stack/kustomizations/forgejo/forgejo-ssh-keys.patch.yaml

55 lines
1.3 KiB
YAML
Raw Permalink Normal View History

2023-05-16 04:03:01 +00:00
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: forgejo
spec:
template:
spec:
initContainers:
- name: forgejo-ssh-key-prep
image: codeberg.org/forgejo/forgejo:1.19.3-0
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
2023-05-16 04:03:01 +00:00
command: ["sh"]
args:
- -c
- |-
cd /in
for file in *; do
cp $file /out
echo >> "/out/$file"
chmod go-rw "/out/$file"
done
volumeMounts:
- name: forgejo-ssh-keys-secret
mountPath: /in
- name: forgejo-ssh-keys
mountPath: /out
containers:
- name: forgejo-ssh
args:
- -D
- -e
- -p
- "2222"
- -o
- PidFile=/tmp/sshd.pid
- -h
- /etc/ssh/keys/ssh_host_ecdsa_key
- -h
- /etc/ssh/keys/ssh_host_ed25519_key
- -h
- /etc/ssh/keys/ssh_host_rsa_key
volumeMounts:
- name: forgejo-ssh-keys
mountPath: /etc/ssh/keys
volumes:
- name: forgejo-ssh-keys-secret
secret:
secretName: forgejo-ssh-keys
- name: forgejo-ssh-keys
emptyDir: {}