mirror of
https://gitlab.com/deepcypher/dc-kc.git
synced 2026-01-27 11:12:08 +00:00
204 lines
5.7 KiB
YAML
204 lines
5.7 KiB
YAML
psql:
|
|
enabled: true
|
|
|
|
valkey:
|
|
enabled: true
|
|
valkey:
|
|
persistence:
|
|
enabled: true
|
|
|
|
oidc:
|
|
realm:
|
|
name: deepcypher
|
|
ref: owncloak-deepcypher
|
|
config:
|
|
ref: owncloak
|
|
|
|
# https://goharbor.io/docs/2.13.0/install-config/harbor-ha-helm/
|
|
harbor:
|
|
enabled: true
|
|
logLevel: info # debug, info, warning, error, fatal
|
|
|
|
expose:
|
|
type: ingress
|
|
tls:
|
|
enabled: true
|
|
ingress:
|
|
hosts:
|
|
core: harbor.deepcypher.me
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-dns
|
|
traefik.ingress.kubernetes.io/router.middlewares: traefik-headers@kubernetescrd
|
|
|
|
externalURL: https://harbor.deepcypher.me
|
|
|
|
database:
|
|
type: external
|
|
external:
|
|
host: psql-rw
|
|
port: 5432
|
|
username: harbor
|
|
# key must be password in secret
|
|
existingSecret: psql
|
|
coreDatabase: harbor
|
|
|
|
redis:
|
|
type: external
|
|
external:
|
|
addr: "harbor-valkey:6379"
|
|
tlsOptions:
|
|
enable: false
|
|
|
|
persistence:
|
|
enabled: true
|
|
resourcePolicy: "delete"
|
|
persistentVolumeClaim:
|
|
registry:
|
|
size: 64Gi
|
|
accessMode: ReadWriteMany
|
|
jobservice:
|
|
jobLog:
|
|
size: 2Gi
|
|
accessMode: ReadWriteMany
|
|
# # Using external so not needed
|
|
# database:
|
|
# size: 4Gi
|
|
# redis:
|
|
# size: 2Gi
|
|
trivy:
|
|
size: 8Gi
|
|
accessMode: ReadWriteMany
|
|
imageChartStorage:
|
|
type: filesystem
|
|
|
|
existingSecretAdminPassword: "harbor-admin"
|
|
existingSecretAdminPasswordKey: "password"
|
|
# FOR THE LOVE OF GOD, MAKE SURE IT IS 16 CHARS LONG FOR ENCRYPTION SECRET KEY
|
|
# stupid arbitrary limitation: https://github.com/goharbor/harbor/issues/12158#issuecomment-651344033
|
|
existingSecretSecretKey: "harbor-encryption" # the key must be at .data.secretKey
|
|
|
|
metrics:
|
|
enabled: true
|
|
serviceMonitor:
|
|
enabled: true
|
|
trace:
|
|
enabled: false # until alloy is ready
|
|
|
|
# setting to non-dockerhub images
|
|
jobservice:
|
|
image:
|
|
repository: ghcr.io/goharbor/harbor-jobservice
|
|
# leaving empty to use chart matching versions
|
|
# tag: v2.14.2 # renovate: datasource=docker depName=ghcr.io/goharbor/harbor-jobservice
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/arch
|
|
operator: In
|
|
values:
|
|
# - arm64
|
|
- amd64
|
|
|
|
registry:
|
|
replicas: 2
|
|
registry:
|
|
image:
|
|
repository: ghcr.io/goharbor/registry-photon
|
|
# leaving empty to use chart matching versions
|
|
# tag: v2.13.2 # renovate: datasource=docker depName=ghcr.io/goharbor/registry-photon
|
|
controller:
|
|
image:
|
|
repository: ghcr.io/goharbor/harbor-registryctl
|
|
# leaving empty to use chart matching versions
|
|
# tag: v2.13.2 # renovate: datasource=docker depName=ghcr.io/goharbor/harbor-registryctl
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/arch
|
|
operator: In
|
|
values:
|
|
# - arm64
|
|
- amd64
|
|
|
|
trivy:
|
|
image:
|
|
repository: ghcr.io/goharbor/trivy-adapter-photon
|
|
# leaving empty to use chart matching versions
|
|
# tag: v2.13.2 # renovate: datasource=docker depName=ghcr.io/goharbor/trivy-adapter-photon
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/arch
|
|
operator: In
|
|
values:
|
|
# - arm64
|
|
- amd64
|
|
|
|
exporter:
|
|
image:
|
|
repository: ghcr.io/goharbor/harbor-exporter
|
|
# leaving empty to use chart matching versions
|
|
# tag: v2.13.2 # renovate: datasource=docker depName=ghcr.io/goharbor/harbor-exporter
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/arch
|
|
operator: In
|
|
values:
|
|
# - arm64
|
|
- amd64
|
|
|
|
portal:
|
|
replicas: 2
|
|
image:
|
|
repository: ghcr.io/goharbor/harbor-portal
|
|
# leaving empty to use chart matching versions
|
|
# tag: v2.13.2 # renovate: datasource=docker depName=ghcr.io/goharbor/harbor-portal
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/arch
|
|
operator: In
|
|
values:
|
|
# - arm64
|
|
- amd64
|
|
|
|
core:
|
|
replicas: 2
|
|
image:
|
|
repository: ghcr.io/goharbor/harbor-core
|
|
# leaving empty to use chart matching versions
|
|
# tag: v2.13.2 # renovate: datasource=docker depName=ghcr.io/goharbor/harbor-core
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/arch
|
|
operator: In
|
|
values:
|
|
# - arm64
|
|
- amd64
|
|
|
|
environment:
|
|
name: unknown # not to be used for hard checks but to display to user
|
|
hardware: metal # to be used to enable on-prem specific features like ceph, cilium, etc
|
|
mode: production # to be used to configure backup movement and additional debugging features
|
|
revision: main # to be used to pull from different git branches
|
|
baseDomain: deepcypher.me # to be used to override default chart domains to configure environments
|
|
location:
|
|
name: unknown # not to be used for hard checks purely informational
|
|
contact:
|
|
name: George Onoufriou
|
|
email: noreply@deepcypher.me
|