# -- OpenVPN specific configuration # @default -- See below openvpnImage: # -- Specify the openvpn client image repository: ghcr.io/truecharts/openvpn-client # -- Specify the openvpn client image tag tag: latest@sha256:bc3a56b2c195a4b4ce5c67fb0c209f38036521ebd316df2a7d68b425b9c48b30 # -- Specify the openvpn client image pull policy pullPolicy: IfNotPresent # -- WireGuard specific configuration # @default -- See below wireguardImage: # -- Specify the WireGuard image repository: ghcr.io/truecharts/wireguard # -- Specify the WireGuard image tag tag: v1.0.20210914@sha256:b7ae4f80183858ed6379b6f8f76f8ef4f1b474b222b8057e091ba0b4e5f62999 # -- Specify the WireGuard image pull policy pullPolicy: IfNotPresent # -- promtail specific configuration # @default -- See below promtailImage: # -- Specify the promtail image repository: ghcr.io/truecharts/promtail # -- Specify the promtail image tag tag: v2.4.2@sha256:171e08dcdd1d6c09bff949c37ce4f4756b9ee0132f8d84631986faa223562a30 # -- Specify the promtail image pull policy pullPolicy: IfNotPresent # -- netshoot specific configuration # @default -- See below netshootImage: # -- Specify the netshoot image repository: ghcr.io/truecharts/netshoot # -- Specify the netshoot image tag tag: latest@sha256:505d3430ed7c1d43fed18dbd1177b76ecb6fc376113bc41d34da230c402a4855 # -- Specify the netshoot image pull policy pullPolicy: Always # -- codeserver specific configuration # @default -- See below codeserverImage: # -- Specify the code-server image repository: ghcr.io/truecharts/code-server # -- Specify the code-server image tag tag: v4.0.2@sha256:f97835402cf3006fcffb9e3a5cb64df8e78aa41ef4ba50a3158c9422229d2f7e # -- Specify the code-server image pull policy pullPolicy: IfNotPresent # -- alpine specific configuration # @default -- See below alpineImage: # -- Specify the Alpine image repository: ghcr.io/truecharts/alpine # -- Specify the Alpine image tag tag: v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c # -- Specify the Alpine image pull policy pullPolicy: IfNotPresent # -- postgresql specific configuration # @default -- See below postgresqlImage: # -- Specify the postgresql image repository: ghcr.io/truecharts/postgresql # -- Specify the postgresql image tag tag: v14.1.0@sha256:1eb6ede5a83b4f6d15633c98b49f813b39519e3233b72e5d212a76f7e29bcd17 # -- Specify the postgresql image pull policy pullPolicy: IfNotPresent global: # -- Set an override for the prefix of the fullname nameOverride: # -- Set the entire name definition fullnameOverride: isSCALE: false controller: # -- enable the controller. enabled: true # -- Set the controller type. # Valid options are deployment, daemonset or statefulset type: deployment # -- Set additional annotations on the deployment/statefulset/daemonset annotationsList: [] # - name: somename # value: somevalue # -- Set annotations on the deployment/statefulset/daemonset annotations: {} # -- Set additional labels on the deployment/statefulset/daemonset labelsList: [] # - name: somename # value: somevalue # -- Set labels on the deployment/statefulset/daemonset labels: {} # -- Number of desired pods replicas: 1 # -- Set the controller upgrade strategy # For Deployments, valid values are Recreate (default) and RollingUpdate. # For StatefulSets, valid values are OnDelete and RollingUpdate (default). # DaemonSets ignore this. strategy: rollingUpdate: # -- Set deployment RollingUpdate max unavailable unavailable: # -- Set deployment RollingUpdate max surge surge: # -- Set statefulset RollingUpdate partition partition: # -- ReplicaSet revision history limit revisionHistoryLimit: 3 image: # -- image repository repository: # -- image tag tag: # -- image pull policy pullPolicy: # -- Image Selector allows for easy picking a different image dict, important for the SCALE GUI imageSelector: "image" # -- Override the command(s) for the default container command: [] # -- Override the args for the default container args: [] # -- Add args in addition to the arguments set by default. # Primarily for the SCALE GUI extraArgs: [] # -- Set the primary portal for TrueNAS SCALE portal: # -- enable generation of the portal configmap enabled: false # -- Override Path using helm variables # path: '/' # -- Override the host, for example: by using a custom IP # host: 192.168.66.6 # -- Override the auotmatically gathered ingress port # ingressPort: 666 # -- Set additional annotations on the pod podAnnotationsList: [] # - name: somename # value: somevalue # # -- Set annotations