279cd0d19f
Extract domain, ingress class, TLS issuer, storage classes, S3 endpoints, backup toggles, and forgejo node selector into env-data values. Each prototype's app-data declares its subdomain alongside namespace; templates compute host as <subdomain>.<cluster.domain>. Schema is shape-only with safe defaults; production env-data sets values explicitly. Backup CronJobs and external-secret prechecks gate on backups.enabled and ocis.s3.external. Adds mkcert ClusterIssuer + precheck Job for local-dev TLS, gated on cluster.tls.issuer == "mkcert". forgejo argocd-deploy-key Job: REPO_URL/FORGEJO_URL moved to container env vars to keep the script ytt-templatable; runtime behavior unchanged. Production render verified byte-identical (excluding the deploy-key Job env-var refactor and chart-volatile UUID ConfigMaps).
38 lines
543 B
YAML
38 lines
543 B
YAML
#@data/values-schema
|
|
---
|
|
#@overlay/match missing_ok=True
|
|
cluster:
|
|
domain: ""
|
|
ingress:
|
|
className: ""
|
|
tls:
|
|
issuer: ""
|
|
storageClass:
|
|
block: ""
|
|
local: ""
|
|
|
|
#@overlay/match missing_ok=True
|
|
backups:
|
|
enabled: false
|
|
s3:
|
|
endpoint: ""
|
|
region: ""
|
|
storagebox:
|
|
enabled: false
|
|
|
|
#@overlay/match missing_ok=True
|
|
ocis:
|
|
s3:
|
|
external: false
|
|
endpoint: ""
|
|
region: ""
|
|
bucket: ""
|
|
|
|
#@overlay/match missing_ok=True
|
|
forgejo:
|
|
sshPort: 22
|
|
#@schema/type any=True
|
|
nodeSelector: {}
|
|
backup:
|
|
s3Bucket: ""
|