tsai
/
squidex
mirror of https://github.com/Squidex/squidex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Headless CMS and Content Managment Hub
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6067 Commits
16 Branches
152 Tags
129 MiB
 
 
 
 
 
Tag: 7.22.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7.22.0'
${ noResults }
squidex/helm/squidex7/values.yaml

427 lines
14 KiB
Raw Permalink Blame History

## @section Global parameters
## @param nameOverride Override the name of the application.
nameOverride: "squidex"
## @param labels [object] Labels to add to the deployment.
labels:
# custom: "custom"
service:
## @param service.type Kubernetes Service type.
##
type: ClusterIP
## @param service.port Kubernetes Service port.
##
port: 8080
deployment:
## @param deployment.replicaCount Number of replicas (ignored if autoscaling enabled).
replicaCount: 1
## @param deployment.revisionHistoryLimit [default: 2] Number of revision history.
revisionHistoryLimit: 2
## @param deployment.serviceAccountName Name of the service account to use.
serviceAccountName: ""
## @param deployment.strategy.type Deployment strategy type.
strategy:
type: RollingUpdate
## @param deployment.strategy.rollingUpdate.maxSurge Maximum number of pods that can be created above the desired amount.
rollingUpdate:
maxSurge: 1
## @param deployment.strategy.rollingUpdate.maxUnavailable Maximum number of unavailable pods during update.
maxUnavailable: 0
## @param deployment.restartPolicy Pod restart policy.
restartPolicy: Always
## @param deployment.annotations Annotations to add to the deployment.
annotations:
# vault.hashicorp.com/agent-pre-populate-only: "true"
# vault.hashicorp.com/agent-limits-cpu: 50m
# vault.hashicorp.com/agent-limits-mem: 64Mi
# vault.hashicorp.com/agent-requests-cpu: 10m
# vault.hashicorp.com/agent-requests-mem: 16Mi
## @param deployment.command Command to run in the container.
command:
# - sh
# - -c
## @param deployment.args Arguments to pass to the container.
args:
# - 'dotnet Squidex.dll'
## @param networkPolicy.enabled Enable network policies.
networkPolicy:
enabled: false
## @skip networkPolicy.ingressRules
ingressRules:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: ingress-nginx
- podSelector:
matchLabels:
app.kubernetes.io/instance: ingress-nginx
ports:
- port: 8080
protocol: TCP
## @skip networkPolicy.egressRules
egressRules:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-system
podSelector:
matchLabels:
k8s-app: kube-dns
ports:
- port: 53
protocol: UDP
- port: 53
protocol: TCP
selectors:
## @skip selectors.component
##
component: squidex
## @skip selectors.partOf
##
partOf: ""
## @skip selectors.version
##
version: ""
image:
## @param image.repository Squidex image registry.
##
repository: squidex/squidex
## @param image.pullPolicy Squidex image pull policy.
##
pullPolicy: IfNotPresent
## @param resources [object] Resource requests and limits.
resources:
limits:
memory: "1Gi"
requests:
cpu: "200m"
memory: "512Mi"
## @skip nodeSelector
nodeSelector: { }
## @skip tolerations
tolerations: [ ]
## @skip affinity
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/instance: squidex
app.kubernetes.io/component: squidex
topologyKey: kubernetes.io/hostname
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- arm64
## @param topologySpreadConstraints [array] Topology spread constraints for pod scheduling.
topologySpreadConstraints:
# - maxSkew: 1
# topologyKey: kubernetes.io/hostname
# whenUnsatisfiable: DoNotSchedule
# labelSelector:
# matchLabels:
# app.kubernetes.io/instance: squidex
# app.kubernetes.io/component: squidex
## @param priorityClassName [nullable] Priority class name for the pod.
priorityClassName:
## @skip clusterSuffix
clusterSuffix: cluster.local
## @param runAsNonRoot Run container as non-root user.
runAsNonRoot: true
## @skip podSecurityContext [object]
## You can modify the security context userepd to run PODS in the cluster
## For information regarding which settings are required per policy see: https://kubernetes.io/docs/concepts/security/pod-security-standards/
## An example that follows the Restricted profile is described below:
#
podSecurityContext:
seccompProfile:
type: RuntimeDefault
runAsNonRoot: true
runAsUser: 10000
runAsGroup: 10000
fsGroup: 10000
