2022-06-27 00:46:04 +02:00
---
2022-06-22 17:38:07 +02:00
# Default values for fcoscore.
2022-06-21 12:26:11 +02:00
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
2022-06-08 11:35:06 +02:00
2022-06-22 17:38:07 +02:00
## @param global.imageRegistry Global Docker image registry
## @param global.imagePullSecrets Global Docker registry secret names as an array
## @param global.storageClass Global StorageClass for Persistent Volume(s)
##
global :
imageRegistry : ""
## E.g.
## imagePullSecrets:
## - myRegistryKeySecretName
##
imagePullSecrets : [ ]
storageClass : ""
2022-06-21 12:26:11 +02:00
replicaCount : 1
2022-06-08 11:35:06 +02:00
2022-06-22 17:38:07 +02:00
## Enable diagnostic mode in the statefulset
##
diagnosticMode :
## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
##
enabled : false
## @param diagnosticMode.command Command to override all containers in the the statefulset
##
command :
- sleep
## @param diagnosticMode.args Args to override all containers in the the statefulset
##
args :
- infinity
audit :
pgAuditLog : true
logLinePrefix : ""
# logTimezone: ""
2022-06-08 11:35:06 +02:00
2022-06-21 12:26:11 +02:00
nameOverride : ""
fullnameOverride : ""
2022-06-08 11:35:06 +02:00
2022-06-22 17:38:07 +02:00
## Authentication parameters
##
auth :
## @param auth.password FabCityOS admin password. WARNING: Minimum length of 10 characters
## Defaults to a random 10-character alphanumeric string if not set
##
password : ""
## @param auth.existingSecret Name of an existing secret to use for Discourse credentials
## `auth.password` will be ignored and picked up from this secret
## The secret must contain the key `discourse-password`
## The value is evaluated as a template
##
existingSecret : ""
2022-11-01 13:12:26 +01:00
invitationKey : ""
2022-06-22 17:38:07 +02:00
## @param host Hostname to create application URLs (include the port if =/= 80)
##
host : ""
## @param siteName fcoscore site name
##
2022-10-25 13:38:56 +02:00
siteName : "Fab City Core node for valueflows circular economy networks"
2022-06-22 17:38:07 +02:00
## fcoscore SMTP settings
## @param smtp.enabled Enable/disable SMTP
## @param smtp.backend SMTP Backend type
## @param smtp.host SMTP host name
## @param smtp.port SMTP port number
## @param smtp.user SMTP account user name
## @param smtp.password SMTP account password
## @param smtp.protocol SMTP protocol (Allowed values: tls, ssl)
## @param smtp.auth SMTP authentication method
## @param smtp.existingSecret Name of an existing Kubernetes secret. The secret must have the following key configured: `smtp-password`
##
smtp :
enabled : false
backend : smtp
host : ""
port : ""
user : ""
password : ""
protocol : ""
auth : ""
existingSecret : ""
from : ""
api_key : ""
2022-06-21 12:26:11 +02:00
serviceAccount :
# Specifies whether a service account should be created
create : true
# Annotations to add to the service account
annotations : {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name : ""
2022-06-08 11:35:06 +02:00
podAnnotations : {}
2022-10-25 13:38:56 +02:00
securityContext :
{}
2022-06-21 12:26:11 +02:00
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
2022-06-08 11:35:06 +02:00
ingress :
enabled : false
2022-06-21 12:26:11 +02:00
className : ""
2022-10-25 13:38:56 +02:00
annotations :
{}
2022-06-21 12:26:11 +02:00
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts :
2022-06-22 17:38:07 +02:00
- host : fcoscore.local
2022-06-21 12:26:11 +02:00
paths :
- path : /
pathType : ImplementationSpecific
tls : [ ]
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
2022-10-25 13:38:56 +02:00
resources :
{}
2022-06-21 12:26:11 +02:00
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
2022-06-08 11:35:06 +02:00
2022-06-22 17:38:07 +02:00
## Configure Pods Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param podSecurityContext.enabled Enabled Odoo pods' Security Context
## @param podSecurityContext.fsGroup Set Odoo pod's Security Context fsGroup
##
2022-10-25 13:38:56 +02:00
podSecurityContext :
{}
2022-06-22 17:38:07 +02:00
# fsGroup: 2000
## Configure Container Security Context (only main container)
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param containerSecurityContext.enabled Enabled Odoo containers' Security Context
## @param containerSecurityContext.runAsUser Set Odoo container's Security Context runAsUser
##
containerSecurityContext :
enabled : false
runAsUser : 1001
2022-06-08 11:35:06 +02:00
autoscaling :
enabled : false
minReplicas : 1
2022-06-21 12:26:11 +02:00
maxReplicas : 100
targetCPUUtilizationPercentage : 80
# targetMemoryUtilizationPercentage: 80
2022-06-08 11:35:06 +02:00
2022-06-21 12:26:11 +02:00
nodeSelector : {}
2022-06-08 11:35:06 +02:00
2022-06-21 12:26:11 +02:00
tolerations : [ ]
2022-06-08 11:35:06 +02:00
2022-06-21 12:26:11 +02:00
affinity : {}
2022-06-22 17:38:07 +02:00
2022-10-25 13:38:56 +02:00
## @param image.registry fcoscore image registry
## @param image.repository fcoscore image repository
## @param image.pullPolicy fcoscore image pull policy
## @param image.pullSecrets fcoscore image pull secrets
## @param image.tag fcoscore image tag
## @param image.debug Enable image debug mode
##
zenflow :
2023-02-13 16:45:57 +01:00
registry : ghcr.io
repository : interfacerproject/zenflows
2022-10-25 13:38:56 +02:00
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
2022-06-22 17:38:07 +02:00
##
2022-10-25 13:38:56 +02:00
pullPolicy : IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
2022-06-22 17:38:07 +02:00
##
2022-10-25 13:38:56 +02:00
pullSecrets : [ ]
## Set to true if you would like to see extra information on logs
2022-06-22 17:38:07 +02:00
##
2022-10-25 13:38:56 +02:00
# Overrides the image tag whose default is the chart appVersion.
# tag: ""
2023-02-13 16:45:57 +01:00
tag : master
2022-10-25 13:38:56 +02:00
secretName : ""
existingSecret : ""
debug : false
service :
type : ClusterIP
port : 8000
room :
salt : ""
zvmlet :
2023-02-13 16:45:57 +01:00
registry : ghcr.io
repository : interfacerproject/zenflows-crypto
2022-10-25 13:38:56 +02:00
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
2022-06-22 17:38:07 +02:00
##
2022-10-25 13:38:56 +02:00
pullPolicy : IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
2022-06-22 17:38:07 +02:00
##
2022-10-25 13:38:56 +02:00
pullSecrets : [ ]
## Set to true if you would like to see extra information on logs
2022-06-22 17:38:07 +02:00
##
2022-10-25 13:38:56 +02:00
# Overrides the image tag whose default is the chart appVersion.
2023-02-13 16:45:57 +01:00
tag : latest
2022-10-25 13:38:56 +02:00
debug : false
service :
type : ClusterIP
port : 3000
2022-06-22 17:38:07 +02:00
2022-11-01 13:12:26 +01:00
frontend :
2023-02-13 16:45:57 +01:00
registry : ghcr.io
repository : interfacerproject/interfacer-gui
2022-11-01 13:12:26 +01:00
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy : IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets : [ ]
## Set to true if you would like to see extra information on logs
##
# Overrides the image tag whose default is the chart appVersion.
2023-02-13 16:45:57 +01:00
tag : main
2022-11-01 13:12:26 +01:00
debug : false
service :
type : ClusterIP
2022-11-10 17:23:06 +01:00
port : 8080
gateway :
2023-02-13 16:45:57 +01:00
registry : ghcr.io
repository : interfacerproject/interfacer-gateway
2022-11-10 17:23:06 +01:00
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy : IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets : [ ]
## Set to true if you would like to see extra information on logs
##
# Overrides the image tag whose default is the chart appVersion.
2023-02-13 16:45:57 +01:00
tag : main
2022-11-10 17:23:06 +01:00
debug : false
service :
type : ClusterIP
2022-11-30 14:29:38 +01:00
port : 3000
2022-11-30 10:08:26 +01:00
url : ""
2022-11-01 13:12:26 +01:00
2023-02-13 16:45:57 +01:00
inbox :
registry : ghcr.io
repository : interfacerproject/zenflows-inbox-tarantool
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy : IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets : [ ]
## Set to true if you would like to see extra information on logs
##
# Overrides the image tag whose default is the chart appVersion.
tag : main
debug : false
service :
type : ClusterIP
port : 8080
url : ""
tarantool :
registry : ghcr.io
repository : interfacerproject/zenflows-inbox-tarantool-db
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy : IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets : [ ]
## Set to true if you would like to see extra information on logs
##
# Overrides the image tag whose default is the chart appVersion.
tag : main
debug : false
service :
type : ClusterIP
port : 3500
url : ""
2022-06-22 17:38:07 +02:00
## Persistence Parameters
## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence :
## @param persistence.enabled Enable persistence using Persistent Volume Claims
##
enabled : true
## @param persistence.storageClass Persistent Volume storage class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
##
storageClass : ""
## @param persistence.accessModes [array] Persistent Volume access modes
##
accessModes :
- ReadWriteOnce
## @param persistence.accessMode Persistent Volume access mode (DEPRECATED: use `persistence.accessModes` instead)
##
accessMode : ReadWriteOnce
## @param persistence.size Persistent Volume size
##
size : 10Gi
## @param persistence.existingClaim The name of an existing PVC to use for persistence
##
existingClaim : ""
## @param persistence.selector Selector to match an existing Persistent Volume for Discourse data PVC
## If set, the PVC can't have a PV dynamically provisioned for it
## E.g.
## selector:
## matchLabels:
## app: my-app
##
selector : {}
## @param persistence.annotations Persistent Volume Claim annotations
##
annotations : {}
networkPolicy :
## @param networkPolicy.enabled Enable network policies
## If ingress.enabled is true, configure networkPolicy.ingress selectors to allow communication
##
enabled : false
## @param networkPolicy.ingress.enabled Enable network policy for Ingress Proxies
## @param networkPolicy.ingress.namespaceSelector Ingress Proxy namespace selector labels. These labels will be used to identify the Ingress Proxy's namespace.
