charts/powfaucet/values.yaml

# -- Overrides the chart's name
nameOverride: ""

# -- Overrides the chart's computed fullname
fullnameOverride: ""

image:
  # -- powfaucet container image repository
  repository: pk910/powfaucet
  # -- powfaucet container image tag
  tag: "v2-stable"
  # -- powfaucet container pull policy
  pullPolicy: IfNotPresent

# -- Custom args for the powfaucet container
customArgs:
  - --datadir=/data

# -- Command replacement for the powfaucet container
customCommand: [] # Only change this if you need to change the default command

ingress:
  # -- Ingress resource for the HTTP API
  enabled: false
  # -- Annotations for Ingress
  annotations: {}
    # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  # -- Ingress host
  hosts:
    - host: chart-example.local
      paths: []
  # -- Ingress TLS
  tls: []
  #  - secretName: chart-example-tls
  #    hosts:
  #      - chart-example.local

service:
  # -- Service type
  type: ClusterIP

# -- Affinity configuration for pods
affinity: {}

# -- Annotations for the StatefulSet
annotations: {}

# -- Node selector for pods
nodeSelector: {}

# -- Pod labels
podLabels: {}

# -- Pod annotations
podAnnotations: {}

# -- Pod management policy
podManagementPolicy: OrderedReady

# -- Pod priority class
priorityClassName: null

# -- Resource requests and limits
resources: {}
# limits:
#   cpu: 500m
#   memory: 2Gi
# requests:
#   cpu: 300m
#   memory: 1Gi

# -- The security context for pods
# @default -- See `values.yaml`
securityContext:
  fsGroup: 10001
  runAsGroup: 10001
  runAsNonRoot: true
  runAsUser: 10001

# -- The security context for containers
# @default -- See `values.yaml`
containerSecurityContext: {}
  # capabilities:
  #   drop:
  #   - ALL
  # readOnlyRootFilesystem: true
  # runAsNonRoot: true
  # runAsUser: 1000


serviceAccount:
  # -- Specifies whether a service account should be created
  create: true
  # -- Annotations to add to the service account
  annotations: {}
  # -- The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""

# -- How long to wait until the pod is forcefully terminated
terminationGracePeriodSeconds: 30

# -- Tolerations for pods
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: []

# -- Topology Spread Constraints for pods
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/
topologySpreadConstraints: []

# -- Define the PodDisruptionBudget spec
# If not set then a PodDisruptionBudget will not be created
podDisruptionBudget: {}
# minAvailable: 1
# maxUnavailable: 1

# -- Update stategy for the Statefulset
updateStrategy:
  # -- Update stategy type
  type: RollingUpdate

# -- Additional init containers
initContainers: []
# - name: my-init-container
#   image: busybox:latest
#   command: ['sh', '-c', 'echo hello']

# -- Additional containers
extraContainers: []

# -- Additional volumes
extraVolumes: []

# -- Additional volume mounts
extraVolumeMounts: []

# -- Additional ports. Useful when using extraContainers
extraPorts: []

# -- Additional env variables
extraEnv: []

persistence:
  # -- Uses an EmptyDir when not enabled
  enabled: false
  # -- Use an existing PVC when persistence.enabled
  existingClaim: null
  # -- Access mode for the volume claim template
  accessModes:
  - ReadWriteOnce
  # -- Requested size for volume claim template
  size: 5Gi
  # -- Use a specific storage class
  # E.g 'local-path' for local storage to achieve best performance
  # Read more (https://github.com/rancher/local-path-provisioner)
  storageClassName: null
  # -- Annotations for volume claim template
  annotations: {}
  # -- Selector for volume claim template
  selector: {}
  #   matchLabels:
  #     app.kubernetes.io/name: something


# -- HTTP port for faucet interface
httpPort: 8080

# -- number of HTTP proxies in front of the faucet
httpProxyCount: 1

# -- Faucet title
faucetTitle: "PoW Faucet"

# -- Faucet wallet private key
faucetPrivkey: "feedbeef12340000feedbeef12340000feedbeef12340000feedbeef12340000"

# -- Faucet el node rpc
faucetRpcUrl: "http://your-el-node:8545"

# -- Link to el block explorer ({txid} as placeholder for transaction hash)
faucetExplorerLink: "https://your-el-block-explorer.com/tx/{txid}"

