Configuration

# values.yaml
replicaCount: 2
 
image:
  repository: ghcr.io/microboxlabs/miot-app
  tag: "v1.0.0"
 
ingress:
  enabled: true
  hosts:
    - host: app.example.com
      paths:
        - path: /
          pathType: Prefix

helm install miot-app microboxlabs/miot-app -f values.yaml

# Base configuration + environment overrides
helm install miot-app microboxlabs/miot-app \
  -f values-base.yaml \
  -f values-production.yaml

image:
  repository: your-registry.com/miot-app
  tag: "v1.0.0"
  pullPolicy: Always
 
imagePullSecrets:
  - name: registry-credentials

kubectl create secret docker-registry registry-credentials \
  --docker-server=your-registry.com \
  --docker-username=user \
  --docker-password=password \
  --namespace modulariot

image:
  repository: ghcr.io/microboxlabs/miot-app
  tag: "v1.0.0"
 
imagePullSecrets:
  - name: ghcr-secret

kubectl create secret docker-registry ghcr-secret \
  --docker-server=ghcr.io \
  --docker-username=YOUR_GITHUB_USERNAME \
  --docker-password=YOUR_GITHUB_PAT \
  --namespace modulariot

resources:
  limits:
    cpu: 1000m
    memory: 1Gi
  requests:
    cpu: 250m
    memory: 512Mi

ingress:
  enabled: true
  className: nginx
  annotations:
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/proxy-body-size: "50m"
  hosts:
    - host: app.example.com
      paths:
        - path: /
          pathType: Prefix
  tls:
    - secretName: app-tls
      hosts:
        - app.example.com

ingress:
  enabled: true
  className: traefik
  annotations:
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    traefik.ingress.kubernetes.io/router.tls: "true"
  hosts:
    - host: app.example.com
      paths:
        - path: /
          pathType: Prefix

ingress:
  enabled: true
  className: alb
  annotations:
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:...
  hosts:
    - host: app.example.com
      paths:
        - path: /
          pathType: Prefix

ingress:
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod
  tls:
    - secretName: app-tls
      hosts:
        - app.example.com

# Create TLS secret
kubectl create secret tls app-tls \
  --cert=path/to/cert.pem \
  --key=path/to/key.pem \
  -n modulariot

ingress:
  tls:
    - secretName: app-tls
      hosts:
        - app.example.com

env:
  - name: LOG_LEVEL
    value: "info"
  - name: FEATURE_FLAG
    value: "true"

envFrom:
  - configMapRef:
      name: app-config

kubectl create configmap app-config \
  --from-literal=LOG_LEVEL=info \
  --from-literal=API_URL=https://api.example.com \
  -n modulariot

envFrom:
  - secretRef:
      name: app-secrets
 
env:
  - name: DATABASE_PASSWORD
    valueFrom:
      secretKeyRef:
        name: db-credentials
        key: password

autoscaling:
  enabled: true
  minReplicas: 2
  maxReplicas: 10
  targetCPUUtilizationPercentage: 70
  targetMemoryUtilizationPercentage: 80

podAnnotations:
  cluster-autoscaler.kubernetes.io/safe-to-evict: "true"

livenessProbe:
  httpGet:
    path: /api/health/live
    port: http
  initialDelaySeconds: 30
  periodSeconds: 10
  timeoutSeconds: 5
  failureThreshold: 3
 
readinessProbe:
  httpGet:
    path: /api/health/ready
    port: http
  initialDelaySeconds: 10
  periodSeconds: 5
  timeoutSeconds: 3
  failureThreshold: 3

nodeSelector:
  node-type: application
  kubernetes.io/arch: amd64

tolerations:
  - key: "dedicated"
    operator: "Equal"
    value: "app"
    effect: "NoSchedule"

affinity:
  podAntiAffinity:
    preferredDuringSchedulingIgnoredDuringExecution:
      - weight: 100
        podAffinityTerm:
          labelSelector:
            matchLabels:
              app.kubernetes.io/name: miot-app
          topologyKey: kubernetes.io/hostname

serviceAccount:
  create: true
  name: "miot-app-sa"
  annotations:
    eks.amazonaws.com/role-arn: arn:aws:iam::123456789:role/miot-app-role

serviceAccount:
  create: false
  name: "existing-sa"