Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / 7e73ba7b0734c3651a46f285018dc2bd53fc9201 / . / helmfile / users / helmfile.yaml
blob: 567d3e08216ef2d22f5cf242891c751d25028ad0 [file] [log] [blame]
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]1repositories:
2- name: ingress-nginx
3 url: https://kubernetes.github.io/ingress-nginx
giolekvadd750802021-11-07 13:24:21 +0400[diff] [blame]4- name: bitnami
5 url: https://charts.bitnami.com/bitnami
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]6
7helmDefaults:
8 tillerless: true
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]9 waitForJobs: true
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]10 createNamespace: false
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]11
12releases:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]13- name: namespaces
14 chart: ../../charts/namespaces
15 namespace: {{ .Values.id }}
16 createNamespace: true
17 values:
18 - pcloudInstanceId: {{ .Values.id }}
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]19 - namespacePrefix: {{ .Values.namespacePrefix }}
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]20 - namespaces:
21 - app-maddy
22 - app-matrix
23 - app-pihole
24 - app-vaultwarden
25 - core-auth
26 - ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]27- name: vpn-mesh-config
28 chart: ../../charts/vpn-mesh-config
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]29 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]30 values:
31 - certificateAuthority:
32 name: {{ .Values.id }}
33 secretName: ca-{{ .Values.id }}-cert
34 - lighthouse:
35 internalIP: 111.0.0.1
36 externalIP: 46.49.35.44
37 port: "4243"
38- name: ingress-private
39 chart: ingress-nginx/ingress-nginx
40 version: 4.0.3
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]41 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]42 values:
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]43 - fullnameOverride: {{ .Values.id }}-nginx-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]44 - controller:
45 service:
46 type: ClusterIP
47 ingressClassByName: true
48 ingressClassResource:
49 name: {{ .Values.id }}-ingress-private
50 enabled: true
51 default: false
52 controllerValue: k8s.io/{{ .Values.id }}-ingress-private
53 extraArgs:
54 default-ssl-certificate: "{{ .Values.id }}-ingress-private/cert-wildcard.p.{{ .Values.domain }}"
55 extraVolumes:
56 - name: lighthouse-cert
57 secret:
58 secretName: node-lighthouse-cert
59 - name: config
60 configMap:
61 name: lighthouse-config
62 extraContainers:
63 - name: lighthouse
64 image: giolekva/nebula:latest
65 imagePullPolicy: IfNotPresent
66 securityContext:
67 privileged: true
68 capabilities:
69 add:
70 - NET_ADMIN
71 ports:
72 - name: nebula
73 containerPort: 4243
74 protocol: UDP
75 command:
76 - nebula
77 - --config=/etc/nebula/config/lighthouse.yaml
78 volumeMounts:
79 - name: lighthouse-cert
80 mountPath: /etc/nebula/lighthouse
81 - name: config
82 mountPath: /etc/nebula/config
83 config:
84 bind-address: 111.0.0.1
85 proxy-body-size: 0
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]86 - udp:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]87 53: "{{ .Values.namespacePrefix }}app-pihole/pihole-dns-udp:53"
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]88 - tcp:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]89 53: "{{ .Values.namespacePrefix }}app-pihole/pihole-dns-tcp:53"
90 143: "{{ .Values.namespacePrefix }}app-maddy/maddy:143"
91 465: "{{ .Values.namespacePrefix }}app-maddy/maddy:465"
92 587: "{{ .Values.namespacePrefix }}app-maddy/maddy:587"
93 993: "{{ .Values.namespacePrefix }}app-maddy/maddy:993"
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]94- name: certificate-issuer
95 chart: ../../charts/certificate-issuer
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]96 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]97 values:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]98 - pcloudInstanceId: {{ .Values.id }}
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]99 - certManager:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]100 namespace: {{ .Values.pcloudEnvName }}-cert-manager
101 gandiWebhookSecretReader: {{ .Values.pcloudEnvName }}-cert-manager-webhook-gandi
