mirror of
https://github.com/penpot/penpot-helm.git
synced 2024-12-22 05:32:59 -05:00
chore(doc): improve documentation of Values section
This commit is contained in:
parent
b0d83d010b
commit
2001dfc006
8 changed files with 646 additions and 503 deletions
|
@ -15,170 +15,228 @@ $ helm install my-release penpot/penpot
|
||||||
|
|
||||||
## Values
|
## Values
|
||||||
|
|
||||||
|
### Backend parameters
|
||||||
|
|
||||||
| Key | Type | Default | Description |
|
| Key | Type | Default | Description |
|
||||||
|-----|------|---------|-------------|
|
|-----|------|---------|-------------|
|
||||||
| backend.affinity | object | `{}` | |
|
| backend.affinity | object | `{}` | Affinity for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) |
|
||||||
| backend.containerSecurityContext.allowPrivilegeEscalation | bool | `false` | |
|
| backend.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["all"]},"enabled":true,"readOnlyRootFilesystem":false,"runAsNonRoot":true,"runAsUser":1001}` | Configure Container Security Context. Check [the official doc](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) |
|
||||||
| backend.containerSecurityContext.capabilities.drop[0] | string | `"all"` | |
|
| backend.containerSecurityContext.allowPrivilegeEscalation | bool | `false` | Set Penpot containers' security context allowPrivilegeEscalation |
|
||||||
| backend.containerSecurityContext.enabled | bool | `true` | |
|
| backend.containerSecurityContext.capabilities | object | `{"drop":["all"]}` | Set Penpot containers' security context capabilities to be dropped |
|
||||||
| backend.containerSecurityContext.readOnlyRootFilesystem | bool | `false` | |
|
| backend.containerSecurityContext.enabled | bool | `true` | Enabled Penpot containers' security context |
|
||||||
| backend.containerSecurityContext.runAsNonRoot | bool | `true` | |
|
| backend.containerSecurityContext.readOnlyRootFilesystem | bool | `false` | Set Penpot containers' security context readOnlyRootFilesystem |
|
||||||
| backend.containerSecurityContext.runAsUser | int | `1001` | |
|
| backend.containerSecurityContext.runAsNonRoot | bool | `true` | Set Penpot container's security context runAsNonRoot |
|
||||||
| backend.image.pullPolicy | string | `"IfNotPresent"` | |
|
| backend.containerSecurityContext.runAsUser | int | `1001` | Set Penpot containers' security context runAsUser |
|
||||||
| backend.image.repository | string | `"penpotapp/backend"` | |
|
| backend.image.pullPolicy | string | `"IfNotPresent"` | The image pull policy to use. |
|
||||||
| backend.image.tag | string | `"2.0.3"` | |
|
| backend.image.repository | string | `"penpotapp/backend"` | The Docker repository to pull the image from. |
|
||||||
| backend.nodeSelector | object | `{}` | |
|
| backend.image.tag | string | `"2.0.3"` | The image tag to use. |
|
||||||
| backend.podSecurityContext.enabled | bool | `true` | |
|
| backend.nodeSelector | object | `{}` | Node labels for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/user-guide/node-selection/) |
|
||||||
| backend.podSecurityContext.fsGroup | int | `1001` | |
|
| backend.podSecurityContext | object | `{"enabled":true,"fsGroup":1001}` | Configure Pods Security Context. Check [the official doc](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) |
|
||||||
| backend.replicaCount | int | `1` | |
|
| backend.podSecurityContext.enabled | bool | `true` | Enabled Penpot pods' security context |
|
||||||
| backend.resources.limits | object | `{}` | |
|
| backend.podSecurityContext.fsGroup | int | `1001` | Set Penpot pod's security context fsGroup |
|
||||||
| backend.resources.requests | object | `{}` | |
|
| backend.replicaCount | int | `1` | The number of replicas to deploy. |
|
||||||
| backend.service.http.port | int | `6060` | |
|
| backend.resources | object | `{"limits":{},"requests":{}}` | Penpot backend resource requests and limits. Check [the official doc](https://kubernetes.io/docs/user-guide/compute-resources/) |
|
||||||
| backend.service.http.type | string | `"ClusterIP"` | |
|
| backend.resources.limits | object | `{}` | The resources limits for the Penpot backend containers |
|
||||||
| backend.service.prepl.enabled | bool | `false` | |
|
| backend.resources.requests | object | `{}` | The requested resources for the Penpot backend containers |
|
||||||
| backend.service.prepl.port | int | `6063` | |
|
| backend.service.http.port | int | `6060` | The http service port to use. |
|
||||||
| backend.service.prepl.type | string | `"ClusterIP"` | |
|
| backend.service.http.type | string | `"ClusterIP"` | The http service type to create. |
|
||||||
| backend.tolerations | list | `[]` | |
|
| backend.service.prepl.enabled | bool | `false` | Whether to enable the prepl service in the backend. |
|
||||||
| config.apiSecretKey | string | `"kmZ96pAxhTgk3HZvvBkPeVTspGBneKVLEpO_3ecORs_gwACENZ77z05zCe7skvPsQ3jI3QgkULQOWCuLjmjQsg"` | |
|
| backend.service.prepl.port | int | `6063` | The prepl service port to use. |
|
||||||
| config.assets.filesystem.directory | string | `"/opt/data/assets"` | |
|
| backend.service.prepl.type | string | `"ClusterIP"` | The prepl service type to create. |
|
||||||
| config.assets.s3.accessKeyID | string | `""` | |
|
| backend.tolerations | list | `[]` | Tolerations for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) |
|
||||||
| config.assets.s3.bucket | string | `""` | |
|
|
||||||
| config.assets.s3.endpointURI | string | `""` | |
|
### Configuration parameters
|
||||||
| config.assets.s3.existingSecret | string | `""` | |
|
|
||||||
| config.assets.s3.region | string | `""` | |
|
| Key | Type | Default | Description |
|
||||||
| config.assets.s3.secretAccessKey | string | `""` | |
|
|-----|------|---------|-------------|
|
||||||
| config.assets.s3.secretKeys.accessKeyIDKey | string | `""` | |
|
| config.apiSecretKey | string | `"kmZ96pAxhTgk3HZvvBkPeVTspGBneKVLEpO_3ecORs_gwACENZ77z05zCe7skvPsQ3jI3QgkULQOWCuLjmjQsg"` | A random secret key needed for persistent user sessions. Generate with `python3 -c "import secrets; print(secrets.token_urlsafe(64))"` for example. |
|
||||||
| config.assets.s3.secretKeys.endpointURIKey | string | `""` | |
|
| config.assets.filesystem.directory | string | `"/opt/data/assets"` | The storage directory to use if you chose the filesystem storage backend. |
|
||||||
| config.assets.s3.secretKeys.secretAccessKey | string | `""` | |
|
| config.assets.s3.accessKeyID | string | `""` | The S3 access key ID to use if you chose the S3 storage backend. |
|
||||||
| config.assets.storageBackend | string | `"assets-fs"` | |
|
| config.assets.s3.bucket | string | `""` | The name of the S3 bucket to use if you chose the S3 storage backend. |
|
||||||
| config.flags | string | `"enable-registration enable-login-with-password disable-email-verification enable-smtp enable-prepl-server"` | |
|
| config.assets.s3.endpointURI | string | `""` | The S3 endpoint URI to use if you chose the S3 storage backend. |
|
||||||
| config.postgresql.database | string | `"penpot"` | |
|
| config.assets.s3.existingSecret | string | `""` | The name of an existing secret. |
|
||||||
| config.postgresql.existingSecret | string | `""` | |
|
| config.assets.s3.region | string | `""` | The S3 region to use if you chose the S3 storage backend. |
|
||||||
| config.postgresql.host | string | `""` | |
|
| config.assets.s3.secretAccessKey | string | `""` | The S3 secret access key to use if you chose the S3 storage backend. |
|
||||||
| config.postgresql.password | string | `"penpot"` | |
|
| config.assets.s3.secretKeys.accessKeyIDKey | string | `""` | The S3 access key ID to use from an existing secret. |
|
||||||
| config.postgresql.port | int | `5432` | |
|
| config.assets.s3.secretKeys.endpointURIKey | string | `""` | The S3 endpoint URI to use from an existing secret. |
|
||||||
| config.postgresql.secretKeys.passwordKey | string | `""` | |
|
| config.assets.s3.secretKeys.secretAccessKey | string | `""` | The S3 secret access key to use from an existing secret. |
|
||||||
| config.postgresql.secretKeys.usernameKey | string | `""` | |
|
| config.assets.storageBackend | string | `"assets-fs"` | The storage backend for assets to use. Use `assets-fs` for filesystem, and `assets-s3` for S3. |
|
||||||
| config.postgresql.username | string | `"penpot"` | |
|
| config.flags | string | `"enable-registration enable-login-with-password disable-email-verification enable-smtp enable-prepl-server"` | The feature flags to enable. Check [the official docs](https://help.penpot.app/technical-guide/configuration/) for more info. |
|
||||||
| config.providers.existingSecret | string | `""` | |
|
| config.postgresql.database | string | `"penpot"` | The PostgreSQL database to use. |
|
||||||
| config.providers.github.clientID | string | `""` | |
|
| config.postgresql.existingSecret | string | `""` | The name of an existing secret. |
|
||||||
| config.providers.github.clientSecret | string | `""` | |
|
| config.postgresql.host | string | `""` | The PostgreSQL host to connect to. Empty to use dependencies. |
|
||||||
| config.providers.github.enabled | bool | `false` | |
|
| config.postgresql.password | string | `"penpot"` | The database password to use. |
|
||||||
| config.providers.gitlab.baseURI | string | `"https://gitlab.com"` | |
|
| config.postgresql.port | int | `5432` | The PostgreSQL host port to use. |
|
||||||
| config.providers.gitlab.clientID | string | `""` | |
|
| config.postgresql.secretKeys.passwordKey | string | `""` | The password key to use from an existing secret. |
|
||||||
| config.providers.gitlab.clientSecret | string | `""` | |
|
| config.postgresql.secretKeys.usernameKey | string | `""` | The username key to use from an existing secret. |
|
||||||
| config.providers.gitlab.enabled | bool | `false` | |
|
| config.postgresql.username | string | `"penpot"` | The database username to use. |
|
||||||
| config.providers.google.clientID | string | `""` | |
|
| config.providers | object | `{"existingSecret":"","github":{"clientID":"","clientSecret":"","enabled":false},"gitlab":{"baseURI":"https://gitlab.com","clientID":"","clientSecret":"","enabled":false},"google":{"clientID":"","clientSecret":"","enabled":false},"ldap":{"attributesEmail":"mail","attributesFullname":"cn","attributesPhoto":"jpegPhoto","attributesUsername":"uid","baseDN":"ou=people,dc=planetexpress,dc=com","bindDN":"cn=admin,dc=planetexpress,dc=com","bindPassword":"GoodNewsEveryone","enabled":false,"host":"ldap","port":10389,"ssl":false,"startTLS":false,"userQuery":"(&(|(uid=:username)(mail=:username))(memberOf=cn=penpot,ou=groups,dc=my-domain,dc=com))"},"oidc":{"authURI":"","baseURI":"","clientID":"","clientSecret":"","emailAttribute":"","enabled":false,"nameAttribute":"","roles":"role1 role2","rolesAttribute":"","scopes":"scope1 scope2","tokenURI":"","userURI":""},"secretKeys":{"githubClientIDKey":"","githubClientSecretKey":"","gitlabClientIDKey":"","gitlabClientSecretKey":"","googleClientIDKey":"","googleClientSecretKey":"","oidcClientIDKey":"","oidcClientSecretKey":""}}` | Penpot Authentication providers parameters |
|
||||||
| config.providers.google.clientSecret | string | `""` | |
|
| config.providers.existingSecret | string | `""` | The name of an existing secret to use. |
