apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: seaweedfs
  finalizers:
  - resources-finalizer.argocd.argoproj.io
spec:
  project: default
  source:
    repoURL: 'registry-1.docker.io/bitnamicharts'
    path: 'seaweedfs'
    targetRevision: 4.*.*
    chart: seaweedfs
    helm:
      parameters:
        - name: master.ingress.enabled
          value: 'true'
        - name: master.ingress.hostname
          value: 'seaweed.innovation-hub-niedersachsen.de'
        - name: master.ingress.tls
          value: 'true'
        - name: master.ingress.annotations.kubernetes\.io\/ingress\.class
          value: traefik
        - name: master.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.tls
          value: 'true'
          forceString: true
        - name: master.ingress.annotations.cert-manager\.io\/cluster-issuer
          value: 'lets-encrypt'
        - name: master.ingress.annotations.ingress\.secrets
          value: 'seaweed.innovation-hub-niedersachsen.de-tls'
        - name: master.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.entrypoints
          value: websecure
        - name: s3.enabled
          value: 'true'
#        - name: s3.extraArgs[0]
#          value: "-s3.signature.version=v4"
#        - name: s3.extraEnvVars[0].name
#          value: S3_SIGNATURE_VERSION
#        - name: s3.extraEnvVars[0].value
#          value: "v4"    
        - name: s3.auth.enabled
          value: 'true'
        - name: s3.auth.adminAccessKeyId
          value: 'wjpKrmaqXra99rX3D61H'
        - name: s3.auth.adminSecretAccessKey
          value: 'fTPi0u0FR6Lv9Y9IKydWv6WM0EA5XrsK008HCt9u'
        - name: s3.ingress.enabled
          value: 'true'
        - name: s3.ingress.hostname
          value: 'sws3.innovation-hub-niedersachsen.de'  
        - name: s3.ingress.tls
          value: 'true'  
        - name: s3.ingress.annotations.kubernetes\.io\/ingress\.class  
          value: traefik
        - name: s3.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.tls
          value: 'true'
          forceString: true
        - name: s3.ingress.annotations.cert-manager\.io\/cluster-issuer
          value: 'lets-encrypt'  
        - name: s3.ingress.annotations.ingress\.secrets
          value: 'sws3.innovation-hub-niedersachsen.de-tls'  
        - name: s3.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.entrypoints
          value: websecure  
#        - name: s3.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.entrypoints\.web\.forwardedHeaders\.insecure 
#          value: "true"
#        - name: s3.ingress.annotations\.traefik\.ingress\.kubernetes\.io\/router\.entrypoints\.websecure\.forwardedHeaders\.insecure 
#          value: 'true'
        - name: s3.ingress.annotations.traefik.ingress.kubernetes.io/router.entrypoints.websecure.forwardedHeaders.insecure
          value: 'true'
        - name: mariadb.auth.rootPassword
          value: 'InnoHubSEAWEEDFS_2024!'
        - name: mariadb.auth.username
          value: 'bn_seaweedfs'
        - name: mariadb.auth.password
          value: 'bn_seaweedfsUSER'    
  destination:
    server: 'https://kubernetes.default.svc'
    namespace: seaweedfs
  syncPolicy:
    managedNamespaceMetadata:
      labels: 
        pod-security.kubernetes.io/enforce: "privileged"
    automated:
      selfHeal: true
      prune: true
    syncOptions:
      - CreateNamespace=true