catalog/stable/twofauth/1.4.0/ix_values.yaml

127 lines
3.6 KiB
YAML

image:
repository: 2fauth/2fauth
pullPolicy: IfNotPresent
tag: 5.1.0@sha256:c14a80e63346df10e57adcbf55d9a4193046a52d888d1824b9db6680c50b27f0
securityContext:
container:
readOnlyRootFilesystem: false
runAsUser: 1000
runAsGroup: 1000
twofauth:
app:
name: 2FAuth
site_owner: mail@example.com
url: http://localhost:8000
session_lifetime: 120
trusted_proxies: []
mail:
driver: log
host: ""
port: 587
from: ""
user: ""
pass: ""
# TLS | STARTTLS | SSL
encryption: STARTTLS
from_name: 2FAuth
from_address: changeme@example.com
auth:
# web-guard | reverse-proxy-guard
guard: web-guard
# show if guard uses reverse-proxy-guard
proxy_header_for_user: ""
proxy_header_for_email: ""
proxy_logout_url: ""
webauthn:
name: 2FAuth
id: ""
icon: ""
# required | preferred | discouraged
user_verified: preferred
workload:
main:
podSpec:
containers:
main:
probes:
liveness:
path: /infos
readiness:
path: /infos
startup:
type: tcp
env:
# APP
APP_ENV: local
APP_KEY:
secretKeyRef:
name: twofauth-secret
key: APP_KEY
APP_NAME: "{{ .Values.twofauth.app.name }}"
SITE_OWNER: "{{ .Values.twofauth.app.site_owner }}"
APP_URL: "{{ .Values.twofauth.app.url }}"
SESSION_LIFETIME: "{{ .Values.twofauth.app.session_lifetime }}"
TRUSTED_PROXIES: '{{ join "," .Values.twofauth.app.trusted_proxies }}'
# MAIL
MAIL_DRIVER: "{{ .Values.twofauth.mail.driver }}"
MAIL_HOST: "{{ .Values.twofauth.mail.host }}"
MAIL_PORT: "{{ .Values.twofauth.mail.port }}"
MAIL_FROM: "{{ .Values.twofauth.mail.from }}"
MAIL_USERNAME: "{{ .Values.twofauth.mail.user }}"
MAIL_PASSWORD: "{{ .Values.twofauth.mail.pass }}"
MAIL_ENCRYPTION: "{{ .Values.twofauth.mail.encryption }}"
MAIL_FROM_NAME: "{{ .Values.twofauth.mail.from_name }}"
MAIL_FROM_ADDRESS: "{{ .Values.twofauth.mail.from_address }}"
# AUTH
AUTHENTICATION_GUARD: "{{ .Values.twofauth.auth.guard }}"
AUTH_PROXY_HEADER_FOR_USER: "{{ .Values.twofauth.auth.proxy_header_for_user }}"
AUTH_PROXY_HEADER_FOR_EMAIL: "{{ .Values.twofauth.auth.proxy_header_for_email }}"
PROXY_LOGOUT_URL: "{{ .Values.twofauth.auth.proxy_logout_url }}"
# WebAuthn:
WEBAUTHN_NAME: "{{ .Values.twofauth.webauthn.name }}"
WEBAUTHN_ID: "{{ .Values.twofauth.webauthn.id }}"
# Optional image data in BASE64 (128 bytes maximum) or an image url
WEBAUTHN_ICON: "{{ .Values.twofauth.webauthn.icon }}"
WEBAUTHN_USER_VERIFICATION: "{{ .Values.twofauth.webauthn.user_verified }}"
# Postgres
DB_CONNECTION: pgsql
DB_DATABASE: "{{ .Values.cnpg.main.database }}"
DB_USERNAME: "{{ .Values.cnpg.main.user }}"
DB_PORT: 5432
DB_HOST:
secretKeyRef:
name: cnpg-main-urls
key: host
DB_PASSWORD:
secretKeyRef:
name: cnpg-main-user
key: password
service:
main:
ports:
main:
protocol: http
targetPort: 8000
port: 8000
persistence:
config:
enabled: true
mountPath: /2fauth
varrun:
enabled: false
cnpg:
main:
enabled: true
user: twofauth
database: twofauth
portal:
open:
enabled: true