Skip to content

Commit

Permalink
🩹 fix gitea export job
Browse files Browse the repository at this point in the history
  • Loading branch information
@auricom
auricom committed Nov 17, 2022
1 parent 23ef1a9 commit 5e6277d
Show file tree
Hide file tree
Showing 4 changed files with 23 additions and 28 deletions.
15 changes: 5 additions & 10 deletions cluster/apps/development/gitea/external-backup/helm-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,12 +43,6 @@ spec:
- name: *app
image: ghcr.io/auricom/kubectl:v1.25.0@sha256:a08f7ed1b9a578531428684be0dde3285ecef105facf38a53aa9b023b6a5f6c2
imagePullPolicy: IfNotPresent
env:
- name: ENV_GITEA_API_TOKEN
valueFrom:
secretKeyRef:
name: gitea-config
key: apiToken
command:
- "/bin/bash"
- "-c"
Expand All @@ -64,9 +58,11 @@ spec:
ssh -o StrictHostKeyChecking=no homelab@${LOCAL_LAN_TRUENAS} << 'EOF'
set -x
WORK_DIR="/mnt/storage/backups/apps/gitea"
ORGANISATIONS=$(curl --silent --location --request GET "https://gitea.${SECRET_CLUSTER_DOMAIN}/api/v1/orgs" --header "Authorization: Bearer ${ENV_GITEA_API_TOKEN}" | jq --raw-output .[].username)
ORGANISATIONS=$(curl --silent --location --request GET "https://gitea.${SECRET_CLUSTER_DOMAIN}/api/v1/orgs" --header "Authorization: Bearer ${GITEA_API_TOKEN}" | jq --raw-output .[].username)
ORGANISATIONS+=" auricom"
for org in $ORGANISATIONS
Expand All @@ -77,7 +73,7 @@ spec:
else
keyword="orgs"
fi
REPOSITORIES=$(curl --silent --location --request GET "https://gitea.${SECRET_CLUSTER_DOMAIN}/api/v1/$keyword/$org/repos?limit=1000" --header "Authorization: Bearer ${ENV_GITEA_API_TOKEN}" | jq --raw-output .[].name)
REPOSITORIES=$(curl --silent --location --request GET "https://gitea.${SECRET_CLUSTER_DOMAIN}/api/v1/$keyword/$org/repos?limit=1000" --header "Authorization: Bearer ${GITEA_API_TOKEN}" | jq --raw-output .[].name)
for repo in $REPOSITORIES
do
if [ -d "$WORK_DIR/$org/$repo" ]; then
Expand Down Expand Up @@ -105,9 +101,8 @@ spec:
done
done
echo "INFO: Backup done"
curl -m 10 --retry 5 http://healthchecks.default.svc.cluster.local./ping/${SECRET_HEALTHCHECKS_PING_KEY}/k3s-gitea-repositories-backup
EOF
curl -m 10 --retry 5 http://healthchecks.default.svc.cluster.local./ping/${SECRET_HEALTHCHECKS_PING_KEY}/k3s-gitea-repositories-backup
volumeMounts:
- name: secret
mountPath: /opt/id_rsa
Expand Down
26 changes: 13 additions & 13 deletions cluster/apps/development/gitea/helm-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,19 +79,19 @@ spec:
MAILER_TYPE: smtp
HOST: smtp-relay.default:2525
