values.yaml
No OneTemporary
Actions

Authored By

Unknown

Size

16 KB

Referenced Files

None

Subscribers

None

values.yaml
View Options

	# Default values for kolab.
	# This is a YAML-formatted file.
	# Declare variables to be passed into your templates.

	domainName: "kolab.local"

	# The admin user is always admin@domainName
	adminPassword: null

	# User for prometheus/loki
	externalServiceUser: "admin"
	# Generate with "openssl passwd -1 simple123"
	externalServiceUserPassword: "$1$4JUJFGc/$rqEi/7HU4B3YdpDb7tERK."

	# Arbitrary commands can be included like this that will be run before the horizon container starts.
	# initCommands: [
	# "./artisan user:password admin@kolab.local simple123",
	# "./artisan user:create test1@kolab.local --password=simple123 \|\| :",
	# "./artisan user:create test2@kolab.local --password=simple123 \|\| :",
	# ]

	serviceAccounts:
	create: true
	monitoring1:
	user: test1@kolab.local
	password: null
	monitoring2:
	user: test2@kolab.local
	password: null

	image:
	imapImage: "quay.io/apheleiait/kolab/imap:4.0.16"
	kolabImage: "quay.io/apheleiait/kolab/webapp:4.0.16"
	collaboraImage: "quay.io/apheleiait/kolab/collabora:4.0.16"
	redisImage: "quay.io/apheleiait/kolab/redis:4.0.16"
	roundcubeImage: "quay.io/apheleiait/kolab/roundcube:4.0.16"
	mariadbImage: "quay.io/apheleiait/kolab/mariadb:4.0.16"
	meetImage: "quay.io/apheleiait/kolab/meet:4.0.16"
	coturnImage: "quay.io/apheleiait/kolab/coturn:4.0.16"
	postfixImage: "quay.io/apheleiait/kolab/postfix:4.0.16"
	amavisImage: "quay.io/apheleiait/kolab/amavis:4.0.16"
	utilsImage: "quay.io/apheleiait/kolab/utils:4.0.16"
	minioImage: "quay.io/apheleiait/kolab/minio:4.0.16"
	proxyImage: "quay.io/apheleiait/kolab/proxy:4.0.16"
	vectorImage: "quay.io/apheleiait/kolab/vector:4.0.16"
	synapseImage: "quay.io/apheleiait/kolab/synapse:4.0.16"
	elementImage: "quay.io/apheleiait/kolab/element:4.0.16"
	lokiImage: "docker.io/grafana/loki:3.1.0"
	grafanaImage: "docker.io/grafana/grafana:latest"
	prometheusImage: "quay.io/prometheus/prometheus:latest"
	blackboxExporterImage: "quay.io/prometheus/blackbox-exporter:latest"
	pushgatewayImage: "quay.io/prometheus/pushgateway:latest"
	mysqldExporterImage: "quay.io/prometheus/mysqld-exporter:latest"
	alertmanagerImage: "quay.io/prometheus/alertmanager:latest"
	victorialogsImage: "quay.io/victoriametrics/victoria-logs:v1.30.0"
	pullPolicy: Always
	pullSecret: null

	# serviceAccount:
	# # Specifies whether a service account should be created
	# create: true
	# # Annotations to add to the service account
	# annotations: {}
	# # The name of the service account to use.
	# # If not set and create is true, a name is generated using the fullname template
	# name: ""

	# podAnnotations: {}

	# podSecurityContext: {}
	# fsGroup: 2000

	# securityContext: {}
	# capabilities:
	# drop:
	# - ALL
	# readOnlyRootFilesystem: true
	# runAsNonRoot: true
	# runAsUser: 1000

	appKey: "base64:FG6ECzyAMSmyX+eYwO/FW3bwnarbKkBhqtO65vlMb1E"

	# Should match the kubernetes network, so local connections are trusted.
	trustedProxies: "172.0.0.0/8"

	ingress:
	tlsSecretName: null

	certManager:
	letsencryptIssuer:
	enabled: true
	email: ""

