apiVersion: v1
kind: ConfigMap
metadata:
  name: argocd-cmd-params-cm
  labels:
    app.kubernetes.io/name: argocd-cmd-params-cm
    app.kubernetes.io/part-of: argocd
data:
  # Repo server address. (default "argocd-repo-server:8081")
  repo.server: "argocd-repo-server:8081"
  
  # Dex server address (default "http://argocd-dex-server:5556")
  dex.server: "http://argocd-dex-server:5556"

  # Redis server hostname and port (e.g. argocd-redis:6379)
  redis.server: "argocd-redis:6379"
  # Redis database
  redis.db:

  ## Controller Properties
  # Repo server RPC call timeout seconds.
  controller.repo.server.timeout.seconds: "60"
  # Disable TLS on connections to repo server
  controller.repo.server.plaintext: "false"
  # Whether to use strict validation of the TLS cert presented by the repo server
  controller.repo.server.strict.tls: "false"
  # Number of application status processors (default 20)
  controller.status.processors: "20"
  # Number of application operation processors (default 10)
  controller.operation.processors: "10"
  # Set the logging format. One of: text|json (default "text")
  controller.log.format: "text"
  # Set the logging level. One of: debug|info|warn|error (default "info")
  controller.log.level: "info"
  # Prometheus metrics cache expiration (disabled  by default. e.g. 24h0m0s)
  controller.metrics.cache.expiration: "24h0m0s"
  # Specifies timeout between application self heal attempts (default 5)
  controller.self.heal.timeout.seconds: "5"
  # Cache expiration for app state (default 1h0m0s)
  controller.app.state.cache.expiration: "1h0m0s"
  # Cache expiration default (default 24h0m0s)
  controller.default.cache.expiration: "24h0m0s"

  ## Server properties
  # Run server without TLS
  server.insecure: "false"
  # Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / (default "/")
  server.basehref: "/"
  # Used if Argo CD is running behind reverse proxy under subpath different from /
  server.rootpath: "/"

  # Set the logging format. One of: text|json (default "text")
  server.log.format: "text"
  # Set the logging level. One of: debug|info|warn|error (default "info")
  server.log.level: "info"
  # Repo server RPC call timeout seconds. (default 60)
  server.repo.server.timeout.seconds: "60"
  # Use a plaintext client (non-TLS) to connect to repository server
  server.repo.server.plaintext: "false"
  # Perform strict validation of TLS certificates when connecting to repo server
  server.repo.server.strict.tls: "false"
  # Disable client authentication
  server.disable.auth: "false"
  # Enable GZIP compression
  server.enable.gzip: "false"
  # Set X-Frame-Options header in HTTP responses to value. To disable, set to "". (default "sameorigin")
  server.x.frame.options: "sameorigin"
  # The minimum SSL/TLS version that is acceptable (one of: 1.0|1.1|1.2|1.3) (default "1.2")
  server.tls.minversion: "1.2"
  # The maximum SSL/TLS version that is acceptable (one of: 1.0|1.1|1.2|1.3) (default "1.3")
  server.tls.maxversion: "1.3"
  # The list of acceptable ciphers to be used when establishing TLS connections. Use 'list' to list available ciphers. (default "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_RSA_WITH_AES_256_GCM_SHA384")
  server.tls.ciphers: "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_RSA_WITH_AES_256_GCM_SHA384"
  # Cache expiration for cluster/repo connection status (default 1h0m0s)
  server.connection.status.cache.expiration: "1h0m0s"
  # Cache expiration for OIDC state (default 3m0s)
  server.oidc.cache.expiration: "3m0s"
  # Cache expiration for failed login attempts (default 24h0m0s)
  server.login.attempts.expiration: "24h0m0s"
  # Cache expiration for app state (default 1h0m0s)
  server.app.state.cache.expiration: "1h0m0s"
  # Cache expiration default (default 24h0m0s)
  server.default.cache.expiration: "24h0m0s"

  ## Repo-server properties
  # Set the logging format. One of: text|json (default "text")
  reposerver.log.format: "text"
  # Set the logging level. One of: debug|info|warn|error (default "info")
  reposerver.log.level: "info"
  # Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit.
  reposerver.parallelism.limit: "1"
  # Disable TLS on the gRPC endpoint
  reposerver.disable.tls: "false"
  # The minimum SSL/TLS version that is acceptable (one of: 1.0|1.1|1.2|1.3) (default "1.2")
  reposerver.tls.minversion: "1.2"
  # The maximum SSL/TLS version that is acceptable (one of: 1.0|1.1|1.2|1.3) (default "1.3")
  reposerver.tls.maxversion: "1.3"
  # The list of acceptable ciphers to be used when establishing TLS connections. Use 'list' to list available ciphers. (default "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_RSA_WITH_AES_256_GCM_SHA384")
  reposerver.tls.ciphers: "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_RSA_WITH_AES_256_GCM_SHA384"
  # Cache expiration for repo state, incl. app lists, app details, manifest generation, revision meta-data (default 24h0m0s)
  reposerver.repo.cache.expiration: "24h0m0s"
  # Cache expiration default (default 24h0m0s)
  reposerver.default.cache.expiration: "24h0m0s"