Generic way for configuring Gitea app.ini (#240)
With the result of PR #239 it is much easier to provide additional values to the _app.ini_ configuration from different sources. These changes adds an _additionalConfigSources_ field where the users can define such sources. This enables the users to choose on their own whether to store values in _values.yaml_ or load them from Kuberetes Secrets or ConfigMaps. - Fixes #243 - Fixes #174 - Fixes #260 Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/240 Reviewed-by: luhahn <luhahn@noreply.gitea.io> Reviewed-by: wxiaoguang <wxiaoguang@noreply.gitea.io> Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io> Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
This commit is contained in:
justusbunsi
luhahn
parent
66683e14df
commit
7b0a1c7ae6
6 changed files with 314 additions and 138 deletions
46
README.md
46
README.md
|
|
@ -272,6 +272,52 @@ The Prometheus `/metrics` endpoint is disabled by default.
|
|||
ENABLED = false
|
||||
```
|
||||
|
||||
### Additional _app.ini_ settings
|
||||
|
||||
> **The [generic](https://docs.gitea.io/en-us/config-cheat-sheet/#overall-default)
|
||||
section cannot be defined that way.**
|
||||
|
||||
Some settings inside _app.ini_ (like passwords or whole authentication configurations)
|
||||
must be considered sensitive and therefore should not be passed via plain text
|
||||
inside the _values.yaml_ file. In times of _GitOps_ the values.yaml could be stored
|
||||
in a Git repository where sensitive data should never be accessible.
|
||||
|
||||
The Helm Chart supports this approach and let the user define custom sources like
|
||||
Kubernetes Secrets to be loaded as environment variables during _app.ini_ creation
|
||||
or update.
|
||||
|
||||
```yaml
|
||||
gitea:
|
||||
additionalConfigSources:
|
||||
- secret:
|
||||
secretName: gitea-app-ini-oauth
|
||||
- configMap:
|
||||
name: gitea-app-ini-plaintext
|
||||
```
|
||||
|
||||
This would mount the two additional volumes (`oauth` and `some-additionals`)
|
||||
from different sources to the init containerwhere the _app.ini_ gets updated.
|
||||
All files mounted that way will be read and converted to environment variables
|
||||
and then added to the _app.ini_ using [environment-to-ini](https://github.com/go-gitea/gitea/tree/main/contrib/environment-to-ini).
|
||||
|
||||
The key of such additional source represents the section inside the _app.ini_.
|
||||
The value for each key can be multiline ini-like definitions.
|
||||
|
||||
In example, the referenced `gitea-app-ini-plaintext` could look like this.
|
||||
|
||||
```yaml
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: gitea-app-ini-plaintext
|
||||
data:
|
||||
session: |
|
||||
PROVIDER=memory
|
||||
SAME_SITE=strict
|
||||
cron.archive_cleanup: |
|
||||
ENABLED=true
|
||||
```
|
||||
|
||||
### External Database
|
||||
|
||||
An external Database can be used instead of builtIn PostgreSQL or MySQL.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue