reorder and clean repo

non_argo_values/gitea_values.yaml

@@ -0,0 +1,127 @@
+# Gitea configuration for TuringPi K3s cluster
+# Self-hosted Git server for ArgoCD integration
+
+# Single replica for homelab
+replicaCount: 1
+
+# Service configuration - LoadBalancer for direct access
+service:
+  http:
+    type: LoadBalancer
+    port: 3000
+    # MetalLB will assign an IP
+  ssh:
+    type: LoadBalancer
+    port: 22
+    # For git SSH access
+
+# Ingress for web access  
+ingress:
+  enabled: true
+  className: traefik
+  pathType: Prefix
+  annotations:
+    # Restrict to LAN access (matching your existing pattern)
+    traefik.ingress.kubernetes.io/whitelist.sourcerange: "192.168.0.0/16,10.0.0.0/8,172.16.0.0/12"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+  hosts:
+    - host: gitea.gilgamezh.me
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: gitea-tls
+      hosts:
+        - gitea.gilgamezh.me
+
+# Storage using your NFS setup
+persistence:
+  enabled: true
+  create: true
+  storageClass: "nfs-client"  # Your existing NFS storage class
+  size: 20Gi
+  accessModes:
+    - ReadWriteOnce
+
+# Database - use PostgreSQL for production-ready setup
+postgresql:
+  enabled: true
+  auth:
+    username: gitea
+    database: gitea
+    # Password will be auto-generated
+  primary:
+    persistence:
+      enabled: true
+      storageClass: "nfs-client"
+      size: 10Gi
+
+# Disable PostgreSQL HA (since we're enabling regular postgresql)
+postgresql-ha:
+  enabled: false
+
+# Disable Valkey cluster (Redis alternative) - not needed for homelab
+valkey-cluster:
+  enabled: false
+
+# Gitea configuration
+gitea:
+  cache:
+    enabled: false
+  admin:
+    username: admin
+    password: "gitea-admin-pass"  # Change this!
+    email: "admin@gilgamezh.me"
+
+  config:
+    APP_NAME: "TuringPi Gitea"
+    RUN_MODE: prod
+    
+    server:
+      DOMAIN: gitea.gilgamezh.me
+      SSH_DOMAIN: gitea.gilgamezh.me
+      ROOT_URL: https://gitea.gilgamezh.me
+      PROTOCOL: http
+      DISABLE_SSH: false
+      SSH_PORT: 22
+      LFS_START_SERVER: true
+    
+    database:
+      DB_TYPE: postgres
+    
+    security:
+      INSTALL_LOCK: true
+    
+    service:
+      DISABLE_REGISTRATION: false  # Allow user registration
+      REQUIRE_SIGNIN_VIEW: false   # Allow anonymous viewing of public repos
+    
+    ui:
+      DEFAULT_THEME: gitea-dark
+    
+    repository:
+      DEFAULT_PRIVATE: false       # Public repos by default for easier ArgoCD access
+    
+    ssh.minimum_key_sizes:
+      RSA: 1024                    # Allow 2048-bit RSA keys
+      ECDSA: 256
+      ED25519: 256
+
+# Resource limits (adjust based on your node capacity)
+resources:
+  limits:
+    cpu: 1000m
+    memory: 1Gi
+  requests:
+    cpu: 100m
+    memory: 256Mi
+
+# Node affinity (prefer worker nodes, avoid control plane)
+affinity:
+  nodeAffinity:
+    preferredDuringSchedulingIgnoredDuringExecution:
+    - weight: 100
+      preference:
+        matchExpressions:
+        - key: node-role.kubernetes.io/control-plane
+          operator: DoesNotExist