# Declare variables to be passed into your templates. namespaces: nexusNs: nexusrepo cloudwatchNs: amazon-cloudwatch externaldnsNs: nexus-externaldns externaldns: enabled: false domainFilter: example.com #your root domain e.g example.com awsZoneType: private # hosted zone to look at (valid values are public, private or no value for both) fluentbit: enabled: false deployment: clusterRegion: us-east-1 name: nxrm.deployment clusterName: nxrm-nexus logsRegion: us-east-1 fluentBitVersion: 2.28.0 replicaCount: 1 initContainer: image: repository: busybox tag: 1.33.1 container: image: repository: sonatype/nexus3 tag: 3.45.1 containerPort: 8081 pullPolicy: IfNotPresent env: nexusDBName: nexus nexusDBPort: 3306 install4jAddVmParams: "-Xms2703m -Xmx2703m" requestLogContainer: image: repository: busybox tag: 1.33.1 auditLogContainer: image: repository: busybox tag: 1.33.1 taskLogContainer: image: repository: busybox tag: 1.33.1 serviceAccount: name: nexus-repository-deployment-sa #This SA is created as part of steps under "AWS Secrets Manager" role: arn:aws:iam::000000000000:role/nxrm-nexus-role #Role with secretsmanager permissions externaldns: name: external-dns role: arn:aws:iam::000000000000:role/nexusrepo-external-dns-irsa-role #Role with route53 permissions needed by external-dns ingress: #host: "example.com" #host to apply this ingress rule to. Uncomment this in your values.yaml and set it as you wish annotations: kubernetes.io/ingress.class: alb alb.ingress.kubernetes.io/healthcheck-path: /service/rest/v1/status alb.ingress.kubernetes.io/scheme: internal # scheme alb.ingress.kubernetes.io/subnets: subnet-1,subnet-2 #comma separated list of subnet ids #alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' uncomment for https #alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:0000000000000:certificate/00000000-1111-2222-3333-444444444444 # Uncomment for https. The AWS Certificate Manager ARN for your HTTPS certificate dockerIngress: #Ingress for Docker Connector - comment out if you don't use docker repositories enabled: false annotations: kubernetes.io/ingress.class: alb # comment out if you don't use docker repositories alb.ingress.kubernetes.io/scheme: internal # scheme comment out if you don't use docker repositories alb.ingress.kubernetes.io/subnets: subnet-1,subnet-2 #comma separated list of subnet ids, comment out if you don't use docker repositories # alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' #uncomment if you use docker repositories # alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:0000000000000:certificate/00000000-1111-2222-3333-444444444444 # Uncomment if you use docker repositories - The AWS Certificate Manager ARN for your HTTPS certificate # external-dns.alpha.kubernetes.io/hostname: dockerrepo1.example.com, dockerrepo2.example.com, dockerrepo3.example.com # Add more docker subdomains using dockerrepoName.example.com othereise comment out if you don't use docker repositories workdir: configmap: name: create-nexus-workdir-config daemonset: name: create-nexus-work-dir storageClass: iopsPerGB: "10" #Note: aws plugin multiplies this by the size of the requested volumne to compute IOPS of the volumne and caps it a 20, 000 IOPS pv: storage: 120Gi volumeMode: Filesystem accessModes: ReadWriteOnce reclaimPolicy: Retain path: /nexus-repo-mgr-work-dir/work zones: zone1: us-east-1a zone2: us-east-1b pvc: accessModes: ReadWriteOnce storage: 100Gi service: #Nexus Repo NodePort Service nexus: type: NodePort protocol: TCP port: 80 targetPort: 8081 docker: #Nodeport Service for Docker Service enabled: false type: NodePort protocol: TCP port: 9090 targetPort: 8081 secret: license: arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrm-nexus-license alias: nxrm-license.lic rds: arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrmrds-cred-nexus adminpassword: arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:admin-nxrm-password