Files
library-charts/library/common/values.yaml
Stavros Kois 2eb6699c45 chore(ndots): default to 1 (#438)
**Description**
<!--
Please include a summary of the change and which issue is fixed. Please
also include relevant motivation and context. List any dependencies that
are required for this change.
-->
⚒️ Fixes  # <!--(issue)-->

**⚙️ Type of change**

- [ ] ⚙️ Feature/App addition
- [ ] 🪛 Bugfix
- [ ] ⚠️ Breaking change (fix or feature that would cause existing
functionality to not work as expected)
- [ ] 🔃 Refactor of current code

**🧪 How Has This Been Tested?**
<!--
Please describe the tests that you ran to verify your changes. Provide
instructions so we can reproduce. Please also list any relevant details
for your test configuration
-->

**📃 Notes:**
<!-- Please enter any other relevant information here -->

**✔️ Checklist:**

- [x] ⚖️ My code follows the style guidelines of this project
- [x] 👀 I have performed a self-review of my own code
- [ ] #️⃣ I have commented my code, particularly in hard-to-understand
areas
- [ ] 📄 I have made corresponding changes to the documentation
- [x] ⚠️ My changes generate no new warnings
- [x] 🧪 I have added tests to this description that prove my fix is
effective or that my feature works
- [x] ⬆️ I increased versions for any altered app according to semantic
versioning

** App addition**

If this PR is an app addition please make sure you have done the
following.

- [ ] 🪞 I have opened a PR on
[truecharts/containers](https://github.com/truecharts/containers) adding
the container to TrueCharts mirror repo.
- [ ] 🖼️ I have added an icon in the Chart's root directory called
`icon.png`

---

_Please don't blindly check all the boxes. Read them and only check
those that apply.
Those checkboxes are there for the reviewer to see what is this all
about and
the status of this PR with a quick glance._

---------

Co-authored-by: Kjeld Schouten <kjeld@schouten-lebbing.nl>
2023-05-27 15:01:36 +02:00

