# Default values for ghost. # This is a YAML-formatted file. # Declare variables to be passed into your templates. # -- This will set the replicaset count more information can be found here: # https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ replicaCount: 1 # This sets the container image more information can be found here: # https://kubernetes.io/docs/concepts/containers/images/ image: # -- image repo repository: ghost # -- This sets the pull policy for images. pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. tag: "" # secrets for pulling an image from a private repository more info can be found here: # https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ imagePullSecrets: [] # -- This is to override the chart name. nameOverride: "" # -- fullname Override fullnameOverride: "" # This section builds out the service account more information can be found here: # https://kubernetes.io/docs/concepts/security/service-accounts/ serviceAccount: # -- Specifies whether a service account should be created create: true # -- Automatically mount a ServiceAccount's API credentials? automount: true # -- Annotations to add to the service account annotations: {} # -- The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" # -- This is for setting Kubernetes Annotations to a Pod. For more info checkout: # https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ podAnnotations: {} # -- This is for setting Kubernetes Labels to a Pod. For more info checkout: # https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ podLabels: {} # -- Configure Pods Security Context # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod podSecurityContext: {} # fsGroup: 2000 securityContext: {} # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 # This is for setting up a service more information can be found here: # https://kubernetes.io/docs/concepts/services-networking/service/ service: # -- This sets the service type more information can be found here: # https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types type: ClusterIP # -- This sets the ports more information can be found here: # https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports port: 80 # -- this is the port in the container you want to contact targetPort: 2368 # This block is for setting up the ingress for more information can be found here: # https://kubernetes.io/docs/concepts/services-networking/ingress/ ingress: # -- enable ingress from outside the cluster enabled: true # -- ingress class name e.g. nginx className: "" annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: - host: chart-example.local paths: - path: / pathType: Path tls: [] # - secretName: chart-example-tls # hosts: # - chart-example.local # -- pod resources: requested cpu/mem and limits for cpu/mem resources: {} # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi # -- to setup the liveness probes more information can be found here: # https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ livenessProbe: {} # httpGet: # path: / # port: http # -- to setup the readinessProbe more information can be found here: # https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ readinessProbe: {} # httpGet: # path: / # port: http # This section is for setting up autoscaling more information can be found here: # https://kubernetes.io/docs/concepts/workloads/autoscaling/ autoscaling: # -- enable autoscaling enabled: false # -- autoscaling minimum pod replicas minReplicas: 1 # -- autoscaling max pod replicas maxReplicas: 2 # -- autoscaling CPU percentage to start scaling at targetCPUUtilizationPercentage: 80 # -- autoscaling memory percentage to start scaling at targetMemoryUtilizationPercentage: 80 persistence: # -- use an existing Kubernetes Peristent Volume Claim existingClaim: "" # -- size of the PVC (ignored if persistence.existingClaim is set) storage: 1Gi # -- accessModes for the PVC (ignored if persistence.existingClaim is set) accessModes: [] # -- Additional volumes on the output Deployment definition. volumes: [] # - name: foo # secret: # secretName: mysecret # optional: false # -- Additional volumeMounts on the output Deployment definition. volumeMounts: [] # - name: foo # mountPath: "/etc/foo" # readOnly: true # -- node selector nodeSelector: {} # -- tolerations to tolerate tainted nodes tolerations: [] # -- pod or node affinity affinity: {} externalDatabase: # -- database hostname. ignored if existingSecret not "" host: "" # -- database port. ignored if existingSecret not "" port: "" # -- database name. ignored if existingSecret not "" database: "" # -- database username. ignored if existingSecret not "" username: "" # -- database password. ignored if existingSecret not "" password: "" # -- database root password. ignored if existingSecret not "" root_password: "" # -- existing kubernetes secret for your external Database existingSecret: "" secretKeys: # -- secret key in your existing k8s secret for the database hostname hostname: "" # -- secret key in your existing k8s secret for the database port port: "" # -- secret key in your existing k8s secret for the database username username: "" # -- secret key in your existing k8s secret for the database password password: "" # -- secret key in your existing k8s secret for the database root password root_password: "" # -- secret key in your existing k8s secret for the database name database: "" ghost: # -- public url of the ghost blog (must INCLUDE http:// or https://) # e.g. https://blog.example.com url: "" # -- domain of the ghost blog (must NOT include http:// or https://) # e.g. blog.example.com domain: "" # -- public admin url of the ghost blog (must INCLUDE http:// or https://) # e.g. https://admin.blog.example.com admin_url: "" # -- admin domain of the ghost blog, used for admin portal # (must NOT include http:// or https://) e.g. admin.blog.example.com admin_domain: "" # -- title of your ghost blog blog_title: "" # -- enable HTTPS for the ghost blog enable_https: false # -- skip install of ghost at pod restart skip_bootstrap: false # -- default logging level for the ghost container logging_level: info # admin user info admin: # -- admin username. ignored if existingSecret not "" username: "" # -- admin password. ignored if existingSecret not "" password: "" # -- admin email. ignored if existingSecret not "" email: "" # -- existing kubernetes secret with ghost admin credentials existingSecret: "" # keys in existing kubernetes secret for admin credentials secretKeys: # -- Key in existing Kubernetes Secret with the admin username. username: "" # -- Key in existing Kubernetes Secret with the admin password. password: "" # -- Key in existing Kubernetes Secret with the admin email. email: "" # SMTP, mail, configuration smtp: # -- smtp hostname. ignored if existingSecret not "" host: "" # -- smtp port. ignored if existingSecret not "" port: "" # -- smtp username. ignored if existingSecret not "" username: "" # -- smtp password. ignored if existingSecret not "" password: "" # -- smtp protocol. ignored if existingSecret not "" protocol: "" # -- smtp from address. ignored if existingSecret not "" from_address: "" # -- existing kubernetes secret with ghost smtp credentials existingSecret: "" # keys in existing kubernetes secret for smtp credentials secretKeys: # -- Key in existing Kubernetes Secret with the smtp host. host: "" # -- Key in existing Kubernetes Secret with the smtp port. port: "" # -- Key in existing Kubernetes Secret with the smtp protocol. protocol: "" # -- Key in existing Kubernetes Secret with the smtp username. username: "" # -- Key in existing Kubernetes Secret with the smtp password. password: "" # -- Key in existing Kubernetes Secret with the smtp from address. from_address: "" # ActivityPub configuration activity_pub: # -- enable activity pub. I actually don't know how to make this work without # activity pub :( submit a PR if you know! enabled: true # sets the activitypub container image. more info can be found here: # https://kubernetes.io/docs/concepts/containers/images/ image: # -- ActivityPub image registry registry: ghcr.io # -- ActivityPub image repo repository: tryghost/activitypub # -- This sets the pull policy for ActivityPub images. pullPolicy: IfNotPresent # -- ActivityPub verison (the image tag) tag: "1.1" # -- use MQ useMq: false # -- allow private addresses allowPrivateAddress: true # -- not sure what this does. found it in a docker compose skipSignatureVerfication: false # activity pub has it's own database externalDatabase: # -- database hostname. ignored if existingSecret not "" host: "" # -- database port. ignored if existingSecret not "" port: "" # -- database name. ignored if existingSecret not "" database: "" # -- database username. ignored if existingSecret not "" username: "" # -- database password. ignored if existingSecret not "" password: "" # -- database root password. ignored if existingSecret not "" root_password: "" # -- existing kubernetes secret for your external Database existingSecret: "" secretKeys: # -- secret key in existing k8s secret for ActivityPub database hostname hostname: "" # -- secret key in existing k8s secret for ActivityPub database port port: "" # -- secret key in existing k8s secret for ActivityPub database username username: "" # -- secret key in existing k8s secret for ActivityPub database password password: "" # -- secret key in existing k8s secret for ActivityPub database root password root_password: "" # -- secret key in existing k8s secret for ActivityPub database name database: "" # -- secret key in existing k8s secret for ActivityPub mysql connection string connection_string: "" service: # -- sets the ActivityPub service type more information can be found here: # https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types type: ClusterIP # -- sets the ActivityPub ports more information can be found here: # https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports port: 8080 # -- port in the ActivityPub container you want to contact targetPort: 8080 # -- ActivityPub pod resources: requested cpu/mem and limits for cpu/mem resources: {} # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi # -- ActivityPub Configure Pods Security Context # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod podSecurityContext: {} # fsGroup: 2000 # -- ActivityPub Configure container Security Context securityContext: {} # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 # Options for embedded nginx reverse-proxy proxy: # -- enable/disable the embedded proxy enabled: false service: # -- port exposed by proxy service port: 80 # -- config to be mounted into the nginx container config: |- user nginx; worker_processes 1; events { worker_connections 10240; } http { server { listen 80; server_name 0.0.0.0; location / { root /usr/share/nginx/html; #Change this line index index.html index.htm; } } }