|
||||||
| config.providers.google.enabled | bool | `false` | |
|
| config.providers.github.clientID | string | `""` | The GitHub client ID to use. |
|
||||||
| config.providers.ldap.attributesEmail | string | `"mail"` | |
|
| config.providers.github.clientSecret | string | `""` | The GitHub client secret to use. |
|
||||||
| config.providers.ldap.attributesFullname | string | `"cn"` | |
|
| config.providers.github.enabled | bool | `false` | Whether to enable GitHub configuration. To enable GitHub auth, also add `enable-login-with-github` to the flags. |
|
||||||
| config.providers.ldap.attributesPhoto | string | `"jpegPhoto"` | |
|
| config.providers.gitlab.baseURI | string | `"https://gitlab.com"` | The GitLab base URI to use. |
|
||||||
| config.providers.ldap.attributesUsername | string | `"uid"` | |
|
| config.providers.gitlab.clientID | string | `""` | The GitLab client ID to use. |
|
||||||
| config.providers.ldap.baseDN | string | `"ou=people,dc=planetexpress,dc=com"` | |
|
| config.providers.gitlab.clientSecret | string | `""` | The GitLab client secret to use. |
|
||||||
| config.providers.ldap.bindDN | string | `"cn=admin,dc=planetexpress,dc=com"` | |
|
| config.providers.gitlab.enabled | bool | `false` | Whether to enable GitLab configuration. To enable GitLab auth, also add `enable-login-with-gitlab` to the flags. |
|
||||||
| config.providers.ldap.bindPassword | string | `"GoodNewsEveryone"` | |
|
| config.providers.google.clientID | string | `""` | The Google client ID to use. To enable Google auth, add `enable-login-with-google` to the flags. |
|
||||||
| config.providers.ldap.enabled | bool | `false` | |
|
| config.providers.google.clientSecret | string | `""` | The Google client secret to use. To enable Google auth, add `enable-login-with-google` to the flags. |
|
||||||
| config.providers.ldap.host | string | `"ldap"` | |
|
| config.providers.google.enabled | bool | `false` | Whether to enable Google configuration. To enable Google auth, add `enable-login-with-google` to the flags. |
|
||||||
| config.providers.ldap.port | int | `10389` | |
|
| config.providers.ldap.attributesEmail | string | `"mail"` | The LDAP attributes email to use. |
|
||||||
| config.providers.ldap.ssl | bool | `false` | |
|
| config.providers.ldap.attributesFullname | string | `"cn"` | The LDAP attributes fullname to use. |
|
||||||
| config.providers.ldap.startTLS | bool | `false` | |
|
| config.providers.ldap.attributesPhoto | string | `"jpegPhoto"` | The LDAP attributes photo format to use. |
|
||||||
| config.providers.ldap.userQuery | string | `"(&(|(uid=:username)(mail=:username))(memberOf=cn=penpot,ou=groups,dc=my-domain,dc=com))"` | |
|
| config.providers.ldap.attributesUsername | string | `"uid"` | The LDAP attributes username to use. |
|
||||||
| config.providers.oidc.authURI | string | `""` | |
|
| config.providers.ldap.baseDN | string | `"ou=people,dc=planetexpress,dc=com"` | The LDAP base DN to use. |
|
||||||
| config.providers.oidc.baseURI | string | `""` | |
|
| config.providers.ldap.bindDN | string | `"cn=admin,dc=planetexpress,dc=com"` | The LDAP bind DN to use. |
|
||||||
| config.providers.oidc.clientID | string | `""` | |
|
| config.providers.ldap.bindPassword | string | `"GoodNewsEveryone"` | The LDAP bind password to use. |
|
||||||
| config.providers.oidc.clientSecret | string | `""` | |
|
| config.providers.ldap.enabled | bool | `false` | Whether to enable LDAP configuration. To enable LDAP, also add `enable-login-with-ldap` to the flags. |
|
||||||
| config.providers.oidc.emailAttribute | string | `""` | |
|
| config.providers.ldap.host | string | `"ldap"` | The LDAP host to use. |
|
||||||
| config.providers.oidc.enabled | bool | `false` | |
|
| config.providers.ldap.port | int | `10389` | The LDAP port to use. |
|
||||||
| config.providers.oidc.nameAttribute | string | `""` | |
|
| config.providers.ldap.ssl | bool | `false` | Whether to use SSL for the LDAP connection. |
|
||||||
| config.providers.oidc.roles | string | `"role1 role2"` | |
|
| config.providers.ldap.startTLS | bool | `false` | Whether to utilize StartTLS for the LDAP connection. |
|
||||||
| config.providers.oidc.rolesAttribute | string | `""` | |
|
| config.providers.ldap.userQuery | string | `"(&(|(uid=:username)(mail=:username))(memberOf=cn=penpot,ou=groups,dc=my-domain,dc=com))"` | The LDAP user query to use. |
|
||||||
| config.providers.oidc.scopes | string | `"scope1 scope2"` | |
|
| config.providers.oidc.authURI | string | `""` | Optional OpenID Connect auth URI to use. Auto discovered if not provided. |
|
||||||
| config.providers.oidc.tokenURI | string | `""` | |
|
| config.providers.oidc.baseURI | string | `""` | The OpenID Connect base URI to use. |
|
||||||
| config.providers.oidc.userURI | string | `""` | |
|
| config.providers.oidc.clientID | string | `""` | The OpenID Connect client ID to use. |
|
||||||
| config.providers.secretKeys.githubClientIDKey | string | `""` | |
|
| config.providers.oidc.clientSecret | string | `""` | The OpenID Connect client secret to use. |
|
||||||
| config.providers.secretKeys.githubClientSecretKey | string | `""` | |
|
| config.providers.oidc.emailAttribute | string | `""` | Optional OpenID Connect email attribute to use. If not provided, the `email` prop will be used. |
|
||||||
| config.providers.secretKeys.gitlabClientIDKey | string | `""` | |
|
| config.providers.oidc.enabled | bool | `false` | Whether to enable OIDC configuration. To enable OpenID Connect auth, also add `enable-login-with-oidc` to the flags. |
|
||||||
| config.providers.secretKeys.gitlabClientSecretKey | string | `""` | |
|
| config.providers.oidc.nameAttribute | string | `""` | Optional OpenID Connect name attribute to use. If not provided, the `name` prop will be used. |
|
||||||
| config.providers.secretKeys.googleClientIDKey | string | `""` | |
|
| config.providers.oidc.roles | string | `"role1 role2"` | Optional OpenID Connect roles to use. If no role is provided, roles checking disabled. |
|
||||||
| config.providers.secretKeys.googleClientSecretKey | string | `""` | |
|
| config.providers.oidc.rolesAttribute | string | `""` | Optional OpenID Connect roles attribute to use. If not provided, the roles checking will be disabled. |
|
||||||
| config.providers.secretKeys.oidcClientIDKey | string | `""` | |
|
| config.providers.oidc.scopes | string | `"scope1 scope2"` | Optional OpenID Connect scopes to use. This settings allow overwrite the required scopes, use with caution because penpot requres at least `name` and `email` attrs found on the user info. Optional, defaults to `openid profile`. |
|
||||||
| config.providers.secretKeys.oidcClientSecretKey | string | `""` | |
|
| config.providers.oidc.tokenURI | string | `""` | Optional OpenID Connect token URI to use. Auto discovered if not provided. |
|
||||||
| config.publicUri | string | `"http://penpot.example.com"` | |
|
| config.providers.oidc.userURI | string | `""` | Optional OpenID Connect user URI to use. Auto discovered if not provided. |
|
||||||
| config.redis.database | string | `"0"` | |
|
| config.providers.secretKeys.githubClientIDKey | string | `""` | The GitHub client ID key to use from an existing secret. |
|
||||||
| config.redis.host | string | `""` | |
|
| config.providers.secretKeys.githubClientSecretKey | string | `""` | The GitHub client secret key to use from an existing secret. |
|
||||||
| config.redis.port | int | `6379` | |
|
| config.providers.secretKeys.gitlabClientIDKey | string | `""` | The GitLab client ID key to use from an existing secret. |
|
||||||
| config.registrationDomainWhitelist | string | `""` | |
|
| config.providers.secretKeys.gitlabClientSecretKey | string | `""` | The GitLab client secret key to use from an existing secret. |
|
||||||
| config.smtp.defaultFrom | string | `""` | |
|
| config.providers.secretKeys.googleClientIDKey | string | `""` | The Google client ID key to use from an existing secret. |
|
||||||
| config.smtp.defaultReplyTo | string | `""` | |
|
| config.providers.secretKeys.googleClientSecretKey | string | `""` | The Google client secret key to use from an existing secret. |
|
||||||
| config.smtp.enabled | bool | `false` | |
|
| config.providers.secretKeys.oidcClientIDKey | string | `""` | The OpenID Connect client ID key to use from an existing secret. |
|
||||||
| config.smtp.existingSecret | string | `""` | |
|
| config.providers.secretKeys.oidcClientSecretKey | string | `""` | The OpenID Connect client secret key to use from an existing secret. |
|
||||||
| config.smtp.host | string | `""` | |
|
| config.publicUri | string | `"http://penpot.example.com"` | The public domain to serve Penpot on. Set `disable-secure-session-cookies` in the flags if you plan on serving it on a non HTTPS domain. |
|
||||||
| config.smtp.password | string | `""` | |
|
| config.redis.database | string | `"0"` | The Redis database to connect to. |
|
||||||
| config.smtp.port | string | `""` | |
|
| config.redis.host | string | `""` | The Redis host to connect to. Empty to use dependencies |
|
||||||
| config.smtp.secretKeys.passwordKey | string | `""` | |
|
| config.redis.port | int | `6379` | The Redis host port to use. |
|
||||||
| config.smtp.secretKeys.usernameKey | string | `""` | |
|
| config.registrationDomainWhitelist | string | `""` | Comma separated list of allowed domains to register. Empty to allow all domains. |
|
||||||
| config.smtp.ssl | bool | `false` | |
|
| config.smtp.defaultFrom | string | `""` | The SMTP default email to send from. |
|
||||||
| config.smtp.tls | bool | `true` | |
|
| config.smtp.defaultReplyTo | string | `""` | The SMTP default email to reply to. |
|
||||||
| config.smtp.username | string | `""` | |
|
| config.smtp.enabled | bool | `false` | Whether to enable SMTP configuration. You also need to add the 'enable-smtp' flag to the PENPOT_FLAGS variable. |
|
||||||
| config.telemetryEnabled | bool | `true` | |
|
| config.smtp.existingSecret | string | `""` | The name of an existing secret. |
|
||||||
| exporter.affinity | object | `{}` | |
|
| config.smtp.host | string | `""` | The SMTP host to use. |
|
||||||
| exporter.containerSecurityContext.allowPrivilegeEscalation | bool | `false` | |
|
| config.smtp.password | string | `""` | The SMTP password to use. |
|
||||||
| exporter.containerSecurityContext.capabilities.drop[0] | string | `"all"` | |
|
| config.smtp.port | string | `""` | The SMTP host port to use. |
|
||||||
| exporter.containerSecurityContext.enabled | bool | `true` | |
|
| config.smtp.secretKeys.passwordKey | string | `""` | The SMTP password to use from an existing secret. |
|
||||||
| exporter.containerSecurityContext.readOnlyRootFilesystem | bool | `false` | |
|
| config.smtp.secretKeys.usernameKey | string | `""` | The SMTP username to use from an existing secret. |
|
||||||
| exporter.containerSecurityContext.runAsNonRoot | bool | `true` | |
|
| config.smtp.ssl | bool | `false` | Whether to use SSL for the SMTP connection. |
|
||||||
| exporter.containerSecurityContext.runAsUser | int | `1001` | |
|
| config.smtp.tls | bool | `true` | Whether to use TLS for the SMTP connection. |
|
||||||
