sheppy/opendesk
1
0
Fork 0
mirror of https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git synced 2025-12-06 07:21:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
04a2e7b25f5de75198b03456f5875d176b039a69
opendesk/helmfile/apps/cryptpad/values.yaml.gotmpl
Dominik Kaminski 7348547d96 feat(helmfile): Add fine-granular registry overwrites
2024-08-29 10:43:55 +00:00

85 lines
2.2 KiB
Go Template
Raw Blame History

{{/*
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
SPDX-License-Identifier: Apache-2.0
*/}}
---
# https://github.com/cryptpad/helm/blob/main/charts/cryptpad/README.md or
# https://github.com/cryptpad/helm/blob/main/charts/cryptpad/values.yaml
# Disable registration and access to unregistered users:
# (https://docs.cryptpad.org/en/admin_guide/customization.html#application-config)
application_config:
availablePadTypes:
- "diagram"
# Deactivating public access breaks nextcloud plugin!
# registeredOnlyTypes:
# - "diagram"
autoscaling:
enabled: false
enableEmbedding: true
fullnameOverride: "cryptpad"
image:
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.cryptpad.registry }}/{{ .Values.images.cryptpad.repository }}"
tag: {{ .Values.images.cryptpad.tag | quote }}
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
imagePullSecrets:
{{- range .Values.global.imagePullSecrets }}
- name: {{ . | quote }}
{{- end }}
ingress:
enabled: {{ .Values.ingress.enabled }}
annotations:
nginx.org/websocket-services: "cryptpad"
className: {{ .Values.ingress.ingressClassName | quote }}
hosts:
- host: "{{ .Values.global.hosts.cryptpad }}.{{ .Values.global.domain }}"
paths:
- path: "/"
pathType: "ImplementationSpecific"
tls:
- secretName: {{ .Values.ingress.tls.secretName | quote }}
hosts:
- "{{ .Values.global.hosts.cryptpad }}.{{ .Values.global.domain }}"
persistence:
enabled: false
podSecurityContext:
fsGroup: 4001
replicaCount: {{ .Values.replicas.cryptpad }}
resources:
{{ .Values.resources.cryptpad | toYaml | nindent 2 }}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
privileged: false
seccompProfile:
type: "RuntimeDefault"
readOnlyRootFilesystem: false
runAsNonRoot: true
runAsUser: 4001
runAsGroup: 4001
seLinuxOptions:
{{ .Values.seLinuxOptions.cryptpad | toYaml | nindent 4 }}
serviceAccount:
create: true
workloadStateful: false
...
Reference in New Issue View Git Blame Copy Permalink