note: I don't know how much I can maintain this but I will do my best
https://docs.bitnami.com/tutorials/secure-wordpress-kubernetes-managed-database-ssl-upgrades/ (Secure traffic with TLS and Let's Encrypt SSL certificates)
IF NGINX-DEFAULT-BACKEND HAS AN ERROR THAN INSTALL EVERYTHING ELSE THAN REMOVE NGINX AND REINSTALL IT I NOTICED THAT SEEMS TO FIX THAT ISSUE
first install bitnami's nginx ingress controller (https://github.com/bitnami/charts/tree/master/bitnami/nginx-ingress-controller) it is preferable not to have namespace be default (best results so far.)
if you use digital ocean go to Networking > Load Balancers > {Load Balancer created by website} > Settings
than change forwarding rules to http (on 80 to whatever your nginx exposes) and https (on 443 to whatever your nginx exposes) and make sure https has a certificate. (you can create one in that menu and even import one.
you can run the sh script if you want to it basically does the same as the first one just make sure to edit it
main (for if you download the file. THE MOST RECOMENDED):
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm dependancy update
kubectl create namespace <namespace-name>
helm install <releasename> ./ --namespace <namespace>
main (for if you want to directly download the nginx ingress manager. EASIEST):
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
kubectl create namespace <namespace-name>
helm install <releasename> bitnami/nginx-ingress-controller --namespace <namespace>
main default (puts it in a default namespace but you change the release name. NOT RECOMENDED should have different namespace):
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm install <releasename> bitnami/nginx-ingress-controller
base (full default. NOT RECOMENDED should have different namespace):
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm install ingress bitnami/nginx-ingress-controller
code for values.yaml (based off of the rancher values.yaml):
addHeaders: {}
affinity: {}
args: []
autoscaling:
enabled: false
maxReplicas: 11
minReplicas: 1
targetCPU: ''
targetMemory: ''
command: []
commonAnnotations: {}
commonLabels: {}
config: {}
configMapNamespace: ''
containerPorts:
http: 80
https: 443
metrics: 10254
containerSecurityContext:
allowPrivilegeEscalation: true
capabilities:
add:
- NET_BIND_SERVICE
drop:
- ALL
enabled: true
runAsUser: 1001
customLivenessProbe: {}
customReadinessProbe: {}
customTemplate:
configMapKey: ''
configMapName: ''
daemonset:
hostPorts:
http: 80
https: 443
useHostPort: false
defaultBackend:
affinity: {}
containerPort: 8080
containerSecurityContext:
enabled: true
runAsUser: 1001
enabled: true
extraArgs: {}
hostAliases: []
image:
pullPolicy: IfNotPresent
pullSecrets: []
registry: docker.io
repository: bitnami/nginx
tag: 1.21.1-debian-10-r24
livenessProbe:
enabled: true
failureThreshold: 3
httpGet:
path: /healthz
port: http
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
nodeAffinityPreset:
key: ''
type: ''
values: []
nodeSelector: {}
pdb:
create: false
maxUnavailable: ''
minAvailable: 1
podAffinityPreset: ''
podAnnotations: {}
podAntiAffinityPreset: soft
podLabels: {}
podSecurityContext:
enabled: true
fsGroup: 1001
priorityClassName: ''
readinessProbe:
enabled: true
failureThreshold: 6
httpGet:
path: /healthz
port: http
scheme: HTTP
initialDelaySeconds: 0
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
replicaCount: 1
resources:
limits: {}
requests: {}
serverBlockConfig: |-
location /healthz {
return 200;
}
location ~ /.well-known/acme-challenge {
allow all;
}
proxy_busy_buffers_size 512k;
proxy_buffers 4 512k;
proxy_buffer_size 256k;
fastcgi_buffers 16 256k;
fastcgi_buffer_size 256k;
index index.php index.html index.htm;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
add_header Strict-Transport-Security 'max-age=300; includeSubDomains; preload; always;';