| exporter.image.imagePullPolicy | string | `"IfNotPresent"` | |
|
| config.smtp.username | string | `""` | The SMTP username to use. |
|
||||||
| exporter.image.repository | string | `"penpotapp/exporter"` | |
|
| config.telemetryEnabled | bool | `true` | Whether to enable sending of anonymous telemetry data. |
|
||||||
| exporter.image.tag | string | `"2.0.3"` | |
|
|
||||||
| exporter.nodeSelector | object | `{}` | |
|
### Exporter parameters
|
||||||
| exporter.persistence.accessModes[0] | string | `"ReadWriteOnce"` | |
|
|
||||||
| exporter.persistence.annotations | object | `{}` | |
|
| Key | Type | Default | Description |
|
||||||
| exporter.persistence.enabled | bool | `false` | |
|
|-----|------|---------|-------------|
|
||||||
| exporter.persistence.existingClaim | string | `""` | |
|
| exporter.affinity | object | `{}` | Affinity for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) |
|
||||||
| exporter.persistence.size | string | `"10Gi"` | |
|
| exporter.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["all"]},"enabled":true,"readOnlyRootFilesystem":false,"runAsNonRoot":true,"runAsUser":1001}` | Configure Container Security Context. Check [the official doc](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) |
|
||||||
| exporter.persistence.storageClass | string | `""` | |
|
| exporter.containerSecurityContext.allowPrivilegeEscalation | bool | `false` | Set Penpot containers' security context allowPrivilegeEscalation |
|
||||||
| exporter.podSecurityContext.enabled | bool | `true` | |
|
| exporter.containerSecurityContext.capabilities | object | `{"drop":["all"]}` | Set Penpot containers' security context capabilities to be dropped |
|
||||||
| exporter.podSecurityContext.fsGroup | int | `1001` | |
|
| exporter.containerSecurityContext.enabled | bool | `true` | Enabled Penpot containers' security context |
|
||||||
| exporter.replicaCount | int | `1` | |
|
| exporter.containerSecurityContext.readOnlyRootFilesystem | bool | `false` | Set Penpot containers' security context readOnlyRootFilesystem |
|
||||||
| exporter.resources.limits | object | `{}` | |
|
| exporter.containerSecurityContext.runAsNonRoot | bool | `true` | Set Penpot container's security context runAsNonRoot |
|
||||||
| exporter.resources.requests | object | `{}` | |
|
| exporter.containerSecurityContext.runAsUser | int | `1001` | Set Penpot containers' security context runAsUser |
|
||||||
| exporter.service.port | int | `6061` | |
|
| exporter.image.imagePullPolicy | string | `"IfNotPresent"` | The image pull policy to use. |
|
||||||
| exporter.service.type | string | `"ClusterIP"` | |
|
| exporter.image.repository | string | `"penpotapp/exporter"` | The Docker repository to pull the image from. |
|
||||||
| exporter.tolerations | list | `[]` | |
|
| exporter.image.tag | string | `"2.0.3"` | The image tag to use. |
|
||||||
| frontend.affinity | object | `{}` | |
|
| exporter.nodeSelector | object | `{}` | Node labels for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/user-guide/node-selection/) |
|
||||||
| frontend.image.pullPolicy | string | `"IfNotPresent"` | |
|
| exporter.podSecurityContext | object | `{"enabled":true,"fsGroup":1001}` | Configure Pods Security Context. Check [the official doc](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) |
|
||||||
| frontend.image.repository | string | `"penpotapp/frontend"` | |
|
| exporter.podSecurityContext.enabled | bool | `true` | Enabled Penpot pods' security context |
|
||||||
| frontend.image.tag | string | `"2.0.3"` | |
|
| exporter.podSecurityContext.fsGroup | int | `1001` | Set Penpot pod's security context fsGroup |
|
||||||
| frontend.nodeSelector | object | `{}` | |
|
| exporter.replicaCount | int | `1` | The number of replicas to deploy. Enable persistence.exporter if you use more than 1 replicaCount |
|
||||||
| frontend.replicaCount | int | `1` | |
|
| exporter.resources | object | `{"limits":{},"requests":{}}` | Penpot frontend resource requests and limits. Check [the official doc](https://kubernetes.io/docs/user-guide/compute-resources/) |
|
||||||
| frontend.resources.limits | object | `{}` | |
|
| exporter.resources.limits | object | `{}` | The resources limits for the Penpot frontend containers |
|
||||||
| frontend.resources.requests | object | `{}` | |
|
| exporter.resources.requests | object | `{}` | The requested resources for the Penpot frontend containers |
|
||||||
| frontend.service.port | int | `80` | |
|
| exporter.service.port | int | `6061` | The service port to use. |
|
||||||
| frontend.service.type | string | `"ClusterIP"` | |
|
| exporter.service.type | string | `"ClusterIP"` | The service type to create. |
|
||||||
| frontend.tolerations | list | `[]` | |
|
| exporter.tolerations | list | `[]` | Tolerations for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) |
|
||||||
| fullnameOverride | string | `""` | |
|
|
||||||
| global.imagePullSecrets | list | `[]` | |
|
### Frontend parameters
|
||||||
| global.postgresqlEnabled | bool | `false` | |
|
|
||||||
| global.redisEnabled | bool | `false` | |
|
| Key | Type | Default | Description |
|
||||||
| ingress.annotations | object | `{}` | |
|
|-----|------|---------|-------------|
|
||||||
| ingress.className | string | `""` | |
|
| frontend.affinity | object | `{}` | Affinity for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) |
|
||||||
| ingress.enabled | bool | `false` | |
|
| frontend.image.pullPolicy | string | `"IfNotPresent"` | The image pull policy to use. |
|
||||||
| ingress.hosts[0].host | string | `"penpot.example.com"` | |
|
| frontend.image.repository | string | `"penpotapp/frontend"` | The Docker repository to pull the image from. |
|
||||||
| ingress.path | string | `"/"` | |
|
| frontend.image.tag | string | `"2.0.3"` | The image tag to use. |
|
||||||
| ingress.tls | list | `[]` | |
|
| frontend.nodeSelector | object | `{}` | Node labels for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/user-guide/node-selection/) |
|
||||||
| nameOverride | string | `""` | |
|
| frontend.replicaCount | int | `1` | The number of replicas to deploy. |
|
||||||
| persistence.accessModes[0] | string | `"ReadWriteOnce"` | |
|
| frontend.resources | object | `{"limits":{},"requests":{}}` | Penpot frontend resource requests and limits. Check [the official doc](https://kubernetes.io/docs/user-guide/compute-resources/) |
|
||||||
| persistence.annotations | object | `{}` | |
|
| frontend.resources.limits | object | `{}` | The resources limits for the Penpot frontend containers |
|
||||||
| persistence.enabled | string | `"fals"` | |
|
| frontend.resources.requests | object | `{}` | The requested resources for the Penpot frontend containers |
|
||||||
| persistence.existingClaim | string | `""` | |
|
| frontend.service.port | int | `80` | The service port to use. |
|
||||||
| persistence.size | string | `"20Gi"` | |
|
| frontend.service.type | string | `"ClusterIP"` | The service type to create. |
|
||||||
| persistence.storageClass | string | `""` | |
|
| frontend.tolerations | list | `[]` | Tolerations for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) |
|
||||||
| postgresql.auth.database | string | `"penpot"` | |
|
|
||||||
| postgresql.auth.password | string | `"penpot"` | |
|
### Common parameters
|
||||||
| postgresql.auth.username | string | `"penpot"` | |
|
|
||||||
| redis.auth.enabled | bool | `false` | |
|
| Key | Type | Default | Description |
|
||||||
| serviceAccount.annotations | object | `{}` | |
|
|-----|------|---------|-------------|
|
||||||
| serviceAccount.enabled | bool | `true` | |
|
| fullnameOverride | string | `""` | To fully override common.names.fullname |
|
||||||
| serviceAccount.name | string | `"penpot"` | |
|
| nameOverride | string | `""` | To partially override common.names.fullname |
|
||||||
|
| serviceAccount.annotations | object | `{}` | Annotations for service account. Evaluated as a template. |
|
||||||
|
| serviceAccount.enabled | bool | `true` | Specifies whether a ServiceAccount should be created. |
|
||||||
|
| serviceAccount.name | string | `"penpot"` | The name of the ServiceAccount to use. If not set and enabled is true, a name is generated using the fullname template. |
|
||||||
|
|
||||||
|
### Global parameters
|
||||||
|
|
||||||
|
| Key | Type | Default | Description |
|
||||||
|
|-----|------|---------|-------------|
|
||||||
|
| global.imagePullSecrets | list | `[]` | Global Docker registry secret names. E.g. imagePullSecrets: - myRegistryKeySecretName |
|
||||||
|
| global.postgresqlEnabled | bool | `false` | Whether to deploy the Bitnami PostgreSQL chart as subchart. Check [the official chart](https://artifacthub.io/packages/helm/bitnami/postgresql) for configuration. |
|
||||||
|
| global.redisEnabled | bool | `false` | Whether to deploy the Bitnami Redis chart as subchart. Check [the official chart](https://artifacthub.io/packages/helm/bitnami/redis) for configuration. |
|
||||||
|
|
||||||
|
### Ingress parameters
|
||||||
|
|
||||||
|
| Key | Type | Default | Description |
|
||||||
|
|-----|------|---------|-------------|
|
||||||
|
| ingress.annotations | object | `{}` | Mapped annotations for the ingress crontroller. E.g. annotations: kubernetes.io/ingress.class: nginx kubernetes.io/tls-acme: "true" |
|
||||||
|
| ingress.className | string | `""` | The Ingress className. |
|
||||||
|
| ingress.enabled | bool | `false` | Enable (frontend) Ingress Controller. |
|
||||||
|
| ingress.hosts | list | `[{"host":"penpot.example.com"}]` | Array style hosts for the (frontend) ingress crontroller. |
|
||||||
|
| ingress.hosts[0] | object | `{"host":"penpot.example.com"}` | The default external hostname to access to the penpot app. |
|
||||||
|
| ingress.path | string | `"/"` | Root path for every hosts. |
|
||||||
|
| ingress.tls | list | `[]` | Array style TLS secrets for the (frontend) ingress crontroller. E.g. tls: - secretName: penpot.example.com-tls hosts: - penpot.example.com |
|
||||||
|
|
||||||
|
### Persistence parameters
|
||||||
|
|
||||||
|
| Key | Type | Default | Description |
|
||||||
|
|-----|------|---------|-------------|
|
||||||
|
| persistence.assets.accessModes | list | `["ReadWriteOnce"]` | Assets persistent Volume access modes. |
|
||||||
|
| persistence.assets.annotations | object | `{}` | Assetsp ersistent Volume Claim annotations. |
|
||||||
|
| persistence.assets.enabled | string | `"fals"` | Enable assets persistence using Persistent Volume Claims. |
|
||||||
|
| persistence.assets.existingClaim | string | `""` | The name of an existing PVC to use for assets persistence. |
|
||||||
|
| persistence.assets.size | string | `"20Gi"` | Assets persistent Volume size. |
|
||||||
|
| persistence.assets.storageClass | string | `""` | Assets persistent Volume storage class. If defined, storageClassName: <storageClass>. If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. |
|
||||||
|
| persistence.exporter.accessModes | list | `["ReadWriteOnce"]` | Exporter persistent Volume access modes. |
|
||||||
|
| persistence.exporter.annotations | object | `{}` | Exporter persistent Volume Claim annotations. |
|
||||||
|
| persistence.exporter.enabled | bool | `false` | Enable exporter persistence using Persistent Volume Claims. If exporter.replicaCount you have to enable it. |