814 lines
23 KiB
YAML

# -- Global values
global:
# -- Set additional global labels
labels: {}
# -- Set additional global annotations
annotations: {}
# -- Adds metalLB annotations to services
addMetalLBAnnotations: true
# -- Adds traefik annotations to services
addTraefikAnnotations: true
# -- Minimum nodePort value
minNodePort: 9000
# -- Enable to stop most pods and containers including cnpg
# does not include stand-alone pods
stopAll: false
# -- Creates the tc-system namespace. Used for operator charts
createTCNamespace: true
fallbackDefaults:
# -- Define a storageClassName that will be used for all PVCs
# Can be overruled per PVC
storageClass:
# -- Default probe type
probeType: http
# -- Default Service Protocol
serviceProtocol: tcp
# -- Default Service Type
serviceType: ClusterIP
# -- Default persistence type
persistenceType: pvc
# -- Default Retain PVC
pvcRetain: false
# -- Default PVC Size
pvcSize: 100Gi
# -- Default VCT Size
vctSize: 100Gi
# -- Default PVC/VCT Access Modes
accessModes:
- ReadWriteOnce
# -- Default probe timeouts
probeTimeouts:
liveness:
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
readiness:
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 2
startup:
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 2
failureThreshold: 60
successThreshold: 1
# -- Image values
image:
# -- Image repository
repository: tccr.io/truecharts/whoami
# -- Image tag
tag: 1.9.0@sha256:ff8dfff3c266af64aa7a6653c0b7f2c51fd6c0608335997af1d334aac3e19798
# -- Image pull policy
pullPolicy: IfNotPresent
chartContext:
APPURL: ""
podCIDR: ""
svcCIDR: ""
# -- Security Context
securityContext:
# -- Container security context for all containers
# Can be overruled per container
container:
runAsUser: 568
runAsGroup: 568
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
privileged: false
seccompProfile:
type: RuntimeDefault
capabilities:
add: []
drop:
- ALL
# When set to false, it will automatically
# add CHOWN, SETUID, SETGID, FOWNER, DAC_OVERRIDE
# capabilities ONLY when container runs as ROOT
disableS6Caps: false
# -- PUID for all containers
# Can be overruled per container
PUID: 568
# -- UMASK for all containers
# Can be overruled per container
UMASK: "0022"
# -- Pod security context for all pods
# Can be overruled per pod
pod:
fsGroup: 568
fsGroupChangePolicy: OnRootMismatch
supplementalGroups: []
sysctls: []
# -- Resources
# Can be overruled per container
resources:
limits:
cpu: 4000m
memory: 8Gi
requests:
cpu: 10m
memory: 50Mi
containerOptions:
NVIDIA_CAPS:
- all
# -- Options for all pods
# Can be overruled per pod
podOptions:
enableServiceLinks: false
hostNetwork: false
hostPID: false
shareProcessNamespace: false
restartPolicy: Always
dnsPolicy: ClusterFirst
dnsConfig:
options:
- name: ndots
value: "1"
hostAliases: []
nodeSelector: {}
tolerations: []
schedulerName: ""
priorityClassName: ""
runtimeClassName: ""
automountServiceAccountToken: false
terminationGracePeriodSeconds: 60
# -- (docs/workload/README.md)
workload:
main:
enabled: true
primary: true
type: Deployment
dbWait: true
podSpec:
containers:
main:
enabled: true
primary: true
imageSelector: image
probes:
liveness:
enabled: true
type: "{{ .Values.service.main.ports.main.protocol }}"
port: "{{ $.Values.service.main.ports.main.targetPort | default .Values.service.main.ports.main.port }}"
readiness:
enabled: true
type: "{{ .Values.service.main.ports.main.protocol }}"
port: "{{ $.Values.service.main.ports.main.targetPort | default .Values.service.main.ports.main.port }}"
startup:
enabled: true
type: "{{ .Values.service.main.ports.main.protocol }}"
port: "{{ $.Values.service.main.ports.main.targetPort | default .Values.service.main.ports.main.port }}"
# -- Timezone used everywhere applicable
TZ: UTC
# -- (docs/service/README.md)
service:
main:
enabled: true
primary: true
ports:
main:
enabled: true
primary: true
protocol: http
serviceList: []
# -- (docs/persistence/README.md)
persistence:
shared:
enabled: true
type: emptyDir
mountPath: /shared
targetSelectAll: true
varlogs:
enabled: true
type: emptyDir
