image:
  repository: tccr.io/truecharts/netbox
  tag: 3.4.8@sha256:17e52535055ca6246132d98bcc94b6b01c8aef64faa52f8769e0e95dd1909773
  pullPolicy: IfNotPresent

securityContext:
  readOnlyRootFilesystem: false
  runAsNonRoot: false

podSecurityContext:
  runAsUser: 0
  runAsGroup: 0

probes:
  liveness:
    type: HTTP
    path: /api
  readiness:
    type: HTTP
    path: /api
  startup:
    type: HTTP
    path: /api
    # Gives some time for app to run db migrations
    initialDelaySeconds: 60

service:
  main:
    ports:
      main:
        port: 10265
        protocol: HTTP
        targetPort: 8080

netbox:
  # -- This is a list of valid fully-qualified domain names (FQDNs) for the NetBox server. NetBox will not permit write
  # access to the server via any other hostnames. The first FQDN in the list will be treated as the preferred name.
  # 127.0.0.1 added automatically
  allowed_hosts:
    []
    # - netbox.example.com
  # - URL schemes that are allowed within links in NetBox
  allowed_urls_schemes:
    []
    # - file
    # - ftp
  # -- Specify one or more name and email address tuples representing NetBox administrators. These people will be notified of
  # application errors (assuming correct email settings are provided).
  admins:
    []
    # - name: John Doe
    #   email: jdoe@example.com
  # -- Enable any desired validators for local account passwords below. For a list of included validators, please see the
  # Django documentation at https://docs.djangoproject.com/en/stable/topics/auth/passwords/#password-validation.
  auth_password_validators:
    []
    # - name: django.contrib.auth.password_validation.MinimumLengthValidator
    #   options:
    #     - key: min_length
    #       value: 10
  banner:
    # -- Optionally display a persistent banner at the top of every page.
    top: ""
    # -- Optionally display a persistent banner at the bottom of every page.
    bottom: ""
    # -- Text to include on the login page above the login form. HTML is allowed
    login: ""
  retention:
    # -- Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely.
    changelog: 90
    # -- Maximum number of days to retain job results (scripts and reports). Set to 0 to retain job results in the database indefinitely.
    job_result: 90
  # -- When determining the primary IP address for a device, IPv6 is preferred over IPv4 by default.
  prefer_ipv4: false
  # -- Enforcement of unique IP space can be toggled on a per-VRF basis. To enforce unique IP space within the global table
  enforce_global_unique: true
  # - API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be
  # - allowed. Otherwise, define a list of allowed origins using either CORS_ORIGIN_WHITELIST or
  # - CORS_ORIGIN_REGEX_WHITELIST. For more information, see https://github.com/ottoyiu/django-cors-headers
  cors_origin_allow_all: false
  cors_origin_whitelist:
    []
    # - "127.0.0.1"
  cors_origin_regex_whitelist:
    []
    # - r'^(https?://)?(\w+\.)?example\.com$'
  debug: false
  email:
    server: ""
    port: 587
    username: ""
    password: ""
    use_ssl: false
    use_tls: true
    timeout: 10
    from_email: ""
  # -- Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and
  # by anonymous users. List models in the form `<app>.<model>`. Add '*' to this list to exempt all models.
  exempt_view_permissions:
    []
    # - dcim.site
    # - dcim.region
    # - ipam.prefix
  # - HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks).
  http_proxies:
    []
    # - key: http
    #   url: http://10.10.1.10:3128
    # - key: https
    #   url: http://10.10.1.10:1080
  # -- IP addresses recognized as internal to the system. The debugging toolbar will be available only to clients accessing
  # NetBox from an internal IP. (127.0.0.1 and ::1) added automatically
  internal_ips:
    []
    # - "10.10.10.5"
  # -- Automatically reset the lifetime of a valid session upon each authenticated request. Enables users to remain
  # authenticated to NetBox indefinitely.
  login_persistence: false
  # -- Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users
  # are permitted to access most data in NetBox but not make any changes.
  login_required: true
  # -- The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to
  # re-authenticate. (Default: 1209600 [14 days])
  login_timeout: 1209600
  # -- Enable GraphQL API.
  graphql_enabled: true
  # -- Maps provider
  maps_url: https://maps.google.com/?q=
  # -- An API consumer can request an arbitrary number of objects =by appending the "limit" parameter to the URL (e.g.
  # "?limit=1000"). This setting defines the maximum limit. Setting it to 0 or None will allow an API consumer to request
  # all objects by specifying "?limit=0".
  max_page_size: 1000
  # -- Determine how many objects to display per page within a list. (Default: 50)
  paginate_count: 50
  powerfeed:
    # -- The default value for the amperage field when creating new power feeds.
    default_amperage: 15
    # -- The default value (percentage) for the max_utilization field when creating new power feeds.
    default_max_utilization: 80
    # -- The default value for the voltage field when creating new power feeds.
    default_voltage: 120
  # -- Rack elevation size defaults, in pixels. For best results, the ratio of width to height should be roughly 10:1.
  rack:
    elevation_default_unit_height: 22
    elevation_default_unit_width: 220
  # -- Credentials that NetBox will uses to authenticate to devices when connecting via NAPALM.
  napalm:
    username: ""
    password: ""
    timeout: 30
    # -- NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments).
    args:
      []
      # - arg: allow_agent
      #   value: "False"
  # -- Cross-Site-Request-Forgery-Attack settings. If Netbox is sitting behind a reverse proxy, you might need to set this
  csrf_trusted_origin:
    []
    # - https://netbox.mydomain.com
  # -- The name to use for the session cookie.
  session_cookie_name: sessionid
  # -- The name to use for the csrf token cookie.
  csrf_cookie_name: csrftoken
  # -- By default uploaded media is stored on the local filesystem. Using Django-storages is also supported. Provide the
  # class path of the storage driver in storage_backend and any configuration options in storage_config. For example:
  # Example storages.backends.s3boto3.S3Boto3Storage
  storage_backend: ""
  storage_config:
    []
    # - key: AWS_ACCESS_KEY_ID
    #   value: KeyID
    # - key: AWS_SECRET_ACCESS_KEY
    #   value: Secret
    # - key: AWS_STORAGE_BUCKET_NAME
    #   value: netbox
    # - key: AWS_S3_REGION_NAME
    #   value: eu-west-1
  # -- Plugins configuration settings. These settings are used by various plugins that the user may have installed.
  plugin_config:
    # - plugin_name: plugin1
    #   enabled: false
    #   config:
    #     - key: foo
    #       value: bar
    #     - key: fizz
    #       value: bizz
  # -- Maximum execution time for background tasks, in seconds.
  rq_default_timeout: 300
  # -- Remote authentication support
  remote_auth:
    {}
    # enabled: false
    # backend: netbox.authentication.RemoteUserBackend
    # header: header
    # auto_create_user: false
    # default_groups: []
    # default_permissions:
    #   - key: dcim.change_site
    #     value: None
  # -- Date/time formatting. See the following link for supported formats:
  # https://docs.djangoproject.com/en/stable/ref/templates/builtins/#date
  date_time:
    date_format: N j, Y
    short_date_format: Y-m-d
    time_format: g:i a
    short_time_format: H:i:s
    date_time_format: N j, Y g:i a
    short_date_time_format: Y-m-d H:i

