172 lines
3.1 KiB
YAML
172 lines
3.1 KiB
YAML
# Default values for rdp-web-gateway
|
|
|
|
replicaCount: 2
|
|
|
|
image:
|
|
repository: rdp-web-gateway
|
|
pullPolicy: IfNotPresent
|
|
tag: "latest"
|
|
|
|
imagePullSecrets: []
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
serviceAccount:
|
|
create: true
|
|
annotations: {}
|
|
name: ""
|
|
|
|
podAnnotations: {}
|
|
|
|
podSecurityContext:
|
|
fsGroup: 1001
|
|
|
|
securityContext:
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: false
|
|
runAsNonRoot: true
|
|
runAsUser: 1001
|
|
|
|
service:
|
|
type: LoadBalancer
|
|
port: 80
|
|
targetPort: 8080
|
|
annotations: {}
|
|
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
annotations: {}
|
|
# kubernetes.io/ingress.class: nginx
|
|
# cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
hosts:
|
|
- host: rdp.example.com
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls: []
|
|
# - secretName: rdp-tls
|
|
# hosts:
|
|
# - rdp.example.com
|
|
|
|
# Traefik IngressRoute configuration (alternative to standard Ingress)
|
|
traefik:
|
|
enabled: false
|
|
annotations: {}
|
|
# Host for the IngressRoute
|
|
host: rdp.example.com
|
|
# Traefik entryPoints
|
|
entryPoints:
|
|
- websecure
|
|
# Optional middlewares
|
|
middlewares: []
|
|
# - name: redirect-to-https
|
|
# - name: rate-limit
|
|
# TLS configuration
|
|
tls:
|
|
enabled: true
|
|
# Use Let's Encrypt cert resolver
|
|
certResolver: letsencrypt
|
|
# Or use existing secret
|
|
secretName: ""
|
|
# Optional: Specify domains
|
|
domains: []
|
|
# - main: rdp.example.com
|
|
# sans:
|
|
# - www.rdp.example.com
|
|
|
|
resources:
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1Gi
|
|
requests:
|
|
cpu: 200m
|
|
memory: 256Mi
|
|
|
|
autoscaling:
|
|
enabled: true
|
|
minReplicas: 2
|
|
maxReplicas: 10
|
|
targetCPUUtilizationPercentage: 70
|
|
targetMemoryUtilizationPercentage: 80
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|
|
|
|
# Application configuration
|
|
config:
|
|
# RDP Broker connection
|
|
rdpBroker:
|
|
host: "rdpbroker"
|
|
port: 3389
|
|
|
|
# Server configuration
|
|
server:
|
|
port: 8080
|
|
|
|
# Optional: Pre-configure RDP targets
|
|
# If not set, targets will be managed by RdpBroker
|
|
# Format: JSON array of target objects
|
|
rdpTargets: null
|
|
# Example:
|
|
# - name: "Windows Server 2022"
|
|
# host: "ws2022.example.com"
|
|
# port: 3389
|
|
# description: "Production Windows Server"
|
|
# - name: "Development Server"
|
|
# host: "dev.example.com"
|
|
# port: 3389
|
|
# description: "Development environment"
|
|
|
|
# Environment variables
|
|
env: []
|
|
# - name: CUSTOM_VAR
|
|
# value: "value"
|
|
|
|
# Liveness and readiness probes
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: http
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 3
|
|
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: http
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 5
|
|
timeoutSeconds: 3
|
|
failureThreshold: 3
|
|
|
|
# Network Policy
|
|
networkPolicy:
|
|
enabled: false
|
|
policyTypes:
|
|
- Ingress
|
|
- Egress
|
|
ingress:
|
|
- from:
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
name: default
|
|
ports:
|
|
- protocol: TCP
|
|
port: 8080
|
|
egress:
|
|
- to:
|
|
- podSelector:
|
|
matchLabels:
|
|
app: rdpbroker
|
|
ports:
|
|
- protocol: TCP
|
|
port: 3389
|