mountPath: /var/logs
targetSelectAll: true
varrun:
enabled: true
type: emptyDir
mountPath: /var/run
medium: Memory
targetSelectAll: true
tmp:
enabled: true
type: emptyDir
mountPath: /tmp
targetSelectAll: true
devshm:
enabled: true
type: emptyDir
mountPath: /dev/shm
medium: Memory
targetSelectAll: true
persistenceList: []
deviceList: []
# -- Injected from SCALE middleware
# Only for reference here
ixExternalInterfacesConfiguration: []
# -- Injected from SCALE middleware
# Only for reference here
ixExternalInterfacesConfigurationNames: []
# -- Injected from SCALE middleware
# Only for reference here
ixCertificates: []
# -- Injected from SCALE middleware
# Only for reference here
ixVolumes: []
# -- (docs/imagePullSecrets.md)
imagePullSecret: []
# -- (docs/configmap.md)
configmap: {}
# -- (docs/secret.md)
secret: {}
# -- (docs/serviceAccount.md)
serviceAccount: {}
# -- (docs/rbac.md)
rbac: {}
# -- (docs/volumeClaimTemplates) (StatefulSet only)
volumeClaimTemplates: {}
# -- (docs/scaleExternalInterface.md)
scaleExternalInterface: []
# -- (docs/scaleCertificate.md)
scaleCertificate: {}
# -- (docs/scaleGPU.md)
scaleGPU: []
# NOTES.txt
notes:
header: |
# Welcome to using <{{ .Chart.Name }}>.
Thank you for installing thank you for choosing TrueCharts
# custom: "{{ toYaml $.Values }}"
custom: |
## Using <{{ .Chart.Name }}>
{{- if .Values.iXPortals -}}
## Connecting externally
You can use this Chart by opening one of the following links in your browser:
{{- range .Values.iXPortals -}}
- {{ . }}
{{- end -}}
{{- end -}}
footer: |
## Documentation
Please check out the TrueCharts documentation on:
https://truecharts.com
OpenSource can only exist with your help, please consider supporting TrueCharts:
https://truecharts.org/sponsor
# -- iXsystems prototype values.yaml based portals
iXPortals: []
####
##
## TrueCharts Specific Root Objects
##
####
# -- Defines the portals for which config needs to be generated
portal:
open:
enabled: false
override:
protocol:
host:
port:
path: ""
targetSelector:
ingress: ""
service: ""
port: ""
# -- Set by "open" portal, used for some applications internally.
APPURL: ""
# -- Used to inject our own operator manifests into SCALE
manifestManager:
enabled: true
staging: false
install: true
check: true
delete: false
gluetunImage:
repository: tccr.io/truecharts/gluetun
tag: v3.33.0@sha256:bb28fa01c89797cfc45fd8d565d0b55054ded2da01a38299db5529d5cc96c284
pullPolicy: IfNotPresent
netshootImage:
repository: tccr.io/truecharts/netshoot
tag: v0.11.0@sha256:e6a26284531b240865a0b31d1c8835e8ee1862799c816014e4c59c1401abe1c5
pullPolicy: IfNotPresent
tailscaleImage:
repository: tccr.io/truecharts/tailscale
tag: v1.40.1@sha256:013d7c85ca3e5eb4afc3a635dc09d1677a701fa9daf250ffe2d15a00b0583418
pullPolicy: IfNotPresent
codeserverImage:
repository: tccr.io/truecharts/code-server
tag: v4.13.0@sha256:3eae79348586a725993cc26bc71b5ba20736f93e78f735e8c51fa63e75f5fcae
pullPolicy: IfNotPresent
alpineImage:
repository: tccr.io/truecharts/alpine
tag: v3.18.0@sha256:2042d13cae39c99cbac39447b686e7ad34509e32424efdf3ff9e2b324b6e6b34
pullPolicy: IfNotPresent
scratchImage:
repository: tccr.io/truecharts/scratch
tag: latest@sha256:9dd0f68d32ace452a3a75273bd8e3a074d0a14e4d38683389c73887432832fc3
pullPolicy: IfNotPresent
kubectlImage:
repository: tccr.io/truecharts/kubectl
tag: v1.26.0@sha256:323ab7aa3e7ce84c024df79d0f364282c1135499298f54be2ade46508a116c4b
pullPolicy: IfNotPresent
wgetImage:
repository: tccr.io/truecharts/wget
tag: 1.0.0@sha256:1764b1bb79b5d33edeb65b0bd5452b0a9622f8602f53a77e6a516261cfe7aa3d
pullPolicy: IfNotPresent
postgresClientImage:
repository: tccr.io/truecharts/db-wait-postgres
tag: 1.1.0@sha256:a163c7836d7bb436a428f5d55bbba0eb73bcdb9bc202047e2523bbb539c113e6
pullPolicy: IfNotPresent
mariadbClientImage:
repository: tccr.io/truecharts/db-wait-mariadb
tag: 1.1.0@sha256:492a9659511d3288ba9b6536fb17d1cb037fb3876f402dffa5dbcb040acbb85a
pullPolicy: IfNotPresent
redisClientImage:
repository: tccr.io/truecharts/db-wait-redis
tag: 1.1.0@sha256:8affa086d097b948f62b0433d70f4219a22ec29843ebd5479391869341bdb638
