Gitea
Helm chart for deploying Gitea self-hosted Git service on Kubernetes using the official gitea/gitea rootless Docker image.
Key Features
- Official rootless image based on
gitea/gitea:<version>-rootless(UID 1000) - Database backends SQLite3 (default), PostgreSQL, or MySQL with auto-detection
- PostgreSQL and MySQL subcharts optional bundled database deployments
- HTTP + SSH services separate services for web UI and Git SSH access
- Admin user creation optional post-install Job to bootstrap an admin account
- S3-compatible backup database-aware CronJob (SQLite tar, pg_dump, mysqldump)
- Ingress support configurable ingress with TLS for HTTP access
Installation
HTTPS Repository
helm repo add helmforge https://repo.helmforge.dev
helm repo update
helm install gitea helmforge/giteaOCI Registry
helm install gitea oci://ghcr.io/helmforgedev/helm/giteaBasic Example
gitea:
rootUrl: https://git.example.com/
sshDomain: git.example.com
disableRegistration: true
admin:
username: gitea_admin
password: 'change-me-now'
email: [email protected]
postgresql:
enabled: true
auth:
database: gitea
username: gitea
password: 'db-password'
ingress:
enabled: true
ingressClassName: traefik
hosts:
- host: git.example.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: gitea-tls
hosts:
- git.example.com
backup:
enabled: true
schedule: '0 3 * * *'
s3:
endpoint: https://s3.amazonaws.com
bucket: my-backups
prefix: gitea
existingSecret: gitea-s3-credentialsKey Values
| Key | Default | Description |
|---|---|---|
gitea.appName | "Gitea: Git with a cup of tea" | Application display name |
gitea.runMode | prod | Run mode (dev, prod, test) |
gitea.rootUrl | "" | Root URL for links and clone URLs |
gitea.sshDomain | "" | SSH domain in clone URLs |
gitea.sshPort | 2222 | SSH listen port |
gitea.lfsEnabled | true | Enable Git LFS |
gitea.disableRegistration | false | Disable self-registration |
admin.username | "" | Admin username (triggers admin creation Job) |
admin.existingSecret | "" | Existing secret with admin credentials |
database.mode | auto | Database mode: auto, sqlite, external, postgresql, mysql |
postgresql.enabled | false | Deploy PostgreSQL subchart |
mysql.enabled | false | Deploy MySQL subchart |
persistence.enabled | true | Enable persistent storage for /var/lib/gitea |
persistence.size | 10Gi | Volume size |
service.http.type | ClusterIP | HTTP service type |
service.http.port | 3000 | HTTP service port |
service.ssh.enabled | true | Enable SSH service |
service.ssh.type | ClusterIP | SSH service type |
service.ssh.port | 2222 | SSH service port |
service.ssh.nodePort | "" | SSH NodePort (when type is NodePort) |
ingress.enabled | false | Enable ingress |
ingress.ingressClassName | "" | Ingress class (traefik, nginx, etc.) |
backup.enabled | false | Enable S3 backup CronJob |
backup.schedule | "0 3 * * *" | Backup cron schedule |
backup.s3.endpoint | "" | S3-compatible endpoint URL |
backup.s3.bucket | "" | S3 bucket name |
backup.s3.existingSecret | "" | Existing secret with S3 credentials |
Database Auto-Detection
When database.mode is auto (default), the chart detects which database to use:
- If
database.external.hostis set → external database - If
postgresql.enabledistrue→ PostgreSQL subchart - If
mysql.enabledistrue→ MySQL subchart - Otherwise → SQLite3 (zero configuration)