Newer
Older
# These variables allow you to configure a git repository that contains custom
# wpContent content.
git_repo:
enabled: false
# Directory that contains the wp-content content in your repo. The default is
# `.`, which means that your repository contains folders like languages,
# plugins and themes in the root of the repo. If your git repository has a
# `wp-content` folder in it, point to that folder instead.
wp_content_dir: "."
# URL to your GitLab
url: git.example.com
# Part after the GitLab URL to the gitlab repo
name: /group/repo
version: "HEAD"
# GitLab token and key to get access to repo
token_user: gitlab-token
token_key: gitlab-key
wordpress:
config:
db:
prefix: wp_
adm:
usid: admin
pssw: CHANGE-THIS-PASSWORD
site:
# NOTE: Make sure you use underscore and that the localisation is in full caps
# NOTE: Optionally set a Wordpress version number to override the default
# version: LOCAL-WORDPRESS-VERSION-NUMBER-OR-DELETE-THIS-LINE
# NOTE: This is the URL that points to your WordPress installation. If this
# URL is set incorrectly your site will most likely not work. You can not
# change it after you have run helm install once because WordPress saves the
# site URL in its database. To change this value, you would need to helm
# delete and then helm install the chart again, or manually change the
# WordPress database fields that contain the URL.
url: "http://localhost"
title: "Wordpress Helm"
# If you are including a plugin to alias wp login then set an alt.path and set alt.config options
# NOTE: The value of alt enabled must be set as true or false
alt:
enabled: false
# config: PATH-SETTING-IN-OPTIONS-TABLE
# path: SOME-LOGIN-PATH
# # Path used by the liveness and readiness probes to see if the site runs
# # correctly. Defaults to `/wp-login.php`. Be sure to make this the same as
# # alt_path if you use it!
# probe_path: /wp-login.php
# Turn on WordPress' debug mode
# debug: true
# Install includes all parent, child, default, active and fallback themes
# NOTE: Use theme *slugs* here
themes_install:
- twentynineteen
# this is the active theme. Also would be the child theme
theme_active: twentynineteen
# Fallback theme from wordpress repo which is fetched + activated if helm reports an error
wp_content:
# The directory to mount the files placed in wp-content. You shouldn't have to
# change this.
mount_path: /var/www/wp-content-mount
wp_upload:
# The directory to mount the files placed in wp-content/uploads. You shouldn't
# have to change this.
mount_path: /var/www/wp-uploads-mount
# Contents of the .htaccess file that is mounted in the `wpUploadMnt` directory
htaccess: |
# Disable access to all file types except the following
Require all denied
<Files ~ ".(woff|xml|css|js|jpe?g|png|gif)$">
Require all granted
</Files>
## Set default permissions given to files and directories by Wordpress
## Strong and writeable defaults are 750 and 640
#permissions:
# directory_mode: 0750
# files_mode: 0640
## mu_plugins are installed as hidden and cannot be updated from the UI
## mu_dir 'mu-plugins' maps to wp-content/mu-plugins
Maarten de Waard
committed
## mu_plugins supplies a detailed list of mu values and plugins with versions
mu_plugins_enabled: false
mu_plugins_dir: mu-plugins
mu_plugins:
block-bad-queries:
name: Block Bad Queries
version: 20200319
phpfile: block-bad-queries.php
Maarten de Waard
committed
## Enable externally triggered cron for an MU cron plugin
# NOTE: mu_plugins *must* be enabled if you want to enable mu_cron
mu_cron:
enabled: false
# # By default cron runs every 3 minutes, but you can change the schedule
# # here:
# cronjob:
# schedule: "*/3 * * * *"
# These settings make sense to overwrite if you want to use the OpenID connect
# plugin
openid_connect_settings:
enabled: true
client_id: OPENID_CLIENT_ID
client_secret: OPENID_CLIENT_SECRET
endpoint_login: https://login-endpoint-url
endpoint_userinfo: https://userinfo-endpoint-url
endpoint_token: https://token-validation-endpoint-url
endpoint_end_session: https://end-session-endpoint-url
no_sslverify: "0"
enable_logging: "1"
role_mapping_enabled: false
role_key: roles
database:
db:
user: wordpress
password: <SET A DATABASE PASSWORD>
rootUser:
password: <SET A DB ROOT USER PASSWORD FOR UPGRADES TO WORK>
replication:
password: <SET A REPLICATION USER PASSWORD IF YOU HAVE REPLICATION ENABLED>
# Set this to true to have a Redis container next to your WP. The WP will be
# configured to connect to this Redis and `Redis Object Cache` plugin will be
# installed as a convential plugin and configured to connect to this Redis
# Change Redis MU plugin configurations to use MU instead
redis:
# Set redis.enabled to true to have a Redis container next to your WP. The WP will be
# configured to connect to this Redis and `Redis Object Cache` plugin will be
# installed as a conventional plugin.
enabled: false
# password: <SET A REDIS PASSWORD HERE>
# master:
# persistence:
# # Set persistence to true you want redis to have persistence
# enabled: false
# # disableCommand is set as null to enable FLUSHALL and FLUSHDB and allow cache purge and flush
# disableCommands: []
# cluster:
# #Set redis.cluster.enabled as true to have a master and a slave redis. Not necessary for caching
# enabled: false
# This will add a cronjob that performs backups of the wordpress
# database, copying an sql file created by `wp db export` to the given target.
#
# The backups are saved as yyyy-mm-dd and as such if you do several backups per
# day, previous backups of the same day will be overwritten. There is no cleanup
# of backups: it is assumed that cleanup is done on the target server.
# backup:
# enabled: true
# # The target location of the backup. This can be a local directory (not
# # advisable) or a remote directory reachable over SSH. backup command uses
# # this value as the second argument for `rsync`
# target: <username@server.example.org:backup-dir/>
# # If `backup.target` is an SSH address, use this private key:
# sshPrivateKey: |
# -----BEGIN OPENSSH PRIVATE KEY-----
# ...
# -----END OPENSSH PRIVATE KEY-----
# # This string is mounted as a text file to /etc/ssh/ssh_known_hosts.
# # Required when `sshPrivateKey` is provided. Required for SSH host key
# # verification. If this is ill-configured, expect a host key verification
# # error in the logs of the wordpress-backup container.
# # Read the SSH documentation for the correct contents of the ssh_known_hosts
# # file. You can use `ssh-keyscan` on a trusted network to find host keys.
# <hostname> <keytype> <key>
# # The interval at which backups occur. Defaults to 86400 seconds (24 hours)
# intervalSeconds:
# It's advisable to set resource limits to prevent your K8s cluster from
# crashing
# resources:
# limits:
# cpu: 100m
# memory: 512Mi
# requests:
# cpu: 50m
# memory: 256Mi
# ingress:
# # If this is false, no ingress is created by the helm chart
# enabled: true
# # Example annotation to make cert-manager manage the TLS certificates for
# # this ingress (Don't supply crt and key to the tls config in this case).
Maarten de Waard
committed
# # annotations:
# # kubernetes.io/tls-acme: "true"
# path: /
# hosts:
# - <YOUR HOSTNAME HERE>
# tls:
# - hosts:
# - <REPEAT YOUR HOSTNAME HERE>
# secretName: wordpress-cert
# crt: |
# Optionally insert your certificate here, it will be saved as a
Maarten de Waard
committed
# Kubernetes secret. You can insert the whole certificate chain here.
# NOTE: Don't do this if you use cert-manager to get your certificates!
# key: |
# If you use a custom certificate, insert your TLS key here, it will be
# saved as a Kubernetes secret.
# Set this for use with Minikube:
# service:
# type: NodePort
# port: 12345