wlan-cloud-helm/tip-wlan/resources/environments/dev-amazon-tip.yaml

global:
  nodePortPrefix: 302
  nodePortPrefixExt: 304

  pullPolicy: Always
  repository: tip-tip-wlan-cloud-docker-repo.jfrog.io

  integratedDeployment:
  testingEnabled:

dockerRegistrySecret: ewoJImF1dGhzIjogewoJCSJ0aXAtdGlwLXdsYW4tY2xvdWQtZG9ja2VyLXJlcG8uamZyb2cuaW8iOiB7CgkJCSJhdXRoIjogImRHbHdMWEpsWVdRNmRHbHdMWEpsWVdRPSIKCQl9Cgl9LAoJIkh0dHBIZWFkZXJzIjogewoJCSJVc2VyLUFnZW50IjogIkRvY2tlci1DbGllbnQvMTkuMDMuOCAobGludXgpIgoJfQp9
annotations: {
    "helm.sh/resource-policy": keep
}

opensync-gw-static:
  enabled: false

common:
  efs-provisioner:
    enabled: true
    provisioner:
      efsFileSystemId: fs-49a5104c
      awsRegion: us-west-2
      efsDnsName: fs-49a5104c.efs.us-west-2.amazonaws.com
      storageClass: aws-efs

opensync-gw-cloud:
  enabled: true
  externalhost:
    address:
      ovsdb: opensync-controller.demo.lab.wlan.tip.build
      mqtt: opensync-mqtt-broker.demo.lab.wlan.tip.build
  persistence:
    enabled: false
  filestore:
    url: https://wlan-filestore.demo.lab.wlan.tip.build

opensync-mqtt-broker:
  enabled: true
  replicaCount: 1
  persistence:
    enabled: true
    storageClass: gp2

wlan-cloud-graphql-gw:
  enabled: true
  env:
    portalsvc: wlan-portal-svc.demo.lab.wlan.tip.build

wlan-cloud-static-portal:
  enabled: true
  env:
    graphql: https://wlan-graphql.demo.lab.wlan.tip.build
  ingress:
    hosts:
      - host: wlan-ui.demo.lab.wlan.tip.build
        paths: [
           /
          ]

wlan-portal-service:
  enabled: true
  persistence:
    enabled: true
    storageClass: aws-efs
    filestoreSize: 10Gi

wlan-prov-service:
  enabled: true
  creds:
    enabled: true
    db:
      postgresUser:
        password: postgres
      tipUser:
        password: tip_password
    schema_repo:
      username: tip-read
      password: tip-read

wlan-ssc-service:
  enabled: true
  creds:
    sslKeyPassword: mypassword
    sslKeystorePassword: mypassword
    sslTruststorePassword: mypassword
    cassandra:
      tip_user: tip_user
      tip_password: tip_password 
    schema_repo:
      username: tip-read
      password: tip-read

wlan-spc-service:
  enabled: true
  creds:
    sslKeyPassword: mypassword
    sslKeystorePassword: mypassword
    sslTruststorePassword: mypassword

wlan-port-forwarding-gateway-service:
  enabled: true
  creds:
    websocketSessionTokenEncKey: MyToKeN0MyToKeN1
  externallyVisible:
    host: api.wlan.demo.lab.wlan.tip.build
    port: 30401

nginx-ingress-controller:
  enabled: true
  controller:
    config:
      externalStatusAddress: api.wlan.demo.lab.wlan.tip.build

kafka:
  enabled: true
  replicaCount: 1
  image:
    debug: true
  auth:
    clientProtocol: mtls
    interBrokerProtocol: tls
    jksSecret: tip-common-kafka-certs
    jksPassword: mypassword
    tlsEndpointIdentificationAlgorithm: ""
    jaas:
      clientUsers:
      - brokerUser
      clientPassword:
      - brokerPassword
  extraEnvVars:
  - name: KAFKA_CFG_SSL_KEYSTORE_TYPE
    value: PKCS12
  allowPlaintextListener: true
  persistence:
    enabled: true
    storageClass: gp2
  metrics:
    serviceMonitor:
      enabled: false
      namespace: monitoring
      selector:
        release: prometheus-operator
  zookeeper:
    enabled: true
    persistence:
      enabled: true

cassandra:
  enabled: true
  tlsEncryptionSecretName: tip-common-cassandra-certs
  image:
    debug: true
  persistence:
    enabled: true
    storageClass: gp2
  replicaCount: 1
  cluster:
    name: TipWlanCluster
    seedCount: 1
    internodeEncryption: all
    clientEncryption: true
  exporter:
    enabled: false
    serviceMonitor:
      enabled: false
      additionalLabels:
        release: prometheus-operator
  dbUser:
    user: cassandra
    password: cassandra
  resources:
    limits: {}
    requests:
      cpu: 1
      memory: 3Gi

postgresql:
  enabled: true
  postgresqlDatabase: tip
  image:
    debug: true
  metrics:
    enabled: false
    serviceMonitor:
      enabled: falsea
      namespace: monitoring
      additionalLabels:
        release: prometheus-operator
  postgresqlUsername: postgres
  postgresqlPassword: postgres
  pgHbaConfiguration: |
    hostssl replication repl_user 0.0.0.0/0 md5 clientcert=0
    hostssl postgres postgres 0.0.0.0/0 cert clientcert=1
    hostssl postgres postgres ::/0 cert clientcert=1
    hostssl all all 0.0.0.0/0 md5 clientcert=1
  replication:
    enabled: true
    user: repl_user
    password: repl_password
    slaveReplicas: 1
  persistence:
    enabled: true
    storageClass: gp2
  volumePermissions:
    enabled: true
  livenessProbe:
    enabled: false
  readinessProbe:
    enabled: false
  tls:
    enabled: true
    certificatesSecret: tip-common-postgres-certs
    certFilename: cert.crt
    certKeyFilename: cert.key
    certCAFilename: cacert.pem
  initdbScriptsConfigMap: tip-common-postgres-scripts
  extraEnv:
  - name: PGSSLCERT
    value: /opt/tip-wlan/certs/postgresclientcert.pem
  - name: PGSSLKEY
    value: /opt/tip-wlan/certs/postgresclientkey_dec.pem
  - name: PGSSLROOTCERT
    value: /opt/tip-wlan/certs/cacert.pem
  primary:
    extraInitContainers:
    - command: [ "sh", "-c", "chmod 0600 /opt/bitnami/postgresql/certs/postgresclientkey_dec.pem" ]
      image: busybox:latest
      name: chmod-client-cert-additional
      securityContext:
        runAsUser: 0
      volumeMounts:
      - mountPath: /opt/bitnami/postgresql/certs
        name: postgresql-certificates