121 lines
2.4 KiB
YAML
121 lines
2.4 KiB
YAML
bootstrap:
|
|
source:
|
|
repoURL: "https://git.strudelline.net/infra/argo1"
|
|
targetRevision: "prod"
|
|
|
|
cert-manager:
|
|
enabled: true
|
|
values: |
|
|
extraArgs:
|
|
- --dns01-recursive-nameservers-only
|
|
- --dns01-recursive-nameservers=8.8.8.8:53,1.1.1.1:53
|
|
ingressShim.defaultIssuerKind: ClusterIssuer
|
|
ingressShim.defaultIssuerName: zerossl
|
|
installCRDs: "true"
|
|
|
|
haproxy-ingress:
|
|
enabled: true
|
|
values: |-
|
|
controller:
|
|
config:
|
|
fronting-proxy-port: "81"
|
|
extraArgs:
|
|
watch-ingress-without-class: ""
|
|
ingressClass: haproxy
|
|
ingressClassResource:
|
|
default: true
|
|
enabled: true
|
|
parameters: {}
|
|
logs:
|
|
enabled: true
|
|
metrics:
|
|
enabled: true
|
|
service:
|
|
annotations:
|
|
metallb.universe.tf/allow-shared-ip: 172.16.17.80
|
|
metallb.universe.tf/loadBalancerIPs: 172.16.17.80
|
|
type: LoadBalancer
|
|
stats:
|
|
enabled: true
|
|
tcp:
|
|
"81": ""
|
|
serviceAccount:
|
|
create: true
|
|
|
|
argo-cd:
|
|
crds:
|
|
install: false
|
|
|
|
configs:
|
|
params:
|
|
"server.insecure": "true"
|
|
|
|
controller:
|
|
replicas: 1
|
|
|
|
server:
|
|
ingress:
|
|
enabled: true
|
|
hosts: &hhosts
|
|
- argocd.strudelline.net
|
|
tls:
|
|
- hosts: *hhosts
|
|
secretName: wildcard-tls
|
|
ingressGrpc:
|
|
enabled: true
|
|
hosts: &ghosts
|
|
- grpc-argocd.strudelline.net
|
|
tls:
|
|
- hosts: *ghosts
|
|
secretName: wildcard-tls
|
|
|
|
cluster-resources:
|
|
enabled: true
|
|
repoURL: 'https://git.strudelline.net/infra/kube-cascade'
|
|
|
|
vault-agent-injector:
|
|
enabled: true
|
|
values: |
|
|
global:
|
|
enabled: false
|
|
externalVaultAddr: https://vault.strudelline.net
|
|
injector:
|
|
affinity: ""
|
|
agentImage:
|
|
repository: jamesandariese/vault-with-ca
|
|
enabled: true
|
|
failurePolicy: Fail
|
|
|
|
nfs:
|
|
enabled: true
|
|
values: |
|
|
nfs:
|
|
path: /volume1/k8s-volumes
|
|
server: 172.16.18.1
|
|
storageClass:
|
|
name: nfs
|
|
|
|
openebs:
|
|
enabled: true
|
|
values: |
|
|
jiva:
|
|
enabled: false
|
|
legacy:
|
|
enabled: false
|
|
localprovisioner:
|
|
enabled: false
|
|
localpv-provisioner:
|
|
enabled: true
|
|
lvm-localpv:
|
|
enabled: true
|
|
ndm:
|
|
enabled: false
|
|
|
|
external-secrets: {enabled: true}
|
|
metallb: {enabled: true}
|
|
pgo: {enabled: true}
|
|
secrets: {enabled: true}
|
|
sealed-secrets: {enabled: true}
|
|
template-operator: {enabled: true}
|
|
trust-manager: {enabled: true}
|