###############################
#                             #
#  NATS Server Configuration  #
#                             #
###############################
nats:
  image: nats:2.3.2-alpine
  pullPolicy: IfNotPresent

  # Toggle whether to enable external access.
  # This binds a host port for clients, gateways and leafnodes.
  externalAccess: false

  # Toggle to disable client advertisements (connect_urls),
  # in case of running behind a load balancer (which is not recommended)
  # it might be required to disable advertisements.
  advertise: true

  # In case both external access and advertise are enabled
  # then a service account would be required to be able to
  # gather the public ip from a node.
  serviceAccount: "nats-server"

  # The number of connect attempts against discovered routes.
  connectRetries: 30

  # How many seconds should pass before sending a PING
  # to a client that has no activity.
  pingInterval:

  resources: {}

  # Server settings.
  limits:
    maxConnections:
    maxSubscriptions:
    maxControlLine:
    maxPayload:

    writeDeadline:
    maxPending:
    maxPings:
    lameDuckDuration:

  terminationGracePeriodSeconds: 60

  logging:
    debug:
    trace:
    logtime:
    connectErrorReports:
    reconnectErrorReports:

  jetstream:
    enabled: false

    #############################
    #                           #
    #  Jetstream Memory Storage #
    #                           #
    #############################
    memStorage:
     enabled: true
     size: 1Gi

    ############################
    #                          #
    #  Jetstream File Storage  #
    #                          #
    ############################
    fileStorage:
      enabled: false
      storageDirectory: /data

      # Set for use with existing PVC
      # existingClaim: jetstream-pvc
      # claimStorageSize: 1Gi

      # Use below block to create new persistent volume
      # only used if existingClaim is not specified
      size: 1Gi
      storageClassName: default
      accessModes:
        - ReadWriteOnce
      annotations:
        # key: "value"

  #######################
  #                     #
  #  TLS Configuration  #
  #                     #
  #######################
  #
  #  # You can find more on how to setup and trouble shoot TLS connnections at:
  #
  #  # https://docs.nats.io/nats-server/configuration/securing_nats/tls
  #

  # tls:
  #   secret:
  #     name: nats-client-tls
  #   ca: "ca.crt"
  #   cert: "tls.crt"
  #   key: "tls.key"

mqtt:
  enabled: false
  ackWait: 1m
  maxAckPending: 100

  #######################
  #                     #
  #  TLS Configuration  #
  #                     #
  #######################
  #
  #  # You can find more on how to setup and trouble shoot TLS connnections at:
  #
  #  # https://docs.nats.io/nats-server/configuration/securing_nats/tls
  #

  #
  # tls:
  #   secret:
  #     name: nats-mqtt-tls
  #   ca: "ca.crt"
  #   cert: "tls.crt"
  #   key: "tls.key"

nameOverride: ""
# An array of imagePullSecrets, and they have to be created manually in the same namespace
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
imagePullSecrets: []

# Toggle whether to use setup a Pod Security Context
# ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
securityContext: {}
# securityContext:
#   fsGroup: 1000
#   runAsUser: 1000
#   runAsNonRoot: true

# Affinity for pod assignment
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
affinity: {}

## Pod priority class name
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass
priorityClassName: null

# Service topology
# ref: https://kubernetes.io/docs/concepts/services-networking/service-topology/
topologyKeys: []

# Pod Topology Spread Constraints
# ref https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
topologySpreadConstraints: []
# - maxSkew: 1
#   topologyKey: zone
#   whenUnsatisfiable: DoNotSchedule

# Annotations to add to the NATS pods
# ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
podAnnotations: {}
# key: "value"

## Define a Pod Disruption Budget for the stateful set
## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/
podDisruptionBudget: null
  # minAvailable: 1
  # maxUnavailable: 1

# Annotations to add to the NATS StatefulSet
statefulSetAnnotations: {}

# Annotations to add to the NATS Service
serviceAnnotations: {}

cluster:
  enabled: false
  replicas: 3
  noAdvertise: false
  # authorization:
  #   user: foo
  #   password: pwd
  #   timeout: 0.5

# Leafnode connections to extend a cluster:
#
# https://docs.nats.io/nats-server/configuration/leafnodes
#
leafnodes:
  enabled: false
  noAdvertise: false
  # remotes:
  #   - url: "tls://connect.ngs.global:7422"

  #######################
  #                     #
  #  TLS Configuration  #
  #                     #
  #######################
  #
  #  # You can find more on how to setup and trouble shoot TLS connnections at:
  #
  #  # https://docs.nats.io/nats-server/configuration/securing_nats/tls
  #

