Changes in the original clone

templates/deployment.yaml

@@ -93,7 +93,11 @@ spec:
  {{- if or (.Values.secret) (.Values.existingSecret) }}
  - name: secret-volume
  mountPath: /n8n-secret
- {{- end }}
+ {{- end }}
+ {{- if .Values.extraVolumeMounts }} # Adding provisions for extra volume mounts
+ {{- toYaml .Values.extraVolumeMounts | nindent 12 }}
+ {{- end }}
+
  {{- with .Values.nodeSelector }}
  nodeSelector:
  {{- toYaml . | nindent 8 }}
@@ -122,3 +126,7 @@ spec:
  - key: "secret.json"
  path: "secret.json"
  {{- end }}
+ {{- if .Values.extraVolumes }} # Adding provisions for extra volumes
+ {{- toYaml .Values.extraVolumes | nindent 8 }}
+ {{- end }}
+

values.yaml

@@ -1,17 +1,25 @@
 # Default helm values for n8n.
 # Default values within the n8n application can be found under https://github.com/n8n-io/n8n/blob/master/packages/cli/src/config/index.ts
 n8n:
- encryption_key: # if not specified n8n on first launch creates a random encryption key for encrypting saved credentials and saves it in the ~/.n8n folder
+ encryption_key: n8n # if not specified n8n on first launch creates a random encryption key for encrypting saved credentials and saves it in the ~/.n8n folder
 defaults:
 
 config:
- executions:
- pruneData: "true" # prune executions by default
- pruneDataMaxAge: 3760 # Per default we store 1 year of history
+# executions:
+# pruneData: "true" # prune executions by default
+# pruneDataMaxAge: 3760 # Per default we store 1 year of history
+ database:
+ type: postgresdb
+ postgresdb:
+ host: n8n-database.tools.svc.cluster.local
+ user: n8n
 
 # existingSecret and secret are exclusive, with existingSecret taking priority.
 # existingSecret: "" # Use an existing Kubernetes secret, e.g created by hand or Vault operator.
 secret: # Dict with all n8n json config options, unlike config the values here will end up in a secret.
+ database:
+ postgresdb:
+ password: xu!TuJnLYvgP9%
 
 # Typical Example of a config in combination with a secret.
 # config:
@@ -98,7 +106,12 @@ secret: # Dict with all n8n json config options, unlike config the values here w
 # errorTriggerType: # Node Type to use as Error Trigger - default: n8n-nodes-base.errorTrigger
 
 # Set additional environment variables on the Deployment
-extraEnv: {}
+extraEnv:
+ N8N_LOG_LEVEL: verbose
+ N8N_DIAGNOSTICS_ENABLED: false
+ WEBHOOK_URL: https://n8n.alippo.com
+ NODE_FUNCTION_ALLOW_BUILTIN: "*"
+ NODE_EXTRA_CA_CERTS: /n8n-ca/ca.crt
 # Set this if running behind a reverse proxy and the external port is different from the port n8n runs on
 # WEBHOOK_URL: "https://n8n.myhost.com/
 
@@ -159,13 +172,14 @@ replicaCount: 1
 # maxUnavailable: "50%"
 
 deploymentStrategy:
- type: "Recreate"
+ # type: "Recreate"
+ type: "RollingUpdate"
 
 image:
  repository: n8nio/n8n
  pullPolicy: IfNotPresent
  # Overrides the image tag whose default is the chart appVersion.
- tag: ""
+ tag: "1.30.0"
 
 imagePullSecrets: []
 nameOverride: ""
@@ -258,30 +272,50 @@ service:
  port: 80
  annotations: {}
 
-ingress:
- enabled: false
- annotations: {}
- # kubernetes.io/ingress.class: nginx
- # kubernetes.io/tls-acme: "true"
- hosts:
- - host: chart-example.local
- paths: []
- tls: []
- # - secretName: chart-example-tls
- # hosts:
- # - chart-example.local
+#ingress:
+# enabled: false
+# annotations: {}
+# # kubernetes.io/ingress.class: nginx
+# # kubernetes.io/tls-acme: "true"
+# hosts:
+# - host: chart-example.local
+# paths: []
+# tls: []
+# # - secretName: chart-example-tls
+# # hosts:
+# # - chart-example.local
+#
+# # define a custom incressClassName, like "traefik" or "nginx"
+# className: ""
 
- # define a custom incressClassName, like "traefik" or "nginx"
- className: ""
 
+ingress:
+ enabled: true
+ annotations:
+ cert-manager.io/cluster-issuer: letsencrypt-prod
+ nginx.ingress.kubernetes.io/ssl-redirect: "true"
+ nginx.ingress.kubernetes.io/use-regex: "true"
+ cert-manager.io/acme-challenge-type: http01
+ kubernetes.io/ingress.class: nginx
+ nginx.ingress.kubernetes.io/enable-cors: "true"
+ nginx.ingress.kubernetes.io/cors-allow-methods: "PUT, GET, POST, OPTIONS, DELETE"
+ nginx.ingress.kubernetes.io/cors-allow-headers: "Content-Type"
+ hosts:
+ - host: n8n.alippo.com
+ paths:
+ - "/"
+ tls:
+ - hosts:
+ - n8n.alippo.com
+ secretName: n8n-tls
+ className: "nginx"
 workerResources:
  {}
 
 webhookResources:
  {}
 
 resources:
- {}
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
@@ -292,6 +326,12 @@ resources:
  # requests:
 # cpu: 100m
 # memory: 128Mi
+ limits:
+ cpu: "1.5"
+ memory: 1Gi
+ requests:
+ cpu: 1
+ memory: 256Mi
 
 autoscaling:
  enabled: false
@@ -300,7 +340,8 @@ autoscaling:
  targetCPUUtilizationPercentage: 80
  # targetMemoryUtilizationPercentage: 80
 
-nodeSelector: {}
+nodeSelector:
+ type: tools
 
 tolerations: []
 
@@ -334,3 +375,13 @@ redis:
  enabled: true
  existingClaim: ""
  size: 2Gi
+
+
+extraVolumes:
+ - name: elasticsearch-master-certs
+ secret:
+ defaultMode: 420
+ secretName: elasticsearch-master-certs
+extraVolumeMounts:
+ - mountPath: /n8n-ca
+ name: elasticsearch-master-certs