	# Configure which tls secret to use
	tlsSecret:
	type: letsencrypt
	# This is how to inject an externally managed cert
	# type: external
	# secretName: externalSecret
	# This is how to inject a static certificate
	# type: static
	# crt: \|
	# -----BEGIN CERTIFICATE-----
	# MIIDUzCCAjugAwIBAgIUOd6enK80Ohcw5kX1xYot+ncVxEwwDQYJKoZIhvcNAQEL
	# BQAwKzETMBEGA1UECgwKRXhhbXBsZSBDQTEUMBIGA1UEAwwLa29sYWIubG9jYWww
	# HhcNMjMxMjI2MTA0MjUxWhcNMjQxMjI1MTA0MjUxWjArMRMwEQYDVQQKDApFeGFt
	# cGxlIENBMRQwEgYDVQQDDAtrb2xhYi5sb2NhbDCCASIwDQYJKoZIhvcNAQEBBQAD
	# ggEPADCCAQoCggEBAIr/sBVZxD8jIF9w6WbZ7ivu8P6Grh0yMmd/fOi7T8rloE87
	# Zi7CtOVyH/axS6I0dtlKYBmqZz7EoXvKMRirf55Hux3IXIRnSW9H8xXhzDHenwGV
	# eRyxavka++sWPe7tIhx2seJosfOGHRlWpdPwSvMO4tbVJjUtWrMGYdRwrsvcFVIY
	# hvD/aCreepmvnbR+YKTY6e8qVeTeMXFhb9Gk86H5cwrltIsO6uo1fx1JazXhEe5b
	# mqPhIKHNQcv8Mfb+JufhPmdq83ZoNygcrh+YG0K8Mz1t3+eLi5ij1QFR7c51Lnaf
	# deqaJgDKbiNGtrZEenDUZ4OGnuaWZ818jfAQ+RUCAwEAAaNvMG0wHQYDVR0OBBYE
	# FGNADX2V1X6/om7P38fmz3YHfbqgMB8GA1UdIwQYMBaAFGNADX2V1X6/om7P38fm
	# z3YHfbqgMA8GA1UdEwEB/wQFMAMBAf8wGgYJYIZIAYb4QgENBA0WC1NlbGYgU2ln
	# bmVkMA0GCSqGSIb3DQEBCwUAA4IBAQCHx0kaw1Zs9zwaU93BcQLLtwesIvnyWnzN
	# QrzNzUB88iGnzMraPa5uvyaVkKm3omyNn+B0qy3e9jBSCgVFe9rg66VPIUgGyNuj
	# La6LBYDlG5iRKHpY99BF4frS8e5pslp3H42waiGIyVYFWeyHSyHbFH/BIRkGhMa2
	# 9Wtnvg5FS20/7NkG3QKui9QuzLaPpPN3yLRHpH6eIwkTV1UvvStRx9a6JQZ5crPW
	# aileFbysEN+CdJJAHCwreYuJD+UbdDP+3Cp9qaTRyY2nNwoyQxUPySWW8UbsljP9
	# V6Of5+sYQ+o6n2E6hQOVEGqVP5kf4GoYBmfJTcbGfIFQYqk85vaA
	# -----END CERTIFICATE-----
	# key: \|
	# -----BEGIN PRIVATE KEY-----
	# MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCK/7AVWcQ/IyBf
	# cOlm2e4r7vD+hq4dMjJnf3zou0/K5aBPO2YuwrTlch/2sUuiNHbZSmAZqmc+xKF7
