# Default values for garage.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

# -- Additional labels to add to all resources created by this chart
commonLabels: {}
#   app.kubernetes.io/part-of: storage
#   team: platform

# Garage configuration. These values go to garage.toml
garage:
  # -- Can be changed for better performance on certain systems
  # https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#db_engine
  dbEngine: "lmdb"

  # -- Defaults is 1MB
  # An increase can result in better performance in certain scenarios
  # https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#block_size
  blockSize: "1048576"

  # -- Default to 3 replicas, see the replication_factor section at
  # https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#replication_factor
  replicationFactor: "1"

  # -- By default, enable read-after-write consistency guarantees, see the consistency_mode section at
  # https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#consistency_mode
  consistencyMode: "consistent"

  # -- zstd compression level of stored blocks
  # https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#compression_level
  compressionLevel: "1"

  # -- If this value is set, Garage will automatically take a snapshot of the metadata DB file at a regular interval and save it in the metadata directory.
  # https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#metadata_auto_snapshot_interval
  metadataAutoSnapshotInterval: ""

  rpcBindAddr: "[::]:3901"
  # -- If not given, a random secret will be generated and stored in a Secret object
  rpcSecret: ""
  # -- If you want to provide an rpcSecret within an existing k8s secret,
  # specify the secret name here, and store the value under the secret key `rpcSecret`
  # the default secret will not be created
  existingRpcSecret: ""
  # -- This is not required if you use the integrated kubernetes discovery
  bootstrapPeers: []
  # -- Set to true if you want to use k8s discovery but install the CRDs manually outside
  # of the helm chart, for example if you operate at namespace level without cluster ressources
  kubernetesSkipCrd: false
  s3:
    api:
      region: "garage"
      rootDomain: ".s3.garage.k-space.ee"
    web:
      rootDomain: ".web.garage.k-space.ee"
      index: "index.html"

  # -- Additional configuration to append to garage.toml. Use a multi-line string for custom config.
  # Example:
  #  additionalTopLevelConfig: |-
  #    data_fsync = true
  additionalTopLevelConfig: ""

  # -- if not empty string, allow using an existing ConfigMap for the garage.toml,
  # if set, ignores garage.toml
  existingConfigMap: ""

  # -- String Template for the garage configuration
  # if set, ignores above values.
  # Values can be templated,
  # see https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/
  garageTomlString: ""

# Data persistence
persistence:
  enabled: true
  meta:
    storageClass: "ceph-rbd"
    size: 10Gi
    # used only for daemon sets
    hostPath: /var/lib/garage/meta
  data:
    storageClass: "hdd-ceph"
    size: 3Ti
    # used only for daemon sets
    hostPath: /var/lib/garage/data

# Deployment configuration
deployment:
  # -- Switchable to DaemonSet
  kind: StatefulSet
  # -- Number of StatefulSet replicas/garage nodes to start
  replicaCount: 1
  # -- If using statefulset, allow Parallel or OrderedReady (default)
  podManagementPolicy: OrderedReady

image:
  # -- default to amd64 docker image
  repository: dxflrs/amd64_garage
  # -- set the image tag, please prefer using the chart version and not this
  # to avoid compatibility issues
  tag: ""
  pullPolicy: IfNotPresent

initImage:
  repository: busybox
  tag: stable
  pullPolicy: IfNotPresent

# -- set if you need credentials to pull your custom image
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""

serviceAccount:
  # -- Specifies whether a service account should be created
  create: true
  # -- Annotations to add to the service account
  annotations: {}
  # -- The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""

# -- additonal pod annotations
podAnnotations: {}

podSecurityContext:
  runAsUser: 1000
  runAsGroup: 1000
  fsGroup: 1000
  fsGroupChangePolicy: "OnRootMismatch"
  runAsNonRoot: true

securityContext:
  # -- The default security context is heavily restricted,
  # feel free to tune it to your requirements
  capabilities:
    drop:
      - ALL
  readOnlyRootFilesystem: true

service:
  # -- You can rely on any service to expose your cluster
  # - ClusterIP (+ Ingress)
  # - NodePort (+ Ingress)
  # - LoadBalancer
  type: ClusterIP
  # -- Annotations to add to the service
  annotations: {}
  s3:
    api:
      port: 3900
    web:
      port: 3902
    # NOTE: the admin API is excluded for now as it is not consistent across nodes

ingress:
  s3:
    api:
      enabled: true
      # -- Rely _either_ on the className or the annotation below but not both!
      # If you want to use the className, set
      # className: "nginx"
      # and replace "nginx" by an Ingress controller name,
      # examples [here](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers).
      annotations:
        kubernetes.io/ingress.class: traefik
        traefik.ingress.kubernetes.io/router.entrypoints: websecure
        external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
      labels: {}
      hosts:
        # -- garage S3 API endpoint, to be used with awscli for example
        - host: "garage.k-space.ee"
          paths:
            - path: /
              pathType: Prefix
        # -- garage S3 API endpoint, DNS style bucket access
        - host: "*.garage.k-space.ee"
          paths:
            - path: /
              pathType: Prefix
      tls:
        - hosts:
            - "*.k-space.ee"
    web:
      enabled: true
      # -- Rely _either_ on the className or the annotation below but not both!
      # If you want to use the className, set
      # className: "nginx"
      # and replace "nginx" by an Ingress controller name,
      # examples [here](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers).
      annotations:
        kubernetes.io/ingress.class: traefik
        traefik.ingress.kubernetes.io/router.entrypoints: websecure
        external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
      labels: {}
      hosts:
      # --  wildcard website access with bucket name prefix
       - host: "garage-web.k-space.ee"
         paths:
           - path: /
             pathType: Prefix
      tls:
        - hosts:
            - "*.k-space.ee"

resources: {}
  # The following are indicative for a small-size deployement, for anything serious double them.
  # limits:
  #   cpu: 100m
  #   memory: 1024Mi
  # requests:
  #   cpu: 100m
  #   memory: 512Mi

# -- Specifies a livenessProbe
livenessProbe: {}
  #httpGet:
  #  path: /health
  #  port: 3903
  #initialDelaySeconds: 5
  #periodSeconds: 30
# -- Specifies a readinessProbe
readinessProbe: {}
  #httpGet:
  #  path: /health
  #  port: 3903
  #initialDelaySeconds: 5
  #periodSeconds: 30

nodeSelector: {}

tolerations: []

affinity: {}

environment: {}

extraVolumes: {}

extraVolumeMounts: {}

monitoring:
  metrics:
    # -- If true, a service for monitoring is created with a prometheus.io/scrape annotation
    enabled: true
    serviceMonitor:
      # -- If true, a ServiceMonitor CRD is created for a prometheus operator
      # https://github.com/coreos/prometheus-operator
      enabled: false
      path: /metrics
      #  namespace: monitoring  (defaults to use the namespace this chart is deployed to)
      labels: {}
      interval: 15s
      scheme: http
      tlsConfig: {}
      scrapeTimeout: 10s
      relabelings: []
  tracing:
    # -- specify a sink endpoint for OpenTelemetry Traces, eg. `http://localhost:4317`
    sink: ""