This is using haproxy-ingress to support forwarding SSH on port 22
Since we're using cert-manager with ingress to get Let's Encrypt certs,
we're not using the Let's Encrypt functionality that's part of Gitea. To
run this we need to change the config file, have Gitea run on port 3000
as HTTP and disable all the Let's Encrypt config keys. Currently the
gitea-ingress.yaml uses the letsencrypt-staging ClusterIssuer
This has been tested on a local Kubernetes cluster using Docker for Mac
The Docker image is used in the initialization process, to copy
everything in the custom folder to the Gitea data dir (mounted as a
persistent volume). It is built using Packer and is based on the busybox
image, so we can use its minimalist shell system to copy files and set
permissions
Based on recent usage stats. If these are not set, the scheduler's
capacity check doesn't work and it will place new pods on nodes that are
actually not free enough for them.
For now it is only labels, but adding anything supported will work
(robots.txt, public files, templates, etc)
The content will be copied to the /data/gitea/ folder that is a mounted
persistent volume
https://docs.gitea.io/en-us/customizing-gitea/
This includes all the resources currently running on https://gitea.kosmos.org
It sets up a persistent data volume for the MySQL database, one for the
Gitea data, that Gitea calls the custom folder (config, attachment,
avatars, logs, etc). We mount that persistent data volume as
/data/gitea. It also creates a Let's Encrypt certificate for
gitea.kosmos.org, also saved to the custom folder.
This also includes two scripts:
* `./script/get_secrets` downloads the secrets to the local filesystem so
they can be edited
* `./script/replace_secrets` deletes the remote secrets and creates them
again from the local ones in kubernetes/config/*
Closes#6