This repository has been archived by the owner on Feb 2, 2021. It is now read-only.
/
example.init.yaml
165 lines (139 loc) · 4.5 KB
/
example.init.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
orchestration: kubernetes
secrets:
### Generated secrets (do not edit)
- name: s3-secret-key
namespace: "openfaas-fn"
literals:
- name: s3-secret-key
- name: s3-access-key
literals:
- name: s3-access-key
namespace: "openfaas-fn"
- name: basic-auth
literals:
- name: basic-auth-user
value: admin
- name: basic-auth-password
value: ""
namespace: "openfaas"
- name: "payload-secret"
literals:
- name: payload-secret
value: ""
namespace: "openfaas"
- name: "jwt-private-key"
files:
- name: "key"
value_from: "./tmp/key"
value_command: "openssl ecparam -genkey -name prime256v1 -noout -out ./tmp/key"
namespace: "openfaas"
- name: "jwt-public-key"
files:
- name: "key.pub"
value_from: "./tmp/key.pub"
value_command: "openssl ec -in ./tmp/key -pubout -out ./tmp/key.pub"
namespace: "openfaas"
### User-input
### In this section, you must populate all your secrets or secret file-locations
### and your desired configuration.
### For more information see: https://github.com/openfaas/openfaas-cloud/tree/master/docs
# Value you entered into the GitHub App UI, or generate random password if left blank
- name: "github-webhook-secret"
literals:
- name: "github-webhook-secret"
value: ""
namespace: "openfaas-fn"
# Download from GitHub App on GitHub UI
- name: "private-key"
files:
- name: "private-key"
value_from: "~/Downloads/private-key.pem"
namespace: "openfaas-fn"
# Populate your OAuth client_secret
- name: "of-client-secret"
literals:
- name: of-client-secret
value: "79163355e553b477957d977b0b8addd3c42ff52d"
namespace: "openfaas"
# DNS Service Account secret
## Use DigitalOcean
- name: "digitalocean-dns"
files:
- name: "access-token"
value_from: "~/Downloads/do-access-token"
namespace: "cert-manager"
## Use Google Cloud DNS
# - name: "clouddns-service-account"
# files:
# - name: "service-account.json"
# value_from: "~/Downloads/service-account.json"
# namespace: "cert-manager"
## Use Route 53
# - name: "route53-credentials-secret"
# files:
# - name: "secret-access-key"
# value_from: "~/Downloads/route53-secret-access-key"
# namespace: "cert-manager"
- name: "registry-secret"
files:
- name: "config.json"
value_from: "~/.docker/config.json"
namespace: "openfaas"
- name: "registry-secret"
files:
- name: ".dockerconfigjson"
value_from: "~/.docker/config.json"
namespace: "openfaas-fn"
type: "kubernetes.io/dockerconfigjson"
### Docker registry
#### This can be any cluster accessible by your cluster. To populate the file
#### run `docker login` with "store in keychain" turned off in Docker Desktop.
registry: docker.io/ofctest/
### Your root DNS domain name, this can be a sub-domain i.e. staging.o6s.io / prod.o6s.io
root_domain: "myfaas.club"
## Uncomment if using a host without a loadbalancer
# ingress: host
## Keep active if using a cluster with a LoadBalancer available.
ingress: loadbalancer
## Populate from GitHub App
github:
app_id: "24304"
## Populate from OAuth App
oauth:
client_id: 08b72bd8e9e653084264
## Slack
### You can set your own url to get an audit trail in your Slack workspace
slack:
url: http://gateway.openfaas:8080/function/echo
### Users allowed to access your OpenFaaS Cloud
#### ACL for your users, it must be a raw text file or GitHub RAW URL
customers_url: "https://raw.githubusercontent.com/openfaas/openfaas-cloud/master/CUSTOMERS"
## S3 configuration
### Build logs from buildkit are stored in S3
### Defaults to in-cluster deployment of Minio. AWS S3 is also possible
s3:
s3_url: cloud-minio.openfaas.svc.cluster.local:9000
s3_region: us-east-1
s3_tls: false
s3_bucket: pipeline
## Enable auth:
### When enabled users must log in with a valid GitHub account and be present in the
### customers file to view any dashboard
enable_oauth: false
## TLS
tls: false
tls_config:
# issuer_type: "prod"
issuer_type: "staging"
email: "your@email.com"
## Select DNS web service between Amazon Route 53 (route53) and Google Cloud DNS (clouddns)
# by uncommenting the required option
### DigitalOcean
dns_service: digitalocean
### Google Cloud DNS
# dns_service: clouddns
# project_id: "my-openfaas-cloud"
### AWS Route53
# dns_service: route53
# region: us-east-1
# access_key_id: ASYAKIUJE8AYRQQ7DU3M