# Default values for wg-portal.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

# -- Partially override resource names (adds suffix)
# @section -- Common
nameOverride: ''
# -- Fully override resource names
# @section -- Common
fullnameOverride: ''
# -- Array of extra objects to deploy with the release
# @section -- Common
extraDeploy: []

# https://github.com/h44z/wg-portal/blob/master/README.md#configuration-options
config:
  # -- (tpl/object) Advanced configuration options.
  # @section -- Configuration
  advanced: {}
  # -- (tpl/object) Auth configuration options.
  # @section -- Configuration
  auth: {}
  # -- (tpl/object) Core configuration options.<br>
  # @section -- Configuration
  # If external admins in `auth` are not defined and
  # there are no `admin_user` and `admin_password` defined here,
  # the default credentials will be generated.
  core: {}
  # -- (tpl/object) Database configuration options
  # @section -- Configuration
  database: {}
  # -- (tpl/object) Mail configuration options
  # @section -- Configuration
  mail: {}
  # -- (tpl/object) Statistics configuration options
  # @section -- Configuration
  statistics: {}
  # -- (tpl/object) Web configuration options.<br>
  # @section -- Configuration
  # The chart will set `listening_address` automatically from `service.web.port`,
  # and `external_url` from `ingress.host` if enabled.
  web: {}

# -- The number of old ReplicaSets to retain to allow rollback.
# @section -- Parameters
# @default -- `10`
revisionHistoryLimit: ''
# -- Workload type - `Deployment` or `StatefulSet`
# @section -- Parameters
workloadType: Deployment
# -- Update strategy for the workload
# Valid values are:
#  `RollingUpdate` or `Recreate` for Deployment,
#  `RollingUpdate` or `OnDelete` for StatefulSet
# @section -- Parameters
strategy:
  type: RollingUpdate

image:
  # -- Image repository
  # @section -- Parameters
  repository: ghcr.io/h44z/wg-portal
  # -- Image pull policy
  # @section -- Parameters
  pullPolicy: IfNotPresent
  # -- Overrides the image tag whose default is the chart appVersion
  # @section -- Parameters
  tag: ''

# -- Image pull secrets
# @section -- Parameters
imagePullSecrets: []

# -- (tpl/object) Extra annotations to add to the pod
# @section -- Parameters
podAnnotations: {}

# -- Extra labels to add to the pod
# @section -- Parameters
podLabels: {}

# -- Pod Security Context
# @section -- Parameters
podSecurityContext: {}

# Container Security Context
securityContext:
  capabilities:
    # -- Add capabilities to the container
    # @section -- Parameters
    add:
      - NET_ADMIN

# -- (tpl/list) Pod init containers
# @section -- Parameters
initContainers: []
# -- (tpl/list) Pod sidecar containers
# @section -- Parameters
sidecarContainers: []

# -- Set DNS policy for the pod.
# Valid values are `ClusterFirstWithHostNet`, `ClusterFirst`, `Default` or `None`.
# @default -- `"ClusterFirst"`
# @section -- Parameters
dnsPolicy: ''

# -- Restart policy for all containers within the pod.
# Valid values are `Always`, `OnFailure` or `Never`.
# @default -- `"Always"`
# @section -- Parameters
restartPolicy: ''

# -- Use the host's network namespace.
# @default -- `false`.
# @section -- Parameters
hostNetwork: ''

# -- Resources requests and limits
# @section -- Parameters
resources: {}

# -- Overwrite pod command
# @section -- Parameters
command: []

# -- Additional pod arguments
# @section -- Parameters
args: []

# -- (tpl/list) Additional environment variables
# @section -- Parameters
env: []

# -- (tpl/list) Additional environment variables from a secret or configMap
# @section -- Parameters
envFrom: []

# -- Liveness probe configuration
# @ignore
livenessProbe:
  failureThreshold: 10
  httpGet:
    path: /
    port: http

# -- Readiness probe configuration
# @ignore
readinessProbe:
  httpGet:
    path: /
    port: http

# -- Startup probe configuration
# @ignore
startupProbe:
  initialDelaySeconds: 5
  failureThreshold: 10
  httpGet:
    path: /
    port: http
    scheme: HTTP

# -- (tpl/list) Additional volumes
# @section -- Parameters
volumes: []

# -- (tpl/list) Additional volumeMounts
# @section -- Parameters
volumeMounts: []

# -- Node Selector configuration
# @section -- Parameters
nodeSelector:
  kubernetes.io/os: linux

# -- Tolerations configuration
# @section -- Parameters
tolerations: []

# -- Affinity configuration
# @section -- Parameters
affinity: {}

service:
  web:
    # -- Annotations for the web service
    # @section -- Traffic exposure
    annotations: {}
    # -- Web service type
    # @section -- Traffic exposure
    type: ClusterIP
    # -- Web service port
    # Used for the web interface listener
    # @section -- Traffic exposure
    port: 8888
  wireguard:
    # -- Annotations for the WireGuard service
    # @section -- Traffic exposure
    annotations: {}
    # -- Wireguard service type
    # @section -- Traffic exposure
    type: LoadBalancer
    # -- Wireguard service ports.
    # Exposes the WireGuard ports for created interfaces.
    # Lowerest port is selected as start port for the first interface.
    # Increment next port by 1 for each additional interface.
    # @section -- Traffic exposure
    ports:
      - 51820

ingress:
  # -- Specifies whether an ingress resource should be created
  # @section -- Traffic exposure
  enabled: false
  # -- Ingress class name
  # @section -- Traffic exposure
  className: ''
  # -- Ingress annotations
  # @section -- Traffic exposure
  # @section -- Traffic exposure
  annotations: {}
  # -- Ingress host FQDN
  # @section -- Traffic exposure
  host: ''
  # -- Ingress path type
  # @section -- Traffic exposure
  pathType: ImplementationSpecific
  # -- Ingress path
  # @section -- Traffic exposure
  path: /
  # -- Ingress TLS configuration
  # @section -- Traffic exposure
  tls: []
  #  - secretName: wg-portal-example-tls
  #    hosts:
  #      - wg-portal.example.local

persistence:
  # -- Specifies whether an persistent volume should be created
  # @section -- Persistence
  enabled: false
  # -- Persistent Volume Claim annotations
  # @section -- Persistence
  annotations: {}
  # -- Persistent Volume storage class.
  # If undefined (the default) cluster's default provisioner will be used.
  # @section -- Persistence
  storageClass: ''
  # -- Persistent Volume Access Mode
  # @section -- Persistence
  accessMode: ReadWriteOnce
  # -- Persistent Volume size
  # @section -- Persistence
  size: 1Gi

serviceAccount:
  # -- Specifies whether a service account should be created
  # @section -- RBAC
  create: true
  # -- Service account annotations
  # @section -- RBAC
  annotations: {}
  # -- Automatically mount a ServiceAccount's API credentials
  # @section -- RBAC
  automount: false
  # -- The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  # @section -- RBAC
  name: ''