image: # -- The image registry to pull from registry: docker.io # -- The image repository to pull from repository: nodered/node-red # -- The image pull policy pullPolicy: IfNotPresent # -- The image tag to pull, default: `Chart.appVersion` tag: "" npmrc: # -- Enable custom npmrc config enabled: false # -- Configuration to use any compatible registry registry: "https://registry.npmjs.org" # -- Configuration to add custom npmrc config content: | # Custom npmrc config # -- node-red env, see more environment variables in the [node-red documentation](https://nodered.org/docs/getting-started/docker) env: # Possible Values: - name: TZ value: "Europe/Berlin" # NODE_OPTIONS: # NODE_RED_ENABLE_PROJECTS: # NODE_RED_ENABLE_SAFE_MODE: # FLOWS: # example: # env: # - name: "NODE_RED_ENABLE_SAFE_MODE" # value: "" # -- Pod Security Context see [values.yaml](values.yaml) podSecurityContext: # -- node-red group is 1000 fsGroup: 1000 # -- node-red user is 1000 runAsUser: 1000 # -- Security Context see [values.yaml](values.yaml) securityContext: privileged: false runAsNonRoot: true allowPrivilegeEscalation: false readOnlyRootFilesystem: true runAsGroup: 10003 runAsUser: 10003 seccompProfile: type: RuntimeDefault capabilities: drop: - ALL service: # -- Kubernetes service type type: ClusterIP # -- Kubernetes port where service is exposed port: 1880 # Enable Service-Monitor for node-red metrics: # -- Deploy metrics service enabled: false path: /metrics serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false # -- Prometheus basicAuth configuration for ServiceMonitor endpoint basicAuth: {} # -- Prometheus ServiceMonitor interval interval: 30s # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion metricRelabelings: [] # -- Prometheus ServiceMonitor selector selector: {} # prometheus: kube-prometheus # -- Prometheus ServiceMonitor namespace namespace: "" # "monitoring" # -- Prometheus ServiceMonitor labels additionalLabels: {} persistence: enabled: true accessMode: ReadWriteOnce size: 5Gi ingress: # -- Enable an ingress resource for the server enabled: true # -- Defines which ingress controller will implement the resource className: "ingress-internal" # -- Additional ingress annotations annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: # Ingress accepted hostnames - host: nodered.dc paths: # -- The base path - path: / # -- Ingress type of path pathType: ImplementationSpecific # -- Ingress TLS configuration tls: - secretName: chart-example-tls hosts: - nodered.dc certificate: enabled: true name: "nodered-tls" issuerRef: kind: ClusterIssuer name: "vault-issuer" # -- CPU/Memory resource requests/limits resources: limits: cpu: 1000m memory: 1024Mi requests: cpu: 50m memory: 64Mi # -- You can configure node-red using a settings file. default: {} settings: {} # Details about the content of the settings.js, you can lookup under # https://nodered.org/docs/user-guide/runtime/settings-file # The ConfigMap should already exist and the key must be named `settings.js` # name: settings-config # configMapName: settings-config sidecar: # -- Enable the sidecar enabled: false # Env variables to pass to the sidecar env: # -- Set the sleep time for refresh script sleep_time_sidecar: 5s # -- If METHOD is set to LIST, the sidecar will just list config-maps/secrets and exit. With SLEEP it will list all config-maps/secrets, then sleep for SLEEP_TIME seconds. Anything else will continuously watch for changes (see https://kubernetes.io/docs/reference/using-api/api-concepts/#efficient-detection-of-changes). method: watch # -- Label that should be used for filtering label: node-red-settings # -- The value for the label you want to filter your resources on. Don't set a value to filter by any value label_value: "1" # -- Absolute path to shell script to execute after a configmap got reloaded. script: flow_refresh.sh # The username for the API Call, check node-red documentation for more information username: "" # -- Password as key value pair password: "" # -- Password from existing secret passwordFromExistingSecret: {} # -- Name of the secret that contains the password # name: node-red-api-admin-password # -- Key of the secret that contains the password # key: password # -- Extra Environments for the sidecar extraEnv: [] # -- Resources for the sidecar resources: {} # -- Security context for the sidecar securityContext: {} # Image for the sidecar image: # -- The image registry to pull the sidecar from registry: quay.io # -- The image repository to pull from repository: kiwigrid/k8s-sidecar # -- The image tag to pull, default: `1.23.1` tag: 1.26.0 # -- The image pull policy, default: `IfNotPresent` pullPolicy: IfNotPresent # -- The extra volume mounts for the sidecar volumeMounts: []