---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# --  not using ingress nginx
# ------------------------------------------
istio:
  enabled: true
  istio:
    - name: minio-http
      gateway: badhouseplants-net
      kind: http
      hostname: min.e.badhouseplants.net
      service: minio-console
      port: 9001
    - name: s3-http
      gateway: badhouseplants-net
      kind: http
      hostname: s3.e.badhouseplants.net
      service: minio
      port: 9000
rootUser: 'overlord'
replicas: 1
mode: standalone
environment:
  MINIO_SERVER_URL: "https://s3.e.badhouseplants.net:443"
tls:
  enabled: false
  certSecret: ''
  publicCrt: public.crt
  privateKey: private.key
persistence:
  enabled: true
  accessMode: ReadWriteOnce
  size: 30Gi
service:
  type: ClusterIP
  clusterIP: ~
  port: '9000'
consoleService:
  type: ClusterIP
  clusterIP: ~
  port: '9001'
resources:
  requests:
    memory: 0.7Gi
policies:
  - name: badhouseplants:owners
    statements:
      - resources:
          - 'arn:aws:s3:::*'
        actions:
          - "s3:*"
      - resources: []
        actions:
          - "admin:*"
      - resources: []
        actions:
          - "kms:*"
  - name: badhouseplants
    statements:
      - resources:
          - 'arn:aws:s3:::badhouseplants-net'
        actions:
          - "s3:*"
      - resources:
          - 'arn:aws:s3:::badhouseplants-net/*'
        actions:
          - "s3:*"
  - name: backup
    statements:
    - resources:
        - 'arn:aws:s3:::longhorn/*'
        - 'arn:aws:s3:::longhorn'
      actions:
        - "s3:DeleteObject"
        - "s3:GetObject"
        - "s3:ListBucket"
        - "s3:PutObject"
buckets:
  - name: longhorn
    policy: none
    purge: false
    versioning: false
metrics:
  serviceMonitor:
    enabled: false
    public: true
    additionalLabels: {}