my-values.yaml
¶
To deploy your instance, you have to overwrite some global or chart-specific values.
For that, maintain your own values file – which will be called my-values.yaml
in the following.
Please create that file outside the upstream Git repository of CoCalc OnPrem’s HELM charts.
Do not edit the values.yaml
in the upstream repository, because otherwise you end up with merge conflicts, etc.
Also, we recommend using Git to keep track of your changes – see Backup and Restore.
In
/cocalc
is a centralvalues.yaml
file. It defines the configuration for the sub-charts and some global values. All parameters are explained in detail inside that file as comments.Your configurations will be added on top of that file. It is also read in by default, when you tell helm the location of that chart.
Feel free to check out the sub-directories in
./charts
in case you want to know more about all details.After familiarizing with that, create your own my-values.yaml file. This will overwrite the default values with the ones relevant for your setup using the
-f my-values.yaml
switch ofhelm
(ref: Helm Install). You can call it however you like – just point to it with the-f [filename.yaml]
switch.To overwrite values in sub-charts, write the values indented under their
"sub-chart-name":
section.To define global values, list them in the
global:
section.
For example, to configure the storage backend, the chart files are in
/cocalc/charts/storage/
, which means these settings come understorage:
. There are also global storage settings used by other charts, which come underglobal.storage:
.Learn more about HELM sub-charts and global values.
Note
Regarding YAML, global.storage
in the text above means that these values come under the global:
section in the my-values.yaml
file. In that large indented block is a storage:
section, which is indented even further. The actual values are defined inside that double-indented block.
The global:
section is particularly important, since it – as its name suggests – defines global parameters.
Probably a good starting point is this:
1global:
2 dns: "my.domain.tld" # <<<<<<<<<<<<<<<< SET THIS
3
4 # the version of your kubernetes cluster
5 kubectl: "1.28" # enter it as a string, not a floating point number ;-)
6
7 imagePullSecrets:
8 - name: regcred
9
10 database:
11 host: "" # <<<<<<<<<<< hostname
12 user: "" # <<<<<<<<<<< username
13 database: "cocalc" # <<<<<<< name of the DB to use
14
15 setup_admin:
16 email: "[email protected]" # <<<<<<< adjust
17 password: "PASSWORD" # or pass in the real password via $ helm [...] --set global.setup_admin.password=[password]
18 name: "Your Name" # <<<<<<<<<<<<<
19
20 setup_registration_token: "SECRET_TOKEN" # <<<<<<<<<< set this to something nobody can guess
21
22 ingress:
23 class: "nginx"
24 # cert_manager:
25 # issuer: "letsencrypt-prod"
26 # tls:
27 # - hosts:
28 # - "my.domain.tld" # <<<<<<<<<<<< domain name
29 # secretName: cocalc-tls
30
31 networkingConfiguration:
32 hideMetrics: false # read https://onprem.cocalc.com/setup/networking.html before enabling it
33
34 ssh_gateway:
35 enabled: false # Note: on the very first helm deployment, it must be disabled.
36
37 # All settings have to match with the keys in the site settings config, see
38 # https://github.com/sagemathinc/cocalc/blob/master/src/packages/util/db-schema/site-defaults.ts
39 settings:
40 site_name: "CoCalc OnPrem"
41 site_description: "Test instance of CoCalc OnPrem"
42 organization_name: ""
43 organization_email: &EMAIL ""
44 organization_url: ""
45 terms_of_service_url: ""
46 help_email: *EMAIL
47 splash_image: ""
48 logo_square: ""
49 logo_rectangular: ""
50 share_server: "yes"
51 index_info_html: |
52 A temporary test instance, not intended for public consumption.
53 imprint: |
54 # This is a test instance, not intended for public consumption.
55 policies: |
56 <h1><i>This is a test instance, not intended for public consumption.</i></h1>
57 pii_retention: "3 month"
58 anonymous_signup: "no"
59 email_enabled: "yes"
60 verify_emails: "yes"
61 email_backend: "smtp"
62 #email_smtp_server: ""
63 #email_smtp_from: ""
64 #email_smtp_login: ""
65 #email_smtp_secure: "yes" # usually yes, and with port 465
66 #email_smtp_port: "465"
67
68 # CGroup quotas for a project, out of the box
69 # e.g. '{"internet":true,"idle_timeout":3600,"mem":1000,"cpu":1,"cpu_oc":10,"mem_oc":5}'
70 default_quotas: '{"internet":true,"idle_timeout":1800,"mem":2000,"cpu":1,"cpu_oc":20,"mem_oc":10}'
71
72
73# we configure PV/PVC on our own
74storage:
75 create: false
76
77manage:
78 prepull:
79 enabled: false # <<<<<<<<< only enable it, if you set the project node pool's taints correctly
80 project:
81 dedicatedProjectNodesTaint: "cocalc-projects"
82 dedicatedProjectNodesLabel: "cocalc-role"
83
84 # if you need this, enable it
85 fixPermissionsInit: false
From here, continue with Basics.