## common configuration across all deployments global: # Tolerations for pod assignment # Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ tolerations: [] annotations: {} nodeSelector: {} affinity: {} ## Rocket Chat image version ## ref: https://hub.docker.com/r/rocketchat/rocket.chat/tags ## image: repository: registry.rocket.chat/rocketchat/rocket.chat pullPolicy: IfNotPresent imagePullSecrets: [] ## Host for the application ## set it to a domain pointing to your loadbalancer # host: chat.panic.haus replicaCount: 1 minAvailable: 1 smtp: enabled: false username: password: host: port: 587 # Extra env vars for Rocket.Chat: extraEnv: # - name: MONGO_OPTIONS # value: '{"ssl": "true"}' # - name: MONGO_OPLOG_URL # value: mongodb://oploguser:password@rocket-1:27017/local&replicaSet=rs0 # Extra secret for Rocket.Chat, uncomment to use # Usefull to store sensitive data for creating initial user (e.g. ADMIN_* env vars) or custom OAUTH settings (e.g. Accounts_OAuth_Custom_* env vars) # extraSecret: "some-secret" # Extra volumes for Rocket.Chat... extraVolumes: # - name: etc-certs # hostPath: # path: /etc/ssl/certs # type: Directory # - name: usr-certs # hostPath: # path: /usr/share/ca-certificates # type: Directory # ... and where they should be mounted inside the container extraVolumeMounts: # - mountPath: /etc/ssl/certs # name: etc-certs # readOnly: true # - mountPath: /usr/share/ca-certificates # name: usr-certs # readOnly: true # -- Containers, which are run before the app containers are started. extraInitContainers: [] # - name: init-myservice # image: busybox # command: ['sh', '-c', 'until nslookup myservice; do echo waiting for myservice; sleep 2; done;'] ## Specifies a Registration Token (obtainable at https://cloud.rocket.chat) #registrationToken: "" ## Specifies an Enterprise License # license: "" ## Pod anti-affinity can prevent the scheduler from placing RocketChat replicas on the same node. ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided. ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node. ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured. ## podAntiAffinity: "" ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity. ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone ## podAntiAffinityTopologyKey: kubernetes.io/hostname ## Assign custom affinity rules to the RocketChat instance ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## affinity: {} # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # nodeSelectorTerms: # - matchExpressions: # - key: kubernetes.io/e2e-az-name # operator: In # values: # - e2e-az1 # - e2e-az2 ## Use an existing secret file with the MongoDB Url and OplogUrl existingMongodbSecret: "" ## MongoDB URL if using an externally provisioned MongoDB externalMongodbUrl: # mongodb://user:password@localhost:27017/rocketchat externalMongodbOplogUrl: # mongodb://user:password@localhost:27017/local?replicaSet=rs0&authSource=admin ## ## MongoDB chart configuration ### ref https://github.com/helm/charts/tree/master/stable/mongodb#configuration ## mongodb: ## Enable or disable MongoDB dependency completely. enabled: true initdbScriptsConfigMap: rocketchat-mongodb-fix-clustermonitor-role-configmap auth: # rootPassword: usernames: - rocketchat passwords: - rocketchat databases: - rocketchat architecture: replicaset replicaCount: 1 arbiter: enabled: false pdb: minAvailable: 0 pdb: minAvailable: 0 # key: persistence: enabled: true ## mongodb data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## # storageClass: "-" accessMode: ReadWriteOnce size: 8Gi volumePermissions: { enabled: true } ## Enable persistence using Persistent Volume Claims ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ ## persistence: enabled: false # existingClaim: existingClaimName ## rocketchat data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## # storageClass: "-" accessMode: ReadWriteOnce size: 8Gi ## Configure resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## # resources: # requests: # memory: 512Mi # cpu: 300m securityContext: enabled: true runAsUser: 999 fsGroup: 999 serviceAccount: # Specifies whether a ServiceAccount should be created create: true # Annotations to add to the ServiceAccount annotations: {} # eks.amazonaws.com/role-arn: arn:aws:iam::123456789012:role/dummyRole # The name of the ServiceAccount to use. # If not set and create is true, a