-
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathvalues.yaml
164 lines (144 loc) · 7.15 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
# values.yaml
# Number of replicas
replicaCount: 1
# Extra annotations for pods
podAnnotations: {}
# Extra annotations
annotations: {}
# Extra tolerations for pods
tolerations: []
# Chart name override
nameOverride: ""
# Full name of the deployment to override the default one
fullnameOverride: ""
# Image settings
image:
repository: libretranslate/libretranslate
pullPolicy: Always
tag: "latest"
# Using a Private Registry
# If you want to use a custom image from a private registry, you'll need to create an image pull secret with the registry's credentials:
# kubectl create secret docker-registry my-registry-secret --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL
# imagePullSecrets:
# - name: my-registry-secret
imagePullSecrets: []
# Service settings
service:
type: ClusterIP
port: 5000
# Ingress settings
ingress:
enabled: false
className: "" # set this to the name of the ingress controller class to use like nginx
annotations:
# cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/proxy-body-size: 10m
# Check for the adminUser key below.
# This will enable basic auth for the whole site.
# nginx.ingress.kubernetes.io/auth-type: basic
# nginx.ingress.kubernetes.io/auth-secret: libretranslate-auth
# nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required'
hosts:
- host: translate.example.com
paths:
- path: /
pathType: Prefix
# tls:
# - secretName: libretranslate-secret-tls
# hosts:
# - translate.example.com
# Security Context
securityContext:
fsGroup: 1032
# Security Context for init container
initContainerSecurityContext:
runAsUser: 0
runAsGroup: 0
# Pod Security Context
podSecurityContext:
runAsUser: 1032
runAsGroup: 1032
# Persistent settings
# if you don't want to download a copy of the models per pod, you can use a shared storage like an nfs storage class
# and set it to ReadWriteMany. this way if you scale the pods later on, they will all use the same models and won't
# duplicate the space and download requests.
persistence:
enabled: false
db:
storageClass: ""
accessMode: "ReadWriteOnce"
size: "1Gi"
models:
storageClass: ""
accessMode: "ReadWriteOnce"
size: "10Gi" # as of August 2023, the models are about 6.6GB in size for all languages
# Resource limits
resources:
limits:
cpu: 1
memory: 2Gi
requests:
cpu: 500m
memory: 1Gi
# Readiness probe for kubernetes
readinessProbe:
exec:
command:
- /app/venv/bin/python
- /app/scripts/healthcheck.py
initialDelaySeconds: 10
periodSeconds: 5
# Liveness probe for kubernetes
livenessProbe:
exec:
command:
- /app/venv/bin/python
- scripts/healthcheck.py
initialDelaySeconds: 10
periodSeconds: 5
# Auth secret for basic authentication
# generate base64-user-password-pair with:
# htpasswd -nb <username> <password> | base64
#
# e.g.:
#
# htpasswd -nb admin mySecretPassword | base64
# This is used by the nginx ingress controller to enable basic auth for the whole site.
# It will create a secret with the name libretranslate-auth.
adminUser:
name: "YWRtaW4K" # copy the username in base64 as a reference
auth: "YWRtaW46JGFwcjEkYlpydmYvUFYkSHBHSlhqZU1EN0ZON2kyYndsMVRNMQoK" # copy the output from the htpasswd command here as a reference
password: "bXlTZWNyZXRQYXNzd29yZAo=" # copy the password as base64 for the admin user here as a reference
# Settings / Flags
appSettings:
debug: "false" # Enable debug environment (Default: Disabled)
ssl: "false" # Enable SSL (Default: Disabled)
apiKeys: "false" # Enable API keys database for per-client rate limits when --req-limit is reached (Default: Don't use API keys)
requireApiKeyOrigin: "" # Require use of an API key for programmatic access to the API, unless the request origin matches this domain (Default: No restrictions on domain origin)
requireApiKeySecret: "" # Require use of an API key for programmatic access to the API, unless the client also sends a secret match (Default: No secrets required)
suggestions: "false" # Allow user suggestions (Default: Disabled)
disableFilesTranslation: "false" # Disable files translation (Default: File translation allowed)
disableWebUi: "false" # Disable web ui (Default: Web Ui enabled)
updateModels: "false" # Update language models at startup (Default: Only on if no models found)
metrics: "false" # Enable the /metrics endpoint for exporting Prometheus usage metrics (Default: Disabled)
# Configuration Parameters
appConfig:
host: "0.0.0.0" # Set host to bind the server to (Default: 127.0.0.1)
port: "5000" # Set port to bind the server to (Default: 5000)
charLimit: "null" # Set character limit (Default: No limit)
reqLimit: "null" # Set maximum number of requests per minute per client (outside of limits set by api keys) (Default: No limit)
reqLimitStorage: "memory://" # Storage URI to use for request limit data storage. See Flask Limiter (Default: memory://)
batchLimit: "null" # Set maximum number of texts to translate in a batch request (Default: No limit)
gaId: "" # Enable Google Analytics on the API client page by providing an ID (Default: Empty (no tracking))
frontendLanguageSource: "auto" # Set frontend default language - source (Default: auto)
frontendLanguageTarget: "locale" # Set frontend default language - target (Default: locale (match site's locale))
frontendTimeout: "500" # Set frontend translation timeout (Default: 500)
apiKeysDbPath: "/app/db/api_keys.db" # Use a specific path inside the container for the local database. Can be absolute or relative (Default: /app/db/api_keys.db)
apiKeysDbPathMount: "/app/db" # Use a specific path inside the container for the local database. Must be the same as apiKeysDbPath (Default: /app/db)
apiKeysRemote: "" # Use this remote endpoint to query for valid API keys instead of using the local database (Default: Empty (use local db instead))
getApiKeyLink: "" # Show a link in the UI where to direct users to get an API key (Default: Empty (no link shown on web ui))
sharedStorage: "memory://" # Shared storage URI to use for multi-process data sharing (e.g. when using gunicorn) (Default: memory://)
loadOnly: "" # Set available languages (Default: Empty (use all from argostranslate))
threads: "4" # Set number of threads (Default: 4)
metricsAuthToken: "" # Protect the /metrics endpoint by allowing only clients that have a valid Authorization Bearer token (Default: Empty (no auth required))
urlPrefix: "" # Add prefix to URL: example.com:5000/url-prefix/ (Default: /)