---
deployment_type: awx
kind: '{{ deployment_type | upper }}'
api_version: '{{ deployment_type }}.ansible.com/v1beta1'

database_name: "{{ deployment_type }}"
database_username: "{{ deployment_type }}"

task_privileged: false
service_type: ClusterIP
ingress_type: none

# Add annotations to the service account. Specify as literal block. E.g.:
# service_account_annotations: |
#   eks.amazonaws.com/role-arn: arn:aws:iam::<ACCOUNT_ID>:role/<IAM_ROLE_NAME>
service_account_annotations: ''

# Custom labels for the tower service. Specify as literal block. E.g.:
# service_labels: |
#   environment: non-production
#   zone: internal
service_labels: ''

# Add annotations to the ingress. Specify as literal block. E.g.:
# ingress_annotations: |
#   kubernetes.io/ingress.class: nginx
#   nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
ingress_annotations: ''

# TLS secret for the ingress. The secret either has to exist before hand with
# the corresponding cert and key or just be an indicator for where an automated
# process like cert-manager (enabled via annotations) will store the TLS
# certificate and key.
ingress_tls_secret: ''

loadbalancer_protocol: 'http'
loadbalancer_port: '80'
loadbalancer_annotations: ''

# The TLS termination mechanism to use to access
# the services. Supported mechanism are: edge, passthrough
#
route_tls_termination_mechanism: edge

# Secret to lookup that provide the TLS specific
# credentials to deploy
#
route_tls_secret: ''

# Host to create the root with.
# If not specific will default to <instance-name>-<namespace>-<routerCanonicalHostname>
#
route_host: ''

hostname: '{{ meta.name }}.example.com'

# Add a nodeSelector for the AWX pods. It must match a node's labels for the pod
# to be scheduled on that node. Specify as literal block. E.g.:
# node_selector: |
#   disktype: ssd
#   kubernetes.io/arch: amd64
#   kubernetes.io/os: linux
node_selector: ''

# Add node tolerations for the AWX pods. Specify as literal block. E.g.:
# tolerations: |
#   - key: "dedicated"
#     operator: "Equal"
#     value: "AWX"
#     effect: "NoSchedule"
tolerations: ''

admin_user: admin
admin_email: test@example.com

# Secret to lookup that provide the admin password
#
admin_password_secret: ''

# Secret to lookup that provide the broadcast websocket key
#
broadcast_websocket_secret: ''

# Secret to lookup that provide the secret key
#
secret_key_secret: ''

# Secret to lookup that provide the PostgreSQL configuration
#
postgres_configuration_secret: ''

# Secret to lookup that provides old database credentials (for migration)

old_postgres_configuration_secret: ''

# Secret to lookup that provides default execution environment pull credentials
#
ee_pull_credentials_secret: ''

# Add extra volumes to the AWX pod. Specify as literal block. E.g.:
# extra_volumes: |
#   - name: my-volume
#     emptyDir: {}
extra_volumes: ''

# Use these image versions for Ansible AWX.

image: quay.io/ansible/awx
image_version: 19.2.1
redis_image: docker.io/redis
redis_image_version: latest
postgres_image: postgres
postgres_image_version: 12
init_container_image: quay.io/centos/centos
init_container_image_version: 8
image_pull_policy: IfNotPresent
image_pull_secret: ''

ee_images:
  - name: AWX EE 0.4.0
    image: quay.io/ansible/awx-ee:0.4.0

control_plane_ee_image: quay.io/ansible/awx-ee:0.4.0

create_preload_data: true

replicas: "1"

task_args:
  - /usr/bin/launch_awx_task.sh
task_command: []
web_args: []
web_command: []

task_resource_requirements:
  requests:
    cpu: 500m
    memory: 1Gi

web_resource_requirements:
  requests:
    cpu: 1000m
    memory: 2Gi

ee_resource_requirements:
  requests:
    cpu: 500m
    memory: 1Gi

# Add extra environment variables to the AWX task/web containers. Specify as
# literal block. E.g.:
# task_extra_env: |
#   - name: FOO
#     value: bar
#   - name: BAZ
#     value: bing
task_extra_env: ''
web_extra_env: ''
ee_extra_env: ''

# Mount extra volumes on the AWX task/web containers. Specify as literal block.
# E.g.:
# task_extra_volume_mounts: ''
#   - name: my-volume
#     mountPath: /some/path
task_extra_volume_mounts: ''
web_extra_volume_mounts: ''
ee_extra_volume_mounts: ''

# Add a nodeSelector for the Postgres pods.
# It must match a node's labels for the pod to be scheduled on that node.
# Specify as literal block. E.g.:
# postgres_selector: |
#   disktype: ssd
#   kubernetes.io/arch: amd64
#   kubernetes.io/os: linux
postgres_selector: ''

# Add node tolerations for the Postgres pods.
# Specify as literal block. E.g.:
# postgres_tolerations: |
#   - key: "dedicated"
#     operator: "Equal"
#     value: "AWX"
#     effect: "NoSchedule"
postgres_tolerations: ''
postgres_storage_requirements:
  requests:
    storage: 8Gi
postgres_resource_requirements: {}
postgres_data_path: '/var/lib/postgresql/data/pgdata'

# Persistence to the AWX project data folder
# Whether or not the /var/lib/projects directory will be persistent
projects_persistence: false
#
# Define an existing PersistentVolumeClaim to use
projects_existing_claim: ''
#
# Define the storage_class, size and access_mode
# when not using an existing claim
projects_storage_size: 8Gi
projects_storage_access_mode: ReadWriteMany

ca_trust_bundle: "/etc/pki/tls/certs/ca-bundle.crt"

# Secret to lookup that provides the LDAP CACert trusted bundle
#
ldap_cacert_secret: ''

# Secret to lookup that provides the custom CA trusted bundle
bundle_cacert_secret: ''

# Whether secrets should be garbage collected
# on teardown
#
garbage_collect_secrets: false

development_mode: false