# Raspberry Pi 4 optimized values for K3s cluster
# Deploy with: helm install rdp-web-gateway ./chart/rdp-web-gateway -f examples/rpi4-k3s.yaml

# Use ClusterIP with Traefik (common on K3s)
service:
  type: ClusterIP
  port: 80
  targetPort: 8080

# Traefik IngressRoute (K3s includes Traefik by default)
traefik:
  enabled: true
  host: rdp.yourdomain.com
  entryPoints:
    - websecure
  tls:
    enabled: true
    certResolver: letsencrypt

# Reduced resources for Raspberry Pi 4
resources:
  limits:
    cpu: 500m       # 0.5 CPU core
    memory: 512Mi   # 512MB RAM
  requests:
    cpu: 100m       # 0.1 CPU core minimum
    memory: 128Mi   # 128MB RAM minimum

# Conservative autoscaling for RPi cluster
autoscaling:
  enabled: true
  minReplicas: 1       # Start with 1 pod
  maxReplicas: 3       # Max 3 pods (adjust based on cluster size)
  targetCPUUtilizationPercentage: 70
  targetMemoryUtilizationPercentage: 80

# Start with single replica
replicaCount: 1

# RDP Broker connection (internal ClusterIP)
config:
  rdpBroker:
    host: "rdpbroker"
    port: 3389
  server:
    port: 8080

# Spread pods across nodes if you have multiple RPi
affinity:
  podAntiAffinity:
    preferredDuringSchedulingIgnoredDuringExecution:
      - weight: 100
        podAffinityTerm:
          labelSelector:
            matchExpressions:
              - key: app.kubernetes.io/name
                operator: In
                values:
                  - rdp-web-gateway
          topologyKey: kubernetes.io/hostname

# Optimize for ARM64
podAnnotations:
  cluster.autoscaler.kubernetes.io/safe-to-evict: "true"

# Security context
securityContext:
  capabilities:
    drop:
    - ALL
  readOnlyRootFilesystem: false
  runAsNonRoot: true
  runAsUser: 1001
  allowPrivilegeEscalation: false

podSecurityContext:
  fsGroup: 1001
  runAsNonRoot: true
  runAsUser: 1001

# Health checks with longer delays for slower RPi startup
livenessProbe:
  httpGet:
    path: /health
    port: http
  initialDelaySeconds: 45   # Increased from 30
  periodSeconds: 15         # Increased from 10
  timeoutSeconds: 5
  failureThreshold: 3

readinessProbe:
  httpGet:
    path: /health
    port: http
  initialDelaySeconds: 15   # Increased from 10
  periodSeconds: 10         # Increased from 5
  timeoutSeconds: 3
  failureThreshold: 3

# Optional: Node selector for ARM64 nodes only
# nodeSelector:
#   kubernetes.io/arch: arm64

# Optional: Tolerate RPi-specific taints
# tolerations:
#   - key: "node.kubernetes.io/arm64"
#     operator: "Exists"
#     effect: "NoSchedule"