Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / f216f2ce0d1a1308d1875a1e7928339120c5ffab / . / helmfile / users / helmfile.yaml
blob: df53071c047a1b20ea6871bbe64a7b67118edb63 [file] [log] [blame]
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]1repositories:
2- name: ingress-nginx
3 url: https://kubernetes.github.io/ingress-nginx
giolekvadd750802021-11-07 13:24:21 +0400[diff] [blame]4- name: bitnami
5 url: https://charts.bitnami.com/bitnami
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]6
7helmDefaults:
8 tillerless: true
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]9 waitForJobs: true
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]10 createNamespace: false
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]11
12releases:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]13- name: namespaces
14 chart: ../../charts/namespaces
15 namespace: {{ .Values.id }}
16 createNamespace: true
17 values:
18 - pcloudInstanceId: {{ .Values.id }}
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]19 - namespacePrefix: {{ .Values.namespacePrefix }}
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]20 - namespaces:
21 - app-maddy
22 - app-matrix
23 - app-pihole
24 - app-vaultwarden
25 - core-auth
26 - ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]27- name: vpn-mesh-config
28 chart: ../../charts/vpn-mesh-config
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]29 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]30 values:
31 - certificateAuthority:
32 name: {{ .Values.id }}
33 secretName: ca-{{ .Values.id }}-cert
34 - lighthouse:
35 internalIP: 111.0.0.1
36 externalIP: 46.49.35.44
37 port: "4243"
38- name: ingress-private
39 chart: ingress-nginx/ingress-nginx
40 version: 4.0.3
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]41 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]42 values:
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]43 - fullnameOverride: {{ .Values.id }}-nginx-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]44 - controller:
45 service:
46 type: ClusterIP
47 ingressClassByName: true
48 ingressClassResource:
49 name: {{ .Values.id }}-ingress-private
50 enabled: true
51 default: false
52 controllerValue: k8s.io/{{ .Values.id }}-ingress-private
53 extraArgs:
54 default-ssl-certificate: "{{ .Values.id }}-ingress-private/cert-wildcard.p.{{ .Values.domain }}"
55 extraVolumes:
56 - name: lighthouse-cert
57 secret:
58 secretName: node-lighthouse-cert
59 - name: config
60 configMap:
61 name: lighthouse-config
62 extraContainers:
63 - name: lighthouse
64 image: giolekva/nebula:latest
65 imagePullPolicy: IfNotPresent
66 securityContext:
67 privileged: true
68 capabilities:
69 add:
70 - NET_ADMIN
71 ports:
72 - name: nebula
73 containerPort: 4243
74 protocol: UDP
75 command:
76 - nebula
77 - --config=/etc/nebula/config/lighthouse.yaml
78 volumeMounts:
79 - name: lighthouse-cert
80 mountPath: /etc/nebula/lighthouse
81 - name: config
82 mountPath: /etc/nebula/config
83 config:
84 bind-address: 111.0.0.1
85 proxy-body-size: 0
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]86 - udp:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]87 53: "{{ .Values.namespacePrefix }}app-pihole/pihole-dns-udp:53"
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]88 - tcp:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]89 53: "{{ .Values.namespacePrefix }}app-pihole/pihole-dns-tcp:53"
90 143: "{{ .Values.namespacePrefix }}app-maddy/maddy:143"
91 465: "{{ .Values.namespacePrefix }}app-maddy/maddy:465"
92 587: "{{ .Values.namespacePrefix }}app-maddy/maddy:587"
93 993: "{{ .Values.namespacePrefix }}app-maddy/maddy:993"
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]94- name: certificate-issuer
95 chart: ../../charts/certificate-issuer
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]96 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]97 values:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]98 - pcloudInstanceId: {{ .Values.id }}
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]99 - certManager:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]100 namespace: {{ .Values.pcloudEnvName }}-cert-manager
101 gandiWebhookSecretReader: {{ .Values.pcloudEnvName }}-cert-manager-webhook-gandi
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]102 - public:
103 name: {{ .Values.id }}-public
104 server: https://acme-v02.api.letsencrypt.org/directory
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]105 domain: {{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]106 stagingServer: https://acme-staging-v02.api.letsencrypt.org/directory
107 contactEmail: {{ .Values.contactEmail }}
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]108 ingressClass: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]109 - private:
110 name: {{ .Values.id }}-private
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]111 server: https://acme-v02.api.letsencrypt.org/directory
112 domain: p.{{ .Values.domain }}
113 contactEmail: {{ .Values.contactEmail }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]114 ingressClassName: {{ .Values.id }}-ingress-private
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]115 gandiAPIToken: {{ .Values.gandiAPIToken }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]116- name: core-auth-storage # TODO(giolekva): merge with core-auth
117 chart: bitnami/postgresql
118 version: 10.13.5
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]119 namespace: {{ .Values.namespacePrefix }}core-auth
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]120 values:
121 - fullnameOverride: postgres
122 - image:
123 repository: arm64v8/postgres
124 tag: 13.4
125 - service:
126 type: ClusterIP
127 port: 5432
128 - postgresqlPassword: psswd
129 - postgresqlDatabase: kratos
130 - persistence:
131 size: 1Gi
132 - securityContext:
133 enabled: true
134 fsGroup: 0
135 - containerSecurityContext:
136 enabled: true
137 runAsUser: 0
138 - volumePermissions:
139 securityContext:
140 runAsUser: 0
141- name: core-auth
142 chart: ../../charts/auth
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]143 namespace: {{ .Values.namespacePrefix }}core-auth
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]144 values:
145 - kratos:
146 fullnameOverride: kratos
147 image:
148 repository: giolekva/ory-kratos
149 tag: latest
150 pullPolicy: Always
151 service:
152 admin:
153 enabled: true
154 type: ClusterIP
155 port: 80
156 name: http
157 public:
158 enabled: true
159 type: ClusterIP
160 port: 80
161 name: http
162 ingress:
163 admin:
164 enabled: true
165 className: {{ .Values.id }}-ingress-private
166 hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]167 - host: kratos.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]168 paths:
169 - path: /
170 pathType: Prefix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]171 tls:
172 - hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]173 - kratos.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]174 public:
175 enabled: true
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]176 className: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]177 hosts:
178 - host: accounts.{{ .Values.domain }}
179 paths:
180 - path: /
181 pathType: Prefix
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]182 annotations:
183 cert-manager.io/cluster-issuer: "{{ .Values.id }}-public"
184 acme.cert-manager.io/http01-edit-in-place: "true"
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]185 tls:
186 - hosts:
187 - accounts.{{ .Values.domain }}
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]188 secretName: cert-accounts.{{ .Values.domain }}
189 # secretName: cert-wildcard.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]190 secret:
191 enabled: true
192 kratos:
193 autoMigrate: true
194 development: false
195 config:
196 version: v0.7.1-alpha.1
197 dsn: postgres://postgres:psswd@postgres:5432/kratos?sslmode=disable&max_conns=20&max_idle_conns=4
198 serve:
199 public:
200 base_url: https://accounts.{{ .Values.domain }}
201 cors:
202 enabled: true
203 debug: false
204 allow_credentials: true
205 allowed_origins:
206 - https://{{ .Values.domain }}
207 - https://*.{{ .Values.domain }}
208 admin:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]209 base_url: https://kratos.p.{{ .Values.domain }}/
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]210 selfservice:
211 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}
212 whitelisted_return_urls:
213 - https://accounts-ui.{{ .Values.domain }}
214 methods:
215 password:
216 enabled: true
217 flows:
218 error:
219 ui_url: https://accounts-ui.{{ .Values.domain }}/error
