# ============================================================================= # BASIC CONFIGURATION # ============================================================================= # Instance name — used to generate resource names (devcontainer-{name}, userhome-{name}) name: "" # Deployment mode controls the infrastructure pattern # - persistent: Traditional model with PVC storage, single long-lived deployment # - dynamic: Serverless model with Knative, auto-scaling from 0, dynamic GitHub routing deploymentMode: persistent # persistent | dynamic # Container image configuration image: repository: ghcr.io/cpfarhood/devcontainer tag: latest pullPolicy: Always # GitHub repository to clone into /workspace (ignored in dynamic mode - uses URL routing) githubRepo: "" # ============================================================================= # ACCESS & INTERFACE # ============================================================================= # IDE configuration ide: # Options: vscode | antigravity | none type: vscode # SSH access configuration ssh: enabled: false # Web file manager — built-in upload/download via the VNC web interface (port 5800) # Uses the base image's WEB_FILE_MANAGER feature (no extra sidecar needed) fileManager: enabled: false # Paths the file manager can access (default: AUTO = mapped volumes) # Options: AUTO | ALL | comma-separated list of paths allowedPaths: "/workspace,/config" # Paths to deny (takes precedence over allowedPaths) deniedPaths: "" # VNC display settings display: width: "1920" height: "1080" secureConnection: "0" # Set to "1" when TLS is not terminated upstream # User configuration user: id: "1000" groupId: "1000" # ============================================================================= # INFRASTRUCTURE & RESOURCES # ============================================================================= # Storage configuration storage: size: 32Gi className: "" # Empty string uses the cluster's default StorageClass (must support ReadWriteMany) # Resource allocation resources: requests: memory: "2Gi" cpu: "1000m" limits: memory: "8Gi" cpu: "4000m" # Shared memory for Electron apps (Chrome, Antigravity) shm: sizeLimit: 2Gi # Kubernetes cluster access via RBAC # Options: none | readonlyns | readwritens | readonly | readwrite clusterAccess: none # ============================================================================= # INTEGRATIONS # ============================================================================= # Happy Coder AI assistant configuration happy: serverUrl: "" webappUrl: "" homeDir: "/config/userdata/.happy" experimental: "true" # MCP (Model Context Protocol) server sidecars mcp: sidecars: # Kubernetes API access kubernetes: enabled: true image: repository: quay.io/containers/kubernetes_mcp_server tag: v0.0.57 port: 8080 resources: requests: memory: "64Mi" cpu: "50m" limits: memory: "256Mi" cpu: "500m" # Flux GitOps operations flux: enabled: true image: repository: ghcr.io/controlplaneio-fluxcd/flux-operator-mcp tag: v0.41.1 port: 8081 resources: requests: memory: "64Mi" cpu: "50m" limits: memory: "256Mi" cpu: "500m" # Home Assistant smart home control homeassistant: enabled: false # Requires HOMEASSISTANT_URL and HOMEASSISTANT_TOKEN image: repository: ghcr.io/homeassistant-ai/ha-mcp tag: v6.7.1 port: 8087 resources: requests: memory: "64Mi" cpu: "50m" limits: memory: "256Mi" cpu: "500m" # PostgreSQL performance tuning pgtuner: enabled: false # Requires DATABASE_URI in secrets image: repository: dog830228/pgtuner_mcp tag: latest port: 8085 resources: requests: memory: "64Mi" cpu: "50m" limits: memory: "256Mi" cpu: "500m" # Browser automation and web testing playwright: enabled: true image: repository: mcr.microsoft.com/playwright/mcp tag: v0.0.68 port: 8086 resources: requests: memory: "128Mi" cpu: "100m" limits: memory: "512Mi" cpu: "1000m" # ============================================================================= # SMART DEFAULTS & AUTO-DETECTION # ============================================================================= # Environment auto-detection based on name patterns # Automatically adjusts defaults for dev/test/prod/team environments autoDetect: environment: true # Auto-detect dev/prod/team from name storageClass: true # Auto-detect ReadWriteMany storage class resources: true # Auto-size resources based on enabled features # Resource profiles (auto-selected based on environment and features) # Override specific values above to customize resourceProfile: auto # auto | small | medium | large | xlarge # ============================================================================= # DYNAMIC MODE CONFIGURATION (deploymentMode: dynamic) # ============================================================================= # Dynamic mode uses Knative Services and routing proxy for serverless operation dynamic: # Knative Service configuration knative: # Scaling configuration minScale: 0 # Scale to zero when not in use maxScale: 10 # Maximum number of concurrent instances target: 1 # Requests per instance (isolation = 1 request per pod) scaleToZeroGracePeriod: "5m" # Keep instances warm for 5 minutes # Container startup timeout (repo cloning + IDE startup) timeoutSeconds: 600 # 10 minutes # Resource configuration (per instance) resources: requests: memory: "1Gi" cpu: "500m" limits: memory: "4Gi" cpu: "2000m" # Routing proxy configuration (extracts GitHub repo from URL) routingProxy: enabled: true replicas: 2 # High availability image: repository: ghcr.io/cpfarhood/devcontainer-routing-proxy tag: latest pullPolicy: Always resources: requests: memory: "64Mi" cpu: "100m" limits: memory: "256Mi" cpu: "500m" # Ingress configuration for dynamic mode ingress: enabled: true className: nginx host: "" # Set this to your domain (e.g., devcontainer.farh.net) # TLS configuration tls: enabled: true secretName: "" # Auto-generated if empty issuer: "letsencrypt-prod" # cert-manager ClusterIssuer # Authentik forward auth configuration authentik: enabled: false # Set to true when Authentik is configured authUrl: "http://authentik.authentik.svc.cluster.local/outpost.goauthentik.io/auth/nginx" signIn: "https://auth.example.com/outpost.goauthentik.io/start?rd=$escaped_request_uri" # ============================================================================= # ADVANCED CONFIGURATION # ============================================================================= # Custom env secret name (defaults to: devcontainer-{name}-secrets-env) envSecretName: ""