# type: options are deployment, daemonset or statefulset controllerType: deployment # Set annotations on the deployment/statefulset/daemonset controllerAnnotations: {} # Set labels on the deployment/statefulset/daemonset controllerLabels: {} replicas: 1 strategy: ## For Deployments, valid values are Recreate and RollingUpdate ## For StatefulSets, valid values are OnDelete and RollingUpdate ## DaemonSets ignore this type: RollingUpdate # Override the default command command: [] # Override the default args args: [] nameOverride: "" fullnameOverride: "" # Set annotations on the pod podAnnotations: {} serviceAccount: # Specifies whether a service account should be created create: false # Annotations to add to the service account annotations: {} # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" env: {} # TZ: UTC ## Variables with values set from templates, example ## With a release name of: demo, the example env value will be: demo-admin envTpl: {} # TEMPLATE_VALUE: "{{ .Release.Name }}-admin" ## Variables with values from (for example) the Downward API ## See https://kubernetes.io/docs/tasks/inject-data-application/environment-variable-expose-pod-information/ envValueFrom: {} # NODE_NAME: # fieldRef: # fieldPath: spec.nodeName envFrom: [] # - configMapRef: # name: config-map-name # - secretRef: # name: secret-name # Custom priority class for different treatment by the scheduler # priorityClassName: system-node-critical # Allow specifying a custom scheduler name # schedulerName: awkward-dangerous-scheduler # Allow specifying explicit hostname setting # hostname: # When using hostNetwork make sure you set dnsPolicy to ClusterFirstWithHostNet hostNetwork: false dnsPolicy: ClusterFirst # Optional DNS settings, configuring the ndots option may resolve # nslookup issues on some Kubernetes setups. # dnsConfig: # options: # - name: ndots # value: "1" # Enable/disable the generation of environment variables for services. # See https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service # for more information. enableServiceLinks: true # Configure the Security Context for the Pod podSecurityContext: {} # Configure the Security Context for the main container securityContext: {} initContainers: [] additionalContainers: [] ## Probes configuration probes: liveness: enabled: true ## Set this to true if you wish to specify your own livenessProbe custom: false ## The spec field contains the values for the default livenessProbe. ## If you selected custom: true, this field holds the definition of the livenessProbe. spec: initialDelaySeconds: 0 periodSeconds: 10 timeoutSeconds: 10 failureThreshold: 5 readiness: enabled: true ## Set this to true if you wish to specify your own readinessProbe custom: false ## The spec field contains the values for the default readinessProbe. ## If you selected custom: true, this field holds the definition of the readinessProbe. spec: initialDelaySeconds: 0 periodSeconds: 10 timeoutSeconds: 10 failureThreshold: 5 startup: enabled: true ## Set this to true if you wish to specify your own startupProbe custom: false ## The spec field contains the values for the default startupProbe. ## If you selected custom: true, this field holds the definition of the startupProbe. spec: initialDelaySeconds: 0 timeoutSeconds: 10 ## This means it has a maximum of 5*30=150 seconds to start up before it fails periodSeconds: 5 failureThreshold: 120 service: enabled: true type: ClusterIP ## Specify the default port information port: port: ## name defaults to http name: protocol: TCP ## Specify a service targetPort if you wish to differ the service port from the application port. ## If targetPort is specified, this port number is used in the container definition instead of ## service.port.port. Therefore named ports are not supported for this field. targetPort: ## Specify the nodePort value for the LoadBalancer and NodePort service types. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport ## # nodePort: additionalPorts: [] ## Provide any additional annotations which may be required. This can be used to ## set the LoadBalancer service type to internal only. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## annotations: {} labels: {} additionalServices: [] # - enabled: false # nameSuffix: api # type: ClusterIP # # Specify the default port information # port: # port: # # name defaults to http # name: # protocol: TCP # # targetPort defaults to http # targetPort: # # nodePort: # additionalPorts: [] # annotations: {} # labels: {} ingress: enabled: false annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" labels: {} hosts: - host: chart-example.local ## Or a tpl that is evaluated # hostTpl: '{{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.{{ .Values.ingress.domainname }}' paths: - path: / # Ignored if not kubeVersion >= 1.14-0 pathType: Prefix tls: [] # - secretName: chart-example-tls ## Or if you need a dynamic secretname # - secretNameTpl: '{{ include "common.names.fullname" . }}-ingress' # hosts: # - chart-example.local ## Or a tpl that is evaluated # hostsTpl: # - '{{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.