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types image/svg+xml text/plain text/html text/xml text/css text/javascript application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript application/x-font-ttf application/vnd.ms-fontobject font/opentype font/ttf font/eot font/otf;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wordpress:9000;
fastcgi_index index.php;
fastcgi_param PHP_VALUE "upload_max_filesize = 2042M \n post_max_size=2045M";
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location ~ /\.ht {
deny all;
}
location = /favicon.ico {
log_not_found off; access_log off;
}
location = /robots.txt {
log_not_found off; access_log off; allow all;
}
location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
expires max;
log_not_found off;
}
location ~ ^/\.user\.ini {
deny all;
}
location ~* /wp-content/uploads/bb_medias/ {
if ( $upstream_http_x_accel_redirect = "" ) {
return 403;
}
internal;
}
location ~* /wp-content/uploads/bb_videos/ {
if ( $upstream_http_x_accel_redirect = "" ) {
return 403;
}
internal;
}
location ~* /wp-content/uploads/bb_documents/ {
if ( $upstream_http_x_accel_redirect = "" ) {
return 403;
}
internal;
}
location ~* /wp-content/uploads/bb_medias/ {
autoindex off;
}
location ~* /wp-content/uploads/bb_videos/ {
autoindex off;
}
location ~* /wp-content/uploads/bb_documents/ {
autoindex off;
}
location ~* /wp-content/.*\.(png|jpe?g)$ {
add_header Vary Accept;
expires 365d;
if ($http_accept !~* "webp"){
break;
}
try_files
/wp-content/webp-express/webp-images/doc-root/$uri.webp
$uri.webp
/wp-content/plugins/webp-express/wod/webp-on-demand.php?xsource=x$request_filename&wp-content=wp-content
;
}
location ~* ^/?wp-content/.*\.(png|jpe?g)\.webp$ {
try_files
$uri
/wp-content/plugins/webp-express/wod/webp-realizer.php?xdestination=x$request_filename&wp-content=wp-content
;
}
service:
port: 80
type: ClusterIP
tolerations: []
defaultBackendService: ''
dhParam: ''
dnsPolicy: ClusterFirst
electionID: ingress-controller-leader
extraArgs: {}
extraDeploy: []
extraEnvVars: []
extraEnvVarsCM: ''
extraEnvVarsSecret: ''
extraVolumeMounts: []
extraVolumes: []
fullnameOverride: ''
global:
imagePullSecrets: []
imageRegistry: ''
hostAliases: []
hostNetwork: false
image:
pullPolicy: IfNotPresent
pullSecrets: []
registry: docker.io
repository: bitnami/nginx-ingress-controller
tag: 0.48.1-debian-10-r17
ingressClass: nginx
initContainers: []
kind: Deployment
lifecycle: {}
livenessProbe:
enabled: true
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
maxmindLicenseKey: ''
metrics:
enabled: false
prometheusRule:
additionalLabels: {}
enabled: false
namespace: ''
rules: []
service:
annotations:
prometheus.io/port: '{{ .Values.metrics.service.port }}'
prometheus.io/scrape: 'true'
port: 9913
type: ClusterIP
serviceMonitor:
enabled: false
interval: 30s
namespace: ''
scrapeTimeout: ''
selector: {}
minReadySeconds: 0
nameOverride: ''
nodeAffinityPreset:
key: ''
type: ''
values: []
nodeSelector: {}
pdb:
create: false
maxUnavailable: ''
minAvailable: 1
podAffinityPreset: ''
podAnnotations: {}
podAntiAffinityPreset: soft
podLabels: {}
podSecurityContext:
enabled: true
fsGroup: 1001
podSecurityPolicy:
enabled: false
priorityClassName: ''
proxySetHeaders: {}
publishService:
enabled: false
pathOverride: ''
rbac:
create: true
readinessProbe:
enabled: true
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
replicaCount: 1
reportNodeInternalIp: false
resources:
limits: {}
requests: {}
revisionHistoryLimit: 10
scope:
enabled: false
service:
annotations: {}
clusterIP: ''
externalIPs: []
externalTrafficPolicy: ''
healthCheckNodePort: 0
labels: {}
loadBalancerIP: ''
loadBalancerSourceRanges: []
nodePorts:
http: ''
https: ''
tcp: {}
udp: {}
ports:
http: 80
https: 443
targetPorts:
http: http
https: https
type: LoadBalancer
serviceAccount:
annotations: {}
create: true
name: ''
sidecars: []
tcp: {}
tcpConfigMapNamespace: ''
terminationGracePeriodSeconds: 60
tolerations: []
topologySpreadConstraints: []
udp: {}
udpConfigMapNamespace: ''
updateStrategy: {}
after that you need to install cert-manger.