|
||||||
|
| persistence.exporter.existingClaim | string | `""` | The name of an existing PVC to use for persistence. |
|
||||||
|
| persistence.exporter.size | string | `"10Gi"` | Exporter persistent Volume size. |
|
||||||
|
| persistence.exporter.storageClass | string | `""` | Exporter persistent Volume storage class. Empty is choosing the default provisioner by the provider. |
|
||||||
|
|
||||||
|
### PostgreSQL Dependencie parameters
|
||||||
|
|
||||||
|
| Key | Type | Default | Description |
|
||||||
|
|-----|------|---------|-------------|
|
||||||
|
| postgresql | object | `{"auth":{"database":"penpot","password":"penpot","username":"penpot"}}` | PostgreSQL configuration (Check for [more parameters here](https://artifacthub.io/packages/helm/bitnami/postgresql)) |
|
||||||
|
| postgresql.auth.database | string | `"penpot"` | Name for a custom database to create. |
|
||||||
|
| postgresql.auth.password | string | `"penpot"` | Password for the custom user to create. |
|
||||||
|
| postgresql.auth.username | string | `"penpot"` | Name for a custom user to create. |
|
||||||
|
|
||||||
|
### Redis Dependencie parameters
|
||||||
|
|
||||||
|
| Key | Type | Default | Description |
|
||||||
|
|-----|------|---------|-------------|
|
||||||
|
| redis | object | `{"auth":{"enabled":false}}` | Redis configuration (Check for [more parameters here](https://artifacthub.io/packages/helm/bitnami/redis)) |
|
||||||
|
| redis.auth.enabled | bool | `false` | Whether to enable password authentication. |
|
||||||
|
|
|
@ -1,24 +1,24 @@
|
||||||
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
|
{{- if and .Values.persistence.assets.enabled (not .Values.persistence.assets.existingClaim) -}}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "penpot.fullname" . }}
|
name: {{ include "penpot.fullname" . }}-data-assets
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
{{- include "penpot.labels" . | nindent 4 }}
|
{{- include "penpot.labels" . | nindent 4 }}
|
||||||
{{- if .Values.persistence.annotations }}
|
{{- if .Values.persistence.assets.annotations }}
|
||||||
annotations:
|
annotations:
|
||||||
{{ toYaml .Values.persistence.annotations | indent 4 }}
|
{{ toYaml .Values.persistence.assets.annotations | indent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
accessModes:
|
accessModes:
|
||||||
{{- range .Values.persistence.accessModes }}
|
{{- range .Values.persistence.assets.accessModes }}
|
||||||
- {{ . | quote }}
|
- {{ . | quote }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: {{ .Values.persistence.size | quote }}
|
storage: {{ .Values.persistence.assets.size | quote }}
|
||||||
{{- if .Values.persistence.storageClass }}
|
{{- if .Values.persistence.assets.storageClass }}
|
||||||
storageClassName: "{{ .Values.persistence.storageClass }}"
|
storageClassName: "{{ .Values.persistence.assets.storageClass }}"
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
|
@ -395,9 +395,9 @@ spec:
|
||||||
{{- end }}
|
{{- end }}
|
||||||
volumes:
|
volumes:
|
||||||
- name: app-data
|
- name: app-data
|
||||||
{{- if .Values.persistence.enabled }}
|
{{- if .Values.persistence.assets.enabled }}
|
||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
claimName: {{ .Values.persistence.existingClaim | default ( include "penpot.fullname" . ) }}
|
claimName: {{ .Values.persistence.assets.existingClaim | default ( printf "%s-%s" ( include "penpot.fullname" . ) "data-assets" ) }}
|
||||||
{{- else }}
|
{{- else }}
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
|
@ -67,9 +67,9 @@ spec:
|
||||||
{{- end }}
|
{{- end }}
|
||||||
volumes:
|
volumes:
|
||||||
- name: app-data
|
- name: app-data
|
||||||
{{- if .Values.exporter.persistence.enabled }}
|
{{- if .Values.persistence.exporter.enabled }}
|
||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
claimName: {{ .Values.exporter.persistence.existingClaim | default ( printf "%s-%s" ( include "penpot.fullname" . ) "exporter" ) }}
|
claimName: {{ .Values.persistence.exporter.existingClaim | default ( printf "%s-%s" ( include "penpot.fullname" . ) "data-exporter" ) }}
|
||||||
{{- else }}
|
{{- else }}
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
|
@ -1,24 +1,24 @@
|
||||||
{{- if and .Values.exporter.persistence.enabled (not .Values.exporter.persistence.existingClaim) -}}
|
{{- if and .Values.persistence.exporter.enabled (not .Values.persistence.exporter.existingClaim) -}}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "penpot.fullname" . }}-exporter
|
name: {{ include "penpot.fullname" . }}-data-exporter
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
{{- include "penpot.labels" . | nindent 4 }}
|
{{- include "penpot.labels" . | nindent 4 }}
|
||||||
{{- if .Values.exporter.persistence.annotations }}
|
{{- if .Values.persistence.exporter.annotations }}
|
||||||
annotations:
|
annotations:
|
||||||
{{ toYaml .Values.exporter.persistence.annotations | indent 4 }}
|
{{ toYaml .Values.persistence.exporter.annotations | indent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
accessModes:
|
accessModes:
|
||||||
{{- range .Values.exporter.persistence.accessModes }}
|
{{- range .Values.persistence.exporter.accessModes }}
|
||||||
- {{ . | quote }}
|
- {{ . | quote }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: {{ .Values.exporter.persistence.size | quote }}
|
storage: {{ .Values.persistence.exporter.size | quote }}
|
||||||
{{- if .Values.exporter.persistence.storageClass }}
|
{{- if .Values.persistence.exporter.storageClass }}
|
||||||
storageClassName: "{{ .Values.exporter.persistence.storageClass }}"
|
storageClassName: "{{ .Values.persistence.exporter.storageClass }}"
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
|
@ -66,9 +66,9 @@ spec:
|
||||||
{{- end }}
|
{{- end }}
|
||||||
volumes:
|
volumes:
|
||||||
- name: app-data
|
- name: app-data
|
||||||
{{- if .Values.persistence.enabled }}
|
{{- if .Values.persistence.assets.enabled }}
|
||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
claimName: {{ .Values.persistence.existingClaim | default ( include "penpot.fullname" . ) }}
|
claimName: {{ .Values.persistence.assets.existingClaim | default ( printf "%s-%s" ( include "penpot.fullname" . ) "data-assets" ) }}
|
||||||
{{- else }}
|
{{- else }}
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
|
@ -1,516 +1,600 @@
|
||||||
## Default values for Penpot
|
## Default values for Penpot
|
||||||
|
|
||||||
########################################
|
|
||||||
## @section Global parameters
|
|
||||||
########################################
|
|
||||||
|
|
||||||
## @param global.postgresqlEnabled Whether to deploy the Bitnami PostgreSQL chart as subchart. Check [the official chart](https://artifacthub.io/packages/helm/bitnami/postgresql) for configuration.
|
|
||||||
## @param global.redisEnabled Whether to deploy the Bitnami Redis chart as subchart. Check [the official chart](https://artifacthub.io/packages/helm/bitnami/redis) for configuration.
|
|
||||||
## @param global.imagePullSecrets Global Docker registry secret names as an array.
|
|
||||||
##
|
|
||||||
global:
|
global:
|
||||||
|
# -- Whether to deploy the Bitnami PostgreSQL chart as subchart. Check [the official chart](https://artifacthub.io/packages/helm/bitnami/postgresql) for configuration.
|
||||||
|
# @section -- Global parameters
|
||||||
postgresqlEnabled: false
|
postgresqlEnabled: false
|
||||||
|
# -- Whether to deploy the Bitnami Redis chart as subchart. Check [the official chart](https://artifacthub.io/packages/helm/bitnami/redis) for configuration.
|
||||||
|
# @section -- Global parameters
|
||||||
redisEnabled: false
|
redisEnabled: false
|
||||||
## E.g.
|
# -- Global Docker registry secret names.
|
||||||
## imagePullSecrets:
|
# E.g.
|
||||||
## - myRegistryKeySecretName
|
# imagePullSecrets:
|
||||||
##
|
# - myRegistryKeySecretName
|
||||||
|
# @section -- Global parameters
|
||||||
imagePullSecrets: []
|
imagePullSecrets: []
|
||||||
|
|
||||||
########################################
|
# -- To partially override common.names.fullname
|
||||||
## @section Common parameters
|
# @section -- Common parameters
|
||||||
########################################
|
|
||||||
|
|
||||||
## @param nameOverride String to partially override common.names.fullname
|
|
||||||
##
|
|
||||||
nameOverride: ""
|
nameOverride: ""
|
||||||
## @param fullnameOverride String to fully override common.names.fullname
|
# -- To fully override common.names.fullname
|
||||||
##
|
# @section -- Common parameters
|
||||||
fullnameOverride: ""
|
fullnameOverride: ""
|
||||||
## @param serviceAccount.enabled Specifies whether a ServiceAccount should be created.
|
|
||||||
## @param serviceAccount.annotations Annotations for service account. Evaluated as a template. Only used if `create` is `true`.
|
|
||||||
## @param serviceAccount.name The name of the ServiceAccount to use. If not set and enabled is true, a name is generated using the fullname template.
|
|
||||||
##
|
|
||||||
serviceAccount:
|
serviceAccount:
|
||||||
|
# -- Specifies whether a ServiceAccount should be created.
|
||||||
|
# @section -- Common parameters
|
||||||
enabled: true
|
enabled: true
|
||||||
|
# -- Annotations for service account. Evaluated as a template.
|
||||||
|
# @section -- Common parameters
|
||||||
annotations: {}
|
annotations: {}
|
||||||
|
# -- The name of the ServiceAccount to use. If not set and enabled is true, a name is generated using the fullname template.
|
||||||
|
# @section -- Common parameters
|
||||||
name: "penpot"
|
name: "penpot"
|
||||||
|
|
||||||
########################################
|
|
||||||
## @section Configuration parameters
|
|
||||||
########################################
|
|
||||||
|
|
||||||
config:
|
config:
|
||||||
## @param config.publicUri The public domain to serve Penpot on. Set `disable-secure-session-cookies` in the flags if you plan on serving it on a non HTTPS domain.
|
# -- The public domain to serve Penpot on. Set `disable-secure-session-cookies` in the flags if you plan on serving it on a non HTTPS domain.
|
||||||
## @param config.flags The feature flags to enable. Check [the official docs](https://help.penpot.app/technical-guide/configuration/) for more info.
|
# @section -- Configuration parameters
|
||||||
## @param config.apiSecretKey A random secret key needed for persistent user sessions. Generate with `python3 -c "import secrets; print(secrets.token_urlsafe(64))"` for example.
|
|
||||||
##
|
|
||||||
publicUri: "http://penpot.example.com"
|
publicUri: "http://penpot.example.com"
|
||||||
|
# -- The feature flags to enable. Check [the official docs](https://help.penpot.app/technical-guide/configuration/) for more info.
|
||||||
|
# @section -- Configuration parameters
|
||||||
flags: "enable-registration enable-login-with-password disable-email-verification enable-smtp enable-prepl-server"
|
flags: "enable-registration enable-login-with-password disable-email-verification enable-smtp enable-prepl-server"
|
||||||
|
# -- A random secret key needed for persistent user sessions. Generate with `python3 -c "import secrets; print(secrets.token_urlsafe(64))"` for example.
