initial migration

unused/crowdsec.values.yaml

@@ -0,0 +1,178 @@
+# Default values for crowdsec-chart.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# -- for raw logs format: json or cri (docker|containerd)
+container_runtime: containerd
+
+image:
+  # -- docker image repository name
+  repository: crowdsecurity/crowdsec
+  # -- pullPolicy
+  pullPolicy: IfNotPresent
+  # -- docker image tag
+  tag: ""
+
+# If you want to specify secrets that will be used for all your crowdsec-agents
+# secrets can be provided be env variables
+secrets:
+  # -- agent username (default is generated randomly)
+  username: ""
+  # -- agent password (default is generated randomly)
+  password: ""
+
+# lapi will deploy pod with crowdsec lapi and dashboard as deployment
+lapi:
+  # -- environment variables from crowdsecurity/crowdsec docker image
+  env: []
+    # by default disable the agent because it only the local API.
+    #- name: DISABLE_AGENT
+    #  value: "true"
+  dashboard:
+    # -- Enable Metabase Dashboard (by default disabled)
+    enabled: true
+    image:
+      # -- docker image repository name
+      repository: loancrate/metabase
+      # -- pullPolicy
+      pullPolicy: IfNotPresent
+      # -- docker image tag
+      tag: "latest"
+    # -- Metabase SQLite static DB containing Dashboards
+    assetURL: https://crowdsec-statics-assets.s3-eu-west-1.amazonaws.com/metabase_sqlite.zip
+
+    # -- Enable ingress object
+    ingress:
+      enabled: false
+      annotations:
+        # metabase only supports http so we need this annotation
+        nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
+      # labels: {}
+      ingressClassName: "nginx"
+      host: "" # metabase.example.com
+      # tls: {}
+
+  resources:
+    limits:
+      memory: 100Mi
+    requests:
+      cpu: 150m
+      memory: 100Mi
+  # -- Enable persistent volumes
+  persistentVolume:
+    # -- Persistent volume for data folder. Stores e.g. registered bouncer api keys
+    data:
+      enabled: true
+      accessModes:
+        - ReadWriteOnce
+      storageClassName: ""
+      size: 1Gi
+    # -- Persistent volume for config folder. Stores e.g. online api credentials
+    config:
+      enabled: true
+      accessModes:
+        - ReadWriteOnce
+      storageClassName: ""
+      size: 100Mi
+
+  # -- nodeSelector for lapi
+  nodeSelector: {}
+  # -- tolerations for lapi
+  tolerations: {}
+
+  # -- Enable service monitoring (exposes "metrics" port "6060" for Prometheus)
+  metrics:
+    enabled: false
+    # -- Creates a ServiceMonitor so Prometheus will monitor this service
+    # -- Prometheus needs to be configured to watch on all namespaces for ServiceMonitors
+    # -- See the documentation: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#prometheusioscrape
+    # -- See also: https://github.com/prometheus-community/helm-charts/issues/106#issuecomment-700847774
+    serviceMonitor:
+      enabled: false
+
+  strategy:
+    type: RollingUpdate
+
+# agent will deploy pod on every node as daemonSet to read wanted pods logs
+agent:
+  acquisition:
+    # -- Specify each pod you want to process it logs (namespace, podName and program)
+    - namespace: kube-system
+      # -- to select pod logs to process
+      podName: nginx-nginx-ingress-*
+      # -- program name related to specific parser you will use (see https://hub.crowdsec.net/author/crowdsecurity/configurations/docker-logs)
+      program: nginx
+  resources:
+    limits:
+      memory: 100Mi
+    requests:
+      cpu: 150m
+      memory: 100Mi
+  # -- Enable persistent volumes
+  persistentVolume:
+    # -- Persistent volume for config folder. Stores local config (parsers, scenarios etc.)
+    config:
+      enabled: true
+      accessModes:
+        - ReadWriteOnce
+      storageClassName: ""
+      size: 100Mi
+  # -- environment variables from crowdsecurity/crowdsec docker image
+  env: []
+    # by default we the docker-logs parser to be able to parse docker logs in k8s
+    # by default we disable local API on the agent pod
+    # - name: SCENARIOS
+    #   value: "scenario/name otherScenario/name"
+    # - name: PARSERS
+    #   value: "parser/name otherParser/name"
+    # - name: POSTOVERFLOWS
+    #   value: "postoverflow/name otherPostoverflow/name"
+    # - name: CONFIG_FILE
+    #   value: "/etc/crowdsec/config.yaml"
+    # - name: DSN
+    #   value: "file:///var/log/toto.log"
+    # - name: TYPE
+    #   value: "Labels.type_for_time-machine_mode"
+    # - name: TEST_MODE
+    #   value: "false"
+    # - name: TZ
+    #   value: ""
+    # - name: DISABLE_AGENT
+    #   value: "false"
+    # - name: DISABLE_ONLINE_API
+    #   value: "false"
+    # - name: LEVEL_TRACE
+    #   value: "false"
+    # - name: LEVEL_DEBUG
+    #   value: "false"
+    # - name: LEVEL_INFO
+    #   value: "false"
+
+  # -- nodeSelector for agent
+  nodeSelector: {}
+  # -- tolerations for agent
+  tolerations: {}
+
+  # -- Enable service monitoring (exposes "metrics" port "6060" for Prometheus)
+  metrics:
+    enabled: false
+    # -- Creates a ServiceMonitor so Prometheus will monitor this service
+    # -- Prometheus needs to be configured to watch on all namespaces for ServiceMonitors
+    # -- See the documentation: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#prometheusioscrape
+    # -- See also: https://github.com/prometheus-community/helm-charts/issues/106#issuecomment-700847774
+    serviceMonitor:
+      enabled: false
+
+  # -- wait-for-lapi init container
+  wait_for_lapi:
+    image:
+      # -- docker image repository name
+      repository: busybox
+      # -- pullPolicy
+      pullPolicy: IfNotPresent
+      # -- docker image tag
+      tag: "1.28"
+
+#service: {}
+
+