# Default values for lumina-app
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

# Number of pod replicas
replicaCount: 2

# Container image configuration
image:
  repository: harbor.advisori.de/lumina/app
  pullPolicy: IfNotPresent
  tag: "latest"

# Image pull secrets for private registries
imagePullSecrets:
  - name: harbor-registry-secret

# Override the default name
nameOverride: ""
fullnameOverride: ""

# Service account configuration
serviceAccount:
  create: true
  automount: true
  annotations: {}
  name: ""

# Pod annotations
podAnnotations: {}

# Pod labels
podLabels:
  app.kubernetes.io/component: frontend
  app.kubernetes.io/part-of: lumina

# Pod security context
podSecurityContext:
  runAsNonRoot: true
  runAsUser: 1001
  fsGroup: 1001

# Container security context
securityContext:
  allowPrivilegeEscalation: false
  capabilities:
    drop:
      - ALL
  readOnlyRootFilesystem: false
  runAsNonRoot: true
  runAsUser: 1001

# Service configuration
service:
  type: ClusterIP
  port: 80
  targetPort: 3000
  annotations: {}

# Ingress configuration
ingress:
  enabled: true
  className: "nginx"
  annotations:
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
  hosts:
    - host: app.advisori.de
      paths:
        - path: /
          pathType: Prefix
  tls:
    - secretName: lumina-app-tls
      hosts:
        - app.advisori.de

# Resource limits and requests
resources:
  limits:
    cpu: 1000m
    memory: 1Gi
  requests:
    cpu: 100m
    memory: 256Mi

# Horizontal Pod Autoscaler
autoscaling:
  enabled: true
  minReplicas: 2
  maxReplicas: 10
  targetCPUUtilizationPercentage: 80
  targetMemoryUtilizationPercentage: 80

# Liveness probe configuration
livenessProbe:
  httpGet:
    path: /api/health
    port: 3000
  initialDelaySeconds: 30
  periodSeconds: 10
  timeoutSeconds: 5
  successThreshold: 1
  failureThreshold: 3

# Readiness probe configuration
readinessProbe:
  httpGet:
    path: /api/health
    port: 3000
  initialDelaySeconds: 10
  periodSeconds: 5
  timeoutSeconds: 3
  successThreshold: 1
  failureThreshold: 3

# Node selector for pod scheduling
nodeSelector: {}

# Tolerations for pod scheduling
tolerations: []

# Affinity rules for pod scheduling
affinity: {}

# Environment variables
env:
  - name: NODE_ENV
    value: "production"
  - name: PORT
    value: "3000"
  - name: NEXT_TELEMETRY_DISABLED
    value: "1"

# Environment variables from secrets
envFrom:
  - secretRef:
      name: lumina-app-secrets

# Persistent Volume Claims (optional)
persistence:
  enabled: false
  storageClass: ""
  accessMode: ReadWriteOnce
  size: 1Gi
  mountPath: /app/data

# ConfigMap for additional configuration
configMap:
  enabled: false
  data: {}

# Secrets (reference existing secrets)
secrets:
  enabled: true
  name: lumina-app-secrets
  data: {}
    # DATABASE_URL: ""
    # SUPABASE_URL: ""
    # SUPABASE_ANON_KEY: ""
    # ANTHROPIC_API_KEY: ""

# Network Policy
networkPolicy:
  enabled: false
  policyTypes:
    - Ingress
    - Egress
  ingress:
    - from:
        - podSelector:
            matchLabels:
              app.kubernetes.io/component: ingress-nginx
  egress:
    - to:
        - namespaceSelector: {}
      ports:
        - protocol: TCP
          port: 443
        - protocol: TCP
          port: 80

# Pod Disruption Budget
podDisruptionBudget:
  enabled: true
  minAvailable: 1

# Service Monitor for Prometheus (optional)
serviceMonitor:
  enabled: false
  interval: 30s
  scrapeTimeout: 10s