joshuacox/gist:4f41f14aaa0a3b285ae3e09a5d1f17fb

## gistfile1.txt
## Configure Ingress resource that allow you to access the Drupal installation
## Set up the URL
## ref: http://kubernetes.io/docs/user-guide/ingress/
##
ingress:
  enabled: false
  annotations: {}
  path: /
  hosts:
    - chart-example.local
  tls: []

drupal:
  image: drupalwxt/site-wxt
  tag: 4.0.4
  imagePullPolicy: IfNotPresent
  replicas: 1
  php:
    ini: {}
  username: admin
  password: password123
  profile: wxt
  siteEmail: admin@example.com
  siteName: Drupal Install Profile (WxT)
  siteRoot: /
  wxtTheme: theme-gcweb
  version: d8
  extraSettings: ''
  extraInstallScripts: ''
  extraUpgradeScripts: ''
  install: true
  restore:
    enabled: false
    name: latest
    db: true
    files: false
    volume: {}
  migrate: true
  reconfigure: true
  cron:
    enabled: true
    schedule: '0 * * * *'
  backup:
    enabled: false
    schedule: '0 0 * * *'
    volume: {}
    sqlDumpArgs: ''
  healthcheck:
    enabled: true
  extensions:
    enabled: true
  serviceType: ClusterIP
  volumePermissions:
    enabled: true
  persistence:
    enabled: true
    storageClass: "openebs-lvmpv"
    annotations: {}
    accessMode: ReadWriteOnce
    size: 8Gi
  disableDefaultFilesMount: true
  volumes:
    - name: files-public
      hostPath:
        path: /mnt/drupal/drupal-public
    - name: files-private
      hostPath:
        path: /mnt/drupal/drupal-private
  volumeMounts:
    - name: files-public
      mountPath: /var/www/html/sites/default/files
    - name: files-private
      mountPath: /private
  securityContext:
    fsGroup: 82
    runAsUser: 82
    runAsGroup: 82
  smtp:
    host: mail
    tls: true
    starttls: true
    auth:
      enabled: false
      user: ''
      password: ''
      method: LOGIN
  configSplit:
    enabled: false
  podAnnotations: {}
  resources: {}

nginx:
  image: drupalwxt/site-wxt
  tag: 4.0.4-nginx
  imagePullPolicy: IfNotPresent
  replicas: 1
  resolver: kube-dns.kube-system.svc.cluster.local
  serviceType: ClusterIP
  persistence:
    enabled: true
    storageClass: "openebs-lvmpv"
    annotations: {}
    accessMode: ReadWriteOnce
    size: 8Gi
  securityContext:
    enabled: true
    fsGroup: 33
  client_max_body_size: 20m
  real_ip_header: X-Forwarded-For
  volumes:
    - name: files-public
      hostPath:
        path: /mnt/drupal/drupal-public
  volumeMounts:
    - name: files-public
      mountPath: /var/www/html/sites/default/files
external:
  enabled: false
sharedDisk:
  enabled: false
azureFile:
  enabled: false
mysql:
  enabled: true
  imageTag: 5.7.28
  mysqlUser: drupal
  mysqlPassword: mypass123
  mysqlDatabase: drupal1
  persistence:
    enabled: true
    storageClass: openebs-lvmpv
    size: 8Gi
  configurationFiles:
    mysql.cnf: |-
      [mysqld]
      max_allowed_packet = 256M
      innodb_buffer_pool_size = 4096M
      innodb_buffer_pool_instances = 4
      table_definition_cache = 4096
      table_open_cache = 8192
      innodb_flush_log_at_trx_commit=2
postgresql:
  enabled: false
pgbouncer:
  enabled: false
proxysql:
  enabled: true
  admin:
    user: proxysql
    password: proxypassword
  monitor:
    user: monitor
    password: monitpassword
  configuration:
    maxConnections: 2048
    serverVersion: "5.7.28"
    stackSize: 1048576
redis:
  enabled: true
  persistence:
    enabled: true
    storageClass: openebs-lvmpv
    size: 8Gi
  volumePermissions:
    enabled: true
varnish:
  enabled: true
  varnishd:
    image: varnish