## @param networkPolicy.ingress.podSelector Ingress Proxy pods selector labels. These labels will be used to identify the Ingress Proxy pods.
##
ingress :
enabled : false
## e.g:
## podSelector:
## label: ingress
##
podSelector : {}
## e.g:
## namespaceSelector:
## label: ingress
##
namespaceSelector : {}
## @param networkPolicy.ingressRules.backendOnlyAccessibleByFrontend Enable ingress rule that makes the backends (PostgreSQL and Redis) only accessible by Discourse's pods.
## @param networkPolicy.ingressRules.customBackendSelector Backend selector labels. These labels will be used to identify the backend pods.
## @param networkPolicy.ingressRules.accessOnlyFrom.enabled Enable ingress rule that makes Discourse only accessible from a particular origin
## @param networkPolicy.ingressRules.accessOnlyFrom.namespaceSelector Namespace selector label that is allowed to access Discourse. This label will be used to identified the allowed namespace(s).
## @param networkPolicy.ingressRules.accessOnlyFrom.podSelector Pods selector label that is allowed to access Discourse. This label will be used to identified the allowed pod(s).
## @param networkPolicy.ingressRules.customRules Custom network policy ingress rule
##
ingressRules :
## PostgreSQL and Redis backends only can be accessed from Discourse
##
backendOnlyAccessibleByFrontend : false
customBackendSelector : {}
## Allow only from the indicated:
##
accessOnlyFrom :
enabled : false
## e.g:
## namespaceSelector:
## label: ingress
##
namespaceSelector : {}
## e.g:
## podSelector:
## label: access
##
podSelector : {}
## custom ingress rules
## e.g:
## customRules:
## - from:
## - namespaceSelector:
## matchLabels:
## label: example
##
customRules : {}
## @param networkPolicy.egressRules.denyConnectionsToExternal Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53).
## @param networkPolicy.egressRules.customRules Custom network policy rule
##
egressRules :
## Deny connections to external. This is not compatible with an external database.
##
denyConnectionsToExternal : false
## Additional custom egress rules
## e.g:
## customRules:
## - to:
## - namespaceSelector:
## matchLabels:
## label: example
##
customRules : {}
## PostgreSQL chart configuration
## ref: https://github.com/bitnami/charts/blob/master/bitnami/postgresql/values.yaml
## @param postgresql.enabled Switch to enable or disable the PostgreSQL helm chart
## @param postgresql.auth.enablePostgresUser Assign a password to the "postgres" admin user. Otherwise, remote access will be blocked for this user
## @param postgresql.auth.postgresPassword Password for the "postgres" admin user
## @param postgresql.auth.username Name for a custom user to create
## @param postgresql.auth.password Password for the custom user to create
## @param postgresql.auth.database Name for a custom database to create
## @param postgresql.auth.existingSecret Name of existing secret to use for PostgreSQL credentials
## @param postgresql.architecture PostgreSQL architecture (`standalone` or `replication`)
##
postgresql :
enabled : true
auth :
2022-10-25 13:38:56 +02:00
username : zenflow
2022-11-10 17:23:06 +01:00
database : fcoscore_zenflow
2022-06-22 17:38:07 +02:00
audit :
logHostname : true
logConnections : true
logDisconnections : true
pgAuditLogCatalog : "on"
clientMinMessages : error
extensions : hstore,pg_trgm,postgis
## External PostgreSQL configuration
## All of these values are only used when postgresql.enabled is set to false
## @param externalDatabase.host Database host
## @param externalDatabase.port Database port number
## @param externalDatabase.user Non-root username for FabCityOS
## @param externalDatabase.password Password for the non-root username for FabCityOS
## @param externalDatabase.database FabCityOS database name
## @param externalDatabase.create Switch to enable user/database creation during the installation stage
## @param externalDatabase.postgresUser PostgreSQL admin user, used during the installation stage
## @param externalDatabase.postgresPassword PostgreSQL admin password, used during the installation stage
## @param externalDatabase.existingSecret Name of an existing secret resource containing the database credentials
## @param externalDatabase.existingSecretPasswordKey Name of an existing secret key containing the database credentials
## @param externalDatabase.existingSecretPostgresPasswordKey Name of an existing secret key containing the database admin user credentials
##
externalDatabase :
host : ""
port : 5432
user : ""
password : ""
database : ""
create : true
postgresUser : postgres
existingSecret : ""
existingSecretPasswordKey : ""
existingSecretPostgresPasswordKey : ""