{{ .Values.ingress.domainname }}' additionalIngresses: [] # - enabled: false # nameSuffix: "api" # annotations: {} # # kubernetes.io/ingress.class: nginx # # kubernetes.io/tls-acme: "true" # labels: {} # hosts: # - host: chart-example.local # paths: # - path: /api # # Ignored if not kubeVersion >= 1.14-0 # pathType: Prefix # tls: [] # # - secretName: chart-example-tls # # hosts: # # - chart-example.local persistence: config: enabled: false mountPath: /config ## configuration data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## # storageClass: "-" ## ## If you want to reuse an existing claim, you can pass the name of the PVC using ## the existingClaim variable # existingClaim: your-claim # subPath: some-subpath accessMode: ReadWriteOnce size: 1Gi ## Set to true to retain the PVC upon helm uninstall skipuninstall: false # Create an emptyDir volume to share between all containers shared: enabled: false emptyDir: true mountPath: /shared additionalVolumes: [] additionalVolumeMounts: [] volumeClaimTemplates: [] # Used in statefulset to create individual disks for each instance # - name: data # mountPath: /data # accessMode: "ReadWriteOnce" # size: 1Gi # - name: backup # mountPath: /backup # subPath: theSubPath # accessMode: "ReadWriteOnce" # size: 2Gi # storageClass: cheap-storage-class nodeSelector: {} affinity: {} tolerations: [] hostAliases: [] # Use hostAliases to add custom entries to /etc/hosts - mapping IP addresses to hostnames. # ref: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ # - ip: "192.168.1.100" # hostnames: # - "example.com" # - "www.example.com" resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi addons: # Enable running a VPN in the pod to route traffic through a VPN vpn: enabled: false # VPN type: options are openvpn or wireguard type: openvpn # OpenVPN specific configuration openvpn: image: repository: dperson/openvpn-client pullPolicy: IfNotPresent tag: latest # Credentials to connect to the VPN Service (used with -a) auth: # "user;password" # OR specify an existing secret that contains the credentials. Credentials should be stored # under the VPN_AUTH key authSecret: # my-vpn-secret # WireGuard specific configuration wireguard: image: repository: k8sathome/wireguard pullPolicy: IfNotPresent tag: 1.0.20200827 # Set the VPN container securityContext securityContext: capabilities: add: - NET_ADMIN - SYS_MODULE # All variables specified here will be added to the vpn sidecar container # See the documentation of the VPN image for all config values env: {} # TZ: UTC # Provide a customized vpn configuration file to be used by the VPN. configFile: # |- # Some Example Config # remote greatvpnhost.com 8888 # auth-user-pass # Cipher AES # Provide custom up/down scripts that can be used by the vpnConf scripts: up: # |- # #!/bin/bash # echo "connected" > /shared/vpnstatus down: # |- # #!/bin/bash # echo "disconnected" > /shared/vpnstatus additionalVolumeMounts: [] # Optionally specify a livenessProbe, e.g. to check if the connection is still # being protected by the VPN livenessProbe: {} # exec: # command: # - sh # - -c # - if [ $(curl -s https://ipinfo.io/country) == 'US' ]; then exit 0; else exit $?; fi # initialDelaySeconds: 30 # periodSeconds: 60 # failureThreshold: 1 # If set to true, will deploy a network policy that blocks all outbound # traffic except traffic specified as allowed networkPolicy: enabled: false # The egress configuration for your network policy, All outbound traffic # From the pod will be blocked unless specified here. Your cluster must # have a CNI that supports network policies (Canal, Calico, etc...) # https://kubernetes.io/docs/concepts/services-networking/network-policies/ # https://github.com/ahmetb/kubernetes-network-policy-recipes egress: # - to: # - ipBlock: # cidr: 0.0.0.0/0 # ports: # - port: 53 # protocol: UDP # - port: 53 # protocol: TCP # Enable running a code-server container in the pod to access files codeserver: enabled: false image: repository: codercom/code-server pullPolicy: IfNotPresent tag: 3.7.4 # Set any environment variables for code-server here env: {} # TZ: UTC # Set codeserver command line arguments # consider setting --user-data-dir to a persistent location to preserve code-server setting changes args: - --auth - none # - --user-data-dir # - "/config/.vscode" # Specify a list of volumes that get mounted in the code-server container. # At least 1 volumeMount is required! volumeMounts: [] # - name: config # mountPath: /data/config # Specify the working dir that will be opened when code-server starts # If not given, the app will default to the mountpah of the first specified volumeMount workingDir: "" service: enabled: true type: ClusterIP # Specify the default port information port: port: 12321 name: codeserver protocol: TCP targetPort: codeserver ## Specify the nodePort value for the LoadBalancer and NodePort service types. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport ## # nodePort: ## Provide any additional annotations which may be required. This can be used to ## set the LoadBalancer service type to internal only. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## annotations: {} labels: {} ingress: enabled: false nameSuffix: codeserver annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" labels: {} hosts: - host: code.chart-example.local paths: - path: / # Ignored if not kubeVersion >= 1.14-0 pathType: Prefix tls: [] # - secretName: chart-example-tls # hosts: # - code.chart-example.local securityContext: runAsUser: 0 ## TrueCharts Specific appAdditionalServicesEnabled: false # appAdditionalServices: # api: # enabled: false # type: NodePort # protocol: TCP # port: # port: 8091 # nodePort: 38091 # additionalPorts: [] # - name: api-alt # port: 8092 # targetPort: 8092 # protocol: TCP # nodePort: 38092 # ws: # enabled: false # type: ClusterIP # port: # port: 3000 # additionalPorts: {} # foo: # name: ws-alt # protocol: TCP # port: 3001 # targetPort: 3001 # appVolumeMounts: # config: # enabled: false # emptyDir: false # datasetName: "config" # mountPath: "/config" # subPath: some-subpath # hostPathEnabled: false # hostPath: "" # data: # enabled: false # emptyDir: false # datasetName: "data" # mountPath: "/data" # subPath: some-subpath # hostPathEnabled: false # hostPath: "" # appIngress: # main: # enabled: false # entrypoint: "websecure" # certType: "letsencrypt-prod" # existingcert: "" # authForwardURL: "" # annotations: {} # labels: {} # hosts: # - host: app.truecharts.placeholder # paths: # - path: / # # Ignored if not kubeVersion >= 1.14-0 # pathType: Prefix # # maintcp: # enabled: false # type: "TCP" # entrypoint: "kms" # certType: "none" # existingcert: "" # annotations: {} # labels: {} # hosts: # - host: app.truecharts.placeholder # paths: # - path: / # # Ignored if not kubeVersion >= 1.14-0 # pathType: Prefix # mainudp: # enabled: false # type: "UDP" # entrypoint: "DNSUDP" # annotations: {} # labels: {}