mirror of
https://github.com/rtomik/helm-charts.git
synced 2026-04-05 09:40:38 +00:00
259 lines
4.9 KiB
YAML
259 lines
4.9 KiB
YAML
## Global settings
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
## Image settings
|
|
image:
|
|
repository: ghcr.io/mealie-recipes/mealie
|
|
tag: "v3.2.1"
|
|
pullPolicy: IfNotPresent
|
|
|
|
## Deployment settings
|
|
replicaCount: 1
|
|
revisionHistoryLimit: 3
|
|
|
|
# Pod security settings
|
|
podSecurityContext:
|
|
runAsNonRoot: false
|
|
runAsUser: 911
|
|
fsGroup: 911
|
|
|
|
containerSecurityContext:
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
|
|
## Pod scheduling
|
|
nodeSelector: {}
|
|
tolerations: []
|
|
affinity: {}
|
|
|
|
## Service settings
|
|
service:
|
|
type: ClusterIP
|
|
port: 9000
|
|
|
|
## Ingress settings
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
hosts:
|
|
- host: mealie.domain.com
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- hosts:
|
|
- mealie.domain.com
|
|
|
|
## Persistence settings
|
|
persistence:
|
|
enabled: false
|
|
storageClass: ""
|
|
accessMode: ReadWriteOnce
|
|
size: 5Gi
|
|
annotations: {}
|
|
|
|
## Resource limits and requests
|
|
# resources:
|
|
# limits:
|
|
# cpu: 1000m
|
|
# memory: 1000Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 256Mi
|
|
|
|
## Application health checks
|
|
probes:
|
|
liveness:
|
|
enabled: true
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 30
|
|
timeoutSeconds: 10
|
|
failureThreshold: 3
|
|
successThreshold: 1
|
|
path: /
|
|
readiness:
|
|
enabled: true
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 3
|
|
successThreshold: 1
|
|
path: /
|
|
|
|
## Autoscaling configuration
|
|
autoscaling:
|
|
enabled: false
|
|
minReplicas: 1
|
|
maxReplicas: 3
|
|
targetCPUUtilizationPercentage: 80
|
|
targetMemoryUtilizationPercentage: 80
|
|
|
|
## Environment variables
|
|
env:
|
|
# General Settings
|
|
PUID: "911"
|
|
PGID: "911"
|
|
DEFAULT_GROUP: "Home"
|
|
DEFAULT_HOUSEHOLD: "Family"
|
|
BASE_URL: "http://localhost:9000"
|
|
TOKEN_TIME: "48"
|
|
API_PORT: "9000"
|
|
API_DOCS: "true"
|
|
TZ: "UTC"
|
|
ALLOW_SIGNUP: "false"
|
|
ALLOW_PASSWORD_LOGIN: "true"
|
|
LOG_LEVEL: "info"
|
|
DAILY_SCHEDULE_TIME: "23:45"
|
|
|
|
# Security
|
|
SECURITY_MAX_LOGIN_ATTEMPTS: "5"
|
|
SECURITY_USER_LOCKOUT_TIME: "24"
|
|
|
|
# Database
|
|
DB_ENGINE: "postgres" # postgres or sqlite
|
|
|
|
# Webworker
|
|
UVICORN_WORKERS: "1"
|
|
|
|
# Extra environment variables (for advanced use cases)
|
|
extraEnv: []
|
|
# - name: POSTGRES_USER
|
|
# value: "mealie"
|
|
# - name: POSTGRES_PASSWORD
|
|
# value: "mealie"
|
|
# - name: POSTGRES_SERVER
|
|
# value: "postgres"
|
|
# - name: POSTGRES_PORT
|
|
# value: "5432"
|
|
# - name: POSTGRES_DB
|
|
# value: "mealie"
|
