99 lines
3.5 KiB
YAML
99 lines
3.5 KiB
YAML
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2beta2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: "{{ .Release.Name }}-hr"
|
|
spec:
|
|
chart:
|
|
spec:
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: "{{ .Release.Name }}-repo"
|
|
chart: "firefly-iii"
|
|
install:
|
|
{{- toYaml .Values.commons.helm.release.install | nindent 4 }}
|
|
test:
|
|
{{- toYaml .Values.commons.helm.release.test | nindent 4 }}
|
|
upgrade:
|
|
{{- toYaml .Values.commons.helm.release.upgrade | nindent 4 }}
|
|
driftDetection:
|
|
{{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }}
|
|
interval: 10m
|
|
valuesFrom:
|
|
- name: {{ .Release.Name }}
|
|
kind: Secret
|
|
valuesKey: "APP_KEY"
|
|
targetPath: "secrets.appKey"
|
|
values:
|
|
podAnnotations:
|
|
config-hash: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
|
|
config:
|
|
existingSecret: {{ .Release.Name }}
|
|
env:
|
|
DB_CONNECTION: pgsql
|
|
DB_HOST: {{ .Values.database.host | quote }}
|
|
DB_PORT: "5432"
|
|
DB_USERNAME: {{ .Values.database.username | quote }}
|
|
DB_DATABASE: {{ .Values.database.name | quote }}
|
|
|
|
AUTHENTICATION_GUARD: "remote_user_guard"
|
|
AUTHENTICATION_GUARD_HEADER: HTTP_X_AUTHENTIK_UID
|
|
AUTHENTICATION_GUARD_EMAIL: HTTP_X_AUTHENTIK_EMAIL
|
|
|
|
MAIL_MAILER: smtp
|
|
MAIL_HOST: {{ .Values.mail.host | default .Values.commons.mail.host | quote }}
|
|
MAIL_PORT: "587"
|
|
MAIL_FROM: {{ .Values.mail.from | default (printf "\"[%s] %s\" <%s>" .Values.commons.theme.title "firefly-iii" .Values.commons.mail.from) | quote }}
|
|
MAIL_USERNAME: {{ .Values.commons.mail.username | quote }}
|
|
MAIL_ENCRYPTION: tls
|
|
|
|
cronjob:
|
|
enabled: true
|
|
auth:
|
|
existingSecret: {{ .Release.Name }}
|
|
secretKey: "STATIC_CRON_TOKEN"
|
|
|
|
{{- if .Values.commons.persistence.hostPath.enabled }}
|
|
persistence:
|
|
enabled: false
|
|
extraVolumes:
|
|
- name: upload
|
|
hostPath:
|
|
type: Directory
|
|
path: "{{ .Values.commons.persistence.hostPath.prefix }}/firefly/upload"
|
|
extraVolumeMounts:
|
|
- name: upload
|
|
mountPath: "/var/www/html/storage/upload"
|
|
{{- else }}
|
|
persistence:
|
|
enabled: true
|
|
{{- with .Values.persistence.storageClass | default .Values.commons.persistence.storageClass }}
|
|
storageClassName: {{ . }}
|
|
{{- end }}
|
|
storage: {{ .Values.persistence.size }}
|
|
{{- end }}
|
|
|
|
{{- $host := .Values.ingress.host | default (printf "money.%s" .Values.commons.ingress.domain) }}
|
|
ingress:
|
|
enabled: true
|
|
annotations:
|
|
{{- $annotations := mergeOverwrite (dict) .Values.commons.ingress.annotations .Values.ingress.annotations }}
|
|
{{- $currentMiddleware := get $annotations "traefik.ingress.kubernetes.io/router.middlewares" }}
|
|
{{- if $currentMiddleware }}
|
|
{{- $_ := set $annotations "traefik.ingress.kubernetes.io/router.middlewares" (printf "%s,%s-mycloud-authentik-outpost@kubernetescrd" $currentMiddleware .Release.Namespace) }}
|
|
{{- else }}
|
|
{{- $_ := set $annotations "traefik.ingress.kubernetes.io/router.middlewares" (printf "%s-mycloud-authentik-outpost@kubernetescrd" .Release.Namespace) }}
|
|
{{- end }}
|
|
{{- toYaml $annotations | nindent 8 }}
|
|
hosts:
|
|
- {{ $host | quote }}
|
|
{{- if .Values.commons.ingress.tls.enabled }}
|
|
tls:
|
|
{{- with .Values.commons.ingress.tls.override }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- else }}
|
|
- secretName: "{{ .Release.Name }}-cert"
|
|
hosts:
|
|
- "{{ $host }}"
|
|
{{- end }}
|
|
{{- end }}
|