Name
|
Description
|
GLOBAL: Platform parameters.
|
elma365.global.host
|
The domain (FQDN) or IP address through which the system will be accessible.
When installing the system with a specified domain name, it is necessary to add the corresponding AAA record to the DNS server: "myelma365.com" <-> "IP address of the machine with ELMA365" .
Default value: example.ru .
|
elma365.global.ingress.hostEnabled
|
Enabling host in ingress (value is taken from elma365.global.host ); if TLS support is enabled, the value is automatically set to true .
Important: If TLS support is not enabled, it's recommended to enable it. It is also planned to use the domain (FQDN) to access the S3 minio storage, installed in the Kubernetes cluster using charts elma365-dbs .
Default value: false .
Available options: true , false .
|
elma365.global.ingress.annotations
|
Annotations for ingress.
{"kubernetes.io/ingress.class": "nginx"} .
|
elma365.global.kubeVersion
|
Override the Kubernetes version.
|
elma365.global.openshift
|
Enable support for HAProxy Ingress to work on the OpenShift platform.
Default value: false .
Available options: true , false .
|
elma365.global.machineId
|
Path to file machine-id .
Default value: /etc/machine-id .
|
GLOBAL — TLS encryption parameters
|
elma365.global.ingress.onpremiseTls.enabled
|
Enable TLS support (enable https).
Default value: false .
Available options: true , false .
|
elma365.global.ingress.onpremiseTls.secret
|
Name of the secret with certificates for HTTPS operation.
Default value: elma365-onpremise-tls .
|
elma365.global.ingress.onpremiseTls.enabledCA
|
Enabling the root CA certificate for HTTPS operation with a self-signed certificate.
Important: before enabling, it's necessary to install the add-on components.
Default value: false .
Available options: true , false .
|
elma365.global.ingress.onpremiseTls.configCA
|
Name of the ConfigMap with the root CA certificate for HTTPS operation with a self-signed certificate.
Default value: elma365-onpremise-ca .
|
GLOBAL — Monitoring parameters
|
elma365.global.monitoring.enabled
|
Enables monitoring support on the ELMA365 application side.
Important: Before enabling service monitoring, it's necessary to install add-on components.
Default value: false .
Available options: true , false .
|
elma365.global.monitoring.metrics.enabled
|
Enables the installation of ServiceMonitor in the Kubernetes cluster for ELMA365 application services.
Default value: false .
Available options: true , false .
|
elma365.global.monitoring.metrics.all
|
Enables the provision of a significantly larger number of metrics in Prometheus format by the ELMA365 application services. It's disabled by default to prevent disruption of the entire monitoring system due to an excessive number of metrics.
Default value: false .
Available options: true , false .
|
elma365.global.monitoring.provisioner
|
Configures the supplied monitoring tools for the target platform.
Default value: k8s .
Available options: k8s , deckhouse .
|
elma365.global.monitoring.dashboard.enabled
|
Enables the installation of Dashboards (ConfigMap) in the Kubernetes cluster for ELMA365 application services.
Default value: false .
Available options: true , false .
|
elma365.global.monitoring.alerts.enabled
|
Enables the installation of PrometheusRule (CRD) in the Kubernetes cluster for ELMA365 application services.
Default value: false .
Available options: true , false .
|
GLOBAL — Portable services parameters
|
elma365.global.managedServices.enabled
|
Enables support for portable services.
Default value: true .
Available options: true , false .
|
elma365.global.managedServices.defaultStorageClass
|
Specify a data storage system.
Default value: longhorn .
|
elma365.global.managedServices.namespace
|
Names of the namespace where portable services will be placed.
Default value: elma365-applets .
|
GLOBAL — Service scaling parameters
|
elma365.global.autoscaling.enabled
|
Enables support for auto-scaling on the ELMA365 application side. Important: Before enabling service scaling, it is necessary to install add-on components.
Default value: false .
Available options: true , false .
|
elma365.global.autoscaling.type
|
Choosing the auto-scaling method.
Default value: hpa .
Available options: hpa , keda .
Where:
- keda is Kubernetes Event-driven Autoscaling;
- hpa is Horizontal Pod Autoscaler.
|
elma365.global.autoscaling.minReplicas
|
Configures the minimum number of replicas.
Default value: 1.
|
elma365.global.autoscaling.maxReplicas
|
Configures the maximum number of replicas.
Default value: 9.
|
GLOBAL — Connection parameters to the private container image repository
|
elma365.global.image.repository
|
Connection string for private registry.
Format: hostname:port/path .
Where:
hostname is the IP or domain name of the private registry;port is the connection port;path is the path to the directory.
Default value: hub.elma365.tech .
|
elma365.global.image.pullSecret
|
Name of the secret with access rights to the private registry (must be created manually, encrypted in Base64).