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]102 - public:
103 name: {{ .Values.id }}-public
104 server: https://acme-v02.api.letsencrypt.org/directory
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]105 domain: {{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]106 stagingServer: https://acme-staging-v02.api.letsencrypt.org/directory
107 contactEmail: {{ .Values.contactEmail }}
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]108 ingressClass: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]109 - private:
110 name: {{ .Values.id }}-private
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]111 server: https://acme-v02.api.letsencrypt.org/directory
112 domain: p.{{ .Values.domain }}
113 contactEmail: {{ .Values.contactEmail }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]114 ingressClassName: {{ .Values.id }}-ingress-private
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]115 gandiAPIToken: {{ .Values.gandiAPIToken }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]116- name: core-auth-storage # TODO(giolekva): merge with core-auth
117 chart: bitnami/postgresql
118 version: 10.13.5
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]119 namespace: {{ .Values.namespacePrefix }}core-auth
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]120 values:
121 - fullnameOverride: postgres
122 - image:
123 repository: arm64v8/postgres
124 tag: 13.4
125 - service:
126 type: ClusterIP
127 port: 5432
128 - postgresqlPassword: psswd
129 - postgresqlDatabase: kratos
130 - persistence:
131 size: 1Gi
132 - securityContext:
133 enabled: true
134 fsGroup: 0
135 - containerSecurityContext:
136 enabled: true
137 runAsUser: 0
138 - volumePermissions:
139 securityContext:
140 runAsUser: 0
141- name: core-auth
142 chart: ../../charts/auth
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]143 namespace: {{ .Values.namespacePrefix }}core-auth
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]144 values:
145 - kratos:
146 fullnameOverride: kratos
147 image:
148 repository: giolekva/ory-kratos
149 tag: latest
150 pullPolicy: Always
151 service:
152 admin:
153 enabled: true
154 type: ClusterIP
155 port: 80
156 name: http
157 public:
158 enabled: true
159 type: ClusterIP
160 port: 80
161 name: http
162 ingress:
163 admin:
164 enabled: true
165 className: {{ .Values.id }}-ingress-private
166 hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]167 - host: kratos.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]168 paths:
169 - path: /
170 pathType: Prefix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]171 tls:
172 - hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]173 - kratos.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]174 public:
175 enabled: true
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]176 className: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]177 hosts:
178 - host: accounts.{{ .Values.domain }}
179 paths:
180 - path: /
181 pathType: Prefix
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]182 annotations:
183 cert-manager.io/cluster-issuer: "{{ .Values.id }}-public"
184 acme.cert-manager.io/http01-edit-in-place: "true"
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]185 tls:
186 - hosts:
187 - accounts.{{ .Values.domain }}
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]188 secretName: cert-accounts.{{ .Values.domain }}
189 # secretName: cert-wildcard.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]190 secret:
191 enabled: true
192 kratos:
193 autoMigrate: true
194 development: false
195 config:
196 version: v0.7.1-alpha.1
197 dsn: postgres://postgres:psswd@postgres:5432/kratos?sslmode=disable&max_conns=20&max_idle_conns=4
198 serve:
199 public:
200 base_url: https://accounts.{{ .Values.domain }}
201 cors:
202 enabled: true
203 debug: false
204 allow_credentials: true
205 allowed_origins:
206 - https://{{ .Values.domain }}
207 - https://*.{{ .Values.domain }}
208 admin:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]209 base_url: https://kratos.p.{{ .Values.domain }}/
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]210 selfservice:
211 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}
212 whitelisted_return_urls:
213 - https://accounts-ui.{{ .Values.domain }}
214 methods:
215 password:
216 enabled: true
