mirror of
https://github.com/plankanban/planka.git
synced 2025-07-18 20:59:44 +02:00
182 lines
4.9 KiB
YAML
182 lines
4.9 KiB
YAML
# Default values for planka.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
replicaCount: 1
|
|
|
|
image:
|
|
repository: ghcr.io/plankanban/planka
|
|
pullPolicy: IfNotPresent
|
|
# Overrides the image tag whose default is the chart appVersion.
|
|
tag: ""
|
|
|
|
imagePullSecrets: []
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
# Generate a secret using openssl rand -base64 45
|
|
secretkey: ""
|
|
|
|
# Base url for Planka. Will override `ingress.hosts[0].host`
|
|
# Defaults to `http://localhost:3000` if ingress is disabled.
|
|
baseUrl: ""
|
|
|
|
serviceAccount:
|
|
# Specifies whether a service account should be created
|
|
create: true
|
|
# Annotations to add to the service account
|
|
annotations: {}
|
|
# The name of the service account to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name: ""
|
|
|
|
podAnnotations: {}
|
|
|
|
podSecurityContext: {}
|
|
# fsGroup: 2000
|
|
|
|
securityContext: {}
|
|
# capabilities:
|
|
# drop:
|
|
# - ALL
|
|
# readOnlyRootFilesystem: true
|
|
# runAsNonRoot: true
|
|
# runAsUser: 1000
|
|
|
|
service:
|
|
type: ClusterIP
|
|
port: 1337
|
|
## @param service.containerPort Planka HTTP container port
|
|
## If empty will default to 1337
|
|
##
|
|
containerPort: 1337
|
|
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
annotations: {}
|
|
# kubernetes.io/ingress.class: nginx
|
|
# kubernetes.io/tls-acme: "true"
|
|
hosts:
|
|
# Used to set planka BASE_URL if no `baseurl` is provided.
|
|
- host: planka.local
|
|
paths:
|
|
- path: /
|
|
pathType: ImplementationSpecific
|
|
tls: []
|
|
# - secretName: planka-tls
|
|
# hosts:
|
|
# - planka.local
|
|
|
|
resources: {}
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
|
|
autoscaling:
|
|
enabled: false
|
|
minReplicas: 1
|
|
maxReplicas: 100
|
|
targetCPUUtilizationPercentage: 80
|
|
# targetMemoryUtilizationPercentage: 80
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|
|
|
|
postgresql:
|
|
enabled: true
|
|
auth:
|
|
database: planka
|
|
username: planka
|
|
password: ""
|
|
postgresPassword: ""
|
|
replicationPassword: ""
|
|
# existingSecret: planka-postgresql
|
|
serviceBindings:
|
|
enabled: true
|
|
|
|
## Set this if you disable the built-in postgresql deployment
|
|
dburl:
|
|
|
|
## PVC-based data storage configuration
|
|
persistence:
|
|
enabled: false
|
|
# existingClaim: netbox-data
|
|
# storageClass: "-"
|
|
accessMode: ReadWriteOnce
|
|
size: 10Gi
|
|
|
|
## OpenID Identity Management configuration
|
|
##
|
|
## Example:
|
|
## ---------------
|
|
## oidc:
|
|
## enabled: true
|
|
## clientId: sxxaAIAxVXlCxTmc1YLHBbQr8NL8MqLI2DUbt42d
|
|
## clientSecret: om4RTMRVHRszU7bqxB7RZNkHIzA8e4sGYWxeCwIMYQXPwEBWe4SY5a0wwCe9ltB3zrq5f0dnFnp34cEHD7QSMHsKvV9AiV5Z7eqDraMnv0I8IFivmuV5wovAECAYreSI
|
|
## issuerUrl: https://auth.local/application/o/planka/
|
|
## admin:
|
|
## roles:
|
|
## - planka-admin
|
|
##
|
|
## ---------------
|
|
## NOTE: A minimal configuration requires setting `clientId`, `clientSecret` and `issuerUrl`. (plus `admin.roles` for administrators)
|
|
## ref: https://docs.planka.cloud/docs/Configuration/OIDC
|
|
##
|
|
oidc:
|
|
## @param oidc.enabled Enable single sign-on (SSO) with OpenID Connect (OIDC)
|
|
##
|
|
enabled: false
|
|
|
|
## OIDC credentials
|
|
## @param oidc.clientId A string unique to the provider that identifies your app.
|
|
## @param oidc.clientSecret A secret string that the provider uses to confirm ownership of a client ID.
|
|
##
|
|
## NOTE: Either specify inline `clientId` and `clientSecret` or refer to them via `existingSecret`
|
|
##
|
|
clientId: ""
|
|
clientSecret: ""
|
|
|
|
## @param oidc.existingSecret Name of an existing secret containing OIDC credentials
|
|
## NOTE: Must contain key `clientId` and `clientSecret`
|
|
## NOTE: When it's set, the `clientId` and `clientSecret` parameters are ignored
|
|
##
|
|
existingSecret: ""
|
|
|
|
## @param oidc.issuerUrl The OpenID connect metadata document endpoint
|
|
##
|
|
issuerUrl: ""
|
|
|
|
## @param oidc.scopes A list of scopes required for OIDC client.
|
|
## If empty will default to `openid`, `profile` and `email`
|
|
## NOTE: Planka needs the email and name claims
|
|
##
|
|
scopes: []
|
|
|
|
## Admin permissions configuration
|
|
admin:
|
|
## @param oidc.admin.ignoreRoles If set to true, the admin roles will be ignored.
|
|
## It is useful if you want to use OIDC for authentication but not for authorization.
|
|
## If empty will default to `false`
|
|
##
|
|
ignoreRoles: false
|
|
|
|
## @param oidc.admin.rolesAttribute The name of a custom group claim that you have configured in your OIDC provider
|
|
## If empty will default to `groups`
|
|
##
|
|
rolesAttribute: groups
|
|
|
|
## @param oidc.admin.roles The names of the admin groups
|
|
##
|
|
roles: []
|
|
# - planka-admin
|