# -- Additional html to show on the faucet page
faucetHomeHtml: ""

# -- Transaction gas limit
faucetTxGasLimit: 21000

# -- Max transaction gas fee (in wei)
faucetTxMaxFee: 100000000000

# -- Max transaction priority fee (in wei)
faucetTxMaxPrioFee: 2000000000

# -- Minimum drop amount in wei
faucetMinDropWei: 1000000000000000000 # 1 ETH

# -- Default/Maximum drop amount in wei
faucetMaxDropWei: 50000000000000000000 # 50 ETH

# -- Enable captcha module
faucetCaptchaEnabled: false

# -- Captcha module: provider (hcaptcha / recaptcha)
faucetCaptchaProvider: "hcaptcha"

# -- Captcha module: provider site key
faucetCaptchaSitekey: "00000000-0000-0000-0000-000000000000"

# -- Captcha module: provider secret
faucetCaptchaSecret: "0xCensoredHCaptchaSecretKey"

# -- Enable ENS module
faucetEnsEnabled: true

# -- ENS module: rpc url (mainnet)
faucetEnsRpcUrl: "https://rpc.flashbots.net/"

# -- ENS module: enforce ens name to use the faucet
faucetEnsRequired: false

# -- Enable ipinfo module (resolve ip infos from ip-api.com)
faucetIpinfoEnabled: true

# -- Ipinfo module: reward rate if ip is in a hosting range (in %)
faucetIpinfoHostingRewards: 10 # 10%

# -- Ipinfo module: reward rate if ip is in a proxy range (in %)
faucetIpinfoProxyRewards: 10 # 10%

# -- Enable ethinfo module (check target wallet balance / type)
faucetEthinfoEnabled: true

# -- Ethinfo module: check balance and deny session if balance exceeds the limit (in wei)
faucetEthinfoMaxbalanceWei: 100000000000000000000 # 100 ETH

# -- Ethinfo module: deny contract addresses
faucetEthinfoDenyContract: true

# -- Enable outflow module (limit global faucet outflow)
faucetOutflowEnabled: false

# -- Outflow module: allowed amount of ETH (amount/duration) (in wei)
faucetOutflowAmountWei: 1000000000000000000000 # 1000 ETH

# -- Outflow module: duration for the allowed amouunt (amount/duration) (in wei)
faucetOutflowDuration: 86400 # 1 day

# -- Outflow module: amount overflow buffer (in wei)
faucetOutflowBufferWei: 500000000000000000000 # 500 ETH

# -- Enable github module (require login to github)
faucetGithubEnabled: false

# -- Github module: github app client id
faucetGithubClientid: ""

# -- Github module: github app client secret
faucetGithubSecret: ""

# -- Github module: minimum account age (in seconds)
faucetGithubMinAge: 604800

# -- Github module: minimum number of repositories
faucetGithubMinRepos: 5

# -- Github module: minimum number of followers
faucetGithubMinFollowers: 5

# -- Github module: max amount each github user is allowed to request in total
faucetGithubLimitAmountWei: 100000000000000000000 # 100 ETH

# -- Github module: aggregation duration for the max request amount check
faucetGithubLimitDuration: 86400 # 1 day

# -- Enable mainnet module (check mainnet wallet balance / nonce)
faucetMainnetEnabled: false

# -- Mainnet module: rpc url (mainnet)
faucetMainnetRpcUrl: "https://rpc.flashbots.net/"

# -- Mainnet module: min balance the user needs to hold in his mainnet wallet to use the faucet
faucetMainnetMinBalanceWei: 10000000000000000 # 0.01 ETH

# -- Mainnet module: min number of transactions the user needs to have sent from the mainnet wallet to use the faucet
faucetMainnetMinTxCount: 5

# -- Enable recurring module (enforce limits for recurring users)
faucetRecurringLimitsEnabled: true

# -- Recurring module: max amount a recurring user is allowed to request in total
faucetRecurringLimitsAmountWei: 100000000000000000000 # 100 ETH

# -- Recurring module: aggregation duration for the max request amount check
faucetRecurringLimitsDuration: 86400 # 1 day

