55 lines
1.3 KiB
YAML
55 lines
1.3 KiB
YAML
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: forgejo
|
|
spec:
|
|
template:
|
|
spec:
|
|
initContainers:
|
|
- name: forgejo-ssh-key-prep
|
|
image: codeberg.org/forgejo/forgejo:1.21.11-1
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
command: ["sh"]
|
|
args:
|
|
- -c
|
|
- |-
|
|
cd /in
|
|
for file in *; do
|
|
cp $file /out
|
|
echo >> "/out/$file"
|
|
chmod go-rw "/out/$file"
|
|
done
|
|
volumeMounts:
|
|
- name: forgejo-ssh-keys-secret
|
|
mountPath: /in
|
|
- name: forgejo-ssh-keys
|
|
mountPath: /out
|
|
containers:
|
|
- name: forgejo-ssh
|
|
args:
|
|
- -D
|
|
- -e
|
|
- -p
|
|
- "2222"
|
|
- -o
|
|
- PidFile=/tmp/sshd.pid
|
|
- -h
|
|
- /etc/ssh/keys/ssh_host_ecdsa_key
|
|
- -h
|
|
- /etc/ssh/keys/ssh_host_ed25519_key
|
|
- -h
|
|
- /etc/ssh/keys/ssh_host_rsa_key
|
|
volumeMounts:
|
|
- name: forgejo-ssh-keys
|
|
mountPath: /etc/ssh/keys
|
|
volumes:
|
|
- name: forgejo-ssh-keys-secret
|
|
secret:
|
|
secretName: forgejo-ssh-keys
|
|
- name: forgejo-ssh-keys
|
|
emptyDir: {}
|