Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / 4db32e18397487fe6dbd6e61b86efe0d8c8af0e8 / . / helmfile / apps / helmfile.yaml
blob: 692177dcfcb512560c9cf95f83a40d0021005c6c [file] [log] [blame]
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]1repositories:
2- name: ingress-nginx
3 url: https://kubernetes.github.io/ingress-nginx
giolekvadd750802021-11-07 13:24:21 +0400[diff] [blame]4- name: bitnami
5 url: https://charts.bitnami.com/bitnami
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]6
7helmDefaults:
8 tillerless: true
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]9 waitForJobs: true
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]10 createNamespace: false
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]11
12releases:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]13- name: namespaces
14 chart: ../../charts/namespaces
15 namespace: {{ .Values.id }}
16 createNamespace: true
17 values:
18 - pcloudInstanceId: {{ .Values.id }}
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]19 - namespacePrefix: {{ .Values.namespacePrefix }}
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]20 - namespaces:
21 - app-maddy
22 - app-matrix
23 - app-pihole
24 - app-vaultwarden
25 - core-auth
26 - ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]27- name: vpn-mesh-config
28 chart: ../../charts/vpn-mesh-config
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]29 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]30 values:
31 - certificateAuthority:
32 name: {{ .Values.id }}
33 secretName: ca-{{ .Values.id }}-cert
34 - lighthouse:
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]35 internalIP: {{ .Values.lighthouseMainIP }}
36 externalIP: {{ .Values.publicIP }}
37 port: "{{ .Values.lighthouseMainPort }}"
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]38- name: ingress-private
39 chart: ingress-nginx/ingress-nginx
40 version: 4.0.3
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]41 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]42 values:
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]43 - fullnameOverride: {{ .Values.id }}-nginx-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]44 - controller:
45 service:
46 type: ClusterIP
47 ingressClassByName: true
48 ingressClassResource:
49 name: {{ .Values.id }}-ingress-private
50 enabled: true
51 default: false
52 controllerValue: k8s.io/{{ .Values.id }}-ingress-private
53 extraArgs:
54 default-ssl-certificate: "{{ .Values.id }}-ingress-private/cert-wildcard.p.{{ .Values.domain }}"
55 extraVolumes:
56 - name: lighthouse-cert
57 secret:
58 secretName: node-lighthouse-cert
59 - name: config
60 configMap:
61 name: lighthouse-config
62 extraContainers:
63 - name: lighthouse
64 image: giolekva/nebula:latest
65 imagePullPolicy: IfNotPresent
66 securityContext:
67 privileged: true
68 capabilities:
69 add:
70 - NET_ADMIN
71 ports:
72 - name: nebula
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]73 containerPort: {{ .Values.lighthouseMainPort }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]74 protocol: UDP
75 command:
76 - nebula
77 - --config=/etc/nebula/config/lighthouse.yaml
78 volumeMounts:
79 - name: lighthouse-cert
80 mountPath: /etc/nebula/lighthouse
81 - name: config
82 mountPath: /etc/nebula/config
83 config:
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]84 bind-address: {{ .Values.lighthouseMainIP }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]85 proxy-body-size: 0
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]86 - udp:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]87 53: "{{ .Values.namespacePrefix }}app-pihole/pihole-dns-udp:53"
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]88 - tcp:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]89 53: "{{ .Values.namespacePrefix }}app-pihole/pihole-dns-tcp:53"
90 143: "{{ .Values.namespacePrefix }}app-maddy/maddy:143"
91 465: "{{ .Values.namespacePrefix }}app-maddy/maddy:465"
92 587: "{{ .Values.namespacePrefix }}app-maddy/maddy:587"
93 993: "{{ .Values.namespacePrefix }}app-maddy/maddy:993"
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]94- name: certificate-issuer
95 chart: ../../charts/certificate-issuer
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]96 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]97 values:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]98 - pcloudInstanceId: {{ .Values.id }}