# -- Enable PoW module (require mining)
faucetPowEnabled: false

# -- PoW module: drop amount per eligible hash
faucetPowRewardPerHash: 500000000000000000 # 0.5 ETH

# -- PoW module: max mining time (in seconds)
faucetPowMaxDuration: 18000 # 5h

# -- PoW module: mining difficulty (see https://github.com/pk910/PoWFaucet/wiki/Operator-Wiki#eligible-hashes)
faucetPowDifficulty: 12

# -- PoW module: ping interval for websocket connection
faucetPowPingInterval: 45

# -- PoW module: ping timeout for websocket connection
faucetPowPingTimeout: 90

# -- Config file
# @default -- See `values.yaml`
config: |
  # PoWFaucet config (example)
  version: 2

  ### General Settings

  # faucet database (defaults to local sqlite)
  database:
    driver: "sqlite"
    file: "/data/faucet-store.db"

  # logfile for faucet events (comment out for no logging)
  faucetLogFile: "/data/faucet-events.log"

  # path to file to write the process pid to (comment out to disable)
  faucetPidFile: "/data/faucet-pid.txt"

  # faucet http/ws server port
  serverPort: {{ .Values.httpPort }}

  # number of http proxies in front of this faucet
  httpProxyCount: {{ .Values.httpProxyCount }}

  # title of the faucet
  faucetTitle: "{{ .Values.faucetTitle }}"

  # url to image displayed on the startpage
  faucetImage: "/images/fauceth_420.jpg"

  # some additional html to show on the startpage
  faucetHomeHtml: |
    {{ .Values.faucetHomeHtml | nindent 4 }}

  # random secret string that is used by the faucet to "sign" session data.
  # use a random string and do not share / reuse it anywhere.
  faucetSecret: "{{ .Values.faucetPrivkey }}-secret"

  # ETH execution layer RPC host
  ethRpcHost: "{{ .Values.faucetRpcUrl }}"

  # faucet wallet private key (hex, without 0x prefix)
  ethWalletKey: "{{ .Values.faucetPrivkey }}"

  # EVM chain id (null for auto-detect from RPC)
  ethChainId: null

  # symbol (short name) of the coin that can be mined
  faucetCoinSymbol: "ETH"

  # type of coin that can be mined
  # native = native coin (ETH)
  # erc20 = ERC20 token
  faucetCoinType: "native"

  # transaction gas limit
  # use 21000 to prevent transactions to contracts
  ethTxGasLimit: {{ .Values.faucetTxGasLimit }}

  # use legacy (non-eip1559) transaction type
  # true: Type 0 (Legacy Transactions), false: Type 2 (EIP1559 Transactions)
  ethLegacyTx: false

  # max transaction gas fee (in wei)
  # used as limit for legacy transactions (faucet won't build transactions with higher gas price)
  ethTxMaxFee: {{ .Values.faucetTxMaxFee }}

  # max transaction priority fee (in wei)
  ethTxPrioFee: {{ .Values.faucetTxMaxPrioFee }}

  # max number of unconfirmed transactions to create simultaneously
  ethMaxPending: 12

  # queue transactions and wait for funding when faucet is out of funds (show "No Funds" error when false)
  ethQueueNoFunds: false

  # link to eth transaction explorer with {txid} as placeholder for transaction id or null for no link
  ethTxExplorerLink: "{{ .Values.faucetExplorerLink }}"


  # min/max drop amount (max is the default if no module lowers it)
  maxDropAmount: {{ .Values.faucetMaxDropWei }}
  minDropAmount: {{ .Values.faucetMinDropWei }}

  # maximum session time (from start till payout)
  # only relevant if one of the enabled protection mechanisms introduces a session delay (eg. mining)
  sessionTimeout: 86400  # 24h

  # session cleanup time
  # session data will be removed from the faucet DB after that time
  sessionCleanup: 2592000 # 30 days

  # session save time
  # how often session updates will be written to DB
  sessionSaveTime: 120


  ### Protection mechanisms
  modules:

    ## Captcha Protection
    captcha:
      # enable / disable captcha protection
      enabled: {{ .Values.faucetCaptchaEnabled }}

      # captcha provider
      # hcaptcha:  HCaptcha (https://hcaptcha.com)
      # recaptcha: ReCAPTCHA (https://developers.google.com/recaptcha)
      provider: "{{ .Values.faucetCaptchaProvider }}"

