From 13a2e0f1eb1f1c87bc089dda6ab989fa1771e742 Mon Sep 17 00:00:00 2001 From: princebansal Date: Thu, 14 Mar 2024 21:11:53 +0530 Subject: [PATCH] Changes in the original clone --- templates/deployment.yaml | 10 +++- values.yaml | 97 +++++++++++++++++++++++++++++---------- 2 files changed, 83 insertions(+), 24 deletions(-) diff --git a/templates/deployment.yaml b/templates/deployment.yaml index a458441..5ed002c 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -93,7 +93,11 @@ spec: {{- if or (.Values.secret) (.Values.existingSecret) }} - name: secret-volume mountPath: /n8n-secret - {{- end }} + {{- end }} + {{- if .Values.extraVolumeMounts }} # Adding provisions for extra volume mounts + {{- toYaml .Values.extraVolumeMounts | nindent 12 }} + {{- end }} + {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -122,3 +126,7 @@ spec: - key: "secret.json" path: "secret.json" {{- end }} + {{- if .Values.extraVolumes }} # Adding provisions for extra volumes + {{- toYaml .Values.extraVolumes | nindent 8 }} + {{- end }} + diff --git a/values.yaml b/values.yaml index 2f6e800..4cd723c 100644 --- a/values.yaml +++ b/values.yaml @@ -1,17 +1,25 @@ # Default helm values for n8n. # Default values within the n8n application can be found under https://github.com/n8n-io/n8n/blob/master/packages/cli/src/config/index.ts n8n: - encryption_key: # if not specified n8n on first launch creates a random encryption key for encrypting saved credentials and saves it in the ~/.n8n folder + encryption_key: n8n # if not specified n8n on first launch creates a random encryption key for encrypting saved credentials and saves it in the ~/.n8n folder defaults: config: - executions: - pruneData: "true" # prune executions by default - pruneDataMaxAge: 3760 # Per default we store 1 year of history +# executions: +# pruneData: "true" # prune executions by default +# pruneDataMaxAge: 3760 # Per default we store 1 year of history + database: + type: postgresdb + postgresdb: + host: n8n-database.tools.svc.cluster.local + user: n8n # existingSecret and secret are exclusive, with existingSecret taking priority. # existingSecret: "" # Use an existing Kubernetes secret, e.g created by hand or Vault operator. secret: # Dict with all n8n json config options, unlike config the values here will end up in a secret. + database: + postgresdb: + password: xu!TuJnLYvgP9% # Typical Example of a config in combination with a secret. # config: @@ -98,7 +106,12 @@ secret: # Dict with all n8n json config options, unlike config the values here w # errorTriggerType: # Node Type to use as Error Trigger - default: n8n-nodes-base.errorTrigger # Set additional environment variables on the Deployment -extraEnv: {} +extraEnv: + N8N_LOG_LEVEL: verbose + N8N_DIAGNOSTICS_ENABLED: false + WEBHOOK_URL: https://n8n.alippo.com + NODE_FUNCTION_ALLOW_BUILTIN: "*" + NODE_EXTRA_CA_CERTS: /n8n-ca/ca.crt # Set this if running behind a reverse proxy and the external port is different from the port n8n runs on # WEBHOOK_URL: "https://n8n.myhost.com/ @@ -159,13 +172,14 @@ replicaCount: 1 # maxUnavailable: "50%" deploymentStrategy: - type: "Recreate" + # type: "Recreate" + type: "RollingUpdate" image: repository: n8nio/n8n pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - tag: "" + tag: "1.30.0" imagePullSecrets: [] nameOverride: "" @@ -258,22 +272,43 @@ service: port: 80 annotations: {} -ingress: - enabled: false - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: chart-example.local - paths: [] - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local +#ingress: +# enabled: false +# annotations: {} +# # kubernetes.io/ingress.class: nginx +# # kubernetes.io/tls-acme: "true" +# hosts: +# - host: chart-example.local +# paths: [] +# tls: [] +# # - secretName: chart-example-tls +# # hosts: +# # - chart-example.local +# +# # define a custom incressClassName, like "traefik" or "nginx" +# className: "" - # define a custom incressClassName, like "traefik" or "nginx" - className: "" +ingress: + enabled: true + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/use-regex: "true" + cert-manager.io/acme-challenge-type: http01 + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: "PUT, GET, POST, OPTIONS, DELETE" + nginx.ingress.kubernetes.io/cors-allow-headers: "Content-Type" + hosts: + - host: n8n.alippo.com + paths: + - "/" + tls: + - hosts: + - n8n.alippo.com + secretName: n8n-tls + className: "nginx" workerResources: {} @@ -281,7 +316,6 @@ webhookResources: {} resources: - {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following @@ -292,6 +326,12 @@ resources: # requests: # cpu: 100m # memory: 128Mi + limits: + cpu: "1.5" + memory: 1Gi + requests: + cpu: 1 + memory: 256Mi autoscaling: enabled: false @@ -300,7 +340,8 @@ autoscaling: targetCPUUtilizationPercentage: 80 # targetMemoryUtilizationPercentage: 80 -nodeSelector: {} +nodeSelector: + type: tools tolerations: [] @@ -334,3 +375,13 @@ redis: enabled: true existingClaim: "" size: 2Gi + + +extraVolumes: + - name: elasticsearch-master-certs + secret: + defaultMode: 420 + secretName: elasticsearch-master-certs +extraVolumeMounts: + - mountPath: /n8n-ca + name: elasticsearch-master-certs