Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / b64297c85b54526cf44da8af7d1fc5409babbe2f / . / helmfile / apps / helmfile.yaml
blob: 11d813ca950de719cb7c1d9a4ec2dabd9cfe25c7 [file] [log] [blame]
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]1repositories:
2- name: ingress-nginx
3 url: https://kubernetes.github.io/ingress-nginx
giolekvadd750802021-11-07 13:24:21 +0400[diff] [blame]4- name: bitnami
5 url: https://charts.bitnami.com/bitnami
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]6
7helmDefaults:
8 tillerless: true
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]9 waitForJobs: true
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]10 createNamespace: false
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]11
12releases:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]13- name: namespaces
14 chart: ../../charts/namespaces
15 namespace: {{ .Values.id }}
16 createNamespace: true
17 values:
18 - pcloudInstanceId: {{ .Values.id }}
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]19 - namespacePrefix: {{ .Values.namespacePrefix }}
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]20 - namespaces:
21 - app-maddy
22 - app-matrix
23 - app-pihole
24 - app-vaultwarden
25 - core-auth
26 - ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]27- name: vpn-mesh-config
28 chart: ../../charts/vpn-mesh-config
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]29 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]30 values:
giolekvab64297c2021-12-13 14:36:32 +0400[diff] [blame^]31 - domain: {{ .Values.domain }}
32 - ingressClassName: {{ .Values.pcloudEnvName }}-ingress-public
33 - certificateIssuer: {{ .Values.id }}-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]34 - certificateAuthority:
35 name: {{ .Values.id }}
36 secretName: ca-{{ .Values.id }}-cert
37 - lighthouse:
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]38 internalIP: {{ .Values.lighthouseMainIP }}
39 externalIP: {{ .Values.publicIP }}
40 port: "{{ .Values.lighthouseMainPort }}"
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]41- name: ingress-private
42 chart: ingress-nginx/ingress-nginx
43 version: 4.0.3
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]44 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]45 values:
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]46 - fullnameOverride: {{ .Values.id }}-nginx-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]47 - controller:
48 service:
49 type: ClusterIP
50 ingressClassByName: true
51 ingressClassResource:
52 name: {{ .Values.id }}-ingress-private
53 enabled: true
54 default: false
55 controllerValue: k8s.io/{{ .Values.id }}-ingress-private
56 extraArgs:
57 default-ssl-certificate: "{{ .Values.id }}-ingress-private/cert-wildcard.p.{{ .Values.domain }}"
58 extraVolumes:
59 - name: lighthouse-cert
60 secret:
61 secretName: node-lighthouse-cert
62 - name: config
63 configMap:
64 name: lighthouse-config
65 extraContainers:
66 - name: lighthouse
67 image: giolekva/nebula:latest
68 imagePullPolicy: IfNotPresent
69 securityContext:
70 privileged: true
71 capabilities:
72 add:
73 - NET_ADMIN
74 ports:
75 - name: nebula
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]76 containerPort: {{ .Values.lighthouseMainPort }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]77 protocol: UDP
78 command:
79 - nebula
80 - --config=/etc/nebula/config/lighthouse.yaml
81 volumeMounts:
82 - name: lighthouse-cert
83 mountPath: /etc/nebula/lighthouse
84 - name: config
85 mountPath: /etc/nebula/config
86 config:
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]87 bind-address: {{ .Values.lighthouseMainIP }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]88 proxy-body-size: 0
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]89 - udp:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]90 53: "{{ .Values.namespacePrefix }}app-pihole/pihole-dns-udp:53"
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]91 - tcp:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]92 53: "{{ .Values.namespacePrefix }}app-pihole/pihole-dns-tcp:53"
93 143: "{{ .Values.namespacePrefix }}app-maddy/maddy:143"
94 465: "{{ .Values.namespacePrefix }}app-maddy/maddy:465"
95 587: "{{ .Values.namespacePrefix }}app-maddy/maddy:587"
96 993: "{{ .Values.namespacePrefix }}app-maddy/maddy:993"
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]97- name: certificate-issuer
98 chart: ../../charts/certificate-issuer