DO NOT USE BITNAMI'S. USE https://charts.jetstack.io
everything with this can be base except for installCRDs. (installCRDs: true) you can also run the sh script provided in the file make sure to edit it
you can run the sh script if you want to it basically does the same as the first one just make sure to edit it
main (for if you download the file. THE MOST RECOMENDED installs CRDs automatically due to values.yaml. double check though):
helm repo add jetstack https://charts.jetstack.io
helm repo update
helm dependancy update
kubectl create namespace <namespace-name>
helm install <releasename> ./ --namespace <namespace>
main (for if you want to directly download the nginx ingress manager. EASIEST):
helm repo add jetstack https://charts.jetstack.io
helm repo update
kubectl create namespace <namespace-name>
kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.5.0-beta.1/cert-manager.crds.yaml
helm install <releasename> jetstack/cert-manager --namespace <namespace>
main default (puts it in a default namespace but you change the release name. NOT RECOMENDED should have seprate name space):
helm repo add jetstack https://charts.jetstack.io
helm repo update
kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.5.0-beta.1/cert-manager.crds.yaml
helm install <releasename> jetstack/cert-manager
base (NOT RECOMENDED should have seprate name space):
helm repo add jetstack https://charts.jetstack.io
helm repo update
kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.5.0-beta.1/cert-manager.crds.yaml
helm install cert-manager jetstack/cert-manager
values.yaml (refernced from rancher):
affinity: {}
cainjector:
affinity: {}
containerSecurityContext: {}
enabled: true
extraArgs: []
image:
pullPolicy: IfNotPresent
repository: quay.io/jetstack/cert-manager-cainjector
nodeSelector: {}
podLabels: {}
replicaCount: 1
resources: {}
securityContext:
runAsNonRoot: true
serviceAccount:
automountServiceAccountToken: true
create: true
strategy: {}
tolerations: []
clusterResourceNamespace: ''
containerSecurityContext: {}
extraArgs: []
extraEnv: []
featureGates: ''
global:
imagePullSecrets: []
leaderElection:
namespace: kube-system
logLevel: 2
podSecurityPolicy:
enabled: false
useAppArmor: true
priorityClassName: ''
rbac:
create: true
image:
pullPolicy: IfNotPresent
repository: quay.io/jetstack/cert-manager-controller
ingressShim: {}
installCRDs: true
nodeSelector: {}
podLabels: {}
prometheus:
enabled: true
servicemonitor:
enabled: false
interval: 60s
labels: {}
path: /metrics
prometheusInstance: default
scrapeTimeout: 30s
targetPort: 9402
replicaCount: 1
resources: {}
securityContext:
runAsNonRoot: true
serviceAccount:
automountServiceAccountToken: true
create: true
strategy: {}
tolerations: []
volumeMounts: []
volumes: []
webhook:
affinity: {}
containerSecurityContext: {}
extraArgs: []
hostNetwork: false
image:
pullPolicy: IfNotPresent
repository: quay.io/jetstack/cert-manager-webhook
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
nodeSelector: {}
podLabels: {}
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 1
replicaCount: 1
resources: {}
securePort: 10250
securityContext:
runAsNonRoot: true
serviceAccount:
automountServiceAccountToken: true
create: true
serviceType: ClusterIP
strategy: {}
timeoutSeconds: 10
tolerations: []
url: {}
after that you need to make a ClusterIssuer make sure to change the email address to yours (it does need to be valid i believe)
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
namespace: <ENTER YOUR NAMESPACE>
labels:
name: letsencrypt-prod
spec:
