TrueChartsClone/charts/stable/tt-rss/values.yaml

243 lines
7.0 KiB
YAML

image:
repository: cthulhoo/ttrss-fpm-pgsql-static
pullPolicy: IfNotPresent
tag: latest@sha256:e876d990f9953088be48b4d2d0b3df7d6f22fadb25735ef806825a7db6396668
nginxImage:
repository: cthulhoo/ttrss-web-nginx
pullPolicy: IfNotPresent
tag: latest@sha256:188aeef07208c1d04d4160b5e54e2e02d6e1d6c236b3242a1fc86ac26e705543
updaterImage:
repository: cthulhoo/ttrss-fpm-pgsql-static
pullPolicy: IfNotPresent
tag: latest@sha256:e876d990f9953088be48b4d2d0b3df7d6f22fadb25735ef806825a7db6396668
securityContext:
container:
readOnlyRootFilesystem: false
runAsNonRoot: false
runAsUser: 0
runAsGroup: 0
persistence:
html:
enabled: true
targetSelector:
main:
main:
mountPath: /var/www/html
nginx:
nginx:
mountPath: /var/www/html
readOnly: true
updater:
updater:
mountPath: /var/www/html
config:
enabled: true
targetSelector:
main:
main:
mountPath: /opt/tt-rss/config.d
updater:
updater:
mountPath: /opt/tt-rss/config.d
nginx-conf:
enabled: true
type: configmap
objectName: config
targetSelector:
nginx:
nginx:
mountPath: /etc/nginx/templates/nginx.conf.template
subPath: nginx.conf.template
plugins:
enabled: true
mountPath: /var/www/html/tt-rss/plugins.local
themes:
enabled: true
mountPath: /var/www/html/tt-rss/themes.local
cnpg:
main:
enabled: true
user: tt-rss
database: tt-rss
portal:
open:
enabled: true
workload:
main:
podSpec:
containers:
main:
probes:
liveness:
type: exec
command:
- /bin/sh
- -c
- netstat -npl | grep :9000
readiness:
type: exec
command:
- /bin/sh
- -c
- ls /var/www/html/tt-rss/.app_is_ready
startup:
type: tcp
port: "{{ .Values.service.app.ports.app.port }}"
env:
TTRSS_SELF_URL_PATH: ""
# tt-rss tests with "-z" so an empty string should still allow the randomly generated password to be made.
ADMIN_USER_PASS: ""
TTRSS_DB_NAME: "{{ .Values.cnpg.main.database }}"
TTRSS_DB_USER: "{{ .Values.cnpg.main.user }}"
TTRSS_DB_PORT: "5432"
TTRSS_DB_PASS:
secretKeyRef:
name: cnpg-main-user
key: password
TTRSS_DB_HOST:
secretKeyRef:
name: cnpg-main-urls
key: host
nginx:
enabled: true
type: Deployment
podSpec:
containers:
nginx:
enabled: true
primary: true
imageSelector: nginxImage
probes:
readiness:
enabled: true
type: http
path: "/public.php?op=healthcheck"
port: "{{ .Values.service.main.ports.main.port }}"
liveness:
enabled: true
type: http
path: "/public.php?op=healthcheck"
port: "{{ .Values.service.main.ports.main.port }}"
startup:
enabled: true
type: tcp
port: "{{ .Values.service.main.ports.main.port }}"
env:
APP_UPSTREAM: '{{ printf "%s-app" (include "tc.v1.common.lib.chart.names.fullname" .) }}'
APP_WEB_ROOT: /var/www/html/tt-rss
APP_BASE: ""
updater:
enabled: true
type: Deployment
podSpec:
containers:
updater:
enabled: true
primary: true
imageSelector: updaterImage
args: /opt/tt-rss/updater.sh
probes:
liveness:
type: exec
command:
- /usr/bin/test
- -f
- "/var/www/html/tt-rss/lock/update_daemon.lock"
readiness:
type: exec
command:
- /usr/bin/test
- -f
- "/var/www/html/tt-rss/lock/update_daemon.lock"
startup:
type: exec
command:
- /usr/bin/test
- -f
- "/var/www/html/tt-rss/lock/update_daemon.lock"
env:
TTRSS_SELF_URL_PATH: ""
TTRSS_DB_NAME: "{{ .Values.cnpg.main.database }}"
TTRSS_DB_USER: "{{ .Values.cnpg.main.user }}"
TTRSS_DB_PORT: "5432"
TTRSS_DB_PASS:
secretKeyRef:
name: cnpg-main-user
key: password
TTRSS_DB_HOST:
secretKeyRef:
name: cnpg-main-urls
key: host
service:
# Main service links to ingress easier (according to nextcloud's values.yaml)
# That's why the nginx is swapped with app
main:
targetSelector: nginx
ports:
main:
targetSelector: nginx
port: 10104
app:
enabled: true
targetSelector: main
ports:
app:
enabled: true
targetSelector: main
port: 9000
targetPort: 9000
configmap:
config:
enabled: true
data:
nginx.conf.template: |-
worker_processes auto;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /dev/stdout;
error_log /dev/stderr warn;
sendfile on;
index index.php;
# Removed during app integration to Truecharts.
# See: https://github.com/truecharts/charts/pull/17293#discussion_r1461102952
#resolver ${RESOLVER} valid=5s;
server {
listen {{ .Values.service.main.ports.main.port }};
root ${APP_WEB_ROOT};
location ${APP_BASE}/cache {
aio threads;
internal;
}
location ${APP_BASE}/backups {
internal;
}
rewrite ${APP_BASE}/healthz ${APP_BASE}/public.php?op=healthcheck;
location ~ \.php$ {
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
include fastcgi.conf;
# See note for `resolver` line above
#set $backend "${APP_UPSTREAM}:9000";
# See note for `resolver` line above
#fastcgi_pass $backend;
fastcgi_pass ${APP_UPSTREAM}:9000;
}
location / {
try_files $uri $uri/ =404;
}
}
}