Initial: Add all homelab manifests
This commit is contained in:
165
docs/10-gitea.md
Normal file
165
docs/10-gitea.md
Normal file
@@ -0,0 +1,165 @@
|
||||
# 10 · Gitea Installation
|
||||
|
||||
**Datum:** 2026-03-20
|
||||
|
||||
---
|
||||
|
||||
## Was wurde installiert
|
||||
|
||||
- **Gitea** (gitea/gitea:latest) — Self-hosted Git-Service
|
||||
- **PostgreSQL 16** (postgres:16-alpine) — Datenbank für Gitea
|
||||
- Beide Komponenten auf `rnk-wrk01` (nodeSelector)
|
||||
|
||||
---
|
||||
|
||||
## Manifest-Dateien
|
||||
|
||||
```
|
||||
~/homelab/k8s/gitea/
|
||||
kustomization.yaml
|
||||
namespace.yaml
|
||||
secret.yaml # DB- + Admin-Passwort (nicht ins Git!)
|
||||
pvc.yaml # gitea-data (10Gi) + gitea-postgres (2Gi) via Longhorn
|
||||
postgres.yaml # Deployment + ClusterIP Service
|
||||
deployment.yaml # Gitea Deployment mit initContainer
|
||||
service.yaml # gitea-web (ClusterIP) + gitea-ssh (LoadBalancer)
|
||||
ingress.yaml # Traefik HTTP Ingress
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Ausgeführte Befehle
|
||||
|
||||
```bash
|
||||
mkdir -p ~/homelab/k8s/gitea
|
||||
# ... alle YAML-Dateien erstellt ...
|
||||
|
||||
kubectl apply -k ~/homelab/k8s/gitea/
|
||||
|
||||
kubectl wait deployment/gitea-postgres -n gitea --for=condition=Available --timeout=120s
|
||||
kubectl wait deployment/gitea -n gitea --for=condition=Available --timeout=180s
|
||||
|
||||
# Admin-User anlegen (muss als git-User ausgeführt werden, nicht root)
|
||||
kubectl exec -n gitea deployment/gitea -- su git -c "gitea admin user create \
|
||||
--username admin \
|
||||
--password '<passwort>' \
|
||||
--email admin@homelab.local \
|
||||
--admin"
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
### Problem: Postgres CrashLoopBackOff
|
||||
|
||||
**Fehler:**
|
||||
```
|
||||
initdb: error: directory "/var/lib/postgresql/data" exists but is not empty
|
||||
initdb: detail: It contains a lost+found directory, perhaps due to it being a mount point.
|
||||
```
|
||||
|
||||
**Ursache:** Longhorn-Volume enthält `lost+found` im Root — Postgres kann kein initdb durchführen wenn das Verzeichnis nicht leer ist.
|
||||
|
||||
**Fix:** `PGDATA` auf Unterverzeichnis setzen:
|
||||
```yaml
|
||||
env:
|
||||
- name: PGDATA
|
||||
value: /var/lib/postgresql/data/pgdata
|
||||
```
|
||||
|
||||
In `postgres.yaml` dauerhaft eingetragen.
|
||||
|
||||
### Problem: Gitea läuft nicht als root
|
||||
|
||||
**Fehler:**
|
||||
```
|
||||
Gitea is not supposed to be run as root.
|
||||
```
|
||||
|
||||
**Fix:** `su git -c "gitea ..."` statt direktem Aufruf:
|
||||
```bash
|
||||
kubectl exec -n gitea deployment/gitea -- su git -c "gitea admin user create ..."
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## IP-Adressen & Zugang
|
||||
|
||||
| Service | Adresse | Protokoll |
|
||||
|---|---|---|
|
||||
| Web-UI | http://gitea.192.168.11.180.nip.io | HTTP via Traefik |
|
||||
| SSH | 192.168.11.182:22 | TCP (MetalLB) |
|
||||
| Postgres | ClusterIP intern | TCP 5432 |
|
||||
|
||||
**MetalLB IP:** `192.168.11.182` (SSH)
|
||||
|
||||
---
|
||||
|
||||
## Konfiguration
|
||||
|
||||
| Parameter | Wert |
|
||||
|---|---|
|
||||
| `GITEA__server__DOMAIN` | gitea.192.168.11.180.nip.io |
|
||||
| `GITEA__server__ROOT_URL` | http://gitea.192.168.11.180.nip.io |
|
||||
| `GITEA__security__INSTALL_LOCK` | true (kein Setup-Wizard) |
|
||||
| `TZ` | Europe/Vienna |
|
||||
| Datenbank | PostgreSQL 16 |
|
||||
| Node | rnk-wrk01 (beide Pods) |
|
||||
|
||||
---
|
||||
|
||||
## Ergebnis
|
||||
|
||||
```
|
||||
NAME READY STATUS RESTARTS
|
||||
pod/gitea-5dddddf8bd-hg8nt 1/1 Running 0
|
||||
pod/gitea-postgres-75895d77ff-h6h55 1/1 Running 0
|
||||
|
||||
NAME TYPE CLUSTER-IP EXTERNAL-IP
|
||||
service/gitea-postgres ClusterIP 10.43.146.54 <none>
|
||||
service/gitea-ssh LoadBalancer 10.43.27.136 192.168.11.182
|
||||
service/gitea-web ClusterIP 10.43.166.44 <none>
|
||||
|
||||
NAME CLASS HOSTS ADDRESS
|
||||
ingress/gitea-web traefik gitea.192.168.11.180.nip.io 192.168.11.180
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Admin-Passwort gesetzt (2026-03-20)
|
||||
|
||||
Admin-Passwort nach Installation auf einheitliches Homelab-Passwort gesetzt.
|
||||
|
||||
**Problem:** Nach `change-password` via CLI erzwingt Gitea eine Passwortänderung im Browser (`must_change_password=true`).
|
||||
|
||||
**Fix:**
|
||||
```bash
|
||||
kubectl exec -n gitea deployment/gitea -- su git -c \
|
||||
"gitea admin user change-password --username admin \
|
||||
--password 'bmw520AUDI' --must-change-password=false"
|
||||
```
|
||||
|
||||
k8s Secret und `secret.yaml` ebenfalls aktualisiert:
|
||||
```bash
|
||||
kubectl patch secret gitea-secret -n gitea \
|
||||
--type='json' \
|
||||
-p='[{"op":"replace","path":"/data/admin-password","value":"<base64>"}]'
|
||||
```
|
||||
|
||||
**Verifikation:**
|
||||
```bash
|
||||
curl -s -o /dev/null -w "%{http_code}" \
|
||||
http://gitea.192.168.11.180.nip.io/api/v1/user \
|
||||
-u admin:bmw520AUDI
|
||||
# → 200 ✓
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Nächste Schritte
|
||||
|
||||
- SSH-Key für lokale Entwicklung hinterlegen
|
||||
- Repositories anlegen / migrieren
|
||||
- Ggf. Gitea Actions aktivieren (CI/CD)
|
||||
- Backup-Strategie für Longhorn-Volumes festlegen
|
||||
Reference in New Issue
Block a user