acme:
email: <email address here>
privateKeySecretRef:
name: letsencrypt-prod
server: https://acme-v02.api.letsencrypt.org/directory
solvers:
- http01:
ingress:
class: nginx
than do:
kubectl apply -f letsencrypt-prod.yaml
now you need to make the certificate.yaml
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: certificate-prod
namespace: hi-cert
labels:
name: certificate-prod
spec:
dnsNames:
- <YOUR DOMAIN HERE
- www.<YOUR DOMAIN HERE>
secretName: <YOUR DOMAIN HERE>-tls
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
and than
kubectl apply -f certificate.yaml
after that you will now install wordpress using the bitnami charts. this part is important so please read through everything to ensure you have changed the place holders I have placed to what you want to use
you can run the sh script if you want to it basically does the same as the first one just make sure to edit it
main (for if you download the file. THE MOST RECOMENDED. make sure to edit values.yaml):
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm dependancy update
kubectl create namespace <namespace-name>
helm install <releasename> ./ --namespace <namespace>
main (for if you want to directly download the nginx ingress manager. EASIEST):
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
kubectl create namespace <namespace-name>
helm install <releasename> bitnami/wordpress --namespace <namespace> \
--set service.type=ClusterIP \
--set ingress.enabled=true \
--set ingress.certManager=true \
--set ingress.annotations."kubernetes\.io/ingress\.class"=nginx \
--set ingress.annotations."cert-manager\.io/cluster-issuer"=letsencrypt-prod \
--set ingress.hostname=<Change to your domain>
main default (puts it in a default namespace but you change the release name. NOT ENTIRELY RECOMENDED BUT WON'T HURT should be in a different name space):
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm install <releasename> bitnami/wordpress \
--set service.type=ClusterIP \
--set ingress.enabled=true \
--set ingress.certManager=true \
--set ingress.annotations."kubernetes\.io/ingress\.class"=nginx \
--set ingress.annotations."cert-manager\.io/cluster-issuer"=letsencrypt-prod \
--set ingress.hostname=<Change to your domain>
base (full default. NOT RECOMENDED should have a different release name at LEAST):
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm install wordpress bitnami/wordpress \
--set service.type=ClusterIP \
--set ingress.enabled=true \
--set ingress.certManager=true \
--set ingress.annotations."kubernetes\.io/ingress\.class"=nginx \
--set ingress.annotations."cert-manager\.io/cluster-issuer"=letsencrypt-prod \
--set ingress.hostname=<Change to your domain>
values.yaml (based on ranchers):
affinity: {}
allowEmptyPassword: true
allowOverrideNone: false
apacheConfiguration: ''
args: []
autoscaling:
enabled: false
maxReplicas: 11
minReplicas: 1
targetCPU: 50
targetMemory: 50
clusterDomain: <YOUR DOMAIN>
command: []
commonAnnotations: {}
commonLabels: {}
containerPorts:
http: 8080
https: 8443
containerSecurityContext:
enabled: true
runAsNonRoot: false
runAsUser: 1001
customHTAccessCM: ''
customLivenessProbe: {}
customPostInitScripts:
php.sh: |
#!/bin/bash
#
# Executes custom PHP init scripts
#
# shellcheck disable=SC1091
#
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
#
# Load libraries with logging functions
if [[ -f /opt/bitnami/base/functions ]]; then
. /opt/bitnami/base/functions
else
. /opt/bitnami/scripts/liblog.sh
fi
#
# Loop through all input files passed via stdin
read -r -a custom_init_scripts <<< "$@"