FROM: "Gitea <gitea@${SECRET_DOMAIN}>"
openid:
ENABLE_OPENID_SIGNIN: false
ENABLE_OPENID_SIGNUP: true
WHITELISTED_URIS: "auth.${SECRET_CLUSTER_DOMAIN}"
oauth:
- name: authelia
provider: openidConnect
key: gitea
secret: "${SECRET_GITEA_OAUTH_CLIENT_SECRET}"
autoDiscoverUrl: "https://auth.${SECRET_CLUSTER_DOMAIN}/.well-known/openid-configuration"
groupClaimName: groups
adminGroup: admins
restrictedGroup: people
# openid:
# ENABLE_OPENID_SIGNIN: false
# ENABLE_OPENID_SIGNUP: true
# WHITELISTED_URIS: "auth.${SECRET_CLUSTER_DOMAIN}"
# oauth:
# - name: authelia
# provider: openidConnect
# key: gitea
# secret: "${SECRET_GITEA_OAUTH_CLIENT_SECRET}"
# autoDiscoverUrl: "https://auth.${SECRET_CLUSTER_DOMAIN}/.well-known/openid-configuration"
# groupClaimName: groups
# adminGroup: admins
# restrictedGroup: people
metrics:
enabled: true
serviceMonitor:
Expand Down
5 changes: 2 additions & 3 deletions cluster/apps/development/gitea/secret.sops.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ metadata:
stringData:
adminEmail: ENC[AES256_GCM,data:KUhhtTXAU/lcKVsuy3tF+QjgRk8m,iv:goqGhOEkpbnYa6uELXYfdQjCdKPOW2KGAjb4cfdHrn0=,tag:SFENNvmSkEfcAgat/BHksg==,type:str]
adminPassword: ENC[AES256_GCM,data:SMR6vlFSysGv7iG+zjk=,iv:PtceAzAWR1nc8nACAYSOe+19evR9+orQa9DRzbcXU4U=,tag:Rq+3Ua0XhOzsnFw6/OdY4A==,type:str]
apiToken: ENC[AES256_GCM,data:k8bgQ2Rkj2rzTIk79lh3QSeJF79kQ/10K8qmdSkLedA9+0TrWe4fDA==,iv:1kl+kcBqreGZ8op35Tg9wQZOLNDSb2Gtd3OFEBYqdTk=,tag:sHX/QSr2FZBngXaPLfhhAw==,type:str]
dbUser: ENC[AES256_GCM,data:4Mb4+JI=,iv:qTzsuXkJGFEtKjoKcAWD2VoBCD4GIH9UsBSWUknez8c=,tag:p5Q0R1DdJuZmpPiBYZxV0A==,type:str]
dbPassword: ENC[AES256_GCM,data:h/qQ43+3E9DfSlY6eww=,iv:ppvnc3A4binyLwnNuEPzmQCyc11RUSZ9cSw0cRYjLdI=,tag:iBXRYFPBCn4AdkdoRZK4eg==,type:str]
minioAccessKeyId: ENC[AES256_GCM,data:Gh41eINrkyjgEpTO5O+5lPWNPd8=,iv:XFH3RvyJwUEtszqtKVjLtMxTamPHPx4Aqi0PqsUmDCQ=,tag:abNj9gjgSlPJFsS9DBs+gw==,type:str]
Expand All @@ -28,8 +27,8 @@ sops:
ZWRhWnBrY1FBNVQyOU0yVGFXb0QrVnMK26Nc5Bw/jOzuxXcufHcxnugG1bzqO9T8
LNIau17zdWX5bfWGDj++ipnm8x1sPswEULal4U2Muc2Iy7GuZPhVyg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-09-16T09:30:12Z"
mac: ENC[AES256_GCM,data:qgkG+6bxUadhllUMqkOylhLqCU5xR0pvXWi11TvRhTdC3S8dkIrmzGxWNYi9DGz2vwaPhWik4OjUpCCsjPUUxPvzzHnmc5Uqw0M+1UmX2xa7pGXXj2wgt52sBfMC/D/XIW/pbpCLwmWJveL285VaPB2psTLC4l5csw6H7dZoLKA=,iv:SMlWM/vQK0KHFELXrIEXncNcmK8oR/O31ipQLF6j2zs=,tag:kOeEcs20ItSTH1on2NvrEw==,type:str]
lastmodified: "2022-11-16T22:14:19Z"