Default value: yandexsecret .
|
GLOBAL — Additional parameters
|
elma365.global.postgres.maxIdleConns
|
Maximum number of connections in the pool of unused connections.
Default value: 10 .
|
elma365.global.postgres.maxOpenConns
|
Maximum number of open connections from the pool.
Default value: 50 .
|
elma365.global.postgres.maxConnLife
|
Maximum lifespan of a connection from the pool.
Default value: 1m .
|
elma365.global.postgres.poolMaxIdleConns
|
Maximum number of connections in the pool of unused connections.
Default value: 10 .
|
elma365.global.postgres.poolMaxOpenConns
|
Maximum number of open connections from the pool.
Default value: 50 .
|
elma365.global.postgres.poolConnMaxLifetime
|
Maximum lifespan of a connection from the pool.
Default value: 5m .
|
elma365.global.maxGrpcMessageSize
|
Maximum response size.
Default value: 8388608 .
|
elma365.global.maxGrpcBackoffDelay
|
Maximum delay between attempts to establish a GRPC connection.
Default value: 2s .
|
elma365.global.activeDeadlineSeconds
|
Number of seconds allocated for the entire Job to execute.
Default value: 3000 .
|
Platform debugging parameters
|
elma365.debug
|
Enables platform debugging mode.
Default value: false .
Available options: true , false .
|
Company parameters
|
elma365.bootstrapCompany.email
|
The email address is specified. The email address will serve as the login for the main administrator.
Important: Used when creating a company at the time of ELMA365 installation, changing elma365.bootstrapCompany.email makes it impossible to apply new parameters or update ELMA365.
Default value: admin@mail.com .
|
elma365.bootstrapCompany.password
|
Password for the main administrator login.
Important: Used when creating a company at the time of ELMA365 installation.
Default value: test .
|
elma365.bootstrapCompany.locale
|
Company interface language.
Default value: ru-RU .
Available options: "ru-RU" , "en-US" , "sk-SK" , "es-ES" , "de-DE" .
|
Platform language parameters
|
elma365.language.default
|
Installed platform language.
Default value: ru-RU .
Available options: "ru-RU" , "en-US" , "sk-SK" , "es-ES" , "de-DE" .
|
Database connection parameters
|
elma365.db.psqlUrl
|
Connection string to PostgreSQL for write and read operations.
Format: postgresql://user:password@hostname:port/databaseName?sslmode=disable .
Where:
user is the name of the PostgreSQL user with rights to the databaseName databasepassword is the password for the PostgreSQL user;hostname is the IP or domain name of the PostgreSQL server;port is the port for connecting to PostgreSQL, standard port: 5432;databaseName is the name of the database;sslmode is the use of a secure connection.
|
elma365.db.psqlSecret
|
Secret name with connection to PostgreSQL for read operations (must be manually created, encrypted in Base64).
It should contain the key RO_POSTGRES_URL .
Important: enabling elma365.db.psqlSecret disables the elma365.db.roPsqlUrl parameter.
|
elma365.db.roPsqlUrl
|
Connection string to PostgreSQL for read operations.
Format: postgresql://user:password@hostname:port/databaseName?sslmode=disable .
Where:
user is the name of the PostgreSQL user with rights to the databaseName databasepassword is the password for the PostgreSQL user;hostname is the IP or domain name of the PostgreSQL server;port is the port for connecting to PostgreSQL, standard port: 5432;databaseName is the name of the database;sslmode is the use of a secure connection.
|
elma365.db.roPsqlSecret
|
Secret name with connection to PostgreSQL for read operations (must be manually created, encrypted in Base64).
It should contain the key RO_POSTGRES_URL .
Important: enabling elma365.db.roPsqlSecret disables the elma365.db.roPsqlUrl parameter.
|
elma365.db.mongoUrl
|
Connection string to MongoDB.
Format: mongodb://user:password@hostname:port/databaseName?ssl=false&replicaSet=rs0&readPreference=nearest .
Where:
user is the name of the MongoDB user with rights to the databaseName database;password is the password for the MongoDB user;hostname is the IP or domain name of the MongoDB server;port is the port for connecting to MongoDB, standard port: 27017;databaseName is the name of the database;ssl is the use of a secure connection;replicaSet is the replica set number;readPreference is the preferred read mode.
|
elma365.db.mongoSecret
|
Secret name with connection to MongoDB (must be manually created, encrypted in Base64).
It should contain the key MONGO_URL .
Important: enabling elma365.db.mongoSecret disables the elma365.db.mongoUrl parameter.
|
elma365.db.vahterMongoUrl
|
Connection string to MongoDB for the authorization server.
Format: mongodb://user:password@hostname:port/databaseName?ssl=false&replicaSet=rs0&readPreference=primaryPreferred .
