update
diff --git a/charts/nginx/values.yaml b/charts/nginx/values.yaml
new file mode 100644
index 0000000..c928931
--- /dev/null
+++ b/charts/nginx/values.yaml
@@ -0,0 +1,1100 @@
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+## @section Global parameters
+## Global Docker image parameters
+## Please, note that this will override the image parameters, including dependencies, configured to use the global value
+## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
+
+## @param global.imageRegistry Global Docker image registry
+## @param global.imagePullSecrets Global Docker registry secret names as an array
+##
+global:
+ imageRegistry: ""
+ ## E.g.
+ ## imagePullSecrets:
+ ## - myRegistryKeySecretName
+ ##
+ imagePullSecrets: []
+ ## Security parameters
+ ##
+ security:
+ ## @param global.security.allowInsecureImages Allows skipping image verification
+ ##
+ allowInsecureImages: false
+ ## Compatibility adaptations for Kubernetes platforms
+ ##
+ compatibility:
+ ## Compatibility adaptations for Openshift
+ ##
+ openshift:
+ ## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)
+ ##
+ adaptSecurityContext: auto
+## @section Common parameters
+
+## @param nameOverride String to partially override nginx.fullname template (will maintain the release name)
+##
+nameOverride: ""
+## @param fullnameOverride String to fully override nginx.fullname template
+##
+fullnameOverride: ""
+## @param namespaceOverride String to fully override common.names.namespace
+##
+namespaceOverride: ""
+## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set)
+##
+kubeVersion: ""
+## @param clusterDomain Kubernetes Cluster Domain
+##
+clusterDomain: cluster.local
+## @param extraDeploy Extra objects to deploy (value evaluated as a template)
+##
+extraDeploy: []
+## @param commonLabels Add labels to all the deployed resources
+##
+commonLabels: {}
+## @param commonAnnotations Add annotations to all the deployed resources
+##
+commonAnnotations: {}
+## Enable diagnostic mode in the deployment(s)/statefulset(s)
+##
+diagnosticMode:
+ ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
+ ##
+ enabled: false
+ ## @param diagnosticMode.command Command to override all containers in the the deployment(s)/statefulset(s)
+ ##
+ command:
+ - sleep
+ ## @param diagnosticMode.args Args to override all containers in the the deployment(s)/statefulset(s)
+ ##
+ args:
+ - infinity
+## @section NGINX parameters
+
+## Bitnami NGINX image version
+## ref: https://hub.docker.com/r/bitnami/nginx/tags/
+## @param image.registry [default: REGISTRY_NAME] NGINX image registry
+## @param image.repository [default: REPOSITORY_NAME/nginx] NGINX image repository
+## @skip image.tag NGINX image tag (immutable tags are recommended)
+## @param image.digest NGINX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
+## @param image.pullPolicy NGINX image pull policy
+## @param image.pullSecrets Specify docker-registry secret names as an array
+## @param image.debug Set to true if you would like to see extra information on logs
+##
+image:
+ registry: docker.io
+ repository: bitnami/nginx
+ tag: 1.29.0-debian-12-r5
+ digest: ""
+ ## Specify a imagePullPolicy
+ ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
+ ##
+ pullPolicy: IfNotPresent
+ ## Optionally specify an array of imagePullSecrets.
+ ## Secrets must be manually created in the namespace.
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+ ## E.g.:
+ ## pullSecrets:
+ ## - myRegistryKeySecretName
+ ##
+ pullSecrets: []
+ ## Set to true if you would like to see extra information on logs
+ ##
+ debug: false
+## @param enableDefaultInitContainers If set to false, disable all init containers except user-defined at `initContainer`.
+##
+enableDefaultInitContainers: true
+## @param automountServiceAccountToken Mount Service Account token in pod
+##
+automountServiceAccountToken: false
+## @param hostAliases Deployment pod host aliases
+## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
+##
+hostAliases: []
+## Command and args for running the container (set to default if not set). Use array form
+## @param command Override default container command (useful when using custom images)
+## @param args Override default container args (useful when using custom images)
+##
+command: []
+args: []
+## @param extraEnvVars Extra environment variables to be set on NGINX containers
+## E.g:
+## extraEnvVars:
+## - name: FOO
+## value: BAR
+##
+extraEnvVars: []
+## @param extraEnvVarsCM ConfigMap with extra environment variables
+##
+extraEnvVarsCM: ""
+## @param extraEnvVarsSecret Secret with extra environment variables
+##
+extraEnvVarsSecret: ""
+## @section NGINX deployment parameters
+
+## @param replicaCount Number of NGINX replicas to deploy
+##
+replicaCount: 1
+## @param revisionHistoryLimit The number of old history to retain to allow rollback
+##
+revisionHistoryLimit: 10
+## @param updateStrategy.type NGINX deployment strategy type
+## @param updateStrategy.rollingUpdate NGINX deployment rolling update configuration parameters
+## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
+##
+updateStrategy:
+ type: RollingUpdate
+ rollingUpdate: {}
+## @param podLabels Additional labels for NGINX pods
+## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+##
+podLabels: {}
+## @param podAnnotations Annotations for NGINX pods
+## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+##
+podAnnotations: {}
+## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
+## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
+##
+podAffinityPreset: ""
+## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
+## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
+##
+podAntiAffinityPreset: soft
+## Node affinity preset
+## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
+##
+nodeAffinityPreset:
+ ## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
+ ##
+ type: ""
+ ## @param nodeAffinityPreset.key Node label key to match Ignored if `affinity` is set.
