From 94c51a4d77399913073554f61ef732b7d34f046f Mon Sep 17 00:00:00 2001
From: Manuel Ganter <manuel.ganter@think-ahead.tech>
Date: Fri, 28 Nov 2025 10:36:34 +0100
Subject: [PATCH] added terralist

---
 template/registry/coder.yaml                  |  2 +-
 template/registry/terralist.yaml              | 24 +++++++
 template/stacks/terralist/terralist.yaml      | 30 ++++++++
 .../stacks/terralist/terralist/values.yaml    | 69 +++++++++++++++++++
 4 files changed, 124 insertions(+), 1 deletion(-)
 create mode 100644 template/registry/terralist.yaml
 create mode 100644 template/stacks/terralist/terralist.yaml
 create mode 100644 template/stacks/terralist/terralist/values.yaml

diff --git a/template/registry/coder.yaml b/template/registry/coder.yaml
index e9711eb..40cfffb 100644
--- a/template/registry/coder.yaml
+++ b/template/registry/coder.yaml
@@ -1,7 +1,7 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
-  name: coder
+  name: coder-reg
   namespace: argocd
   labels:
     env: dev
diff --git a/template/registry/terralist.yaml b/template/registry/terralist.yaml
new file mode 100644
index 0000000..167345d
--- /dev/null
+++ b/template/registry/terralist.yaml
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: terralist-reg
+  namespace: argocd
+  labels:
+    env: dev
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    name: in-cluster
+    namespace: argocd
+  source:
+    path: "{{{ .Env.CLIENT_REPO_ID }}}/{{{ .Env.DOMAIN }}}/stacks/terralist"
+    repoURL: "https://{{{ .Env.CLIENT_REPO_DOMAIN }}}/{{{ .Env.CLIENT_REPO_ORG_NAME }}}"
+    targetRevision: HEAD
+  project: default
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
diff --git a/template/stacks/terralist/terralist.yaml b/template/stacks/terralist/terralist.yaml
new file mode 100644
index 0000000..77126f8
--- /dev/null
+++ b/template/stacks/terralist/terralist.yaml
@@ -0,0 +1,30 @@
+# helm upgrade --install --create-namespace --namespace terralist terralist oci://ghcr.io/terralist/helm-charts/terralist -f terralist-values.yaml
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: terralist
+  namespace: argocd
+  labels:
+    env: dev
+spec:
+  project: default
+  syncPolicy:
+    automated:
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+    retry:
+      limit: -1
+  destination:
+    name: in-cluster
+    namespace: terralist
+  sources:
+    - repoURL: https://github.com/terralist/helm-charts
+      path: charts/terralist
+      targetRevision: terralist-0.8.1
+      helm:
+        valueFiles:
+          - $values/{{{ .Env.CLIENT_REPO_ID }}}/{{{ .Env.DOMAIN }}}/stacks/terralist/terralist/values.yaml
+    - repoURL: https://{{{ .Env.CLIENT_REPO_DOMAIN }}}/{{{ .Env.CLIENT_REPO_ORG_NAME }}}
+      targetRevision: HEAD
+      ref: values
diff --git a/template/stacks/terralist/terralist/values.yaml b/template/stacks/terralist/terralist/values.yaml
new file mode 100644
index 0000000..3aa2996
--- /dev/null
+++ b/template/stacks/terralist/terralist/values.yaml
@@ -0,0 +1,69 @@
+controllers:
+  main:
+    strategy: Recreate
+    containers:
+      app:
+        env:
+          - name: TERRALIST_OAUTH_PROVIDER
+            value: github
+          - name: TERRALIST_GH_CLIENT_ID
+            valueFrom:
+              secretKeyRef:
+                name: github-app-credentials
+                key: client-id
+          - name: TERRALIST_GH_CLIENT_SECRET
+            valueFrom:
+              secretKeyRef:
+                name: github-app-credentials
+                key: client-secret
+          - name: TERRALIST_TOKEN_SIGNING_SECRET
+            valueFrom:
+              secretKeyRef:
+                name: terralist-secret
+                key: token-signing-secret
+          - name: TERRALIST_COOKIE_SECRET
+            valueFrom:
+              secretKeyRef:
+                name: terralist-secret
+                key: cookie-secret
+          - name: TERRALIST_GH_ORGANIZATION
+            value: think-ahead-technologies
+          - name: TERRALIST_URL
+            value: https://terralist.{{{ .Env.DOMAIN_GITEA }}}
+          - name: TERRALIST_SQLITE_PATH
+            value: /data/db.sqlite
+          - name: TERRALIST_LOCAL_STORE
+            value: /data/modules
+          - name: TERRALIST_PROVIDERS_ANONYMOUS_READ
+            value: "true"
+
+ingress:
+  main:
+    enabled: true
+    className: nginx
+    annotations:
+      cert-manager.io/cluster-issuer: main
+    hosts:
+      - host: terralist.{{{ .Env.DOMAIN_GITEA }}}
+        paths:
+          - path: /
+            pathType: Prefix
+            service:
+              identifier: main
+              port: http
+    tls:
+      - hosts:
+        - terralist.{{{ .Env.DOMAIN_GITEA }}}
+        secretName: terralist-tls-secret
+
+persistence:
+  data:
+    enabled: true
+    accessMode: ReadWriteOnce
+    size: 10Gi
+    retain: false
+    storageClass: "csi-disk"
+    annotations:
+      everest.io/disk-volume-type: GPSSD
+    globalMounts:
+      - path: /data