## Global settings nameOverride: "" fullnameOverride: "" ## Image settings image: repository: donetick/donetick tag: latest pullPolicy: IfNotPresent ## Deployment settings replicaCount: 1 revisionHistoryLimit: 3 # Optional startup arguments startupArgs: [] # - "--skip-migrations" # Uncomment to skip database migrations on startup # Pod security settings podSecurityContext: runAsNonRoot: true runAsUser: 1000 fsGroup: 1000 containerSecurityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true capabilities: drop: - ALL ## Pod scheduling nodeSelector: {} tolerations: [] affinity: {} ## Service settings service: type: ClusterIP port: 2021 ## Ingress settings ingress: enabled: true className: "traefik" annotations: traefik.ingress.kubernetes.io/router.entrypoints: websecure hosts: - host: donetick.tomik.lat paths: - path: / pathType: Prefix tls: - hosts: - donetick.tomik.lat # Optional: specify the name of an existing TLS secret # secretName: "existing-tls-secret" ## Persistence settings persistence: enabled: true storageClass: "longhorn" accessMode: ReadWriteOnce size: 1Gi annotations: {} ## Environment variables env: - name: DT_ENV value: selfhosted - name: DT_SQLITE_PATH value: /donetick-data/donetick.db # Extra environment variables (for advanced use cases) extraEnv: [] # - name: DT_LOG_LEVEL # value: "debug" # - name: DT_SKIP_MIGRATIONS # value: "true" # Extra volume mounts extraVolumeMounts: [] # Extra volumes extraVolumes: [] ## Resource limits and requests resources: limits: cpu: 500m memory: 512Mi requests: cpu: 100m memory: 128Mi ## Application health checks probes: liveness: enabled: true initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 path: /health readiness: enabled: true initialDelaySeconds: 5 periodSeconds: 5 timeoutSeconds: 3 failureThreshold: 3 successThreshold: 1 path: /health ## Autoscaling configuration autoscaling: enabled: false minReplicas: 1 maxReplicas: 5 targetCPUUtilizationPercentage: 80 targetMemoryUtilizationPercentage: 80 ## Application configuration config: name: "selfhosted" is_done_tick_dot_com: false is_user_creation_disabled: false # Notification settings telegram: token: "" pushover: token: "" # Database configuration database: type: "sqlite" migration: true # Migration options migration_skip: false # Set to true to skip database migrations migration_retry: 3 # Number of retries for failed migrations # These are only required for postgres - direct configuration host: "" port: 5432 user: "" password: "" name: "" # Secret configuration for database credentials existingSecret: "" # Name of existing Kubernetes secret hostKey: "db-host" # Key in the secret for database host portKey: "db-port" # Key in the secret for database port userKey: "db-user" # Key in the secret for database user passwordKey: "db-password" # Key in the secret for database password nameKey: "db-name" # Key in the secret for database name # Security settings # For production, use a generated secret and store in a Kubernetes Secret jwt: existingSecret: "" # Set this to use an existing secret secretKey: "jwtSecret" # The key in the secret where JWT secret is stored secret: "changeme-this-secret-should-be-at-least-32-characters-long" # Only used if existingSecret is not set session_time: 168h max_refresh: 168h # Server configuration server: port: 2021 read_timeout: 10s write_timeout: 10s rate_period: 60s rate_limit: 300 cors_allow_origins: - "http://localhost:5173" - "http://localhost:7926" # The below are required for the android app to work - "https://localhost" - "capacitor://localhost" serve_frontend: true # Scheduler configuration scheduler_jobs: due_job: 30m overdue_job: 3h pre_due_job: 3h # Email settings email: host: "" port: "" key: "" email: "" appHost: "" # OAuth2 configuration oauth2: # Direct configuration client_id: "" client_secret: "" # Secret configuration - alternative to direct configuration existingSecret: "" # Name of existing Kubernetes secret clientIdKey: "client-id" # Key in the secret for client ID clientSecretKey: "client-secret" # Key in the secret for client secret # Other OAuth2 settings auth_url: "" token_url: "" user_info_url: "" redirect_url: "" name: ""