init:
  version: 0
  namespace: "bases"

commons:
  # -- masterPassword to generate secrets
  # @section -- Commons
  masterPassword: "CHANGEME"

  auth:
    enabled: false
    type: "authentik"
    namespace: ""
    authentik:
      domain: ""
      backend: "authentik-server"

  helm:
    release:
      # -- install of FluxCD HelmRelease
      # @section -- Commons helm release
      install: {}
      # -- test of FluxCD HelmRelease
      # @section -- Commons helm release
      test: {}
      # -- upgrade of FluxCD HelmRelease
      # @section -- Commons helm release
      upgrade: {}
      # -- driftDetection of FluxCD HelmRelease
      # @section -- Commons helm release
      driftDetection: {}

  ingress:
    # -- top domain for all services
    # @section -- Commons Ingress
    domain: "wrenix.eu"
    # -- annotations for all ingress objects
    # @section -- Commons Ingress
    annotations:
      cert-manager.io/cluster-issuer: letsencrypt-prod
    tls:
      # -- tls on every ingress
      # @section -- Commons Ingress
      enabled: false
      # -- use own definition of tls (e.g. for own or wildcard certificate)
      # @section -- Commons Ingress
      override: []

  prometheus:
    monitor:
      # -- labels on Pod- and Service-Monitor
      # @section -- Commons Monitoring
      labels: {}

alertmanager:
  ingress:
    enabled: true
    # use infra.commons.ingress.host with prefix
    host: ""
    # -- annotations on ingress object (beside of .Values.commons.ingress.annotations )
    annotations: {}

  auth:
    anonymous:
      enabled: false

  # -- additional inhibitRules
  inhibitRules: []

  route:
    # -- would overwrite defaults (like ntfy or matrix)
    #  # send every alert to ntfy
    #  # (and continue to routing for that alert)
    #  - receiver: "ntfy-default"
    #    continue: true
    #  # send selected alerts to special matrix room
    #  # (and remove them for evaluation - no continue)
    #  - receiver: "matrix-room-name"
    #    matchers:
    #      - name: "team"
    #        matchType: "="
    #        value: "room-name"
    #  # all reminig alerts to matrix default room
    #  - receiver: "matrix-default"
    routes: []
    # -- groupBy
    groupBy:
      - namespace
      - alertname
    # -- repeat Interval
    repeatInterval: "24h"

  receiver:
    # -- customs
    customs: {}
    matrix:
      enabled: false
      sendResolved: false
      homeserver: "https://matrix.org"
      userID: "@alert:matrix.org"
      # -- token of matrix reciever (use valuesFrom in flux for it)
      token: ""
      default: "!example-room:matrix.org"
      #
      rooms: {}
      # room-name:
      #   - room: "!example-room-name:matrix.org"
      #     sendResolved: false
      #
    ntfy:
      enabled: false
      sendResolved: false
      ingress:
        enabled: false
        # use infra.commons.ingress.host with prefix
        host:
        # -- annotations on ingress object (beside of .Values.commons.ingress.annotations )
        annotations: {}
      config:
        # -- user used between alertmanager and ntfy receiver
        user: "alertmanager-to-ntfy"
        # -- password used between alertmanager and ntfy reciever generated from commons.masterPassword
        password:
        ntfy:
          topic: "https://ntfy.wrenix.eu/alertmanager-example"
          # user:
          # password:
        # -- label of alert to ntfy message config
        labels:
          order:
            - severity
          entries:
            - label: severity
              value: critical
              priority: 4
              tags:
                - "rotating_light"

            - label: severity
              value: warning
              priority: 3
              tags:
                - "warning"

            - label: severity
              value: info
              priority: 1
              tags:
                - "information_source"

prometheus:
  ingress:
    enabled: true
    # use infra.commons.ingress.host with prefix
    host: ""
    # -- annotations on ingress object (beside of .Values.commons.ingress.annotations )
    annotations: {}
  # not yet supported again (replace or merge again - complex code)
  # spec: {}

  auth:
    anonymous:
      enabled: false

  exporter:
    blackbox:
      enabled: true
      hostNetwork: false
      ingress:
        # -- enable ingress for blackbox-exporter
        enabled: false
        # -- default use .Values.commons.ingress.host with prefix: `blackbox.exporter`
        host: ""
        # -- annotations on ingress object (beside of .Values.commons.ingress.annotations )
        annotations: {}

grafana:
  # -- generated from commons.masterPassword
  adminPassword:

  ingress:
    enabled: true
    # use infra.commons.ingress.host with prefix
    host: ""
    # -- annotations on ingress object (beside of .Values.commons.ingress.annotations )
    annotations: {}

  dashboards:
    folderAnnotation: "grafana.mon.local/dashboard-folder"
    annotations:
      "grafana.mon.local/dashboard-folder": "Kubernetes"

  auth:
    enabled: false
    authentik:
      # -- generated from commons.masterPassword
      clientID:
      # -- generated from commons.masterPassword
      clientSecret:
    anonymous:
      enabled: true

karma:
  enabled: true

  ingress:
    enabled: true
    # use infra.commons.ingress.host with prefix
    host: ""
    # -- annotations on ingress object (beside of .Values.commons.ingress.annotations )
    annotations: {}

  auth:
    anonymous:
      enabled: false

  filters:
    default:
      - '@state=active'

  additionalAlertmanager:

tempo:
  enabled: false