mirror of https://github.com/coder/coder.git
174 lines
7.6 KiB
YAML
174 lines
7.6 KiB
YAML
# coder -- Primary configuration for `coder server`.
|
|
coder:
|
|
# coder.replicaCount -- The number of Kubernetes deployment replicas.
|
|
# This should only be increased if High Availability is enabled.
|
|
# This is an Enterprise feature. Contact sales@coder.com.
|
|
replicaCount: 1
|
|
|
|
# coder.image -- The image to use for Coder.
|
|
image:
|
|
# coder.image.repo -- The repository of the image.
|
|
repo: "ghcr.io/coder/coder"
|
|
# coder.image.tag -- The tag of the image, defaults to {{.Chart.AppVersion}}
|
|
# if not set. If you're using the chart directly from git, the default
|
|
# app version will not work and you'll need to set this value. The helm
|
|
# chart helpfully fails quickly in this case.
|
|
tag: ""
|
|
# coder.image.pullPolicy -- The pull policy to use for the image. See:
|
|
# https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy
|
|
pullPolicy: IfNotPresent
|
|
# coder.image.pullSecrets -- The secrets used for pulling the Coder image from
|
|
# a private registry.
|
|
pullSecrets: []
|
|
# - name: "pull-secret"
|
|
|
|
# coder.annotations -- The Deployment annotations. See:
|
|
# https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
annotations: {}
|
|
|
|
# coder.serviceAccount -- Configuration for the automatically created service
|
|
# account. Creation of the service account cannot be disabled.
|
|
serviceAccount:
|
|
# coder.serviceAccount.workspacePerms -- Whether or not to grant the coder
|
|
# service account permissions to manage workspaces. This includes
|
|
# permission to manage pods and persistent volume claims in the deployment
|
|
# namespace.
|
|
#
|
|
# It is recommended to keep this on if you are using Kubernetes templates
|
|
# within Coder.
|
|
workspacePerms: true
|
|
# coder.serviceAccount.annotations -- The Coder service account annotations.
|
|
annotations: {}
|
|
|
|
# coder.env -- The environment variables to set for Coder. These can be used
|
|
# to configure all aspects of `coder server`. Please see `coder server --help`
|
|
# for information about what environment variables can be set.
|
|
# Note: The following environment variables are set by default and cannot be
|
|
# overridden:
|
|
# - CODER_HTTP_ADDRESS: set to 0.0.0.0:8080 and cannot be changed.
|
|
# - CODER_TLS_ADDRESS: set to 0.0.0.0:8443 if tls.secretName is not empty.
|
|
# - CODER_TLS_ENABLE: set if tls.secretName is not empty.
|
|
# - CODER_TLS_CERT_FILE: set if tls.secretName is not empty.
|
|
# - CODER_TLS_KEY_FILE: set if tls.secretName is not empty.
|
|
# - CODER_PROMETHEUS_ADDRESS: set to 0.0.0.0:6060 and cannot be changed.
|
|
# Prometheus must still be enabled by setting CODER_PROMETHEUS_ENABLE.
|
|
env: []
|
|
|
|
# coder.tls -- The TLS configuration for Coder.
|
|
tls:
|
|
# coder.tls.secretNames -- A list of TLS server certificate secrets to mount
|
|
# into the Coder pod. The secrets should exist in the same namespace as the
|
|
# Helm deployment and should be of type "kubernetes.io/tls". The secrets
|
|
# will be automatically mounted into the pod if specified, and the correct
|
|
# "CODER_TLS_*" environment variables will be set for you.
|
|
secretNames: []
|
|
|
|
# coder.resources -- The resources to request for Coder. These are optional
|
|
# and are not set by default.
|
|
resources:
|
|
{}
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
|
|
# coder.certs -- CA bundles to mount inside the Coder pod.
|
|
certs:
|
|
# coder.certs.secrets -- A list of CA bundle secrets to mount into the Coder
|
|
# pod. The secrets should exist in the same namespace as the Helm
|
|
# deployment.
|
|
#
|
|
# The given key in each secret is mounted at
|
|
# `/etc/ssl/certs/{secret_name}.crt`.
|
|
secrets:
|
|
[]
