## Global Docker image parameters ## Please, note that this will override the image parameters, including dependencies, configured to use the global value ## Current available global Docker image parameters: imageRegistry and imagePullSecrets ## # global: # imageRegistry: myRegistryName # imagePullSecrets: # - myRegistryKeySecretName # storageClass: myStorageClass ## Force target Kubernetes version (using Helm capabilites if not set) ## kubeVersion: ## Number of Discourse & Sidekiq replicas ## (Note that you will need ReadWriteMany PVCs for this to work properly) ## replicaCount: 1 ## Bitnami Discourse image version ## ref: https://hub.docker.com/r/bitnami/discourse/tags/ ## image: registry: docker.io repository: bitnami/discourse tag: 2.7.1-debian-10-r0 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images ## pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ ## # pullSecrets: # - myRegistryKeySecretName ## Set to true if you would like to see extra information on logs ## debug: false imagePullSecrets: [] ## String to partially override discourse.fullname template (will maintain the release name) ## # nameOverride: ## String to fully override discourse.fullname template ## # fullnameOverride: ## Deployment pod host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## hostAliases: [] discourse: ## Discourse host to create application URLs. The port will be automatilly included. ## ref: https://github.com/bitnami/bitnami-docker-discourse#configuration ## host: '' ## Discourse site name ## ref: https://github.com/bitnami/bitnami-docker-discourse#environment-variables ## siteName: 'My Site!' ## User of the application ## ref: https://github.com/bitnami/bitnami-docker-discourse#environment-variables ## username: user ## Application password ## WARNING: Minimum length of 10 characters ## Defaults to a random 10-character alphanumeric string if not set ## ref: https://github.com/bitnami/bitnami-docker-discourse#environment-variables ## # password: ## Name of an existing secret containing the password (ignores previous password) ## The secret should contain the following key: ## discourse-password ## # existingSecret: my-secret ## Admin email ## ref: https://github.com/bitnami/bitnami-docker-discourse#environment-variables ## email: user@example.com ## Custom command to override image cmd ## # command: [] ## Custom args for the custom command: # args: [] containerSecurityContext: {} ## capabilities: ## drop: ## - ALL ## readOnlyRootFilesystem: true ## runAsNonRoot: true ## runAsUser: 1000 ## ## Discourse container's resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: {} ## We usually recommend not to specify default resources and to leave this as a conscious ## choice for the user. This also increases chances charts run on environments with little ## resources, such as Minikube. If you do want to specify resources, uncomment the following ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi ## Discourse extra options for liveness and readiness probes ## WARNING: Discourse installation process may take up some time and ## setting inappropriate values here may lead to pods failure. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes ## livenessProbe: enabled: true initialDelaySeconds: 500 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 readinessProbe: enabled: true initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 ## Custom liveness and readiness probes, it overrides the default one (evaluated as a template) ## customLivenessProbe: {} customReadinessProbe: {} ## Discourse SMTP settings smtp: ## Enable SMTP enabled: false ## SMTP host. host: '' ## SMTP port. port: '' ## SMTP account user. user: '' ## SMTP account password. password: '' ## If specified, SMTP protocol to use. Allowed values: tls, ssl. protocol: '' ## SMTP authentication method. auth: '' ## ## Name of existing secret object containing the password ## The secret should contain the following key: ## smtp-password ## existingSecret: '' ## An array to add extra env vars ## For example: ## extraEnvVars: ## discourse: ## - name: DISCOURSE_ELASTICSEARCH_URL ## value: test ## extraEnvVars: [] ## Array to add extra configmaps: ## extraEnvVarsCM: [] ## Array to add extra environment ## variables from a secret: ## # extraEnvVarsSecret: "" ## Additional volume mounts ## Example: Mount CA file ## extraVolumeMounts ## - name: ca-cert ## subPath: ca_cert ## mountPath: /path/to/ca_cert ## extraVolumeMounts: [] ## Do not run the Discourse installation wizard. ## Use only in case you are importing an existing database. ## skipInstall: false sidekiq: containerSecurityContext: {} ## capabilities: ## drop: ## - ALL ## readOnlyRootFilesystem: true ## runAsNonRoot: true ## runAsUser: 1000 ## ## Custom command to override image cmd ## command: ['/opt/bitnami/scripts/discourse/entrypoint.sh'] ## Custom args for the custom command: ## args: ['/opt/bitnami/scripts/discourse-sidekiq/run.sh'] ## Sidekiq resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: {} ## We usually recommend not to specify default resources and to leave this as a conscious ## choice for the user. This also increases chances charts run on environments with little ## resources, such as Minikube. If you do want to specify resources, uncomment the following ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi ## Sidekiq extra options for