--- # yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: &app zigbee2mqtt spec: interval: 1h chartRef: kind: OCIRepository name: app-template install: remediation: retries: 3 upgrade: cleanupOnFail: true remediation: strategy: rollback retries: 3 values: controllers: zigbee2mqtt: containers: app: image: repository: ghcr.io/koenkk/zigbee2mqtt tag: 2.6.0@sha256:472f4f5ed5d4258056093ea5745bc0ada37628b667d7db4fb12c2ffea74b2703 pullPolicy: IfNotPresent env: TZ: "${TIMEZONE}" ZIGBEE2MQTT_DATA: /config ZIGBEE2MQTT_CONFIG_ADVANCED_LAST_SEEN: ISO_8601 ZIGBEE2MQTT_CONFIG_ADVANCED_LOG_LEVEL: warning ZIGBEE2MQTT_CONFIG_ADVANCED_LOG_OUTPUT: '["console"]' ZIGBEE2MQTT_CONFIG_ADVANCED_NETWORK_KEY: "[204, 61, 75, 23, 44, 230, 24, 203, 53, 5, 248, 32, 50, 84, 44, 159]" ZIGBEE2MQTT_CONFIG_AVAILABILITY_ACTIVE_TIMEOUT: 60 ZIGBEE2MQTT_CONFIG_AVAILABILITY_PASSIVE_TIMEOUT: 2000 ZIGBEE2MQTT_CONFIG_DEVICE_OPTIONS_RETAIN: "true" ZIGBEE2MQTT_CONFIG_EXPERIMENTAL_NEW_API: "true" ZIGBEE2MQTT_CONFIG_FRONTEND_PORT: &port 8080 ZIGBEE2MQTT_CONFIG_FRONTEND_URL: "https://zigbee.${SECRET_EXTERNAL_DOMAIN}" ZIGBEE2MQTT_CONFIG_HOMEASSISTANT_DISCOVERY_TOPIC: homeassistant ZIGBEE2MQTT_CONFIG_HOMEASSISTANT_STATUS_TOPIC: homeassistant/status ZIGBEE2MQTT_CONFIG_MQTT_INCLUDE_DEVICE_INFORMATION: "true" ZIGBEE2MQTT_CONFIG_MQTT_KEEPALIVE: 60 ZIGBEE2MQTT_CONFIG_MQTT_REJECT_UNAUTHORIZED: "true" ZIGBEE2MQTT_CONFIG_MQTT_SERVER: mqtt://mosquitto.database.svc.cluster.local.:1883 ZIGBEE2MQTT_CONFIG_MQTT_VERSION: 5 ZIGBEE2MQTT_CONFIG_PERMIT_JOIN: "false" ZIGBEE2MQTT_CONFIG_SERIAL_ADAPTER: ember ZIGBEE2MQTT_CONFIG_SERIAL_PORT: tcp://192.168.9.91:6638 ZIGBEE2MQTT_CONFIG_SERIAL_BAUDRATE: 115200 ZIGBEE2MQTT_CONFIG_SERIAL_DISABLE_LED: "false" probes: liveness: enabled: true readiness: enabled: true startup: enabled: true spec: failureThreshold: 30 periodSeconds: 10 securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true capabilities: { drop: ["ALL"] } resources: requests: cpu: 10m limits: memory: 384Mi defaultPodOptions: securityContext: runAsNonRoot: true runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 fsGroupChangePolicy: OnRootMismatch service: app: controller: *app ports: http: port: *port ingress: app: enabled: true className: internal annotations: nginx.ingress.kubernetes.io/auth-method: GET nginx.ingress.kubernetes.io/auth-url: http://authelia.default.svc.cluster.local.:8888/api/verify nginx.ingress.kubernetes.io/auth-signin: https://auth.${SECRET_EXTERNAL_DOMAIN}?rm=$request_method nginx.ingress.kubernetes.io/auth-response-headers: Remote-User,Remote-Name,Remote-Groups,Remote-Email nginx.ingress.kubernetes.io/auth-snippet: proxy_set_header X-Forwarded-Method $request_method; gethomepage.dev/enabled: "true" gethomepage.dev/name: Zigbee2mqtt gethomepage.dev/description: Bridge for connecting Zigbee devices to MQTT networks. gethomepage.dev/group: Applications gethomepage.dev/icon: zigbee2mqtt.png gethomepage.dev/pod-selector: >- app in ( zigbee2mqtt ) hosts: - host: &host "zigbee.${SECRET_EXTERNAL_DOMAIN}" paths: - path: / service: identifier: app port: http tls: - hosts: - *host persistence: config: enabled: true existingClaim: *app globalMounts: - path: /config logs: type: emptyDir globalMounts: - path: /config/log