+ ## E.g.
+ ## key: "kubernetes.io/e2e-az-name"
+ ##
+ key: ""
+ ## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set.
+ ## E.g.
+ ## values:
+ ## - e2e-az1
+ ## - e2e-az2
+ ##
+ values: []
+## @param affinity Affinity for pod assignment
+## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
+##
+affinity: {}
+## @param hostNetwork Specify if host network should be enabled for NGINX pod
+##
+hostNetwork: false
+## @param hostIPC Specify if host IPC should be enabled for NGINX pod
+##
+hostIPC: false
+## DNS-Pod services
+## Ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+## @param dnsPolicy Specifies the DNS policy for the NGINX pod
+## DNS policies can be set on a per-Pod basis. Currently Kubernetes supports the following Pod-specific DNS policies.
+## Available options: Default, ClusterFirst, ClusterFirstWithHostNet, None
+## Ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy
+dnsPolicy: ""
+## @param dnsConfig Allows users more control on the DNS settings for a Pod. Required if `dnsPolicy` is set to `None`
+## The dnsConfig field is optional and it can work with any dnsPolicy settings.
+## Ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config
+## E.g.
+## dnsConfig:
+## nameservers:
+## - 192.0.2.1 # this is an example
+## searches:
+## - ns1.svc.cluster-domain.example
+## - my.dns.search.suffix
+## options:
+## - name: ndots
+## value: "2"
+## - name: edns0
+dnsConfig: {}
+## @param nodeSelector Node labels for pod assignment. Evaluated as a template.
+## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
+##
+nodeSelector: {}
+## @param tolerations Tolerations for pod assignment. Evaluated as a template.
+## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+##
+tolerations: []
+## @param priorityClassName NGINX pods' priorityClassName
+##
+priorityClassName: ""
+## @param schedulerName Name of the k8s scheduler (other than default)
+## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
+##
+schedulerName: ""
+## @param terminationGracePeriodSeconds In seconds, time the given to the NGINX pod needs to terminate gracefully
+## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
+##
+terminationGracePeriodSeconds: ""
+## @param topologySpreadConstraints Topology Spread Constraints for pod assignment
+## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+## The value is evaluated as a template
+##
+topologySpreadConstraints: []
+## TLS settings
+##
+tls:
+ ## @param tls.enabled Enable TLS transport
+ ##
+ enabled: true
+ ## @param tls.autoGenerated Auto-generate self-signed certificates
+ ##
+ autoGenerated: true
+ ## @param tls.existingSecret Name of a secret containing the certificates
+ ##
+ existingSecret: ""
+ ## @param tls.certFilename Path of the certificate file when mounted as a secret
+ ##
+ certFilename: tls.crt
+ ## @param tls.certKeyFilename Path of the certificate key file when mounted as a secret
+ ##
+ certKeyFilename: tls.key
+ ## @param tls.certCAFilename Path of the certificate CA file when mounted as a secret
+ ##
+ certCAFilename: ca.crt
+ ## @param tls.cert Content of the certificate to be added to the secret
+ ##
+ cert: ""
+ ## @param tls.key Content of the certificate key to be added to the secret
+ ##
+ key: ""
+ ## @param tls.ca Content of the certificate CA to be added to the secret
+ ##
+ ca: ""
+## NGINX pods' Security Context.
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
+## @param podSecurityContext.enabled Enabled NGINX pods' Security Context
+## @param podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
+## @param podSecurityContext.supplementalGroups Set filesystem extra groups
+## @param podSecurityContext.fsGroup Set NGINX pod's Security Context fsGroup
+## @param podSecurityContext.sysctls sysctl settings of the NGINX pods
+##
+podSecurityContext:
+ enabled: true
+ fsGroupChangePolicy: Always
+ supplementalGroups: []
+ fsGroup: 1001
+ ## sysctl settings
+ ## Example:
+ ## sysctls:
+ ## - name: net.core.somaxconn
+ ## value: "10000"
+ ##
+ sysctls: []
+## NGINX containers' Security Context.
