---
apiVersion: v1
kind: Pod
metadata:
  annotations:
    io.kubernetes.cri-o.TTY/gitea: "false"
    io.podman.annotations.autoremove/gitea: "FALSE"
    io.podman.annotations.init/gitea: "FALSE"
    io.podman.annotations.label/gitea: type:container_runtime_t
    io.podman.annotations.privileged/gitea: "FALSE"
    io.podman.annotations.publish-all/gitea: "FALSE"
  labels:
    app: gitea-pod
  name: gitea-pod
spec:
  containers:
  - image: docker.io/gitea/gitea:latest-rootless
    name: gitea
    ports:
    - containerPort: 3000
      hostPort: 9080
      hostIP: 127.0.0.1
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_AUDIT_WRITE
    volumeMounts:
    - mountPath: /var/lib/gitea
      name: data-gitea-data-0
    - mountPath: /etc/gitea
      name: data-gitea-config-0
    - mountPath: /etc/timezone
      name: etc-timezone-0
      readOnly: true
    - mountPath: /etc/localtime
      name: etc-localtime-0
      readOnly: true
  volumes:
  - hostPath:
      path: /data/gitea/data
      type: Directory
    name: data-gitea-data-0
  - hostPath:
      path: /data/gitea/config
      type: Directory
    name: data-gitea-config-0
  - hostPath:
      path: /etc/timezone
      type: File
    name: etc-timezone-0
  - hostPath:
      path: /etc/localtime
      type: File
    name: etc-localtime-0