Files
homelab/k8s/core/argocd/values.yaml
2025-04-06 19:54:48 +01:00

105 lines
2.5 KiB
YAML

# Argo CD Helm Chart Values
global:
domain: ag.hexor.cy
logging:
format: text
level: info
crds:
install: true
keep: true # Recommended to keep true so CRDs are not deleted on uninstall
configs:
params:
server.insecure: "true"
cm:
create: true
kustomize.buildOptions: --enable-helm
application.instanceLabelKey: argocd.argoproj.io/instance
admin.enabled: true
timeout.reconciliation: 60s
dex.config: |
connectors:
- type: oidc
id: authentik
name: Authentik
config:
issuer: https://auth.hexor.cy/application/o/argocd/
clientID: $dex.authentik.clientID
clientSecret: $dex.authentik.clientSecret
redirectURI: https://ag.hexor.cy/api/dex/callback
rbac:
create: true
policy.default: ""
policy.csv: |
g, k8s_dashboard, role:admin
secret:
createSecret: true
argocdServerAdminPassword: "" # <--- SET BCRYPT HASH HERE OR MANAGE EXTERNALLY
extra:
dex.authentik.clientID:
valueFrom:
secretKeyRef:
name: oidc-creds
key: client-id
dex.authentik.clientSecret:
valueFrom:
secretKeyRef:
name: oidc-creds
key: client-secret
controller:
replicas: 1
# Add resources (requests/limits), PDB etc. if needed
# Dex OIDC provider
dex:
enabled: true # Keep enabled unless using external OIDC/SAML directly
# Add resources, PDB etc. if needed
# Standard Redis disabled because Redis HA is enabled
redis:
enabled: false
# Redis HA (replaces standard Redis)
redis-ha:
enabled: true
# Default settings usually work, including auth via 'argocd-redis' secret.
# Assumes 'redisSecretInit' job is enabled (default) to create the secret.
haproxy:
enabled: true
redis:
config:
# Disable Redis disk persistence for cache performance (Argo CD uses it as a cache)
save: '""'
# Argo CD Server (API and UI)
server:
replicas: 1
ingress:
enabled: false
certificate:
enabled: false
certificateSecret:
enabled: false
# Repository Server
repoServer:
replicas: 1
# Add resources (requests/limits), PDB etc. if needed
# ApplicationSet Controller
applicationSet:
enabled: true # Enabled by default
replicas: 1
# Add resources (requests/limits), PDB etc. if needed
# Notifications Controller
notifications:
enabled: true # Enabled by default
# Add notifiers, triggers, templates configurations if needed