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]99 - certManager:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]100 namespace: {{ .Values.pcloudEnvName }}-cert-manager
101 gandiWebhookSecretReader: {{ .Values.pcloudEnvName }}-cert-manager-webhook-gandi
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]102 - public:
103 name: {{ .Values.id }}-public
104 server: https://acme-v02.api.letsencrypt.org/directory
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]105 domain: {{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]106 stagingServer: https://acme-staging-v02.api.letsencrypt.org/directory
107 contactEmail: {{ .Values.contactEmail }}
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]108 ingressClass: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]109 - private:
110 name: {{ .Values.id }}-private
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]111 server: https://acme-v02.api.letsencrypt.org/directory
112 domain: p.{{ .Values.domain }}
113 contactEmail: {{ .Values.contactEmail }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]114 ingressClassName: {{ .Values.id }}-ingress-private
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]115 gandiAPIToken: {{ .Values.gandiAPIToken }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]116- name: core-auth-storage # TODO(giolekva): merge with core-auth
117 chart: bitnami/postgresql
118 version: 10.13.5
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]119 namespace: {{ .Values.namespacePrefix }}core-auth
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]120 values:
121 - fullnameOverride: postgres
122 - image:
123 repository: arm64v8/postgres
124 tag: 13.4
125 - service:
126 type: ClusterIP
127 port: 5432
128 - postgresqlPassword: psswd
129 - postgresqlDatabase: kratos
130 - persistence:
131 size: 1Gi
132 - securityContext:
133 enabled: true
134 fsGroup: 0
135 - containerSecurityContext:
136 enabled: true
137 runAsUser: 0
138 - volumePermissions:
139 securityContext:
140 runAsUser: 0
141- name: core-auth
142 chart: ../../charts/auth
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]143 namespace: {{ .Values.namespacePrefix }}core-auth
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]144 values:
145 - kratos:
146 fullnameOverride: kratos
147 image:
148 repository: giolekva/ory-kratos
149 tag: latest
150 pullPolicy: Always
151 service:
152 admin:
153 enabled: true
154 type: ClusterIP
155 port: 80
156 name: http
157 public:
158 enabled: true
159 type: ClusterIP
160 port: 80
161 name: http
162 ingress:
163 admin:
164 enabled: true
165 className: {{ .Values.id }}-ingress-private
166 hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]167 - host: kratos.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]168 paths:
169 - path: /
170 pathType: Prefix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]171 tls:
172 - hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]173 - kratos.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]174 public:
175 enabled: true
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]176 className: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]177 hosts:
178 - host: accounts.{{ .Values.domain }}
179 paths:
180 - path: /
181 pathType: Prefix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]182 tls:
183 - hosts:
184 - accounts.{{ .Values.domain }}
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]185 secretName: cert-accounts.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]186 secret:
187 enabled: true
188 kratos:
189 autoMigrate: true
190 development: false
191 config:
192 version: v0.7.1-alpha.1
193 dsn: postgres://postgres:psswd@postgres:5432/kratos?sslmode=disable&max_conns=20&max_idle_conns=4
194 serve:
195 public:
196 base_url: https://accounts.{{ .Values.domain }}
197 cors:
198 enabled: true
199 debug: false
200 allow_credentials: true
201 allowed_origins:
202 - https://{{ .Values.domain }}
203 - https://*.{{ .Values.domain }}
204 admin:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]205 base_url: https://kratos.p.{{ .Values.domain }}/
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]206 selfservice:
207 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}
208 whitelisted_return_urls:
209 - https://accounts-ui.{{ .Values.domain }}
210 methods:
211 password:
212 enabled: true
213 flows:
214 error:
215 ui_url: https://accounts-ui.{{ .Values.domain }}/error
216 settings:
217 ui_url: https://accounts-ui.{{ .Values.domain }}/settings
218 privileged_session_max_age: 15m