on the pod podAnnotations: {} # -- Set additional labels on the pod podLabelsList: [] # - name: somename # value: somevalue # -- Set labels on the pod podLabels: {} # -- Determines whether containers in a pod runs with TTY enabled. tty: false # -- Determines whether containers in a pod runs with stdin enabled. stdin: false # -- Add a Horizontal Pod Autoscaler # @default -- autoscaling: enabled: false target: # deploymentname minReplicas: # 1 maxReplicas: # 100 targetCPUUtilizationPercentage: # 80 targetMemoryUtilizationPercentage: # 80 # -- Create serviceaccount # @default -- See below serviceAccount: # -- Specifies whether a service account should be created create: false # -- Annotations to add to the service account annotations: {} # -- The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" # -- Create a ClusterRole and ClusterRoleBinding # @default -- See below rbac: # -- Enables or disables the ClusterRole and ClusterRoleBinding enabled: false # -- Set Annotations on the ClusterRole clusterRoleLabels: {} # -- Set labels on the ClusterRole clusterRoleAnnotations: {} # -- Set Annotations on the ClusterRoleBinding clusterRoleBindingLabels: {} # -- Set labels on the ClusterRoleBinding clusterRoleBindingAnnotations: {} # -- Set Rules on the ClusterRole rules: {} # -- Add subjects to the ClusterRoleBinding. # includes the above created serviceaccount subjects: {} # -- Configure networkPolicy for the chart here. # @default -- See below networkPolicy: # -- Enables or disables the networkPolicy enabled: false # customizes the podSelector (defaults to the helm-chart selector-labels # podSelector: # -- add or remove Policy types. Options: ingress, egress, ingress-egress policyType: "" # -- add or remove egress policies egress: [] # -- add or remove egress policies ingress: [] # -- Use this directly attach a pod to a SCALE interface. # Please be aware: This bypasses k8s services externalInterfaces: [] # - hostInterface: "ens3" # ipam: # type: "dhcp" # - hostInterface: "br0" # ipam: # type: "static" # staticIPConfigurations: # - "192.168.0.120/24" # staticRoutes: # - destination: "0.0.0.0/0" # gateway: "192.168.0.1" # -- Use this to populate a secret with the values you specify. # Be aware that these values are not encrypted by default, and could therefore visible # to anybody with access to the values.yaml file. secret: {} # PASSWORD: my-password # -- Main environment variables. Template enabled. # Syntax options: # A) TZ: UTC # B) PASSWD: '{{ .Release.Name }}' # C) PASSWD: # envFrom: # ... env: {} ## Variables with values set from templates, example ## With a release name of: demo, the example env value will be: demo-admin envTpl: {} # TEMPLATE_VALUE: "{{ .Release.Name }}-admin" ## Variables with values from (for example) the Downward API ## See https://kubernetes.io/docs/tasks/inject-data-application/environment-variable-expose-pod-information/ envValueFrom: {} # NODE_NAME: # fieldRef: # fieldPath: spec.nodeName envFrom: [] # - configMapRef: # name: config-map-name # - secretRef: # name: secret-name # -- Custom priority class for different treatment by the scheduler priorityClassName: # system-node-critical # -- Allows specifying a custom scheduler name schedulerName: # awkward-dangerous-scheduler # -- Allows specifying explicit hostname setting hostname: # -- When using hostNetwork make sure you set dnsPolicy to `ClusterFirstWithHostNet` hostNetwork: false # -- Defaults to "ClusterFirst" if hostNetwork is false and "ClusterFirstWithHostNet" if hostNetwork is true. dnsPolicy: # ClusterFirst # -- Optional DNS settings, configuring the ndots option may resolve nslookup issues on some Kubernetes setups. dnsConfig: options: - name: ndots value: "1" nameservers: [] searches: [] # -- Enable/disable the generation of environment variables for services. # [[ref]](https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service) enableServiceLinks: false # -- Can be used to set securityContext.capabilities outside of the GUI on TrueNAS SCALE customCapabilities: drop: [] add: [] # -- Configure the Security Context for the Pod podSecurityContext: runAsUser: 568 runAsGroup: 568 fsGroup: 568 supplementalGroups: [] fsGroupChangePolicy: OnRootMismatch # -- Configure the Security Context for the main container securityContext: privileged: false readOnlyRootFilesystem: true allowPrivilegeEscalation: false runAsNonRoot: true capabilities: drop: [] add: [] # -- Configure the lifecycle for the main container lifecycle: {} # -- These containers will be run, as an initcontainer, a single time at install only. installContainers: {} # -- These containers will be run, as an initcontainer, a single time at each edit or update of the chart. upgradeContainers: {} # -- Specify any initContainers here as dictionary items. Each initContainer should have its own key. # The dictionary item key will determine the order. Helm templates can be used. initContainers: {} # -- Specify any additional containers here as dictionary items. Each additional container should have its own key. # Helm templates can be used. additionalContainers: {} # -- Probe configuration # -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) # @default -- See below probes: # -- Liveness probe configuration # @default -- See below liveness: # -- Enable the liveness probe enabled: true # -- Set this to `true` if you wish to specify your own livenessProbe custom: false # -- sets the probe type when not using a custom probe # @default -- "TCP" type: TCP # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used # @default -- "/" path: "/" # -- The spec field contains the values for the default livenessProbe. # If you selected `custom: true`, this field holds the definition of the livenessProbe. # @default -- See below spec: initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 5 # -- Redainess probe configuration # @default -- See below readiness: # -- Enable the readiness probe enabled: true # -- Set this to `true` if you wish to specify your own readinessProbe custom: false # -- sets the probe type when not using a custom probe # @default -- "TCP" type: TCP # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used # @default -- "/" path: "/" # -- The spec field contains the values for the default readinessProbe. # If you selected `custom: true`, this field holds the definition of the readinessProbe. # @default -- See below spec: initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 5 # -- Startup probe configuration # @default -- See below startup: # -- Enable the startup probe enabled: true # -- Set this to `true` if you wish to specify your own startupProbe custom: false # -- sets the probe type when not using a custom probe # @default -- "TCP" type: TCP # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used # @default -- "/" path: "/" # -- The spec field contains the values for the default startupProbe. # If you selected `custom: true`, this field holds the definition of the startupProbe. # @default -- See below spec: initialDelaySeconds: 10 timeoutSeconds: 2 ## This means it has a maximum of 5*30=150 seconds to start up before it fails periodSeconds: 5 failureThreshold: 60 termination: # -- Configure the path at which the file to which the main container's termination message will be written. # -- [[ref](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#lifecycle-1)] messagePath: # -- Indicate how the main container's termination message should be populated. # Valid options are `File` and `FallbackToLogsOnError`. # -- [[ref](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#lifecycle-1)] messagePolicy: # -- Duration in seconds the pod needs to terminate gracefully # -- [[ref](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#lifecycle)] gracePeriodSeconds: 10 # -- Configure additional services for the chart here. # @default -- See below serviceList: [] # -- Configure the services for the chart here. # Additional services can be added by adding a dictionary key similar to the 'main' service. # @default -- See below service: main: # -- Enables or disables the service enabled: true # -- Make this the primary service (used in probes, notes, etc...). # If there is more than 1 service, make sure that only 1 service is marked as primary. primary: true # -- Override the name suffix that is used for this service nameOverride: # -- Override default selector selector: {} # -- Set the service type # Options: Simple(Loadbalancer), LoadBalancer, ClusterIP, NodePort type: ClusterIP annotationsList: [] # - name: somename # value: somevalue # -- Provide additional annotations which may be required. annotations: {} labelsList: [] # - name: somename # value: somevalue # -- Set labels on the deployment/statefulset/daemonset # -- Provide additional labels which may be required. labels: {} # -- Configure additional Service port information here. # @default -- See below portsList: [] # -- Specify the ip policy. Options: SingleStack, PreferDualStack, RequireDualStack