories (init), init-app-ini (init), configure-gitea (init)
# cd /data/gitea/certs/
# vi cert.pem
# vi key.pem
# chmod 664 cert.pem
# chmod 660 key.pem
# chown git:git cert.pem
# chown git:git key.pem

Configure certificates and enable Gitea Actions in gitea-inline-config Secret, and restart pod:

Configure Gitea in gitea.server.config, convert to base64, edit gitea-inline-config Secret, and restart pod. Also, view app.ini to confirm configuration:

$ oc apply -f gitea/gitea-inline-config.secret.yaml
$ oc delete pod gitea-7cc448d79f-72s5p
$ oc rsh gitea-7cc448d79f-4g27b
/ # cat /data/gitea/conf/app.ini

Create Gitea admin user:

$ oc rsh gitea-7cc448d79f-4g27b
Defaulted container "gitea" out of: gitea, init-directories (init), init-app-ini (init), configure-gitea (init)
# gitea admin user create --admin --username <username> --password <password> --email <email>

Optionally, update Gitea Helm chart:

helm repo update gitea-charts
helm upgrade gitea gitea-charts/gitea -f values.yaml
helm list

Further Reading

The instructions in this Git repository were used in this published Red Hat Blog to stand up Gitea on MicroShift

About

Gitea Deployment on OpenShift

Topics

openshift gitea

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published