apiVersion: v1
kind: Secret
metadata:
  name: gitea-config
  labels:
    app: gitea
type: Opaque
stringData:
  app.ini: |-
    APP_NAME = Gitea: Git with a cup of tea
    RUN_USER = git
    RUN_MODE = ; prod

    [server]
    PROTOCOL = http
    DOMAIN = git.example.com
    ROOT_URL = https://git.example.com
    HTTP_ADDR = 0.0.0.0
    HTTP_PORT = 3000
    ;; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
    ;; In most cases you do not need to change the default value.
    ;; Alter it only if your SSH server node is not the same as HTTP node.
    ;; Do not set this variable if PROTOCOL is set to 'unix'.
    ;LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
    ;DISABLE_SSH = false
    START_SSH_SERVER = true
    SSH_PORT = 2222
    SSH_LISTEN_PORT = %(SSH_PORT)s
    SSH_SERVER_HOST_KEYS=ssh/gitea.rsa, ssh/gogs.rsa
    APP_DATA_PATH = /data/gitea
    LFS_JWT_SECRET = 

    [database]
    DB_TYPE = postgres
    HOST = postgres.yourserver.com ; can use socket e.g. /var/run/postgresql/
    NAME = gitea
    USER = gitea
    PASSWD = 
    ;SCHEMA =
    SSL_MODE=require ;either "disable" (default), "require", or "verify-full"
    
    [security]
    INSTALL_LOCK = true
    SECRET_KEY = 
    INTERNAL_TOKEN=
    
    [oauth2]
    ENABLE = true
    JWT_SECRET = 

    [U2F]
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
    ;;
    ;; NOTE: THE DEFAULT VALUES HERE WILL NEED TO BE CHANGED
    ;; Two Factor authentication with security keys
    ;; https://developers.yubico.com/U2F/App_ID.html
    APP_ID = ; e.g. http://localhost:3000/
    ;; Comma separated list of trusted facets
    TRUSTED_FACETS = ; e.g. http://localhost:3000/

    [log]
    MODE = console
    ;; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
    LEVEL = Info
    ROUTER = console
    [git]
    ;; The path of git executable. If empty, Gitea searches through the PATH environment.
    PATH =

    [attachment]
    ENABLED = true
    ALLOWED_TYPES = .docx,.gif,.gz,.jpeg,.jpg,.log,.pdf,.png,.pptx,.txt,.xlsx,.zip
    MAX_SIZE = 30
    MAX_FILES = 5
    STORAGE_TYPE = minio
    MINIO_ENDPOINT = s3.fr-par.scw.cloud
    MINIO_ACCESS_KEY_ID = 
    MINIO_SECRET_ACCESS_KEY = 
    MINIO_BUCKET = 
    MINIO_LOCATION = 
    MINIO_BASE_PATH = attachments/
    MINIO_USE_SSL = true

    [storage]
    STORAGE_TYPE = minio
    MINIO_ENDPOINT = s3.fr-par.scw.cloud
    MINIO_ACCESS_KEY_ID = 
    MINIO_SECRET_ACCESS_KEY = 
    MINIO_BUCKET = 
    MINIO_LOCATION = 
    MINIO_USE_SSL = true

    [storage.repo-archive]
    STORAGE_TYPE = minio
    MINIO_ENDPOINT = s3.fr-par.scw.cloud
    MINIO_ACCESS_KEY_ID = 
    MINIO_SECRET_ACCESS_KEY = 
    MINIO_BUCKET = 
    MINIO_LOCATION = 
    MINIO_USE_SSL = true

    [storage.minio]
    STORAGE_TYPE = minio
    MINIO_ENDPOINT = s3.fr-par.scw.cloud
    MINIO_ACCESS_KEY_ID = 
    MINIO_SECRET_ACCESS_KEY = 
    MINIO_BUCKET = 
    MINIO_LOCATION = 
    MINIO_USE_SSL = true