ipFamilyPolicy: SingleStack # -- The ip families that should be used. Options: IPv4, IPv6 ipFamilies: [ ] # -- Configure the Service port information here. # Additional ports can be added by adding a dictionary key similar to the 'http' service. # @default -- See below ports: main: # -- Enables or disables the port enabled: true # -- Make this the primary port (used in probes, notes, etc...) # If there is more than 1 service, make sure that only 1 port is marked as primary. primary: true # -- The port number port: # -- Port protocol. # Support values are `HTTP`, `HTTPS`, `TCP` and `UDP`. # HTTPS and HTTPS spawn a TCP service and get used for internal URL and name generation protocol: HTTP # -- Specify a service targetPort if you wish to differ the service port from the application port. # If `targetPort` is specified, this port number is used in the container definition instead of # the `port` value. Therefore named ports are not supported for this field. targetPort: # -- Specify the nodePort value for the LoadBalancer and NodePort service types. # [[ref]](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport) nodePort: # -- Configure ingressList for the chart here. # Additional items can be added by adding a items similar to ingress # @default -- [] ingressList: [] # -- Configure the ingresses for the chart here. # Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress. # @default -- See below ingress: main: # -- Enables or disables the ingress enabled: false # -- Make this the primary ingress (used in probes, notes, etc...). # If there is more than 1 ingress, make sure that only 1 ingress is marked as primary. primary: true # -- Override the name suffix that is used for this ingress. nameOverride: # -- Autolink the ingress to a service and port, both with the same name as the ingress. autoLink: false # -- disable to ignore any default middlwares enableFixedMiddlewares: true # -- List of middlewares in the traefikmiddlewares k8s namespace to add automatically # Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names # Primarily used for TrueNAS SCALE to add additional (seperate) middlewares without exposing them to the end-user fixedMiddlewares: - chain-basic # -- Additional List of middlewares in the traefikmiddlewares k8s namespace to add automatically # Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names middlewares: [] annotationsList: [] # - name: somename # value: somevalue # -- Provide additional annotations which may be required. annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" labelsList: [] # - name: somename # value: somevalue # -- Set labels on the deployment/statefulset/daemonset # -- Provide additional labels which may be required. # -- Provide additional labels which may be required. labels: {} # -- Set the ingressClass that is used for this ingress. # Requires Kubernetes >=1.19 ingressClassName: # "nginx" ## Configure the hosts for the ingress hosts: - # -- Host address. Helm template can be passed. host: chart-example.local ## Configure the paths for the host paths: - # -- Path. Helm template can be passed. path: / # -- Ignored if not kubeVersion >= 1.14-0 pathType: Prefix service: # -- Overrides the service name reference for this path name: # -- Overrides the service port reference for this path port: # -- Configure TLS for the ingress. Both secretName and hosts can process a Helm template. tls: [] # - secretName: chart-example-tls # -- Create a secret from a GUI selected TrueNAS SCALE certificate # scaleCert: true # hosts: # - chart-example.local # -- Configure persistenceList for the chart here. # Used to create an additional GUI element in SCALE for mounting USB devices # Additional items can be added by adding a items similar to persistence # @default -- [] deviceList: [] # -- Configure persistenceList for the chart here. # Additional items can be added by adding a items similar to persistence # @default -- [] persistenceList: [] # -- Configure configMaps for the chart here. # Additional configMaps can be added by adding a dictionary key similar to the 'config' object. # @default -- See below configmap: config: # -- Enables or disables the configMap enabled: false # -- Labels to add to the configMap labels: {} # -- Annotations to add to the configMap annotations: {} # -- configMap data content. Helm template enabled. data: {} # foo: bar # -- Configure persistence for the chart here. # Additional items can be added by adding a dictionary