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+## @param containerSecurityContext.enabled Enabled containers' Security Context
+## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
+## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser
+## @param containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
+## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
+## @param containerSecurityContext.privileged Set container's Security Context privileged
+## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
+## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
+## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped
+## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
+##
+containerSecurityContext:
+ enabled: true
+ seLinuxOptions: {}
+ runAsUser: 1001
+ runAsGroup: 1001
+ runAsNonRoot: true
+ privileged: false
+ readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop: ["ALL"]
+ seccompProfile:
+ type: "RuntimeDefault"
+## Configures the ports NGINX listens on
+## @param containerPorts.http Sets http port inside NGINX container
+## @param containerPorts.https Sets https port inside NGINX container
+##
+containerPorts:
+ http: 8080
+ https: 8443
+## @param extraContainerPorts Array of additional container ports for the Nginx container
+## e.g:
+## extraContainerPorts:
+## - name: grpc
+## containerPort: 4317
+##
+extraContainerPorts: []
+## NGINX containers' resource requests and limits
+## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+## We usually recommend not to specify default resources and to leave this as a conscious
+## choice for the user. This also increases chances charts run on environments with little
+## resources, such as Minikube. If you do want to specify resources, uncomment the following
+## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
+## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
+##
+resourcesPreset: "nano"
+## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
+## Example:
+## resources:
+## requests:
+## cpu: 2
+## memory: 512Mi
+## limits:
+## cpu: 3
+## memory: 1024Mi
+##
+resources: {}
+## NGINX containers' lifecycleHooks
+## ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
+## If you do want to specify lifecycleHooks, uncomment the following
+## lines, adjust them as necessary, and remove the curly braces on 'lifecycle:{}'.
+## @param lifecycleHooks Optional lifecycleHooks for the NGINX container
+lifecycleHooks: {}
+## Example:
+## postStart:
+## exec:
+## command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]
+## Example:
+## preStop:
+## exec:
+## command: ["/bin/sleep", "20"]
+## command: ["/bin/sh","-c","nginx -s quit; while killall -0 nginx; do sleep 1; done"]
+
+## NGINX containers' startup probe.
+## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
+## @param startupProbe.enabled Enable startupProbe
+## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
+## @param startupProbe.periodSeconds Period seconds for startupProbe
+## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe
+## @param startupProbe.failureThreshold Failure threshold for startupProbe
+## @param startupProbe.successThreshold Success threshold for startupProbe
+##
+startupProbe:
+ enabled: false
+ initialDelaySeconds: 30
+ timeoutSeconds: 5
+ periodSeconds: 10
+ failureThreshold: 6
+ successThreshold: 1
+## NGINX containers' liveness probe.
+## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
+## @param livenessProbe.enabled Enable livenessProbe
+## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
+## @param livenessProbe.periodSeconds Period seconds for livenessProbe
+## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
+## @param livenessProbe.failureThreshold Failure threshold for livenessProbe
+## @param livenessProbe.successThreshold Success threshold for livenessProbe
+##
+livenessProbe:
+ enabled: true
+ initialDelaySeconds: 30
+ timeoutSeconds: 5
+ periodSeconds: 10
+ failureThreshold: 6
+ successThreshold: 1
+## NGINX containers' readiness probe.
+## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
+## @param readinessProbe.enabled Enable readinessProbe
+## @param readinessProbe.path Request path for livenessProbe
+## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
+## @param readinessProbe.periodSeconds Period seconds for readinessProbe
+## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
+## @param readinessProbe.failureThreshold Failure threshold for readinessProbe
+## @param readinessProbe.successThreshold Success threshold for readinessProbe
+##
+readinessProbe:
+ enabled: true
+ path: /
+ initialDelaySeconds: 5
+ timeoutSeconds: 3
+ periodSeconds: 5
+ failureThreshold: 3
+ successThreshold: 1
+## @param customStartupProbe Custom liveness probe for the Web component
+##
+customStartupProbe: {}
+## @param customLivenessProbe Override default liveness probe
+##
+customLivenessProbe: {}
+## @param customReadinessProbe Override default readiness probe
+##
+customReadinessProbe: {}
+## Autoscaling parameters
+## @param autoscaling.enabled Enable autoscaling for NGINX deployment
+## @param autoscaling.minReplicas Minimum number of replicas to scale back
+## @param autoscaling.maxReplicas Maximum number of replicas to scale out
+## @param autoscaling.targetCPU Target CPU utilization percentage
+## @param autoscaling.targetMemory Target Memory utilization percentage
+##
+autoscaling:
+ enabled: false
+ minReplicas: ""
+ maxReplicas: ""
+ targetCPU: ""
+ targetMemory: ""
+## @param extraVolumes Array to add extra volumes
+##
+extraVolumes: []
+## @param extraVolumeMounts Array to add extra mount
+##
+extraVolumeMounts: []
+## Pods Service Account
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+##
+serviceAccount:
+ ## @param serviceAccount.create Enable creation of ServiceAccount for nginx pod
+ ##
+ create: true
+ ## @param serviceAccount.name The name of the ServiceAccount to use.
