image:
  repository: ghcr.io/navidrome/navidrome
  tag: 0.54.4

env:
  TZ: "Europe/Amsterdam"
  ND_DATAFOLDER: /config
  ND_LOGLEVEL: info
  ND_MUSICFOLDER: /music
  ND_PORT: 8080
  #ND_REVERSEPROXYUSERHEADER: "Remote-User"
  ND_REVERSEPROXYWHITELIST: "0.0.0.0/0"
  #ND_SCANSCHEDULE: "@every 1h"
  ND_SESSIONTIMEOUT: 24h
  ND_LISTENBRAINZ_ENABLED: "false"
  ND_LASTFM_ENABLED: "false"
  ND_PROMETHEUS_ENABLED: "false"
  ND_ENABLEGRAVATAR: "false"

service:
  main:
    ports:
      http:
        port: 8080

ingress:
  main:
    enabled: true
    ingressClassName: "ingress-external"
    labels:
      environment: external
    annotations:
      #cert-manager.io/cluster-issuer: vault-issuer
      nginx.ingress.kubernetes.io/proxy-body-size: 20G
      kubernetes.io/tls-acme: "true"
      cert-manager.io/cluster-issuer: letsencrypt
      external-dns.alpha.kubernetes.io/hostname: music.nold.in
      external-dns.alpha.kubernetes.io/target: nold.in
      external-dns.alpha.kubernetes.io/cloudflare-proxied: "false"
    hosts:
    - host: music.nold.in
      paths:
      - path: /
        pathType: Prefix
    tls:
    - secretName: music-ext-tls
      hosts:
      - music.nold.in

podSecurityContext:
  runAsUser: 568
  runAsGroup: 568
  fsGroup: 568
  fsGroupChangePolicy: "OnRootMismatch"
  supplementalGroups:
    - 100

persistence:
  config:
    enabled: true
    
  music:
    enabled: true
    type: hostPath
    hostPath: /data/media/music
    mountPath: /music
    readOnly: true

resources:
  requests:
    cpu: 10m
    memory: 50Mi
  limits:
    memory: 2Gi