metrics:
  # -- Enable and configure a Prometheus serviceMonitor for the chart under this key.
  # @default -- See values.yaml
  enabled: false
  serviceMonitor:
    interval: 1m
    scrapeTimeout: 30s
    labels: {}
  # -- Enable and configure Prometheus Rules for the chart under this key.
  # @default -- See values.yaml
  prometheusRule:
    enabled: false
    labels: {}
    # -- Configure additionial rules for the chart under this key.
    # @default -- See prometheusrules.yaml
    rules:
      []
      # - alert: UnifiPollerAbsent
      #   annotations:
      #     description: Unifi Poller has disappeared from Prometheus service discovery.
      #     summary: Unifi Poller is down.
      #   expr: |
      #     absent(up{job=~".*unifi-poller.*"} == 1)
      #   for: 5m
      #   labels:
      #     severity: critical

persistence:
  config:
    enabled: true
    mountPath: /etc/netbox/config
  reports:
    enabled: true
    mountPath: /etc/netbox/reports
  scripts:
    enabled: true
    mountPath: /etc/netbox/scripts
  media:
    enabled: true
    mountPath: /opt/netbox/netbox/media
  configfile:
    enabled: true
    type: secret
    objectName: '{{ include "tc.common.names.fullname" . }}-secret'
    mountPath: /etc/netbox/config/01-config.py
    subPath: config.py

postgresql:
  enabled: true
  existingSecret: dbcreds
  postgresqlUsername: netbox
  postgresqlDatabase: netbox

redis:
  enabled: true
  existingSecret: rediscreds

portal:
  enabled: true