|
||||||
|
# @section -- Configuration parameters
|
||||||
apiSecretKey: "kmZ96pAxhTgk3HZvvBkPeVTspGBneKVLEpO_3ecORs_gwACENZ77z05zCe7skvPsQ3jI3QgkULQOWCuLjmjQsg"
|
apiSecretKey: "kmZ96pAxhTgk3HZvvBkPeVTspGBneKVLEpO_3ecORs_gwACENZ77z05zCe7skvPsQ3jI3QgkULQOWCuLjmjQsg"
|
||||||
## @param config.postgresql.host The PostgreSQL host to connect to. Empty to use dependencies.
|
# -- Comma separated list of allowed domains to register. Empty to allow all domains.
|
||||||
## @param config.postgresql.port The PostgreSQL host port to use.
|
# @section -- Configuration parameters
|
||||||
## @param config.postgresql.username The database username to use.
|
registrationDomainWhitelist: ""
|
||||||
## @param config.postgresql.password The database password to use.
|
# -- Whether to enable sending of anonymous telemetry data.
|
||||||
## @param config.postgresql.database The PostgreSQL database to use.
|
# @section -- Configuration parameters
|
||||||
## @param config.postgresql.existingSecret The name of an existing secret.
|
telemetryEnabled: true
|
||||||
## @param config.postgresql.secretKeys.usernameKey The username key to use from an existing secret.
|
|
||||||
## @param config.postgresql.secretKeys.passwordKey The password key to use from an existing secret.
|
|
||||||
##
|
|
||||||
postgresql:
|
postgresql:
|
||||||
|
# -- The PostgreSQL host to connect to. Empty to use dependencies.
|
||||||
|
# @section -- Configuration parameters
|
||||||
host: "" # Ex.: "postgresql.penpot.svc.cluster.local"
|
host: "" # Ex.: "postgresql.penpot.svc.cluster.local"
|
||||||
|
# -- The PostgreSQL host port to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
port: 5432
|
port: 5432
|
||||||
|
# -- The database username to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
username: "penpot"
|
username: "penpot"
|
||||||
|
# -- The database password to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
password: "penpot"
|
password: "penpot"
|
||||||
|
# -- The PostgreSQL database to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
database: "penpot"
|
database: "penpot"
|
||||||
|
# -- The name of an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
existingSecret: ""
|
existingSecret: ""
|
||||||
secretKeys:
|
secretKeys:
|
||||||
|
# -- The username key to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
usernameKey: ""
|
usernameKey: ""
|
||||||
|
# -- The password key to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
passwordKey: ""
|
passwordKey: ""
|
||||||
## @param config.redis.host The Redis host to connect to. Empty to use dependencies
|
|
||||||
## @param config.redis.port The Redis host port to use.
|
|
||||||
## @param config.redis.database The Redis database to connect to.
|
|
||||||
##
|
|
||||||
redis:
|
redis:
|
||||||
|
# -- The Redis host to connect to. Empty to use dependencies
|
||||||
|
# @section -- Configuration parameters
|
||||||
host: "" # Ex.: "redis-headless.penpot.svc.cluster.local"
|
host: "" # Ex.: "redis-headless.penpot.svc.cluster.local"
|
||||||
|
# -- The Redis host port to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
port: 6379
|
port: 6379
|
||||||
|
# -- The Redis database to connect to.
|
||||||
|
# @section -- Configuration parameters
|
||||||
database: "0"
|
database: "0"
|
||||||
## @param config.assets.storageBackend The storage backend for assets to use. Use `assets-fs` for filesystem, and `assets-s3` for S3.
|
|
||||||
## @param config.assets.filesystem.directory The storage directory to use if you chose the filesystem storage backend.
|
|
||||||
## @param config.assets.s3.accessKeyID The S3 access key ID to use if you chose the S3 storage backend.
|
|
||||||
## @param config.assets.s3.secretAccessKey The S3 secret access key to use if you chose the S3 storage backend.
|
|
||||||
## @param config.assets.s3.region The S3 region to use if you chose the S3 storage backend.
|
|
||||||
## @param config.assets.s3.bucket The name of the S3 bucket to use if you chose the S3 storage backend.
|
|
||||||
## @param config.assets.s3.endpointURI The S3 endpoint URI to use if you chose the S3 storage backend.
|
|
||||||
## @param config.assets.s3.existingSecret The name of an existing secret.
|
|
||||||
## @param config.assets.s3.secretKeys.accessKeyIDKey The S3 access key ID to use from an existing secret.
|
|
||||||
## @param config.assets.s3.secretKeys.secretAccessKey The S3 secret access key to use from an existing secret.
|
|
||||||
## @param config.assets.s3.secretKeys.endpointURIKey The S3 endpoint URI to use from an existing secret.
|
|
||||||
##
|
|
||||||
assets:
|
assets:
|
||||||
|
# -- The storage backend for assets to use. Use `assets-fs` for filesystem, and `assets-s3` for S3.
|
||||||
|
# @section -- Configuration parameters
|
||||||
storageBackend: "assets-fs"
|
storageBackend: "assets-fs"
|
||||||
filesystem:
|
filesystem:
|
||||||
|
# -- The storage directory to use if you chose the filesystem storage backend.
|
||||||
|
# @section -- Configuration parameters
|
||||||
directory: "/opt/data/assets"
|
directory: "/opt/data/assets"
|
||||||
s3:
|
s3:
|
||||||
|
# -- The S3 access key ID to use if you chose the S3 storage backend.
|
||||||
|
# @section -- Configuration parameters
|
||||||
accessKeyID: ""
|
accessKeyID: ""
|
||||||
|
# -- The S3 secret access key to use if you chose the S3 storage backend.
|
||||||
|
# @section -- Configuration parameters
|
||||||
secretAccessKey: ""
|
secretAccessKey: ""
|
||||||
|
# -- The S3 region to use if you chose the S3 storage backend.
|
||||||
|
# @section -- Configuration parameters
|
||||||
region: ""
|
region: ""
|
||||||
|
# -- The name of the S3 bucket to use if you chose the S3 storage backend.
|
||||||
|
# @section -- Configuration parameters
|
||||||
bucket: ""
|
bucket: ""
|
||||||
|
# -- The S3 endpoint URI to use if you chose the S3 storage backend.
|
||||||
|
# @section -- Configuration parameters
|
||||||
endpointURI: ""
|
endpointURI: ""
|
||||||
|
# -- The name of an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
existingSecret: ""
|
existingSecret: ""
|
||||||
secretKeys:
|
secretKeys:
|
||||||
|
# -- The S3 access key ID to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
accessKeyIDKey: ""
|
accessKeyIDKey: ""
|
||||||
|
# -- The S3 secret access key to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
secretAccessKey: ""
|
secretAccessKey: ""
|
||||||
|
# -- The S3 endpoint URI to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
endpointURIKey: ""
|
endpointURIKey: ""
|
||||||
## @param config.telemetryEnabled Whether to enable sending of anonymous telemetry data.
|
|
||||||
##
|
|
||||||
telemetryEnabled: true
|
|
||||||
## @param config.smtp.enabled Whether to enable SMTP configuration. You also need to add the 'enable-smtp' flag to the PENPOT_FLAGS variable.
|
|
||||||
## @param config.smtp.defaultFrom The SMTP default email to send from.
|
|
||||||
## @param config.smtp.defaultReplyTo The SMTP default email to reply to.
|
|
||||||
## @param config.smtp.host The SMTP host to use.
|
|
||||||
## @param config.smtp.port The SMTP host port to use.
|
|
||||||
## @param config.smtp.username The SMTP username to use.
|
|
||||||
## @param config.smtp.password The SMTP password to use.
|
|
||||||
## @param config.smtp.tls Whether to use TLS for the SMTP connection.
|
|
||||||
## @param config.smtp.ssl Whether to use SSL for the SMTP connection.
|
|
||||||
## @param config.smtp.existingSecret The name of an existing secret.
|
|
||||||
## @param config.smtp.secretKeys.usernameKey The SMTP username to use from an existing secret.
|
|
||||||
## @param config.smtp.secretKeys.passwordKey The SMTP password to use from an existing secret.
|
|
||||||
##
|
|
||||||
smtp:
|
smtp:
|
||||||
|
# -- Whether to enable SMTP configuration. You also need to add the 'enable-smtp' flag to the PENPOT_FLAGS variable.
|
||||||
|
# @section -- Configuration parameters
|
||||||
enabled: false
|
enabled: false
|
||||||
|
# -- The SMTP default email to send from.
|
||||||
|
# @section -- Configuration parameters
|
||||||
defaultFrom: ""
|
defaultFrom: ""
|
||||||
|
# -- The SMTP default email to reply to.
|
||||||
|
# @section -- Configuration parameters
|
||||||
defaultReplyTo: ""
|
defaultReplyTo: ""
|
||||||
|
# -- The SMTP host to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
host: ""
|
host: ""
|
||||||
|
# -- The SMTP host port to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
port: ""
|
port: ""
|
||||||
|
# -- The SMTP username to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
username: ""
|
username: ""
|
||||||
|
# -- The SMTP password to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
password: ""
|
password: ""
|
||||||
|
# -- Whether to use TLS for the SMTP connection.
|
||||||
|
# @section -- Configuration parameters
|
||||||
tls: true
|
tls: true
|
||||||
|
# -- Whether to use SSL for the SMTP connection.
|
||||||
|
# @section -- Configuration parameters
|
||||||
ssl: false
|
ssl: false
|
||||||
|
# -- The name of an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
existingSecret: ""
|
existingSecret: ""
|
||||||
secretKeys:
|
secretKeys:
|
||||||
|
# -- The SMTP username to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
usernameKey: ""
|
usernameKey: ""
|
||||||
|
# -- The SMTP password to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
passwordKey: ""
|
passwordKey: ""
|
||||||
## @param config.registrationDomainWhitelist Comma separated list of allowed domains to register. Empty to allow all domains.
|
|
||||||
##
|
# -- Penpot Authentication providers parameters
|
||||||
registrationDomainWhitelist: ""
|
# @section -- Configuration parameters
|
||||||
## Penpot Authentication providers parameters
|
|
||||||
##
|
|
||||||
providers:
|
providers:
|
||||||
## @param config.providers.google.enabled Whether to enable Google configuration. To enable Google auth, add `enable-login-with-google` to the flags.
|
|
||||||
## @param config.providers.google.clientID The Google client ID to use. To enable Google auth, add `enable-login-with-google` to the flags.
|
|
||||||
## @param config.providers.google.clientSecret The Google client secret to use. To enable Google auth, add `enable-login-with-google` to the flags.
|
|
||||||
##
|
|
||||||
google:
|
google:
|
||||||
|
# -- Whether to enable Google configuration. To enable Google auth, add `enable-login-with-google` to the flags.
|
||||||
|
# @section -- Configuration parameters
|
||||||
enabled: false
|
enabled: false
|
||||||
|
# -- The Google client ID to use. To enable Google auth, add `enable-login-with-google` to the flags.
|
||||||
|
# @section -- Configuration parameters
|
||||||
clientID: ""
|
clientID: ""
|
||||||
|
# -- The Google client secret to use. To enable Google auth, add `enable-login-with-google` to the flags.
|
||||||
|
# @section -- Configuration parameters
|
||||||
clientSecret: ""
|
clientSecret: ""
|
||||||
## @param config.providers.github.enabled Whether to enable GitHub configuration. To enable GitHub auth, also add `enable-login-with-github` to the flags.
|
|
||||||
## @param config.providers.github.clientID The GitHub client ID to use.
|
|
||||||
## @param config.providers.github.clientSecret The GitHub client secret to use.
|
|
||||||
##
|
|
||||||
github:
|
github:
|
||||||
|
# -- Whether to enable GitHub configuration. To enable GitHub auth, also add `enable-login-with-github` to the flags.
|
||||||
|
# @section -- Configuration parameters
|
||||||
enabled: false
|
enabled: false
|
||||||
|
# -- The GitHub client ID to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
clientID: ""
|
clientID: ""
|
||||||
|
# -- The GitHub client secret to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
clientSecret: ""
|
clientSecret: ""
|
||||||
## @param config.providers.gitlab.enabled Whether to enable GitLab configuration. To enable GitLab auth, also add `enable-login-with-gitlab` to the flags.
|
|
||||||
## @param config.providers.gitlab.baseURI The GitLab base URI to use.
|
|
||||||
## @param config.providers.gitlab.clientID The GitLab client ID to use.
|
|
||||||
## @param config.providers.gitlab.clientSecret The GitLab client secret to use.
|
|
||||||
##
|
|
||||||
gitlab:
|
gitlab:
|
||||||
|
# -- Whether to enable GitLab configuration. To enable GitLab auth, also add `enable-login-with-gitlab` to the flags.
|
||||||
|
# @section -- Configuration parameters
|
||||||
enabled: false
|
enabled: false
|
||||||
|
# -- The GitLab base URI to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
baseURI: "https://gitlab.com"
|
baseURI: "https://gitlab.com"
|
||||||
|
# -- The GitLab client ID to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
clientID: ""
|
clientID: ""
|
||||||
|
# -- The GitLab client secret to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
clientSecret: ""
|
clientSecret: ""
|
||||||
## @param config.providers.oidc.enabled Whether to enable OIDC configuration. To enable OpenID Connect auth, also add `enable-login-with-oidc` to the flags.
