# Default values for sigi.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

replicaCount: 1

image:
#  registry: porto.interlegis.leg.br
  repository: porto.interlegis.leg.br/ilb/sigi
  pullPolicy: IfNotPresent
  # Overrides the image tag whose default is the chart appVersion.
  tag: ""

imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""

serviceAccount:
  # Specifies whether a service account should be created
  create: true
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""

podAnnotations: {}

podSecurityContext: {}
  # fsGroup: 2000

securityContext: {}
  # capabilities:
  #   drop:
  #   - ALL
  # readOnlyRootFilesystem: true
  # runAsNonRoot: true
  # runAsUser: 1000

service:
  type: ClusterIP
  port: 80

persistence:
  enabled: true
  #storageClass: ""
  accessMode: ReadWriteOnce
  size: 12Gi

sigi:
  debug: 'False'
  hostname: 'sigidsv.interlegis.leg.br'
  timeZone: 'America/Sao_Paulo'
  language: 'pt_BR.UTF-8'
  emailPort: 25
  emailHost: 'smtp.interlegis.leg.br'
  defaultFromEmail: 'sigi@interlegis.leg.br'
  auth:
    ldap:
      serverURI: 'ldap://ad.senado.gov.br'
      bindDN: 'CN=Sistema de Informações Gerenciais do Interlegis Service Account,OU=_UsuariosServicos,OU=2-AdministracaoSistemas,DC=senado,DC=gov,DC=br'
      bindPwd: 'RgtJdtvas7s4BSpjnVnR'
      user: 'U=UsuariosPessoas,DC=senado,DC=gov,DC=br'
      userSearchString: '(sAMAccountName=%(user)s)'
      group: 'OU=GruposAutomaticosOU,DC=senado,DC=gov,DC=br'
      groupSearchString: '(objectClass=Group)'
      groupTypeString: 'cn'
      findGroupPerms: True
      mirrorGroups: True
      cacheGroups: True
      groupCacheTimeout: 3600
    profileModule: 'servidores.Servidor'

ingress:
  enabled: true
  class: nginx
  # nginx - for default nginx ingress controller
  # alb - for AWS ALB Load Balancer controller
  tls:
    enabled: true
    provider: letsencrypt
  # extra annotations only
  annotations: {}

#velero:
#  namespace: velero
#  backup:
#    enabled: false
#    snapshotVolumes: false
#    defaultVolumesToRestic: true
#    # cert-manager objects are usually blocked during backup
#    excludedResources: 
#      - certificates.cert-manager.io
#      - orders.acme.cert-manager.io
#      - certificaterequests.cert-manager.io
#      - challenges.acme.cert-manager.io

postgresql:
  internal: true
  image:
  #  repository: porto.interlegis.leg.br/bitnami/postgresql
  #  registry: porto.interlegis.leg.br
    registry: docker.io
    repository: bitnami/postgresql
    tag: 14.4.0-debian-11-r0
    pullPolicy: IfNotPresent
  service:
    type: ClusterIP
    port: 5432
  persistence:
    enabled: true
    size: 1Gi
  auth:
    postgresPassword: sigi
    password: sigi
    username: sigi
    database: sigi
  env:
    - name: LANG
      value: pt_BR.UTF-8
    - name: LANGUAGE
      value: pt_BR.UTF-8
  resources:
    requests:
      cpu: 50m
      memory: 64Mi

resources:
  limits:
    cpu: 1000m
    memory: 1Gi
  requests:
    cpu: 150m
    memory: 500Mi

autoscaling:
  enabled: false
  minReplicas: 1
  maxReplicas: 100
  targetCPUUtilizationPercentage: 80
  # targetMemoryUtilizationPercentage: 80

nodeSelector: {}

tolerations: []

affinity: {}