## @skip containerSecurityContext [object]
## You can modify the security context used to run CONTAINERS in the cluster
## For information regarding which settings are required per policy see: https://kubernetes.io/docs/concepts/security/pod-security-standards/
## readOnlyRootFilesystem: true not supported becasue of backup and restore process
## An example that follows the Restricted profile is described below:
#
containerSecurityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
## @skip auth
auth:
##
ingress:
## @param ingress.enabled True to deploy an ingress.
## If true, Squidex Ingress will be created.
##
enabled: false
## @param ingress.ingressClassName The ingress class.
ingressClassName: nginx
## @param ingress.annotations [object] Ingress annotations.
annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/proxy-body-size: 50m
nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
nginx.ingress.kubernetes.io/proxy-buffers: 4 256k
nginx.ingress.kubernetes.io/proxy-busy-buffers-size: 256k
nginx.ingress.kubernetes.io/ssl-redirect: 'true'
## @param ingress.hostName The host name for the ingress.
##
hostName: squidex.local
## @skip ingress.tls
tls: [ ]
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
## @section Squidex parameters
env:
# Define the type of the event store
## @param env.EVENTSTORE__MONGODB__DATABASE The name of the database for events.
EVENTSTORE__MONGODB__DATABASE: "Squidex"
## @skip env.EVENTSTORE__TYPE
## Define the type of the event store
##
EVENTSTORE__TYPE: MongoDb
# CREATE LOCAL ADMIN USER
## @param env.IDENTITY__ADMINEMAIL The initial admin email address.
##
IDENTITY__ADMINEMAIL: ""
## @param env.IDENTITY__ADMINPASSWORD The initial admin email address.
##
IDENTITY__ADMINPASSWORD: ""
## @param env.IDENTITY__ADMINRECREATE Recreate the admin if it does not exist or the password does not match.
##
IDENTITY__ADMINRECREATE: false
## @param env.IDENTITY__ALLOWPASSWORDAUTH Enable password auth. Set this to false if you want to disable local login, leaving only 3rd party login options.
##
IDENTITY__ALLOWPASSWORDAUTH: "true"
## @param env.IDENTITY__LOCKAUTOMATICALLY Lock new users automatically, the administrator must unlock them.
##
IDENTITY__LOCKAUTOMATICALLY: "false"
## @param env.IDENTITY__PRIVACYURL The url to you privacy statements.
##
IDENTITY__PRIVACYURL: "https://squidex.io/privacy"
## @param env.IDENTITY__SHOWPII Set to true to show PII (Personally Identifiable Information) in the logs.
##
IDENTITY__SHOWPII: true #
## @param env.IDENTITY__GOOGLECLIENT Google client ID (keep empty to disable Google authentication).
##
IDENTITY__GOOGLECLIENT: null
## @param env.IDENTITY__GOOGLESECRET Google client secret (keep empty to disable Google authentication).
##
IDENTITY__GOOGLESECRET: null
## @param env.IDENTITY__GITHUBCLIENT Github client ID (keep empty to disable Github authentication).
##
IDENTITY__GITHUBCLIENT: null
## @param env.IDENTITY__GITHUBSECRET Github client secret (keep empty to disable Github authentication).
##
IDENTITY__GITHUBSECRET: null
## @param env.IDENTITY__MICROSOFTCLIENT Microsoft client ID (keep empty to disable Microsoft authentication).
##
IDENTITY__MICROSOFTCLIENT: null
## @param env.IDENTITY__MICROSOFTSECRET Microsoft client secret (keep empty to disable Microsoft authentication).
##
IDENTITY__MICROSOFTSECRET: null
## @param env.IDENTITY__MICROSOFTTENANT Optional tenant name for Azure AD.
##
IDENTITY__MICROSOFTTENANT: null
# Settings for your custom oidc server
## @param env.IDENTITY__OIDCAUTHORITY The URL to the custom OIDC authority.
##
IDENTITY__OIDCAUTHORITY: null
## @param env.IDENTITY__OIDCCLIENT The client ID to the authority.
##
IDENTITY__OIDCCLIENT: null
## @param env.IDENTITY__OIDCSECRET The client secret to the authority.
##
IDENTITY__OIDCSECRET: null
## @param env.IDENTITY__OIDCGETCLAIMSFROMUSERINFOENDPOINT True to get claims from the user endpoint.
##
IDENTITY__OIDCGETCLAIMSFROMUSERINFOENDPOINT: false
## @param env.IDENTITY__OIDCMETADATAADDRESS A custom address for OIDC metadata.
##
IDENTITY__OIDCMETADATAADDRESS: null
## @param env.IDENTITY__OIDCNAME The name of the OIDC integration or server. Used in the UI.
##
IDENTITY__OIDCNAME: null
## @param env.IDENTITY__OIDCRESPONSETYPE The type of the response. id_token or code.
##
IDENTITY__OIDCRESPONSETYPE: null
## @param env.IDENTITY__OIDCSCOPES The scopes.
##
IDENTITY__OIDCSCOPES: [] # ["email"]
## @param env.IDENTITY__OIDCSINGOUTREDIRECTURL The redirect URL for the sign out.
##
IDENTITY__OIDCSINGOUTREDIRECTURL: null