pullPolicy: IfNotPresent
mongodbClientImage:
repository: tccr.io/truecharts/db-wait-mongodb
tag: 1.1.0@sha256:502f70a653a905ad23576e208d0e5241e9cc8aeed63bb923e6da8563bdc3c1e7
pullPolicy: IfNotPresent
# -- OpenVPN specific configuration
# @default -- See below
openvpnImage:
# -- Specify the openvpn client image
repository: tccr.io/truecharts/openvpn-client
# -- Specify the openvpn client image tag
tag: latest@sha256:1f83decdf614cbf48e2429921b6f0efa0e825f447f5c510b65bc90f660227688
# -- Specify the openvpn client image pull policy
pullPolicy: IfNotPresent
# -- WireGuard specific configuration
# @default -- See below
wireguardImage:
# -- Specify the WireGuard image
repository: tccr.io/truecharts/wireguard
# -- Specify the WireGuard image tag
tag: v1.0.20210914@sha256:9f56e5660e8df8d4d38521ed73a4cc29fa24bf578007bfbe633e00184e2ebfbc
# -- Specify the WireGuard image pull policy
pullPolicy: IfNotPresent
# -- Configure the ingresses for the chart here.
# Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress.
# @default -- See below
ingress:
main:
# -- Enables or disables the ingress
enabled: false
# -- Make this the primary ingress (used in probes, notes, etc...).
# If there is more than 1 ingress, make sure that only 1 ingress is marked as primary.
primary: true
# -- Ensure this ingress is always enabled.
required: false
# -- Override the name suffix that is used for this ingress.
nameOverride:
# -- Autolink the ingress to a service and port, both with the same name as the ingress.
autoLink: false
# -- disable to ignore any default middlwares
enableFixedMiddlewares: true
# -- set the Cert-Manager clusterissuer for this ingress
clusterIssuer: ""
# -- List of middlewares in the traefikmiddlewares k8s namespace to add automatically
# Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names
# Primarily used for TrueNAS SCALE to add additional (seperate) middlewares without exposing them to the end-user
fixedMiddlewares:
- chain-basic
# -- Additional List of middlewares in the traefikmiddlewares k8s namespace to add automatically
# Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names
middlewares: []
annotationsList: []
# - name: somename
# value: somevalue
# -- Provide additional annotations which may be required.
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
labelsList: []
# - name: somename
# value: somevalue
# -- Set labels on the deployment/statefulset/daemonset
# -- Provide additional labels which may be required.
# -- Provide additional labels which may be required.
labels: {}
# -- Set the ingressClass that is used for this ingress.
# Requires Kubernetes >=1.19
ingressClassName: # "nginx"
## Configure the hosts for the ingress
hosts:
- # -- Host address. Helm template can be passed.
host: chart-example.local
## Configure the paths for the host
paths:
- # -- Path. Helm template can be passed.
path: /
# -- Ignored if not kubeVersion >= 1.14-0
pathType: Prefix
service:
# -- Overrides the service name reference for this path
name:
# -- Overrides the service port reference for this path
port:
# -- Configure TLS for the ingress. Both secretName and hosts can process a Helm template.
# Gets ignored when clusterIssuer is filled
tls: []
# - secretName: chart-example-tls
# # Cannot be combined with scaleCert
# clusterIssuer: ""
# # Cannot be combined with clusterIssuer
# scaleCert: ""
# hosts:
# - chart-example.local
# -- BETA: Configure the gateway routes for the chart here.
# Additional routes can be added by adding a dictionary key similar to the 'main' route.
# Please be aware that this is an early beta of this feature, TrueCharts does not guarantee this actually works.
# Being BETA this can/will change in the future without notice, please do not use unless you want to take that risk
# [[ref]](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io%2fv1alpha2)
# @default -- See below
route:
main:
# -- Enables or disables the route
enabled: false
# -- Set the route kind
# Valid options are GRPCRoute, HTTPRoute, TCPRoute, TLSRoute, UDPRoute
kind: HTTPRoute
