Initial commit: k3s deployment configurations
This commit is contained in:
K3s Admin
109
k3s/ztg_自托管/gitea-stack.yaml
Normal file
109
k3s/ztg_自托管/gitea-stack.yaml
Normal file
@@ -0,0 +1,109 @@
|
||||
# 1. 命名空间
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: gitea-system
|
||||
|
||||
---
|
||||
# 2. 数据持久化 (存放代码仓库和数据库)
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: gitea-data-pvc
|
||||
namespace: gitea-system
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
storageClassName: longhorn # 沿用你的 Longhorn
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
|
||||
---
|
||||
# 3. 部署 Gitea 应用
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: gitea
|
||||
namespace: gitea-system
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: gitea
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: gitea
|
||||
spec:
|
||||
containers:
|
||||
- name: gitea
|
||||
image: gitea/gitea:latest
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
name: http
|
||||
- containerPort: 22
|
||||
name: ssh
|
||||
volumeMounts:
|
||||
- name: gitea-data
|
||||
mountPath: /data
|
||||
env:
|
||||
# 初始设置,避免手动改配置文件
|
||||
- name: GITEA__server__DOMAIN
|
||||
value: "git.u9.net3w.com"
|
||||
- name: GITEA__server__ROOT_URL
|
||||
value: "https://git.u9.net3w.com/"
|
||||
- name: GITEA__server__SSH_PORT
|
||||
value: "22" # 注意:通过 Ingress 访问时通常用 HTTPS,SSH 需要额外配置 NodePort,暂时先设为标准
|
||||
volumes:
|
||||
- name: gitea-data
|
||||
persistentVolumeClaim:
|
||||
claimName: gitea-data-pvc
|
||||
|
||||
---
|
||||
# 4. Service (内部网络)
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: gitea-service
|
||||
namespace: gitea-system
|
||||
spec:
|
||||
selector:
|
||||
app: gitea
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 80
|
||||
targetPort: 3000
|
||||
name: http
|
||||
- protocol: TCP
|
||||
port: 2222 # 如果未来要用 SSH,可以映射这个端口
|
||||
targetPort: 22
|
||||
name: ssh
|
||||
|
||||
---
|
||||
# 5. Ingress (暴露 HTTPS 域名)
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: gitea-ingress
|
||||
namespace: gitea-system
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
# 允许大文件上传 (Git push 可能很大)
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
spec:
|
||||
rules:
|
||||
- host: git.u9.net3w.com
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: gitea-service
|
||||
port:
|
||||
number: 80
|
||||
tls:
|
||||
- hosts:
|
||||
- git.u9.net3w.com
|
||||
secretName: gitea-tls-secret
|
||||
Reference in New Issue
Block a user