key similar to the 'config' key. # @default -- See below persistence: # -- Default persistence for configuration files. # @default -- See below config: # -- Enables or disables the persistence item enabled: false annotationsList: [] # - name: somename # value: somevalue # -- Add annotations to PVC object annotations: {} labelsList: [] # - name: somename # value: somevalue # -- Set labels on the deployment/statefulset/daemonset # -- Provide additional labels which may be required. # -- Add labels to PVC object labels: {} # -- Sets the persistence type # Valid options are: simplePVC, simpleHP, pvc, emptyDir, secret, configMap, hostPath or custom type: pvc # -- force the complete PVC name # Will not add any prefix or suffix forceName: "" # -- Where to mount the volume in the main container. # Defaults to `/`, # setting to '-' creates the volume but disables the volumeMount. mountPath: # /config # -- Specify if the volume should be mounted read-only. readOnly: false # -- Override the name suffix that is used for this volume. nameOverride: # -- Storage Class for the config volume. # If set to `-`, dynamic provisioning is disabled. # If set to `SCALE-ZFS`, the default provisioner for TrueNAS SCALE is used. # If set to something else, the given storageClass is used. # If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. storageClass: # "-" # -- If you want to reuse an existing claim, the name of the existing PVC can be passed here. existingClaim: # your-claim # -- Used in conjunction with `existingClaim`. Specifies a sub-path inside the referenced volume instead of its root subPath: # some-subpath # mountPropagation: {} # -- AccessMode for the persistent volume. # Make sure to select an access mode that is supported by your storage provider! # [[ref]](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) accessMode: ReadWriteOnce # -- The amount of storage that is requested for the persistent volume. size: 999Gi # - Set to true to retain the PVC upon `helm uninstall` retain: false # -- Create an emptyDir volume to share between all containers # [[ref]]https://kubernetes.io/docs/concepts/storage/volumes/#emptydir) # @default -- See below shared: enabled: true type: emptyDir mountPath: /shared # -- Set the medium to "Memory" to mount a tmpfs (RAM-backed filesystem) instead # of the storage medium that backs the node. medium: # Memory # -- If the `SizeMemoryBackedVolumes` feature gate is enabled, you can # specify a size for memory backed volumes. sizeLimit: # 1Gi # -- Create an emptyDir volume to share between all containers # [[ref]]https://kubernetes.io/docs/concepts/storage/volumes/#emptydir) # @default -- See below varlogs: enabled: true type: emptyDir mountPath: /var/logs # -- Set the medium to "Memory" to mount a tmpfs (RAM-backed filesystem) instead # of the storage medium that backs the node. medium: # Memory # -- If the `SizeMemoryBackedVolumes` feature gate is enabled, you can # specify a size for memory backed volumes. sizeLimit: # 1Gi # -- Create an emptyDir volume to share between all containers for temporary storage # @default -- See below temp: enabled: true type: emptyDir mountPath: /tmp # -- Set the medium to "Memory" to mount a tmpfs (RAM-backed filesystem) instead # of the storage medium that backs the node. medium: Memory # -- If the `SizeMemoryBackedVolumes` feature gate is enabled, you can # specify a size for memory backed volumes. sizeLimit: # 1Gi # -- Create an emptyDir volume to share between all containers # [[ref]]https://kubernetes.io/docs/concepts/storage/volumes/#emptydir) # @default -- See below varrun: enabled: false type: emptyDir mountPath: /var/run # -- Set the medium to "Memory" to mount a tmpfs (RAM-backed filesystem) instead # of the storage medium that backs the node. medium: Memory # -- If the `SizeMemoryBackedVolumes` feature gate is enabled, you can # specify a size for memory backed volumes. sizeLimit: # 1Gi # -- Example of a hostPath mount # [[ref]]https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) # @default -- See below host-dev: enabled: false type: hostPath # -- Which path on the host should be mounted. hostPath: /dev # -- Automatic set permissions using chown and chmod setPermissions: false # -- Where to mount the path in the main container. # Defaults to the value of `hostPath` mountPath: "" # /myDev # -- Specifying a hostPathType adds a check before trying to mount the path. # See Kubernetes documentation for options. hostPathType: "" # -- Specify