TrueChartsClone/library/common/values.yaml

534 lines
15 KiB
YAML

# type: options are deployment, daemonset or statefulset
controllerType: deployment
# Set annotations on the deployment/statefulset/daemonset
controllerAnnotations: {}
# Set labels on the deployment/statefulset/daemonset
controllerLabels: {}
replicas: 1
strategy:
## For Deployments, valid values are Recreate and RollingUpdate
## For StatefulSets, valid values are OnDelete and RollingUpdate
## DaemonSets ignore this
type: RollingUpdate
# Override the default command
command: []
# Override the default args
args: []
nameOverride: ""
fullnameOverride: ""
# Set annotations on the pod
podAnnotations: {}
serviceAccount:
# Specifies whether a service account should be created
create: false
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
env: {}
# TZ: UTC
## Variables with values set from templates, example
## With a release name of: demo, the example env value will be: demo-admin
envTpl: {}
# TEMPLATE_VALUE: "{{ .Release.Name }}-admin"
## Variables with values from (for example) the Downward API
## See https://kubernetes.io/docs/tasks/inject-data-application/environment-variable-expose-pod-information/
envValueFrom: {}
# NODE_NAME:
# fieldRef:
# fieldPath: spec.nodeName
envFrom: []
# - configMapRef:
# name: config-map-name
# - secretRef:
# name: secret-name
# Custom priority class for different treatment by the scheduler
# priorityClassName: system-node-critical
# Allow specifying a custom scheduler name
# schedulerName: awkward-dangerous-scheduler
# Allow specifying explicit hostname setting
# hostname:
# When using hostNetwork make sure you set dnsPolicy to ClusterFirstWithHostNet
hostNetwork: false
dnsPolicy: ClusterFirst
# Optional DNS settings, configuring the ndots option may resolve
# nslookup issues on some Kubernetes setups.
# dnsConfig:
# options:
# - name: ndots
# value: "1"
# Enable/disable the generation of environment variables for services.
# See https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service
# for more information.
enableServiceLinks: true
# Configure the Security Context for the Pod
podSecurityContext: {}
# Configure the Security Context for the main container
securityContext: {}
initContainers: []
additionalContainers: []
## Probes configuration
probes:
liveness:
enabled: true
## Set this to true if you wish to specify your own livenessProbe
custom: false
## The spec field contains the values for the default livenessProbe.
## If you selected custom: true, this field holds the definition of the livenessProbe.
spec:
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 10
failureThreshold: 5
readiness:
enabled: true
## Set this to true if you wish to specify your own readinessProbe
custom: false
## The spec field contains the values for the default readinessProbe.
## If you selected custom: true, this field holds the definition of the readinessProbe.
spec:
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 10
failureThreshold: 5
startup:
enabled: true
## Set this to true if you wish to specify your own startupProbe
custom: false
## The spec field contains the values for the default startupProbe.
## If you selected custom: true, this field holds the definition of the startupProbe.
spec:
initialDelaySeconds: 0
timeoutSeconds: 10
## This means it has a maximum of 5*30=150 seconds to start up before it fails
periodSeconds: 5
failureThreshold: 120
service:
enabled: true
type: ClusterIP
## Specify the default port information
port:
port:
## name defaults to http
name:
protocol: TCP
## Specify a service targetPort if you wish to differ the service port from the application port.
## If targetPort is specified, this port number is used in the container definition instead of
## service.port.port. Therefore named ports are not supported for this field.
targetPort:
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
additionalPorts: []
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
labels: {}
additionalServices: []
# - enabled: false
# nameSuffix: api
# type: ClusterIP
# # Specify the default port information
# port:
# port:
# # name defaults to http
# name:
# protocol: TCP
# # targetPort defaults to http
# targetPort:
# # nodePort:
# additionalPorts: []
# annotations: {}
# labels: {}
ingress:
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
labels: {}
hosts:
- host: chart-example.local
## Or a tpl that is evaluated
# hostTpl: '{{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.{{ .Values.ingress.domainname }}'
paths:
- path: /
# Ignored if not kubeVersion >= 1.14-0
pathType: Prefix
tls: []
# - secretName: chart-example-tls
## Or if you need a dynamic secretname
# - secretNameTpl: '{{ include "common.names.fullname" . }}-ingress'
# hosts:
# - chart-example.local
## Or a tpl that is evaluated
# hostsTpl:
# - '{{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.{{ .Values.ingress.domainname }}'
additionalIngresses: []
# - enabled: false
# nameSuffix: "api"
# annotations: {}
# # kubernetes.io/ingress.class: nginx
# # kubernetes.io/tls-acme: "true"
# labels: {}
# hosts:
# - host: chart-example.local
# paths:
# - path: /api
# # Ignored if not kubeVersion >= 1.14-0
# pathType: Prefix
# tls: []
# # - secretName: chart-example-tls
# # hosts:
# # - chart-example.local
persistence:
config:
enabled: false
mountPath: /config
## configuration data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
##
## If you want to reuse an existing claim, you can pass the name of the PVC using
## the existingClaim variable
# existingClaim: your-claim
# subPath: some-subpath
accessMode: ReadWriteOnce
size: 1Gi
## Set to true to retain the PVC upon helm uninstall
skipuninstall: false
# Create an emptyDir volume to share between all containers
shared:
enabled: false
emptyDir: true
mountPath: /shared
additionalVolumes: []
additionalVolumeMounts: []
volumeClaimTemplates: []
# Used in statefulset to create individual disks for each instance
# - name: data
# mountPath: /data
# accessMode: "ReadWriteOnce"
# size: 1Gi
# - name: backup
# mountPath: /backup
# subPath: theSubPath
# accessMode: "ReadWriteOnce"
# size: 2Gi
# storageClass: cheap-storage-class
nodeSelector: {}
affinity: {}
tolerations: []
hostAliases: []
# Use hostAliases to add custom entries to /etc/hosts - mapping IP addresses to hostnames.
# ref: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
# - ip: "192.168.1.100"
# hostnames:
# - "example.com"
# - "www.example.com"
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
addons:
# Enable running a VPN in the pod to route traffic through a VPN
vpn:
enabled: false
# VPN type: options are openvpn or wireguard
type: openvpn
# OpenVPN specific configuration
openvpn:
image:
repository: dperson/openvpn-client
pullPolicy: IfNotPresent
tag: latest
# Credentials to connect to the VPN Service (used with -a)
auth: # "user;password"
# OR specify an existing secret that contains the credentials. Credentials should be stored
# under the VPN_AUTH key
authSecret: # my-vpn-secret
# WireGuard specific configuration
wireguard:
image:
repository: k8sathome/wireguard
pullPolicy: IfNotPresent
tag: 1.0.20200827
# Set the VPN container securityContext
securityContext:
capabilities:
add:
- NET_ADMIN
- SYS_MODULE
# All variables specified here will be added to the vpn sidecar container
# See the documentation of the VPN image for all config values
env: {}
# TZ: UTC
# Provide a customized vpn configuration file to be used by the VPN.
configFile: # |-
# Some Example Config
# remote greatvpnhost.com 8888
# auth-user-pass
# Cipher AES
# Provide custom up/down scripts that can be used by the vpnConf
scripts:
up: # |-
# #!/bin/bash
# echo "connected" > /shared/vpnstatus
down: # |-
# #!/bin/bash
# echo "disconnected" > /shared/vpnstatus
additionalVolumeMounts: []
# Optionally specify a livenessProbe, e.g. to check if the connection is still
# being protected by the VPN
livenessProbe: {}
# exec:
# command:
# - sh
# - -c
# - if [ $(curl -s https://ipinfo.io/country) == 'US' ]; then exit 0; else exit $?; fi
# initialDelaySeconds: 30
# periodSeconds: 60
# failureThreshold: 1
# If set to true, will deploy a network policy that blocks all outbound
# traffic except traffic specified as allowed
networkPolicy:
enabled: false
# The egress configuration for your network policy, All outbound traffic
# From the pod will be blocked unless specified here. Your cluster must
# have a CNI that supports network policies (Canal, Calico, etc...)
# https://kubernetes.io/docs/concepts/services-networking/network-policies/
# https://github.com/ahmetb/kubernetes-network-policy-recipes
egress:
# - to:
# - ipBlock:
# cidr: 0.0.0.0/0
# ports:
# - port: 53
# protocol: UDP
# - port: 53
# protocol: TCP
# Enable running a code-server container in the pod to access files
codeserver:
enabled: false
image:
repository: codercom/code-server
pullPolicy: IfNotPresent
tag: 3.7.4
# Set any environment variables for code-server here
env: {}
# TZ: UTC
# Set codeserver command line arguments
# consider setting --user-data-dir to a persistent location to preserve code-server setting changes
args:
- --auth
- none
# - --user-data-dir
# - "/config/.vscode"
# Specify a list of volumes that get mounted in the code-server container.
# At least 1 volumeMount is required!
volumeMounts: []
# - name: config
# mountPath: /data/config
# Specify the working dir that will be opened when code-server starts
# If not given, the app will default to the mountpah of the first specified volumeMount
workingDir: ""
service:
enabled: true
type: ClusterIP
# Specify the default port information
port:
port: 12321
name: codeserver
protocol: TCP
targetPort: codeserver
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
labels: {}
ingress:
enabled: false
nameSuffix: codeserver
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
labels: {}
hosts:
- host: code.chart-example.local
paths:
- path: /
# Ignored if not kubeVersion >= 1.14-0
pathType: Prefix
tls: []
# - secretName: chart-example-tls
# hosts:
# - code.chart-example.local
securityContext:
runAsUser: 0
## TrueCharts Specific
appAdditionalServicesEnabled: false
# appAdditionalServices:
# api:
# enabled: false
# type: NodePort
# protocol: TCP
# port:
# port: 8091
# nodePort: 38091
# additionalPorts: []
# - name: api-alt
# port: 8092
# targetPort: 8092
# protocol: TCP
# nodePort: 38092
# ws:
# enabled: false
# type: ClusterIP
# port:
# port: 3000
# additionalPorts: {}
# foo:
# name: ws-alt
# protocol: TCP
# port: 3001
# targetPort: 3001
# appVolumeMounts:
# config:
# enabled: false
# emptyDir: false
# datasetName: "config"
# mountPath: "/config"
# subPath: some-subpath
# hostPathEnabled: false
# hostPath: ""
# data:
# enabled: false
# emptyDir: false
# datasetName: "data"
# mountPath: "/data"
# subPath: some-subpath
# hostPathEnabled: false
# hostPath: ""
# appIngress:
# main:
# enabled: false
# entrypoint: "websecure"
# certType: "letsencrypt-prod"
# existingcert: ""
# authForwardURL: ""
# annotations: {}
# labels: {}
# hosts:
# - host: app.truecharts.placeholder
# paths:
# - path: /
# # Ignored if not kubeVersion >= 1.14-0
# pathType: Prefix
#
# maintcp:
# enabled: false
# type: "TCP"
# entrypoint: "kms"
# certType: "none"
# existingcert: ""
# annotations: {}
# labels: {}
# hosts:
# - host: app.truecharts.placeholder
# paths:
# - path: /
# # Ignored if not kubeVersion >= 1.14-0
# pathType: Prefix
# mainudp:
# enabled: false
# type: "UDP"
# entrypoint: "DNSUDP"
# annotations: {}
# labels: {}