k3s/argocd/apps/wekantest/values-wekantest.yaml

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: wekantest
  finalizers:
  - resources-finalizer.argocd.argoproj.io
spec:
  project: default
  source:
    repoURL: 'https://wekan.github.io/charts/'
    chart: wekan
    targetRevision: 8.*.*
    helm:
      values: |
        replicaCount: 1
        dbname: wekan
        env:
          - name: MONGO_URL
            value: mongodb://wekantest-mongodb:27017/wekan
          - name: MAIL_URL
            value: smtp://192.168.4.125:25?ignoreTLS=true&tls={rejectUnauthorized:false}&secure=false
          - name: MAIL_FROM
            value: Noreplay admin@innovation-hub-niedersachsen.de
          - name: OAUTH2_ENABLED
            value: "true"
          - name: OAUTH2_LOGIN_STYLE
            value: redirect
          - name: OAUTH2_CLIENT_ID
            value: "wekantest"
          - name: OAUTH2_SERVER_URL
            value: https://keycloak.innovation-hub-niedersachsen.de
          - name: OAUTH2_AUTH_ENDPOINT
            value: /realms/innohub/protocol/openid-connect/auth
          - name: OAUTH2_USERINFO_ENDPOINT
            value: /realms/innohub/protocol/openid-connect/userinfo
          - name: OAUTH2_TOKEN_ENDPOINT
            value: /realms/innohub/protocol/openid-connect/token
          - name: OAUTH2_SECRET
            value: cOJpL4jiiA6OL8fFqA3lb4KCbxjjl7AQ
          - name: OAUTH2_ID_MAP
            value: sub
          - name: OAUTH2_USERNAME_MAP
            value: preferred_username
          - name: OAUTH2_EMAIL_MAP
            value: email
          - name: OAUTH2_FULLNAME_MAP
            value: name

        end_point: wekantest.innovation-hub-niedersachsen.de
        root_url: https://wekantest.innovation-hub-niedersachsen.de
        
        # Probe-Einstellungen anpassen
        livenessProbe:
          enabled: true
          initialDelaySeconds: 60
          periodSeconds: 15
          timeoutSeconds: 10
          failureThreshold: 5
        
        readinessProbe:
          enabled: true
          initialDelaySeconds: 20
          periodSeconds: 15
          timeoutSeconds: 10
          failureThreshold: 3
        
        ingress:
          enabled: true
          annotations: 
            kubernetes.io/ingress.class: traefik
            traefik.ingress.kubernetes.io/router.entrypoints: websecure
            traefik.ingress.kubernetes.io/router.tls: "true"
            cert-manager.io/cluster-issuer: lets-encrypt
          hosts:
            - wekantest.innovation-hub-niedersachsen.de
          tls:
            - secretName: wekantest-tls
              hosts:
                - wekantest.innovation-hub-niedersachsen.de
        route:
          enabled: false

        sharedDataFolder:
          enabled: true
          storageClass: longhorn
      
        mongodb:
          enabled: true
          storage:
            className: longhorn
          nodeSelector:
            kubernetes.io/hostname: k3s-prod

  destination:
    server: 'https://kubernetes.default.svc'
    namespace: wekantest
  syncPolicy:
    managedNamespaceMetadata:
      labels: 
        pod-security.kubernetes.io/enforce: "privileged"
    automated:
      prune: true
    syncOptions:
      - CreateNamespace=true