argo-workflows: crds: install: true keep: true full: true upgradeJob: image: repository: registry.k8s.io/kubectl tag: v1.35.3 controller: metricsConfig: enabled: true persistence: postgresql: host: argo-workflows-postgresql-18-cluster-rw port: 5432 database: app tableName: app userNameSecret: name: argo-workflows-postgresql-18-cluster-app key: username passwordSecret: name: argo-workflows-postgresql-18-cluster-app key: password ssl: false sslMode: disable workflowWorkers: 2 workflowTTLWorkers: 2 podCleanupWorkers: 2 cronWorkflowWorkers: 2 resources: requests: cpu: 10m memory: 32Mi serviceMonitor: enabled: true workflowNamespaces: - argo-workflows server: authModes: - sso httproute: enabled: true parentRefs: - group: gateway.networking.k8s.io kind: Gateway name: traefik-gateway namespace: traefik hostnames: - argo-workflows.alexlebens.net rules: - matches: - path: type: PathPrefix value: / sso: enabled: true issuer: https://authentik.alexlebens.net/application/o/argo-workflows/ clientId: name: argo-workflows-oidc-secret key: client clientSecret: name: argo-workflows-oidc-secret key: secret redirectUrl: https://argo-workflows.alexlebens.net/oauth2/callback rbac: enabled: false scopes: - openid - email - profile argo-events: crds: install: true keep: true controller: resources: requests: cpu: 10m memory: 32Mi metrics: enabled: true serviceMonitor: enabled: true webhook: enabled: true resources: requests: cpu: 10m memory: 32Mi postgres-18-cluster: mode: recovery recovery: method: objectStore objectStore: index: 1 backup: objectStore: - name: garage-local index: 1 destinationBucket: postgres-backups externalSecretCredentialPath: /garage/home-infra/postgres-backups isWALArchiver: true scheduledBackups: - name: live-backup suspend: false immediate: true schedule: "0 0 14 * * *" backupName: garage-local