apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gitea-pvc
  namespace: apps
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: longhorn
  resources:
    requests:
      storage: 5Gi
    limits:
      storage: 5Gi
---
apiVersion: v1
kind: Service
metadata:
  name: gitea
  namespace: apps
spec:
  type: NodePort
  ports:
    - port: 3000
      name: frontend
      targetPort: 3000
    - port: 30022
      name: ssh
      targetPort: 30022
      nodePort: 30022
  selector:
    app: gitea
---
# apiVersion: v1
# kind: Pod
# metadata:
#   name: gitea-debug
#   namespace: apps
# spec:
#   containers:
#     - name: gitea-debug
#       image: busybox
#       command: ["/bin/sh"]
#       args: ["-c", "while true; do sleep 30; done;"]
#       volumeMounts:
#         - mountPath: /data
#           name: gitea-data
#   volumes:
#     - name: gitea-data
#       persistentVolumeClaim:
#         claimName: gitea-pvc
# ---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: gitea
  namespace: apps
spec:
  replicas: 1
  selector:
    matchLabels:
      app: gitea
  template:
    metadata:
      labels:
        app: gitea
    spec:
      containers:
        - name: gitea
          image: gitea/gitea:1.21.1
          env:
            - name: USER_UID
              value: "1000"
            - name: USER_GID
              value: "1000"
            - name: DISABLE_REGISTRATION
              value: "true"
            - name: START_SSH_SERVER
              value: "true"
            - name: SSH_PORT
              value: "30022"
            - name: SSH_LISTEN_PORT
              value: "30022"
            - name: GITEA__database__DB_TYPE
              value: "postgres"
            - name: GITEA__database__HOST
              value: "postgres.databases:5432"
            - name: GITEA__database__NAME
              value: "gitea"
            - name: GITEA__database__USER
              value: "postgres"
            - name: GITEA__database__PASSWD
              valueFrom:
                secretKeyRef:
                  name: secrets
                  key: POSTGRES_PASSWORD
          ports:
            - containerPort: 3000
            - containerPort: 30022
          volumeMounts:
            - mountPath: /data
              name: gitea-data
            - mountPath: /etc/timezone
              name: timezone
              readOnly: true
            - mountPath: /etc/localtime
              name: localtime
              readOnly: true
      volumes:
        - name: gitea-data
          persistentVolumeClaim:
            claimName: gitea-pvc
        - name: timezone
          hostPath:
            path: /etc/timezone
            type: File
        - name: localtime
          hostPath:
            path: /etc/localtime
            type: File
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: gitea
  namespace: apps
spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`gitea.nocodelytics.com`)
      kind: Rule
      services:
        - name: gitea
          port: 3000
#      middlewares:
#        - name: https-redirect
#          namespace: default
#        - name: http-auth
#          namespace: default
  tls:
    certResolver: letsencrypt
    domains:
      - main: gitea.nocodelytics.com