# -- Provide additional annotations which may be required.
annotations: {}
# -- Provide additional labels which may be required.
labels: {}
# -- Configure the resource the route attaches to.
parentRefs:
- # Group of the referent resource.
group: gateway.networking.k8s.io
# Kind of the referent resource.
kind: Gateway
# Name of the referent resource
name:
# Namespace of the referent resource
namespace:
# Name of the section within the target resource.
sectionName:
# -- Host addresses
hostnames: []
# -- Configure rules for routing. Defaults to the primary service.
rules:
- # -- Configure backends where matching requests should be sent.
backendRefs:
- group: ""
kind: Service
name:
namespace:
port:
weight: 1
## Configure conditions used for matching incoming requests. Only for HTTPRoutes
matches:
- path:
type: PathPrefix
value: /
metrics:
main:
enabled: false
primary: true
# options: servicemonitor, podmonitor
type: "servicemonitor"
# defaults to selectorLabels
selector: {}
endpoints:
- port: main
interval: 5s
scrapeTimeout: 5s
path: /
honorLabels: false
prometheusRule:
enabled: false
groups: {}
# somegroup:
# # list of rules
# rules: []
# # list to support adding rules via the SCALE GUI without overwrithing the rules
# additionalrules: []
# List to support adding groups using the SCALE GUI
additionalgroups:
#- name: "somegroup"
# # list of rules
# rules: []
# # list to support adding rules via the SCALE GUI without overwrithing the rules
# additionalrules: []
# -- Contains specific settings for helm charts containing or using operators
operator:
# -- Adds a configmap in tc-system namespace to register this chart as an operator
register: false
# -- Verified wether required operators for this chart are actually installed and registered
verify:
enabled: true
# -- a list of extra operators to check for
additionalOperators: []
# -- The common chart supports several add-ons. These can be configured under this key.
# @default -- See below
addons:
# -- The common chart supports adding a VPN add-on. It can be configured under this key.
# @default -- See values.yaml
vpn:
# -- Specify the VPN type. Valid options are disabled, gluetun, openvpn, wireguard or tailscale
# OpenVPN and Wireguard are considered deprecated
type: disabled
# -- Tailscale specific configuration
# @default -- See below
# See more info for the configuration
# https://github.com/tailscale/tailscale/blob/main/docs/k8s/run.sh
tailscale:
# -- Auth key to connect to the VPN Service
authkey: ""
# As a sidecar, it should only need to run in userspace
userspace: true
auth_once: true
accept_dns: false
routes: ""
dest_ip: ""
sock5_server: ""
extra_args: ""
daemon_extra_args: ""
outbound_http_proxy_listen: ""
# -- Annotations for tailscale sidecar
annotations: {}
# -- OpenVPN specific configuration
# @default -- See below
openvpn:
# -- Credentials to connect to the VPN Service (used with -a)
# Only using password is enough
username: ""
password: ""
# -- All variables specified here will be added to the vpn sidecar container
# See the documentation of the VPN image for all config values
env: {}
# TZ: UTC
# -- All variables specified here will be added to the vpn sidecar container
# See the documentation of the VPN image for all config values
envList: []
# - name: someenv
# value: somevalue
# -- you can directly specify the config file here
config: ""
scripts:
# -- you can directly specify the upscript here
up: ""
# some script
# -- you can directly specify the downscript here
down: ""
# some script
# -- Provide a customized vpn configuration file location to be used by the VPN.
configFile: ""
# -- Provide a customized vpn configuration folder location to be added to the VPN container
# The config file needs to be mounted seperately
# the upscript and downscript need to be named: upscript.sh and downscript.sh respectively
configFolder: ""
# -- Provide an existing secret for vpn config storage
existingSecret: ""
# -- select pods to bind vpn addon to
# Add "codeserver" to also add the codeserver pod to VPN
targetSelector:
