feat: add n8n Helm chart for Kubernetes on Raspberry Pi (ARM64)
Helm Chart Release / release-chart (push) Successful in 4s
Helm Chart Release / release-chart (push) Successful in 4s
- n8nio/n8n 2.19.2 (multi-arch, linux/arm64 ready) - Single-container deployment with persistent storage - SQLite default / PostgreSQL option - Basic auth, encryption key via Secret - Ingress, HPA, PDB, NetworkPolicy support - Gitea CI: weekly auto-update + release workflow Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
+209
@@ -0,0 +1,209 @@
|
||||
# Default values for n8n
|
||||
# This is a YAML-formatted file.
|
||||
# Declare variables to be passed into your templates.
|
||||
|
||||
replicaCount: 1
|
||||
|
||||
image:
|
||||
registry: docker.io
|
||||
repository: n8nio/n8n
|
||||
tag: "2.19.2"
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
imagePullSecrets: []
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
||||
|
||||
serviceAccount:
|
||||
create: true
|
||||
annotations: {}
|
||||
name: ""
|
||||
|
||||
podAnnotations: {}
|
||||
|
||||
podSecurityContext:
|
||||
fsGroup: 1000
|
||||
runAsNonRoot: true
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
readOnlyRootFilesystem: false
|
||||
runAsNonRoot: true
|
||||
runAsUser: 1000
|
||||
|
||||
service:
|
||||
type: LoadBalancer
|
||||
# type: ClusterIP
|
||||
port: 5678
|
||||
targetPort: 5678
|
||||
annotations: {}
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
className: "nginx"
|
||||
annotations: {}
|
||||
# {
|
||||
# acme.cert-manager.io/http01-ingress-class: "nginx",
|
||||
# cert-manager.io/cluster-issuer: "letsencrypt-issuer",
|
||||
# nginx.ingress.kubernetes.io/from-to-www-redirect: "true",
|
||||
# nginx.ingress.kubernetes.io/proxy-body-size: "100m"
|
||||
# }
|
||||
hosts:
|
||||
- host: n8n.local
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
tls: []
|
||||
# - secretName: n8n-tls
|
||||
# hosts:
|
||||
# - n8n.local
|
||||
|
||||
# Resource limits suitable for Raspberry Pi
|
||||
resources:
|
||||
limits:
|
||||
cpu: 1000m
|
||||
memory: 512Mi
|
||||
requests:
|
||||
cpu: 250m
|
||||
memory: 256Mi
|
||||
|
||||
autoscaling:
|
||||
enabled: false
|
||||
minReplicas: 1
|
||||
maxReplicas: 3
|
||||
targetCPUUtilizationPercentage: 80
|
||||
targetMemoryUtilizationPercentage: 80
|
||||
|
||||
nodeSelector: {}
|
||||
|
||||
tolerations: []
|
||||
|
||||
affinity:
|
||||
podAntiAffinity:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
- weight: 100
|
||||
podAffinityTerm:
|
||||
labelSelector:
|
||||
matchExpressions:
|
||||
- key: app.kubernetes.io/name
|
||||
operator: In
|
||||
values:
|
||||
- n8n
|
||||
topologyKey: kubernetes.io/hostname
|
||||
|
||||
# n8n specific configuration
|
||||
n8n:
|
||||
# Encryption key for stored credentials (auto-generated if not provided)
|
||||
encryptionKey: ""
|
||||
existingSecret: ""
|
||||
|
||||
# Host and protocol settings (used for webhook URLs)
|
||||
host: "n8n.local"
|
||||
protocol: "http"
|
||||
# webhookUrl: "https://n8n.example.com/"
|
||||
|
||||
# Timezone
|
||||
timezone: "Asia/Tokyo"
|
||||
|
||||
# Log level: error, warn, info, verbose, debug
|
||||
logLevel: "info"
|
||||
|
||||
# Basic authentication
|
||||
basicAuth:
|
||||
enabled: false
|
||||
user: "admin"
|
||||
password: ""
|
||||
existingSecret: ""
|
||||
passwordKey: "basic-auth-password"
|
||||
|
||||
# Execution data pruning
|
||||
executions:
|
||||
pruneData: true
|
||||
pruneDataMaxAge: 336 # hours (14 days)
|
||||
pruneDataMaxCount: 10000
|
||||
|
||||
# Database configuration
|
||||
database:
|
||||
# type: sqlite (default) or postgresdb
|
||||
type: "sqlite"
|
||||
# PostgreSQL settings (used when type=postgresdb)
|
||||
postgresdb:
|
||||
host: "postgres.default.svc.cluster.local"
|
||||
port: 5432
|
||||
database: "n8n"
|
||||
user: ""
|
||||
password: ""
|
||||
existingSecret: ""
|
||||
passwordKey: "postgres-password"
|
||||
|
||||
# Extra environment variables
|
||||
extraEnv: {}
|
||||
# extraEnv:
|
||||
# N8N_METRICS: "true"
|
||||
# N8N_DIAGNOSTICS_ENABLED: "false"
|
||||
|
||||
# Persistent storage for n8n data (workflows, credentials, sqlite DB)
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: ""
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
annotations: {}
|
||||
# existingClaim: ""
|
||||
|
||||
# Liveness and readiness probes
|
||||
livenessProbe:
|
||||
enabled: true
|
||||
initialDelaySeconds: 60
|
||||
periodSeconds: 30
|
||||
timeoutSeconds: 10
|
||||
failureThreshold: 6
|
||||
successThreshold: 1
|
||||
|
||||
readinessProbe:
|
||||
enabled: true
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 5
|
||||
failureThreshold: 3
|
||||
successThreshold: 1
|
||||
|
||||
# Network Policy
|
||||
networkPolicy:
|
||||
enabled: false
|
||||
policyTypes:
|
||||
- Ingress
|
||||
- Egress
|
||||
ingress:
|
||||
- from:
|
||||
- namespaceSelector:
|
||||
matchLabels:
|
||||
name: ingress-nginx
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 5678
|
||||
egress:
|
||||
- to:
|
||||
- namespaceSelector: {}
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 443
|
||||
- protocol: TCP
|
||||
port: 80
|
||||
- to:
|
||||
- namespaceSelector:
|
||||
matchLabels:
|
||||
name: kube-system
|
||||
ports:
|
||||
- protocol: UDP
|
||||
port: 53
|
||||
|
||||
# Pod Disruption Budget
|
||||
podDisruptionBudget:
|
||||
enabled: true
|
||||
minAvailable: 1
|
||||
Reference in New Issue
Block a user