Gluttony-Cluster/firefly-iii/helmrelease-firefly-iii.yaml
Tyler Perkins 89f898fdbb
All checks were successful
continuous-integration/drone/push Build is passing
Add precommit
2023-12-02 21:51:04 -05:00

174 lines
5.1 KiB
YAML

apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: firefly
namespace: firefly-ns
spec:
chart:
spec:
chart: firefly-iii
sourceRef:
kind: HelmRepository
name: firefly-iii
namespace: flux-system
interval: 15m0s
timeout: 5m
releaseName: firefly-iii
values:
replicaCount: 1
image:
repository: "fireflyiii/core"
pullPolicy: IfNotPresent
tag: latest
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
persistence:
# -- If you set this to false, uploaded attachments are not stored persistently and will be lost with every restart of the pod
enabled: true
storageClassName: "longhorn"
accessModes: ReadWriteOnce
storage: 20Gi
# -- If you want to use an existing claim, set it here
existingClaim: ""
# -- Environment variables for Firefly III. See docs at: https://github.com/firefly-iii/firefly-iii/blob/main/.env.example
config:
# -- Set this to the name of a secret to load environment variables from. If defined, values in the secret will override values in config.env
existingSecret: "firefly-iii-secret"
# -- Set environment variables from configMaps or Secrets
envValueFrom: {}
# -- Directly defined environment variables. Use this for non-secret configuration values.
env:
DB_HOST: postgresql.postgresql-system.svc.cluster.local
DB_CONNECTION: pgsql
DB_PORT: "5432"
DB_DATABASE: firefly
DB_USERNAME: firefly
DEFAULT_LANGUAGE: "en_US"
DEFAULT_LOCALE: "equal"
TZ: "America/New_York"
TRUSTED_PROXIES: "**"
APP_URL: "https://money.clortox.com"
AUTHENTICATION_GUARD: "remote_user_guard"
AUTHENTICATION_GUARD_HEADER: "X-authentik-email"
# -- Create a new Secret from values file to store sensitive environment variables. Make sure to keep your secrets encrypted in the repository! For example, you can use the 'helm secrets' plugin (https://github.com/jkroepke/helm-secrets) to encrypt and manage secrets. If the 'config.existingSecret' value is set, a new Secret will not be created.
secrets:
env:
APP_PASSWORD: "CHANGE_ENCRYPT_ME"
DB_PASSWORD: "CHANGE_ENCRYPT_ME"
# -- A cronjob for [recurring Firefly III tasks](https://docs.firefly-iii.org/firefly-iii/advanced-installation/cron/).
cronjob:
# -- Set to true to enable the CronJob. Note that you need to specify either cronjob.auth.existingSecret or cronjob.auth.token for it to actually be deployed.
enabled: false
# -- Authorization for the CronJob. See https://docs.firefly-iii.org/firefly-iii/advanced-installation/cron/#request-a-page-over-the-web
auth:
# -- The name of a secret containing a data.token field with the cronjob token
existingSecret: ""
# -- The name of the key in the existing secret to get the cronjob token from
secretKey: "token"
# -- The token in plain text
token: ""
# -- Annotations for the CronJob
annotations: {}
# -- When to run the CronJob. Defaults to 03:00 as this is when Firefly III executes regular tasks.
schedule: "0 3 * * *"
# -- How many pods to keep around for successful jobs
successfulJobsHistoryLimit: 3
# -- How many pods to keep around for failed jobs
failedJobsHistoryLimit: 1
# -- How to treat failed jobs
restartPolicy: OnFailure
image:
repository: curlimages/curl
pullPolicy: IfNotPresent
tag: 7.81.0
imagePullSecrets: []
podAnnotations: {}
securityContext: {}
podSecurityContext: {}
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
type: LoadBalancer
port: 80
ingress:
enabled: false
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- chart-example.local
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}