charts/securely-proxy/values.yaml

nginx_modsec:
  image: ghcr.io/cyso/securely-nginx-container:main
  config:
    # See: https://github.com/coreruleset/modsecurity-docker/blob/master/README.md#modsecurity-env-variables
    PARANOIA: "1"
    # Private CIDRs, see https://en.wikipedia.org/wiki/Reserved_IP_addresses
    SET_REAL_IP_FROM: 10.0.0.0/8,100.64.0.0/10,172.16.0.0/12,192.168.0.0/16,198.18.0.0/15
  resources:
    requests:
      cpu: "200m"
      memory: "200Mi"
    limits:
      memory: "2Gi"
  livenessProbe:
    exec:
      command:
        - curl
        - http://127.0.0.1/metrics/nginx
    periodSeconds: 3
  startupProbe:
    exec:
      command:
        - curl
        - http://127.0.0.1/metrics/nginx
    initialDelaySeconds: 8
    periodSeconds: 5
  extraVolumeMounts: []

  lifecycle: 
    preStop:
      exec:
        command: ["/bin/sh", "-c", "sleep 10"]

securely_blocker:
  enabled: true
  image: registry.securely.ai/securely/common/blocker:latest
  config:
    GRPC_URL:
    USERNAME:
    PASSWORD:
  resources:
    requests:
      cpu: "10m"
      memory: "30Mi"
    limits:
      memory: "250Mi"
  extraVolumeMounts: []

securely_secruleconfigurator:
  enabled: false
  image: registry.securely.ai/securely/common/secrule-configurator:latest
  config:
    GRPC_URL:
    USERNAME:
    PASSWORD:
  resources:
    requests:
      cpu: "10m"
      memory: "30Mi"
    limits:
      memory: "250Mi"
  extraVolumeMounts: []

filebeat:
  enabled: true
  image: docker.elastic.co/beats/filebeat:7.17.16
  config:
    organization_name:
    service_name:
    logstash_hosts:
  resources:
    requests:
      cpu: "50m"
      memory: "120Mi"
    limits:
      memory: "500Mi"
  extraVolumeMounts: []

replicas: 1

autoscaling:
  # -- Create HorizontalPodAutoscaler object.
  enabled: false
  #   minReplicas: 1
  #   maxReplicas: 10
  #   metrics:
  #   - type: Resource
  #     resource:
  #       name: cpu
  #       target:
  #         type: Utilization
  #         averageUtilization: 60
  #   - type: Resource
  #     resource:
  #       name: memory
  #       target:
  #         type: Utilization
  #         averageUtilization: 60
  #   behavior:
  #     scaleDown:
  #       stabilizationWindowSeconds: 300
  #       policies:
  #       - type: Pods
  #         value: 1
  #         periodSeconds: 60

imagePullSecrets: []

extraVolumes: []

tolerations: []
nodeSelector: {}
affinity: {}

topologySpreadConstraints:
- maxSkew: 1
  topologyKey: kubernetes.io/hostname
  whenUnsatisfiable: ScheduleAnyway

volumes:
  securely_volume:
    sizeLimit: 100Mi