claude
0b6b542f77
Helm Chart Release / release-chart (push) Successful in 4s
- n8nio/n8n 2.19.2 (multi-arch, linux/arm64 ready) - Single-container deployment with persistent storage - SQLite default / PostgreSQL option - Basic auth, encryption key via Secret - Ingress, HPA, PDB, NetworkPolicy support - Gitea CI: weekly auto-update + release workflow Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
210 lines
4.1 KiB
YAML
210 lines
4.1 KiB
YAML
# Default values for n8n
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
replicaCount: 1
|
|
|
|
image:
|
|
registry: docker.io
|
|
repository: n8nio/n8n
|
|
tag: "2.19.2"
|
|
pullPolicy: IfNotPresent
|
|
|
|
imagePullSecrets: []
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
serviceAccount:
|
|
create: true
|
|
annotations: {}
|
|
name: ""
|
|
|
|
podAnnotations: {}
|
|
|
|
podSecurityContext:
|
|
fsGroup: 1000
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: false
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
|
|
service:
|
|
type: LoadBalancer
|
|
# type: ClusterIP
|
|
port: 5678
|
|
targetPort: 5678
|
|
annotations: {}
|
|
|
|
ingress:
|
|
enabled: false
|
|
className: "nginx"
|
|
annotations: {}
|
|
# {
|
|
# acme.cert-manager.io/http01-ingress-class: "nginx",
|
|
# cert-manager.io/cluster-issuer: "letsencrypt-issuer",
|
|
# nginx.ingress.kubernetes.io/from-to-www-redirect: "true",
|
|
# nginx.ingress.kubernetes.io/proxy-body-size: "100m"
|
|
# }
|
|
hosts:
|
|
- host: n8n.local
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls: []
|
|
# - secretName: n8n-tls
|
|
# hosts:
|
|
# - n8n.local
|
|
|
|
# Resource limits suitable for Raspberry Pi
|
|
resources:
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 512Mi
|
|
requests:
|
|
cpu: 250m
|
|
memory: 256Mi
|
|
|
|
autoscaling:
|
|
enabled: false
|
|
minReplicas: 1
|
|
maxReplicas: 3
|
|
targetCPUUtilizationPercentage: 80
|
|
targetMemoryUtilizationPercentage: 80
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 100
|
|
podAffinityTerm:
|
|
labelSelector:
|
|
matchExpressions:
|
|
- key: app.kubernetes.io/name
|
|
operator: In
|
|
values:
|
|
- n8n
|
|
topologyKey: kubernetes.io/hostname
|
|
|
|
# n8n specific configuration
|
|
n8n:
|
|
# Encryption key for stored credentials (auto-generated if not provided)
|
|
encryptionKey: ""
|
|
existingSecret: ""
|
|
|
|
# Host and protocol settings (used for webhook URLs)
|
|
host: "n8n.local"
|
|
protocol: "http"
|
|
# webhookUrl: "https://n8n.example.com/"
|
|
|
|
# Timezone
|
|
timezone: "Asia/Tokyo"
|
|
|
|
# Log level: error, warn, info, verbose, debug
|
|
logLevel: "info"
|
|
|
|
# Basic authentication
|
|
basicAuth:
|
|
enabled: false
|
|
user: "admin"
|
|
password: ""
|
|
existingSecret: ""
|
|
passwordKey: "basic-auth-password"
|
|
|
|
# Execution data pruning
|
|
executions:
|
|
pruneData: true
|
|
pruneDataMaxAge: 336 # hours (14 days)
|
|
pruneDataMaxCount: 10000
|
|
|
|
# Database configuration
|
|
database:
|
|
# type: sqlite (default) or postgresdb
|
|
type: "sqlite"
|
|
# PostgreSQL settings (used when type=postgresdb)
|
|
postgresdb:
|
|
host: "postgres.default.svc.cluster.local"
|
|
port: 5432
|
|
database: "n8n"
|
|
user: ""
|
|
password: ""
|
|
existingSecret: ""
|
|
passwordKey: "postgres-password"
|
|
|
|
# Extra environment variables
|
|
extraEnv: {}
|
|
# extraEnv:
|
|
# N8N_METRICS: "true"
|
|
# N8N_DIAGNOSTICS_ENABLED: "false"
|
|
|
|
# Persistent storage for n8n data (workflows, credentials, sqlite DB)
|
|
persistence:
|
|
enabled: true
|
|
storageClass: ""
|
|
accessMode: ReadWriteOnce
|
|
size: 5Gi
|
|
annotations: {}
|
|
# existingClaim: ""
|
|
|
|
# Liveness and readiness probes
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 30
|
|
timeoutSeconds: 10
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 3
|
|
successThreshold: 1
|
|
|
|
# Network Policy
|
|
networkPolicy:
|
|
enabled: false
|
|
policyTypes:
|
|
- Ingress
|
|
- Egress
|
|
ingress:
|
|
- from:
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
name: ingress-nginx
|
|
ports:
|
|
- protocol: TCP
|
|
port: 5678
|
|
egress:
|
|
- to:
|
|
- namespaceSelector: {}
|
|
ports:
|
|
- protocol: TCP
|
|
port: 443
|
|
- protocol: TCP
|
|
port: 80
|
|
- to:
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
name: kube-system
|
|
ports:
|
|
- protocol: UDP
|
|
port: 53
|
|
|
|
# Pod Disruption Budget
|
|
podDisruptionBudget:
|
|
enabled: true
|
|
minAvailable: 1
|