181 lines
5.2 KiB
YAML
181 lines
5.2 KiB
YAML
fromVersion: "v1.17.0"
|
|
# Databases specific variables
|
|
postgresql: &postgres
|
|
# For generating passwords
|
|
# `openssl rand -hex 20`
|
|
postgresqlPassword: "changeMePassword"
|
|
postgresqlHost: "postgresql.db.svc.cluster.local"
|
|
postgresqlPort: "5432"
|
|
postgresqlUser: "postgres"
|
|
postgresqlDatabase: "postgres"
|
|
# resources:
|
|
# requests:
|
|
# memory: 256Mi
|
|
# cpu: 250m
|
|
# limits:
|
|
# memory: 3000Mi
|
|
# asdf
|
|
# cpu: 2
|
|
|
|
clickhouse: &clickhouse
|
|
# For enterpriseEdition
|
|
enabled: false
|
|
chHost: clickhouse-openreplay-clickhouse.db.svc.cluster.local
|
|
username: default
|
|
password: ""
|
|
service:
|
|
webPort: 9000
|
|
|
|
quickwit: &quickwit
|
|
# For enterpriseEdition
|
|
enabled: false
|
|
|
|
kafka: &kafka
|
|
# For enterpriseEdition
|
|
# enabled: true
|
|
kafkaHost: "kafka.db.svc.cluster.local"
|
|
# For now, clickhouse doesn't support zookeeper tls intgration.
|
|
# So we need http endpoint
|
|
zookeeperHost: "databases-zookeeper.svc.cluster.local"
|
|
zookeeperNonTLSPort: 2181
|
|
kafkaPort: "9092"
|
|
kafkaUseSsl: "false"
|
|
maxMessageBytes: _3145728
|
|
# deleteTopicEnable: true
|
|
extraEnvVars:
|
|
- name: KAFKA_CFG_REPLICA_FETCH_MAX_BYTES
|
|
value: "3145728"
|
|
# This value already exists in the kafka values.yaml file, so overriding in top
|
|
# - name: KAFKA_CFG_MESSAGE_MAX_BYTES
|
|
# value: "3000000"
|
|
|
|
redis: &redis
|
|
enabled: true
|
|
redisHost: "redis-master.db.svc.cluster.local"
|
|
redisPort: "6379"
|
|
|
|
minio:
|
|
# Disable this if you use an external object storage service (s3)
|
|
enabled: true
|
|
global:
|
|
minio:
|
|
# For generating passwords
|
|
# `openssl rand -hex 20`
|
|
accessKey: "changeMeMinioAccessKey"
|
|
secretKey: "changeMeMinioPassword"
|
|
|
|
ingress-nginx: &ingress-nginx
|
|
# If you're using an external proxy in front of OpenReplay, update the proxy ports below.
|
|
# externalProxyPorts:
|
|
# http: 80
|
|
# https: 443
|
|
controller:
|
|
ingressClassResource:
|
|
# -- Name of the ingressClass
|
|
name: openreplay
|
|
# -- For backwards compatibility with ingress.class annotation, use ingressClass.
|
|
# Algorithm is as follows, first ingressClassName is considered, if not present, controller looks for ingress.class annotation
|
|
ingressClass: openreplay
|
|
addHeaders:
|
|
# Enable only if you know what you're doing!!!
|
|
# X-Frame-Options: "DENY"
|
|
X-XSS-Protection: "1; mode=block"
|
|
X-Content-Type-Options: "nosniff"
|
|
Referrer-Policy: "same-origin"
|
|
service:
|
|
externalTrafficPolicy: "Local"
|
|
ports:
|
|
http: 80
|
|
https: 443
|
|
extraArgs:
|
|
default-ssl-certificate: "app/openreplay-ssl"
|
|
config:
|
|
use-gzip: true
|
|
load-balance: ewma
|
|
enable-real-ip: true
|
|
# Enable LB forwarded protocol
|
|
# Ref: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#use-forwarded-headers
|
|
# https://github.com/nginxinc/kubernetes-ingress/issues/1284#issuecomment-872869354
|
|
# use-forwarded-headers: true
|
|
# Ref: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#max-worker-connections
|
|
max-worker-connections: 0
|
|
# SSL redirection
|
|
ssl-redirect: false
|
|
force-ssl-redirect: false
|
|
proxy-body-size: 10m
|
|
|
|
# Application specific variables
|
|
global:
|
|
ingress: *ingress-nginx
|
|
postgresql: *postgres
|
|
kafka: *kafka
|
|
redis: *redis
|
|
quickwit: *quickwit
|
|
clickhouse: *clickhouse
|
|
# Registry URL from where the OR images should be pulled.
|
|
openReplayContainerRegistry: "public.ecr.aws/p1t3u8a3"
|
|
# secret key to inject to assist and peers service
|
|
assistKey: "SetARandomStringHere"
|
|
assistJWTSecret: "SetARandomStringHere"
|
|
# In case of multiple nodes in the kubernetes cluster,
|
|
# we'll have to create an RWX PVC for shared components.
|
|
# If it's a single node, we'll use hostVolume, which is the default for the community/oss edition.
|
|
pvcRWXName: "hostPath"
|
|
s3:
|
|
region: "us-east-1"
|
|
endpoint: "http://minio.db.svc.cluster.local:9000"
|
|
assetsBucket: "sessions-assets"
|
|
recordingsBucket: "mobs"
|
|
sourcemapsBucket: "sourcemaps"
|
|
# This is only for enterpriseEdition
|
|
quickwitBucket: "quickwit"
|
|
assistRecordsBucket: "records"
|
|
vaultBucket: "vault-data"
|
|
# if you're using one node installation, where
|
|
# you're using local s3, make sure these variables
|
|
# are same as minio.global.minio.accesskey and secretKey
|
|
accessKey: "changeMeMinioAccessKey"
|
|
secretKey: "changeMeMinioPassword"
|
|
email:
|
|
emailHost: ''
|
|
emailPort: '587'
|
|
emailUser: ''
|
|
emailPassword: ''
|
|
emailUseTls: 'true'
|
|
emailUseSsl: 'false'
|
|
emailSslKey: ''
|
|
emailSslCert: ''
|
|
emailFrom: 'OpenReplay<do-not-reply@openreplay.com>'
|
|
|
|
enterpriseEditionLicense: ""
|
|
domainName: ""
|
|
|
|
chalice:
|
|
env:
|
|
jwt_secret: "SetARandomStringHere"
|
|
# captcha_server: ''
|
|
# captcha_key: ''
|
|
# SAML2_MD_URL: ''
|
|
# idp_entityId: ''
|
|
# idp_sso_url: ''
|
|
# idp_x509cert: ''
|
|
# idp_sls_url: ''
|
|
# idp_name: ''
|
|
# idp_tenantKey: ''
|
|
# enforce_SSO: 'false'
|
|
|
|
# Below is an example on how to override values
|
|
# chartname:
|
|
# filedFrom chart/Values.yaml:
|
|
# key: value
|
|
#
|
|
# For example (http):
|
|
# http:
|
|
# resources:
|
|
# limits:
|
|
# cpu: 1024m
|
|
# memory: 4096Mi
|
|
# requests:
|
|
# cpu: 512m
|
|
# memory: 2056Mi
|
|
|