	# yjEYq3+eR7sdyFyEZ0lvR/MV4cwx3p8BlXkcsWr5GvvrFj3u7SIcdrHiaLHzhh0Z
	# VqXT8ErzDuLW1SY1LVqzBmHUcK7L3BVSGIbw/2gq3nqZr520fmCk2OnvKlXk3jFx
	# YW/RpPOh+XMK5bSLDurqNX8dSWs14RHuW5qj4SChzUHL/DH2/ibn4T5navN2aDco
	# HK4fmBtCvDM9bd/ni4uYo9UBUe3OdS52n3XqmiYAym4jRra2RHpw1GeDhp7mlmfN
	# fI3wEPkVAgMBAAECggEALA4BHas/X3F/K7DKUR5mdgc727gNDFTiE9qc2NixYBHq
	# fuJJLy3oDsbeqZ4k5iqxtonzrn7LTWId+nGpoPOONbjvbe+YnyBrbnlD6t4PjYjN
	# Jb/dzIHQ8VYjnS2GAKmpA5N9KtDbAd+yblr/oQ5KewHvVH7nJriSxCYUMLRsOlE1
	# xhhGZpynTg/CmT6xVwSlBIVDCPIfQEKiCBtpUEUwSMhcjETVfAXeNAtluXII3YnG
	# uhErY4P97ON98CrbcsiWM4GO+nC0pLi3j9oEvkFVGPLFX7aj5WawaJHWjqdUcrG8
	# 2R62Ob8Inyg2R9hK3pwEEYH8pwB7cLjfAexxPzF7qwKBgQDEcyZjL6lmPNOosmU5
	# ZO84uh/+ppQH1zObVH+Cv4Cj5/SX8i0QbjDopbMoZou0lHJUfBU8JcZYzhN4fGFt
	# TEpHwHT7gcyDddoSlADB6SRcysFMuRhPOHAfdS99ItZtna+9/uS/TA6cJOlmBPIW
	# 6/Znb2MexS8SkBxKKxZ3FjbuhwKBgQC1IjzKKb/HMcVspp0gLYsmZh/5/Yjf9ZkO
	# poFxrlytXoBB/izx62qqn1ihCHGUpQkoVuKA60VjKuLcM9u5Ny2AzuX9ywUrApQE
	# qcfmElo9eFIUn5VuBttpMJIpNugRE/XTOe7kMKGbd+dyil+Coz5e22IvQBGgGpmx
	# 1XQ3oGRGgwKBgAJxaCXNnu6tjPhJF6cqESuEbQdurOKYE4U3/Mn0dbYUGV+WXGca
	# 57LM9Lho5g3d1rokPONdmOTb0zQpX9DLJRVVWF8UUyXDXm3it0uyCYi54MOCfcHm
	# csaBX5DP0RjV4CydsdyLJpdcgiaJozUTxCGvKe1lCFvTvPZTKNlcRlybAoGAfoA8
	# yEvD/g/Ke4kZL0Hfbp/gMS1aDF9v14V93bESVJotJOmo5gOt6R+EPGKzQEbKUHvt
	# kG+/c/Sdn4AwMfhRNSZKBadmIpWYXnFchFfI4ilH2dNh/weW8K3VRidsh5DTHAPX
	# zVIRa4yf/aSZ85iilIjO14T9Sj2JnWMf2UGRBpUCgYBd17muOTXJ0BzD34K+vAeH
	# 9c7S9PZZNuAfF/WWskIuBGhCNuIHFO7ot5IBAoTkudDTVieQXxBo/jTyidr87gUZ
	# 7kI4YjFMYkH9rAolrUutVo1aKpEHcC2+1ciz8ztiyk9cUZ0s10X+h2Svsnp/HvS9
	# R4X5reaQgGrUYaU6SccGoQ==
	# -----END PRIVATE KEY-----
	# ca: \|
	# CACERT GOES HERE

