image: repository: 2fauth/2fauth pullPolicy: IfNotPresent tag: 5.0.3@sha256:4d08b9e9c2538a3f49dfa98ef1eb8d656fd8561a20a1f7daae96d3e50b47e653 securityContext: container: readOnlyRootFilesystem: false runAsUser: 1000 runAsGroup: 1000 twofauth: app: name: 2FAuth site_owner: mail@example.com url: http://localhost:8000 session_lifetime: 120 trusted_proxies: [] mail: driver: log host: "" port: 587 from: "" user: "" pass: "" # TLS | STARTTLS | SSL encryption: STARTTLS from_name: 2FAuth from_address: changeme@example.com auth: # web-guard | reverse-proxy-guard guard: web-guard # show if guard uses reverse-proxy-guard proxy_header_for_user: "" proxy_header_for_email: "" proxy_logout_url: "" webauthn: name: 2FAuth id: "" icon: "" # required | preferred | discouraged user_verified: preferred workload: main: podSpec: containers: main: probes: liveness: path: /infos readiness: path: /infos startup: type: tcp env: # APP APP_ENV: local APP_KEY: secretKeyRef: name: twofauth-secret key: APP_KEY APP_NAME: "{{ .Values.twofauth.app.name }}" SITE_OWNER: "{{ .Values.twofauth.app.site_owner }}" APP_URL: "{{ .Values.twofauth.app.url }}" SESSION_LIFETIME: "{{ .Values.twofauth.app.session_lifetime }}" TRUSTED_PROXIES: '{{ join "," .Values.twofauth.app.trusted_proxies }}' # MAIL MAIL_DRIVER: "{{ .Values.twofauth.mail.driver }}" MAIL_HOST: "{{ .Values.twofauth.mail.host }}" MAIL_PORT: "{{ .Values.twofauth.mail.port }}" MAIL_FROM: "{{ .Values.twofauth.mail.from }}" MAIL_USERNAME: "{{ .Values.twofauth.mail.user }}" MAIL_PASSWORD: "{{ .Values.twofauth.mail.pass }}" MAIL_ENCRYPTION: "{{ .Values.twofauth.mail.encryption }}" MAIL_FROM_NAME: "{{ .Values.twofauth.mail.from_name }}" MAIL_FROM_ADDRESS: "{{ .Values.twofauth.mail.from_address }}" # AUTH AUTHENTICATION_GUARD: "{{ .Values.twofauth.auth.guard }}" AUTH_PROXY_HEADER_FOR_USER: "{{ .Values.twofauth.auth.proxy_header_for_user }}" AUTH_PROXY_HEADER_FOR_EMAIL: "{{ .Values.twofauth.auth.proxy_header_for_email }}" PROXY_LOGOUT_URL: "{{ .Values.twofauth.auth.proxy_logout_url }}" # WebAuthn: WEBAUTHN_NAME: "{{ .Values.twofauth.webauthn.name }}" WEBAUTHN_ID: "{{ .Values.twofauth.webauthn.id }}" # Optional image data in BASE64 (128 bytes maximum) or an image url WEBAUTHN_ICON: "{{ .Values.twofauth.webauthn.icon }}" WEBAUTHN_USER_VERIFICATION: "{{ .Values.twofauth.webauthn.user_verified }}" # Postgres DB_CONNECTION: pgsql DB_DATABASE: "{{ .Values.cnpg.main.database }}" DB_USERNAME: "{{ .Values.cnpg.main.user }}" DB_PORT: 5432 DB_HOST: secretKeyRef: name: cnpg-main-urls key: host DB_PASSWORD: secretKeyRef: name: cnpg-main-user key: password service: main: ports: main: protocol: http targetPort: 8000 port: 8000 persistence: config: enabled: true mountPath: /2fauth varrun: enabled: false cnpg: main: enabled: true user: twofauth database: twofauth portal: open: enabled: true