# values-whitelabeled.yaml # # When to use: whitelabeled / branded deployment. Replaces the default Sim # branding (logo, product name, support URLs) with your own. The example # below uses "Acme Corp" placeholders — replace with your brand. # # Prerequisites: a hosted logo URL and brand assets. # # Install: # helm install acme ./helm/sim \ # --namespace acme --create-namespace \ # --values ./helm/sim/examples/values-whitelabeled.yaml \ # --set app.env.BETTER_AUTH_SECRET="$BETTER_AUTH_SECRET" \ # --set app.env.ENCRYPTION_KEY="$ENCRYPTION_KEY" \ # --set app.env.INTERNAL_API_SECRET="$INTERNAL_API_SECRET" \ # --set app.env.CRON_SECRET="$CRON_SECRET" \ # --set postgresql.auth.password="$POSTGRES_PASSWORD" # Global configuration global: imageRegistry: "ghcr.io" storageClass: "managed-csi-premium" # Main application with custom branding app: enabled: true replicaCount: 1 # Custom branding configuration env: # Application URLs (update with your domain) NEXT_PUBLIC_APP_URL: "https://sim.acme.ai" BETTER_AUTH_URL: "https://sim.acme.ai" SOCKET_SERVER_URL: "https://sim-ws.acme.ai" NEXT_PUBLIC_SOCKET_URL: "https://sim-ws.acme.ai" # Security settings (REQUIRED) # Generate using: openssl rand -hex 32 BETTER_AUTH_SECRET: "your-production-auth-secret-here" ENCRYPTION_KEY: "your-production-encryption-key-here" INTERNAL_API_SECRET: "your-production-internal-api-secret-here" CRON_SECRET: "your-production-cron-secret-here" # Optional: API Key Encryption (RECOMMENDED for production) # Generate 64-character hex string using: openssl rand -hex 32 API_ENCRYPTION_KEY: "your-64-char-hex-api-encryption-key-here" # Optional but recommended # UI Branding & Whitelabeling Configuration NEXT_PUBLIC_BRAND_NAME: "Acme AI Studio" NEXT_PUBLIC_BRAND_LOGO_URL: "https://acme.com/assets/logo.png" NEXT_PUBLIC_BRAND_FAVICON_URL: "https://acme.com/assets/favicon.ico" NEXT_PUBLIC_CUSTOM_CSS_URL: "https://acme.com/assets/theme.css" NEXT_PUBLIC_SUPPORT_EMAIL: "ai-support@acme.com" NEXT_PUBLIC_DOCUMENTATION_URL: "https://docs.acme.com/ai-studio" NEXT_PUBLIC_TERMS_URL: "https://acme.com/terms" NEXT_PUBLIC_PRIVACY_URL: "https://acme.com/privacy" # Realtime service realtime: enabled: true replicaCount: 1 env: NEXT_PUBLIC_APP_URL: "https://sim.acme.ai" BETTER_AUTH_URL: "https://sim.acme.ai" BETTER_AUTH_SECRET: "your-production-auth-secret-here" ALLOWED_ORIGINS: "https://sim.acme.ai" # PostgreSQL database postgresql: enabled: true auth: password: "your-secure-db-password-here" persistence: enabled: true size: 20Gi # Ingress configuration ingress: enabled: true className: "nginx" annotations: nginx.ingress.kubernetes.io/force-ssl-redirect: "true" cert-manager.io/cluster-issuer: "letsencrypt-prod" app: host: "sim.acme.ai" paths: - path: / pathType: Prefix realtime: host: "sim-ws.acme.ai" paths: - path: / pathType: Prefix tls: enabled: true secretName: "sim-acme-tls" # Auto-scaling autoscaling: enabled: true minReplicas: 2 maxReplicas: 10 targetCPUUtilizationPercentage: 70