development-values.yaml 1.99 KB
Newer Older
Dominik Hebeler's avatar
Dominik Hebeler committed
1
2
postgresql:
  enabled: false
3
4
5
service:
  externalPort: 80
  internalPort: 80
Dominik Hebeler's avatar
Dominik Hebeler committed
6
hpa:
Dominik Hebeler's avatar
Dominik Hebeler committed
7
  enabled: true
Dominik Hebeler's avatar
Dominik Hebeler committed
8
  minReplicas: 1
Dominik Hebeler's avatar
Dominik Hebeler committed
9
  maxReplicas: 5
10
resourcesPhpfpm: 
11
  requests:
12
    cpu: 500m
13
14
    memory: 500M
  limits:
15
resourcesNginx: 
16
17
18
19
  requests:
    cpu: 100m
    memory: 100M
  limits:
20
resourcesRedis: 
21
22
  requests:
    cpu: 100m
23
    memory: 1Gi
24
  limits:
25
resourcesFetcher: 
26
27
  requests:
    cpu: 500m
28
29
    memory: 100M
  limits:
30
31
32
33
resources:
  requests:
    cpu: 500m
    memory: 500M
Dominik Hebeler's avatar
Dominik Hebeler committed
34
35
podDisruptionBudget:
  enabled: true
Dominik Hebeler's avatar
Dominik Hebeler committed
36
37
  minAvailable: 1
  maxUnavailable:
38
39
40
41
podAnnotations:
  prometheus.io/scrape: "true"
  prometheus.io/path: /metrics
  prometheus.io/port: "80"
Dominik Hebeler's avatar
Dominik Hebeler committed
42
deploymentApiVersion: apps/v1
43
44
ingress:
  annotations:
Dominik Hebeler's avatar
Dominik Hebeler committed
45
    cert-manager.io/cluster-issuer: letsencrypt-prod
Dominik Hebeler's avatar
Dominik Hebeler committed
46
47
    nginx.ingress.kubernetes.io/client-body-buffer-size: "30m"
    nginx.ingress.kubernetes.io/proxy-body-size: "30m"
Dominik Hebeler's avatar
Dominik Hebeler committed
48
    nginx.ingress.kubernetes.io/configuration-snippet: |
49
      more_set_headers "Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; script-src-attr 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; media-src; object-src; prefetch-src; child-src; frame-src 'self'; worker-src; frame-ancestors 'self' https://scripts.zdv.uni-mainz.de; form-action 'self' www.paypal.com; base-uri; manifest-src; plugin-types; report-uri; report-to";
50
      more_set_headers "X-Frame-Options: sameorigin";
Dominik Hebeler's avatar
Dominik Hebeler committed
51
52
53
      more_set_headers "X-Content-Type-Options: nosniff";
      more_set_headers "ReferrerPolicy: origin";
      more_set_headers "X-XSS-Protection: 1; mode=block";
54
      more_set_headers "Permissions-Policy: interest-cohort=()";
55
56
57
      if ($arg_out = "results-with-style") {
        more_set_headers "X-Frame-Options: allow-from https://scripts.zdv.uni-mainz.de/";
      }
Dominik Hebeler's avatar
Dominik Hebeler committed
58
59
      if ($host = "www.metager3.de") {
          return 301 https://metager3.de$request_uri;
60
      }