    tag: 6.5.1
    imagePullPolicy: IfNotPresent
  service:
    type: ClusterIP
    port: 80
  resources: {}
  nodeSelector: {}
  tolerations: []
  affinity: {}
  varnishConfigContent: |
    vcl 4.0;
    import std;
    import directors;
    backend nginx {
      .host = "{{ include "backend.fullname" . }}-nginx";
      .host_header = "{{ include "backend.fullname" . }}-nginx";
      .port = "80";
    }
    sub vcl_init {
      new backends = directors.round_robin();
      backends.add_backend(nginx);
    }
    sub vcl_recv {
      set req.http.X-Forwarded-Host = req.http.Host;
      if (!req.http.X-Forwarded-Proto) {
        set req.http.X-Forwarded-Proto = "http";
      }
      if (req.url == "/_healthcheck" || req.url == "/healthcheck.txt") {
        return (synth(700, "HEALTHCHECK"));
      }
      set req.backend_hint = backends.backend();
      if (req.url == "/_healthcheck" || req.url == "/healthcheck.txt") {
        return (synth(700, "HEALTHCHECK"));
      }
      set req.backend_hint = backends.backend();
      if (req.url ~ "(?i)\.(asc|dat|tgz|png|gif|jpeg|jpg|ico|swf|css|js)(\?.*)?$") {
        unset req.http.Cookie;
      } else if (req.http.Cookie) {
        set req.http.Cookie = ";" + req.http.Cookie;
        set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");
        set req.http.Cookie = regsuball(req.http.Cookie, ";(SESS[a-z0-9]+|SSESS[a-z0-9]+|NO_CACHE)=", "; \1=");
        set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
        set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");
        if (req.http.Cookie == "") {
            unset req.http.Cookie;
        } else {
            return (pass);
        }
      }
      if (req.method == "POST" || req.method == "PUT" || req.method == "DELETE") {
        return (pass);
      }
      return (hash);
    }
    sub vcl_backend_fetch {
      set bereq.http.Host = "{{ include "backend.fullname" . }}-nginx";
      set bereq.http.X-Forwarded-For = regsub(bereq.http.X-Forwarded-For, "(, )?127\.0\.0\.1$", "");
    }
    sub vcl_backend_response {
      if (beresp.http.Location) {
        set beresp.http.Location = regsub(
          beresp.http.Location,
          "^https?://[^/]+/",
          bereq.http.X-Forwarded-Proto + "://" + bereq.http.X-Forwarded-Host + "/"
        );
      }
      if (beresp.status == 200 || beresp.status == 203 || beresp.status == 204 || beresp.status == 206 || beresp.status == 300 || beresp.status == 301 || beresp.status == 404 || beresp.status == 405 || beresp.status == 410 || beresp.status == 414 || beresp.status == 501) {
        set beresp.ttl = 5m;
        set beresp.grace = 12h;
        set beresp.keep = 24h;
      } else {
        set beresp.ttl = 0s;
      }
    }
    sub vcl_deliver {
      unset resp.http.Server;
      unset resp.http.X-Powered-By;
      unset resp.http.X-Varnish;
      unset resp.http.Via;
      unset resp.http.Cache-Tags;
      unset resp.http.X-Drupal-Cache-Contexts;
      if (req.url ~ "^/livechat" || req.url ~ "^/(eng/|fra/)?media/") {
        set resp.http.X-Frame-Options = "SAMEORIGIN";
      } else {
        set resp.http.X-Frame-Options = "DENY";
      }
      set resp.http.X-Content-Type-Options = "nosniff";
      set resp.http.X-XSS-Protection = "1; mode=block";
      if (obj.hits > 0) {
        set resp.http.X-Cache = "HIT";
      } else {
        set resp.http.X-Cache = "MISS";
      }
      if ( (resp.status >= 500 && resp.status <= 599)
        || resp.status == 400
        || resp.status == 401