## @skip env.LETSENCRYPT_HOST
LETSENCRYPT_HOST: null
## @skip env.LETSENCRYPT_EMAIL
LETSENCRYPT_EMAIL: null
## @param env.LOGGING__APPLICATIONINSIGHTS__ENABLED Enable monitoring via application insights.
##
LOGGING__APPLICATIONINSIGHTS__ENABLED: false
## @param env.LOGGING__APPLICATIONINSIGHTS__CONNECTIONSTRING The connection string to application insights.
##
LOGGING__APPLICATIONINSIGHTS__CONNECTIONSTRING: null # "instrumentationkey=keyvalue"
## @param env.LOGGING__COLORS Use colors in the console output.
##
LOGGING__COLORS: false
## @param env.LOGGING__HUMAN Setting the flag to true, enables well formatteds json logs.
##
LOGGING__HUMAN: false
## @param env.LOGGING__LEVEL Trace, Debug, Information, Warning, Error, Fatal.
##
LOGGING__LEVEL: Warning
## @param env.LOGGING__LOGREQUESTS Set to false to disable logging of http requests.
##
LOGGING__LOGREQUESTS: true
## @param env.LOGGING__OTLP__ENABLED True, to enable OpenTelemetry Protocol integration.
##
LOGGING__OTLP__ENABLED: false
## @param env.LOGGING__OLTP__ENDPOINT The endpoint to the agent.
##
LOGGING__OLTP__ENDPOINT: null
## @param env.LOGGING__STACKDRIVER__ENABLED True, to enable stackdriver integration.
##
LOGGING__STACKDRIVER__ENABLED: false
## @param env.LOGGING__STOREENABLED False to disable the log store for HTTP requests.
##
LOGGING__STOREENABLED: true
## @param env.LOGGING__STORERETENTIONINDAYS The number of days request log items will be stored.
##
LOGGING__STORERETENTIONINDAYS: 90
## @skip env.STORE__TYPE
STORE__TYPE: MongoDb
## @param env.STORE__MONGODB__DATABASE The name of the main database.
##
STORE__MONGODB__DATABASE: "Squidex"
## @param env.STORE__MONGODB__CONTENTDATABASE The name of the database for content items.
##
STORE__MONGODB__CONTENTDATABASE: "SquidexContent"
## @skip env.ASSETSTORE__TYPE
ASSETSTORE__TYPE: MongoDb
## @param env.URLS__BASEURL Set the base url of your application, to generate correct urls in background process.
##
URLS__BASEURL: https://squidex.local/ #
## @param env.URLS__ENFORCEHTTPS Set it to true to redirect the user from http to https permanently.
##
URLS__ENFORCEHTTPS: false
## @param env.ASPNETCORE_URLS An override to ensure that kestrel starts on a non-privileged port.
##
ASPNETCORE_URLS: http://+:8080
# Bind secrets and configmaps directly into env as object name strings. Useful for managing sensitive data such as connection strings without exposing them to helm values
extraSecrets: []
extraConfigMaps: []
extraVolumes: []
extraVolumeMounts: []
## @param autoscaling.enabled Enable autoscaling for the deployment.
autoscaling:
enabled: false
## @param autoscaling.maxReplicas Maximum number of replicas.
maxReplicas: 6
## @param autoscaling.minReplicas Minimum number of replicas.
minReplicas: 3
## @param autoscaling.targetCPUUtilizationPercentage Target CPU utilization percentage.
targetCPUUtilizationPercentage: 85
## @param podDisruptionBudget.minAvailable Minimum number of available pods.
podDisruptionBudget:
minAvailable: 1
## @param podDisruptionBudget.unhealthyPodEvictionPolicy Policy for evicting unhealthy pods.
unhealthyPodEvictionPolicy: AlwaysAllow
## @section MongoDB parameters
mongodb:
## @param mongodb.architecture MongoDB(®) architecture (standalone or replicaset).
##
architecture: replicaset
## @param mongodb.enabled Uses the custom mongoDB instance.
##
enabled: true
## @param mongodb.replicaCount The number of replicas.
##
replicaCount: 3
auth:
## @param mongodb.auth.enabled Enable authentication for MongoDB.
##
enabled: false
## @param mongodb.auth.rootUsername The MongoDB root user name.
##
rootUsername: ""
## @param mongodb.auth.rootPassword The MongoDB root password.
##
rootPassword: ""
## @param mongodb.auth.existingSecret The name of the existing secret to use for authentication.
##
existingSecret: ""
persistence:
## @param mongodb.persistence.enabled If true, persistent volume claims are created.
##
enabled: true
## @param mongodb.persistence.storageClass The storage class for the persistent volume claim.
##
storageClass: ""
## @param mongodb.persistence.accessModes Persistent volume access modes.
##
accessModes:
- ReadWriteOnce
## @param mongodb.persistence.size Persistent volume size.
##
size: 10Gi
## @skip mongodb.arbiter
arbiter:
## @skip mongodb.arbiter.enabled
enabled: false
## @skip mongodb.nodeSelector
nodeSelector: {}