mirror of
https://github.com/bitnami/charts.git
synced 2026-03-11 15:37:20 +08:00
9d5238f55b
* [bitnami/nats] allow to modify jetstream store directory Signed-off-by: Javier Rodriguez <javier@chainloop.dev> * bump chart version Signed-off-by: Javier Rodriguez <javier@chainloop.dev> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * fix typo Signed-off-by: Javier Rodriguez <javier@chainloop.dev> --------- Signed-off-by: Javier Rodriguez <javier@chainloop.dev> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com>
123 lines
4.3 KiB
YAML
123 lines
4.3 KiB
YAML
{{- /*
|
|
Copyright Broadcom, Inc. All Rights Reserved.
|
|
SPDX-License-Identifier: APACHE-2.0
|
|
*/}}
|
|
|
|
{{/*
|
|
Return the NATS configuration.
|
|
ref: https://docs.nats.io/running-a-nats-service/configuration
|
|
*/}}
|
|
{{- define "nats.configuration" -}}
|
|
{{- if .Values.configuration }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.configuration "context" .) }}
|
|
{{- else }}
|
|
{{- if eq .Values.resourceType "statefulset" }}
|
|
server_name: $NATS_SERVER_NAME
|
|
{{- end }}
|
|
listen: 0.0.0.0:{{ .Values.containerPorts.client }}
|
|
http: 0.0.0.0:{{ .Values.containerPorts.monitoring }}
|
|
# Authorization for client connections
|
|
{{- if .Values.auth.enabled }}
|
|
authorization {
|
|
{{- if .Values.auth.token }}
|
|
token: {{ .Values.auth.token | quote }}
|
|
{{- else if .Values.auth.credentials }}
|
|
users: [
|
|
{{- range $cred := .Values.auth.credentials }}
|
|
{ user: {{ $cred.user | quote }}, password: {{ default (include "nats.randomPassword" $) $cred.password | quote }} },
|
|
{{- end }}
|
|
],
|
|
{{- end }}
|
|
timeout: {{ int .Values.auth.timeout }}
|
|
}
|
|
{{- if .Values.auth.noAuthUser }}
|
|
no_auth_user: {{ .Values.auth.noAuthUser | quote }}
|
|
{{- end }}
|
|
{{- end }}
|
|
# Logging options
|
|
debug: {{ ternary "true" "false" (or .Values.debug.enabled .Values.diagnosticMode.enabled) }}
|
|
trace: {{ ternary "true" "false" (or .Values.debug.trace .Values.diagnosticMode.enabled) }}
|
|
logtime: {{ ternary "true" "false" (or .Values.debug.logtime .Values.diagnosticMode.enabled) }}
|
|
# Pid file
|
|
pid_file: "/tmp/{{ .Values.natsFilename }}.pid"
|
|
# System overrides
|
|
{{- if .Values.maxConnections }}
|
|
max_connections: {{ int .Values.maxConnections }}
|
|
{{- end }}
|
|
{{- if .Values.maxControlLine }}
|
|
max_control_line: {{ int .Values.maxControlLine }}
|
|
{{- end }}
|
|
{{- if .Values.maxPayload }}
|
|
max_payload: {{ int .Values.maxPayload }}
|
|
{{- end }}
|
|
{{- if .Values.writeDeadline }}
|
|
write_deadline: {{ .Values.writeDeadline | quote }}
|
|
{{- end }}
|
|
{{- if .Values.tls.enabled }}
|
|
# TLS configuration
|
|
tls {
|
|
ca_file: /etc/certs/ca/tls.crt
|
|
cert_file: /etc/certs/server/tls.crt
|
|
key_file: /etc/certs/server/tls.key
|
|
timeout: 2
|
|
}
|
|
{{- end }}
|
|
{{- if gt (int .Values.replicaCount) 1 }}
|
|
{{- $clusterAuthPwd := default (include "nats.randomPassword" .) .Values.cluster.auth.password }}
|
|
# Clustering definition
|
|
cluster {
|
|
name: {{ .Values.cluster.name | quote }}
|
|
listen: 0.0.0.0:{{ .Values.containerPorts.cluster }}
|
|
{{- if .Values.cluster.auth.enabled }}
|
|
# Authorization for cluster connections
|
|
authorization {
|
|
user: {{ .Values.cluster.auth.user | quote }}
|
|
password: {{ $clusterAuthPwd | quote }}
|
|
timeout: 1
|
|
}
|
|
{{- end }}
|
|
# Routes are actively solicited and connected to from this server.
|
|
# Other servers can connect to us if they supply the correct credentials
|
|
# in their routes definitions from above
|
|
{{- $auth := ternary (printf "%s:%s@" .Values.cluster.auth.user $clusterAuthPwd) "" .Values.cluster.auth.enabled }}
|
|
{{- $domain := (printf "%s-headless" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" ) }}
|
|
{{- $stsPrefix := include "common.names.fullname" . }}
|
|
{{- $clusterPort := .Values.service.ports.cluster }}
|
|
routes = [
|
|
{{- range $podIndex := until (.Values.replicaCount | int) }}
|
|
nats://{{ $auth }}{{ $stsPrefix }}-{{ $podIndex }}.{{ $domain }}:{{ $clusterPort }}
|
|
{{- end }}
|
|
]
|
|
{{- if .Values.cluster.connectRetries }}
|
|
# Configure number of connect retries for implicit routes
|
|
connect_retries: {{ .Values.cluster.connectRetries }}
|
|
{{- end }}
|
|
}
|
|
{{- end }}
|
|
{{- if .Values.jetstream.enabled }}
|
|
# JetStream configuration
|
|
jetstream: enabled
|
|
jetstream {
|
|
store_dir: {{ .Values.jetstream.storeDirectory }}
|
|
max_memory_store: {{ .Values.jetstream.maxMemory }}
|
|
max_file_store: {{ .Values.persistence.size }}
|
|
}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
{{- if not .Values.existingSecret }}
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ template "common.names.fullname" . }}
|
|
namespace: {{ include "common.names.namespace" . | quote }}
|
|
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" . ) | nindent 4 }}
|
|
{{- if .Values.commonAnnotations }}
|
|
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" . ) | nindent 4 }}
|
|
{{- end }}
|
|
data:
|
|
{{ .Values.natsFilename }}.conf: |-
|
|
{{- include "common.tplvalues.render" (dict "value" (include "nats.configuration" .) "context" .) | b64enc | nindent 4 }}
|
|
{{- end }}
|