217 flows:
218 error:
219 ui_url: https://accounts-ui.{{ .Values.domain }}/error
220 settings:
221 ui_url: https://accounts-ui.{{ .Values.domain }}/settings
222 privileged_session_max_age: 15m
223 recovery:
224 enabled: false
225 verification:
226 enabled: false
227 logout:
228 after:
229 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}/login
230 login:
231 ui_url: https://accounts-ui.{{ .Values.domain }}/login
232 lifespan: 10m
233 after:
234 password:
235 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}/
236 registration:
237 lifespan: 10m
238 ui_url: https://accounts-ui.{{ .Values.domain }}/registration
239 after:
240 password:
241 hooks:
242 -
243 hook: session
244 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}/
245 log:
246 level: debug
247 format: text
248 leak_sensitive_values: true
249 cookies:
250 path: /
251 same_site: None
252 domain: {{ .Values.domain }}
253 secrets:
254 cookie:
255 - PLEASE-CHANGE-ME-I-AM-VERY-INSECURE
256 # cipher:
257 # - 32-LONG-SECRET-NOT-SECURE-AT-ALL
258 # ciphers:
259 # algorithm: xchacha20-poly1305
260 hashers:
261 argon2:
262 parallelism: 1
263 memory: 128MB
264 iterations: 2
265 salt_length: 16
266 key_length: 16
267 identity:
268 default_schema_url: file:///etc/config/identity.schema.json
269 courier:
270 smtp:
271 connection_uri: smtps://test-z1VmkYfYPjgdPRgPFgmeZ31esT9rUgS%40{{ .Values.domain }}:iW%213Kk%5EPPLFrZa%24%21bbpTPN9Wv3b8mvwS6ZJvMLtce%23A2%2A4MotD@mx1.{{ .Values.domain }}
272 identitySchemas:
273 "identity.schema.json": |
274 {
275 "$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json",
276 "$schema": "http://json-schema.org/draft-07/schema#",
277 "title": "User",
278 "type": "object",
279 "properties": {
280 "traits": {
281 "type": "object",
282 "properties": {
283 "username": {
284 "type": "string",
285 "format": "username",
286 "title": "Username",
287 "minLength": 3,
288 "ory.sh/kratos": {
289 "credentials": {
290 "password": {
291 "identifier": true
292 }
293 }
294 }
295 }
296 },
297 "additionalProperties": false
298 }
299 }
300 }
301 - hydra:
302 fullnameOverride: hydra
303 image:
304 repository: giolekva/ory-hydra
305 tag: latest
306 pullPolicy: Always
307 service:
308 admin:
309 enabled: true
310 type: ClusterIP
311 port: 80
312 name: http
313 public:
314 enabled: true
315 type: ClusterIP
316 port: 80
317 name: http
318 ingress:
319 admin:
320 enabled: true
321 className: {{ .Values.id }}-ingress-private
322 hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]323 - host: hydra.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]324 paths:
325 - path: /
326 pathType: Prefix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]327 tls:
328 - hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]329 - hydra.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]330 public:
331 enabled: true
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]332 className: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]333 hosts:
334 - host: hydra.{{ .Values.domain }}
335 paths:
336 - path: /
337 pathType: Prefix
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]338 annotations:
339 cert-manager.io/cluster-issuer: "{{ .Values.id }}-public"
340 acme.cert-manager.io/http01-edit-in-place: "true"
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]341 tls:
342 - hosts:
343 - hydra.{{ .Values.domain }}
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]344 secretName: cert-hydra.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]345 secret:
346 enabled: true
347 maester:
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame]348 enabled: false
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]349 hydraFullnameOverride: hydra
350 hydra-maester:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]351 fullnameOverride: {{ .Values.id }}-hydra-maester
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]352 image:
353 repository: giolekva/ory-hydra-maester
354 tag: latest
355 pullPolicy: IfNotPresent
356 adminService:
357 name: hydra
358 port: 80
359 hydra:
360 autoMigrate: true
361 config:
362 version: v1.10.6
363 dsn: postgres://postgres:psswd@postgres:5432/kratos?sslmode=disable&max_conns=20&max_idle_conns=4
364 serve:
365 cookies:
366 same_site_mode: None
367 public:
368 cors:
369 enabled: true
370 debug: false