        || resp.status == 403
        || resp.status == 404) {
        return (synth(resp.status));
      }
    }
    sub vcl_synth {
      unset resp.http.Server;
      unset resp.http.X-Powered-By;
      unset resp.http.X-Varnish;
      unset resp.http.Via;
      if (resp.status == 700) { # Respond to healthcheck
        set resp.status = 200;
        set resp.http.Content-Type = "text/plain";
        synthetic ( {"OK"} );
        return (deliver);
      }
    }
	## Configure Ingress resource that allow you to access the Drupal installation
	## Set up the URL
	## ref: http://kubernetes.io/docs/user-guide/ingress/
	##
	ingress:
	enabled: false
	annotations: {}
	path: /
	hosts:
	- chart-example.local
	tls: []

	drupal:
	image: drupalwxt/site-wxt
	tag: 4.0.4
	imagePullPolicy: IfNotPresent
	replicas: 1
	php:
	ini: {}
	username: admin
	password: password123
	profile: wxt
	siteEmail: admin@example.com
	siteName: Drupal Install Profile (WxT)
	siteRoot: /
	wxtTheme: theme-gcweb
	version: d8
	extraSettings: ''
	extraInstallScripts: ''
	extraUpgradeScripts: ''
	install: true
	restore:
	enabled: false
	name: latest
	db: true
	files: false
	volume: {}
	migrate: true
	reconfigure: true
	cron:
	enabled: true
	schedule: '0 * * * *'
	backup:
	enabled: false
	schedule: '0 0 * * *'
	volume: {}
	sqlDumpArgs: ''
	healthcheck:
	enabled: true
	extensions:
	enabled: true
	serviceType: ClusterIP
	volumePermissions:
	enabled: true
	persistence:
	enabled: true
	storageClass: "openebs-lvmpv"
	annotations: {}
	accessMode: ReadWriteOnce
	size: 8Gi
	disableDefaultFilesMount: true
	volumes:
	- name: files-public
	hostPath:
	path: /mnt/drupal/drupal-public
	- name: files-private
	hostPath:
	path: /mnt/drupal/drupal-private
	volumeMounts:
	- name: files-public
	mountPath: /var/www/html/sites/default/files
	- name: files-private
	mountPath: /private
	securityContext:
	fsGroup: 82
	runAsUser: 82
	runAsGroup: 82
	smtp:
	host: mail
	tls: true
	starttls: true
	auth:
	enabled: false
	user: ''
	password: ''
	method: LOGIN
	configSplit:
	enabled: false
	podAnnotations: {}
	resources: {}

	nginx:
	image: drupalwxt/site-wxt
	tag: 4.0.4-nginx
	imagePullPolicy: IfNotPresent
	replicas: 1
	resolver: kube-dns.kube-system.svc.cluster.local
	serviceType: ClusterIP
	persistence:
	enabled: true
	storageClass: "openebs-lvmpv"
	annotations: {}
	accessMode: ReadWriteOnce
	size: 8Gi
	securityContext:
	enabled: true
	fsGroup: 33
	client_max_body_size: 20m
	real_ip_header: X-Forwarded-For
	volumes:
	- name: files-public
	hostPath:
	path: /mnt/drupal/drupal-public
	volumeMounts:
	- name: files-public
	mountPath: /var/www/html/sites/default/files
	external:
	enabled: false
	sharedDisk:
	enabled: false
	azureFile:
	enabled: false
	mysql:
	enabled: true
	imageTag: 5.7.28
	mysqlUser: drupal
	mysqlPassword: mypass123
	mysqlDatabase: drupal1
	persistence:
	enabled: true
	storageClass: openebs-lvmpv
	size: 8Gi
	configurationFiles:
	mysql.cnf: \|-
	[mysqld]
	max_allowed_packet = 256M
	innodb_buffer_pool_size = 4096M
	innodb_buffer_pool_instances = 4
	table_definition_cache = 4096
	table_open_cache = 8192
	innodb_flush_log_at_trx_commit=2
	postgresql:
	enabled: false
	pgbouncer:
	enabled: false
	proxysql:
	enabled: true
	admin:
	user: proxysql
	password: proxypassword
	monitor:
	user: monitor
	password: monitpassword
	configuration:
	maxConnections: 2048
	serverVersion: "5.7.28"
	stackSize: 1048576
	redis:
	enabled: true
	persistence:
	enabled: true
	storageClass: openebs-lvmpv
	size: 8Gi
	volumePermissions:
	enabled: true