|
|
||||||
## @param config.providers.oidc.baseURI The OpenID Connect base URI to use.
|
|
||||||
## @param config.providers.oidc.clientID The OpenID Connect client ID to use.
|
|
||||||
## @param config.providers.oidc.clientSecret The OpenID Connect client secret to use.
|
|
||||||
## @param config.providers.oidc.authURI Optional OpenID Connect auth URI to use. Auto discovered if not provided.
|
|
||||||
## @param config.providers.oidc.tokenURI Optional OpenID Connect token URI to use. Auto discovered if not provided.
|
|
||||||
## @param config.providers.oidc.userURI Optional OpenID Connect user URI to use. Auto discovered if not provided.
|
|
||||||
## @param config.providers.oidc.roles Optional OpenID Connect roles to use. If no role is provided, roles checking disabled.
|
|
||||||
## @param config.providers.oidc.rolesAttribute Optional OpenID Connect roles attribute to use. If not provided, the roles checking will be disabled.
|
|
||||||
## @param config.providers.oidc.scopes Optional OpenID Connect scopes to use. This settings allow overwrite the required scopes, use with caution because penpot requres at least `name` and `email` attrs found on the user info. Optional, defaults to `openid profile`.
|
|
||||||
## @param config.providers.oidc.nameAttribute Optional OpenID Connect name attribute to use. If not provided, the `name` prop will be used.
|
|
||||||
## @param config.providers.oidc.emailAttribute Optional OpenID Connect email attribute to use. If not provided, the `email` prop will be used.
|
|
||||||
##
|
|
||||||
oidc:
|
oidc:
|
||||||
|
# -- Whether to enable OIDC configuration. To enable OpenID Connect auth, also add `enable-login-with-oidc` to the flags.
|
||||||
|
# @section -- Configuration parameters
|
||||||
enabled: false
|
enabled: false
|
||||||
|
# -- The OpenID Connect base URI to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
baseURI: ""
|
baseURI: ""
|
||||||
|
# -- The OpenID Connect client ID to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
clientID: ""
|
clientID: ""
|
||||||
|
# -- The OpenID Connect client secret to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
clientSecret: ""
|
clientSecret: ""
|
||||||
|
# -- Optional OpenID Connect auth URI to use. Auto discovered if not provided.
|
||||||
|
# @section -- Configuration parameters
|
||||||
authURI: ""
|
authURI: ""
|
||||||
|
# -- Optional OpenID Connect token URI to use. Auto discovered if not provided.
|
||||||
|
# @section -- Configuration parameters
|
||||||
tokenURI: ""
|
tokenURI: ""
|
||||||
|
# -- Optional OpenID Connect user URI to use. Auto discovered if not provided.
|
||||||
|
# @section -- Configuration parameters
|
||||||
userURI: ""
|
userURI: ""
|
||||||
|
# -- Optional OpenID Connect roles to use. If no role is provided, roles checking disabled.
|
||||||
|
# @section -- Configuration parameters
|
||||||
roles: "role1 role2"
|
roles: "role1 role2"
|
||||||
|
# -- Optional OpenID Connect roles attribute to use. If not provided, the roles checking will be disabled.
|
||||||
|
# @section -- Configuration parameters
|
||||||
rolesAttribute: ""
|
rolesAttribute: ""
|
||||||
|
# -- Optional OpenID Connect scopes to use. This settings allow overwrite the required scopes, use with caution because penpot requres at least `name` and `email` attrs found on the user info. Optional, defaults to `openid profile`.
|
||||||
|
# @section -- Configuration parameters
|
||||||
scopes: "scope1 scope2"
|
scopes: "scope1 scope2"
|
||||||
|
# -- Optional OpenID Connect name attribute to use. If not provided, the `name` prop will be used.
|
||||||
|
# @section -- Configuration parameters
|
||||||
nameAttribute: ""
|
nameAttribute: ""
|
||||||
|
# -- Optional OpenID Connect email attribute to use. If not provided, the `email` prop will be used.
|
||||||
|
# @section -- Configuration parameters
|
||||||
emailAttribute: ""
|
emailAttribute: ""
|
||||||
## @param config.providers.ldap.enabled Whether to enable LDAP configuration. To enable LDAP, also add `enable-login-with-ldap` to the flags.
|
|
||||||
## @param config.providers.ldap.host The LDAP host to use.
|
|
||||||
## @param config.providers.ldap.port The LDAP port to use.
|
|
||||||
## @param config.providers.ldap.ssl Whether to use SSL for the LDAP connection.
|
|
||||||
## @param config.providers.ldap.startTLS Whether to utilize StartTLS for the LDAP connection.
|
|
||||||
## @param config.providers.ldap.baseDN The LDAP base DN to use.
|
|
||||||
## @param config.providers.ldap.bindDN The LDAP bind DN to use.
|
|
||||||
## @param config.providers.ldap.bindPassword The LDAP bind password to use.
|
|
||||||
## @param config.providers.ldap.userQuery The LDAP user query to use.
|
|
||||||
## @param config.providers.ldap.attributesUsername The LDAP attributes username to use.
|
|
||||||
## @param config.providers.ldap.attributesEmail The LDAP attributes email to use.
|
|
||||||
## @param config.providers.ldap.attributesFullname The LDAP attributes fullname to use.
|
|
||||||
## @param config.providers.ldap.attributesPhoto The LDAP attributes photo format to use.
|
|
||||||
##
|
|
||||||
ldap:
|
ldap:
|
||||||
|
# -- Whether to enable LDAP configuration. To enable LDAP, also add `enable-login-with-ldap` to the flags.
|
||||||
|
# @section -- Configuration parameters
|
||||||
enabled: false
|
enabled: false
|
||||||
|
# -- The LDAP host to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
host: "ldap"
|
host: "ldap"
|
||||||
|
# -- The LDAP port to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
port: 10389
|
port: 10389
|
||||||
|
# -- Whether to use SSL for the LDAP connection.
|
||||||
|
# @section -- Configuration parameters
|
||||||
ssl: false
|
ssl: false
|
||||||
|
# -- Whether to utilize StartTLS for the LDAP connection.
|
||||||
|
# @section -- Configuration parameters
|
||||||
startTLS: false
|
startTLS: false
|
||||||
|
# -- The LDAP base DN to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
baseDN: "ou=people,dc=planetexpress,dc=com"
|
baseDN: "ou=people,dc=planetexpress,dc=com"
|
||||||
|
# -- The LDAP bind DN to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
bindDN: "cn=admin,dc=planetexpress,dc=com"
|
bindDN: "cn=admin,dc=planetexpress,dc=com"
|
||||||
|
# -- The LDAP bind password to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
bindPassword: "GoodNewsEveryone"
|
bindPassword: "GoodNewsEveryone"
|
||||||
|
# -- The LDAP user query to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
userQuery: "(&(|(uid=:username)(mail=:username))(memberOf=cn=penpot,ou=groups,dc=my-domain,dc=com))"
|
userQuery: "(&(|(uid=:username)(mail=:username))(memberOf=cn=penpot,ou=groups,dc=my-domain,dc=com))"
|
||||||
|
# -- The LDAP attributes username to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
attributesUsername: "uid"
|
attributesUsername: "uid"
|
||||||
|
# -- The LDAP attributes email to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
attributesEmail: "mail"
|
attributesEmail: "mail"
|
||||||
|
# -- The LDAP attributes fullname to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
attributesFullname: "cn"
|
attributesFullname: "cn"
|
||||||
|
# -- The LDAP attributes photo format to use.
|
||||||
|
# @section -- Configuration parameters
|
||||||
attributesPhoto: "jpegPhoto"
|
attributesPhoto: "jpegPhoto"
|
||||||
## @param config.providers.existingSecret The name of an existing secret to use.
|
# -- The name of an existing secret to use.
|
||||||
## @param config.providers.secretKeys.googleClientIDKey The Google client ID key to use from an existing secret.
|
# @section -- Configuration parameters
|
||||||
## @param config.providers.secretKeys.googleClientSecretKey The Google client secret key to use from an existing secret.
|
|
||||||
## @param config.providers.secretKeys.githubClientIDKey The GitHub client ID key to use from an existing secret.
|
|
||||||
## @param config.providers.secretKeys.githubClientSecretKey The GitHub client secret key to use from an existing secret.
|
|
||||||
## @param config.providers.secretKeys.gitlabClientIDKey The GitLab client ID key to use from an existing secret.
|
|
||||||
## @param config.providers.secretKeys.gitlabClientSecretKey The GitLab client secret key to use from an existing secret.
|
|
||||||
## @param config.providers.secretKeys.oidcClientIDKey The OpenID Connect client ID key to use from an existing secret.
|
|
||||||
## @param config.providers.secretKeys.oidcClientSecretKey The OpenID Connect client secret key to use from an existing secret.
|
|
||||||
##
|
|
||||||
existingSecret: ""
|
existingSecret: ""
|
||||||
secretKeys:
|
secretKeys:
|
||||||
|
# -- The Google client ID key to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
googleClientIDKey: ""
|
googleClientIDKey: ""
|
||||||
|
# -- The Google client secret key to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
googleClientSecretKey: ""
|
googleClientSecretKey: ""
|
||||||
|
# -- The GitHub client ID key to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
githubClientIDKey: ""
|
githubClientIDKey: ""
|
||||||
|
# -- The GitHub client secret key to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
githubClientSecretKey: ""
|
githubClientSecretKey: ""
|
||||||
|
# -- The GitLab client ID key to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
gitlabClientIDKey: ""
|
gitlabClientIDKey: ""
|
||||||
|
# -- The GitLab client secret key to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
gitlabClientSecretKey: ""
|
gitlabClientSecretKey: ""
|
||||||
|
# -- The OpenID Connect client ID key to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
oidcClientIDKey: ""
|
oidcClientIDKey: ""
|
||||||
|
# -- The OpenID Connect client secret key to use from an existing secret.
|
||||||
|
# @section -- Configuration parameters
|
||||||
oidcClientSecretKey: ""
|
oidcClientSecretKey: ""
|
||||||
|
|
||||||
########################################
|
|
||||||
## @section Backend parameters
|
|
||||||
########################################
|
|
||||||
|
|
||||||
backend:
|
backend:
|
||||||
## @param backend.image.repository The Docker repository to pull the image from.
|
|
||||||
## @param backend.image.tag The image tag to use.
|
|
||||||
## @param backend.image.pullPolicy The image pull policy to use.
|
|
||||||
##
|
|
||||||
image:
|
image:
|
||||||
|
# -- The Docker repository to pull the image from.
|
||||||
|
# @section -- Backend parameters
|
||||||
repository: penpotapp/backend
|
repository: penpotapp/backend
|
||||||
|
# -- The image tag to use.
|
||||||
|
# @section -- Backend parameters
|
||||||
tag: 2.0.3
|
tag: 2.0.3
|
||||||
|
# -- The image pull policy to use.
|
||||||
|
# @section -- Backend parameters
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
## @param backend.replicaCount The number of replicas to deploy.
|
# -- The number of replicas to deploy.
|
||||||
##
|
# @section -- Backend parameters
|
||||||
replicaCount: 1
|
replicaCount: 1
|
||||||
## @param backend.service.http.type The http service type to create.
|
|
||||||
## @param backend.service.http.port The http service port to use.
|
|
||||||
## @param backend.service.prepl.enabled Whether to enable the prepl service in the backend.
|
|
||||||
## @param backend.service.prepl.type The prepl service type to create.
|
|
||||||
## @param backend.service.prepl.port The prepl service port to use.
|
|
||||||
service:
|
service:
|
||||||
http:
|
http:
|
||||||
|
# -- The http service type to create.
|
||||||
|
# @section -- Backend parameters
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
|
# -- The http service port to use.
|
||||||
|
# @section -- Backend parameters
|
||||||
port: 6060
|
port: 6060
|
||||||
prepl:
|
prepl:
|
||||||
|
# -- Whether to enable the prepl service in the backend.
|
||||||
|
# @section -- Backend parameters
|
||||||
enabled: false
|
enabled: false
|
||||||
|
# -- The prepl service type to create.
|
||||||
|
# @section -- Backend parameters
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
|
# -- The prepl service port to use.
|
||||||
|
# @section -- Backend parameters
|
||||||
port: 6063
|
port: 6063
|
||||||
## Configure Pods Security Context
|
# -- Configure Pods Security Context. Check [the official doc](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
|
||||||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
# @section -- Backend parameters
|
||||||
## @param backend.podSecurityContext.enabled Enabled Penpot pods' security context
|
|
||||||
## @param backend.podSecurityContext.fsGroup Set Penpot pod's security context fsGroup
|
|
||||||
##
|
|
||||||
podSecurityContext:
|
podSecurityContext:
|
||||||
|
# -- Enabled Penpot pods' security context
|
||||||
|
# @section -- Backend parameters
|
||||||
enabled: true
|
enabled: true
|
||||||
|
# -- Set Penpot pod's security context fsGroup
|
||||||
|
# @section -- Backend parameters
|
||||||
fsGroup: 1001
|
fsGroup: 1001
|
||||||
## Configure Container Security Context
|
# -- Configure Container Security Context. Check [the official doc](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
|
||||||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
# @section -- Backend parameters
|
||||||
## @param backend.containerSecurityContext.enabled Enabled Penpot containers' security context
|
|
||||||
## @param backend.containerSecurityContext.runAsUser Set Penpot containers' security context runAsUser
|
|
||||||
## @param backend.containerSecurityContext.allowPrivilegeEscalation Set Penpot containers' security context allowPrivilegeEscalation
|
|
||||||
## @param backend.containerSecurityContext.capabilities.drop Set Penpot containers' security context capabilities to be dropped
|
|
||||||
## @param backend.containerSecurityContext.readOnlyRootFilesystem Set Penpot containers' security context readOnlyRootFilesystem
|
|
||||||
## @param backend.containerSecurityContext.runAsNonRoot Set Penpot container's security context runAsNonRoot
|
|
||||||
##
|
|
||||||
containerSecurityContext:
|
containerSecurityContext:
|
||||||
|
# -- Enabled Penpot containers' security context
|
||||||
|
# @section -- Backend parameters
|
||||||
enabled: true
|
enabled: true
|
||||||
|
# -- Set Penpot containers' security context runAsUser
|
||||||
|
# @section -- Backend parameters
|
||||||
runAsUser: 1001
|
runAsUser: 1001
|
||||||
|
# -- Set Penpot containers' security context allowPrivilegeEscalation
|
||||||
|
# @section -- Backend parameters
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
|
# -- Set Penpot containers' security context capabilities to be dropped
|
||||||
|
# @section -- Backend parameters
|
||||||
capabilities:
|
capabilities:
|
||||||
drop:
|
drop:
|
||||||
- all
|
- all
|
||||||
|
# -- Set Penpot containers' security context readOnlyRootFilesystem
|
||||||
|
# @section -- Backend parameters
|
||||||
readOnlyRootFilesystem: false
|
readOnlyRootFilesystem: false
|
||||||
|
# -- Set Penpot container's security context runAsNonRoot
|
||||||
|
# @section -- Backend parameters
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
## @param backend.affinity Affinity for Penpot pods assignment
|
# -- Affinity for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity)
|
||||||
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
# @section -- Backend parameters
|
||||||
##
|
|
||||||
affinity: {}
|
affinity: {}
|
||||||
## @param backend.nodeSelector Node labels for Penpot pods assignment
|
# -- Node labels for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/user-guide/node-selection/)
|
||||||
## ref: https://kubernetes.io/docs/user-guide/node-selection/
|
# @section -- Backend parameters
|
||||||
##
|
|
||||||
nodeSelector: {}
|
nodeSelector: {}
|
||||||
## @param backend.tolerations Tolerations for Penpot pods assignment
|
# -- Tolerations for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/)
|
||||||
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
# @section -- Backend parameters
|
||||||
##
|
|
||||||
tolerations: []
|
tolerations: []
|
||||||
## Penpot backend resource requests and limits
|
# -- Penpot backend resource requests and limits. Check [the official doc](https://kubernetes.io/docs/user-guide/compute-resources/)
|
||||||
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
|
# @section -- Backend parameters
|
||||||
## @param backend.resources.limits The resources limits for the Penpot backend containers
|
|
||||||
## @param backend.resources.requests The requested resources for the Penpot backend containers
|
|
||||||
##
|
|
||||||
resources:
|
resources:
|
||||||
|
# -- The resources limits for the Penpot backend containers
|
||||||
|
# @section -- Backend parameters
|
||||||
limits: {}
|
limits: {}
|
||||||
|
# -- The requested resources for the Penpot backend containers
|
||||||
|
# @section -- Backend parameters
|
||||||
requests: {}
|
requests: {}
|
||||||
|
|
||||||
########################################
|
|
||||||
## @section Frontend parameters
|
|
||||||
########################################
|
|
||||||
|
|
||||||
frontend:
|
frontend:
|
||||||
## @param frontend.image.repository The Docker repository to pull the image from.
|
|
||||||
## @param frontend.image.tag The image tag to use.
|
|
||||||
## @param frontend.image.imagePullPolicy The image pull policy to use.
|
|
||||||
##
|
|
||||||
image:
|
image:
|
||||||
|
# -- The Docker repository to pull the image from.
|
||||||
|
# @section -- Frontend parameters
|
||||||
repository: penpotapp/frontend
|
repository: penpotapp/frontend
|
||||||
|
# -- The image tag to use.
|
||||||
|
# @section -- Frontend parameters
|
||||||
tag: 2.0.3
|
tag: 2.0.3
|
||||||
|
# -- The image pull policy to use.
|
||||||
|
# @section -- Frontend parameters
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
## @param frontend.replicaCount The number of replicas to deploy.
|
# -- The number of replicas to deploy.
|
||||||
##
|
# @section -- Frontend parameters
|
||||||
replicaCount: 1
|
replicaCount: 1
|
||||||
## @param frontend.service.type The service type to create.
|
|
||||||
## @param frontend.service.port The service port to use.
|
|
||||||
##
|
|
||||||
service:
|
service:
|
||||||
|
# -- The service type to create.
|
||||||
|
# @section -- Frontend parameters
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
|
# -- The service port to use.
|
||||||
|
# @section -- Frontend parameters
|
||||||
port: 80
|
port: 80
|
||||||
## @param frontend.affinity Affinity for Penpot pods assignment
|
# -- Affinity for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity)
|
||||||
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
# @section -- Frontend parameters
|
||||||
##
|
|
||||||
affinity: {}
|
affinity: {}
|
||||||
## @param frontend.nodeSelector Node labels for Penpot pods assignment
|
# -- Node labels for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/user-guide/node-selection/)
|
||||||
## ref: https://kubernetes.io/docs/user-guide/node-selection/
|
# @section -- Frontend parameters
|
||||||
##
|
|
||||||
nodeSelector: {}
|
nodeSelector: {}
|
||||||
## @param frontend.tolerations Tolerations for Penpot pods assignment
|
# -- Tolerations for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/)
|
||||||
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
# @section -- Frontend parameters
|
||||||
##
|
|
||||||
tolerations: []
|
tolerations: []
|
||||||
## Penpot frontend resource requests and limits
|
# -- Penpot frontend resource requests and limits. Check [the official doc](https://kubernetes.io/docs/user-guide/compute-resources/)
|
||||||
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
|
# @section -- Frontend parameters
|
||||||
## @param frontend.resources.limits The resources limits for the Penpot frontend containers
|
|
||||||
## @param frontend.resources.requests The requested resources for the Penpot frontend containers
|
|
||||||
##
|
|
||||||
resources:
|
resources:
|
||||||
|
# -- The resources limits for the Penpot frontend containers
|
||||||
|
# @section -- Frontend parameters
|
||||||
limits: {}
|
limits: {}
|
||||||
|
# -- The requested resources for the Penpot frontend containers
|
||||||
|
# @section -- Frontend parameters
|
||||||
requests: {}
|
requests: {}
|
||||||
|
|
||||||
########################################
|
|
||||||
## @section Exporter parameters
|
|
||||||
########################################
|
|
||||||
|
|
||||||
exporter:
|
exporter:
|
||||||
## @param exporter.image.repository The Docker repository to pull the image from.
|
|
||||||
## @param exporter.image.tag The image tag to use.
|
|
||||||
## @param exporter.image.imagePullPolicy The image pull policy to use.
|
|
||||||
##
|
|
||||||
image:
|
image:
|
||||||
|
# -- The Docker repository to pull the image from.
|
||||||
|
# @section -- Exporter parameters
|
||||||
repository: penpotapp/exporter
|
repository: penpotapp/exporter
|
||||||
|
# -- The image tag to use.
|
||||||
|
# @section -- Exporter parameters
|
||||||
tag: 2.0.3
|
tag: 2.0.3
|
||||||
|
# -- The image pull policy to use.
|
||||||
|
# @section -- Exporter parameters
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
## @param exporter.replicaCount The number of replicas to deploy. Enable exporter.persistence if you use more than 1 replicaCount
|
# -- The number of replicas to deploy. Enable persistence.exporter if you use more than 1 replicaCount
|
||||||
##
|
# @section -- Exporter parameters
|
||||||
replicaCount: 1
|
replicaCount: 1
|
||||||
## @param exporter.service.type The service type to create.
|
|
||||||
## @param exporter.service.port The service port to use.
|
|
||||||
##
|
|
||||||
service:
|
service:
|
||||||
|
# -- The service type to create.
|
||||||
|
# @section -- Exporter parameters
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
|
# -- The service port to use.
|
||||||
|
# @section -- Exporter parameters
|
||||||
port: 6061
|
port: 6061
|
||||||
|
# -- Configure Pods Security Context. Check [the official doc](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
|
||||||
## @param exporter.persistence.enabled Enable persistence using Persistent Volume Claims. If exporter.replicaCount you have to enable it.
|
# @section -- Exporter parameters
|
||||||
## @param exporter.persistence.storageClass Persistent Volume storage class. Empty is choosing the default provisioner by the provider.