	passport:
	# PASSPORT_PROXY_OAUTH_CLIENT_ID=$(uuidgen);
	proxyOauthClientId: "942edef5-3dbd-4a14-8e3e-d5d59b727bee"
	# PASSPORT_PROXY_OAUTH_CLIENT_SECRET=$(openssl rand -base64 32);
	proxyOauthClientSecret: "L6L0n56ecvjjK0cJMjeeV1pPAeffUBO0YSSH63wf"
	webmailSSOClientId: "842edef5-3dbd-4a14-8e3e-d5d59b727bee"
	webmailSSOClientSecret: "L7L0n56ecvjjK0cJMjeeV1pPAeffUBO0YSSH63wf"
	# PASSPORT_PRIVATE_KEY=$(openssl genrsa 4096);
	privateKey: "dummy"
	# PASSPORT_PUBLIC_KEY=$(echo "$PASSPORT_PRIVATE_KEY" \| openssl rsa -pubout 2>/dev/null)
	publicKey: "dummy"

	kolab:
	enabled: true
	debug: false
	name: "Kolab"
	theme: "default"
	withWallet: false
	withSignup: true
	withFiles: true
	withDistlists: true
	withSharedFolders: true
	withResources: true
	withMeet: true
	withCompanionApp: true
	withDelegation: true
	withLoginas: true
	withMailfilter: true
	withUserSearch: true
	tenantId: null
	dbSecret: "mariadb"
	replicas: 1
	adminSecrets: false
	davEnabled: true
	kolabObjectCompatMode: false
	webmailUrl: "/webmail/"
	servicesService: kolab
	adminService: kolab
	resellerService: kolab
	maxRequestLength: "10485760"
	maxFileSize: "10485760"
	phpMemoryLimit: "128M"
	phpMaxFileSize: "8M"
	resources:
	limits:
	memory: 2Gi
	requests:
	memory: 1Gi
	# additionalFrontends:
	# - domainName: beta.kolab.klab.cc
	# name: "beta"
	# tenantId: 4
	# - domainName: demoreseller.kolab.klab.cc
	# name: "demoreseller"
	# tenantId: 5
	# theme: "dummy"
	# enableOverlay: false
	# volumes:
	# The volume will have to be populated with something like "oc rsync ~/src/kolab-theme-kolabnow/src/ kolab-demoreseller-68d7676c6f-82fk2:/src/overlay/"
	# overlay:
	# storageClassName: local-path
	# capacity: 100Mi

	horizon:
	enabled: true
	seed: true
	runInitCommands: true
	resources:
	limits:
	memory: 1Gi
	requests:
	memory: 1Gi

	meet:
	serverUrls: "http://meet/meetmedia/api/"
	verifyTls: false
	enabled: true
	publicIp: 127.0.0.1
	hostNetwork: false
	webhookToken: "simple123"
	serverToken: "simple123"
	resources:
	limits:
	memory: 512Mi

	coturn:
	enabled: false
	staticSecret: "simple123"
	publicIp: "127.0.0.1"
	resources:
	limits:
	memory: 512Mi

	proxy:
	tlsSecretName: null
	enabled: true
	webappBackend: http://kolab
	meetBackend: http://meet
	roundcubeBackend: http://roundcube
	davBackend: http://imap
	davPath: "/dav"
	collaboraBackend: http://collabora
	matrixBackend: http://matrix
	sieveBackend: imap:4190
	elementBackend: http://element
	webmailPath: /webmail

	collabora:
	enabled: true
	resources:
	# 1Gb + 100 MB / user
	limits:
	memory: 10Gi
	requests:
	memory: 1Gi

	imap:
	enabled: true
	replicas: 1
	host: imap
	port: 143
	uri: "imap:143"
	tls: false
	tlsSecretName: null
	adminLogin: "cyrus-admin"
	adminPassword: "simple123"
	expiryDelay: 28
	enableLegacySyncServer: true
	skipChown: false
	murder:
	enabled: false
	externalMaster: null
	externalBackends: null
	podAnnotations: {}
	resources:
	limits:
	memory: 2Gi
	requests:
	memory: 1Gi
	volumes:
	spool:
	name: imap-spool
	storageClassName: local-path
	capacity: 100Mi
	lib:
	name: imap-lib
	storageClassName: local-path
	capacity: 100Mi
	replica:
	enabled: false

	roundcube:
	enabled: true
	desKey: "+nJY+jVpVurUts490MPF7ox8T58piLqC"
	skin: "kolab"
	forceSkin: false
	# Comma separated list of disabled plugins
	disabledPlugins: null
	kolabObjectCompatMode: false
	davEnabled: false
	replicas: 1
	resources:
	limits:
	memory: 1Gi
	requests:
	memory: 1Gi

	mariadb:
	enabled: true
	host: "mariadb"
	rootPassword: "VzNsY29tMzJAcGgzbGlh"
	# Used by kolab to access the roundcube mfa db
	mfaDsn: "mysql://roundcube:simple123@mariadb/roundcube"
	kolabDatabase: "kolabdev"
	kolabUser: "kolabdev"
	kolabPassword: "simple123"
	kolabLegacyPassword: "simple123"
	roundcubeDatabase: "roundcube"
	roundcubeUser: "roundcube"
	roundcubePassword: "simple123"
	volumes:
	data:
	name: mariadb-data
	storageClassName: local-path
	capacity: 100Mi
	resources:
	limits:
	memory: 512Mi

	redis:
	enabled: true
	host: redis
	password: "VzNsY29tMzJAcGgzbGlh"
	resources:
	limits:
	memory: 2Gi

