Adrien
251 lines
7.2 KiB
YAML
251 lines
7.2 KiB
YAML
# Default values for garage.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
# -- Additional labels to add to all resources created by this chart
|
|
commonLabels: {}
|
|
# app.kubernetes.io/part-of: storage
|
|
# team: platform
|
|
|
|
# Garage configuration. These values go to garage.toml
|
|
garage:
|
|
# -- Can be changed for better performance on certain systems
|
|
# https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#db_engine
|
|
dbEngine: "lmdb"
|
|
|
|
# -- Defaults is 1MB
|
|
# An increase can result in better performance in certain scenarios
|
|
# https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#block_size
|
|
blockSize: "1048576"
|
|
|
|
# -- Single-node cluster
|
|
# https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#replication_factor
|
|
replicationFactor: "1"
|
|
|
|
# -- By default, enable read-after-write consistency guarantees, see the consistency_mode section at
|
|
# https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#consistency_mode
|
|
consistencyMode: "consistent"
|
|
|
|
# -- zstd compression level of stored blocks
|
|
# https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#compression_level
|
|
compressionLevel: "1"
|
|
|
|
# -- If this value is set, Garage will automatically take a snapshot of the metadata DB file at a regular interval and save it in the metadata directory.
|
|
# https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#metadata_auto_snapshot_interval
|
|
metadataAutoSnapshotInterval: ""
|
|
|
|
rpcBindAddr: "[::]:3901"
|
|
# -- If not given, a random secret will be generated and stored in a Secret object
|
|
rpcSecret: ""
|
|
# -- If you want to provide an rpcSecret within an existing k8s secret,
|
|
# specify the secret name here, and store the value under the secret key `rpcSecret`
|
|
# the default secret will not be created
|
|
existingRpcSecret: ""
|
|
# -- This is not required if you use the integrated kubernetes discovery
|
|
bootstrapPeers: []
|
|
# -- Set to true if you want to use k8s discovery but install the CRDs manually outside
|
|
# of the helm chart, for example if you operate at namespace level without cluster resources
|
|
kubernetesSkipCrd: false
|
|
s3:
|
|
api:
|
|
region: "garage"
|
|
rootDomain: ".s3.immich-ad.ovh"
|
|
web:
|
|
rootDomain: ".web.immich-ad.ovh"
|
|
index: "index.html"
|
|
|
|
# -- Additional configuration to append to garage.toml. Use a multi-line string for custom config.
|
|
# Example:
|
|
# additionalTopLevelConfig: |-
|
|
# data_fsync = true
|
|
additionalTopLevelConfig: ""
|
|
|
|
# -- if not empty string, allow using an existing ConfigMap for the garage.toml,
|
|
# if set, ignores garage.toml
|
|
existingConfigMap: ""