219 recovery:
220 enabled: false
221 verification:
222 enabled: false
223 logout:
224 after:
225 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}/login
226 login:
227 ui_url: https://accounts-ui.{{ .Values.domain }}/login
228 lifespan: 10m
229 after:
230 password:
231 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}/
232 registration:
233 lifespan: 10m
234 ui_url: https://accounts-ui.{{ .Values.domain }}/registration
235 after:
236 password:
237 hooks:
238 -
239 hook: session
240 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}/
241 log:
242 level: debug
243 format: text
244 leak_sensitive_values: true
245 cookies:
246 path: /
247 same_site: None
248 domain: {{ .Values.domain }}
249 secrets:
250 cookie:
251 - PLEASE-CHANGE-ME-I-AM-VERY-INSECURE
252 # cipher:
253 # - 32-LONG-SECRET-NOT-SECURE-AT-ALL
254 # ciphers:
255 # algorithm: xchacha20-poly1305
256 hashers:
257 argon2:
258 parallelism: 1
259 memory: 128MB
260 iterations: 2
261 salt_length: 16
262 key_length: 16
263 identity:
264 default_schema_url: file:///etc/config/identity.schema.json
265 courier:
266 smtp:
267 connection_uri: smtps://test-z1VmkYfYPjgdPRgPFgmeZ31esT9rUgS%40{{ .Values.domain }}:iW%213Kk%5EPPLFrZa%24%21bbpTPN9Wv3b8mvwS6ZJvMLtce%23A2%2A4MotD@mx1.{{ .Values.domain }}
268 identitySchemas:
269 "identity.schema.json": |
270 {
271 "$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json",
272 "$schema": "http://json-schema.org/draft-07/schema#",
273 "title": "User",
274 "type": "object",
275 "properties": {
276 "traits": {
277 "type": "object",
278 "properties": {
279 "username": {
280 "type": "string",
281 "format": "username",
282 "title": "Username",
283 "minLength": 3,
284 "ory.sh/kratos": {
285 "credentials": {
286 "password": {
287 "identifier": true
288 }
289 }
290 }
291 }
292 },
293 "additionalProperties": false
294 }
295 }
296 }
297 - hydra:
298 fullnameOverride: hydra
299 image:
300 repository: giolekva/ory-hydra
301 tag: latest
302 pullPolicy: Always
303 service:
304 admin:
305 enabled: true
306 type: ClusterIP
307 port: 80
308 name: http
309 public:
310 enabled: true
311 type: ClusterIP
312 port: 80
313 name: http
314 ingress:
315 admin:
316 enabled: true
317 className: {{ .Values.id }}-ingress-private
318 hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]319 - host: hydra.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]320 paths:
321 - path: /
322 pathType: Prefix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]323 tls:
324 - hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]325 - hydra.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]326 public:
327 enabled: true
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]328 className: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]329 hosts:
330 - host: hydra.{{ .Values.domain }}
331 paths:
332 - path: /
333 pathType: Prefix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]334 tls:
335 - hosts:
336 - hydra.{{ .Values.domain }}
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]337 secretName: cert-hydra.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]338 secret:
339 enabled: true
340 maester:
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame]341 enabled: false
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]342 hydraFullnameOverride: hydra
343 hydra-maester:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]344 fullnameOverride: {{ .Values.id }}-hydra-maester
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]345 image:
346 repository: giolekva/ory-hydra-maester
347 tag: latest
348 pullPolicy: IfNotPresent
349 adminService:
350 name: hydra
351 port: 80
352 hydra:
353 autoMigrate: true
354 config:
355 version: v1.10.6
356 dsn: postgres://postgres:psswd@postgres:5432/kratos?sslmode=disable&max_conns=20&max_idle_conns=4
357 serve:
358 cookies:
359 same_site_mode: None
360 public:
361 cors:
362 enabled: true
363 debug: false
364 allow_credentials: true
365 allowed_origins:
366 - https://{{ .Values.domain }}
367 - https://*.{{ .Values.domain }}
368 admin:
369 # host: localhost
370 cors:
371 allowed_origins:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]372 - https://hydra.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]373 tls:
374 allow_termination_from:
375 - 0.0.0.0/0
376 - 10.42.0.0/16
377 - 10.43.0.0/16
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]378 - {{ .Values.lighthouseMainIP }}/32
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]379 tls:
380 allow_termination_from:
381 - 0.0.0.0/0
382 - 10.42.0.0/16
383 - 10.43.0.0/16
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]384 - {{ .Values.lighthouseMainIP }}/32
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]385 urls:
386 self:
387 public: https://hydra.{{ .Values.domain }}
388 issuer: https://hydra.{{ .Values.domain }}
389 consent: https://accounts-ui.{{ .Values.domain }}/consent
390 login: https://accounts-ui.{{ .Values.domain }}/login
391 logout: https://accounts-ui.{{ .Values.domain }}/logout
392 secrets:
393 system:
394 - youReallyNeedToChangeThis
395 oidc:
396 subject_identifiers:
397 supported_types:
398 - pairwise
399 - public
400 pairwise:
401 salt: youReallyNeedToChangeThis
402 log:
403 level: trace
404 leak_sensitive_values: false
405 - ui:
406 certificateIssuer: {{ .Values.id }}-public
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]407 ingressClassName: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]408 domain: {{ .Values.domain }}
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]409 internalDomain: p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]410 nebula:
411 lighthouse:
412 name: ui-lighthouse
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]413 internalIP: {{ .Values.lighthouseMainIP }}
414 externalIP: {{ .Values.publicIP }}
415 port: "{{ .Values.lighthouseMainPort }}"
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]416 node:
417 name: ui
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]418 ipCidr: {{ .Values.lighthouseAuthUIIP }}/24
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]419 secretName: node-ui-cert
420 certificateAuthority:
421 name: {{ .Values.id }}
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]422 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]423- name: vaultwarden
424 chart: ../../charts/vaultwarden
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]425 namespace: {{ .Values.namespacePrefix }}app-vaultwarden
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]426 values:
427 - image:
428 repository: vaultwarden/server
429 tag: 1.22.2
430 pullPolicy: IfNotPresent
431 - storage:
432 size: 1Gi
giolekva9cdcc042021-11-10 15:24:54 +0400[diff] [blame]433 - domain: bitwarden.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]434 - certificateIssuer: {{ .Values.id }}-private
435 - ingressClassName: {{ .Values.id }}-ingress-private
436- name: matrix-storage # TODO(giolekva): merge with core-auth
437 chart: bitnami/postgresql
438 version: 10.13.5
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]439 namespace: {{ .Values.namespacePrefix }}app-matrix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]440 values:
441 - fullnameOverride: postgres
442 - image:
443 repository: arm64v8/postgres
444 tag: 13.4
445 - service:
446 type: ClusterIP
447 port: 5432
448 - postgresqlPassword: psswd
449 - initdbScripts:
450 createdb.sh: |
451 #!/bin/sh
452 createdb -U postgres --encoding=UTF8 --locale=C --template=template0 --owner=postgres matrix
453 - persistence:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]454 size: {{ .Values.matrixStorageSize }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]455 - securityContext:
456 enabled: true
457 fsGroup: 0
458 - containerSecurityContext:
459 enabled: true
460 runAsUser: 0
461 - volumePermissions:
462 securityContext:
463 runAsUser: 0
464- name: matrix
465 chart: ../../charts/matrix
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]466 namespace: {{ .Values.namespacePrefix }}app-matrix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]467 values:
468 - domain: {{ .Values.domain }}
469 - oauth2:
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame]470 hydraAdmin: http://hydra-admin.{{ .Values.namespacePrefix}}core-auth.svc.cluster.local
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]471 hydraPublic: https://hydra.{{ .Values.domain }}
472 clientId: matrix
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]473 clientSecret: {{ .Values.matrixOAuth2ClientSecret }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]474 secretName: oauth2-client
475 - postgresql:
476 host: postgres
477 port: 5432
478 database: matrix
479 user: postgres
480 password: psswd
481 - certificateIssuer: {{ .Values.id }}-public
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]482 - ingressClassName: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]483 - configMerge:
484 configName: config-to-merge
485 fileName: to-merge.yaml
