apiVersion: apps/v1 kind: Deployment metadata: name: gitea-web namespace: gitea spec: replicas: 1 selector: matchLabels: app: gitea-web template: metadata: labels: app: gitea-web spec: containers: - name: gitea image: docker.io/gitea/gitea:1.25 ports: - containerPort: 3000 - containerPort: 22 env: - name: USER_UID value: "1000" - name: USER_GID value: "1000" - name: GITEA__database__DB_TYPE value: "postgres" - name: GITEA__database__HOST value: "gitea-db-svc:5432" - name: GITEA__database__NAME value: "gitea" - name: GITEA__database__USER value: "gitea" - name: GITEA__database__PASSWD value: wauiofnasufnweaiufbsdklfjb23456 - name: GITEA__server__ROOT_URL value: "https://git.alexmickelson.guru/" - name: GITEA__server__SSH_DOMAIN value: "gitea-gitea-web-svc.beefalo-newton.ts.net" - name: GITEA__server__SSH_PORT value: "22" - name: GITEA__service__DISABLE_REGISTRATION value: "true" - name: GITEA__service__ALLOW_ONLY_EXTERNAL_REGISTRATION value: "false" - name: GITEA__openid__ENABLE_OPENID_SIGNUP value: "false" volumeMounts: - name: gitea-data mountPath: /data - name: timezone mountPath: /etc/timezone readOnly: true - name: localtime mountPath: /etc/localtime readOnly: true volumes: - name: gitea-data hostPath: path: /data/gitea/data type: DirectoryOrCreate - name: timezone hostPath: path: /etc/timezone - name: localtime hostPath: path: /etc/localtime --- apiVersion: v1 kind: Service metadata: name: gitea-web-svc namespace: gitea annotations: tailscale.com/expose: "true" # exposes IP directly spec: type: NodePort ports: - name: http port: 3000 targetPort: 3000 - name: ssh port: 22 targetPort: 22 selector: app: gitea-web --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: gitea namespace: gitea annotations: cert-manager.io/cluster-issuer: cloudflare-issuer spec: ingressClassName: nginx tls: - hosts: - git.alexmickelson.guru secretName: git-tls-cert2 rules: - host: git.alexmickelson.guru http: paths: - path: / pathType: Prefix backend: service: name: gitea-web-svc port: number: 3000