371 allow_credentials: true
372 allowed_origins:
373 - https://{{ .Values.domain }}
374 - https://*.{{ .Values.domain }}
375 admin:
376 # host: localhost
377 cors:
378 allowed_origins:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]379 - https://hydra.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]380 tls:
381 allow_termination_from:
382 - 0.0.0.0/0
383 - 10.42.0.0/16
384 - 10.43.0.0/16
385 - 111.0.0.1/32
386 tls:
387 allow_termination_from:
388 - 0.0.0.0/0
389 - 10.42.0.0/16
390 - 10.43.0.0/16
391 - 111.0.0.1/32
392 urls:
393 self:
394 public: https://hydra.{{ .Values.domain }}
395 issuer: https://hydra.{{ .Values.domain }}
396 consent: https://accounts-ui.{{ .Values.domain }}/consent
397 login: https://accounts-ui.{{ .Values.domain }}/login
398 logout: https://accounts-ui.{{ .Values.domain }}/logout
399 secrets:
400 system:
401 - youReallyNeedToChangeThis
402 oidc:
403 subject_identifiers:
404 supported_types:
405 - pairwise
406 - public
407 pairwise:
408 salt: youReallyNeedToChangeThis
409 log:
410 level: trace
411 leak_sensitive_values: false
412 - ui:
413 certificateIssuer: {{ .Values.id }}-public
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]414 ingressClassName: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]415 domain: {{ .Values.domain }}
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]416 internalDomain: p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]417 nebula:
418 lighthouse:
419 name: ui-lighthouse
420 internalIP: 111.0.0.1
421 externalIP: 46.49.35.44
422 port: "4243"
423 node:
424 name: ui
425 ipCidr: 111.0.0.2/24
426 secretName: node-ui-cert
427 certificateAuthority:
428 name: {{ .Values.id }}
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]429 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]430- name: vaultwarden
431 chart: ../../charts/vaultwarden
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]432 namespace: {{ .Values.namespacePrefix }}app-vaultwarden
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]433 values:
434 - image:
435 repository: vaultwarden/server
436 tag: 1.22.2
437 pullPolicy: IfNotPresent
438 - storage:
439 size: 1Gi
giolekva9cdcc042021-11-10 15:24:54 +0400[diff] [blame]440 - domain: bitwarden.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]441 - certificateIssuer: {{ .Values.id }}-private
442 - ingressClassName: {{ .Values.id }}-ingress-private
443- name: matrix-storage # TODO(giolekva): merge with core-auth
444 chart: bitnami/postgresql
445 version: 10.13.5
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]446 namespace: {{ .Values.namespacePrefix }}app-matrix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]447 values:
448 - fullnameOverride: postgres
449 - image:
450 repository: arm64v8/postgres
451 tag: 13.4
452 - service:
453 type: ClusterIP
454 port: 5432
455 - postgresqlPassword: psswd
456 - initdbScripts:
457 createdb.sh: |
458 #!/bin/sh
459 createdb -U postgres --encoding=UTF8 --locale=C --template=template0 --owner=postgres matrix
460 - persistence:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]461 size: {{ .Values.matrixStorageSize }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]462 - securityContext:
463 enabled: true
464 fsGroup: 0
465 - containerSecurityContext:
466 enabled: true
467 runAsUser: 0
468 - volumePermissions:
469 securityContext:
470 runAsUser: 0
471- name: matrix
472 chart: ../../charts/matrix
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]473 namespace: {{ .Values.namespacePrefix }}app-matrix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]474 values:
475 - domain: {{ .Values.domain }}
476 - oauth2:
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame]477 hydraAdmin: http://hydra-admin.{{ .Values.namespacePrefix}}core-auth.svc.cluster.local
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]478 hydraPublic: https://hydra.{{ .Values.domain }}
479 clientId: matrix
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]480 clientSecret: {{ .Values.matrixOAuth2ClientSecret }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]481 secretName: oauth2-client
482 - postgresql:
483 host: postgres
484 port: 5432
485 database: matrix
486 user: postgres
487 password: psswd
488 - certificateIssuer: {{ .Values.id }}-public
