diff --git a/HelmChart/Public/oneuptime/templates/_helpers.tpl b/HelmChart/Public/oneuptime/templates/_helpers.tpl index 7f0d3e7add..b0bb5088d7 100644 --- a/HelmChart/Public/oneuptime/templates/_helpers.tpl +++ b/HelmChart/Public/oneuptime/templates/_helpers.tpl @@ -145,19 +145,19 @@ Usage: {{- end }} - name: CLICKHOUSE_PASSWORD {{- if $.Values.clickhouse.enabled }} - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "clickhouse" }} key: admin-password {{- else }} {{- if $.Values.externalClickhouse.password }} - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "external-clickhouse" }} key: password {{- end }} {{- if $.Values.externalClickhouse.existingSecret.name }} - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s" $.Values.externalClickhouse.existingSecret.name }} key: {{ $.Values.externalClickhouse.existingSecret.passwordKey }} @@ -183,7 +183,7 @@ Usage: {{- end }} -## REDIS SSL BLOCK +## REDIS SSL BLOCK {{- if $.Values.clickhouse.enabled }} # do nothing here. {{- else }} @@ -191,7 +191,7 @@ Usage: {{- if $.Values.externalClickhouse.tls.ca }} - name: CLICKHOUSE_TLS_CA - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "external-clickhouse" }} key: tls-ca @@ -199,7 +199,7 @@ Usage: {{- if $.Values.externalClickhouse.tls.cert }} - name: CLICKHOUSE_TLS_CERT - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "external-clickhouse" }} key: tls-cert @@ -207,7 +207,7 @@ Usage: {{- if $.Values.externalClickhouse.tls.key }} - name: CLICKHOUSE_TLS_KEY - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "external-clickhouse" }} key: tls-key @@ -233,19 +233,19 @@ Usage: {{- end }} - name: REDIS_PASSWORD {{- if $.Values.redis.enabled }} - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "redis" }} key: redis-password {{- else }} {{- if $.Values.externalRedis.password }} - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "external-redis" }} key: password {{- end }} {{- if $.Values.externalRedis.existingSecret.name }} - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s" $.Values.externalRedis.existingSecret.name }} key: {{ $.Values.externalRedis.existingSecret.passwordKey }} @@ -265,7 +265,7 @@ Usage: {{- end }} -## REDIS SSL BLOCK +## REDIS SSL BLOCK {{- if $.Values.redis.enabled }} # do nothing here. {{- else }} @@ -273,7 +273,7 @@ Usage: {{- if $.Values.externalRedis.tls.ca }} - name: REDIS_TLS_CA - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "external-redis" }} key: tls-ca @@ -281,7 +281,7 @@ Usage: {{- if $.Values.externalRedis.tls.cert }} - name: REDIS_TLS_CERT - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "external-redis" }} key: tls-cert @@ -289,7 +289,7 @@ Usage: {{- if $.Values.externalRedis.tls.key }} - name: REDIS_TLS_KEY - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "external-redis" }} key: tls-key @@ -305,7 +305,7 @@ Usage: {{- else }} value: {{ $.Values.externalPostgres.host }} {{- end }} -- name: DATABASE_PORT +- name: DATABASE_PORT {{- if $.Values.postgresql.enabled }} value: {{ printf "%s" $.Values.postgresql.primary.service.ports.postgresql | squote }} {{- else }} @@ -317,27 +317,27 @@ Usage: {{- else }} value: {{ $.Values.externalPostgres.username }} {{- end }} -- name: DATABASE_PASSWORD +- name: DATABASE_PASSWORD {{- if $.Values.postgresql.enabled }} - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "postgresql" }} key: postgres-password {{- else }} {{- if $.Values.externalPostgres.password }} - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "external-postgres" }} key: password {{- end }} {{- if $.Values.externalPostgres.existingSecret.name }} - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s" $.Values.externalPostgres.existingSecret.name }} key: {{ $.Values.externalPostgres.existingSecret.passwordKey }} {{- end }} {{- end }} -- name: DATABASE_NAME +- name: DATABASE_NAME {{- if $.Values.postgresql.enabled }} value: {{ $.Values.postgresql.auth.database }} {{- else }} @@ -345,7 +345,7 @@ Usage: {{- end }} -## DATABASE SSL BLOCK +## DATABASE SSL BLOCK {{- if $.Values.postgresql.enabled }} # do nothing here. {{- else }} @@ -353,7 +353,7 @@ Usage: {{- if $.Values.externalPostgres.ssl.ca }} - name: DATABASE_SSL_CA - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "external-postgres" }} key: ssl-ca @@ -361,7 +361,7 @@ Usage: {{- if $.Values.externalPostgres.ssl.cert }} - name: DATABASE_SSL_CERT - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "external-postgres" }} key: ssl-cert @@ -369,7 +369,7 @@ Usage: {{- if $.Values.externalPostgres.ssl.key }} - name: DATABASE_SSL_KEY - valueFrom: + valueFrom: secretKeyRef: name: {{ printf "%s-%s" $.Release.Name "external-postgres" }} key: ssl-key @@ -378,7 +378,7 @@ Usage: {{- end }} {{- end }} -## DATABASE SSL ENDS HERE +## DATABASE SSL ENDS HERE - name: BILLING_PRIVATE_KEY value: {{ $.Values.billing.privateKey }} @@ -479,6 +479,10 @@ spec: date: "{{ now | unixEpoch }}" appname: oneuptime spec: + {{- if $.Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml $.Values.imagePullSecrets | nindent 8 }} + {{- end }} {{- if $.Values.podSecurityContext }} securityContext: {{- $.Values.podSecurityContext | toYaml | nindent 8 }} {{- end }} @@ -552,7 +556,7 @@ kind: HorizontalPodAutoscaler metadata: name: {{ printf "%s-%s" $.Release.Name $.ServiceName }} namespace: {{ $.Release.Namespace }} - labels: + labels: appname: oneuptime spec: scaleTargetRef: @@ -587,7 +591,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: {{ printf "%s-%s" $.Release.Name $.Name }} - labels: + labels: appname: oneuptime spec: accessModes: @@ -596,4 +600,4 @@ spec: resources: requests: storage: {{ $.Storage }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/HelmChart/Public/oneuptime/values.yaml b/HelmChart/Public/oneuptime/values.yaml index abe74866d1..164b11b6a8 100644 --- a/HelmChart/Public/oneuptime/values.yaml +++ b/HelmChart/Public/oneuptime/values.yaml @@ -1,36 +1,36 @@ global: - storageClass: + storageClass: clusterDomain: &global-cluster-domain cluster.local -# Please change this to the domain name / IP where OneUptime server is hosted on. +# Please change this to the domain name / IP where OneUptime server is hosted on. host: localhost httpProtocol: http # Important: You do need to set this to a long random values if you're using OneUptime in production. -oneuptimeSecret: -encryptionSecret: +oneuptimeSecret: +encryptionSecret: -# (Optional): You usually do not need to set this if you're self hosting. +# (Optional): You usually do not need to set this if you're self hosting. openTelemetryCollectorHost: -fluentdHost: +fluentdHost: -deployment: +deployment: # Default replica count for all deployments replicaCount: 1 ingestor: - replicaCount: + replicaCount: -metalLb: +metalLb: enabled: false - ipAdddressPool: + ipAdddressPool: enabled: false - addresses: + addresses: # - 51.158.55.153/32 # List of IP addresses of all the servers in the cluster. nginx: - service: - loadBalancerIP: + service: + loadBalancerIP: type: LoadBalancer externalIPs: # - 51.158.55.153 # Please make sure this is the same as the one in metalLb.ipAdddressPool.addresses @@ -38,19 +38,19 @@ nginx: postgresql: enabled: true # Set this to false if you're using an external postgresql database. clusterDomain: *global-cluster-domain - auth: + auth: username: oneuptime database: oneuptimedb architecture: standalone primary: service: - ports: + ports: postgresql: "5432" terminationGracePeriodSeconds: 0 # We do this because we do not want to wait for the pod to terminate in case of node failure. https://medium.com/tailwinds-navigator/kubernetes-tip-how-statefulsets-behave-differently-than-deployments-when-node-fails-d29e36bca7d5 persistence: size: 25Gi readReplicas: - terminationGracePeriodSeconds: 0 # We do this because we do not want to wait for the pod to terminate