apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ include "donetick.fullname" . }}-configmap
  labels:
    {{- include "donetick.labels" . | nindent 4 }}
data:
  selfhosted.yaml: |
    name: {{ .Values.config.name | quote }}
    is_done_tick_dot_com: {{ .Values.config.is_done_tick_dot_com }}
    is_user_creation_disabled: {{ .Values.config.is_user_creation_disabled }}
    telegram:
      token: {{ .Values.config.telegram.token | default "" | quote }}
    pushover:
      token: {{ .Values.config.pushover.token | default "" | quote }}
    database:
      type: {{ .Values.config.database.type | default "sqlite" | quote }}
      migration: {{ .Values.config.database.migration }}
      {{- if .Values.config.database.migration_skip }}
      migration_skip: {{ .Values.config.database.migration_skip }}
      {{- end }}
      {{- if .Values.config.database.migration_retry }}
      migration_retry: {{ .Values.config.database.migration_retry }}
      {{- end }}
      {{- if eq .Values.config.database.type "postgres" }}
      {{- if not .Values.config.database.existingSecret }}
      host: {{ .Values.config.database.host | quote }}
      port: {{ .Values.config.database.port }}
      user: {{ .Values.config.database.user | quote }}
      password: {{ .Values.config.database.password | quote }}
      name: {{ .Values.config.database.name | quote }}
      {{- else }}
      # Database credentials will be injected via environment variables from Secret
      {{- end }}
      {{- end }}
    jwt:
      {{- if .Values.config.jwt.existingSecret }}
      # Secret will be injected from Secret
      {{- else }}
      secret: {{ .Values.config.jwt.secret | quote }}
      {{- end }}
      session_time: {{ .Values.config.jwt.session_time | quote }}
      max_refresh: {{ .Values.config.jwt.max_refresh | quote }}
    server:
      port: {{ .Values.config.server.port }}
      read_timeout: {{ .Values.config.server.read_timeout | quote }}
      write_timeout: {{ .Values.config.server.write_timeout | quote }}
      rate_period: {{ .Values.config.server.rate_period | quote }}
      rate_limit: {{ .Values.config.server.rate_limit }}
      cors_allow_origins:
        {{- range .Values.config.server.cors_allow_origins }}
        - {{ . | quote }}
        {{- end }}
      serve_frontend: {{ .Values.config.server.serve_frontend }}
    scheduler_jobs:
      due_job: {{ .Values.config.scheduler_jobs.due_job | quote }}
      overdue_job: {{ .Values.config.scheduler_jobs.overdue_job | quote }}
      pre_due_job: {{ .Values.config.scheduler_jobs.pre_due_job | quote }}
    email:
      host: {{ .Values.config.email.host | default "" | quote }}
      port: {{ .Values.config.email.port | default "" | quote }}
      key: {{ .Values.config.email.key | default "" | quote }}
      email: {{ .Values.config.email.email | default "" | quote }}
      appHost: {{ .Values.config.email.appHost | default "" | quote }}
    oauth2:
      {{- if .Values.config.oauth2.existingSecret }}
      # Client ID and Secret will be injected from Secret
      {{- else }}
      client_id: {{ .Values.config.oauth2.client_id | default "" | quote }}
      client_secret: {{ .Values.config.oauth2.client_secret | default "" | quote }}
      {{- end }}
      auth_url: {{ .Values.config.oauth2.auth_url | default "" | quote }}
      token_url: {{ .Values.config.oauth2.token_url | default "" | quote }}
      user_info_url: {{ .Values.config.oauth2.user_info_url | default "" | quote }}
      redirect_url: {{ .Values.config.oauth2.redirect_url | default "" | quote }}
      name: {{ .Values.config.oauth2.name | default "" | quote }}