|
|
|
# Extra volume mounts
|
|
extraVolumeMounts: []
|
|
|
|
# Extra volumes
|
|
extraVolumes: []
|
|
|
|
## PostgreSQL configuration (when using external database)
|
|
postgresql:
|
|
enabled: false
|
|
# External PostgreSQL settings
|
|
external:
|
|
enabled: false
|
|
host: ""
|
|
port: 5432
|
|
database: "mealie"
|
|
user: "mealie"
|
|
password: ""
|
|
# Use existing secret for database credentials
|
|
existingSecret: ""
|
|
userKey: "username"
|
|
passwordKey: "password"
|
|
|
|
## SMTP Email configuration
|
|
email:
|
|
enabled: false
|
|
host: ""
|
|
port: 587
|
|
fromName: "Mealie"
|
|
authStrategy: "TLS" # TLS, SSL, NONE
|
|
fromEmail: ""
|
|
user: ""
|
|
password: ""
|
|
# Use existing secret for SMTP credentials
|
|
existingSecret: ""
|
|
userKey: "smtp-user"
|
|
passwordKey: "smtp-password"
|
|
|
|
## LDAP Authentication
|
|
ldap:
|
|
enabled: false
|
|
serverUrl: ""
|
|
tlsInsecure: false
|
|
tlsCaCertFile: ""
|
|
enableStartTls: false
|
|
baseDn: ""
|
|
queryBind: ""
|
|
queryPassword: ""
|
|
userFilter: ""
|
|
adminFilter: ""
|
|
idAttribute: "uid"
|
|
nameAttribute: "name"
|
|
mailAttribute: "mail"
|
|
# Use existing secret for LDAP credentials
|
|
existingSecret: ""
|
|
passwordKey: "ldap-password"
|
|
|
|
## OpenID Connect (OIDC)
|
|
oidc:
|
|
enabled: false
|
|
signupEnabled: true
|
|
configurationUrl: ""
|
|
clientId: ""
|
|
clientSecret: ""
|
|
userGroup: ""
|
|
adminGroup: ""
|
|
autoRedirect: false
|
|
providerName: "OAuth"
|
|
rememberMe: false
|
|
signingAlgorithm: "RS256"
|
|
userClaim: "email"
|
|
nameClaim: "name"
|
|
groupsClaim: "groups"
|
|
scopesOverride: ""
|
|
tlsCaCertFile: ""
|
|
# Use existing secret for OIDC credentials
|
|
existingSecret: ""
|
|
clientIdKey: "oidc-client-id"
|
|
clientSecretKey: "oidc-client-secret"
|
|
|
|
## OpenAI Integration
|
|
openai:
|
|
enabled: false
|
|
baseUrl: ""
|
|
apiKey: ""
|
|
model: "gpt-4o"
|
|
customHeaders: ""
|
|
customParams: ""
|
|
enableImageServices: true
|
|
workers: 2
|
|
sendDatabaseData: true
|
|
requestTimeout: 60
|
|
# Use existing secret for OpenAI API key
|
|
existingSecret: ""
|
|
apiKeyKey: "openai-api-key"
|
|
|
|
## TLS Configuration
|
|
tls:
|
|
enabled: false
|
|
certificatePath: ""
|
|
privateKeyPath: ""
|
|
# Use existing secret for TLS certificates
|
|
existingSecret: ""
|
|
certificateKey: "tls.crt"
|
|
privateKeyKey: "tls.key"
|
|
|
|
## Theming
|
|
theme:
|
|
light:
|
|
primary: "#E58325"
|
|
accent: "#007A99"
|
|
secondary: "#973542"
|
|
success: "#43A047"
|
|
info: "#1976D2"
|
|
warning: "#FF6D00"
|
|
error: "#EF5350"
|
|
dark:
|
|
primary: "#E58325"
|
|
accent: "#007A99"
|
|
secondary: "#973542"
|
|
success: "#43A047"
|
|
info: "#1976D2"
|
|
warning: "#FF6D00"
|
|
error: "#EF5350" |