gitea_enabled: true
gitea_publish_web: false
gitea_publish_ssh: false
gitea_use_external_db: true
gitea_ingress_class: "{{ gitea_namespace | default(namespace) }}-{{ 'public' if gitea_publish_web else 'private' }}-gitea-ingress-nginx"
gitea_default_values:
  config:
    disableInstaller: true
    admin_user: "{{ gitea_admin_user | default('gitea') }}"
    admin_pass: "{{ gitea_admin_pass | default(gitea_admin_password) }}"
    mailer:
      domain: "{{ mail_domain | default(domain) }}"
      enabled: true
      host: "mail.{{ mail_domain | default(domain) }}:465"
      skip_verify: false
      is_tls_enabled: true
      from: "gitea@{{ mail_domain | default(domain) }}"
      user: "{{ gitea_ldap_user | default('gitea') }}"
      passwd: "{{ gitea_ldap_pass | default(gitea_ldap_password) }}"
  ingress:
    ## Set to true to enable ingress record generation
    enabled: true
    ## When the ingress is enabled, a host pointing to this will be created
    hostname: "gitea.{{ domain }}"
    annotations:
      cert-manager.io/cluster-issuer: "letsencrypt-prod"
      cert-manager.io/acme-dns01-provider: "rfc2136"
      cert-manager.io/acme-challenge-type: "dns01"
      kubernetes.io/ingress.class: "{{ gitea_ingress_class }}"
      nginx.ingress.kubernetes.io/proxy-body-size: "0"
      nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
      nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
      kubernetes.io/tls-acme: "true"
      #
    ## The list of additional hostnames to be covered with this ingress record.
    ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array
    # hosts:
    # - name: git.example.com
    #   path: /
    tls:    
     - hosts:    
       - "gitea.{{ domain }}"
       secretName: "gitea.{{ domain }}-tls" 
  service:
    type: ClusterIP
    ## This can stay as ClusterIP as (by default) we use ingress
    http:
      port: 3000
      ## Make the external port available
      # externalPort: 8082
      # externalHost: gitea.local
    ## SSH is commonly on port 22
    ssh:
      port: 22
      ## If serving on a different external port used for determining the ssh url in the gui
      # externalPort: 22
      # externalHost: gitea.local
      # externalIPs: []
  persistence:
    enabled: true
    # existingGiteaClaim: gitea-gitea
    accessMode: "{{ gitea_storage_mode | default('ReadWriteMany') }}"
    size: "{{ gitea_size | default('20Gi') }}"
    storageClass: "{{ gitea_storage | default('nfs-ssd') }}"
    ## addtional annotations for PVCs. Uncommenting will prevent the PVC from being deleted.
    annotations:
      "helm.sh/resource-policy": keep
  lfs:
    enabled: "{{ gitea_lfs | default(true) }}"
    accessMode: "{{ gitea_lfs_storage_mode | default('ReadWriteMany') }}"
    size: "{{ gitea_lfs_size | default('50Gi') }}"
    storageClass: "{{ gitea_lfs_storage | default('nfs-hdd') }}"
    annotations:
      "helm.sh/resource-policy": keep
  mariadb:
    enabled: false
  externalDB:
    enabled: true
    dbType: "postgres"
    dbHost: "{{ postgres_db_team | default(namespace) }}-postgres.{{ postgres_db_namespace | default(namespace) }}.svc.cluster.local"
    dbPort: "5432"
    dbDatabase: "gitea"
    dbUser: "{{ gitea_db_username | default(omit)}}"
    dbPassword: "{{ gitea_db_password | default(omit) }}"

gitea_publush_ingress_nginx_values:
  controller:
    config:
      use-proxy-protocol: true
      use-forward-headers: true
      compute-full-forward-for: true
    service:
      externalTrafficPolicy: Local

gitea_ingress_nginx_default_values:
  controller:
    containerPort:
      ssh: 22
      http: 80
      https: 443
    publishService:
      enabled: true
    scope:
      enabled: true
    extraArgs:
      tcp-services-configmap: "{{ gitea_namespace | default(namespace) }}/{{ gitea_ingress_nginx_name | default(namespace + '-gitea-ingress-nginx') }}-tcp"
    service:
      enabled: true
      type: LoadBalancer
      loadBalancerIP: "{{ gitea_loadbalancer_ip | default(omit) }}"
      ports:
        ssh: 22
        http: 80
        https: 443
      targetPorts:
        ssh: ssh
        http: http
        https: https
    ingressClass: "{{ gitea_ingress_class }}"
  tcp: 
    22: "{{ gitea_namespace | default(namespace) }}/gitea-gitea-svc:22"

gitea_dns_default_values:
  fullnameOverride: "{{ gitea_dns_name | default(namespace + '-gitea-internal-dns') }}"
  annotationFilter: "kubernetes.io/ingress.class={{ gitea_ingress_class }}"
  domainFilters: ["{{ domain }}"]
  provider: rfc2136
  rfc2136:
    host: "{{ dns_ip }}"
    port: 53
    zone: "{{ domain }}"
    tsigSecret: "{{ k8s_tsig }}"
    tsigSecretAlg: "{{ gitea_dns_tsigSecretAlg | default('hmac-sha512') }}"
    tsigKeyname: "{{ gitea_dns_tsigKeyname | default('k8s') }}"
    tsigAxfr: true
    ## Possible units [ns, us, ms, s, m, h], see more https://golang.org/pkg/time/#ParseDuration
    minTTL: "30s"