|
|
# - name: "my-ca-bundle"
|
|
# key: "ca-bundle.crt"
|
|
|
|
# coder.affinity -- Allows specifying an affinity rule for the `coder` deployment.
|
|
# The default rule prefers to schedule coder pods on different
|
|
# nodes, which is only applicable if coder.replicaCount is greater than 1.
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- podAffinityTerm:
|
|
labelSelector:
|
|
matchExpressions:
|
|
- key: app.coder.com
|
|
operator: In
|
|
values:
|
|
- "true"
|
|
topologyKey: kubernetes.io/hostname
|
|
weight: 1
|
|
|
|
# coder.tolerations -- Tolerations for tainted nodes.
|
|
# See: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
tolerations:
|
|
{}
|
|
# - key: "key"
|
|
# operator: "Equal"
|
|
# value: "value"
|
|
# effect: "NoSchedule"
|
|
|
|
# coder.nodeSelector -- Node labels for constraining coder pods to nodes.
|
|
# See: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
|
nodeSelector: {}
|
|
# kubernetes.io/os: linux
|
|
|
|
# coder.service -- The Service object to expose for Coder.
|
|
service:
|
|
# coder.service.enable -- Whether to create the Service object.
|
|
enable: true
|
|
# coder.service.type -- The type of service to expose. See:
|
|
# https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
|
|
type: LoadBalancer
|
|
# coder.service.sessionAffinity -- Must be set to ClientIP or None
|
|
# AWS ELB does not support session stickiness based on ClientIP, so you must set this to None.
|
|
# The error message you might see: "Unsupported load balancer affinity: ClientIP"
|
|
# https://kubernetes.io/docs/reference/networking/virtual-ips/#session-affinity
|
|
sessionAffinity: ClientIP
|
|
# coder.service.externalTrafficPolicy -- The external traffic policy to use.
|
|
# You may need to change this to "Local" to preserve the source IP address
|
|
# in some situations.
|
|
# https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
externalTrafficPolicy: Cluster
|
|
# coder.service.loadBalancerIP -- The IP address of the LoadBalancer. If not
|
|
# specified, a new IP will be generated each time the load balancer is
|
|
# recreated. It is recommended to manually create a static IP address in
|
|
# your cloud and specify it here in production to avoid accidental IP
|
|
# address changes.
|
|
loadBalancerIP: ""
|
|
# coder.service.annotations -- The service annotations. See:
|
|
# https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
|
|
annotations: {}
|
|
|
|
# coder.ingress -- The Ingress object to expose for Coder.
|
|
ingress:
|
|
# coder.ingress.enable -- Whether to create the Ingress object. If using an
|
|
# Ingress, we recommend not specifying coder.tls.secretNames as the Ingress
|
|
# will handle TLS termination.
|
|
enable: false
|
|
# coder.ingress.className -- The name of the Ingress class to use.
|
|
className: ""
|
|
# coder.ingress.host -- The hostname to match on.
|
|
host: ""
|
|
# coder.ingress.wildcardHost -- The wildcard hostname to match on. Should be
|
|
# in the form "*.example.com" or "*-suffix.example.com". If you are using a
|
|
# suffix after the wildcard, the suffix will be stripped from the created
|
|
# ingress to ensure that it is a legal ingress host. Optional if not using
|
|
# applications over subdomains.
|
|
wildcardHost: ""
|
|
# coder.ingress.annotations -- The ingress annotations.
|
|
annotations: {}
|
|
# coder.ingress.tls -- The TLS configuration to use for the Ingress.
|
|
tls:
|
|
# coder.ingress.tls.enable -- Whether to enable TLS on the Ingress.
|
|
enable: false
|
|
# coder.ingress.tls.secretName -- The name of the TLS secret to use.
|
|
secretName: ""
|
|
# coder.ingress.tls.wildcardSecretName -- The name of the TLS secret to
|
|
# use for the wildcard host.
|
|
wildcardSecretName: ""
|