	varnish:
	enabled: true
	varnishd:
	image: varnish
	tag: 6.5.1
	imagePullPolicy: IfNotPresent
	service:
	type: ClusterIP
	port: 80
	resources: {}
	nodeSelector: {}
	tolerations: []
	affinity: {}
	varnishConfigContent: \|
	vcl 4.0;
	import std;
	import directors;
	backend nginx {
	.host = "{{ include "backend.fullname" . }}-nginx";
	.host_header = "{{ include "backend.fullname" . }}-nginx";
	.port = "80";
	}
	sub vcl_init {
	new backends = directors.round_robin();
	backends.add_backend(nginx);
	}
	sub vcl_recv {
	set req.http.X-Forwarded-Host = req.http.Host;
	if (!req.http.X-Forwarded-Proto) {
	set req.http.X-Forwarded-Proto = "http";
	}
	if (req.url == "/_healthcheck" \|\| req.url == "/healthcheck.txt") {
	return (synth(700, "HEALTHCHECK"));
	}
	set req.backend_hint = backends.backend();
	if (req.url == "/_healthcheck" \|\| req.url == "/healthcheck.txt") {
	return (synth(700, "HEALTHCHECK"));
	}
	set req.backend_hint = backends.backend();
	if (req.url ~ "(?i)\.(asc\|dat\|tgz\|png\|gif\|jpeg\|jpg\|ico\|swf\|css\|js)(\?.*)?$") {
	unset req.http.Cookie;
	} else if (req.http.Cookie) {
	set req.http.Cookie = ";" + req.http.Cookie;
	set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");
	set req.http.Cookie = regsuball(req.http.Cookie, ";(SESS[a-z0-9]+\|SSESS[a-z0-9]+\|NO_CACHE)=", "; \1=");
	set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
	set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+\|[; ]+$", "");
	if (req.http.Cookie == "") {
	unset req.http.Cookie;
	} else {
	return (pass);
	}
	}
	if (req.method == "POST" \|\| req.method == "PUT" \|\| req.method == "DELETE") {
	return (pass);
	}
	return (hash);
	}
	sub vcl_backend_fetch {
	set bereq.http.Host = "{{ include "backend.fullname" . }}-nginx";
	set bereq.http.X-Forwarded-For = regsub(bereq.http.X-Forwarded-For, "(, )?127\.0\.0\.1$", "");
	}
	sub vcl_backend_response {
	if (beresp.http.Location) {
	set beresp.http.Location = regsub(
	beresp.http.Location,
	"^https?://[^/]+/",
	bereq.http.X-Forwarded-Proto + "://" + bereq.http.X-Forwarded-Host + "/"
	);
	}
	if (beresp.status == 200 \|\| beresp.status == 203 \|\| beresp.status == 204 \|\| beresp.status == 206 \|\| beresp.status == 300 \|\| beresp.status == 301 \|\| beresp.status == 404 \|\| beresp.status == 405 \|\| beresp.status == 410 \|\| beresp.status == 414 \|\| beresp.status == 501) {
	set beresp.ttl = 5m;
	set beresp.grace = 12h;
	set beresp.keep = 24h;
	} else {
	set beresp.ttl = 0s;
	}
	}
	sub vcl_deliver {
	unset resp.http.Server;
	unset resp.http.X-Powered-By;
	unset resp.http.X-Varnish;
	unset resp.http.Via;
	unset resp.http.Cache-Tags;
	unset resp.http.X-Drupal-Cache-Contexts;
	if (req.url ~ "^/livechat" \|\| req.url ~ "^/(eng/\|fra/)?media/") {
	set resp.http.X-Frame-Options = "SAMEORIGIN";
	} else {
	set resp.http.X-Frame-Options = "DENY";
	}
	set resp.http.X-Content-Type-Options = "nosniff";
	set resp.http.X-XSS-Protection = "1; mode=block";
	if (obj.hits > 0) {
	set resp.http.X-Cache = "HIT";
	} else {
	set resp.http.X-Cache = "MISS";
	}
	if ( (resp.status >= 500 && resp.status <= 599)
	\|\| resp.status == 400
	\|\| resp.status == 401
	\|\| resp.status == 403
	\|\| resp.status == 404) {
	return (synth(resp.status));
	}
	}
	sub vcl_synth {
	unset resp.http.Server;
	unset resp.http.X-Powered-By;
	unset resp.http.X-Varnish;
	unset resp.http.Via;
	if (resp.status == 700) { # Respond to healthcheck
	set resp.status = 200;
	set resp.http.Content-Type = "text/plain";
	synthetic ( {"OK"} );
	return (deliver);
	}
	}