name is generated using the fullname template name: ## Configure the ingress object to hook into existing infastructure ### ref : http://kubernetes.io/docs/user-guide/ingress/ ### ingress: enabled: true pathType: Prefix ingressClassName: "nginx" annotations: kubernetes.io/ingress.class: "nginx" cert-manager.io/cluster-issuer: letsencrypt-prod path: / tls: - secretName: rocketchat-tsl hosts: - chat.panic.haus federation: serveWellKnown: true service: annotations: {} # service.beta.kubernetes.io/aws-load-balancer-internal: "0.0.0.0/0" labels: {} # key: value ## ServiceType ## ref: https://kubernetes.io/docs/user-guide/services/#publishing-services---service-types type: ClusterIP ## Optional static port assignment for service type NodePort. # nodePort: 30000 port: 80 ## Optional when LoadBalancer specified ServiceType. loadBalancerIP: "" ## Optional custom labels for the deployment resource. deploymentLabels: {} ## Optional Pod Labels. podLabels: {} ## Optional Pod Annotations. podAnnotations: {} # prometheus.io/port: "9458" # prometheus.io/path: "/metrics" # prometheus.io/scrape: "true" ## Optional Prometheus scraping Settings prometheusScraping: enabled: false port: 9100 # Avoid using 9458: conflicts with Moleculer Exporter serviceMonitor: ## serviceMonitor.enabled Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator ## prometheusScraping.enabled should be also enabled ## enabled: false # deprecated #interval: 30s # deprecated #port: metrics ## metrics.serviceMonitor.port The port names at which container exposes Prometheus metrics ## ports: - metrics ## metrics.serviceMonitor.intervals The intervals at which metrics should be scraped ## intervals: - 30s ## Liveness and readiness probe values ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes ## livenessProbe: enabled: true path: /health initialDelaySeconds: 60 periodSeconds: 15 timeoutSeconds: 5 failureThreshold: 3 successThreshold: 1 readinessProbe: enabled: true path: /health initialDelaySeconds: 10 periodSeconds: 15 timeoutSeconds: 5 failureThreshold: 3 successThreshold: 1 podDisruptionBudget: enabled: true # # # # # # # # # # # # # # # # # # M I C R O S E R V I C E S # # Only available to E.E users # # # # # # # # # # # # # # # # # # ## Deploy as microservices? # Monolithic architecture, by default microservices: enabled: false logLevel: warn heartbeatInterval: 10 heartbeatTimeout: 30 ## Parameters for each deployment: presence: replicas: 1 image: repository: rocketchat/presence-service pullPolicy: IfNotPresent securityContext: {} resources: {} # Tolerations for pod assignment # Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ tolerations: [] ddpStreamer: replicas: 1 image: repository: rocketchat/ddp-streamer-service pullPolicy: IfNotPresent securityContext: {} resources: {} # Tolerations for pod assignment # Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ tolerations: [] account: replicas: 1 image: repository: rocketchat/account-service pullPolicy: IfNotPresent securityContext: {} resources: {} # Tolerations for pod assignment # Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ tolerations: [] authorization: replicas: 1 image: repository: rocketchat/authorization-service pullPolicy: IfNotPresent securityContext: {} resources: {} # Tolerations for pod assignment # Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ tolerations: [] streamHub: replicas: 1 image: repository: rocketchat/stream-hub-service pullPolicy: IfNotPresent securityContext: {} resources: {} # Tolerations for pod assignment # Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ tolerations: [] nats: replicas: 1 ## Parameters for each Kubernetes service # NOTE: reserved for future usage still presenceService: ddpStreamerService: natsService: streamHubService: accountService: authorizationService: nats: nats: image: nats:2.4-alpine federation: # host: image: repository: matrixdotorg/synapse registry: docker.io tag: v1.84.1 enabled: false persistence: enabled: false accessModes: - ReadWriteOnce resources: requests: storage: 10Gi postgresql: enabled: false auth: username: rocketchat password: rocketchat database: rocketchat primary: extraEnvVars: - name: POSTGRES_INITDB_ARGS value: "--lc-collate=C --lc-ctype=C" # Tolerations for pod assignment # Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ tolerations: [] hooks: preUpgrade: podAnnotations: {} podLabels: {}