failure=0
if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then
for custom_init_script in "${custom_init_scripts[@]}"; do
[[ "$custom_init_script" != *".php" ]] && continue
info "Executing ${custom_init_script} with PHP interpreter"
php "$custom_init_script" || failure=1
[[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}"
done
fi
#
exit "$failure"
shell.sh: |
#!/bin/bash
#
# Executes custom Bash init scripts
#
# shellcheck disable=SC1090,SC1091
#
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
#
# Load libraries with logging functions
if [[ -f /opt/bitnami/base/functions ]]; then
. /opt/bitnami/base/functions
else
. /opt/bitnami/scripts/liblog.sh
fi
#
# Loop through all input files passed via stdin
read -r -a custom_init_scripts <<< "$@"
failure=0
if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then
for custom_init_script in "${custom_init_scripts[@]}"; do
[[ "$custom_init_script" != *".sh" ]] && continue
if [[ -x "$custom_init_script" ]]; then
info "Executing ${custom_init_script}"
"$custom_init_script" || failure="1"
else
info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail"
. "$custom_init_script"
fi
[[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}"
done
fi
#
exit "$failure"
sql-mysql.sh: |
#!/bin/bash
#
# Executes custom MySQL (.sql or .sql.gz) init scripts
#
# shellcheck disable=SC1091
#
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
#
# Load libraries with logging functions
if [[ -f /opt/bitnami/base/functions ]]; then
. /opt/bitnami/base/functions
else
. /opt/bitnami/scripts/liblog.sh
fi
#
mysql_execute() {
local -r sql_file="${1:?missing file}"
local failure=0
mysql_cmd=("mysql" "-h" "$MARIADB_HOST" "-P" "$MARIADB_PORT_NUMBER" "-u" "$MARIADB_ROOT_USER")
if [[ "${ALLOW_EMPTY_PASSWORD:-no}" != "yes" ]]; then
mysql_cmd+=("-p${MARIADB_ROOT_PASSWORD}")
fi
if [[ "$sql_file" == *".sql" ]]; then
"${mysql_cmd[@]}" < "$sql_file" || failure=$?
elif [[ "$sql_file" == *".sql.gz" ]]; then
gunzip -c "$sql_file" | "${mysql_cmd[@]}" || failure=$?
fi
return "$failure"
}
#
# Loop through all input files passed via stdin
read -r -a custom_init_scripts <<< "$@"
failure=0
if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then
for custom_init_script in "${custom_init_scripts[@]}"; do
[[ ! "$custom_init_script" =~ ^.*(\.sql|\.sql\.gz)$ ]] && continue
info "Executing ${custom_init_script}"
mysql_execute "$custom_init_script" || failure=1
[[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}"
done
fi
#
exit "$failure"
make-all-persist.sh: |
#!/bin/bash
cp -r /opt/bitnami/wordpress /bitnami/wordpress
#cp -r /opt/bitnami/apache /bitnami/wordpress
#cp -r /opt/bitnami/apache2 /bitnami/wordpress
#cp -r /opt/bitnami/php /bitnami/wordpress
sleep 4
rm -r /opt/bitnami/wordpress
#rm -r /opt/bitnami/apache
#rm -r /opt/bitnami/apache2
#rm -r /opt/bitnami/php
sleep 2
ln -s /bitnami/wordpress/wordpress /opt/bitnami/wordpress
#ln -s /bitnami/wordpress/apache /opt/bitnami/apache
#ln -s /bitnami/wordpress/apache2 /opt/bitnami/apache2
#ln -s /bitnami/wordpress/php /opt/bitnami/php
customReadinessProbe: {}
diagnosticMode:
args:
- infinity
command:
- sleep
enabled: false
existingApacheConfigurationConfigMap: ''
existingSecret: ''
existingWordPressConfigurationSecret: ''
externalCache:
host: localhost
port: 11211
externalDatabase:
database: bitnami_wordpress
existingSecret: ''
host: localhost
password: ''
port: 3306
user: bn_wordpress
extraDeploy: []
extraEnvVars: []
extraEnvVarsCM: ''
extraEnvVarsSecret: ''
extraVolumeMounts: []
