---
apiVersion: v1
kind: Secret
metadata:
  name: gitea-admin-pass
  annotations:
    secret-generator.v1.mittwald.de/autogenerate: password
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: gitea
spec:
  replicas: 1
  selector:
    matchLabels:
      app: gitea
  template:
    metadata:
      labels:
        app: gitea
    spec:
      containers:
      - name: gitea
        image: gitea/gitea
        ports:
        - containerPort: 22
          name: ssh
        - containerPort: 3000
          name: http
        volumeMounts:
        - name: gitea-persistent-storage
          mountPath: /data
          subPath: backup/gitea/gitea/data
      volumes:
      - name: gitea-persistent-storage
        persistentVolumeClaim:
          claimName: homey-pvc-nfs
---
apiVersion: v1
kind: Service
metadata:
  name: gitea-svc
spec:
  selector:
    app: gitea
  ports:
  - name: ssh
    protocol: TCP
    port: 3000
    targetPort: http
  selector:
    app: gitea
---
apiVersion: v1
kind: Service
metadata:
  name: gitea-svc-ssh
spec:
  type: NodePort
  selector:
    app: gitea
  ports:
  - name: ssh
    protocol: TCP
    port: 22
    targetPort: ssh
    nodePort: 32222
  selector:
    app: gitea
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: gitea-ingress
  annotations:
      kubernetes.io/ingress.allow-http: "false"
      ingress.kubernetes.io/auth-type: forward
      ingress.kubernetes.io/auth-url: http://ldap-auth.{{ .Release.Namespace }}.svc.cluster.local:80
spec:
  rules:
  - host: git.{{ .Values.homey.url }}
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: gitea-svc
            port:
              number: 3000