|
|
||||||
## @param exporter.persistence.size Persistent Volume size.
|
|
||||||
## @param exporter.persistence.existingClaim The name of an existing PVC to use for persistence.
|
|
||||||
## @param exporter.persistence.accessModes Persistent Volume access modes.
|
|
||||||
## @param exporter.persistence.annotations Persistent Volume Claim annotations.
|
|
||||||
##
|
|
||||||
persistence:
|
|
||||||
enabled: false
|
|
||||||
storageClass: ""
|
|
||||||
size: 10Gi
|
|
||||||
existingClaim: ""
|
|
||||||
accessModes:
|
|
||||||
- ReadWriteOnce
|
|
||||||
annotations: {}
|
|
||||||
## Configure Pods Security Context
|
|
||||||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
||||||
## @param exporter.podSecurityContext.enabled Enabled Penpot pods' security context
|
|
||||||
## @param exporter.podSecurityContext.fsGroup Set Penpot pod's security context fsGroup
|
|
||||||
##
|
|
||||||
podSecurityContext:
|
podSecurityContext:
|
||||||
|
# -- Enabled Penpot pods' security context
|
||||||
|
# @section -- Exporter parameters
|
||||||
enabled: true
|
enabled: true
|
||||||
|
# -- Set Penpot pod's security context fsGroup
|
||||||
|
# @section -- Exporter parameters
|
||||||
fsGroup: 1001
|
fsGroup: 1001
|
||||||
## Configure Container Security Context
|
# -- Configure Container Security Context. Check [the official doc](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
|
||||||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
# @section -- Exporter parameters
|
||||||
## @param exporter.containerSecurityContext.enabled Enabled Penpot containers' security context
|
|
||||||
## @param exporter.containerSecurityContext.runAsUser Set Penpot containers' security context runAsUser
|
|
||||||
## @param exporter.containerSecurityContext.allowPrivilegeEscalation Set Penpot containers' security context allowPrivilegeEscalation
|
|
||||||
## @param exporter.containerSecurityContext.capabilities.drop Set Penpot containers' security context capabilities to be dropped
|
|
||||||
## @param exporter.containerSecurityContext.readOnlyRootFilesystem Set Penpot containers' security context readOnlyRootFilesystem
|
|
||||||
## @param exporter.containerSecurityContext.runAsNonRoot Set Penpot container's security context runAsNonRoot
|
|
||||||
##
|
|
||||||
containerSecurityContext:
|
containerSecurityContext:
|
||||||
|
# -- Enabled Penpot containers' security context
|
||||||
|
# @section -- Exporter parameters
|
||||||
enabled: true
|
enabled: true
|
||||||
|
# -- Set Penpot containers' security context runAsUser
|
||||||
|
# @section -- Exporter parameters
|
||||||
runAsUser: 1001
|
runAsUser: 1001
|
||||||
|
# -- Set Penpot containers' security context allowPrivilegeEscalation
|
||||||
|
# @section -- Exporter parameters
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
|
# -- Set Penpot containers' security context capabilities to be dropped
|
||||||
|
# @section -- Exporter parameters
|
||||||
capabilities:
|
capabilities:
|
||||||
drop:
|
drop:
|
||||||
- all
|
- all
|
||||||
|
# -- Set Penpot containers' security context readOnlyRootFilesystem
|
||||||
|
# @section -- Exporter parameters
|
||||||
readOnlyRootFilesystem: false
|
readOnlyRootFilesystem: false
|
||||||
|
# -- Set Penpot container's security context runAsNonRoot
|
||||||
|
# @section -- Exporter parameters
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
## @param exporter.affinity Affinity for Penpot pods assignment
|
# -- Affinity for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity)
|
||||||
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
# @section -- Exporter parameters
|
||||||
##
|
|
||||||
affinity: {}
|
affinity: {}
|
||||||
## @param exporter.nodeSelector Node labels for Penpot pods assignment
|
# -- Node labels for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/user-guide/node-selection/)
|
||||||
## ref: https://kubernetes.io/docs/user-guide/node-selection/
|
# @section -- Exporter parameters
|
||||||
##
|
|
||||||
nodeSelector: {}
|
nodeSelector: {}
|
||||||
## @param exporter.tolerations Tolerations for Penpot pods assignment
|
# -- Tolerations for Penpot pods assignment. Check [the official doc](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/)
|
||||||
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
# @section -- Exporter parameters
|
||||||
##
|
|
||||||
tolerations: []
|
tolerations: []
|
||||||
## Penpot exporter resource requests and limits
|
# -- Penpot frontend resource requests and limits. Check [the official doc](https://kubernetes.io/docs/user-guide/compute-resources/)
|
||||||
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
|
# @section -- Exporter parameters
|
||||||
## @param exporter.resources.limits The resources limits for the Penpot exporter containers
|
|
||||||
## @param exporter.resources.requests The requested resources for the Penpot exporter containers
|
|
||||||
##
|
|
||||||
resources:
|
resources:
|
||||||
|
# -- The resources limits for the Penpot frontend containers
|
||||||
|
# @section -- Exporter parameters
|
||||||
limits: {}
|
limits: {}
|
||||||
|
# -- The requested resources for the Penpot frontend containers
|
||||||
|
# @section -- Exporter parameters
|
||||||
requests: {}
|
requests: {}
|
||||||
|
|
||||||
|
# @section -- Persistence parameters
|
||||||
########################################
|
|
||||||
## @section Assets Persistence parameters
|
|
||||||
########################################
|
|
||||||
|
|
||||||
persistence:
|
persistence:
|
||||||
## @param persistence.enabled Enable persistence using Persistent Volume Claims.
|
assets:
|
||||||
##
|
# -- Enable assets persistence using Persistent Volume Claims.
|
||||||
enabled: fals
|
# @section -- Persistence parameters
|
||||||
## @param persistence.storageClass Persistent Volume storage class.
|
enabled: fals
|
||||||
## If defined, storageClassName: <storageClass>.
|
# -- Assets persistent Volume storage class.
|
||||||
## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner.
|
# If defined, storageClassName: <storageClass>.
|
||||||
##
|
# If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner.
|
||||||
storageClass: ""
|
# @section -- Persistence parameters
|
||||||
## @param persistence.size Persistent Volume size.
|
storageClass: ""
|
||||||
##
|
# -- Assets persistent Volume size.
|
||||||
size: 20Gi
|
# @section -- Persistence parameters
|
||||||
## @param persistence.existingClaim The name of an existing PVC to use for persistence.
|
size: 20Gi
|
||||||
##
|
# -- The name of an existing PVC to use for assets persistence.
|
||||||
existingClaim: ""
|
# @section -- Persistence parameters
|
||||||
## @param persistence.accessModes Persistent Volume access modes.
|
existingClaim: ""
|
||||||
##
|
# -- Assets persistent Volume access modes.
|
||||||
accessModes:
|
# @section -- Persistence parameters
|
||||||
- ReadWriteOnce
|
accessModes:
|
||||||
## @param persistence.annotations Persistent Volume Claim annotations.
|
- ReadWriteOnce
|
||||||
##
|
# -- Assetsp ersistent Volume Claim annotations.
|
||||||
annotations: {}
|
# @section -- Persistence parameters
|
||||||
|
annotations: {}
|
||||||
|
exporter:
|
||||||
########################################
|
# -- Enable exporter persistence using Persistent Volume Claims. If exporter.replicaCount you have to enable it.
|
||||||
## @section Ingress parameters
|
# @section -- Persistence parameters
|
||||||
########################################
|
enabled: false
|
||||||
|
# -- Exporter persistent Volume storage class. Empty is choosing the default provisioner by the provider.
|
||||||
|
# @section -- Persistence parameters
|
||||||
|
storageClass: ""
|
||||||
|
# -- Exporter persistent Volume size.
|
||||||
|
# @section -- Persistence parameters
|
||||||
|
size: 10Gi
|
||||||
|
# -- The name of an existing PVC to use for persistence.
|
||||||
|
# @section -- Persistence parameters
|
||||||
|
existingClaim: ""
|
||||||
|
# -- Exporter persistent Volume access modes.
|
||||||
|
# @section -- Persistence parameters
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteOnce
|
||||||
|
# -- Exporter persistent Volume Claim annotations.
|
||||||
|
# @section -- Persistence parameters
|
||||||
|
annotations: {}
|
||||||
|
|
||||||
ingress:
|
ingress:
|
||||||
|
# -- Enable (frontend) Ingress Controller.
|
||||||
|
# @section -- Ingress parameters
|
||||||
enabled: false
|
enabled: false
|
||||||
|
# -- The Ingress className.
|
||||||
|
# @section -- Ingress parameters
|
||||||
className: ""
|
className: ""
|
||||||
|
# -- Mapped annotations for the ingress crontroller.
|
||||||
|
# E.g.
|
||||||
|
# annotations:
|
||||||
|
# kubernetes.io/ingress.class: nginx
|
||||||
|
# kubernetes.io/tls-acme: "true"
|
||||||
|
# @section -- Ingress parameters
|
||||||
annotations: {}
|
annotations: {}
|
||||||
# kubernetes.io/ingress.class: nginx
|
# -- Root path for every hosts.
|
||||||
# kubernetes.io/tls-acme: "true"
|
# @section -- Ingress parameters
|
||||||
path: "/"
|
path: "/"
|
||||||
|
# -- Array style hosts for the (frontend) ingress crontroller.
|
||||||
|
# @section -- Ingress parameters
|
||||||
hosts:
|
hosts:
|
||||||
|
# -- The default external hostname to access to the penpot app.
|
||||||
|
# @section -- Ingress parameters
|
||||||
- host: penpot.example.com
|
- host: penpot.example.com
|
||||||
|
# -- Array style TLS secrets for the (frontend) ingress crontroller.
|
||||||
|
# E.g.
|
||||||
|
# tls:
|
||||||
|
# - secretName: penpot.example.com-tls
|
||||||
|
# hosts:
|
||||||
|
# - penpot.example.com
|
||||||
|
# @section -- Ingress parameters
|
||||||
tls: []
|
tls: []
|
||||||
# - secretName: penpot.example.com-tls
|
|
||||||
# hosts:
|
|
||||||
# - penpot.example.com
|
|
||||||
|
|
||||||
|
# -- PostgreSQL configuration (Check for [more parameters here](https://artifacthub.io/packages/helm/bitnami/postgresql))
|
||||||
########################################
|
# @section -- PostgreSQL Dependencie parameters
|
||||||
## @section PostgreSQL configuration (Check for [more parameters here](https://artifacthub.io/packages/helm/bitnami/postgresql))
|
|
||||||
########################################
|
|
||||||
|
|
||||||
## @param postgresql.auth.username Name for a custom user to create.
|
|
||||||
## @param postgresql.auth.password Password for the custom user to create.
|
|
||||||
## @param postgresql.auth.database Name for a custom database to create.
|
|
||||||
##
|
|
||||||
postgresql:
|
postgresql:
|
||||||
auth:
|
auth:
|
||||||
|
# -- Name for a custom user to create.
|
||||||
|
# @section -- PostgreSQL Dependencie parameters
|
||||||
username: "penpot"
|
username: "penpot"
|
||||||
|
# -- Password for the custom user to create.
|
||||||
|
# @section -- PostgreSQL Dependencie parameters
|
||||||
password: "penpot"
|
password: "penpot"
|
||||||
|
# -- Name for a custom database to create.
|
||||||
|
# @section -- PostgreSQL Dependencie parameters
|
||||||
database: "penpot"
|
database: "penpot"
|
||||||
|
|
||||||
########################################
|
# -- Redis configuration (Check for [more parameters here](https://artifacthub.io/packages/helm/bitnami/redis))
|
||||||
## @section Redis configuration (Check for [more parameters here](https://artifacthub.io/packages/helm/bitnami/redis))
|
# @section -- Redis Dependencie parameters
|
||||||
########################################
|
|
||||||
|
|
||||||
## @param redis.auth.enabled Whether to enable password authentication.
|
|
||||||
##
|
|
||||||
redis:
|
redis:
|
||||||
auth:
|
auth:
|
||||||
|
# -- Whether to enable password authentication.
|
||||||
|
# @section -- Redis Dependencie parameters
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
|
@ -7,19 +7,20 @@ config:
|
||||||
publicUri: "http://localhost"
|
publicUri: "http://localhost"
|
||||||
apiSecretKey: "my-secret-key"
|
apiSecretKey: "my-secret-key"
|
||||||
|
|
||||||
# backend:
|
#backend:
|
||||||
# replicaCount: 2
|
# replicaCount: 2
|
||||||
|
|
||||||
# frontend:
|
#frontend:
|
||||||
# replicaCount: 2
|
# replicaCount: 2
|
||||||
|
|
||||||
# exporter:
|
#exporter:
|
||||||
# replicaCount: 2
|
# replicaCount: 2
|
||||||
# persistence:
|
|
||||||
# enabled: true
|
|
||||||
|
|
||||||
persistence:
|
persistence:
|
||||||
enabled: true
|
assets:
|
||||||
|
enabled: true
|
||||||
|
exporter:
|
||||||
|
enabled: true
|
||||||
|
|
||||||
ingress:
|
ingress:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
Loading…
Reference in a new issue