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]489 - ingressClassName: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]490 - configMerge:
491 configName: config-to-merge
492 fileName: to-merge.yaml
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]493- name: pihole
494 chart: ../../charts/pihole
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]495 namespace: {{ .Values.namespacePrefix }}app-pihole
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]496 values:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]497 - domain: pihole.p.{{ .Values.domain }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]498 - pihole:
499 image:
500 repository: "pihole/pihole"
501 tag: v5.8.1
502 persistentVolumeClaim:
503 enabled: true
504 size: 5Gi
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]505 adminPassword: admin
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]506 ingress:
507 enabled: false
508 serviceDhcp:
509 enabled: false
510 serviceDns:
511 type: ClusterIP
512 serviceWeb:
513 type: ClusterIP
514 http:
515 enabled: true
516 https:
517 enabled: false
giolekva17861bc2021-11-09 19:50:50 +0400[diff] [blame]518 virtualHost: pihole.p.{{ .Values.domain }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]519 resources:
520 requests:
521 cpu: "250m"
522 memory: "100M"
523 limits:
524 cpu: "500m"
525 memory: "250M"
526 - oauth2:
527 clientId: pihole
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]528 clientSecret: {{ .Values.piholeOAuth2ClientSecret }}
529 cookieSecret: {{ .Values.piholeOAuth2CookieSecret }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]530 secretName: oauth2-secret
531 configName: oauth2-proxy
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame]532 hydraAdmin: http://hydra-admin.{{ .Values.namespacePrefix}}core-auth.svc.cluster.local
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]533 - hydraPublic: https://hydra.{{ .Values.domain }}/
534 - profileUrl: https://accounts-ui.{{ .Values.domain }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]535 - ingressClassName: {{ .Values.id }}-ingress-private
giolekva7fe15192021-11-19 13:58:16 +0400[diff] [blame]536- name: maddy
537 chart: ../../charts/maddy
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]538 namespace: {{ .Values.namespacePrefix }}app-maddy
giolekva7fe15192021-11-19 13:58:16 +0400[diff] [blame]539 values:
540 - ingress:
541 private:
542 className: {{ .Values.id }}-ingress-private
543 domain: p.{{ .Values.domain }}
544 public:
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]545 className: {{ .Values.pcloudEnvName }}-ingress-public
giolekva7fe15192021-11-19 13:58:16 +0400[diff] [blame]546 domain: {{ .Values.domain }}
547 certificateIssuer: {{ .Values.id }}-public
548 - storage:
549 size: 10Gi
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]550 - mailGateway:
551 mxHostname: {{ .Values.mxHostname}}
552 address: {{ .Values.mailGatewayAddress }}
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]553
554environments:
555 shveli:
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]556 secrets:
557 - secrets.shveli.yaml
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]558 values:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]559 - pcloudEnvName: pcloud
giolekvadd750802021-11-07 13:24:21 +0400[diff] [blame]560 - id: shveli
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]561 - namespacePrefix: shveli-
giolekvadd750802021-11-07 13:24:21 +0400[diff] [blame]562 - domain: shve.li
563 - contactEmail: giolekva@gmail.com
564 - certManagerNamespace: cert-manager
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]565 - mxHostname: mail.lekva.me
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]566 - mailGatewayAddress: "tcp://maddy.pcloud-mail-gateway.svc.cluster.local:587"
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame]567 - matrixStorageSize: 1Gi
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]568 lekva:
569 secrets:
570 - secrets.lekva.yaml
571 values:
572 - pcloudEnvName: pcloud
573 - id: lekva
574 - namespacePrefix: lekva-
575 - domain: lekva.me
576 - contactEmail: giolekva@gmail.com
577 - certManagerNamespace: cert-manager
578 - mxHostname: mail.lekva.me
579 - mailGatewayAddress: "tcp://maddy.pcloud-mail-gateway.svc.cluster.local:587"
580 - matrixStorageSize: 100Gi