if the path should be mounted read-only. readOnly: true # -- Example of a Simple hostPath mount # [[ref]]https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) # @default -- See below host-simple-dev: enabled: false type: simpleHP # -- Which path on the host should be mounted. hostPathSimple: /dev # -- Automatic set permissions using chown and chmod setPermissionsSimple: false # -- Where to mount the path in the main container. # Defaults to the value of `hostPath` mountPath: "" # /myDev # -- Specifying a hostPathType adds a check before trying to mount the path. # See Kubernetes documentation for options. hostPathType: "" # -- Specify if the path should be mounted read-only. readOnly: true # -- Example of a custom mount # @default -- See below custom-mount: enabled: false type: custom # -- Where to mount the volume in the main container. # Defaults to `/`, # setting to '-' creates the volume but disables the volumeMount. mountPath: # /custom-mount # -- Specify if the volume should be mounted read-only. readOnly: false # -- Define the custom Volume spec here # [[ref]](https://kubernetes.io/docs/concepts/storage/volumes/) volumeSpec: {} # configMap: # defaultMode: 420 # name: my-settings # -- Example of a configmap mount # @default -- See below configmap-example: enabled: false type: configMap # -- Specify the name of the configmap object to be mounted objectName: myconfig-map # -- Where to mount the volume in the main container. # Defaults to `/`, # setting to '-' creates the volume but disables the volumeMount. mountPath: # /custom-mount # -- Specify if the volume should be mounted read-only. readOnly: false # -- Example of a secret mount # @default -- See below secret-example: enabled: false type: secret # -- Specify the name of the secret object to be mounted objectName: mysecret # -- Where to mount the volume in the main container. # Defaults to `/`, # setting to '-' creates the volume but disables the volumeMount. mountPath: # /custom-mount # -- Specify if the volume should be mounted read-only. readOnly: false # -- define the default mount mode for the secret defaultMode: 777 # -- Define the secret items to be mounted items: - key: username path: my-group/my-username # -- Used in conjunction with `controller.type: statefulset` to create individual disks for each instance. volumeClaimTemplates: [] # data: # mountPath: /data # accessMode: "ReadWriteOnce" # size: 1Gi ## Or use a list # - name: backup # mountPath: /backup # subPath: theSubPath # accessMode: "ReadWriteOnce" # size: 2Gi # storageClass: cheap-storage-class # -- Node selection constraint # [[ref]](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) nodeSelector: {} # -- Defines affinity constraint rules. # [[ref]](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) affinity: {} # -- Defines topologySpreadConstraint rules. # [[ref]](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) topologySpreadConstraints: [] # - maxSkew: # topologyKey: # whenUnsatisfiable: # labelSelector: # -- Specify taint tolerations # [[ref]](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) tolerations: [] # -- Use hostAliases to add custom entries to /etc/hosts - mapping IP addresses to hostnames. # [[ref]](https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/) hostAliases: [] # - ip: "192.168.1.100" # hostnames: # - "example.com" # - "www.example.com" # -- Set the resource requests / limits for the main container. resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: cpu: 4000m memory: 8Gi requests: cpu: 10m memory: 50Mi # -- The common chart supports several add-ons. These can be configured under this key. # @default -- See below addons: # -- The common chart supports adding a VPN add-on. It can be configured under this key. # For more info, check out [our docs](http://docs.k8s-at-home.com/our-helm-charts/common-library-add-ons/#wireguard-vpn) # @default -- See values.yaml vpn: # -- Specify the VPN type. Valid options are disabled, openvpn or wireguard type: disabled # -- OpenVPN specific configuration # @default -- See below openvpn: # -- Credentials to connect to the VPN Service (used with -a) # Only using password is enough username: "" password: "" killSwitch: true excludedNetworks_IPv4: [] excludedNetworks_IPv6: [] # -- Set the VPN container specific securityContext # @default -- See values.yaml securityContext: {} # -- All variables specified here will be added to the vpn sidecar container # See the documentation of