jan/openreplay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openreplay/scripts/helmcharts/vars.yaml
rjshrjndrn 664f6b9014 feat(helm): add TOKEN_SECRET environment variable 
Add TOKEN_SECRET environment variable to HTTP service deployment and
generate a random value for it in vars.yaml.

Signed-off-by: rjshrjndrn <rjshrjndrn@gmail.com>
2025-03-24 16:53:06 +01:00

192 lines
5.5 KiB
YAML
Raw Permalink Blame History

fromVersion: "v1.22.0"
# Databases specific variables
postgresql: &postgres
# For generating passwords
# `openssl rand -hex 20`
postgresqlPassword: "{{ randAlphaNum 20}}"
postgresqlHost: "postgresql.db.svc.cluster.local"
postgresqlPort: "5432"
postgresqlUser: "postgres"
postgresqlDatabase: "postgres"
# resources:
# requests:
# memory: 256Mi
# cpu: 250m
# limits:
# memory: 3000Mi
# asdf
# cpu: 2
# For enterpriseEdition
connector: &connector
enabled: false
clickhouse: &clickhouse
enabled: true
chHost: clickhouse-openreplay-clickhouse.db.svc.cluster.local
username: default
password: ""
service:
webPort: 9000
dataPort: 8123
# For enterpriseEdition
quickwit: &quickwit
enabled: false
kafka: &kafka
# For enterpriseEdition
# enabled: true
kafkaHost: "kafka.db.svc.cluster.local"
# For now, clickhouse doesn't support zookeeper tls intgration.
# So we need http endpoint
zookeeperHost: "databases-zookeeper.svc.cluster.local"
zookeeperNonTLSPort: 2181
kafkaPort: "9092"
kafkaUseSsl: "false"
maxMessageBytes: _3145728
# deleteTopicEnable: true
extraEnvVars:
- name: KAFKA_CFG_REPLICA_FETCH_MAX_BYTES
value: "3145728"
# This value already exists in the kafka values.yaml file, so overriding in top
# - name: KAFKA_CFG_MESSAGE_MAX_BYTES
# value: "3000000"
redis: &redis
enabled: true
redisHost: "redis-master.db.svc.cluster.local"
redisPort: "6379"
minio:
# Disable this if you use an external object storage service (s3)
enabled: true
global:
minio:
# For generating passwords
# `openssl rand -hex 20`
accessKey: &accessKey "{{ randAlphaNum 20 }}"
secretKey: &secretKey "{{ randAlphaNum 20 }}"
ingress-nginx: &ingress-nginx
# If you're using an external proxy in front of OpenReplay, update the proxy ports below.
# externalProxyPorts:
# http: 80
# https: 443
controller:
ingressClassResource:
# -- Name of the ingressClass
name: openreplay
# -- For backwards compatibility with ingress.class annotation, use ingressClass.
# Algorithm is as follows, first ingressClassName is considered, if not present, controller looks for ingress.class annotation
ingressClass: openreplay
addHeaders:
# Enable only if you know what you're doing!!!
# X-Frame-Options: "DENY"
X-XSS-Protection: "1; mode=block"
X-Content-Type-Options: "nosniff"
Referrer-Policy: "same-origin"
service:
externalTrafficPolicy: "Local"
ports:
http: 80
https: 443
extraArgs:
default-ssl-certificate: "app/openreplay-ssl"
config:
use-gzip: true
load-balance: ewma
enable-real-ip: true
# Enable LB forwarded protocol
# Ref: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#use-forwarded-headers
# https://github.com/nginxinc/kubernetes-ingress/issues/1284#issuecomment-872869354
# use-forwarded-headers: true
# Ref: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#max-worker-connections
max-worker-connections: 0
# SSL redirection
ssl-redirect: false
force-ssl-redirect: false
proxy-body-size: 10m
# Application specific variables
global:
ingress: *ingress-nginx
postgresql: *postgres
kafka: *kafka
redis: *redis
quickwit: *quickwit
clickhouse: *clickhouse
connector: *connector
# Registry URL from where the OR images should be pulled.
openReplayContainerRegistry: "public.ecr.aws/p1t3u8a3"
# secret key to inject to assist and peers service
assistKey: "{{ randAlphaNum 20}}"
assistJWTSecret: "{{ randAlphaNum 20}}"
jwtSecret: "{{ randAlphaNum 20}}"
jwtSpotSecret: "{{ randAlphaNum 20}}"
tokenSecret: "{{randAlphaNum 20}}"
# In case of multiple nodes in the kubernetes cluster,
# we'll have to create an RWX PVC for shared components.
# If it's a single node, we'll use hostVolume, which is the default for the community/oss edition.
pvcRWXName: "hostPath"
s3:
region: "us-east-1"
# if you're using iam roles for authentication, keep the value empty.
# endpoint: ""
endpoint: "http://minio.db.svc.cluster.local:9000"
assetsBucket: "sessions-assets"
recordingsBucket: "mobs"
sourcemapsBucket: "sourcemaps"
spotsBucket: "spots"
# This is only for enterpriseEdition
quickwitBucket: "quickwit"
assistRecordsBucket: "records"
vaultBucket: "vault-data"
# if you're using one node installation, where
# you're using local s3, make sure these variables
# are same as minio.global.minio.accesskey and secretKey
accessKey: *accessKey
secretKey: *secretKey
email:
emailHost: ""
emailPort: "587"
emailUser: ""
emailPassword: ""
emailUseTls: "true"
emailUseSsl: "false"
emailSslKey: ""
emailSslCert: ""
emailFrom: "OpenReplay<do-not-reply@openreplay.com>"
enterpriseEditionLicense: ""
domainName: ""
chalice:
env:
JWT_REFRESH_SECRET: "{{ randAlphaNum 20}}"
JWT_SPOT_REFRESH_SECRET: "{{ randAlphaNum 20}}"
# captcha_server: ''
# captcha_key: ''
# SAML2_MD_URL: ''
# idp_entityId: ''
# idp_sso_url: ''
# idp_x509cert: ''
# idp_sls_url: ''
# idp_name: ''
# idp_tenantKey: ''
# enforce_SSO: 'false'
# Below is an example on how to override values
# chartname:
# filedFrom chart/Values.yaml:
# key: value
#
# For example (http):
# http:
# resources:
# limits:
# cpu: 1024m
# memory: 4096Mi
# requests:
# cpu: 512m
# memory: 2056Mi
Reference in a new issue View git blame Copy permalink