liveness and readiness probes ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes ## livenessProbe: enabled: true initialDelaySeconds: 500 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 readinessProbe: enabled: true initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 ## Custom liveness and readiness probes, it overrides the default one (evaluated as a template) ## customLivenessProbe: {} customReadinessProbe: {} ## An array to add extra env vars ## For example: ## extraEnvVars: ## - name: DISCOURSE_ELASTICSEARCH_URL ## value: test ## extraEnvVars: [] ## Array to add extra configmaps: ## extraEnvVarsCM: [] ## Name of the secret that holds extra ## env vars: ## # extraEnvVarsSecret: ## Additional volume mounts ## Example: Mount CA file ## extraVolumeMounts ## - name: ca-cert ## subPath: ca_cert ## mountPath: /path/to/ca_cert ## extraVolumeMounts: [] ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. ## volumePermissions: enabled: false ## Init containers' resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: ## We usually recommend not to specify default resources and to leave this as a conscious ## choice for the user. This also increases chances charts run on environments with little ## resources, such as Minikube. If you do want to specify resources, uncomment the following ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. ## limits: {} ## cpu: 100m ## memory: 128Mi ## requests: {} ## cpu: 100m ## memory: 128Mi ## ## Additional volumes ## Example: Add secret volume ## extraVolumes: ## - name: ca-cert ## secret: ## secretName: ca-cert ## items: ## - key: ca-cert ## path: ca_cert ## extraVolumes: [] ## Add sidecars to the pod. ## Example: ## sidecars: ## - name: your-image-name ## image: your-image ## imagePullPolicy: Always ## ports: ## - name: portname ## containerPort: 1234 ## sidecars: [] ## Add init containers to the pod ## ## e.g. ## initContainers: ## - name: your-image-name ## image: your-image ## imagePullPolicy: Always ## ports: ## - name: portname ## containerPort: 1234 ## initContainers: [] serviceAccount: ## Specifies whether a service account should be created ## create: false ## Annotations to add to the service account ## annotations: {} ## The name of the service account to use. ## If not set and create is true, a name is generated using the fullname template ## name: podSecurityContext: {} ## fsGroup: 2000 ## ## Enable persistence using Persistent Volume Claims ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ ## persistence: enabled: true ## discourse & sidekiq data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## # storageClass: "-" ## ## If you want to reuse an existing claim, you can pass the name of the PVC using ## the existingClaim variable # existingClaim: your-claim accessMode: ReadWriteOnce size: 10Gi ## selector can be used to match an existing PersistentVolume ## selector: ## matchLabels: ## app: my-app selector: {} ## Kubernetes configuration ## For minikube, set this to NodePort, elsewhere use LoadBalancer or ClusterIP ## service: type: LoadBalancer ## HTTP Port ## port: 80 ## Node Ports to expose # nodePort: ## Use loadBalancerIP to request a specific static IP, # loadBalancerIP: ## Enable client source IP preservation ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip ## externalTrafficPolicy: Cluster annotations: {} ## Limits which cidr blocks can connect to service's load balancer ## Only valid if service.type: LoadBalancer ## loadBalancerSourceRanges: [] ## Extra ports to expose (normally used with the `sidecar` value) # extraPorts: ## nodePorts: ## http: ## nodePorts: http: '' ## Ingress parameters ## ingress: ## Set to true to enable ingress record generation ## enabled: false ## Set this to true in order to add the corresponding annotations for cert-manager ## certManager: false ## When the ingress is enabled, a host pointing to this will be created ## hostname: discourse.local ## Override API Version (automatically detected if not set) ## apiVersion: ## Ingress Path ## path: / ## Ingress Path type ## pathType: ImplementationSpecific ## Ingress annotations done as key:value pairs ## For a full list of possible ingress annotations, please see ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md ## ## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set ## annotations: {} ## Enable TLS configuration for the hostname defined at ingress.hostname parameter ## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }} ## You can use the ingress.secrets parameter to create this TLS secret or relay on cert-manager to create it ## tls: false ## The list of additional hostnames to be covered with this ingress record. ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array ## extraHosts: ## - name: discourse.local ## path: / ## ## The tls configuration for additional hostnames to be covered with this ingress record. ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls ## extraTls: ## - hosts: ## - discourse.local ## secretName: discourse.local-tls ## ## If you're providing your own certificates, please use this to add the certificates as secrets ## key and certificate should start with -----BEGIN CERTIFICATE----- or ## -----BEGIN RSA PRIVATE KEY----- ## ## name should line up with a tlsSecret set further up ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set ## ## It is also possible to create and manage the certificates outside of this helm chart ## Please see README.md for more information ## secrets: [] ## - name: discourse.local-tls ## key: ## certificate: ## ## Only really applicable for deployments with RWO PVs attached ## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the ## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will ## terminate the single previous pod, so that the new, incoming pod can attach to the PV ## Example: # updateStrategy: # type: RollingUpdate # rollingUpdate: # maxSurge: 25% # maxUnavailable: 25% updateStrategy: type: RollingUpdate ## Additional pod annotations ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} ## Additional pod labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## podLabels: {} ## Add labels to all the deployed resources ## commonLabels: {} ## Add annotations to all the deployed resources ## commonAnnotations: {} ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAffinityPreset: "" ## Pod anti-affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard ## podAntiAffinityPreset: soft ## Node affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity ## Allowed values: soft, hard ## nodeAffinityPreset: ## Node affinity type ## Allowed values: soft, hard ## type: "" ## Node label key to match ## E.g. ## key: "kubernetes.io/e2e-az-name" ## key: "" ## Node label values to match ## E.g. ## values: ## - e2e-az1 ## - e2e-az2 ## values: [] ## Affinity for pod assignment ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set ## affinity: {} ## Node labels for pod assignment ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} ## Tolerations for pod assignment ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] ## ## PostgreSQL chart configuration ## ## https://github.com/bitnami/charts/blob/master/bitnami/postgresql/values.yaml ## postgresql: ## Whether to deploy a postgresql server to satisfy the applications database requirements. To use an external database set this to false and configure the externalDatabase parameters ## enabled: true ## PostgreSQL user (has superuser privileges if username is `postgres`) ## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#setting-the-root-password-on-first-run ## postgresqlUsername: bn_discourse ## PostgreSQL password ## Defaults to a random 10-character alphanumeric string if not set ## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#setting-the-root-password-on-first-run ## # postgresqlPassword: ## PostgreSQL admin password (used when `postgresqlUsername` is not `postgres`) ## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#creating-a-database-user-on-first-run (see note!) ## postgresqlPostgresPassword: 'bitnami' ## Name of existing secret object ## The secret should contain the following keys: ## postgresql-postgres-password (for root user) ## postgresql-password (for the unprivileged user) ## # existingSecret: my-secret ## Create a database ## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#creating-a-database-on-first-run ## postgresqlDatabase: bitnami_application ## PostgreSQL data Persistent Volume Storage Class ## persistence: enabled: true ## ## External database configuration ## externalDatabase: ## Database host ## host: '' ## Database port ## port: 5432 ## non-root Username for Discourse Database ## user: bn_discourse ## Database password ## password: '' ## PostgreSQL create user/database ## If true it will add POSTGRESQL_CLIENT_* env vars to the deployment which will create the PostgreSQL user & database using the provided admin credentials ## create: true ## PostgreSQL admin user (used in the installation stage) ## postgresqlPostgresUser: '' ## PostgreSQL admin password (used in the installation stage) ## postgresqlPostgresPassword: '' ## Name of existing secret object ## The secret should contain the following keys: ## postgresql-postgres-password (for root user) ## postgresql-password (for the unprivileged user) ## # existingSecret: my-secret ## Database name ## database: bitnami_application ## Redis(TM) chart configuration ## ## https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml ## redis: ## Whether to deploy a redis server to satisfy the applications requirements. To use an external redis instance set this to false and configure the externalRedis parameters ## enabled: true ## Use password authentication ## auth: enabled: false ## Redis(TM) password (both master and slave) ## Defaults to a random 10-character alphanumeric string if not set and auth.enabled is true. ## It should always be set using the password value or in the existingSecret to avoid issues ## with Discourse. ## The password value is ignored if existingSecret is set # password: ## ## Name of existing secret object containing the password ## existingSecret: ## ## Password key to be retrieved from Redis(TM) secret ## existingSecretPasswordKey: 'redis-password' ## ## Cluster settings ## architecture: standalone ## ## Redis(TM) Master parameters ## master: persistence: enabled: true ## ## External Redis(TM) ## externalRedis: ## Redis(TM) host ## host: '' ## Redis(TM) port ## port: 6379 ## Redis(TM) password for authentication ## Ignored if existingSecret is set ## password: '' ## ## Name of existing secret object containing the password ## existingSecret: ## ## Password key to be retrieved from Redis(TM) secret ## existingSecretPasswordKey: 'redis-password'