ankitsaini2609 · July 22, 2024 10:24 · Jul 22, 2024 · Jul 22, 2024
diff --git a/Readme.md b/Readme.md
@@ -0,0 +1,10 @@
+# Commands
+```
+helm repo add privatebin https://privatebin.github.io/helm-chart
+helm repo update
+helm install your-release --values values.yaml privatebin/privatebin
+```
+
+# Reference: 
+- https://github.com/PrivateBin/helm-chart
+- https://github.com/PrivateBin/PrivateBin/blob/master/cfg/conf.sample.php
diff --git a/values.yaml b/values.yaml
@@ -0,0 +1,172 @@
+---
+# Default values for privatebin.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# if you are using the default filesystem storage class, don't use
+# multiple replicas
+replicaCount: 1
+
+image:
+  # https://github.com/PrivateBin/docker-nginx-fpm-alpine
+  repository: privatebin/nginx-fpm-alpine
+  # tag: latest # defaults to Chart.appVersion
+  pullPolicy: Always
+  ## Optionally specify an array of imagePullSecrets.
+  ## Secrets must be manually created in the namespace.
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+  ##
+  # pullSecrets:
+  #   - myRegistrKeySecretName
+
+podAnnotations: {}
+additionalLabels: {}
+
+nameOverride: ""
+fullnameOverride: ""
+datapath: "/srv/data"
+
+service:
+  type: ClusterIP #; Change it as a nodePort, because clusterIP will not allow you to access the service outside cluster. accordingly change other service settings.
+  port: 80
+  portName: http
+  annotations: {}
+  ## Limit load balancer source ips to list of CIDRs (where available)
+  # loadBalancerSourceRanges: []
+
+controller:
+  # Valid values are "Deployment", "StatefulSet", and "Both"
+  kind: Deployment
+  pvc:
+    requests: "1Gi"
+    accessModes: "ReadWriteOnce"
+    ## If defined, storageClassName: <storageClass>
+    ## If set to "-", storageClassName: "", which disables dynamic provisioning
+    ## If undefined (the default) or set to null, no storageClassName spec is
+    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
+    ##   GKE, AWS & OpenStack)
+    ## Please be aware that gp2 supports only RWO, check with
+    ## this table:
+    ## https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes
+    ##
+    # storageClass: "-"
+  # For deployment controller, an emptyDir can be enable in the pod for writing data
+  # with the following option
+  emptyDir: false
+securityContext:
+  runAsUser: 65534
+  runAsGroup: 82
+  fsGroup: 82
+
+podSecurityContext:
+  readOnlyRootFilesystem: true
+  privileged: false
+  allowPrivilegeEscalation: false
+
+extraVolumes: []
+  # Optionally specify extra list of additional volumes for PrivateBin pod.
+  # Example
+  # - name: nginx-params
+  #   configMap:
+  #     name: nginx-params
+
+extraVolumeMounts: []
+  # Optionally specify extra list of additional volumeMounts for PrivateBin pod.
+  # Example
+  # - mountPath: /etc/nginx/server.d
+  #   name: nginx-params
+
+
+ingress:
+  enabled: false
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: privatebin.local
+      paths:
+        - path: "/"
+          pathType: Prefix
+
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+topologySpreadConstraints: []
+
+configs: 
+  conf.php: |-
+    [main]
+      discussion = true
+      opendiscussion = false
+      password = true
+      fileupload = true
+      burnafterreadingselected = false
+      defaultformatter = "plaintext"
+      sizelimit = 10485760
+      template = "bootstrap"
+      languageselection = false
+      qrcode = true
+    [expire]
+      default = "1week"
+    [expire_options]
+      5min = 300
+      10min = 600
+      1hour = 3600
+      1day = 86400
+      1week = 604800
+      1month = 2592000
+      1year = 31536000
+      never = 0
+    [formatter_options]
+      plaintext = "Plain Text"
+      syntaxhighlighting = "Source Code"
+      markdown = "Markdown"
+    [traffic]
+      limit = 10
+    [purge]
+      limit = 300
+      batchsize = 10
+    [model]
+      class = S3Storage
+    [model_options]
+      region = "us-east-1"
+      bucket = "privatebin-allen"
+      version = "latest"
+      accesskey = "<AccessKey>" #; Not needed in case you are using role-based access.
+      secretkey = "<SecretKey>" #; Not needed in case you are using role-based access.
+  #   ; see https://github.com/PrivateBin/PrivateBin/blob/master/cfg/conf.sample.php for config
+
+## Enable RBAC
+rbac:
+  create: false
+  serviceAccount:
+    # Annotations to add to the service account
+    annotations: {}
+    # The name of the service account to use.
+    # If not set and create is true, a name is generated using the fullname template
+    name: ""
+
+# If true, create & use Pod Security Policy resources. Requires rbac.
+podSecurityPolicy:
+  enabled: false
+  annotations: []