--- # Default values for newchart. # This is a YAML-formatted file. # Declare variables to be passed into your templates. image: repository: collabora/code pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. tag: "" imagePullSecrets: [] nameOverride: "" fullnameOverride: "" terminationGracePeriodSeconds: 60 serviceAccount: # Specifies whether a service account should be created create: false # Annotations to add to the service account annotations: {} # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" collabora: # example to add aliasgroups # - host: "://:" # aliases: ["://:, ://:"] aliasgroups: [] extra_params: --o:ssl.enable=false # External hostname:port of the server running coolwsd. # If empty, it's derived from the request (please set it if this doesn't work). # May be specified when behind a reverse-proxy or when the hostname is not reachable directly. server_name: null existingSecret: enabled: false secretName: "" usernameKey: "username" passwordKey: "password" password: examplepass username: admin env: [] prometheus: servicemonitor: enabled: false labels: {} rules: enabled: false additionalLabels: {} defaults: enabled: true errorServiceUnavailable: critical: 50 warning: 2 info: 0 errorStorageConnections: critical: 50 warning: 2 info: 0 docs: duplicated: 50 pod: critical: 10 warning: 8 info: 5 sum: critical: 500 warning: 200 info: 50 viewers: pod: critical: 100 warning: 80 info: 60 doc: critical: 50 warning: 40 info: 30 sum: critical: 15000 warning: 12000 info: 5000 additionalRules: [] grafana: dashboards: enabled: false labels: grafana_dashboard: "1" annotations: {} podAnnotations: {} podSecurityContext: {} # fsGroup: 2000 securityContext: {} # readOnlyRootFilesystem: false # privileged: true # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 service: type: ClusterIP port: 9980 annotations: {} deployment: # Use StatefulSet or Deployment kind: Deployment containerPort: 9980 type: RollingUpdate minReadySeconds: 0 maxUnavailable: 0 maxSurge: 1 # info on how to use hostAliases: https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/ # note: different from aliasgroups hostAliases: null probes: startup: enabled: true failureThreshold: 30 periodSeconds: 3 readiness: enabled: true initialDelaySeconds: 0 periodSeconds: 10 timeoutSeconds: 30 successThreshold: 1 failureThreshold: 2 liveness: enabled: true initialDelaySeconds: 0 periodSeconds: 10 timeoutSeconds: 30 successThreshold: 1 failureThreshold: 4 ingress: enabled: false className: "" annotations: {} # # nginx # nginx.ingress.kubernetes.io/upstream-hash-by: "$arg_WOPISrc" # # block admin urls from outside # nginx.ingress.kubernetes.io/server-snippet: | # location /cool/getMetrics { deny all; return 403; } # location /cool/adminws/ { deny all; return 403; } # location /browser/dist/admin/admin.html { deny all; return 403; } # # # HAProxy # haproxy.org/timeout-tunnel: "3600s" # haproxy.org/backend-config-snippet: | # mode http # balance leastconn # stick-table type string len 2048 size 1k store conn_cur # http-request set-var(txn.wopisrcconns) url_param(WOPISrc),table_conn_cur() # http-request track-sc1 url_param(WOPISrc) # stick match url_param(WOPISrc) if { var(txn.wopisrcconns) -m int gt 0 } # stick store-request url_param(WOPISrc) # # # HAProxy - Community: https://haproxy-ingress.github.io/ # haproxy-ingress.github.io/timeout-tunnel: 3600s # haproxy-ingress.github.io/balance-algorithm: url_param WOPISrc check_post # haproxy-ingress.github.io/config-backend: # hash-type consistent # # block admin urls from outside # acl admin_url path_beg /cool/getMetrics # acl admin_url path_beg /cool/adminws/ # acl admin_url path_beg /browser/dist/admin/admin.html # http-request deny if admin_url # hosts: - host: chart-example.local paths: - path: / pathType: ImplementationSpecific tls: [] # - secretName: chart-example-tls # hosts: # - chart-example.local # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. resources: {} # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi replicaCount: 1 autoscaling: enabled: true minReplicas: 2 maxReplicas: 100 targetCPUUtilizationPercentage: 70 targetMemoryUtilizationPercentage: 50 dynamicConfig: enabled: false image: repository: nginx tag: 1.25 pullPolicy: IfNotPresent replicaCount: 1 podAnnotations: [] podSecurityContext: {} securityContext: {} # configVolumeType: configMap # configMap or pvc existingConfigMap: enabled: false name: "" upload: enabled: false image: repository: "twostoryrobot/simple-file-upload" digest: 547fc4360b31d8604b7a26202914e87cd13609cc938fd83f412c77eb44aa1cc4 key: TESTKEY pvc: size: 1Gi accessMode: "ReadWriteOnce" # storageClassName: "" service: port: 8090 ingress: enabled: false className: "" annotations: {} hosts: - host: chart-example.local paths: - path: / pathType: ImplementationSpecific tls: [] # - secretName: chart-example-tls # hosts: # - chart-example.local containerPort: 80 probes: startup: enabled: true failureThreshold: 30 periodSeconds: 2 readiness: enabled: true initialDelaySeconds: 0 periodSeconds: 10 timeoutSeconds: 30 successThreshold: 1 failureThreshold: 2 liveness: enabled: true initialDelaySeconds: 0 periodSeconds: 10 timeoutSeconds: 30 successThreshold: 1 failureThreshold: 4 env: [] resources: {} nodeSelector: {} tolerations: [] affinity: {} service: port: 8080 ingress: enabled: false className: "" annotations: {} hosts: - host: chart-example.local paths: - path: / pathType: ImplementationSpecific tls: [] # - secretName: chart-example-tls # hosts: # - chart-example.local configuration: | {} trusted_certs_install: enabled: false trusted_certs: [] nodeSelector: {} tolerations: [] affinity: {}