1068646b09
Signed-off-by: Alex <1353716+alexstojda@users.noreply.github.com> Change-Id: I456a5e4102a30fc4aa620a53a741fa1ce55a5b7e
362 lines
8.4 KiB
YAML
362 lines
8.4 KiB
YAML
---
|
|
# Default values for newchart.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
image:
|
|
repository: collabora/code
|
|
pullPolicy: IfNotPresent
|
|
# Overrides the image tag whose default is the chart appVersion.
|
|
tag: ""
|
|
|
|
imagePullSecrets: []
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
terminationGracePeriodSeconds: 60
|
|
|
|
serviceAccount:
|
|
# Specifies whether a service account should be created
|
|
create: false
|
|
# Annotations to add to the service account
|
|
annotations: {}
|
|
# The name of the service account to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name: ""
|
|
|
|
collabora:
|
|
# example to add aliasgroups
|
|
# - host: "<protocol>://<host-name>:<port>"
|
|
# aliases: ["<protocol>://<its-first-alias>:<port>, <protocol>://<its-second-alias>:<port>"]
|
|
aliasgroups: []
|
|
|
|
extra_params: --o:ssl.enable=false
|
|
|
|
# External hostname:port of the server running coolwsd.
|
|
# If empty, it's derived from the request (please set it if this doesn't work).
|
|
# May be specified when behind a reverse-proxy or when the hostname is not reachable directly.
|
|
server_name: null
|
|
|
|
existingSecret:
|
|
enabled: false
|
|
secretName: ""
|
|
usernameKey: "username"
|
|
passwordKey: "password"
|
|
password: examplepass
|
|
username: admin
|
|
env: []
|
|
|
|
prometheus:
|
|
servicemonitor:
|
|
enabled: false
|
|
labels: {}
|
|
rules:
|
|
enabled: false
|
|
additionalLabels: {}
|
|
defaults:
|
|
enabled: true
|
|
docs:
|
|
duplicated: 0
|
|
pod:
|
|
critical: 10
|
|
warning: 8
|
|
info: 5
|
|
sum:
|
|
critical: 500
|
|
warning: 200
|
|
info: 50
|
|
errorServiceUnavailable:
|
|
critical: 50
|
|
warning: 2
|
|
info: 0
|
|
errorUnauthorizedRequest:
|
|
observationInterval: "60m"
|
|
eventCounter: 8
|
|
errorStorageConnections:
|
|
critical: 50
|
|
warning: 2
|
|
info: 0
|
|
viewers:
|
|
pod:
|
|
critical: 100
|
|
warning: 80
|
|
info: 60
|
|
doc:
|
|
critical: 50
|
|
warning: 40
|
|
info: 30
|
|
sum:
|
|
critical: 15000
|
|
warning: 12000
|
|
info: 5000
|
|
additionalRules: []
|
|
|
|
grafana:
|
|
dashboards:
|
|
enabled: false
|
|
labels:
|
|
grafana_dashboard: "1"
|
|
annotations: {}
|
|
|
|
# Logging
|
|
# This HelmChart could also deploy Flow for the [Logging-Operator](https://kube-logging.github.io/docs/)
|
|
# Configuration is optimzed for deliever to elasticsearch
|
|
logging:
|
|
# -- Deploy Flow for logging-operator
|
|
enabled: false
|
|
# -- Enable record filter for record_modify to the [ElasticCommonSchema](https://www.elastic.co/guide/en/ecs/current/index.html)
|
|
ecs: false
|
|
# -- if an filter (here or global) for dedot is active - for disable set `null`
|
|
dedot:
|
|
# -- Add other filters to Flow
|
|
additionalFilters: []
|
|
# -- Flows localOutputRefs for use of Outputs
|
|
localOutputRefs: []
|
|
# -- Flows globalOutputRefs for use of ClusterOutputs
|
|
globalOutputRefs:
|
|
- "default"
|
|
|
|
podAnnotations: {}
|
|
|
|
podLabels: {}
|
|
|
|
podSecurityContext: {}
|
|
# fsGroup: 2000
|
|
|
|
securityContext: {}
|
|
# readOnlyRootFilesystem: false
|
|
# privileged: true
|
|
# capabilities:
|
|
# drop:
|
|
# - ALL
|
|
# readOnlyRootFilesystem: true
|
|
# runAsNonRoot: true
|
|
# runAsUser: 1000
|
|
|
|
service:
|
|
type: ClusterIP
|
|
port: 9980
|
|
annotations: {}
|
|
|
|
deployment:
|
|
# Use StatefulSet or Deployment
|
|
kind: Deployment
|
|
containerPort: 9980
|
|
type: RollingUpdate
|
|
minReadySeconds: 0
|
|
maxUnavailable: 0
|
|
maxSurge: 1
|
|
# info on how to use hostAliases: https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/
|
|
# note: different from aliasgroups
|
|
hostAliases: null
|
|
|
|
probes:
|
|
startup:
|
|
enabled: true
|
|
failureThreshold: 30
|
|
periodSeconds: 3
|
|
|
|
readiness:
|
|
enabled: true
|
|
initialDelaySeconds: 0
|
|
periodSeconds: 10
|
|
timeoutSeconds: 30
|
|
successThreshold: 1
|
|
failureThreshold: 2
|
|
liveness:
|
|
enabled: true
|
|
initialDelaySeconds: 0
|
|
periodSeconds: 10
|
|
timeoutSeconds: 30
|
|
successThreshold: 1
|
|