the VPN image for all config values env: {} # TZ: UTC # -- All variables specified here will be added to the vpn sidecar container # See the documentation of the VPN image for all config values envList: [] #- name: someenv # value: somevalue # -- Provide a customized vpn configuration file to be used by the VPN. configFile: enabled: true type: hostPath # -- Which path on the host should be mounted. hostPath: /vpn/vpn.conf noMount: true # -- Specifying a hostPathType adds a check before trying to mount the path. # See Kubernetes documentation for options. hostPathType: "File" # -- The common library supports adding a code-server add-on to access files. It can be configured under this key. # For more info, check out [our docs](http://docs.k8s-at-home.com/our-helm-charts/common-library-add-ons/#code-server) # @default -- See values.yaml codeserver: # -- Enable running a code-server container in the pod enabled: false # -- Set any environment variables for code-server here env: {} # TZ: UTC # -- All variables specified here will be added to the codeserver sidecar container # See the documentation of the codeserver image for all config values envList: [] #- name: someenv # value: somevalue # -- Set codeserver command line arguments. # Consider setting --user-data-dir to a persistent location to preserve code-server setting changes args: - --auth - none # - --user-data-dir # - "/config/.vscode" # -- Specify the working dir that will be opened when code-server starts # If not given, the app will default to the mountpah of the first specified volumeMount workingDir: "/" # -- Optionally allow access a Git repository by passing in a private SSH key # @default -- See below git: # -- Raw SSH private key deployKey: "" # -- Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence. deployKeyBase64: "" # -- Existing secret containing SSH private key # The chart expects it to be present under the `id_rsa` key. deployKeySecret: "" service: # -- Enable a service for the code-server add-on. enabled: true type: ClusterIP # Specify the default port information ports: codeserver: port: 12321 enabled: true protocol: TCP targetPort: codeserver ## Specify the nodePort value for the LoadBalancer and NodePort service types. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport ## # nodePort: 36107 ingress: # -- Enable an ingress for the code-server add-on. enabled: false annotations: {} # kubernetes.io/ingress.class: nginx labels: {} hosts: - host: code.chart-example.local paths: - path: / # Ignored if not kubeVersion >= 1.14-0 pathType: Prefix tls: [] # -- The common library supports adding a promtail add-on to to access logs and ship them to loki. It can be configured under this key. # @default -- See values.yaml promtail: # -- Enable running a promtail container in the pod enabled: false # -- Set any environment variables for promtail here env: {} # -- All variables specified here will be added to the promtail sidecar container # See the documentation of the promtail image for all config values envList: [] #- name: someenv # value: somevalue # -- Set promtail command line arguments args: [] # -- The URL to Loki loki: "" # -- The paths to logs on the volume logs: [] # - name: log # path: /config/logs/*.log securityContext: runAsUser: 0 # -- The common library supports adding a netshoot add-on to troubleshoot network issues within a Pod. It can be configured under this key. # @default -- See values.yaml netshoot: # -- Enable running a netshoot container in the pod enabled: false # -- Set any environment variables for netshoot here env: {} # -- All variables specified here will be added to the netshoot sidecar container # See the documentation of the netshoot image for all config values envList: [] #- name: someenv # value: somevalue ## # This section contains some-preconfig for frequently used dependencies ## # -- Postgresql dependency configuration # @default -- See below postgresql: enabled: false existingSecret: "dbcreds" # -- can be used to make an easy accessable note which URLS to use to access the DB. url: {} # -- Redis dependency configuration # @default -- See below redis: enabled: false existingSecret: "rediscreds" # -- can be used to make an easy accessable note which URLS to use to access the DB. url: {} # -- mariadb dependency configuration # @default -- See below mariadb: enabled: false existingSecret: "mariadbcreds" # -- can be used to make an easy accessable note which URLS to use to access the DB. url: {}