agent-runtime/k8s/zitadel-values.yaml

replicaCount: 1

zitadel:
  masterkeySecretName: zitadel-masterkey
  configmapConfig:
    ExternalDomain: auth.loop42.de
    ExternalPort: 443
    ExternalSecure: true
    TLS:
      Enabled: false
    Database:
      Postgres:
        Host: zitadel-db-postgresql
        Port: 5432
        Database: zitadel
        MaxOpenConns: 10
        MaxIdleConns: 5
        MaxConnLifetime: 30m
        MaxConnIdleTime: 5m
        User:
          Username: zitadel
          SSL:
            Mode: disable
        Admin:
          Username: postgres
          SSL:
            Mode: disable
    FirstInstance:
      Org:
        Name: loop42
        Human:
          UserName: nico
          FirstName: Nico
          LastName: Zimmermann
          NickName: nico
          Email:
            Address: nico@loop42.de
            Verified: true
          Password: ChangeMe42!
          PasswordChangeRequired: true

  secretConfig:
    Database:
      Postgres:
        User:
          Password: zitadel-db-pw-42
        Admin:
          Password: postgres-admin-pw-42

ingress:
  enabled: true
  className: traefik
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    traefik.ingress.kubernetes.io/router.tls: "true"
  hosts:
    - host: auth.loop42.de
      paths:
        - path: /
          pathType: Prefix
  tls:
    - secretName: zitadel-tls
      hosts:
        - auth.loop42.de

resources:
  requests:
    cpu: 100m
    memory: 256Mi
  limits:
    cpu: 1000m
    memory: 512Mi

setupJob:
  resources:
    requests:
      cpu: 100m
      memory: 128Mi
    limits:
      cpu: 500m
      memory: 256Mi

postgresql:
  enabled: false