Where:
user is the name of the MongoDB user with rights to the databaseName database;password is the password for the MongoDB user;hostname is the IP or domain name of the MongoDB server;port is the port for connecting to MongoDB, standard port: 27017;databaseName is the name of the database;ssl is the use of a secure connection;replicaSet is the replica set number;readPreference is the preferred read mode.
|
elma365.db.vahterMongoSecret
|
Secret name with connection to MongoDB for the authorization server (must be manually created, encrypted in Base64).
It should contain the key VAHTER_MONGO_URL .
Important: enabling elma365.db.vahterMongoSecret disables the elma365.db.vahterMongoUrl parameter.
|
elma365.db.redisUrl
|
Redis connection string.
Format: redis://user:password@hostname:port/databaseName .
Where:
user is the name of the Redis user with rights to the databaseName database;password is the password for the Redis user;hostname is the IP or domain name of the Redis server;port is the port for connecting to Redis, standard port: 6379;databaseName is the name of the database.
|
elma365.db.redisSecret
|
Secret name with connection to Redis (must be manually created, encrypted in Base64).
It should contain the key REDIS_URL .
Important: enabling elma365.db.redisSecret disables the elma365.db.redisUrl parameter.
|
elma365.db.amqpUrl
|
RabbitMQ connection string.
Format: amqp://user:password@hostname:port/vhost .
Where:
user is the name of the RabbitMQ user with rights to vhost;password the password for the RabbitMQ user;hostname is the IP or domain name of the RabbitMQ server;port is the port for connecting to RabbitMQ, standard port: 5672;databaseName is the name of the database.
|
elma365.db.amqpSecret
|
Secret name with connection to RabbitMQ (must be manually created, encrypted in Base64).
It should contain the key AMQP_URL .
Important: enabling elma365.db.amqpSecret disables the elma365.db.amqpUrl parameter.
|
Parameters for connecting to S3 file storage
|
elma365.s3.method
|
S3 file upload method.
Default value: PUT .
|
elma365.s3.accesskeyid
|
S3 server user login.
|
elma365.s3.secretaccesskey
|
S3 server user password.
|
elma365.s3.bucket
|
S3 bucket name.
Default value: s3elma365 .
|
elma365.s3.backend.address
|
S3 connection string.
Format: hostname:port .
Where:
hostname is the IP or domain name of the S3 server;port is theport for connecting to S3, standard S3 port: 9000.
If the port is not specified:
s3.ssl.enabled: false - select port 80;s3.ssl.enabled: true - select port 443.
|
elma365.s3.backend.region
|
S3 server location region.
|
elma365.s3.ssl.enabled
|
Usage of TLS encryption by the S3 server.
Default value: false .
Available options: true , false .
|
elma365.db.s3.virtualHostedStyle.enabled
|
Enablin the Virtual-hosted style mode for S3. In this mode, the bucket name is part of the url, for example: https://bucketname.example.com/objectName .
If the parameter is disabled, the address model used is Path‑style.
Default value: false .
Available options: true , false .
|
elma365.s3.dumpurl
|
S3 server address for backup by the script elma365db.sh .
Format:
- for S3 in the Kubernetes cluster:
http(s)://minio.<namespace>.svc.<cluster.local> ;
- for external S3:
http(s)://example.ru:9000 .
|
elma365.s3Secret
|
Secret name with connection to S3 storage (must be manually created, encrypted in Base64).
Should contain keys S3_BACKEND_ADDRESS , S3_REGION , S3_KEY , S3_SECRET , S3_BUCKET , S3_SSL_ENABLED , S3_UPLOAD_METHOD .
Important: enabling s3Secret disables the following parameters:
s3.method ;s3.accesskeyid ;s3.secretaccesskey ;s3.bucket ;s3.backend.address ;s3.backend.region ;s3.ssl.enabled .
Default value: elma365-custom-db-connections .
|
SMTP server connection parameters:
|
elma365.mailer.smtp.host
|
IP or URL address for connecting to the SMTP server.
Default value: " " .
|
elma365.mailer.smtp.port
|
Port for connecting to the SMTP server.
Default value: " " .
|
elma365.mailer.smtp.from
|
Email address (mailbox name) from which messages will be sent.
Default value: " " .
|
elma365.mailer.smtp.user
|
SMTP server user login.
Default value: " " .
|
elma365.mailer.smtp.password
|
SMTP server user password.
Default value: " " .
|
elma365.mailer.smtp.needTLS
|
Use of TLS encryption by the SMTP server.
Default value: false .
Available options: true , false .
|
Server script execution parameters
|
forkAvailableMemorySize
|
Sets a limit in MB for memory used by one execution fork inside one replica of the worker service.
If the parameter value is not set or is equal to 0, the worker service's operation remains unchanged.
|