-
Notifications
You must be signed in to change notification settings - Fork 48
/
values.yaml
159 lines (132 loc) · 4.36 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
image:
repository: supertokens/supertokens-postgresql
pullPolicy: IfNotPresent
# -- Overrides the image tag whose default is the chart appVersion.
tag: "7.0"
replicaCount: 1
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
# -- Use existing Secret in the same namespace. **NOTE** If specified, any `database` and `apiKeys` options are ignored.
existingSecret: null
database:
# -- database uri (connection string), used instaed of other params if not empty
uri: ""
# -- database name
name: supertokens
# -- database port
port: 5432
# -- database host
host: postgres.postgres
# -- database user
user: postgres
# -- database password
password: password
service:
port: 3567
targetPort: 3567
nodePort: ""
type: ClusterIP
# -- Time in seconds for how long an access token is valid for
accessTokenValidity: 3600
# -- If true, allows for immediate revocation of any access token. Keep in mind that setting this to true will result in a db query for each API call that requires authentication.
accessTokenBlacklisting: false
# -- If this is set to true, the JWT (access token) signing key will change every fixed interval of time.
accessTokenSigningKeyDynamic: true
# -- Time in hours for how frequently the JWT (access token) signing key will change. This value only makes sense if "accessTokenSigningKeyDynamic" is true.
accessTokenSigningKeyUpdateInterval: 168
# -- Time in mins for how long a refresh token is valid for.
refreshTokenValidity: 144000
# -- Time in milli-seconds for how long a password reset token is valid for.
passwordResetTokenLifetime: 3600000
# -- Time in milli-seconds for how long an email verification token is valid for.
emailVerificationTokenLifetime: 86400000
# -- The maximum number of code input attempts per login before the user needs to restart.
passwordlessMaxCodeInputAttempts: 5
# -- Time in milliseconds for how long a passwordless code is valid for.
passwordlessCodeLifetime: 900000
basePath: ""
disableTelemetry: false
maxServerPoolSize: 10
apiKeys:
# -- enable the use of API Keys with supertokens-core
enabled: false
# -- list of API Keys to load and use with supertokens-core
keys: []
serviceAccount:
# -- Specifies whether a service account should be created
create: true
# -- Annotations to add to the service account
annotations: {}
# -- The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext:
{}
# fsGroup: 2000
securityContext:
{}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
# -- limit and requests for resources for supertokens-core container
resources:
{}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# -- Configure liveness [probe] for the supertokens-core container
# @default -- See [values.yaml]
livenessProbe:
httpGet:
path: /hello
port: http
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 30
# -- Configure readiness [probe] for the supertokens-core container
# @default -- See [values.yaml]
readinessProbe:
httpGet:
path: /hello
port: http
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 30
autoscaling:
# -- enable autoscaling of replicas
enabled: false
# -- minimal replica count when autoscaling
minReplicas: 1
# -- maximum replica count when autoscaling
maxReplicas: 100
# -- target CPU usage before autoscaling
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
# nodeSelector: {}
# tolerations: []
# affinity: {}
# podAntiAffinity:
# preferredDuringSchedulingIgnoredDuringExecution:
# - weight: 1
# podAffinityTerm:
# labelSelector:
# matchExpressions:
# - key: "app.kubernetes.io/name"
# operator: In
# values:
# - supertokens
# topologyKey: kubernetes.io/hostname