diff --git a/flux2/apps/monitoring/eventrouter-release.yaml b/flux2/apps/monitoring/eventrouter-release.yaml
index 6ace3f9b9d9b03dddbd95e1ce3c1282f859b929f..1f0ac13c9b3229fbb40db999d61d60d55f46db06 100644
--- a/flux2/apps/monitoring/eventrouter-release.yaml
+++ b/flux2/apps/monitoring/eventrouter-release.yaml
@@ -24,4 +24,11 @@ spec:
requests:
memory: 100Mi
cpu: 100m
-
\ No newline at end of file
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-eventrouter-override
+ optional: true
+ - kind: Secret
+ name: oas-eventrouter-override
+ optional: true
diff --git a/flux2/apps/monitoring/kube-prometheus-stack-release.yaml b/flux2/apps/monitoring/kube-prometheus-stack-release.yaml
index a9b592c894d3cc03f8617d04a488506e410514cb..6ecdbf8f63f35bc47a6d1cb6a1887706587cf73b 100644
--- a/flux2/apps/monitoring/kube-prometheus-stack-release.yaml
+++ b/flux2/apps/monitoring/kube-prometheus-stack-release.yaml
@@ -31,6 +31,7 @@ spec:
kubeScheduler:
enabled: false
+ # https://github.com/prometheus-community/helm-charts/blob/main/charts/kube-prometheus-stack/values.yaml#L115
alertmanager:
ingress:
enabled: true
@@ -276,3 +277,11 @@ spec:
cpu: 100m
memory: 64Mi
# priorityClassName: high-priority
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-kube-prometheus-stack-override
+ optional: true
+ - kind: Secret
+ name: oas-kube-prometheus-stack-override
+ optional: true
diff --git a/flux2/apps/monitoring/loki-release.yaml b/flux2/apps/monitoring/loki-release.yaml
index 07769a71ece2b4d99a8fe04a87bbf4ab732c2460..b40528397bd967db65645f66bd2cbbad08bb858e 100644
--- a/flux2/apps/monitoring/loki-release.yaml
+++ b/flux2/apps/monitoring/loki-release.yaml
@@ -70,3 +70,11 @@ spec:
table_manager:
retention_deletes_enabled: true
retention_period: 672h # 28 days
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-loki-override
+ optional: true
+ - kind: Secret
+ name: oas-loki-override
+ optional: true
diff --git a/flux2/apps/monitoring/promtail-release.yaml b/flux2/apps/monitoring/promtail-release.yaml
index f5eacf743a2ab7e225d146ec5c14366c7f5ef642..2d64faf3fee04a5768daabb67e8f87bc05927ba9 100644
--- a/flux2/apps/monitoring/promtail-release.yaml
+++ b/flux2/apps/monitoring/promtail-release.yaml
@@ -53,3 +53,11 @@ spec:
event_name:
event_source_host:
event_source_component:
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-promtail-override
+ optional: true
+ - kind: Secret
+ name: oas-promtail-override
+ optional: true
diff --git a/flux2/apps/nextcloud/release.yaml b/flux2/apps/nextcloud/release.yaml
index 555d5d19bc60edf07be0fe2702624f492d2882b3..bcef09fd615d253078545271fa2ada08b41b39a7 100644
--- a/flux2/apps/nextcloud/release.yaml
+++ b/flux2/apps/nextcloud/release.yaml
@@ -196,3 +196,11 @@ spec:
- kind: ConfigMap
name: nextcloud-values-override
optional: true
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-nextcloud-override
+ optional: true
+ - kind: Secret
+ name: oas-nextcloud-override
+ optional: true
diff --git a/flux2/apps/rocketchat/release.yaml b/flux2/apps/rocketchat/release.yaml
index 881d815d535a437a501a09dafb24a9ca46fe591b..627cf6a5e39bdef4d765a30317731f9238004008 100644
--- a/flux2/apps/rocketchat/release.yaml
+++ b/flux2/apps/rocketchat/release.yaml
@@ -139,3 +139,11 @@ spec:
image:
tag: 3.15.0
pullPolicy: IfNotPresent
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-rocketchat-override
+ optional: true
+ - kind: Secret
+ name: oas-rocketchat-override
+ optional: true
diff --git a/flux2/apps/velero/release.yaml b/flux2/apps/velero/release.yaml
index 3cbdba99964b8040cc731368aa4044b728ee668e..07a2fdd0f841cadf081f71a0a459395ae16a9669 100644
--- a/flux2/apps/velero/release.yaml
+++ b/flux2/apps/velero/release.yaml
@@ -123,5 +123,12 @@ spec:
includedNamespaces:
# We include all namespaces.
- '*'
-
configMaps: {}
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-velero-override
+ optional: true
+ - kind: Secret
+ name: oas-velero-override
+ optional: true
diff --git a/flux2/apps/wordpress/release.yaml b/flux2/apps/wordpress/release.yaml
index 61fc9aafc238d7d26e56161d7a8fb8770454fb46..39552985dc4b27abbeb616ca01e7b1e4000e845f 100644
--- a/flux2/apps/wordpress/release.yaml
+++ b/flux2/apps/wordpress/release.yaml
@@ -30,12 +30,12 @@ spec:
locale: en_US
url: "https://www.${domain}"
title: "OpenAppStack website"
-
+
persistence:
existingClaim: wordpress-files
podAnnotations:
backup.velero.io/backup-volumes: "wordpress-wp-uploads"
-
+
openid_connect_settings:
enabled: true
client_secret: ${wordpress_oauth_client_secret}
@@ -52,7 +52,7 @@ spec:
scope: email profile openid openappstack_roles offline_access
role_mapping_enabled: true
role_key: openappstack_roles
-
+
database:
db:
user: wordpress
@@ -76,7 +76,7 @@ spec:
memory: 256Mi
replication:
enabled: false
-
+
# It's advisable to set resource limits to prevent your K8s cluster from
# crashing
resources:
@@ -86,7 +86,7 @@ spec:
requests:
cpu: 100m
memory: 128Mi
-
+
ingress:
enabled: true
annotations:
@@ -100,4 +100,11 @@ spec:
- "www.${domain}"
- "${domain}"
secretName: oas-wordpress
-
\ No newline at end of file
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-wordpress-override
+ optional: true
+ - kind: Secret
+ name: oas-wordpress-override
+ optional: true
diff --git a/flux2/core/base/metallb/release.yaml b/flux2/core/base/metallb/release.yaml
index 8127c48739e6e7a9938002d1d21adf09efc9b436..00e84c213f1dfb616e031fdcbb46350a91be814e 100644
--- a/flux2/core/base/metallb/release.yaml
+++ b/flux2/core/base/metallb/release.yaml
@@ -25,3 +25,11 @@ spec:
protocol: layer2
addresses:
- "${ip_address}/32"
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-metallb-override
+ optional: true
+ - kind: Secret
+ name: oas-metallb-override
+ optional: true
diff --git a/flux2/core/base/single-sign-on/release.yaml b/flux2/core/base/single-sign-on/release.yaml
index 750f63c204e740f284cc4a8c5e5166d4056c6feb..1fe758902d1ab01c18f9e4e37de4c87b615809e8 100644
--- a/flux2/core/base/single-sign-on/release.yaml
+++ b/flux2/core/base/single-sign-on/release.yaml
@@ -148,3 +148,11 @@ spec:
- "authorization_code"
- "refresh_token"
- "client_credentials"
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-single-sign-on-override
+ optional: true
+ - kind: Secret
+ name: oas-single-sign-on-override
+ optional: true
diff --git a/flux2/infrastructure/cert-manager/release.yaml b/flux2/infrastructure/cert-manager/release.yaml
index ca524e844733ec1f57e12e02f97dd67657c637ef..ef25cb2ff44bacccb6b51197b9f59213214926be 100644
--- a/flux2/infrastructure/cert-manager/release.yaml
+++ b/flux2/infrastructure/cert-manager/release.yaml
@@ -45,3 +45,11 @@ spec:
cpu: 100m
memory: 80Mi
installCRDs: true
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-cert-manager-override
+ optional: true
+ - kind: Secret
+ name: oas-cert-manager-override
+ optional: true
diff --git a/flux2/infrastructure/local-path-provisioner/release.yaml b/flux2/infrastructure/local-path-provisioner/release.yaml
index bd8afc1b7ccc3f77c8c2402a9772c4dc4d662eba..094b4a36635f6a37a1bb113ce996a07155d6f9ee 100644
--- a/flux2/infrastructure/local-path-provisioner/release.yaml
+++ b/flux2/infrastructure/local-path-provisioner/release.yaml
@@ -34,4 +34,12 @@ spec:
memory: 20Mi
limits:
cpu: 400m
- memory: 40Mi
\ No newline at end of file
+ memory: 40Mi
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-local-path-provisioner-override
+ optional: true
+ - kind: Secret
+ name: oas-local-path-provisioner-override
+ optional: true
diff --git a/flux2/infrastructure/nginx/release.yaml b/flux2/infrastructure/nginx/release.yaml
index 1c2514019e3559c9446c0a975129af32dd5706fb..06d270b3c5b964e3db4aa760c2e21a3f4dc9e5d2 100644
--- a/flux2/infrastructure/nginx/release.yaml
+++ b/flux2/infrastructure/nginx/release.yaml
@@ -40,3 +40,11 @@ spec:
requests:
cpu: 100m
memory: 64Mi
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-nginx-override
+ optional: true
+ - kind: Secret
+ name: oas-nginx-override
+ optional: true
diff --git a/flux2/infrastructure/secrets/release.yaml b/flux2/infrastructure/secrets/release.yaml
index a64f39be980d5fdf09c5be8bfd00c8d2cf35ecfc..4073c1768bdba6a4e64880fbe108d1e15e4dd62d 100644
--- a/flux2/infrastructure/secrets/release.yaml
+++ b/flux2/infrastructure/secrets/release.yaml
@@ -14,3 +14,11 @@ spec:
name: openappstack
namespace: flux-system
interval: 1h0m0s
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-secrets-override
+ optional: true
+ - kind: Secret
+ name: oas-secrets-override
+ optional: true