|
|
|
|
# -- String Template for the garage configuration
|
|
# if set, ignores above values.
|
|
# Values can be templated,
|
|
# see https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/
|
|
garageTomlString: ""
|
|
|
|
# Data persistence
|
|
persistence:
|
|
enabled: true
|
|
meta:
|
|
storageClass: "local-storage"
|
|
size: 1Gi
|
|
# used only for daemon sets
|
|
hostPath: /var/lib/garage/meta
|
|
data:
|
|
storageClass: "local-storage"
|
|
size: 50Gi
|
|
# used only for daemon sets
|
|
hostPath: /var/lib/garage/data
|
|
|
|
# Deployment configuration
|
|
deployment:
|
|
# -- Switchable to DaemonSet
|
|
kind: StatefulSet
|
|
# -- Single-node cluster
|
|
replicaCount: 1
|
|
# -- If using statefulset, allow Parallel or OrderedReady (default)
|
|
podManagementPolicy: OrderedReady
|
|
|
|
image:
|
|
# -- arm64 image for Raspberry Pi
|
|
repository: dxflrs/arm64_garage
|
|
# -- set the image tag, please prefer using the chart version and not this
|
|
# to avoid compatibility issues
|
|
tag: ""
|
|
pullPolicy: IfNotPresent
|
|
|
|
initImage:
|
|
repository: busybox
|
|
tag: stable
|
|
pullPolicy: IfNotPresent
|
|
|
|
# -- set if you need credentials to pull your custom image
|
|
imagePullSecrets: []
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
serviceAccount:
|
|
# -- Specifies whether a service account should be created
|
|
create: true
|
|
# -- Annotations to add to the service account
|
|
annotations: {}
|
|
# -- The name of the service account to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name: ""
|
|
|
|
# -- additional pod annotations
|
|
podAnnotations: {}
|
|
|
|
podSecurityContext:
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
fsGroup: 1000
|
|
fsGroupChangePolicy: "OnRootMismatch"
|
|
runAsNonRoot: true
|
|
|
|
securityContext:
|
|
# -- The default security context is heavily restricted,
|
|
# feel free to tune it to your requirements
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
|
|
service:
|
|
# -- You can rely on any service to expose your cluster
|
|
# - ClusterIP (+ Ingress)
|
|
# - NodePort (+ Ingress)
|
|
# - LoadBalancer
|
|
type: ClusterIP
|
|
# -- Annotations to add to the service
|
|
annotations: {}
|
|
s3:
|
|
api:
|
|
port: 3900
|
|
web:
|
|
port: 3902
|
|
# NOTE: the admin API is excluded for now as it is not consistent across nodes
|
|
|
|
ingress:
|
|
s3:
|
|
api:
|
|
enabled: true
|
|
className: "traefik"
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
labels: {}
|
|
hosts:
|
|
# -- garage S3 API endpoint, path-style access
|
|
- host: "s3.immich-ad.ovh"
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
# Virtual-hosted-style (*.s3.immich-ad.ovh) requires DNS-01 — omitted
|
|
tls:
|
|
- secretName: garage-s3-tls
|
|
hosts:
|
|
- s3.immich-ad.ovh
|
|
web:
|
|
enabled: true
|
|
className: "traefik"
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
labels: {}
|
|
hosts:
|
|
- host: "*.web.immich-ad.ovh"
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls: []
|
|
|
|
resources:
|
|
limits:
|
|
cpu: 500m
|
|
memory: 512Mi
|
|
requests:
|
|
cpu: 100m
|
|
memory: 256Mi
|
|
|
|
# -- Specifies a livenessProbe
|
|
# NOTE: disabled — /health returns 503 until garage layout is initialized.
|
|
# Re-enable after running: garage layout assign + garage layout apply
|
|
livenessProbe: {}
|
|
# httpGet:
|
|
# path: /health
|
|
# port: 3903
|
|
# initialDelaySeconds: 10
|
|
# periodSeconds: 30
|
|
# -- Specifies a readinessProbe
|
|
readinessProbe: {}
|
|
# httpGet:
|
|
# path: /health
|
|
# port: 3903
|
|
# initialDelaySeconds: 5
|
|
# periodSeconds: 30
|
|
# failureThreshold: 3
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|
|
|
|
# -- Optional priority class name to assign to the pods.
|
|
# See https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
|
|
priorityClassName: ""
|
|
|
|
environment: {}
|
|
|
|
extraVolumes: {}
|
|
|
|
extraVolumeMounts: {}
|
|
|
|
monitoring:
|
|
metrics:
|
|
# -- If true, a service for monitoring is created with a prometheus.io/scrape annotation
|
|
enabled: false
|
|
serviceMonitor:
|
|
# -- If true, a ServiceMonitor CRD is created for a prometheus operator
|
|
# https://github.com/coreos/prometheus-operator
|
|
enabled: false
|
|
path: /metrics
|
|
# namespace: monitoring (defaults to use the namespace this chart is deployed to)
|
|
labels: {}
|
|
interval: 15s
|
|
scheme: http
|
|
tlsConfig: {}
|
|
scrapeTimeout: 10s
|
|
relabelings: []
|
|
tracing:
|
|
# -- specify a sink endpoint for OpenTelemetry Traces, eg. `http://localhost:4317`
|
|
sink: ""
|