220 settings:
221 ui_url: https://accounts-ui.{{ .Values.domain }}/settings
222 privileged_session_max_age: 15m
223 recovery:
224 enabled: false
225 verification:
226 enabled: false
227 logout:
228 after:
229 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}/login
230 login:
231 ui_url: https://accounts-ui.{{ .Values.domain }}/login
232 lifespan: 10m
233 after:
234 password:
235 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}/
236 registration:
237 lifespan: 10m
238 ui_url: https://accounts-ui.{{ .Values.domain }}/registration
239 after:
240 password:
241 hooks:
242 -
243 hook: session
244 default_browser_return_url: https://accounts-ui.{{ .Values.domain }}/
245 log:
246 level: debug
247 format: text
248 leak_sensitive_values: true
249 cookies:
250 path: /
251 same_site: None
252 domain: {{ .Values.domain }}
253 secrets:
254 cookie:
255 - PLEASE-CHANGE-ME-I-AM-VERY-INSECURE
256 # cipher:
257 # - 32-LONG-SECRET-NOT-SECURE-AT-ALL
258 # ciphers:
259 # algorithm: xchacha20-poly1305
260 hashers:
261 argon2:
262 parallelism: 1
263 memory: 128MB
264 iterations: 2
265 salt_length: 16
266 key_length: 16
267 identity:
268 default_schema_url: file:///etc/config/identity.schema.json
269 courier:
270 smtp:
271 connection_uri: smtps://test-z1VmkYfYPjgdPRgPFgmeZ31esT9rUgS%40{{ .Values.domain }}:iW%213Kk%5EPPLFrZa%24%21bbpTPN9Wv3b8mvwS6ZJvMLtce%23A2%2A4MotD@mx1.{{ .Values.domain }}
272 identitySchemas:
273 "identity.schema.json": |
274 {
275 "$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json",
276 "$schema": "http://json-schema.org/draft-07/schema#",
277 "title": "User",
278 "type": "object",
279 "properties": {
280 "traits": {
281 "type": "object",
282 "properties": {
283 "username": {
284 "type": "string",
285 "format": "username",
286 "title": "Username",
287 "minLength": 3,
288 "ory.sh/kratos": {
289 "credentials": {
290 "password": {
291 "identifier": true
292 }
293 }
294 }
295 }
296 },
297 "additionalProperties": false
298 }
299 }
300 }
301 - hydra:
302 fullnameOverride: hydra
303 image:
304 repository: giolekva/ory-hydra
305 tag: latest
306 pullPolicy: Always
307 service:
308 admin:
309 enabled: true
310 type: ClusterIP
311 port: 80
312 name: http
313 public:
314 enabled: true
315 type: ClusterIP
316 port: 80
317 name: http
318 ingress:
319 admin:
320 enabled: true
321 className: {{ .Values.id }}-ingress-private
322 hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]323 - host: hydra.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]324 paths:
325 - path: /
326 pathType: Prefix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]327 tls:
328 - hosts:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]329 - hydra.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]330 public:
331 enabled: true
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]332 className: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]333 hosts:
334 - host: hydra.{{ .Values.domain }}
335 paths:
336 - path: /
337 pathType: Prefix
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]338 annotations:
339 cert-manager.io/cluster-issuer: "{{ .Values.id }}-public"
340 acme.cert-manager.io/http01-edit-in-place: "true"
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]341 tls:
342 - hosts:
343 - hydra.{{ .Values.domain }}
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]344 secretName: cert-hydra.{{ .Values.domain }}
345 # secretName: cert-wildcard.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]346 secret:
347 enabled: true
348 maester:
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame^]349 enabled: false
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]350 hydraFullnameOverride: hydra
351 hydra-maester:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]352 fullnameOverride: {{ .Values.id }}-hydra-maester
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]353 image:
354 repository: giolekva/ory-hydra-maester
355 tag: latest
356 pullPolicy: IfNotPresent
357 adminService:
358 name: hydra
359 port: 80
360 hydra:
361 autoMigrate: true
362 config:
363 version: v1.10.6
364 dsn: postgres://postgres:psswd@postgres:5432/kratos?sslmode=disable&max_conns=20&max_idle_conns=4
365 serve:
366 cookies:
367 same_site_mode: None
368 public:
369 cors:
370 enabled: true
371 debug: false
372 allow_credentials: true
373 allowed_origins:
374 - https://{{ .Values.domain }}
375 - https://*.{{ .Values.domain }}
376 admin:
377 # host: localhost
378 cors:
379 allowed_origins:
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]380 - https://hydra.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]381 tls:
382 allow_termination_from:
383 - 0.0.0.0/0
384 - 10.42.0.0/16
385 - 10.43.0.0/16
386 - 111.0.0.1/32
387 tls:
388 allow_termination_from:
389 - 0.0.0.0/0
390 - 10.42.0.0/16
391 - 10.43.0.0/16
392 - 111.0.0.1/32
393 urls:
394 self:
395 public: https://hydra.{{ .Values.domain }}
396 issuer: https://hydra.{{ .Values.domain }}
397 consent: https://accounts-ui.{{ .Values.domain }}/consent
398 login: https://accounts-ui.{{ .Values.domain }}/login
399 logout: https://accounts-ui.{{ .Values.domain }}/logout
400 secrets:
401 system:
402 - youReallyNeedToChangeThis
403 oidc:
404 subject_identifiers:
405 supported_types:
406 - pairwise
407 - public
408 pairwise:
409 salt: youReallyNeedToChangeThis
410 log:
411 level: trace
412 leak_sensitive_values: false
413 - ui:
414 certificateIssuer: {{ .Values.id }}-public
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]415 ingressClassName: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]416 domain: {{ .Values.domain }}
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]417 internalDomain: p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]418 nebula:
419 lighthouse:
420 name: ui-lighthouse
421 internalIP: 111.0.0.1
422 externalIP: 46.49.35.44
423 port: "4243"
424 node:
425 name: ui
426 ipCidr: 111.0.0.2/24
427 secretName: node-ui-cert
428 certificateAuthority:
429 name: {{ .Values.id }}
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]430 namespace: {{ .Values.namespacePrefix }}ingress-private
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]431- name: vaultwarden
432 chart: ../../charts/vaultwarden
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]433 namespace: {{ .Values.namespacePrefix }}app-vaultwarden
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]434 values:
435 - image:
436 repository: vaultwarden/server
437 tag: 1.22.2
438 pullPolicy: IfNotPresent
439 - storage:
440 size: 1Gi
giolekva9cdcc042021-11-10 15:24:54 +0400[diff] [blame]441 - domain: bitwarden.p.{{ .Values.domain }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]442 - certificateIssuer: {{ .Values.id }}-private
443 - ingressClassName: {{ .Values.id }}-ingress-private
444- name: matrix-storage # TODO(giolekva): merge with core-auth
445 chart: bitnami/postgresql
446 version: 10.13.5
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]447 namespace: {{ .Values.namespacePrefix }}app-matrix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]448 values:
449 - fullnameOverride: postgres
450 - image:
451 repository: arm64v8/postgres
452 tag: 13.4
453 - service:
454 type: ClusterIP
455 port: 5432
456 - postgresqlPassword: psswd
457 - initdbScripts:
458 createdb.sh: |
459 #!/bin/sh
460 createdb -U postgres --encoding=UTF8 --locale=C --template=template0 --owner=postgres matrix
461 - persistence:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]462 size: {{ .Values.matrixStorageSize }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]463 - securityContext:
464 enabled: true
465 fsGroup: 0
466 - containerSecurityContext:
467 enabled: true
468 runAsUser: 0
469 - volumePermissions:
470 securityContext:
471 runAsUser: 0
472- name: matrix
473 chart: ../../charts/matrix
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]474 namespace: {{ .Values.namespacePrefix }}app-matrix
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]475 values:
476 - domain: {{ .Values.domain }}
477 - oauth2:
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame^]478 hydraAdmin: http://hydra-admin.{{ .Values.namespacePrefix}}core-auth.svc.cluster.local
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]479 hydraPublic: https://hydra.{{ .Values.domain }}
480 clientId: matrix
giolekva01a6b792021-11-11 19:01:17 +0400[diff] [blame]481 clientSecret: {{ .Values.matrixOAuth2ClientSecret }}
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]482 secretName: oauth2-client
483 - postgresql:
484 host: postgres
485 port: 5432
486 database: matrix
487 user: postgres
488 password: psswd
489 - certificateIssuer: {{ .Values.id }}-public
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]490 - ingressClassName: {{ .Values.pcloudEnvName }}-ingress-public
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]491 - configMerge:
492 configName: config-to-merge
493 fileName: to-merge.yaml
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]494- name: pihole
495 chart: ../../charts/pihole
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]496 namespace: {{ .Values.namespacePrefix }}app-pihole
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]497 values:
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]498 - domain: pihole.p.{{ .Values.domain }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]499 - pihole:
500 image:
501 repository: "pihole/pihole"
502 tag: v5.8.1
503 persistentVolumeClaim:
504 enabled: true
505 size: 5Gi
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]506 adminPassword: admin
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]507 ingress:
508 enabled: false
509 serviceDhcp:
510 enabled: false
511 serviceDns:
512 type: ClusterIP
513 serviceWeb:
514 type: ClusterIP
515 http:
516 enabled: true
517 https:
518 enabled: false
giolekva17861bc2021-11-09 19:50:50 +0400[diff] [blame]519 virtualHost: pihole.p.{{ .Values.domain }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]520 resources:
521 requests:
522 cpu: "250m"
523 memory: "100M"
524 limits:
525 cpu: "500m"
526 memory: "250M"
527 - oauth2:
528 clientId: pihole
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]529 clientSecret: {{ .Values.piholeOAuth2ClientSecret }}
530 cookieSecret: {{ .Values.piholeOAuth2CookieSecret }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]531 secretName: oauth2-secret
532 configName: oauth2-proxy
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame^]533 hydraAdmin: http://hydra-admin.{{ .Values.namespacePrefix}}core-auth.svc.cluster.local
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]534 - hydraPublic: https://hydra.{{ .Values.domain }}/
535 - profileUrl: https://accounts-ui.{{ .Values.domain }}
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame]536 - ingressClassName: {{ .Values.id }}-ingress-private
giolekva7fe15192021-11-19 13:58:16 +0400[diff] [blame]537- name: maddy
538 chart: ../../charts/maddy
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]539 namespace: {{ .Values.namespacePrefix }}app-maddy
giolekva7fe15192021-11-19 13:58:16 +0400[diff] [blame]540 values:
541 - ingress:
542 private:
543 className: {{ .Values.id }}-ingress-private
544 domain: p.{{ .Values.domain }}
545 public:
giolekva883992b2021-11-27 21:13:28 +0400[diff] [blame]546 className: {{ .Values.pcloudEnvName }}-ingress-public
giolekva7fe15192021-11-19 13:58:16 +0400[diff] [blame]547 domain: {{ .Values.domain }}
548 certificateIssuer: {{ .Values.id }}-public
549 - storage:
550 size: 10Gi
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]551 - mailGateway:
552 mxHostname: {{ .Values.mxHostname}}
553 address: {{ .Values.mailGatewayAddress }}
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]554
555environments:
556 shveli:
giolekva99c6cdd2021-11-10 15:12:48 +0400[diff] [blame]557 secrets:
558 - secrets.shveli.yaml
giolekva5cd32162021-11-05 20:10:19 +0400[diff] [blame]559 values:
giolekva11881b52021-11-27 16:51:58 +0400[diff] [blame]560 - pcloudEnvName: pcloud
giolekvadd750802021-11-07 13:24:21 +0400[diff] [blame]561 - id: shveli
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]562 - namespacePrefix: shveli-
giolekvadd750802021-11-07 13:24:21 +0400[diff] [blame]563 - domain: shve.li
564 - contactEmail: giolekva@gmail.com
565 - certManagerNamespace: cert-manager
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]566 - mxHostname: mail.lekva.me
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]567 - mailGatewayAddress: "tcp://maddy.pcloud-mail-gateway.svc.cluster.local:587"
giolekvaf216f2c2021-12-01 17:29:25 +0400[diff] [blame^]568 - matrixStorageSize: 1Gi
giolekva30850462021-12-01 16:23:50 +0400[diff] [blame]569 lekva:
570 secrets:
571 - secrets.lekva.yaml
572 values:
573 - pcloudEnvName: pcloud
574 - id: lekva
575 - namespacePrefix: lekva-
576 - domain: lekva.me
577 - contactEmail: giolekva@gmail.com
578 - certManagerNamespace: cert-manager
579 - mxHostname: mail.lekva.me
580 - mailGatewayAddress: "tcp://maddy.pcloud-mail-gateway.svc.cluster.local:587"
581 - matrixStorageSize: 100Gi