forked from ab/homelab
109 lines
2.9 KiB
YAML
109 lines
2.9 KiB
YAML
# Argo CD Helm Chart Values
|
|
# Includes Redis HA, Ingress for Traefik/cert-manager, and global Kustomize Helm support.
|
|
|
|
global:
|
|
# Default domain (can be overridden in ingress)
|
|
domain: ag.hexor.cy
|
|
logging:
|
|
format: text
|
|
level: info
|
|
|
|
crds:
|
|
install: true
|
|
keep: true # Recommended to keep true so CRDs are not deleted on uninstall
|
|
|
|
configs:
|
|
# Settings for argocd-cm ConfigMap
|
|
cm:
|
|
create: true
|
|
# --- GLOBAL KUSTOMIZE OPTION ---
|
|
# Enables --enable-helm flag for all Kustomize builds managed by this Argo CD instance
|
|
kustomize.buildOptions: --enable-helm
|
|
# ----------------------------------
|
|
# Standard/recommended values:
|
|
application.instanceLabelKey: argocd.argoproj.io/instance
|
|
admin.enabled: true
|
|
timeout.reconciliation: 180s
|
|
# Add other necessary keys for argocd-cm here
|
|
|
|
# Settings for argocd-rbac-cm ConfigMap
|
|
rbac:
|
|
create: true
|
|
policy.default: ""
|
|
# policy.csv: |
|
|
# p, role:org-admin, applications, *, */*, allow
|
|
# g, your-github-group, role:org-admin
|
|
|
|
# Settings for argocd-secret Secret
|
|
secret:
|
|
createSecret: true
|
|
# IMPORTANT: Set admin password hash below or manage the secret externally.
|
|
# How to generate hash: htpasswd -nbBC 10 "" PASSWORD | tr -d ':\n' | sed 's/$2y/$2a/'
|
|
argocdServerAdminPassword: "" # <--- SET BCRYPT HASH HERE OR MANAGE EXTERNALLY
|
|
# Add other secrets like webhook secrets, OIDC client secrets etc. if needed
|
|
# githubSecret: ""
|
|
# gitlabSecret: ""
|
|
|
|
# Application Controller
|
|
controller:
|
|
replicas: 1
|
|
# Add resources (requests/limits), PDB etc. if needed
|
|
|
|
# Dex OIDC provider
|
|
dex:
|
|
enabled: true # Keep enabled unless using external OIDC/SAML directly
|
|
# Add resources, PDB etc. if needed
|
|
|
|
# Standard Redis disabled because Redis HA is enabled
|
|
redis:
|
|
enabled: false
|
|
|
|
# Redis HA (replaces standard Redis)
|
|
redis-ha:
|
|
enabled: true
|
|
# Default settings usually work, including auth via 'argocd-redis' secret.
|
|
# Assumes 'redisSecretInit' job is enabled (default) to create the secret.
|
|
haproxy:
|
|
enabled: true
|
|
redis:
|
|
config:
|
|
# Disable Redis disk persistence for cache performance (Argo CD uses it as a cache)
|
|
save: '""'
|
|
|
|
# Argo CD Server (API and UI)
|
|
server:
|
|
replicas: 1
|
|
|
|
# Ingress settings
|
|
ingress:
|
|
enabled: true
|
|
hostname: ag.hexor.cy
|
|
ingressClassName: traefik
|
|
servicePort: https
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt
|
|
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
tls: true
|
|
|
|
certificate:
|
|
enabled: false
|
|
|
|
certificateSecret:
|
|
enabled: false
|
|
|
|
# Repository Server
|
|
repoServer:
|
|
replicas: 1
|
|
# Add resources (requests/limits), PDB etc. if needed
|
|
|
|
# ApplicationSet Controller
|
|
applicationSet:
|
|
enabled: true # Enabled by default
|
|
replicas: 1
|
|
# Add resources (requests/limits), PDB etc. if needed
|
|
|
|
# Notifications Controller
|
|
notifications:
|
|
enabled: true # Enabled by default
|
|
# Add notifiers, triggers, templates configurations if needed
|