failureThreshold: 4
|
|
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
annotations: {}
|
|
# # nginx
|
|
# nginx.ingress.kubernetes.io/upstream-hash-by: "$arg_WOPISrc"
|
|
# # block admin urls from outside
|
|
# nginx.ingress.kubernetes.io/server-snippet: |
|
|
# location /cool/getMetrics { deny all; return 403; }
|
|
# location /cool/adminws/ { deny all; return 403; }
|
|
# location /browser/dist/admin/admin.html { deny all; return 403; }
|
|
#
|
|
# # HAProxy
|
|
# haproxy.org/timeout-tunnel: "3600s"
|
|
# haproxy.org/backend-config-snippet: |
|
|
# mode http
|
|
# balance leastconn
|
|
# stick-table type string len 2048 size 1k store conn_cur
|
|
# http-request set-var(txn.wopisrcconns) url_param(WOPISrc),table_conn_cur()
|
|
# http-request track-sc1 url_param(WOPISrc)
|
|
# stick match url_param(WOPISrc) if { var(txn.wopisrcconns) -m int gt 0 }
|
|
# stick store-request url_param(WOPISrc)
|
|
#
|
|
# # HAProxy - Community: https://haproxy-ingress.github.io/
|
|
# haproxy-ingress.github.io/timeout-tunnel: 3600s
|
|
# haproxy-ingress.github.io/balance-algorithm: url_param WOPISrc check_post
|
|
# haproxy-ingress.github.io/config-backend:
|
|
# hash-type consistent
|
|
# # block admin urls from outside
|
|
# acl admin_url path_beg /cool/getMetrics
|
|
# acl admin_url path_beg /cool/adminws/
|
|
# acl admin_url path_beg /browser/dist/admin/admin.html
|
|
# http-request deny if admin_url
|
|
#
|
|
hosts:
|
|
- host: chart-example.local
|
|
paths:
|
|
- path: /
|
|
pathType: ImplementationSpecific
|
|
tls: []
|
|
# - secretName: chart-example-tls
|
|
# hosts:
|
|
# - chart-example.local
|
|
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
resources: {}
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
|
|
replicaCount: 1
|
|
|
|
autoscaling:
|
|
enabled: true
|
|
minReplicas: 2
|
|
maxReplicas: 100
|
|
targetCPUUtilizationPercentage: 70
|
|
targetMemoryUtilizationPercentage: 50
|
|
scaleDownDisabled: false
|
|
|
|
podDisruptionBudget:
|
|
enabled: false
|
|
# minAvailable: 1
|
|
# maxUnavailable: 1
|
|
|
|
dynamicConfig:
|
|
enabled: false
|
|
logging:
|
|
enabled: false
|
|
ecs: false
|
|
dedot:
|
|
additionalFilters: []
|
|
localOutputRefs: []
|
|
globalOutputRefs:
|
|
- "default"
|
|
|
|
image:
|
|
repository: nginx
|
|
tag: 1.25
|
|
pullPolicy: IfNotPresent
|
|
|
|
replicaCount: 1
|
|
podAnnotations: []
|
|
podSecurityContext: {}
|
|
securityContext: {}
|
|
|
|
# configVolumeType: configMap # configMap or pvc
|
|
|
|
existingConfigMap:
|
|
enabled: false
|
|
name: ""
|
|
|
|
upload:
|
|
enabled: false
|
|
image:
|
|
repository: "twostoryrobot/simple-file-upload"
|
|
digest: 547fc4360b31d8604b7a26202914e87cd13609cc938fd83f412c77eb44aa1cc4
|
|
key: TESTKEY
|
|
pvc:
|
|
size: 1Gi
|
|
accessMode: "ReadWriteOnce"
|
|
# storageClassName: ""
|
|
service:
|
|
port: 8090
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
annotations: {}
|
|
hosts:
|
|
- host: chart-example.local
|
|
paths:
|
|
- path: /
|
|
pathType: ImplementationSpecific
|
|
tls: []
|
|
# - secretName: chart-example-tls
|
|
# hosts:
|
|
# - chart-example.local
|
|
|
|
logging:
|
|
enabled: false
|
|
ecs: false
|
|
dedot:
|
|
additionalFilters: []
|
|
localOutputRefs: []
|
|
globalOutputRefs:
|
|
- "default"
|
|
|
|
containerPort: 80
|
|
|
|
probes:
|
|
startup:
|
|
enabled: true
|
|
failureThreshold: 30
|
|
periodSeconds: 2
|
|
readiness:
|
|
enabled: true
|
|
initialDelaySeconds: 0
|
|
periodSeconds: 10
|
|
timeoutSeconds: 30
|
|
successThreshold: 1
|
|
failureThreshold: 2
|
|
liveness:
|
|
enabled: true
|
|
initialDelaySeconds: 0
|
|
periodSeconds: 10
|
|
timeoutSeconds: 30
|
|
successThreshold: 1
|
|
failureThreshold: 4
|
|
|
|
env: []
|
|
resources: {}
|
|
nodeSelector: {}
|
|
tolerations: []
|
|
affinity: {}
|
|
|
|
service:
|
|
port: 8080
|
|
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
annotations: {}
|
|
hosts:
|
|
- host: chart-example.local
|
|
paths:
|
|
- path: /
|
|
pathType: ImplementationSpecific
|
|
tls: []
|
|
# - secretName: chart-example-tls
|
|
# hosts:
|
|
# - chart-example.local
|
|
|
|
configuration: |
|
|
{}
|
|
|
|
trusted_certs_install:
|
|
enabled: false
|
|
trusted_certs: []
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|