+ ## If not set and create is true, a name is generated using the `common.names.fullname` template
+ name: ""
+ ## @param serviceAccount.annotations Annotations for service account. Evaluated as a template.
+ ## Only used if `create` is `true`.
+ ##
+ annotations: {}
+ ## @param serviceAccount.automountServiceAccountToken Auto-mount the service account token in the pod
+ ##
+ automountServiceAccountToken: false
+## @param sidecars Sidecar parameters
+## e.g:
+## sidecars:
+## - name: your-image-name
+## image: your-image
+## imagePullPolicy: Always
+## ports:
+## - name: portname
+## containerPort: 1234
+##
+sidecars: []
+## @param sidecarSingleProcessNamespace Enable sharing the process namespace with sidecars
+## This will switch pod.spec.shareProcessNamespace parameter
+##
+sidecarSingleProcessNamespace: false
+## @param initContainers Extra init containers
+##
+initContainers: []
+## Pod Disruption Budget configuration
+## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
+##
+pdb:
+ ## @param pdb.create Created a PodDisruptionBudget
+ ##
+ create: true
+ ## @param pdb.minAvailable Min number of pods that must still be available after the eviction.
+ ## You can specify an integer or a percentage by setting the value to a string representation of a percentage (eg. "50%"). It will be disabled if set to 0
+ ##
+ minAvailable: ""
+ ## @param pdb.maxUnavailable Max number of pods that can be unavailable after the eviction.
+ ## You can specify an integer or a percentage by setting the value to a string representation of a percentage (eg. "50%"). It will be disabled if set to 0. Defaults to `1` if both `pdb.minAvailable` and `pdb.maxUnavailable` are empty.
+ ##
+ maxUnavailable: ""
+## @section Custom NGINX application parameters
+
+## Get the server static content from a git repository
+## NOTE: This will override staticSiteConfigmap and staticSitePVC
+##
+cloneStaticSiteFromGit:
+ ## @param cloneStaticSiteFromGit.enabled Get the server static content from a Git repository
+ ##
+ enabled: false
+ ## Bitnami Git image version
+ ## ref: https://hub.docker.com/r/bitnami/git/tags/
+ ## @param cloneStaticSiteFromGit.image.registry [default: REGISTRY_NAME] Git image registry
+ ## @param cloneStaticSiteFromGit.image.repository [default: REPOSITORY_NAME/git] Git image repository
+ ## @skip cloneStaticSiteFromGit.image.tag Git image tag (immutable tags are recommended)
+ ## @param cloneStaticSiteFromGit.image.digest Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
+ ## @param cloneStaticSiteFromGit.image.pullPolicy Git image pull policy
+ ## @param cloneStaticSiteFromGit.image.pullSecrets Specify docker-registry secret names as an array
+ ##
+ image:
+ registry: docker.io
+ repository: bitnami/git
+ tag: 2.50.1-debian-12-r1
+ digest: ""
+ ## Specify a imagePullPolicy
+ ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
+ ##
+ pullPolicy: IfNotPresent
+ ## Optionally specify an array of imagePullSecrets.
+ ## Secrets must be manually created in the namespace.
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+ ## e.g:
+ ## pullSecrets:
+ ## - myRegistryKeySecretName
+ ##
+ pullSecrets: []
+ ## @param cloneStaticSiteFromGit.repository Git Repository to clone static content from
+ ##
+ repository: ""
+ ## @param cloneStaticSiteFromGit.branch Git branch to checkout
+ ##
+ branch: ""
+ ## @param cloneStaticSiteFromGit.interval Interval for sidecar container pull from the Git repository
+ ##
+ interval: 60
+ ## Additional configuration for git-clone-repository initContainer
+ ##
+ gitClone:
+ ## @param cloneStaticSiteFromGit.gitClone.command Override default container command for git-clone-repository
+ ##
+ command: []
+ ## @param cloneStaticSiteFromGit.gitClone.args Override default container args for git-clone-repository
+ ##
+ args: []
+ ## Additional configuration for the git-repo-syncer container
+ ##
+ gitSync:
+ ## @param cloneStaticSiteFromGit.gitSync.command Override default container command for git-repo-syncer
+ ##
+ command: []
+ ## @param cloneStaticSiteFromGit.gitSync.args Override default container args for git-repo-syncer
+ ##
+ args: []
+ ## git-repo-syncer resource requests and limits
+ ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+ ## @param cloneStaticSiteFromGit.gitSync.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if cloneStaticSiteFromGit.gitSync.resources is set (cloneStaticSiteFromGit.gitSync.resources is recommended for production).
+ ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
+ ##
+ resourcesPreset: "nano"
+ ## @param cloneStaticSiteFromGit.gitSync.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
+ ## Example:
+ ## resources:
+ ## requests:
+ ## cpu: 2
+ ## memory: 512Mi
+ ## limits:
+ ## cpu: 3
+ ## memory: 1024Mi
+ ##
+ resources: {}
+ ## @param cloneStaticSiteFromGit.extraEnvVars Additional environment variables to set for the in the containers that clone static site from git
+ ## E.g:
+ ## extraEnvVars:
+ ## - name: FOO
+ ## value: BAR
+ ##
+ extraEnvVars: []
+ ## @param cloneStaticSiteFromGit.extraEnvVarsSecret Secret with extra environment variables
+ ##
+ extraEnvVarsSecret: ""
+ ## @param cloneStaticSiteFromGit.extraVolumeMounts Add extra volume mounts for the Git containers
+ ## Useful to mount keys to connect through ssh. (normally used with extraVolumes)
+ ## E.g:
+ ## extraVolumeMounts:
+ ## - name: ssh-dir
+ ## mountPath: /root/.ssh/
+ ##
+ extraVolumeMounts: []
+## @param serverBlock Custom server block to be added to NGINX configuration
+## PHP-FPM example server block:
+## serverBlock: |-
+## server {
+## listen 0.0.0.0:8080;
+## root /app;
+## location / {
+## index index.html index.php;
+## }
+## location ~ \.php$ {
+## fastcgi_pass phpfpm-server:9000;
+## fastcgi_index index.php;
+## include fastcgi.conf;
+## }
+## }
+##
+serverBlock: ""
+## @param streamServerBlock Custom stream server block to be added to NGINX configuration
+## streamServerBlock: |-
+## server {
+## listen 0.0.0.0:8080 udp;
+## proxy_pass localhost:9000;
+## }
+##
+streamServerBlock: ""
+## @param existingServerBlockConfigmap ConfigMap with custom server block to be added to NGINX configuration
+## NOTE: This will override serverBlock
+##
+existingServerBlockConfigmap: ""
+## @param existingStreamServerBlockConfigmap ConfigMap with custom stream server block to be added to NGINX configuration
+## NOTE: This will override streamServerBlock
+##
+existingStreamServerBlockConfigmap: ""
+## @param staticSiteConfigmap Name of existing ConfigMap with the server static site content
+##
+staticSiteConfigmap: ""
+## @param staticSitePVC Name of existing PVC with the server static site content
+## NOTE: This will override staticSiteConfigmap
+##
+staticSitePVC: ""
+## @section Traffic Exposure parameters
+
+## NGINX Service properties
+##
+service:
+ ## @param service.type Service type
+ ##
+ type: LoadBalancer
+ ## @param service.ports.http Service HTTP port
+ ## @param service.ports.https Service HTTPS port
+ ##
+ ports:
+ http: 80
+ https: 443
+ ##
+ ## @param service.nodePorts [object] Specify the nodePort(s) value(s) for the LoadBalancer and NodePort service types.
+ ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
+ ##
+ nodePorts:
+ http: ""
+ https: ""
+ ## @param service.targetPort [object] Target port reference value for the Loadbalancer service types can be specified explicitly.
+ ## Listeners for the Loadbalancer can be custom mapped to the http or https service.
+ ## Example: Mapping the https listener to targetPort http [http: https]
+ ##
+ targetPort:
+ http: http
+ https: https
+ ## @param service.clusterIP NGINX service Cluster IP
+ ## e.g.:
+ ## clusterIP: None
+ ##
+ clusterIP: ""
+ ## @param service.loadBalancerIP LoadBalancer service IP address
+ ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
+ ##
+ loadBalancerIP: ""
+ ## @param service.loadBalancerSourceRanges NGINX service Load Balancer sources
+ ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
+ ## e.g:
+ ## loadBalancerSourceRanges:
+ ## - 10.10.10.0/24
+ ##
+ loadBalancerSourceRanges: []
+ ## @param service.loadBalancerClass service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific)
+ ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
+ ##
+ loadBalancerClass: ""
+ ## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
+ ##
+ extraPorts: []
+ ## @param service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP"
+ ## If "ClientIP", consecutive client requests will be directed to the same Pod
+ ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
+ ##
+ sessionAffinity: None
+ ## @param service.sessionAffinityConfig Additional settings for the sessionAffinity
+ ## sessionAffinityConfig:
+ ## clientIP:
+ ## timeoutSeconds: 300
+ ##
+ sessionAffinityConfig: {}
+ ## @param service.annotations Service annotations
+ ## This can be used to set the LoadBalancer service type to internal only.
+ ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
+ ##
+ annotations: {}
+ ## @param service.externalTrafficPolicy Enable client source IP preservation
+ ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
+ ##
+ externalTrafficPolicy: Cluster
+## Network Policies
+## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
+##
+networkPolicy:
+ ## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created
+ ##
+ enabled: true
+ ## @param networkPolicy.allowExternal Don't require server label for connections
+ ## The Policy model to apply. When set to false, only pods with the correct
+ ## server label will have network access to the ports server is listening
+ ## on. When true, server will accept connections from any source
+ ## (with the correct destination port).
+ ##
+ allowExternal: true
+ ## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
+ ##
+ allowExternalEgress: true
+ ## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
+ ## e.g:
+ ## extraIngress:
+ ## - ports:
+ ## - port: 1234
+ ## from:
+ ## - podSelector:
+ ## - matchLabels:
+ ## - role: frontend
+ ## - podSelector:
+ ## - matchExpressions:
+ ## - key: role
+ ## operator: In
+ ## values:
+ ## - frontend
+ extraIngress: []
+ ## @param networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy (ignored if allowExternalEgress=true)
+ ## e.g:
+ ## extraEgress:
+ ## - ports:
+ ## - port: 1234
+ ## to:
+ ## - podSelector:
+ ## - matchLabels:
+ ## - role: frontend
+ ## - podSelector:
+ ## - matchExpressions:
+ ## - key: role
+ ## operator: In
+ ## values:
+ ## - frontend
+ ##
+ extraEgress: []
+ ## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
+ ## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
+ ##
+ ingressNSMatchLabels: {}
+ ingressNSPodMatchLabels: {}
+## Configure the ingress resource that allows you to access the
+## Nginx installation. Set up the URL
+## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
+##
+ingress:
+ ## @param ingress.enabled Set to true to enable ingress record generation
+ ##
+ enabled: false
+ ## @param ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm
+ ##
+ selfSigned: false
+ ## @param ingress.pathType Ingress path type
+ ##
+ pathType: ImplementationSpecific
+ ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set)
+ ##
+ apiVersion: ""
+ ## @param ingress.hostname Default host for the ingress resource
+ ##
+ hostname: nginx.local
+ ## @param ingress.path The Path to Nginx. You may need to set this to '/*' in order to use this with ALB ingress controllers.
+ ##
+ path: /
+ ## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.
+ ## For a full list of possible ingress annotations, please see
+ ## ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
+ ## Use this parameter to set the required annotations for cert-manager, see
+ ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
+ ##
+ ## e.g:
+ ## annotations:
+ ## kubernetes.io/ingress.class: nginx
+ ## cert-manager.io/cluster-issuer: cluster-issuer-name
+ ##
+ annotations: {}
+ ## @param ingress.ingressClassName Set the ingerssClassName on the ingress record for k8s 1.18+
+ ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster .
+ ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
+ ##
+ ingressClassName: ""
+ ## @param ingress.tls Create TLS Secret
+ ## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }}
+ ## You can use the ingress.secrets parameter to create this TLS secret or relay on cert-manager to create it
+ ##
+ tls: false
+ ## @param ingress.tlsWwwPrefix Adds www subdomain to default cert
+ ## Creates tls host with ingress.hostname: {{ print "www.%s" .Values.ingress.hostname }}
+ ## Is enabled if "nginx.ingress.kubernetes.io/from-to-www-redirect" is "true"
+ tlsWwwPrefix: false
+ ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record.
+ ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array
+ ## extraHosts:
+ ## - name: nginx.local
+ ## path: /
+ ##
+ extraHosts: []
+ ## @param ingress.extraPaths Any additional arbitrary paths that may need to be added to the ingress under the main host.
+ ## For example: The ALB ingress controller requires a special rule for handling SSL redirection.
+ ## extraPaths:
+ ## - path: /*
+ ## backend:
+ ## serviceName: ssl-redirect
+ ## servicePort: use-annotation
+ ##
+ extraPaths: []
+ ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record.
+ ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
+ ## extraTls:
+ ## - hosts:
+ ## - nginx.local
+ ## secretName: nginx.local-tls
+ ##
+ extraTls: []
+ ## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets
+ ## key and certificate should start with -----BEGIN CERTIFICATE----- or
+ ## -----BEGIN RSA PRIVATE KEY-----
+ ##
+ ## name should line up with a tlsSecret set further up
+ ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
+ ##
+ ## It is also possible to create and manage the certificates outside of this helm chart
+ ## Please see README.md for more information
+ ## e.g:
+ ## - name: nginx.local-tls
+ ## key:
+ ## certificate:
+ ##
+ secrets: []
+ ## @param ingress.extraRules The list of additional rules to be added to this ingress record. Evaluated as a template
+ ## Useful when looking for additional customization, such as using different backend
+ ##
+ extraRules: []
+## Health Ingress parameters
+##
+healthIngress:
+ ## @param healthIngress.enabled Set to true to enable health ingress record generation
+ ##
+ enabled: false
+ ## @param healthIngress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm
+ ##
+ selfSigned: false
+ ## @param healthIngress.pathType Ingress path type
+ ##
+ pathType: ImplementationSpecific
+ ## @param healthIngress.hostname When the health ingress is enabled, a host pointing to this will be created
+ ##
+ hostname: example.local
+ ## @param healthIngress.path Default path for the ingress record
+ ## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers
+ ##
+ path: /
+ ## @param healthIngress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.
+ ## For a full list of possible ingress annotations, please see
+ ## ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
+ ## Use this parameter to set the required annotations for cert-manager, see
+ ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
+ ##
+ ## e.g:
+ ## annotations:
+ ## kubernetes.io/ingress.class: nginx
+ ## cert-manager.io/cluster-issuer: cluster-issuer-name
+ ##
+ annotations: {}
+ ## @param healthIngress.tls Enable TLS configuration for the hostname defined at `healthIngress.hostname` parameter
+ ## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.healthIngress.hostname }}
+ ## You can use the healthIngress.secrets parameter to create this TLS secret, relay on cert-manager to create it, or
+ ## let the chart create self-signed certificates for you
+ ##
+ tls: false
+ ## @param healthIngress.extraHosts An array with additional hostname(s) to be covered with the ingress record
+ ## e.g:
+ ## extraHosts:
+ ## - name: example.local
+ ## path: /
+ ##
+ extraHosts: []
+ ## @param healthIngress.extraPaths An array with additional arbitrary paths that may need to be added to the ingress under the main host
+ ## e.g:
+ ## extraPaths:
+ ## - path: /*
+ ## backend:
+ ## serviceName: ssl-redirect
+ ## servicePort: use-annotation
+ ##
+ extraPaths: []
+ ## @param healthIngress.extraTls TLS configuration for additional hostnames to be covered
+ ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
+ ## E.g.
+ ## extraTls:
+ ## - hosts:
+ ## - example.local
+ ## secretName: example.local-tls
+ ##
+ extraTls: []
+ ## @param healthIngress.secrets TLS Secret configuration
+ ## If you're providing your own certificates, please use this to add the certificates as secrets
+ ## key and certificate should start with -----BEGIN CERTIFICATE----- or -----BEGIN RSA PRIVATE KEY-----
+ ## name should line up with a secretName set further up
+ ## If it is not set and you're using cert-manager, this is unneeded, as it will create the secret for you
+ ## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created
+ ## It is also possible to create and manage the certificates outside of this helm chart
+ ## Please see README.md for more information
+ ##
+ ## E.g.
+ ## secrets:
+ ## - name: example.local-tls
+ ## key:
+ ## certificate:
+ ##
+ secrets: []
+ ## @param healthIngress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
+ ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster .
+ ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
+ ##
+ ingressClassName: ""
+ ## @param healthIngress.extraRules The list of additional rules to be added to this ingress record. Evaluated as a template
+ ## Useful when looking for additional customization, such as using different backend
+ ##
+ extraRules: []
+## @section Metrics parameters
+
+## Prometheus Exporter / Metrics
+##
+metrics:
+ ## @param metrics.enabled Start a Prometheus exporter sidecar container
+ ##
+ enabled: false
+ ## Bitnami NGINX Prometheus Exporter image
+ ## ref: https://hub.docker.com/r/bitnami/nginx-exporter/tags/
+ ## @param metrics.image.registry [default: REGISTRY_NAME] NGINX Prometheus exporter image registry
+ ## @param metrics.image.repository [default: REPOSITORY_NAME/nginx-exporter] NGINX Prometheus exporter image repository
+ ## @skip metrics.image.tag NGINX Prometheus exporter image tag (immutable tags are recommended)
+ ## @param metrics.image.digest NGINX Prometheus exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
+ ## @param metrics.image.pullPolicy NGINX Prometheus exporter image pull policy
+ ## @param metrics.image.pullSecrets Specify docker-registry secret names as an array
+ ##
+ image:
+ registry: docker.io
+ repository: bitnami/nginx-exporter
+ tag: 1.4.2-debian-12-r7
+ digest: ""
+ pullPolicy: IfNotPresent
+ ## Optionally specify an array of imagePullSecrets.
