drone_enabled: true
drone_publish: false
drone_use_external_db: true
drone_default_values:
  service:
    type: ClusterIP
    port: 80
  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: "{{ external_ingress_class if drone_publish else internal_ingress_class }}"
      cert-manager.io/cluster-issuer: "letsencrypt-prod"
      cert-manager.io/acme-dns01-provider: "rfc2136"
      cert-manager.io/acme-challenge-type: "dns01"
    hosts:
      - host: "drone.{{ domain }}"
        paths:
          - "/"
    tls:
     - secretName: "drone.{{ domain }}-tls"
       hosts:
         - "drone.{{ domain }}"
  persistentVolume:
    enabled: true
    accessModes:
      - "{{ drone_storage_mode | default('ReadWriteMany') }}"
    mountPath: /data
    size: "{{ drone_size | default('8Gi') }}"
    storageClass: "{{ drone_storage | default('nfs-ssd') }}"
  env:
    DRONE_SERVER_HOST: "drone.{{ domain }}"
    DRONE_SERVER_PROTO: https
    DRONE_RPC_SECRET: "{{ drone_rpc_secret | default(omit) }}"
    DRONE_DATABASE_DRIVER: "postgres"
    DRONE_DATABASE_DATASOURCE: "postgres://{{ drone_db_username }}:{{ drone_db_password }}@{{ postgres_db_team | default(namespace) }}-postgres.{{ postgres_db_namespace | default(namespace) }}.svc.cluster.local:5432/drone?sslmode=disable"
    DRONE_DATABASE_SECRET: "{{ drone_database_secret | default(omit) }}"
    DRONE_GITEA_CLIENT_ID: "{{ drone_gitea_client_id | default(omit) }}"
    DRONE_GITEA_CLIENT_SECRET: "{{ drone_gitea_client_secret | default(omit) }}"
    DRONE_GITEA_SERVER: "https://gitea.{{ domain }}"

drone_runner_kube_default_values:
  rbac:
    buildNamespaces:
      - "{{ drone_namespace | default(namespace) }}"
  env:
    DRONE_RPC_SECRET: "{{ drone_rpc_secret }}"
    DRONE_RPC_HOST: "drone.{{ domain }}"
    DRONE_RPC_PROTO: https
    DRONE_NAMESPACE_DEFAULT: "{{ drone_namespace | default(namespace) }}"