---
# CloudNativePG Operator Helm Values
# Enable cert-manager for webhook certificates

# Webhook configuration with cert-manager
webhook:
  # Port for the webhook server
  port: 9443
  # Mutual TLS for the webhook
  mutualTLS:
    enabled: false
  
  # IMPORTANT: Enable cert-manager for certificate generation
  # This creates a Certificate resource that cert-manager will fulfill
  certManager:
    enabled: true
    
    # Certificate issuer (use your existing cluster-issuer)
    issuer:
      # Use ClusterIssuer (not namespaced Issuer)
      kind: ClusterIssuer
      # This should match your existing cert-manager ClusterIssuer
      # Common names: letsencrypt-prod, selfsigned-issuer, ca-issuer
      name: "letsencrypt-prod"  # CHANGE THIS to match your issuer
    
    # Certificate configuration
    certificate:
      # Certificate duration (default: 2160h = 90 days)
      duration: 2160h
      # Renew before expiry (default: 720h = 30 days)
      renewBefore: 720h

# Monitoring
monitoring:
  # Enable PodMonitor for Prometheus
  podMonitorEnabled: true
  
# Resource limits (adjust based on your needs)
resources:
  limits:
    cpu: 200m
    memory: 512Mi
  requests:
    cpu: 100m
    memory: 256Mi

# Replicas (1 is fine for homelab)
replicaCount: 1

# Image configuration (optional - use defaults)
# image:
#   repository: ghcr.io/cloudnative-pg/cloudnative-pg
#   tag: 1.28.0

# Service configuration
service:
  type: ClusterIP
  port: 8080