in case of node failure. https://medium.com/tailwinds-navigator/kubernetes-tip-how-statefulsets-behave-differently-than-deployments-when-node-fails-d29e36bca7d5 + terminationGracePeriodSeconds: 0 # We do this because we do not want to wait for the pod to terminate in case of node failure. https://medium.com/tailwinds-navigator/kubernetes-tip-how-statefulsets-behave-differently-than-deployments-when-node-fails-d29e36bca7d5 persistence: size: 25Gi @@ -58,18 +58,18 @@ clickhouse: enabled: true clusterDomain: *global-cluster-domain service: - ports: + ports: http: "8123" shards: 1 replicaCount: 1 terminationGracePeriodSeconds: 0 # We do this because we do not want to wait for the pod to terminate in case of node failure. https://medium.com/tailwinds-navigator/kubernetes-tip-how-statefulsets-behave-differently-than-deployments-when-node-fails-d29e36bca7d5 - zookeeper: + zookeeper: enabled: false - persistence: + persistence: size: 25Gi - auth: + auth: username: oneuptime - initdbScripts: + initdbScripts: db-init.sql: | CREATE DATABASE oneuptime; @@ -80,18 +80,18 @@ redis: auth: enabled: true master: - service: - ports: + service: + ports: redis: "6379" persistence: - enabled: false # We dont need redis persistence, because we dont do anything with it. + enabled: false # We dont need redis persistence, because we dont do anything with it. replica: persistence: enabled: false # We dont need redis persistence, because we dont do anything with it. commonConfiguration: |- appendonly no - save "" - + save "" + image: registry: docker.io @@ -99,6 +99,8 @@ image: pullPolicy: Always tag: release restartPolicy: Always +# imagePullSecrets: +# - name: MyCustomSecretNameWithDockerCredentials autoscaling: enabled: false @@ -109,36 +111,36 @@ autoscaling: nodeEnvironment: production -billing: +billing: enabled: false - publicKey: - privateKey: - smsDefaultValueInCents: + publicKey: + privateKey: + smsDefaultValueInCents: callDefaultValueInCentsPerMinute: smsHighRiskValueInCents: - callHighRiskValueInCentsPerMinute: + callHighRiskValueInCentsPerMinute: allowedActiveMonitorCountInFreePlan: 10 -subscriptionPlan: - basic: - growth: - scale: - enterprise: +subscriptionPlan: + basic: + growth: + scale: + enterprise: -analytics: +analytics: host: - key: + key: internalSmtp: enabled: true incomingEmailDomain: - sendingDomain: - dkimPrivateKey: - dkimPublicKey: - email: + sendingDomain: + dkimPrivateKey: + dkimPublicKey: + email: name: - service: - loadBalancerIP: + service: + loadBalancerIP: # Change this to LoadBalancer if you want to receive emails from the internet. This could be useful for Incoming Email monitors. type: ClusterIP externalIPs: @@ -149,15 +151,15 @@ incidents: disableAutomaticCreation: false # If you would like to attach status page to custom domains use this setting. -# For example, lets say you would like the status page to be hosted on status.yourcompany.com, then +# For example, lets say you would like the status page to be hosted on status.yourcompany.com, then # 1. Create a A record in your DNS provider with the name "oneuptime.yourcompany.com" and value to Public IP of the server oneuptime is deployed on. # 2. Set the statusPage.cnameRecord to "oneuptime.yourcompany.com" # 3. Create CNAME record in your DNS provider with the name "status.yourcompany.com" and value "oneuptime.yourcompany.com" -statusPage: - cnameRecord: +statusPage: + cnameRecord: -probes: - one: +probes: + one: name: "Probe" description: "Probe" monitoringWorkers: 3 @@ -166,7 +168,7 @@ probes: replicaCount: 1 syntheticMonitorScriptTimeoutInMs: 60000 customCodeMonitorScriptTimeoutInMs: 60000 - # two: + # two: # name: "Probe 2" # description: "Probe 2" # monitoringWorkers: 3 @@ -176,7 +178,7 @@ probes: # syntheticMonitorScriptTimeoutInMs: 60000 # customCodeMonitorScriptTimeoutInMs: 60000 -port: +port: app: 3002 ingestor: 3400 testServer: 3800 @@ -195,7 +197,7 @@ port: isolatedVM: 4572 -testServer: +testServer: enabled: false @@ -223,22 +225,22 @@ cronJobs: # Please do not enable this in producton. This is only for development purposes. enabled: false isUserRegistered: false - registeredUserEmail: + registeredUserEmail: registeredUserPassword: # This is the URL of the status page you want to test. This is used to check if the status page is up and running. statusPageUrl: - failedWebhookUrl: - + failedWebhookUrl: -letsEncrypt: + +letsEncrypt: # Generate a private key via openssl, encode it to base64 - accountKey: + accountKey: # Email address to register with letsencrypt for notifications - email: + email: -oneuptimeIngress: +oneuptimeIngress: enabled: false - annotations: + annotations: # Please change this to the ingress class name for your cluster. If you use a cloud provider, this is usually the default ingress class name. # If you dont have nginx ingress controller installed, please install it by going to https://kubernetes.github.io/ingress-nginx/deploy/ className: nginx # Required. Please change this to the ingress class name for your cluster. If you use a cloud provider, this is usually the default ingress class name. @@ -247,12 +249,12 @@ oneuptimeIngress: # - "www.oneuptime.com" # Host 2 tls: enabled: false - hosts: + hosts: # - host: "oneuptime.com" # Host 1 # secretName: "oneuptime-tls -script: +script: workflowScriptTimeoutInMs: 5000 # extraTemplates -- Array of extra objects to deploy with the release. Strings @@ -270,74 +272,74 @@ extraTemplates: # External Postgres Configuration # You need to set postgresql.enabled to false if you're using an external postgres database. -externalPostgres: - host: - port: - username: +externalPostgres: + host: + port: + username: password: - # If you're using an existing secret for the password, please use this instead of password. + # If you're using an existing secret for the password, please use this instead of password. existingSecret: - name: + name: # This is the key in the secret where the password is stored. passwordKey: database: ssl: enabled: false # If this is enabled, please set either "ca" - ca: + ca: # (optional) - cert: + cert: key: ## External Redis Configuration # You need to set redis.enabled to false if you're using an external redis database. -externalRedis: - host: - port: +externalRedis: + host: + port: username: password: - # If you're using an existing secret for the password, please use this instead of password. + # If you're using an existing secret for the password, please use this instead of password. existingSecret: - name: + name: # This is the key in the secret where the password is stored. - passwordKey: - database: + passwordKey: + database: tls: enabled: false # If this is enabled, please set "ca" certificate. ca: # (optional) - cert: + cert: key: - + ## External Clickhouse Configuration # You need to set clickhouse.enabled to false if you're using an external clickhouse database. externalClickhouse: - host: + host: ## If the host is https, set this to true. Otherwise, set it to false. isHostHttps: false - port: - username: + port: + username: password: - # If you're using an existing secret for the password, please use this instead of password. + # If you're using an existing secret for the password, please use this instead of password. existingSecret: - name: + name: # This is the key in the secret where the password is stored. - passwordKey: - database: + passwordKey: + database: tls: enabled: false # If this is enabled, please set either "ca" - ca: + ca: # (optional) - cert: + cert: key: # Notification webhooks when certain events happen in the system. (usually they are slack webhooks) -notifications: - webhooks: +notifications: + webhooks: # This is the webhook that will be called when a user is created or signs up. - onCreateUser: \ No newline at end of file + onCreateUser: