Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
---
apiVersion: v1
kind: ConfigMap
metadata:
name: oas-rocketchat-values
data:
values.yaml: |
# Hostname for Rocket.chat
host: "chat.${domain}"
# Extra environment variables for Rocket.Chat. Used with tpl function, so this
# needs to be a string
extraEnv: |
- name: ADMIN_USERNAME
value: admin
- name: ADMIN_PASS
value: "${rocketchat_admin_password}"
- name: ADMIN_EMAIL
value: "${admin_email}"
# Set setup wizard to completed. The setup wizard, that allows you to
# create a different admin user, gets skipped.
- name: OVERWRITE_SETTING_Show_Setup_Wizard
value: completed
- name: E2E_Enable
value: "true"
- name: Accounts_RegistrationForm
value: Disabled
- name: Accounts_RegistrationForm_LinkReplacementText
value: "Create a new account at admin.${domain} to add users"
# Custom OAuth rules:
- name: Accounts_OAuth_Custom_Openappstack
value: "true"
- name: Accounts_OAuth_Custom_Openappstack_url
value: https://sso.${domain}
- name: Accounts_OAuth_Custom_Openappstack_token_path
value: /oauth2/token
- name: Accounts_OAuth_Custom_Openappstack_token_sent_via
value: payload
- name: Accounts_OAuth_Custom_Openappstack_identity_token_sent_via
value: payload
- name: Accounts_OAuth_Custom_Openappstack_identity_path
value: /userinfo
- name: Accounts_OAuth_Custom_Openappstack_authorize_path
value: /oauth2/auth
- name: Accounts_OAuth_Custom_Openappstack_scope
value: openid profile openappstack_roles email
- name: Accounts_OAuth_Custom_Openappstack_id
value: rocketchat
- name: Accounts_OAuth_Custom_Openappstack_secret
value: ${rocketchat_oauth_client_secret}
- name: Accounts_OAuth_Custom_Openappstack_login_style
value: redirect
- name: Accounts_OAuth_Custom_Openappstack_button_label_text
value: Login via OpenAppStack
- name: Accounts_OAuth_Custom_Openappstack_button_label_color
value: "#FFFFFF"
- name: Accounts_OAuth_Custom_Openappstack_button_color
value: "#1d74f5"
- name: Accounts_OAuth_Custom_Openappstack_username_field
value: preferred_username
- name: Accounts_OAuth_Custom_Openappstack_name_field
value: preferred_username
- name: Accounts_OAuth_Custom_Openappstack_roles_claim
value: openappstack_roles
- name: Accounts_OAuth_Custom_Openappstack_merge_roles
value: "true"
- name: Accounts_OAuth_Custom_Openappstack_merge_users
value: "true"
- name: Accounts_OAuth_Custom_Openappstack_show_button
value: "true"
livenessProbe:
initialDelaySeconds: 180
failureThreshold: 20
readinessProbe:
initialDelaySeconds: 60
timeoutSeconds: 10
ingress:
enabled: true
annotations:
# Tell cert-manager to automatically get a TLS certificate
kubernetes.io/tls-acme: "true"
tls:
- hosts:
- "chat.${domain}"
secretName: oas-rocketchat
persistence:
enabled: true
size: 1Gi
# FIXME: This valuee leads to an unused PVC, which helm-controller does
# not like.
# existingClaim: "rocketchat-data"
podAnnotations:
# Let the backup system include rocketchat data.
backup.velero.io/backup-volumes: "rocket-data"
resources:
limits:
cpu: 400m
memory: 1024Mi
requests:
cpu: 100m
memory: 768Mi
mongodb:
auth:
rootPassword: ${mongodb_root_password}
password: ${mongodb_password}
podAnnotations:
# Let the backup system include rocketchat data stored in mongodb.
backup.velero.io/backup-volumes: "datadir"
persistence:
enabled: true
# FIXME: This value is ignored by the chart currently in use
# existingClaim: "rocketchat-mongodb"
resources:
limits:
cpu: 600m
memory: 1024Mi
requests:
cpu: 300m
memory: 768Mi
image:
tag: 3.15.0
pullPolicy: IfNotPresent