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]99 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]100 values:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]101 - pcloudInstanceId: {{ .Values.id }}
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]102 - certManager:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]103 namespace: {{ .Values.pcloudEnvName }}-cert-manager
104 gandiWebhookSecretReader: {{ .Values.pcloudEnvName }}-cert-manager-webhook-gandi
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]105 - public:
106 name: {{ .Values.id }}-public
107 server: https://acme-v02.api.letsencrypt.org/directory
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]108 domain: {{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]109 stagingServer: https://acme-staging-v02.api.letsencrypt.org/directory
110 contactEmail: {{ .Values.contactEmail }}
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]111 ingressClass: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]112 - private:
113 name: {{ .Values.id }}-private
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]114 server: https://acme-v02.api.letsencrypt.org/directory
115 domain: p.{{ .Values.domain }}
116 contactEmail: {{ .Values.contactEmail }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]117 ingressClassName: {{ .Values.id }}-ingress-private
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]118 gandiAPIToken: {{ .Values.gandiAPIToken }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]119- name: core-auth-storage # TODO(giolekva): merge with core-auth
120 chart: bitnami/postgresql
121 version: 10.13.5
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]122 namespace: {{ .Values.namespacePrefix }}core-auth
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]123 values:
124 - fullnameOverride: postgres
125 - image:
126 repository: arm64v8/postgres
127 tag: 13.4
128 - service:
129 type: ClusterIP
130 port: 5432
131 - postgresqlPassword: psswd
132 - postgresqlDatabase: kratos
133 - persistence:
134 size: 1Gi
135 - securityContext:
136 enabled: true
137 fsGroup: 0
138 - containerSecurityContext:
139 enabled: true
140 runAsUser: 0
141 - volumePermissions:
142 securityContext:
143 runAsUser: 0
144- name: core-auth
145 chart: ../../charts/auth
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]146 namespace: {{ .Values.namespacePrefix }}core-auth
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]147 values:
148 - kratos:
149 fullnameOverride: kratos
150 image:
151 repository: giolekva/ory-kratos
152 tag: latest
153 pullPolicy: Always
154 service:
155 admin:
156 enabled: true
157 type: ClusterIP
158 port: 80
159 name: http
160 public:
161 enabled: true
162 type: ClusterIP
163 port: 80
164 name: http
165 ingress:
166 admin:
167 enabled: true
168 className: {{ .Values.id }}-ingress-private
169 hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]170 - host: kratos.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]171 paths:
172 - path: /
173 pathType: Prefix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]174 tls:
175 - hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]176 - kratos.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]177 public:
178 enabled: true
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]179 className: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]180 hosts:
181 - host: accounts.{{ .Values.domain }}
182 paths:
183 - path: /
184 pathType: Prefix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]185 tls:
186 - hosts:
187 - accounts.{{ .Values.domain }}
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]188 secretName: cert-accounts.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]189 secret:
190 enabled: true
191 kratos:
192 autoMigrate: true
193 development: false
194 config:
195 version: v0.7.1-alpha.1
196 dsn: postgres://postgres:psswd@postgres:5432/kratos?sslmode=disable&max_conns=20&max_idle_conns=4
197 serve:
198 public:
199 base_url: https://accounts.{{ .Values.domain }}
200 cors:
201 enabled: true
202 debug: false
203 allow_credentials: true
204 allowed_origins:
205 - https://{{ .Values.domain }}
206 - https://*.{{ .Values.domain }}
207 admin:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]208 base_url: https://kratos.p.{{ .Values.domain }}/
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]209 selfservice:
210 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}
211 whitelisted_return_urls:
212 - https://accounts-ui.{{ .Values.domain }}
213 methods:
214 password:
215 enabled: true
216 flows:
217 error:
218 ui_url: https://accounts-ui.{{ .Values.domain }}/error
219 settings:
220 ui_url: https://accounts-ui.{{ .Values.domain }}/settings
221 privileged_session_max_age: 15m
222 recovery:
223 enabled: false
224 verification:
225 enabled: false
226 logout:
227 after:
228 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}/login
229 login:
230 ui_url: https://accounts-ui.{{ .Values.domain }}/login
231 lifespan: 10m
232 after:
233 password:
234 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}/
235 registration:
236 lifespan: 10m
237 ui_url: https://accounts-ui.{{ .Values.domain }}/registration
238 after:
239 password:
240 hooks:
241 -
242 hook: session
243 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}/
244 log:
245 level: debug
246 format: text
247 leak_sensitive_values: true
248 cookies:
249 path: /
250 same_site: None
251 domain: {{ .Values.domain }}
252 secrets:
253 cookie:
254 - PLEASE-CHANGE-ME-I-AM-VERY-INSECURE
255 # cipher:
256 # - 32-LONG-SECRET-NOT-SECURE-AT-ALL
257 # ciphers:
258 # algorithm: xchacha20-poly1305
259 hashers:
260 argon2:
261 parallelism: 1
262 memory: 128MB
263 iterations: 2
264 salt_length: 16
265 key_length: 16
266 identity:
267 default_schema_url: file:///etc/config/identity.schema.json
268 courier:
269 smtp:
270 connection_uri: smtps://test-z1VmkYfYPjgdPRgPFgmeZ31esT9rUgS%40{{ .Values.domain }}:iW%213Kk%5EPPLFrZa%24%21bbpTPN9Wv3b8mvwS6ZJvMLtce%23A2%2A4MotD@mx1.{{ .Values.domain }}
271 identitySchemas:
272 "identity.schema.json": |
273 {
274 "$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json",
275 "$schema": "http://json-schema.org/draft-07/schema#",
276 "title": "User",
277 "type": "object",
278 "properties": {
279 "traits": {
280 "type": "object",
281 "properties": {
282 "username": {
283 "type": "string",
284 "format": "username",
285 "title": "Username",
286 "minLength": 3,
287 "ory.sh/kratos": {
288 "credentials": {
289 "password": {
290 "identifier": true
291 }
292 }
293 }
294 }
295 },
296 "additionalProperties": false
297 }
298 }
299 }
300 - hydra:
301 fullnameOverride: hydra
302 image:
303 repository: giolekva/ory-hydra
304 tag: latest
305 pullPolicy: Always
306 service:
307 admin:
308 enabled: true
309 type: ClusterIP
310 port: 80
311 name: http
312 public:
313 enabled: true
314 type: ClusterIP
315 port: 80
316 name: http
317 ingress:
318 admin:
319 enabled: true
320 className: {{ .Values.id }}-ingress-private
321 hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]322 - host: hydra.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]323 paths:
324 - path: /
325 pathType: Prefix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]326 tls:
327 - hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]328 - hydra.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]329 public:
330 enabled: true
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]331 className: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]332 hosts:
333 - host: hydra.{{ .Values.domain }}
334 paths:
335 - path: /
336 pathType: Prefix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]337 tls:
338 - hosts:
339 - hydra.{{ .Values.domain }}
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]340 secretName: cert-hydra.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]341 secret:
342 enabled: true
343 maester:
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame]344 enabled: false
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]345 hydraFullnameOverride: hydra
346 hydra-maester:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]347 fullnameOverride: {{ .Values.id }}-hydra-maester
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]348 image:
349 repository: giolekva/ory-hydra-maester
350 tag: latest
351 pullPolicy: IfNotPresent
352 adminService:
353 name: hydra
354 port: 80
355 hydra:
356 autoMigrate: true
357 config:
358 version: v1.10.6
359 dsn: postgres://postgres:psswd@postgres:5432/kratos?sslmode=disable&max_conns=20&max_idle_conns=4
360 serve:
361 cookies:
362 same_site_mode: None
363 public:
364 cors:
365 enabled: true
366 debug: false
367 allow_credentials: true
368 allowed_origins:
369 - https://{{ .Values.domain }}
370 - https://*.{{ .Values.domain }}
371 admin:
372 # host: localhost
373 cors:
374 allowed_origins:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]375 - https://hydra.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]376 tls:
377 allow_termination_from:
378 - 0.0.0.0/0
379 - 10.42.0.0/16
380 - 10.43.0.0/16
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]381 - {{ .Values.lighthouseMainIP }}/32
