wordpress-values-configmap.yaml

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: stackspin-wordpress-values
  namespace: stackspin-apps
data:
  values.yaml: |
    wordpress:
      config:
        db:
          prefix: wp_
        adm:
          usid: admin
          pssw: "${wordpress_admin_password}"
          email: "${admin_email}"
      site:
        # NOTE: Make sure you use underscore and that the localisation is in full caps
        locale: en_US
        url: "https://www.${domain}"
        title: "Stackspin website"
      plugins:
        - https://github.com/level73/stackspin-plugin/archive/refs/heads/main.zip

    persistence:
      existingClaim: wordpress-files
    podAnnotations:
      backup.velero.io/backup-volumes: "wordpress-wp-uploads"
    podLabels:
      stackspin.net/backupSet: "wordpress"
    statefulSetLabels:
      stackspin.net/backupSet: "wordpress"

    openid_connect_settings:
      enabled: true
      client_secret: ${client_secret}
      endpoint_login: https://sso.${domain}/oauth2/auth
      endpoint_userinfo: https://sso.${domain}/userinfo
      endpoint_token: https://sso.${domain}/oauth2/token
      endpoint_end_session: ""
      # If a WordPress account already exists with the same identity as a
      # newly-authenticated user over OpenID Connect, login as that user
      # instead of generating an error.
      link_existing_users: "1"
      # After our SSO supports it, we should set this as the logout URL
      # https://open.greenhost.net/stackspin/single-sign-on/issues/28
      # endpoint_end_session: https://sso.${domain}/oauth2/sessions/logout
      no_sslverify: "0"
      http_request_timeout: "15"
      enable_logging: "1"
      scope: email profile openid stackspin_roles offline_access
      role_mapping_enabled: true
      role_key: stackspin_roles

    smtp_settings:
      enabled: ${outgoing_mail_enabled}
      smtp_user: "${outgoing_mail_smtp_user}"
      smtp_pass: "${outgoing_mail_smtp_password}"
      smtp_host: "${outgoing_mail_smtp_host}"
      smtp_from: "${outgoing_mail_smtp_user}"
      smtp_port: "${outgoing_mail_smtp_port}"

    database:
      auth:
        username: wordpress
        password: "${wordpress_mariadb_password}"
        rootPassword: "${wordpress_mariadb_root_password}"
      architecture: standalone
      primary:
        persistence:
          ## Enable MariaDB persistence using Persistent Volume Claims.
          enabled: true
          existingClaim: "wordpress-mariadb"
        podAnnotations:
          # Let the backup system include nextcloud database data.
          backup.velero.io/backup-volumes: "data"
        resources:
          limits:
            cpu: 200m
            memory: 512Mi
          requests:
            cpu: 100m
            memory: 256Mi
      commonLabels:
        stackspin.net/backupSet: "wordpress"

    # It's advisable to set resource limits to prevent your K8s cluster from
    # crashing
    resources:
      limits:
        cpu: "4"
        memory: 512Mi
      requests:
        cpu: 100m
        memory: 256Mi

    ingress:
      enabled: true
      annotations:
        kubernetes.io/tls-acme: "true"
      path: /
      hosts:
        - "www.${domain}"
        - "${domain}"
      tls:
        - hosts:
            - "www.${domain}"
            - "${domain}"
          secretName: stackspin-wordpress