# Default values for kyoo. global: image: repositoryBase: "ghcr.io/zoriya" tag: "" imagePullPolicy: IfNotPresent imagePullSecrets: [] deploymentAnnotations: {} podAnnotations: {} podLabels: {} extraEnv: [] meilisearch: proto: http host: kyoo-meilisearch port: 7700 #infra is only used by subchart deployment infra: # DOES NOT SUPPORT SPECIFYING KEY. MUST BE NAMED `MEILI_MASTER_KEY` existingSecret: bigsecret kyoo_back: masterkeyKey: MEILI_MASTER_KEY existingSecret: bigsecret postgres: #infra is only used by subchart deployment infra: # subchart does not accept this global value in one place # if updating be sure to also update postgresql.auth.username user: kyoo_all passwordKey: postgres_password existingSecret: bigsecret kyoo_back: host: kyoo-postgresql port: 5432 database: kyoo_back kyoo_migrations: userKey: postgres_user passwordKey: postgres_password existingSecret: bigsecret kyoo_back: userKey: postgres_user passwordKey: postgres_password existingSecret: bigsecret kyoo_transcoder: host: kyoo-postgresql port: 5432 database: kyoo_transcoder # POSTGRES_SCHEMA disabled means application will not create the schema # and will instead use the user's search path schema: disabled kyoo_transcoder: userKey: postgres_user passwordKey: postgres_password existingSecret: bigsecret rabbitmq: host: kyoo-rabbitmq port: 5672 # vhost is not used yet # vhost: "" #infra is only used by subchart deployment infra: # user must be manually aligned via rabbitmq.auth.user passwordKey: rabbitmq_password keyErlangCookie: rabbitmq_cookie existingSecret: bigsecret kyoo_autosync: userKey: rabbitmq_user passwordKey: rabbitmq_password existingSecret: bigsecret kyoo_back: userKey: rabbitmq_user passwordKey: rabbitmq_password existingSecret: bigsecret kyoo_matcher: userKey: rabbitmq_user passwordKey: rabbitmq_password existingSecret: bigsecret kyoo_scanner: userKey: rabbitmq_user passwordKey: rabbitmq_password existingSecret: bigsecret kyoo: address: "https://kyoo.mydomain.com" requireAccountVerification: true defaultPermissions: "overall.read,overall.play" unloggedPermissions: "" libraryIgnorePattern: ".*/[dD]ownloads?/.*" languages: "en" # hardware acceleration profile (valid values: disabled, vaapi, qsv, nvidia) transcoderAcceleration: disabled # the preset used during transcode. faster means worst quality, you can probably use a slower preset with hwaccels # warning: using vaapi hwaccel disable presets (they are not supported). transcoderPreset: fast apikey: existingSecret: bigsecret apikeyKey: kyoo_apikeys oidc: enabled: false existingSecret: bigsecret clientIdKey: clientId clientSecretKey: clientSecret name: YourPrettyName logo: https://url-of-your-logo.com authorizationAddress: https://url-of-the-authorization-endpoint-of-the-oidc-service.com/auth tokenAddress: https://url-of-the-token-endpoint-of-the-oidc-service.com/token profileAddress: https://url-of-the-profile-endpoint-of-the-oidc-service.com/userinfo scope: "email openid profile" authMethod: ClientSecretBasic media: volumes: - name: media persistentVolumeClaim: claimName: media # mounts should always be mounted to /data volumeMounts: - mountPath: /data name: media subPath: media contentdatabase: # TheMovieDB tmdb: apikeyKey: tmdb_apikey existingSecret: bigsecret # TVDatabase tvdb: apikeyKey: tvdb_apikey pinKey: tvdb_pin existingSecret: bigsecret ingress: enabled: false ingressClassName: ~ annotations: {} extraAnnotations: {} host: kyoo.mydomain.com tls: false tlsSecret: ~ autosync: name: autosync kyoo_autosync: livenessProbe: {} readinessProbe: {} resources: {} containerSecurityContext: {} extraVolumeMounts: [] extraArgs: [] extraEnv: [] image: repository: ~ tag: ~ replicaCount: 1 podLabels: {} deploymentAnnotations: {} podAnnotations: {} imagePullSecrets: [] serviceAccount: create: true automount: true annotations: {} name: ~ extraContainers: [] extraInitContainers: [] extraVolumes: [] back: name: back kyoo_migrations: livenessProbe: {} readinessProbe: {} resources: {} containerSecurityContext: {} extraVolumeMounts: [] extraArgs: [] extraEnv: [] image: repository: ~ tag: ~ kyoo_back: livenessProbe: {} readinessProbe: {} resources: {} containerSecurityContext: {} extraVolumeMounts: [] extraArgs: [] extraEnv: [] image: repository: ~ tag: ~ volumeMounts: - mountPath: /metadata name: back-storage volumes: - name: back-storage persistentVolumeClaim: claimName: back-storage replicaCount: 1 podLabels: {} deploymentAnnotations: {} podAnnotations: {} imagePullSecrets: [] service: annotations: {} labels: {} type: ClusterIP serviceAccount: create: true automount: true annotations: {} name: ~ extraContainers: [] extraInitContainers: [] extraVolumes: [] front: name: front kyoo_front: livenessProbe: {} readinessProbe: {} resources: {} containerSecurityContext: {} extraVolumeMounts: [] extraArgs: [] extraEnv: [] image: repository: ~ tag: ~ replicaCount: 1 podLabels: {} deploymentAnnotations: {} podAnnotations: {} imagePullSecrets: [] service: annotations: {} labels: {} type: ClusterIP serviceAccount: create: true automount: true annotations: {} name: ~ extraContainers: [] extraInitContainers: [] extraVolumes: [] matcher: name: matcher kyoo_matcher: livenessProbe: {} readinessProbe: {} resources: {} containerSecurityContext: {} extraVolumeMounts: [] # workaround until dedicated image is created extraArgs: - matcher extraEnv: [] image: # workaround until dedicated image is created repository: ghcr.io/zoriya/kyoo_scanner tag: ~ # matcher does not support multiple replicas replicaCount: 1 podLabels: {} deploymentAnnotations: {} podAnnotations: {} imagePullSecrets: [] serviceAccount: create: true automount: true annotations: {} name: ~ extraContainers: [] extraInitContainers: [] extraVolumes: [] scanner: name: scanner kyoo_scanner: livenessProbe: {} readinessProbe: {} resources: {} containerSecurityContext: {} extraVolumeMounts: [] extraArgs: [] extraEnv: [] image: repository: ~ tag: ~ # scanner does not support multiple replicas replicaCount: 1 podLabels: {} deploymentAnnotations: {} podAnnotations: {} imagePullSecrets: [] serviceAccount: create: true automount: true annotations: {} name: ~ extraContainers: [] extraInitContainers: [] extraVolumes: [] transcoder: name: transcoder kyoo_transcoder: livenessProbe: {} readinessProbe: {} resources: {} containerSecurityContext: {} extraVolumeMounts: [] extraArgs: [] extraEnv: [] image: repository: ~ tag: ~ volumeMounts: - mountPath: /metadata name: transcoder-storage - mountPath: /cache name: cache volumes: - name: transcoder-storage persistentVolumeClaim: claimName: transcoder-storage - name: cache emptyDir: {} replicaCount: 1 podLabels: {} deploymentAnnotations: {} podAnnotations: {} imagePullSecrets: [] service: annotations: {} labels: {} type: ClusterIP serviceAccount: create: true automount: true annotations: {} name: ~ extraContainers: [] extraInitContainers: [] extraVolumes: [] # subchart settings meilisearch: enabled: false environment: MEILI_ENV: production auth: # DOES NOT SUPPORT SPECIFYING KEY. MUST BE NAMED `MEILI_MASTER_KEY` existingMasterKeySecret: "{{ .Values.global.meilisearch.infra.existingSecret }}" persistence: enabled: true size: 3Gi # subchart settings postgresql: enabled: false auth: # username is unable to reference global value username: kyoo_all existingSecret: "{{ .Values.global.postgres.infra.existingSecret }}" secretKeys: # set the postgres user password to the same as our user adminPasswordKey: "{{ .Values.global.postgres.infra.passwordKey }}" userPasswordKey: "{{ .Values.global.postgres.infra.passwordKey }}" primary: # create databases, schemas, and set search_path initdb: scripts: # kyoo_back still requires public schema # https://github.com/zoriya/Kyoo/issues/536 kyoo_back.sql: | CREATE DATABASE {{ .Values.global.postgres.kyoo_back.database }} WITH OWNER {{ .Values.global.postgres.infra.user }}; \connect {{ .Values.global.postgres.kyoo_back.database }}; CREATE SCHEMA IF NOT EXISTS data AUTHORIZATION {{ .Values.global.postgres.infra.user }}; kyoo_transcoder.sql: | CREATE DATABASE {{ .Values.global.postgres.kyoo_transcoder.database }} WITH OWNER {{ .Values.global.postgres.infra.user }}; \connect {{ .Values.global.postgres.kyoo_transcoder.database }}; REVOKE ALL ON SCHEMA public FROM PUBLIC; CREATE SCHEMA IF NOT EXISTS data AUTHORIZATION {{ .Values.global.postgres.infra.user }}; user.sql: | ALTER ROLE {{ .Values.global.postgres.infra.user }} IN DATABASE {{ .Values.global.postgres.kyoo_back.database }} SET search_path TO "$user", public; ALTER ROLE {{ .Values.global.postgres.infra.user }} IN DATABASE {{ .Values.global.postgres.kyoo_transcoder.database }} SET search_path TO "$user", data; persistence: size: 3Gi # subchart settings rabbitmq: enabled: false auth: # this will not read from a secret. just manually make the same username: kyoo_all existingPasswordSecret: "{{ .Values.global.rabbitmq.infra.existingSecret }}" existingSecretPasswordKey: "{{ .Values.global.rabbitmq.infra.passwordKey }}" existingErlangSecret: "{{ .Values.global.rabbitmq.infra.existingSecret }}" existingSecretErlangKey: "{{ .Values.global.rabbitmq.infra.keyErlangCookie }}" # create extraObjects # create secret bigsecret # create pvc for each object extraObjects: []