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]382 tls:
383 allow_termination_from:
384 - 0.0.0.0/0
385 - 10.42.0.0/16
386 - 10.43.0.0/16
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]387 - {{ .Values.lighthouseMainIP }}/32
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]388 urls:
389 self:
390 public: https://hydra.{{ .Values.domain }}
391 issuer: https://hydra.{{ .Values.domain }}
392 consent: https://accounts-ui.{{ .Values.domain }}/consent
393 login: https://accounts-ui.{{ .Values.domain }}/login
394 logout: https://accounts-ui.{{ .Values.domain }}/logout
395 secrets:
396 system:
397 - youReallyNeedToChangeThis
398 oidc:
399 subject_identifiers:
400 supported_types:
401 - pairwise
402 - public
403 pairwise:
404 salt: youReallyNeedToChangeThis
405 log:
406 level: trace
407 leak_sensitive_values: false
408 - ui:
409 certificateIssuer: {{ .Values.id }}-public
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]410 ingressClassName: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]411 domain: {{ .Values.domain }}
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]412 internalDomain: p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]413 nebula:
414 lighthouse:
415 name: ui-lighthouse
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]416 internalIP: {{ .Values.lighthouseMainIP }}
417 externalIP: {{ .Values.publicIP }}
418 port: "{{ .Values.lighthouseMainPort }}"
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]419 node:
420 name: ui
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]421 ipCidr: {{ .Values.lighthouseAuthUIIP }}/24
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]422 secretName: node-ui-cert
423 certificateAuthority:
424 name: {{ .Values.id }}
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]425 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]426- name: vaultwarden
427 chart: ../../charts/vaultwarden
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]428 namespace: {{ .Values.namespacePrefix }}app-vaultwarden
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]429 values:
430 - image:
431 repository: vaultwarden/server
432 tag: 1.22.2
433 pullPolicy: IfNotPresent
434 - storage:
435 size: 1Gi
giolekva9cdcc042021-11-10 15:24:54 +0400[diff] [blame]436 - domain: bitwarden.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]437 - certificateIssuer: {{ .Values.id }}-private
438 - ingressClassName: {{ .Values.id }}-ingress-private
439- name: matrix-storage # TODO(giolekva): merge with core-auth
440 chart: bitnami/postgresql
441 version: 10.13.5
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]442 namespace: {{ .Values.namespacePrefix }}app-matrix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]443 values:
444 - fullnameOverride: postgres
445 - image:
446 repository: arm64v8/postgres
447 tag: 13.4
448 - service:
449 type: ClusterIP
450 port: 5432
451 - postgresqlPassword: psswd
452 - initdbScripts:
453 createdb.sh: |
454 #!/bin/sh
455 createdb -U postgres --encoding=UTF8 --locale=C --template=template0 --owner=postgres matrix
456 - persistence:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]457 size: {{ .Values.matrixStorageSize }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]458 - securityContext:
459 enabled: true
460 fsGroup: 0
461 - containerSecurityContext:
462 enabled: true
463 runAsUser: 0
464 - volumePermissions:
465 securityContext:
466 runAsUser: 0
467- name: matrix
468 chart: ../../charts/matrix
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]469 namespace: {{ .Values.namespacePrefix }}app-matrix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]470 values:
471 - domain: {{ .Values.domain }}
472 - oauth2:
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame]473 hydraAdmin: http://hydra-admin.{{ .Values.namespacePrefix}}core-auth.svc.cluster.local
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]474 hydraPublic: https://hydra.{{ .Values.domain }}
475 clientId: matrix
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]476 clientSecret: {{ .Values.matrixOAuth2ClientSecret }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]477 secretName: oauth2-client
478 - postgresql:
479 host: postgres
480 port: 5432
481 database: matrix
482 user: postgres
483 password: psswd
484 - certificateIssuer: {{ .Values.id }}-public
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]485 - ingressClassName: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]486 - configMerge:
487 configName: config-to-merge
488 fileName: to-merge.yaml
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]489- name: pihole
490 chart: ../../charts/pihole
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]491 namespace: {{ .Values.namespacePrefix }}app-pihole
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]492 values:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]493 - domain: pihole.p.{{ .Values.domain }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]494 - pihole:
495 image:
496 repository: "pihole/pihole"
497 tag: v5.8.1
498 persistentVolumeClaim:
499 enabled: true
500 size: 5Gi
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]501 adminPassword: admin
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]502 ingress:
503 enabled: false
504 serviceDhcp:
505 enabled: false
506 serviceDns:
507 type: ClusterIP
508 serviceWeb:
509 type: ClusterIP
510 http:
511 enabled: true
512 https:
513 enabled: false
giolekva17861bc2021-11-09 19:50:50 +0400[diff] [blame]514 virtualHost: pihole.p.{{ .Values.domain }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]515 resources:
516 requests:
517 cpu: "250m"
518 memory: "100M"
519 limits:
520 cpu: "500m"
521 memory: "250M"
522 - oauth2:
523 clientId: pihole
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]524 clientSecret: {{ .Values.piholeOAuth2ClientSecret }}
525 cookieSecret: {{ .Values.piholeOAuth2CookieSecret }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]526 secretName: oauth2-secret
527 configName: oauth2-proxy
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame]528 hydraAdmin: http://hydra-admin.{{ .Values.namespacePrefix}}core-auth.svc.cluster.local
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]529 - hydraPublic: https://hydra.{{ .Values.domain }}/
530 - profileUrl: https://accounts-ui.{{ .Values.domain }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]531 - ingressClassName: {{ .Values.id }}-ingress-private
giolekva7fe15192021-11-19 13:58:16 +0400[diff] [blame]532- name: maddy
533 chart: ../../charts/maddy
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]534 namespace: {{ .Values.namespacePrefix }}app-maddy
giolekva7fe15192021-11-19 13:58:16 +0400[diff] [blame]535 values:
536 - ingress:
537 private:
538 className: {{ .Values.id }}-ingress-private
539 domain: p.{{ .Values.domain }}
540 public:
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]541 className: {{ .Values.pcloudEnvName }}-ingress-public
giolekva7fe15192021-11-19 13:58:16 +0400[diff] [blame]542 domain: {{ .Values.domain }}
543 certificateIssuer: {{ .Values.id }}-public
544 - storage:
giolekva26a96812021-12-03 13:36:02 +0400[diff] [blame]545 size: 100Gi
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]546 - mailGateway:
547 mxHostname: {{ .Values.mxHostname}}
548 address: {{ .Values.mailGatewayAddress }}
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]549
550environments:
551 shveli:
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]552 secrets:
553 - secrets.shveli.yaml
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]554 values:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]555 - pcloudEnvName: pcloud
giolekvadd750802021-11-07 13:24:21 +0400[diff] [blame]556 - id: shveli
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]557 - namespacePrefix: shveli-
giolekvadd750802021-11-07 13:24:21 +0400[diff] [blame]558 - domain: shve.li
559 - contactEmail: giolekva@gmail.com
560 - certManagerNamespace: cert-manager
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]561 - mxHostname: mail.lekva.me
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]562 - mailGatewayAddress: "tcp://maddy.pcloud-mail-gateway.svc.cluster.local:587"
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]563 - matrixStorageSize: 10Gi
564 - publicIP: 46.49.35.44
565 - lighthouseMainIP: 110.0.0.1
566 - lighthouseMainPort: 4242
567 - lighthouseAuthUIIP: 110.0.0.2
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]568 lekva:
569 secrets:
570 - secrets.lekva.yaml
571 values:
572 - pcloudEnvName: pcloud
573 - id: lekva
574 - namespacePrefix: lekva-
575 - domain: lekva.me
576 - contactEmail: giolekva@gmail.com
577 - certManagerNamespace: cert-manager
578 - mxHostname: mail.lekva.me
579 - mailGatewayAddress: "tcp://maddy.pcloud-mail-gateway.svc.cluster.local:587"
580 - matrixStorageSize: 100Gi
giolekva7fc15e72021-12-03 15:54:42 +0400[diff] [blame]581 - publicIP: 46.49.35.44
582 - lighthouseMainIP: 111.0.0.1
583 - lighthouseMainPort: 4243
584 - lighthouseAuthUIIP: 111.0.0.2