harbor:
  expose:
    type: route
    tls:
      enabled: false
    route:
      parentRefs:
        - group: gateway.networking.k8s.io
          kind: Gateway
          name: traefik-gateway
          namespace: traefik
      hosts:
        - harbor.alexlebens.net
  externalURL: https://harbor.alexlebens.net
  persistence:
    enabled: true
    persistentVolumeClaim:
      registry:
        storageClass: ceph-block
        accessMode: ReadWriteOnce
        size: 100Gi
  existingSecretAdminPassword: harbor-secret
  existingSecretAdminPasswordKey: HARBOR_ADMIN_PASSWORD
  internalTLS:
    enabled: false
  ipFamily:
    ipv6:
      enabled: false
    ipv4:
      enabled: true
  updateStrategy:
    type: Recreate
  existingSecretSecretKey: harbor-secret
  enableMigrateHelmHook: true
  metrics:
    enabled: true
    serviceMonitor:
      enabled: true
  cache:
    enabled: true
  portal:
    image:
      repository: goharbor/harbor-portal
      tag: v2.14.1
    replicas: 2
  core:
    image:
      repository: goharbor/harbor-core
      tag: v2.14.1
    replicas: 2
    existingSecret: harbor-secret
    secretName: harbor-secret
    existingXsrfSecret: harbor-secret
  jobservice:
    image:
      repository: goharbor/harbor-jobservice
      tag: v2.14.1
    replicas: 2
    jobLoggers:
      - stdout
    existingSecret: harbor-secret
  registry:
    registry:
      image:
        repository: goharbor/registry-photon
        tag: v2.14.1
    controller:
      image:
        repository: goharbor/harbor-registryctl
        tag: v2.14.1
    existingSecret: harbor-secret
    relativeurls: true
    credentials:
      existingSecret: harbor-secret
    upload_purging:
      enabled: true
      age: 72h
      interval: 24h
      dryrun: false
  trivy:
    enabled: true
  database:
    type: external
    external:
      host: harbor-postgresql-18-cluster-rw
      port: "5432"
      username: app
      coreDatabase: app
      existingSecret: harbor-postgresql-18-cluster-app
  redis:
    type: external
    external:
      addr: "redis-replication-harbor-master.harbor:6379"
  exporter:
    image:
      repository: goharbor/harbor-exporter
      tag: v2.14.1
    replicas: 2
postgres-18-cluster:
  mode: recovery
  recovery:
    method: objectStore
    objectStore:
      index: 1
  backup:
    objectStore:
      - name: garage-local
        index: 1
        destinationBucket: postgres-backups
        externalSecretCredentialPath: /garage/home-infra/postgres-backups
        isWALArchiver: true
      # - name: garage-remote
      #   index: 1
      #   destinationBucket: postgres-backups
      #   externalSecretCredentialPath: /garage/home-infra/postgres-backups
      #   retentionPolicy: "90d"
      #   data:
      #     compression: bzip2
      # - name: external
      #   index: 1
      #   endpointURL: https://nyc3.digitaloceanspaces.com
      #   destinationBucket: postgres-backups-ce540ddf106d186bbddca68a
      #   externalSecretCredentialPath: /garage/home-infra/postgres-backups
      #   isWALArchiver: false
    scheduledBackups:
      - name: live-backup
        suspend: false
        immediate: true
        schedule: "0 0 0 * * *"
        backupName: garage-local
      # - name: weekly-backup
      #   suspend: true
      #   immediate: true
      #   schedule: "0 0 4 * * SAT"
      #   backupName: garage-remote
      # - name: daily-backup
      #   suspend: true
      #   immediate: true
      #   schedule: "0 0 0 * * *"
      #   backupName: external
redis-replication:
  existingSecret:
    enabled: false
  redisReplication:
    clusterSize: 3
  redisSentinel:
    enabled: true
    clusterSize: 3