+ ## Secrets must be manually created in the namespace.
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+ ## e.g:
+ ## pullSecrets:
+ ## - myRegistryKeySecretName
+ ##
+ pullSecrets: []
+ ## @param metrics.port NGINX Container Status Port scraped by Prometheus Exporter
+ ## Defaults to specified http port
+ ##
+ port: ""
+ ## @param metrics.extraArgs Extra arguments for Prometheus exporter
+ ## e.g:
+ ## extraArgs:
+ ## - --nginx.timeout
+ ## - 5s
+ ##
+ extraArgs: []
+ ## @param metrics.containerPorts.metrics Prometheus exporter container port
+ ##
+ containerPorts:
+ metrics: 9113
+ ## @param metrics.podAnnotations Additional annotations for NGINX Prometheus exporter pod(s)
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+ ##
+ podAnnotations: {}
+ ## Container Security Context
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+ ## @param metrics.securityContext.enabled Enabled NGINX Exporter containers' Security Context
+ ## @param metrics.securityContext.seLinuxOptions [object,nullable] Set SELinux options in container
+ ## @param metrics.securityContext.runAsUser Set NGINX Exporter container's Security Context runAsUser
+ ##
+ securityContext:
+ enabled: false
+ seLinuxOptions: {}
+ runAsUser: 1001
+ ## Prometheus exporter service parameters
+ ##
+ service:
+ ## @param metrics.service.port NGINX Prometheus exporter service port
+ ##
+ port: 9113
+ ## @param metrics.service.annotations [object] Annotations for the Prometheus exporter service
+ ##
+ annotations:
+ prometheus.io/scrape: "true"
+ prometheus.io/port: "{{ .Values.metrics.service.port }}"
+ ## NGINX Prometheus exporter resource requests and limits
+ ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+ ## We usually recommend not to specify default resources and to leave this as a conscious
+ ## choice for the user. This also increases chances charts run on environments with little
+ ## resources, such as Minikube. If you do want to specify resources, uncomment the following
+ ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production).
+ ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
+ ##
+ resourcesPreset: "nano"
+ ## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
+ ## Example:
+ ## resources:
+ ## requests:
+ ## cpu: 2
+ ## memory: 512Mi
+ ## limits:
+ ## cpu: 3
+ ## memory: 1024Mi
+ ##
+ resources: {}
+ ## Prometheus Operator ServiceMonitor configuration
+ ##
+ serviceMonitor:
+ ## @param metrics.serviceMonitor.enabled Creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)
+ ##
+ enabled: false
+ ## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running
+ ##
+ namespace: ""
+ ## @param metrics.serviceMonitor.tlsConfig [object] TLS configuration used for scrape endpoints used by Prometheus
+ ##
+ tlsConfig: {}
+ ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
+ ##
+ jobLabel: ""
+ ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped.
+ ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
+ ## e.g:
+ ## interval: 10s
+ ##
+ interval: ""
+ ## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
+ ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
+ ## e.g:
+ ## scrapeTimeout: 10s
+ ##
+ scrapeTimeout: ""
+ ## @param metrics.serviceMonitor.selector Prometheus instance selector labels
+ ## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration
+ ##
+ ## selector:
+ ## prometheus: my-prometheus
+ ##
+ selector: {}
+ ## @param metrics.serviceMonitor.labels Additional labels that can be used so PodMonitor will be discovered by Prometheus
+ ##
+ labels: {}
+ ## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping
+ ##
+ relabelings: []
+ ## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion
+ ##
+ metricRelabelings: []
+ ## @param metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels
+ ##
+ honorLabels: false
+ ## Prometheus Operator PrometheusRule configuration
+ ##
+ prometheusRule:
+ ## @param metrics.prometheusRule.enabled if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`)
+ ##
+ enabled: false
+ ## @param metrics.prometheusRule.namespace Namespace for the PrometheusRule Resource (defaults to the Release Namespace)
+ ##
+ namespace: ""
+ ## @param metrics.prometheusRule.additionalLabels Additional labels that can be used so PrometheusRule will be discovered by Prometheus
+ ##
+ additionalLabels: {}
+ ## @param metrics.prometheusRule.rules Prometheus Rule definitions
+ ## - alert: LowInstance
+ ## expr: up{service="{{ template "common.names.fullname" . }}"} < 1
+ ## for: 1m
+ ## labels:
+ ## severity: critical
+ ## annotations:
+ ## description: Service {{ template "common.names.fullname" . }} Tomcat is down since 1m.
+ ## summary: Tomcat instance is down.
+ ##
+ rules: []