      # captcha site key
      siteKey: "{{ .Values.faucetCaptchaSitekey }}"

      # captcha secret key
      secret: "{{ .Values.faucetCaptchaSecret }}"

      # require captcha to start a new session (default: false)
      checkSessionStart: true

      # require captcha to start claim payout (default: false)
      checkBalanceClaim: false

    ## ENS Name
    ensname:
      enabled: {{ .Values.faucetEnsEnabled }}

      # RPC Host for ENS name resolver (mainnet)
      rpcHost: "{{ .Values.faucetEnsRpcUrl }}"

      # require ENS name
      required: {{ .Values.faucetEnsRequired }}

    ## IP-Info module
    ipinfo:
      # enable / disable IP-Info protection
      enabled: {{ .Values.faucetIpinfoEnabled }}

      # ip info lookup api url (default: http://ip-api.com/json/{ip}?fields=21155839)
      apiUrl: "http://ip-api.com/json/{ip}?fields=21155839"

      # ip info caching time
      cacheTime: 86400 # 1 day

      # require valid ip info (throw error if lookup failed)
      required: true

      # ip info based restrictions
      restrictions:
        # percentage of drop amount if IP is in a hosting range (default: 100), 0 to block entirely
        hosting: {{ .Values.faucetIpinfoHostingRewards }}

        # percentage of drop amount if IP is in a proxy range (default: 100), 0 to block entirely
        proxy: {{ .Values.faucetIpinfoProxyRewards }}

      # ip info pattern based restrictions
      restrictionsPattern:
        "^.*Tencent Cloud.*$": {{ .Values.faucetIpinfoHostingRewards }}
        "^.*UCLOUD.*$": {{ .Values.faucetIpinfoHostingRewards }}
        "^.*Server Hosting.*$": {{ .Values.faucetIpinfoHostingRewards }}
        "^.*SCloud.*$": {{ .Values.faucetIpinfoHostingRewards }}

    ethinfo:
      # enable / disable max balance protection
      enabled: {{ .Values.faucetEthinfoEnabled }}

      # check balance and deny session if balance exceeds the limit (in wei)
      maxBalance: {{ .Values.faucetEthinfoMaxbalanceWei }}

      # deny sessions for contract addresses
      denyContract: {{ .Values.faucetEthinfoDenyContract }}

    ## Faucet Outflow module
    faucet-outflow:
      # enable / disable faucet outflow protection
      enabled: {{ .Values.faucetOutflowEnabled }}

      # limit outflow to 1000ETH per day
      amount: {{ .Values.faucetOutflowAmountWei }}
      duration: {{ .Values.faucetOutflowDuration }}

      # outflow balance limits
      lowerLimit: -{{ .Values.faucetOutflowBufferWei }}
      upperLimit: {{ .Values.faucetOutflowBufferWei }}

    ## Github login protection
    github:
      # enable / disable github login protection
      enabled: {{ .Values.faucetGithubEnabled }}

      # github api credentials
      appClientId: "{{ .Values.faucetGithubClientid }}"
      appSecret: "{{ .Values.faucetGithubSecret }}"

      # authentication timeout
      authTimeout: 86400

      # github account checks
      checks:
        - minAccountAge: {{ .Values.faucetGithubMinAge }} # min account age (7 days)
          minRepoCount: {{ .Values.faucetGithubMinRepos }} # min number of repositories (includes forked ones)
          minFollowers: {{ .Values.faucetGithubMinFollowers }} # min number of followers
          required: true # require passing this check or throw error
          message: "Your github account does not meet the minimum requirements" # custom error message

      # recurring restrictions based on github account
      restrictions:
        - limitAmount: {{ .Values.faucetGithubLimitAmountWei }}
          duration: {{ .Values.faucetGithubLimitDuration }}

    ## Mainnet Wallet module
    mainnet-wallet:
      # enable / disable mainnet wallet protection
      enabled: {{ .Values.faucetMainnetEnabled }}

      # RPC host for mainnet
      rpcHost: "{{ .Values.faucetMainnetRpcurl }}"

      # require minimum balance on mainnet wallet
      minBalance: {{ .Values.faucetMainnetMinBalanceWei }}

      # require minimum number of transactions from mainnet wallet (nonce count)
      minTxCount: {{ .Values.faucetMainnetMinTxCount }}