  #
  # tls:
  #   secret:
  #     name: nats-client-tls
  #   ca: "ca.crt"
  #   cert: "tls.crt"
  #   key: "tls.key"

# Gateway connections to create a super cluster
#
# https://docs.nats.io/nats-server/configuration/gateways
#
gateway:
  enabled: false
  name: 'default'

  #############################
  #                           #
  #  List of remote gateways  #
  #                           #
  #############################
  # gateways:
  #   - name: other
  #     url: nats://my-gateway-url:7522

  #######################
  #                     #
  #  TLS Configuration  #
  #                     #
  #######################
  #
  #  # You can find more on how to setup and trouble shoot TLS connnections at:
  #
  #  # https://docs.nats.io/nats-server/configuration/securing_nats/tls
  #
  # tls:
  #   secret:
  #     name: nats-client-tls
  #   ca: "ca.crt"
  #   cert: "tls.crt"
  #   key: "tls.key"

# In case of both external access and advertisements being
# enabled, an initializer container will be used to gather
# the public ips.
bootconfig:
  image: natsio/nats-boot-config:0.5.3
  pullPolicy: IfNotPresent

# NATS Box
#
# https://github.com/nats-io/nats-box
#
natsbox:
  enabled: true
  image: natsio/nats-box:0.6.0
  pullPolicy: IfNotPresent

  # An array of imagePullSecrets, and they have to be created manually in the same namespace
  # ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  imagePullSecrets: []
  #  - name: dockerhub

  # credentials:
  #   secret:
  #     name: nats-sys-creds
  #     key: sys.creds

  # Annotations to add to the box pods
  # ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
  podAnnotations: {}
  #  key: "value"

  # Affinity for nats box pod assignment
  # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
  affinity: {}

# The NATS config reloader image to use.
reloader:
  enabled: true
  image: natsio/nats-server-config-reloader:0.6.1
  pullPolicy: IfNotPresent

# Prometheus NATS Exporter configuration.
exporter:
  enabled: true
  image: natsio/prometheus-nats-exporter:0.8.0
  pullPolicy: IfNotPresent
  resources: {}
  # Prometheus operator ServiceMonitor support. Exporter has to be enabled
  serviceMonitor:
    enabled: false
    ## Specify the namespace where Prometheus Operator is running
    ##
    # namespace: monitoring
    labels: {}
    annotations: {}
    path: /metrics
    # interval:
    # scrapeTimeout:

# Authentication setup
auth:
  enabled: false

  # basic:
  #   noAuthUser:
  #   # List of users that can connect with basic auth,
  #   # that belong to the global account.
  #   users:

  #   # List of accounts with users that can connect
  #   # using basic auth.
  #   accounts:

  # Reference to the Operator JWT.
  # operatorjwt:
  #   configMap:
  #     name: operator-jwt
  #     key: KO.jwt

  # Token authentication
  # token:

  # Public key of the System Account
  # systemAccount:

  resolver:
    # Disables the resolver by default
    type: none

    ##########################################
    #                                        #
    # Embedded NATS Account Server Resolver  #
    #                                        #
    ##########################################
    # type: full

    # If the resolver type is 'full', delete when enabled will rename the jwt.
    allowDelete: false

    # Interval at which a nats-server with a nats based account resolver will compare
    # it's state with one random nats based account resolver in the cluster and if needed,
    # exchange jwt and converge on the same set of jwt.
    interval: 2m

    # Operator JWT
    operator:

    # System Account Public NKEY
    systemAccount:

    # resolverPreload:
    #   <ACCOUNT>: <JWT>

    # Directory in which the account JWTs will be stored.
    store:
      dir: "/accounts/jwt"

      # Size of the account JWT storage.
      size: 1Gi

    ##############################
    #                            #
    # Memory resolver settings   #
    #                            #
    ##############################
    # type: memory
    #
    # Use a configmap reference which will be mounted
    # into the container.
    #
    # configMap:
    #   name: nats-accounts
    #   key: resolver.conf

    ##########################
    #                        #
    #  URL resolver settings #
    #                        #
    ##########################
    # type: URL
    # url: "http://nats-account-server:9090/jwt/v1/accounts/"

websocket:
  enabled: false
  port: 443

appProtocol:
  enabled: false

# Cluster Domain configured on the kubelets
# https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
k8sClusterDomain: cluster.local

# Add labels to all the deployed resources
commonLabels: {}