---

k8s_gitea_helm__release_values:
  gitea:
    admin:
      username: '{{ gitea_admin_username }}'
      password: '{{ gitea_admin_password }}'
      email: '{{ devops_email_address }}' 
    config:
      cache:
        ENABLED: false
    startupProbe:
      tcpSocket:
        port: http
      initialDelaySeconds: 30
      timeoutSeconds: 1
      periodSeconds: 10
      successThreshold: 1
      failureThreshold: 10
  memcached:
    enabled: false
  ingress:
    enabled: true
    annotations:
      cert-manager.io/cluster-issuer: letsencrypt-prod
      cert-manager.io/issue-temporary-certificate: "true"
      kubernetes.io/ingress.class: nginx
      nginx.ingress.kubernetes.io/ssl-redirect: "false"
      nginx.ingress.kubernetes.io/whitelist-source-range: "{{ ( ip_whitelist + ( custom_ip_whitelist | default([]) )) | join(',') }}"
    hosts:
      - host: "{{ stage }}-gitea.{{ domain }}"
        paths:
        - path: '/'
          pathType: Prefix
    tls:
      - secretName: "{{ stage }}-gitea-cert"
        hosts:
          - "{{ stage }}-gitea.{{ domain }}"
  persistence:
    enabled: true
    storageClass: hcloud-volumes
  postgresql:
    global:
      postgresql:
        auth:
           # if "username" is configured, a randomized password will break each update
           password: '{{ gitea_postgres_password }}'
           postgresPassword: '{{ gitea_postgres_password }}'