extraVolumes: []
fullnameOverride: ''
global:
imagePullSecrets: []
imageRegistry: ''
storageClass: ''
hostAliases:
- hostnames:
- status.localhost
- <YOUR DOMAIN HERE>
- www.<YOUR DOMAIN HERE>
ip: 127.0.0.1
htaccessPersistenceEnabled: true
image:
debug: false
pullPolicy: IfNotPresent
pullSecrets: []
registry: docker.io
repository: bitnami/wordpress
tag: 5.8.0-debian-10-r6
ingress:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
kubernetes.io/ingress.class: nginx
apiVersion: ''
certManager: true
enabled: true
extraHosts:
- name: www.<YOUR DOMAIN HERE>
path: /
extraPaths: []
extraTls:
- hosts:
- www.<YOUR DOMAIN HERE>
secretName: <YOUR DOMAIN HERE>-tls
hostname: <YOUR DOMAIN HERE>
ingressClassName: ''
path: /
pathType: ImplementationSpecific
secrets: []
tls: true
initContainers: []
kubeVersion: ''
livenessProbe:
enabled: false
failureThreshold: 6
httpGet:
httpHeaders: []
path: /wp-admin/install.php
port: http
scheme: HTTP
initialDelaySeconds: 120
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
mariadb:
architecture: standalone
auth:
database: bitnami_wordpress
password: ''
rootPassword: ''
username: bn_wordpress
enabled: true
primary:
persistence:
accessModes:
- ReadWriteOnce
enabled: true
size: 50Gi
storageClass: ''
memcached:
enabled: false
service:
port: 11211
metrics:
enabled: false
image:
pullPolicy: IfNotPresent
pullSecrets: []
registry: docker.io
repository: bitnami/apache-exporter
tag: 0.10.0-debian-10-r6
resources:
limits: {}
requests: {}
service:
annotations:
prometheus.io/port: '{{ .Values.metrics.service.port }}'
prometheus.io/scrape: 'true'
port: 9117
serviceMonitor:
additionalLabels: {}
enabled: false
honorLabels: false
interval: 30s
namespace: ''
relabellings: []
scrapeTimeout: ''
multisite:
enable: false
enableNipIoRedirect: false
host: ''
networkType: subdomain
nameOverride: ''
nodeAffinityPreset:
key: ''
type: ''
values: []
nodeSelector: {}
pdb:
create: false
maxUnavailable: ''
minAvailable: 1
persistence:
accessMode: ReadWriteOnce
accessModes:
- ReadWriteOnce
dataSource: {}
enabled: true
existingClaim: ''
size: 200Gi
storageClass: ''
podAffinityPreset: ''
podAnnotations: {}
podAntiAffinityPreset: soft
podLabels: {}
podSecurityContext:
enabled: true
fsGroup: 1001
readinessProbe:
enabled: false
failureThreshold: 6
httpGet:
httpHeaders: []
path: /wp-login.php
port: http
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
replicaCount: 1
resources:
limits: {}
requests:
cpu: 1100m
memory: 1.4Gi
schedulerName: ''
service:
annotations: {}
clusterIP: ''
externalTrafficPolicy: Cluster
extraPorts: []
httpsPort: 443
httpsTargetPort: https
loadBalancerIP: ''
loadBalancerSourceRanges: []
nodePorts:
http: ''
https: ''
port: 80
type: ClusterIP
serviceAccountName: default
sidecars: []
smtpExistingSecret: ''
smtpHost: ''
smtpPassword: ''
smtpPort: ''
smtpProtocol: ''
smtpUser: ''
tolerations: []
updateStrategy:
rollingUpdate: {}
type: RollingUpdate
volumePermissions:
enabled: false
image:
pullPolicy: Always
pullSecrets: []
registry: docker.io
repository: bitnami/bitnami-shell
tag: 10-debian-10-r152
resources:
limits: {}
requests: {}
securityContext:
runAsUser: 0
wordpressAutoUpdateLevel: none
wordpressBlogName: User's Blog!
wordpressConfiguration: ''
wordpressConfigureCache: false
wordpressEmail: [email protected]
wordpressExtraConfigContent: ''
wordpressFirstName: FirstName
wordpressLastName: LastName
wordpressPassword: ''
wordpressPlugins: none
wordpressScheme: https
wordpressSkipInstall: false
wordpressTablePrefix: wp_
wordpressUsername: user