mirror of
https://github.com/zulip/docker-zulip.git
synced 2025-11-01 20:44:07 +00:00
211 lines
6.6 KiB
YAML
211 lines
6.6 KiB
YAML
# Default values for zulip.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
# If you make any changes to the documentation here, regenerate the README.md
|
|
# with:
|
|
#
|
|
# ```
|
|
# docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest
|
|
# ```
|
|
|
|
image:
|
|
# -- Defaults to hub.docker.com/zulip/docker-zulip, but can be overwritten with a full HTTPS address.
|
|
repository: zulip/docker-zulip
|
|
# -- Pull policy for Zulip docker image.
|
|
# Ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
|
|
pullPolicy: IfNotPresent
|
|
# -- Zulip image tag (immutable tags are recommended)
|
|
tag: "8.3-1"
|
|
|
|
# -- Global Docker registry secret names as an array.
|
|
imagePullSecrets: []
|
|
|
|
# -- Partially override common.names.fullname template (will maintain the release name).
|
|
nameOverride: ""
|
|
|
|
# -- Fully override common.names.fullname template.
|
|
fullnameOverride: ""
|
|
|
|
serviceAccount:
|
|
# -- Specifies whether a service account should be created.
|
|
create: true
|
|
# -- Annotations to add to the service account.
|
|
annotations: {}
|
|
# -- The name of the service account to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name: ""
|
|
|
|
# -- Custom labels to add to the Zulip StatefulSet.
|
|
statefulSetLabels: {}
|
|
# -- Custom annotations to add to the Zulip StatefulSet.
|
|
statefulSetAnnotations: {}
|
|
|
|
# -- Custom labels to add to the Zulip Pod.
|
|
podLabels: {}
|
|
# -- Custom annotations to add to the Zulip Pod.
|
|
podAnnotations: {}
|
|
|
|
# -- Can be used to override the default PodSecurityContext (fsGroup, runAsUser
|
|
# and runAsGroup) of the Zulip _Pod_.
|
|
podSecurityContext:
|
|
{}
|
|
# fsGroup: 1000
|
|
# runAsUser: 1000
|
|
# runAsGroup: 1000
|
|
|
|
# -- Can be used to override the default SecurityContext of the Zulip _container_.
|
|
securityContext:
|
|
{}
|
|
# capabilities:
|
|
# drop:
|
|
# - ALL
|
|
# readOnlyRootFilesystem: true
|
|
# runAsNonRoot: true
|
|
# runAsUser: 1000
|
|
|
|
# -- Service type and port for the Kubernetes service that connects to Zulip.
|
|
# Default: ClusterIP, needs an Ingress to be used.
|
|
service:
|
|
type: ClusterIP
|
|
port: 80
|
|
|
|
ingress:
|
|
# -- Enable this to use an Ingress to reach the Zulip service.
|
|
enabled: false
|
|
# -- Can be used to add custom Ingress annotations.
|
|
annotations:
|
|
{}
|
|
# kubernetes.io/ingress.class: nginx
|
|
# kubernetes.io/tls-acme: "true"
|
|
hosts:
|
|
# -- Host for the Ingress. Should be the same as
|
|
# `zulip.environment.SETTING_EXTERNAL_HOST`.
|
|
- host: zulip.example.com
|
|
# -- Serves Zulip root of the chosen host domain.
|
|
paths:
|
|
- path: /
|
|
# -- Set a specific secret to read the TLS certificate from. If you use
|
|
# cert-manager, it will save the TLS secret here. If you do not, you need to
|
|
# manually create a secret with your TLS certificate.
|
|
tls: []
|
|
# - secretName: chart-example-tls
|
|
# hosts:
|
|
# - zulip.example.com
|
|
|
|
resources:
|
|
{}
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
|
|
# -- Optionally add a nodeSelector to the Zulip pod, so it runs on a specific
|
|
# node.
|
|
# Ref: https://kubernetes.io/docs/user-guide/node-selection/
|
|
nodeSelector: {}
|
|
|
|
# -- Tolerations for pod assignment.
|
|
# Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
tolerations: []
|
|
|
|
# -- Affinity for pod assignment.
|
|
# Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
affinity: {}
|
|
|
|
zulip:
|
|
# Environment variables based on https://github.com/zulip/docker-zulip/blob/master/docker-compose.yml#L63
|
|
environment:
|
|
# -- Disables HTTPS if set to "true".
|
|
# HTTPS and certificates are managed by the Kubernetes cluster, so
|
|
# by default it's disabled inside the container
|
|
DISABLE_HTTPS: true
|
|
# -- Set SSL certificate generation to self-signed because Kubernetes
|
|
# manages the client-facing SSL certs.
|
|
SSL_CERTIFICATE_GENERATION: self-signed
|
|
# -- Domain Zulip is hosted on.
|
|
SETTING_EXTERNAL_HOST: zulip.example.com
|
|
# -- SMTP email password.
|
|
SECRETS_email_password: "123456789"
|
|
SETTING_ZULIP_ADMINISTRATOR: "admin@example.com"
|
|
SETTING_EMAIL_HOST: "" # e.g. smtp.example.com
|
|
SETTING_EMAIL_HOST_USER: "noreply@example.com"
|
|
SETTING_EMAIL_PORT: "587"
|
|
SETTING_EMAIL_USE_SSL: "False"
|
|
SETTING_EMAIL_USE_TLS: "True"
|
|
ZULIP_AUTH_BACKENDS: "EmailAuthBackend"
|
|
# -- If `persistence.existingClaim` is not set, a PVC is generated with these
|
|
# specifications.
|
|
persistence:
|
|
enabled: true
|
|
accessMode: ReadWriteOnce
|
|
size: 10Gi
|
|
# existingClaim: "" # Use an already existing PVC
|
|
|
|
# -- Liveness probe values.
|
|
# Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 3
|
|
successThreshold: 1
|
|
# -- Startup probe values.
|
|
# Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
|
startupProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 30
|
|
successThreshold: 1
|
|
|
|
postSetup:
|
|
# -- The Docker entrypoint script runs commands from `/data/post-setup.d` after
|
|
# the Zulip application's Setup phase has completed. Scripts can be added here
|
|
# as `script_filename: <script contents>` and they will be mounted in
|
|
# `/data/post-setup.d/script_filename`.
|
|
scripts:
|
|
{}
|
|
# scriptName.sh: |
|
|
# #!/bin/bash
|
|
# echo "This is a script that gets executed in the Zulip container after installation, once migrations are complete"
|
|
|
|
# -- PostgreSQL settings, see [Requirements](#Requirements).
|
|
postgresql:
|
|
primary:
|
|
containerSecurityContext:
|
|
runAsUser: 0
|
|
# We need to override the Postgresql image to get all the plugins Zulip needs
|
|
image:
|
|
repository: zulip/zulip-postgresql
|
|
tag: 14
|
|
auth:
|
|
username: zulip
|
|
database: zulip
|
|
|
|
# -- Rabbitmq settings, see [Requirements](#Requirements).
|
|
rabbitmq:
|
|
auth:
|
|
username: zulip
|
|
# Set this to true if you need the rabbitmq to be persistent
|
|
persistence:
|
|
enabled: false
|
|
|
|
# -- Memcached settings, see [Requirements](#Requirements).
|
|
memcached:
|
|
memcachedUsername: "zulip@localhost"
|
|
|
|
# -- Redis settings, see [Requirements](#Requirements).
|
|
redis:
|
|
architecture: standalone
|
|
master:
|
|
persistence:
|
|
enabled: false
|