# Argo CD Helm Chart Values

global:
  domain: ag.hexor.cy
  logging:
    format: text
    level: info

crds:
  install: true
  keep: true # Recommended to keep true so CRDs are not deleted on uninstall

configs:
  params:
    server.insecure: "true"
  cm:
    create: true
    kustomize.buildOptions: --enable-helm
    application.instanceLabelKey: argocd.argoproj.io/instance
    admin.enabled: true
    timeout.reconciliation: 60s
    oidc.config: |
      name: Authentik
      issuer: https://idm.hexor.cy/application/o/argocd/
      clientID: $oidc-creds:id
      clientSecret: $oidc-creds:secret
      requestedScopes: ["openid", "profile", "email", "groups"]
      requestedIDTokenClaims: {"groups": {"essential": true}}
  rbac:
    create: true
    policy.default: ""
    policy.csv: |
      g, k8s_dashboard, role:admin

  secret:
    createSecret: true
    argocdServerAdminPassword: "" # <--- SET BCRYPT HASH HERE OR MANAGE EXTERNALLY

controller:
  replicas: 1
  nodeSelector:
    kubernetes.io/hostname: master.tail2fe2d.ts.net
  # Add resources (requests/limits), PDB etc. if needed

# Dex OIDC provider
dex:
  replicas: 1
  nodeSelector:
    kubernetes.io/hostname: master.tail2fe2d.ts.net
  enabled: false

# Standard Redis disabled because Redis HA is enabled
redis:
  enabled: false

# Redis HA (replaces standard Redis)
redis-ha:
  enabled: true
  # Default settings usually work, including auth via 'argocd-redis' secret.
  # Assumes 'redisSecretInit' job is enabled (default) to create the secret.
  haproxy:
    enabled: true
  redis:
    config:
      # Disable Redis disk persistence for cache performance (Argo CD uses it as a cache)
      save: '""'

# Argo CD Server (API and UI)
server:
  replicas: 1
  nodeSelector:
    kubernetes.io/hostname: master.tail2fe2d.ts.net
  ingress:
    enabled: false

  certificate:
    enabled: false 

  certificateSecret:
    enabled: false

# Repository Server
repoServer:
  replicas: 1
  nodeSelector:
    kubernetes.io/hostname: master.tail2fe2d.ts.net
  # Add resources (requests/limits), PDB etc. if needed

# ApplicationSet Controller
applicationSet:
  enabled: true # Enabled by default
  replicas: 1
  nodeSelector:
    kubernetes.io/hostname: master.tail2fe2d.ts.net
  # Add resources (requests/limits), PDB etc. if needed

# Notifications Controller
notifications:
  enabled: true # Enabled by default
  replicas: 1
  nodeSelector:
    kubernetes.io/hostname: master.tail2fe2d.ts.net
  # Add notifiers, triggers, templates configurations if needed