    ## Recurring Limits module
    recurring-limits:
      # enable / disable recurring limits protection
      enabled: {{ .Values.faucetRecurringLimitsEnabled }}

      limits: # array of individual limits, which all need to be passed
        - limitAmount: {{ .Values.faucetRecurringLimitsAmountWei }}
          duration: {{ .Values.faucetRecurringLimitsDuration }}

    ## Concurrency Limit module
    concurrency-limit:
      # enable / disable concurrency limit
      enabled: true

      concurrencyLimit: 1 # only allow 1 concurrent session (sessions in 'running' state at the same time for the same ip / target addr)
      byAddrOnly: false # only check concurrency by target address
      byIPOnly: false # only check concurrency by IP address
      #messageByAddr: "" # custom error message when limit is exceeded by same target address
      #messageByIP: "" # custom error message when limit is exceeded by same IP address

    ## Proof of Work (mining) protection
    pow:
      # enable / disable PoW protection
      enabled: {{ .Values.faucetPowEnabled }}

      # reward amount per eligible hash (in wei)
      powShareReward: {{ .Values.faucetPowRewardPerHash }}

      # penalty for not responding to a verification request (percent of powShareReward)
      # shouldn't be too high as this can happen regularily in case of connection loss or so
      verifyMinerMissPenaltyPerc: 10  # 10% of powShareReward

      # reward for responding to a verification request in time (percent of powShareReward)
      # some extra reward for slow miners
      # comment out to disable rewards for verification requests
      verifyMinerRewardPerc:   15  # 15% of powShareReward

      # maximum mining session time (in seconds)
      powSessionTimeout: {{ .Values.faucetPowMaxDuration }}

      # maximum number of seconds a session can idle until it gets closed
      powIdleTimeout: 1800 # 30min

      # maximum allowed mining hashrate (will be throttled to this rate when faster)
      powHashrateSoftLimit: 1000 # soft limit (enforced client side)
      powHashrateHardLimit: 1100 # hard limit (reject shares with too high nonces)

      # number of 0-bits the scrypt hash needs to start with to be eligible for a reward
      powDifficulty: {{ .Values.faucetPowDifficulty }}

      # mining algorithm to use
      powHashAlgo: "argon2"  # scrypt / cryptonight / argon2

      # pow module settings have been trimmed for readability.
      # you can find all available settings on https://github.com/pk910/PoWFaucet/wiki/Operator-Wiki#module-pow

      powPingInterval: {{ .Values.faucetPowPingInterval }}
      powPingTimeout: {{ .Values.faucetPowPingTimeout }}

  ### Fund Management

  # minimum balance to keep in the faucet wallet (in wei)
  spareFundsAmount: 100000000000000000  # 0.1 ETH

  # minimum balance to show the empty faucet error message
  noFundsBalance:   1000000000000000000  # 1 ETH

  # minimum balance to show the low funds warning
  lowFundsBalance: 1000000000000000000000  # 1000 ETH

  # low faucet balance warning message / false to disable the warning
  lowFundsWarning: "The faucet is running out of funds! Faucet Balance: {1}"

  # empty faucet error message / false to disable the error
  noFundsError: "Sorry, the faucet is out of funds :("

  # RPC unreachable error message / true to show the generic message / false to disable the error
  rpcConnectionError: "The Faucet is currently not working properly (RPC error)"

  # prevent creation of new sessions (used for maintenance)
  #denyNewSessions: "Sorry, the faucet is currently in maintenance mode. Please try again later."

  ### Other Settings

  # print faucet stats to log interval (10min default)
  #faucetLogStatsInterval: 600

  # build SEO optimized index.seo.html and deliver as index page
  # the blank loader page just looks bad when parsed by search engines
  buildSeoIndex: true

  # some additional meta tags to add to the SEO optimized page
  buildSeoMeta:
    keywords: "powfaucet,faucet,ethereum,ethereum faucet,evm,eth,pow"

  resultSharing:
    preHtml: |
      <div class="sh-opt">
        Did you like the faucet? Give that project a
        <iframe src="https://ghbtns.com/github-btn.html?user=pk910&repo=PoWFaucet&type=star&count=true"
         frameborder="0" scrolling="0" width="150" height="20" title="GitHub"></iframe>
      </div>
    caption: ""