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]486- name: pihole
487 chart: ../../charts/pihole
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]488 namespace: {{ .Values.namespacePrefix }}app-pihole
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]489 values:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]490 - domain: pihole.p.{{ .Values.domain }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]491 - pihole:
492 image:
493 repository: "pihole/pihole"
494 tag: v5.8.1
495 persistentVolumeClaim:
496 enabled: true
497 size: 5Gi
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]498 adminPassword: admin
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]499 ingress:
500 enabled: false
501 serviceDhcp:
502 enabled: false
503 serviceDns:
504 type: ClusterIP
505 serviceWeb:
506 type: ClusterIP
507 http:
508 enabled: true
509 https:
510 enabled: false
giolekva17861bc2021-11-09 19:50:50 +0400[diff] [blame]511 virtualHost: pihole.p.{{ .Values.domain }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]512 resources:
513 requests:
514 cpu: "250m"
515 memory: "100M"
516 limits:
517 cpu: "500m"
518 memory: "250M"
519 - oauth2:
520 clientId: pihole
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]521 clientSecret: {{ .Values.piholeOAuth2ClientSecret }}
522 cookieSecret: {{ .Values.piholeOAuth2CookieSecret }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]523 secretName: oauth2-secret
524 configName: oauth2-proxy
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame]525 hydraAdmin: http://hydra-admin.{{ .Values.namespacePrefix}}core-auth.svc.cluster.local
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]526 - hydraPublic: https://hydra.{{ .Values.domain }}/
527 - profileUrl: https://accounts-ui.{{ .Values.domain }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]528 - ingressClassName: {{ .Values.id }}-ingress-private
giolekva7fe15192021-11-19 13:58:16 +0400[diff] [blame]529- name: maddy
530 chart: ../../charts/maddy
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]531 namespace: {{ .Values.namespacePrefix }}app-maddy
giolekva7fe15192021-11-19 13:58:16 +0400[diff] [blame]532 values:
533 - ingress:
534 private:
535 className: {{ .Values.id }}-ingress-private
536 domain: p.{{ .Values.domain }}
537 public:
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]538 className: {{ .Values.pcloudEnvName }}-ingress-public
giolekva7fe15192021-11-19 13:58:16 +0400[diff] [blame]539 domain: {{ .Values.domain }}
540 certificateIssuer: {{ .Values.id }}-public
541 - storage:
giolekva26a96812021-12-03 13:36:02 +0400[diff] [blame]542 size: 100Gi
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]543 - mailGateway:
544 mxHostname: {{ .Values.mxHostname}}
545 address: {{ .Values.mailGatewayAddress }}
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]546
547environments:
548 shveli:
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]549 secrets:
550 - secrets.shveli.yaml
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]551 values:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]552 - pcloudEnvName: pcloud
giolekvadd750802021-11-07 13:24:21 +0400[diff] [blame]553 - id: shveli
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]554 - namespacePrefix: shveli-
giolekvadd750802021-11-07 13:24:21 +0400[diff] [blame]555 - domain: shve.li
556 - contactEmail: giolekva@gmail.com
557 - certManagerNamespace: cert-manager
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]558 - mxHostname: mail.lekva.me
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]559 - mailGatewayAddress: "tcp://maddy.pcloud-mail-gateway.svc.cluster.local:587"
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]560 - matrixStorageSize: 10Gi
561 - publicIP: 46.49.35.44
562 - lighthouseMainIP: 110.0.0.1
563 - lighthouseMainPort: 4242
564 - lighthouseAuthUIIP: 110.0.0.2
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]565 lekva:
566 secrets:
567 - secrets.lekva.yaml
568 values:
569 - pcloudEnvName: pcloud
570 - id: lekva
571 - namespacePrefix: lekva-
572 - domain: lekva.me
573 - contactEmail: giolekva@gmail.com
574 - certManagerNamespace: cert-manager
575 - mxHostname: mail.lekva.me
576 - mailGatewayAddress: "tcp://maddy.pcloud-mail-gateway.svc.cluster.local:587"
577 - matrixStorageSize: 100Gi
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]578 - publicIP: 46.49.35.44
579 - lighthouseMainIP: 111.0.0.1
580 - lighthouseMainPort: 4243
581 - lighthouseAuthUIIP: 111.0.0.2