- main
## Only for Wireguard and OpenVPN
killSwitch: true
excludedNetworks_IPv4: []
excludedNetworks_IPv6: []
# -- The common library supports adding a code-server add-on to access files. It can be configured under this key.
# @default -- See values.yaml
codeserver:
# -- Enable running a code-server container in the pod
enabled: false
# -- Set any environment variables for code-server here
env: {}
# -- All variables specified here will be added to the codeserver sidecar container
# See the documentation of the codeserver image for all config values
envList: []
# - name: someenv
# value: somevalue
# -- Set codeserver command line arguments.
# Consider setting --user-data-dir to a persistent location to preserve code-server setting changes
args:
- --auth
- none
# - --user-data-dir
# - "/config/.vscode"
# -- Specify the working dir that will be opened when code-server starts
# If not given, the app will default to the mountpah of the first specified volumeMount
workingDir: "/"
service:
# -- Enable a service for the code-server add-on.
enabled: true
type: ClusterIP
# Specify the default port information
ports:
codeserver:
enabled: true
primary: true
protocol: http
port: 12321
ingress:
# -- Enable an ingress for the code-server add-on.
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
labels: {}
hosts:
- host: code.chart-example.local
paths:
- path: /
# Ignored if not kubeVersion >= 1.14-0
pathType: Prefix
tls: []
# -- Select a container to add the addon to
targetSelector: ""
netshoot:
# -- Enable running a netshoot container in the pod
enabled: false
# -- Set any environment variables for netshoot here
env: {}
##
# This section contains some-preconfig for frequently used dependencies
##
cnpg:
main:
enabled: false
primary: true
# -- Puts the cnpg cluster in hibernation mode
hibernate: false
# -- number of instances for both postgres and pgbouncer
instances: 2
database: "app"
user: "app"
# password:
# superUserPassword:
# -- change to supervised to disable unsupervised updates
# Example of rolling update strategy:
# - unsupervised: automated update of the primary once all
# replicas have been upgraded (default)
# - supervised: requires manual supervision to perform
# the switchover of the primary
primaryUpdateStrategy: unsupervised
# -- enable to create extra pgbouncer for readonly access
acceptRO: false
# -- storage size for the two pvc's per instance
storage:
size: "256Gi"
walsize: "256Gi"
# -- Gets scaled to 0 if hibernation is true
pooler:
instances: 2
# -- set to enable prometheus metrics
monitoring:
enablePodMonitor: true
# -- contains credentials and urls output by generator
creds: {}
# -- contains postgresql settings
# ref: https://cloudnative-pg.io/documentation/1.19/postgresql_conf/#the-postgresql-section
postgresql: {}
# -- Redis dependency configuration
# @default -- See below
redis:
enabled: false
# -- can be used to make an easy accessable note which URLS to use to access the DB.
creds: {}
manifestManager:
enabled: false
secret:
credentials:
enabled: false
# -- mariadb dependency configuration
# @default -- See below
mariadb:
enabled: false
existingSecret: "mariadbcreds"
# -- can be used to make an easy accessable note which URLS to use to access the DB.
creds: {}
manifestManager:
enabled: false
# -- mongodb dependency configuration
# @default -- See below
mongodb:
enabled: false
existingSecret: "mongodbcreds"
# -- can be used to make an easy accessable note which URLS to use to access the DB.
creds: {}
manifestManager:
enabled: false
# -- clickhouse dependency configuration
# @default -- See below
clickhouse:
enabled: false
existingSecret: "clickhousecreds"
# -- can be used to make an easy accessable note which URLS to use to access the DB.
creds: {}
manifestManager:
enabled: false
# -- solr dependency configuration
# @default -- See below
solr:
enabled: false
solrCores: 1
solrEnableAuthentication: "no"
existingSecret: "solrcreds"
# -- can be used to make an easy accessable note which URLS to use to access the DB.
creds: {}
manifestManager:
enabled: false