# Default values for codimd. # This is a YAML-formatted file. # Declare variables to be passed into your templates. # storageClass: # nameOverride: # fullnameOverride: image: # https://quay.io/repository/hedgedoc/hedgedoc?tab=tags registry: "quay.io" repository: "hedgedoc/hedgedoc" # When you use export pdf with CJK character, please change the tag with postfix `-cjk`. # for example 2.2.0-cjk tag: "1.9.0-alpine" pullPolicy: IfNotPresent pullSecrets: [] # - myRegistryKeySecretName ## ## PostgreSQL chart configuration ## ## Reference: https://github.com/bitnami/charts/blob/master/bitnami/postgresql/values.yaml ## ## If you want to use external database, just set postgresql.enabled to false ## postgresql: enabled: false volumePermissions: enabled: false postgresqlUsername: codimd postgresqlPassword: changeme postgresqlDatabase: codimd ## ## MariaDB chart configuration ## ## Reference: https://github.com/bitnami/charts/blob/master/bitnami/mariadb/values.yaml ## ## If you prefer MariaDB, we also supported. ## mariadb: enabled: false volumePermissions: enabled: true db: user: codimd password: changeme name: codimd master: persistence: enabled: true replication: enabled: false ## ## Kubernetes service ## use NodePort for minikube ## other environment use LoadBalancer or ClusterIP ## service: annotations: {} type: "ClusterIP" port: 80 # externalTrafficPolicy: # loadBalancerIP: ## ## Ingress configuration ## Ingress: enabled: false annotations: kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: - host: hedgedoc.k3s.apian.cloud paths: - / tls: - secretName: hedgedoc-sapian-cloud-le-tls-le hosts: - hedgedoc.k3s.sapian.cloud ingressRoute: enabled: true annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" host: hedgedoc.k3s.sapian.cloud tls: enabled: true ## ## CodiMD application configuration ## codimd: ## ## Affinity for pod assignment ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: sapian-k3s-role operator: In values: - server ## ## Tolerations for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: {} ## ## Node labels for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} ## ## Pod annotations ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} ## ## security context ## securityContext: runAsGroup: 1500 runAsUser: 1500 fsGroup: 1500 runAsNonRoot: true ## ## connection setting ## connection: ## if you doesn't using ingress, you can setup domain for your CodiMD instances domain: hedgedoc.k3s.sapian.cloud ## if you want to add port number on your url urlAddPort: false ## if you use load balancer or setup TLS on ingress protocolUseSSL: true ## ## External database configuration ## if you want to use external database ## database type only support mysql and postgres ## database: type: postgres host: pg-primary.dbs.svc.cluster.local port: 5432 username: hedgedoc password: "dI6[;)dIRh0aw1}F,cT;-V3t" databaseName: hedgedoc-prueba ## ## Image upload store ## imageUpload: storeType: minio # imgur: # clientId: # azure: # connectionString: # container: # lutim: # url: minio: endpoint: ceph.sapian.cloud secure: true port: 443 accessKey: OBIKJR1I367AQK42TY7F secretKey: iVEkSXUPdwjuBiLBe2KlEV59eJFcNqTMs02QC5Ma bucket: sapian-hackmd-public-bucket s3: # endpoint: # region: # accessKeyId: # secretKey: bucket: sapian-public-bucket imageStorePersistentVolume: enabled: false size: '10Gi' storageClass: "" accessModes: - ReadWriteOnce volumeMode: Filesystem ## for advanced used, manually setup environment for used extraEnvironmentVariables: CMD_S3_BUCKET: sapian-hackmd-public-bucket CMD_OAUTH2_BASEURL: https://hedgedoc.k3s.sapian.cloud CMD_OAUTH2_SCOPE: id email # CMD_LOGLEVEL: info ## automatically check new version versionCheck: true ## ## about security setting ## security: useCDN: 'false' # session secret, please change this value sessionSecret: 'chiigh7hoqu7foceedoh9iethaiYoo6i' sessionLife: '1209600000' ## HSTS setting hstsEnabled: 'true' hstsMaxAge: '31536000' hstsIncludeSubdomain: 'false' hstsPreload: 'true' ## CSP setting cspEnabled: 'true' # cspReportUri: ## setup allow origin # allowOrigin: ## use gravatar.com as user gravatar allowGravatar: 'true' ## ## for tooBusy block user when server event loop lag more than ? ms ## responseMaxLag: '70' ## ## setting about note creation ## noteCreation: freeUrlEnabled: 'true' freeUrlForbiddenNoteIds: 'robots.txt,favicon.ico,api' defaultPermission: 'editable' ## ## setting about note permission ## notePermission: allowAnonymousEdit: true allowAnonymousView: true ## ## allow export note to pdf ## allowPDFExport: true ## ## setting about markdown ## markdown: # plantUMLServer: useHardBreak: true linkifyHeaderStyle: 'keep-case' ## ## User Authentication Methods ## authentication: ## ## authentication by Email and Password local: enabled: true una allowRegister: false bitbucket: enabled: false key: secret: dropbox: enabled: false appKey: appSecret: facebook: enabled: false clientId: secret: github: enabled: false clientId: d594d2c0bd7591a7fe54 secret: 33ed3e2a46ec550ab509bcf876bbc2a0c8029bea ## provide enterprise url if you use GitHub Enterprise Version enterpriseUrl: gitlab: enabled: false domain: scope: applicationId: secret: google: enabled: false clientId: secret: hostedDomain: ldap: enabled: false providerName: url: tlsCA: bindDN: bindCredentials: searchBase: searchFilter: searchAttributes: attributes: id: username: mattermost: enabled: false domain: clientId: secret: oauth2: enabled: true providerName: sapian.cloud domain: sapian.com.co clientId: hedgedoc-sapian-cloud secret: 681028a3-d4a6-4eb1-ad43-8540c8fd79ad authorizationUrl: https://accounts.sapian.cloud/auth/realms/sapian.com.co/protocol/openid-connect/auth tokenUrl: https://accounts.sapian.cloud/auth/realms/sapian.com.co/protocol/openid-connect/token userProfileUrl: https://accounts.sapian.cloud/auth/realms/sapian.com.co/protocol/openid-connect/userinfo scope: attributes: username: preferred_username displayName: name email: email openID: enabled: false saml: enabled: false idpSSOUrl: idpCert: issuer: identifierFormat: disableRequestedAuthnContext: groupAttribute: externalGroups: requiredGroups: attributes: id: username: email: twitter: enabled: consumerKey: comsumerSecret: