apiVersion: apps/v1 kind: Deployment metadata: name: gitea labels: app.kubernetes.io/name: gitea spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: gitea template: metadata: labels: app.kubernetes.io/name: gitea spec: volumes: - name: data persistentVolumeClaim: claimName: gitea-pvc - name: config persistentVolumeClaim: claimName: gitea-config-pvc - name: valkey emptyDir: sizeLimit: 128Mi medium: Memory dnsPolicy: "None" dnsConfig: nameservers: - 100.96.226.96 containers: - image: docker.gitea.com/gitea:1.24.3-rootless name: gitea ports: - containerPort: 3000 protocol: TCP name: http - containerPort: 2222 protocol: TCP name: ssh volumeMounts: - name: data mountPath: /var/lib/gitea - name: config mountPath: /etc/gitea envFrom: - configMapRef: name: gitea-config - secretRef: name: gitea-secrets securityContext: runAsUser: 1000 runAsGroup: 1000 runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL seccompProfile: type: RuntimeDefault livenessProbe: httpGet: path: /api/healthz port: http initialDelaySeconds: 200 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 10 - image: valkey/valkey:alpine name: valkey command: ["valkey-server"] ports: - containerPort: 6379 protocol: TCP env: - name: VALKEY_EXTRA_FLAGS value: "--save 60 1" volumeMounts: - name: valkey mountPath: "/data" securityContext: runAsUser: 1000 runAsGroup: 1000 runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL seccompProfile: type: RuntimeDefault