	postfix:
	enabled: true
	withProxyProtocol: false
	# Used by roundcube for submission
	submissionHost: postfix
	submissionPort: 587
	submissionEncryption: "starttls"
	submissionUsername: "noreply@{{ .Values.domainName }}"
	# Used by kolab4 - nginx proxy
	externalSubmissionHost: external-smtp
	externalSubmissionPort: 587
	# Used by kolab4 for submission FIXME, this should just be the submissionHost
	smtpHost: postfix
	smtpPort: 587
	smtpEncryption: "starttls"
	tlsSecretName: null
	messageSizeLimit: "10240000"
	blockOutgoingEmails: false
	volumes:
	spool:
	name: postfix-spool
	storageClassName: local-path
	capacity: 100Mi
	lib:
	name: postfix-lib
	storageClassName: local-path
	capacity: 100Mi
	resources:
	limits:
	memory: 512Mi

	amavis:
	clamd:
	# Disabled by default because you can easily run into rate-limits.
	enabled: false
	resources:
	limits:
	memory: 500Mi
	volumes:
	spool:
	name: amavis-spool
	storageClassName: local-path
	capacity: 100Mi
	spamassassinLib:
	name: spamassassin-lib
	storageClassName: local-path
	capacity: 100Mi
	clamavLib:
	name: clamav-lib
	storageClassName: local-path
	capacity: 100Mi
	dkim:
	identifier: dkim1
	# Generated via amavis genrsa, must match the public key in the DNS record
	key: \|
	-----BEGIN RSA PRIVATE KEY-----
	MIIEpQIBAAKCAQEA7JdTEn/T2MhB6KLbATJj4SGernbem4d7dAW7/kVRbiMB2EtP
	pQCR98eeXOOHcufXVc3w4BocXEnD47JPpkFYJBXWF32m4Y2SapBYbsXndN9fyXRr
	HO9wPJlW5QK5i9D/bRUznfaBJm54y+BuX0Ln/ippqFe6z3LPjmro9Y9WpRzevYG/
	TT69Iug5v4U/PA1/rEv+zZGQvNxInZYF7O2MFDbD2pYi7l4hWADP+iwOEc+Li5vP
	lEvOaUlSQCb06sc0/QBHDDyU2WaEJiYy/Mk2xCmSI44f3mQghmiNsu7vlPiztAYK
	jNyiVk8iWDttL9OV9qQyxHL18Q74UzJR6AylrwIDAQABAoIBAQCv3AOJuq5zctda
	3sK/bv9C9sSGliD9poUjRqfoZwoSPb8/USuQUI4viZezIAUsahxr0Tp8uavfBY2w
	EHiX8fZcTEbpCyMigSMWRtkU7dIP04HVss1zop7gzHIEpDPbM6zJHntRrUtuj6sG
	kHo6IPdku43x7dQUIxkYmWs0LCmRbChOpYAp4XR0Zs+PGEYdBh4oXnxatQnfxvVS
	nEI9pzAxxWYUjlYNr9x3JkaTTEZJgPCARZ6DxdShnd96ShWgo4ncdBD6WcnBccHW
	3caafPLuW9iiRmrtiZ70uHIj5fF2qkTpQEJGbM9WSlZPgr/jMX14qf08LrmTCOd7
	noOXGXNhAoGBAPq92gfUIreY6gah68vt9gqhWBUY76m/QBOmhTk4uNLfYE0LfY33
	6mUD08KFbeAtJDxojDjmzbXZzRdlOXFpcHUo7Sc71aGNL8WwNOXHTuhHZHa4nYJb
	Nh4urkWPxlwhP2G+N+BZfZMIzxIU95TzqWA092EziTKUOKvgngUySEvpAoGBAPGN
	gOXWXp0BDBrjyyMKl9WpYc4ZZeq1AB9uhIY7j5i2xL6Vj3Cg3fETJ7xcT/sOU16E
	iHQEkZyKoyo3a8Of+xi+7aW+tZEqtaDe8VivTifgRxKT8hdGV9O/pXoyOtimGe7s
	hMCxxfe2N2Gnz82mw41ZShMbiLZKAAWa8F/PL53XAoGBAJBv/MC1uqn4NBdN/v6i
	PTEycAL3MleeC9NGAUhNHGqcsmSvUcwOG7/EzJ8pLXoNhuolb2D301gF9tabQNPL
	4TQcN0B6fz1ojzRZpJ8YiKPVPFIHVvRYhnwsd8cqYyF/JXuwj490/ZlNYbsQyO3M
	zqzU1gvwHAA+0cZwxZZIuMzBAoGADyjTSxleDLpxGQrsx8E1cDpWIgokBEvhuxdD
	h+0bAPmPdWqLewUNiMCsAL1GY7otb0QgEC/tN4bX4KFjyP40UwRAg+NpH7gvd+4l
	9WvjGsuPilHwopdOkcJ4Tyfx24DpJb6AQlul0fsElMNkXkK2CRvucy6KMO6J+9AS
	f+DP2zcCgYEAlSiJHMfwHpkYUo66A5SXgDd/V9M2VZvmlImob4PZ82WGkBDpjprn
	s+5fQ70ms5ff8Ld08ho2Lu/NcK6ErkJfGgykK2r8ErIsmr5t1WpuU1P+U9xA9rIR
	DR8gVdvWucyKnoNTdlG23BkUpoE3a1wR5aiEboTd8XP31tmhQ50GDVg=
	-----END RSA PRIVATE KEY-----

