mirror of
https://github.com/fhswf/aki_prj23_transparenzregister.git
synced 2025-04-22 16:22:54 +02:00
169 lines
7.4 KiB
YAML
169 lines
7.4 KiB
YAML
### helm upgrade --cleanup-on-fail --install aki-transparenzregister-postgre bitnami/postgresql --namespace transparenzregister --create-namespace --values values.yaml
|
|
|
|
global:
|
|
storageClass: "csi-beegfs-dynhot-sc"
|
|
postgresql:
|
|
## @param global.postgresql.auth.postgresPassword Password for the "postgres" admin user (overrides `auth.postgresPassword`)
|
|
## @param global.postgresql.auth.username Name for a custom user to create (overrides `auth.username`)
|
|
## @param global.postgresql.auth.password Password for the custom user to create (overrides `auth.password`)
|
|
## @param global.postgresql.auth.database Name for a custom database to create (overrides `auth.database`)
|
|
## @param global.postgresql.auth.existingSecret Name of existing secret to use for PostgreSQL credentials (overrides `auth.existingSecret`).
|
|
## @param global.postgresql.auth.secretKeys.adminPasswordKey Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.adminPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set.
|
|
## @param global.postgresql.auth.secretKeys.userPasswordKey Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.userPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set.
|
|
## @param global.postgresql.auth.secretKeys.replicationPasswordKey Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.replicationPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set.
|
|
##
|
|
auth:
|
|
postgresPassword: <some pw>
|
|
username: "aki_transparenzregister"
|
|
password: <some pw>
|
|
database: "transparenzregister"
|
|
existingSecret: ""
|
|
secretKeys:
|
|
adminPasswordKey: ""
|
|
userPasswordKey: ""
|
|
## @param global.postgresql.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`)
|
|
##
|
|
service:
|
|
ports:
|
|
postgresql: ""
|
|
|
|
clusterDomain: kicluster.local
|
|
extraDeploy: []
|
|
commonLabels: {}
|
|
commonAnnotations: {}
|
|
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/postgresql
|
|
tag: 15.3.0-debian-11-r24
|
|
|
|
## Authentication parameters
|
|
## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql#setting-the-root-password-on-first-run
|
|
## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql#creating-a-database-on-first-run
|
|
## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql#creating-a-database-user-on-first-run
|
|
##
|
|
auth:
|
|
## @param auth.enablePostgresUser Assign a password to the "postgres" admin user. Otherwise, remote access will be blocked for this user
|
|
##
|
|
enablePostgresUser: true
|
|
## @param auth.postgresPassword Password for the "postgres" admin user. Ignored if `auth.existingSecret` is provided
|
|
##
|
|
postgresPassword: ""
|
|
## @param auth.username Name for a custom user to create
|
|
##
|
|
username: ""
|
|
## @param auth.password Password for the custom user to create. Ignored if `auth.existingSecret` is provided
|
|
##
|
|
password: ""
|
|
## @param auth.database Name for a custom database to create
|
|
##
|
|
database: ""
|
|
## @param auth.existingSecret Name of existing secret to use for PostgreSQL credentials. `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret. The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and picked from this secret in this case.
|
|
##
|
|
existingSecret: ""
|
|
## @param auth.secretKeys.adminPasswordKey Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set.
|
|
## @param auth.secretKeys.userPasswordKey Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set.
|
|
## @param auth.secretKeys.replicationPasswordKey Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set.
|
|
##
|
|
secretKeys:
|
|
adminPasswordKey: postgres-password
|
|
userPasswordKey: password
|
|
## @param auth.usePasswordFiles Mount credentials as a files instead of using an environment variable
|
|
##
|
|
usePasswordFiles: false
|
|
|
|
architecture: standalone
|
|
containerPorts:
|
|
postgresql: 30432
|
|
|
|
## @param postgresqlDataDir PostgreSQL data dir folder
|
|
##
|
|
postgresqlDataDir: /bitnami/postgresql/data
|
|
|
|
shmVolume:
|
|
enabled: true
|
|
sizeLimit: ""
|
|
|
|
## TLS configuration
|
|
##
|
|
tls:
|
|
## @param tls.enabled Enable TLS traffic support
|
|
##
|
|
enabled: false
|
|
## @param tls.autoGenerated Generate automatically self-signed TLS certificates
|
|
##
|
|
autoGenerated: false
|
|
## @param tls.preferServerCiphers Whether to use the server's TLS cipher preferences rather than the client's
|
|
##
|
|
preferServerCiphers: true
|
|
## @param tls.certificatesSecret Name of an existing secret that contains the certificates
|
|
##
|
|
certificatesSecret: ""
|
|
## @param tls.certFilename Certificate filename
|
|
##
|
|
certFilename: ""
|
|
## @param tls.certKeyFilename Certificate key filename
|
|
##
|
|
certKeyFilename: ""
|
|
## @param tls.certCAFilename CA Certificate filename
|
|
## If provided, PostgreSQL will authenticate TLS/SSL clients by requesting them a certificate
|
|
## ref: https://www.postgresql.org/docs/9.6/auth-methods.html
|
|
##
|
|
certCAFilename: ""
|
|
## @param tls.crlFilename File containing a Certificate Revocation List
|
|
##
|
|
crlFilename: ""
|
|
|
|
## @section PostgreSQL Primary parameters
|
|
##
|
|
primary:
|
|
## @param primary.name Name of the primary database (eg primary, master, leader, ...)
|
|
name: primary
|
|
## @param primary.configuration PostgreSQL Primary main configuration to be injected as ConfigMap
|
|
## ref: https://www.postgresql.org/docs/current/static/runtime-config.html
|
|
configuration: ""
|
|
## @param primary.extendedConfiguration Extended PostgreSQL Primary configuration (appended to main or default configuration)
|
|
## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql#allow-settings-to-be-loaded-from-files-other-than-the-default-postgresqlconf
|
|
extendedConfiguration: ""
|
|
|
|
service:
|
|
type: NodePort
|
|
ports:
|
|
postgresql: 5432
|
|
nodePorts:
|
|
postgresql: 30432
|
|
|
|
annotations: {}
|
|
## @param primary.service.externalTrafficPolicy Enable client source IP preservation
|
|
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Cluster
|
|
## @param primary.service.extraPorts Extra ports to expose in the PostgreSQL primary service
|
|
extraPorts: []
|
|
|
|
persistence:
|
|
enabled: true
|
|
existingClaim: ""
|
|
mountPath: /bitnami/postgresql
|
|
## @param primary.persistence.subPath The subdirectory of the volume to mount to
|
|
## Useful in dev environments and one PV for multiple services
|
|
subPath: ""
|
|
storageClass: "csi-beegfs-dynhot-sc"
|
|
## @param primary.persistence.accessModes PVC Access Mode for PostgreSQL volume
|
|
##
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
annotations: {}
|
|
## @param primary.persistence.labels Labels for the PVC
|
|
##
|
|
labels: {}
|
|
## @param primary.persistence.selector Selector to match an existing Persistent Volume (this value is evaluated as a template)
|
|
## selector:
|
|
## matchLabels:
|
|
## app: my-app
|
|
##
|
|
selector: {}
|
|
## @param primary.persistence.dataSource Custom PVC data source
|
|
##
|
|
dataSource: {}
|