---
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: &app outline
  namespace: default
spec:
  interval: 30m
  chart:
    spec:
      chart: app-template
      version: 3.2.1
      sourceRef:
        kind: HelmRepository
        name: bjw-s
        namespace: flux-system
  maxHistory: 2
  install:
    createNamespace: true
    remediation:
      retries: 3
  upgrade:
    cleanupOnFail: true
    remediation:
      strategy: rollback
      retries: 3
  uninstall:
    keepHistory: false
  values:
    controllers:
      outline:
        annotations:
          reloader.stakater.com/auto: "true"
        initContainers:
          init-db:
            image:
              repository: ghcr.io/onedr0p/postgres-init
              tag: 16
            envFrom: &envFrom
              - secretRef:
                  name: outline-secret
        containers:
          app:
            image:
              repository: docker.io/outlinewiki/outline
              tag: 0.77.1@sha256:caaec9502c53f79d3d851531d72a11a6892bf9d9c8a66a902af5dc16d8cd4f90
            envFrom:
              - secretRef:
                  name: outline-secret
            env:
              AWS_REGION: us-east-1
              AWS_S3_ACL: private
              AWS_S3_FORCE_PATH_STYLE: "true"
              AWS_S3_UPLOAD_BUCKET_NAME: outline
              AWS_S3_UPLOAD_BUCKET_URL: "https://s3.${SECRET_INTERNAL_DOMAIN}"
              ENABLE_UPDATES: "false"
              FILE_STORAGE_UPLOAD_MAX_SIZE: "26214400"
              OIDC_AUTH_URI: "https://auth.${SECRET_EXTERNAL_DOMAIN}/api/oidc/authorization"
              OIDC_CLIENT_ID: outline
              OIDC_DISPLAY_NAME: Authelia
              OIDC_SCOPES: openid profile email offline_access
              OIDC_TOKEN_URI: "https://auth.${SECRET_EXTERNAL_DOMAIN}/api/oidc/token"
              OIDC_USERINFO_URI: "https://auth.${SECRET_EXTERNAL_DOMAIN}/api/oidc/userinfo"
              OIDC_USERNAME_CLAIM: email
              PORT: 8080
              REDIS_URL: redis://dragonfly.database.svc.cluster.local.:6379
              SMTP_HOST: smtp-relay.default.svc.cluster.local.
              SMTP_PORT: 2525
              SMTP_FROM_EMAIL: "outline@${SECRET_DOMAIN}"
              SMTP_SECURE: "false"
              URL: "https://docs.${SECRET_EXTERNAL_DOMAIN}"
              WEB_CONCURRENCY: 10
            command:
              [
                /bin/sh,
                -c,
                yarn db:migrate --env=production-ssl-disabled && yarn start --env=production-ssl-disabled,
              ]
            resources:
              requests:
                cpu: 10m
                memory: 250Mi
              limits:
                memory: 750Mi
    service:
      app:
        controller: *app
        ports:
          http:
            port: 8080
    ingress:
      app:
        enabled: true
        className: nginx
        annotations:
          hajimari.io/icon: mdi:text-box-multiple
        hosts:
          - host: &host "docs.${SECRET_EXTERNAL_DOMAIN}"
            paths:
              - path: /
                service:
                  identifier: app
                  port: http
        tls:
          - hosts:
              - *host