	vector:
	enabled: true
	mail:
	# Used for the noreply@domainName sender
	noreplyPassword: "simple123"

	minio:
	enabled: true
	rootUser: "admin"
	rootPassword: "simple123"
	bucketName: data
	volumes:
	data:
	name: minio-data
	storageClassName: local-path
	capacity: 100Mi

	alertmanager:
	enabled: false
	externalUrlScheme: http
	externalUrl: null
	volumes:
	alertmanagerData:
	name: alertmanager-data
	storageClassName: local-path
	capacity: 10Mi

	openshift: false
	openshiftRoutesEnabled: true
	buildConfigSource:
	ref: master
	uri: https://git.kolab.org/source/kolab.git

	prometheus:
	hostPrefix: null
	enabled: true
	routeEnabled: true
	clusterMonitoring: true
	tlsSecretName: null
	monitoringMailtransporttestExtraFlags: "--validate"
	monitoringEndpointtesterExtraFlags: null
	imapHost: proxy
	submissionHost: proxy
	submissionPort: 587
	customDavDomain: null
	# Should be approx. 80% of prometheusData capacity
	retentionSize: 80MB
	# mariadbMonitoring:
	# password: simple123
	# targets:
	# - mariadb:3306
	# haproxyMonitoring:
	# targets:
	# - haproxy:8405
	volumes:
	prometheusData:
	name: prometheus-data
	storageClassName: local-path
	capacity: 100Mi
	pushgatewayData:
	name: pushgateway-data
	storageClassName: local-path
	capacity: 100Mi

	loki:
	enabled: true
	routeEnabled: true

	victorialogs:
	enabled: false
	routeEnabled: true
	resources:
	limits:
	memory: 500Mi
	requests:
	memory: 20Mi
	volumes:
	data:
	name: victorialogs-data
	storageClassName: local-path
	capacity: 100Mi

	grafana:
	enabled: false

	matrix:
	enabled: false

	element:
	customConfig: null
	resources:
	limits:
	memory: 100Mi
	requests:
	memory: 20Mi

	synapse:
	enabled: false
	resources:
	limits:
	memory: 500Mi
	requests:
	memory: 100Mi
	volumes:
	data:
	name: synapse-data
	storageClassName: local-path
	capacity: 100Mi

	metallb:
	addressPool: false
	defaultPool:
	create: false

	ldap:
	enabled: false
	host: null
	resources:
	limits:
	memory: 500Mi
	requests:
	memory: 100Mi
	volumes:
	data:
	name: dirsrv-data
	storageClassName: local-path
	capacity: 100Mi
	resources:
	limits:
	memory: 512Mi

File Metadata

Mime Type: text/plain
Expires: Sat, Apr 4, 4:17 AM (7 h, 13 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 18730284
Default Alt Text: values.yaml (16 KB)

values.yamlNo OneTemporaryActions

values.yamlView Options

File Metadata

Event Timeline

values.yaml
No OneTemporary
Actions

values.yaml
View Options