mirror of
https://github.com/rtomik/helm-charts.git
synced 2026-04-05 09:40:38 +00:00
248 lines
5.5 KiB
YAML
248 lines
5.5 KiB
YAML
## Global settings
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
## Image settings
|
|
image:
|
|
repository: donetick/donetick
|
|
tag: "v0.1.60"
|
|
pullPolicy: IfNotPresent
|
|
|
|
imagePullSecrets: []
|
|
|
|
## Deployment settings
|
|
replicaCount: 1
|
|
revisionHistoryLimit: 3
|
|
|
|
# Optional startup arguments
|
|
startupArgs: []
|
|
# - "--skip-migrations" # Uncomment to skip database migrations on startup
|
|
|
|
# Pod security settings
|
|
podSecurityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
fsGroup: 1000
|
|
|
|
containerSecurityContext:
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: true
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
|
|
## Pod scheduling
|
|
nodeSelector: {}
|
|
tolerations: []
|
|
affinity: {}
|
|
|
|
## Pod annotations
|
|
podAnnotations: {}
|
|
|
|
## Service settings
|
|
service:
|
|
type: ClusterIP
|
|
port: 2021
|
|
annotations: {}
|
|
|
|
## Ingress settings
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
hosts:
|
|
- host: donetick.domain.com
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- hosts:
|
|
- donetick.domain.com
|
|
# Optional: specify the name of an existing TLS secret
|
|
# secretName: "existing-tls-secret"
|
|
|
|
## Persistence settings
|
|
persistence:
|
|
enabled: false
|
|
storageClass: ""
|
|
accessMode: ReadWriteOnce
|
|
size: 1Gi
|
|
annotations: {}
|
|
|
|
## Environment variables
|
|
env:
|
|
- name: DT_ENV
|
|
value: selfhosted
|
|
- name: DT_SQLITE_PATH
|
|
value: /donetick-data/donetick.db
|
|
|
|
# Extra environment variables (for advanced use cases)
|
|
extraEnv: []
|
|
# - name: DT_LOG_LEVEL
|
|
# value: "debug"
|
|
# - name: DT_SKIP_MIGRATIONS
|
|
# value: "true"
|
|
|
|
# Extra volume mounts
|
|
extraVolumeMounts: []
|
|
|
|
# Extra volumes
|
|
extraVolumes: []
|
|
|
|
## Resource limits and requests
|
|
resources: {}
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
# limits:
|
|
# cpu: 500m
|
|
# memory: 512Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
|
|
## Application health checks
|
|
probes:
|
|
startup:
|
|
enabled: true
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 30
|
|
successThreshold: 1
|
|
path: /health
|
|
liveness:
|
|
enabled: true
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
path: /health
|
|
readiness:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 5
|
|
timeoutSeconds: 3
|
|
failureThreshold: 3
|
|
successThreshold: 1
|
|
path: /health
|
|
|
|
## Autoscaling configuration
|
|
autoscaling:
|
|
enabled: false
|
|
minReplicas: 1
|
|
maxReplicas: 5
|
|
targetCPUUtilizationPercentage: 80
|
|
targetMemoryUtilizationPercentage: 80
|
|
|
|
## Application configuration
|
|
config:
|
|
name: "selfhosted"
|
|
is_done_tick_dot_com: false
|
|
is_user_creation_disabled: false
|
|
|
|
# Notification settings
|
|
telegram:
|
|
token: ""
|
|
pushover:
|
|
token: ""
|
|
|
|
# Database configuration
|
|
database:
|
|
type: "sqlite"
|
|
migration: true
|
|
# Migration options
|
|
migration_skip: false # Set to true to skip database migrations
|
|
migration_retry: 3 # Number of retries for failed migrations
|
|
|
|
# These are only required for postgres
|
|
host: ""
|
|
port: 5432
|
|
name: ""
|
|
|
|
# Secret configuration for postgres credentials
|
|
secrets:
|
|
existingSecret: "" # Name of existing Kubernetes secret containing postgres credentials
|
|
userKey: "username" # Key in the secret for database username
|
|
passwordKey: "password" # Key in the secret for database password
|
|
|
|
# Security settings
|
|
# For production, use a generated secret and store in a Kubernetes Secret
|
|
jwt:
|
|
existingSecret: "" # Set this to use an existing secret
|
|
secretKey: "jwtSecret" # The key in the secret where JWT secret is stored
|
|
secret: "changeme-this-secret-should-be-at-least-32-characters-long" # Only used if existingSecret is not set
|
|
session_time: 168h
|
|
max_refresh: 168h
|
|
|
|
# Server configuration
|
|
server:
|
|
port: 2021
|
|
read_timeout: 10s
|
|
write_timeout: 10s
|
|
rate_period: 60s
|
|
rate_limit: 300
|
|
cors_allow_origins:
|
|
- "http://localhost:5173"
|
|
- "http://localhost:7926"
|
|
# The below are required for the android app to work
|
|
- "https://localhost"
|
|
- "capacitor://localhost"
|
|
serve_frontend: true
|
|
|
|
# Scheduler configuration
|
|
scheduler_jobs:
|
|
due_job: 30m
|
|
overdue_job: 3h
|
|
pre_due_job: 3h
|
|
|
|
# Email settings
|
|
email:
|
|
host: ""
|
|
port: ""
|
|
key: ""
|
|
email: ""
|
|
appHost: ""
|
|
|
|
# OAuth2 configuration
|
|
oauth2:
|
|
# Direct configuration
|
|
client_id: ""
|
|
client_secret: ""
|
|
# Secret configuration - alternative to direct configuration
|
|
existingSecret: "" # Name of existing Kubernetes secret
|
|
clientIdKey: "client-id" # Key in the secret for client ID
|
|
clientSecretKey: "client-secret" # Key in the secret for client secret
|
|
# Other OAuth2 settings
|
|
auth_url: ""
|
|
token_url: ""
|
|
user_info_url: ""
|
|
redirect_url: ""
|
|
name: ""
|
|
|
|
# Real-time configuration
|
|
realtime:
|
|
max_connections: 100
|
|
ping_interval: "30s"
|
|
pong_wait: "60s"
|
|
write_wait: "10s"
|
|
max_message_size: 512
|
|
|
|
# Logging configuration
|
|
logging:
|
|
level: "info"
|
|
format: "json"
|
|
|
|
# Storage configuration
|
|
storage:
|
|
type: "local"
|
|
path: "/donetick-data/uploads"
|
|
|
|
# Feature flags
|
|
features:
|
|
notifications: true
|
|
realtime: true
|
|
oauth: false |