forked from fpoussin/nhost-helm
-
Notifications
You must be signed in to change notification settings - Fork 0
/
values.yaml
329 lines (272 loc) · 6.33 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
# Default values for nhost.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# nameOverride -- String to partially override the deployment name (will maintain the release name)
nameOverride: ""
# -- String to fully override the deployment name
fullnameOverride: ""
# commonLabels -- Labels to append to all resources
commonLabels: {}
# foo: bar
imagePullSecrets: []
## Global settings
global:
logLevel: INFO
unauthorizedRole: public
# -- HTTP auth for NHost dashboard and Hasura console. Disabled when password is empty.
dashboard:
user: admin
password: ""
# -- Shared ingress settings
ingress:
enableTls: false
className: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
secrets:
jwtKey: 5152fa850c02dc222631cca898ed1485821a70912a6e3649c49076912daa3b62182ba013315915d64f40cddfbb8b58eb5bd11ba225336a6af45bbae07ca873f3
admin: nhost-admin-secret
auth:
# -- Hasura-auth can be disabled when using an external auth prodiver
enabled: true
# -- Auth log level
logLevel: info
# -- Auth hostname
hostname: nhost.local
# -- Extra env vars
env:
AUTH_EMAIL_PASSWORDLESS_ENABLED: 'true'
# -- Ignored when using Mailhog (mailhog.enabled == true)
smtp:
host: smtp.nhost.io
port: 25
user: user
password: changeme
sender: [email protected]
image:
repository: nhost/hasura-auth
pullPolicy: IfNotPresent
tag: "0.19.1"
replicaCount: 1
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 5
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
# -- NHost dashboard
dashboard:
# --
enabled: true
# -- Dashboard hostname
hostname: nhost-dashboard.local
# -- Dashboard env mode
env: prod
image:
repository: nhost/dashboard
pullPolicy: IfNotPresent
tag: "0.13.10"
replicaCount: 1
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 5
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
# -- Serverless functions
functions:
# -- Enable serverless functions
enabled: true
persistence:
# -- Persistent volume size
size: 1Gi
image:
repository: nhost/functions
pullPolicy: IfNotPresent
tag: "0.1.8"
replicaCount: 1
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 5
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
storage:
# -- Ignored when using Minio
s3:
access_key: ""
secret_key: ""
endpoint: ""
bucket: ""
image:
repository: nhost/hasura-storage
pullPolicy: IfNotPresent
tag: "0.3.4"
replicaCount: 1
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 5
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
# -- Main API
graphql:
enableConsole: true
logLevel: info
unauthorizedRole: public
# -- API and console can have different hostnames
hostnames:
api: nhost.local
console: nhost-console.local
# -- You can enable persistance before migrations in order to copy the needed files
# `kubectl cp` can be used for that
persistence:
enabled: true
size: 1Gi
# -- persistence is required for this to work
migrations:
enabled: false
image:
repository: hasura/graphql-engine
pullPolicy: IfNotPresent
tag: v2.21.0-ce.cli-migrations-v3
replicaCount: 1
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 5
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
# -- Migrations API
migrations:
enabled: true
hostname: nhost-migrations.local
logLevel: debug
image:
repository: fpoussin/hasura-cli
pullPolicy: IfNotPresent
tag: v2.21.0-bind-fix
replicaCount: 1
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 5
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
##
## 3rd party services used for development
##
mailhog:
enabled: true
ingress:
enabled: true
ingressClassName: nginx
hosts:
- host: mailhog.local
paths:
- path: "/"
pathType: Prefix
minio:
enabled: true
persistence:
size: 1Gi
defaultBuckets: nhost
auth:
rootUser: admin
rootPassword: youshouldchangethis
forceNewKeys: true
##
## PostgreSQL Database
##
postgresql:
enabled: true
auth:
enablePostgresUser: true
postgresPassword: changethisadminpassword
username: nhost
password: changemeaswell
database: nhost
image:
debug: true
volumePermissions:
enabled: true
primary:
persistence:
size: 1Gi
initdb:
scripts:
0001-create-schema.sql: |
CREATE SCHEMA IF NOT EXISTS auth;
CREATE SCHEMA IF NOT EXISTS storage;
CREATE EXTENSION IF NOT EXISTS pgcrypto WITH SCHEMA public;
CREATE EXTENSION IF NOT EXISTS citext WITH SCHEMA public;
CREATE OR REPLACE FUNCTION public.set_current_timestamp_updated_at() RETURNS trigger LANGUAGE plpgsql AS $$
declare _new record;
begin _new := new;
_new."updated_at" = now();
return _new;
end;
$$;
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
nodeSelector: {}
tolerations: []
affinity: {}