mac: ENC[AES256_GCM,data:IbNuB2a6Pm2NTA6OS45kmYIdqZZIG1iJewt6n0rWLdYrbaGNGKt1ig0oTu/ubJSHNb/OgoN+fKEj/JQ+kJhwUiTEQhH+IUwPtUZeb0C0/QqatqCXoQk4qBOTuwea4gLLMHqoIwP0fETLiaVphNK7llPaI7aW0Li0W9yAdhu3VCs=,iv:utxR9+tJ8elgdvOQg5eoClb/4DDJyzvz2eWuCDNU3V0=,tag:Y8qEcwVwW2FoUOXZRQHEgA==,type:str]
pgp: []
encrypted_regex: ^(data|stringData)$
version: 3.7.3
5 changes: 3 additions & 2 deletions cluster/configuration/cluster-secrets.sops.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ stringData:
SECRET_CLUSTER_OVH_CONSUMER_KEY: ENC[AES256_GCM,data:HwEaNSLEoON99KzgVLuDWxj8DPz1gz8tc3q/1hWJOvM=,iv:uTHCAT81Js9yQ/7iK90+elZzA0j6ia7AOWEufE1i/4k=,tag:D4tI50RyJz8o3n9hrrYz4Q==,type:str]
SECRET_EMAIL_DOMAIN: ENC[AES256_GCM,data:tggMEXyLi03dAorm,iv:tXHmWmm9wUIOyGXbHUagS0gl4cEW588XSvBIoNsADFw=,tag:69X+WZoj6CiI6mUJT01DzQ==,type:str]
SECRET_EMAIL_SMTP_USERNAME: ENC[AES256_GCM,data:U8UiC6SdBbX9JbpRglyXfofDzYf+LNY=,iv:BLqn6nWm+il2yxWBJgpjlLKp5/eVh8L9qSEfM9LzUEo=,tag:1+afhSVYeHTvzzBiTxP7Ew==,type:str]
SECRET_GITEA_API_TOKEN: ENC[AES256_GCM,data:A5zJGhQdlWUAagcPIvCIzvpeyzVaV5uDGegjvW4zl6X9kYDxG7JDUA==,iv:kogD/wl3KTlVE4by96vyEwTCMEmzbmEKmcAVK+8OjnI=,tag:PLbEaJQI7fWKz0tQSO35iA==,type:str]
SECRET_GITEA_OAUTH_CLIENT_SECRET: ENC[AES256_GCM,data:VWetZHP8haXPy1r20RMJvECxEWw=,iv:B3+rjPXWSbyCdi4KAy/FeMbtNUv40UIWN462OWfv9Ww=,tag:5wK7nUGu7HmdC90d2jllwQ==,type:str]
SECRET_GRAFANA_OAUTH_CLIENT_SECRET: ENC[AES256_GCM,data:3igfeqGHygjnmJXnoiKV7W8Tm2M=,iv:Hrjh38GuRvzS4Hi69QftBhaAJ02is5B0E5h23XICpUc=,tag:O4JFVSaoTQDhf3QZPLbn1Q==,type:str]
SECRET_HEALTHCHECKS_PING_KEY: ENC[AES256_GCM,data:ik/lEfCHBKcgnc+zRDrkhw3ykbITSw==,iv:XYqxF9yuRbR+WECjC+0xaT8V4qKYpdsWoNCzfzr33cc=,tag:AZBATumRJMbsLBw2XttV/w==,type:str]
Expand Down Expand Up @@ -48,8 +49,8 @@ sops:
WG82VkdBMlNnRzBySFQzMk41cEtXSlEKBqOmq9UpO61C85+pj0ibdT31y4pmFsbm
pTi4N0vv81kcf4ilqBU5h1gudNCb42Q2iL0eGNR4e3JzH4iaNsvnEg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-10-23T13:46:34Z"
mac: ENC[AES256_GCM,data:xnKsHwtSone0aGvJSqTrFvYIepp+vJbok8OQfdjMZ+ZD/S9YQlGVcu6IIJ93p+ugEwUuj+w9PUAURxRsRUVliUaFSgWh8u8dpNv4U0Bj6cpdGngnLmWgQI+9Cv8s3xylSaavO9QW0mOPppS+SjbApvOLxerJheFt6F+keyCilNY=,iv:ZCxpLSKxC8Lmze9BkKP93dwS/AXIW1SJ3INRRgTI3OE=,tag:Papkz0D3tvzBRW8F9Wr0kg==,type:str]
lastmodified: "2022-11-16T22:14:08Z"
mac: ENC[AES256_GCM,data:z/yPY1WKt2t3LIJiVQ36DdlQOW4BP0SGiyZIoG1u4B4kQ6EKQZ6IotPVOn3sUQBLJ6HGqaM8Ns9JRdi5id1pP089Rzm97FMh0ynofggtaVCHCpb5qqGf7n+LJ+naM198nWmgAnyw45+Xwg8z8DAWrSH32hZA4MXeY9XRS/cdclk=,iv:eYJylNzq8f4ZW6e1zHspmuga+toVN+2fhYAenRW0v44=,tag:XqT4o3qYEdcLtATsa4vh/g==,type:str]
pgp: []
encrypted_regex: ^(data|stringData)$
version: 3.7.3

0 comments on commit 5e6277d

Please sign in to comment.