0.3.0: Longhorn CSI skeleton (#347 phase 1) — additive, default-off

values.yaml

@@ -112,3 +112,41 @@ registry:
     limits:
       cpu: 500m
       memory: 256Mi
+
+# longhorn — CSI block storage. See ADR 0003 (odooskyv3 monorepo) for
+# the full design. Phase 1 (this commit): declared but disabled.
+# Per-server enablement happens via the per-cluster Argo Application's
+# helm.parameters (set `longhorn.enabled=true`).
+#
+# Host prerequisites (already satisfied on bootstrap.sh-Connect'd
+# servers): `open-iscsi` package + `iscsi_tcp` kernel module +
+# `iscsid` service. Servers provisioned out-of-band must run
+# `apt-get install -y open-iscsi && modprobe iscsi_tcp &&
+# systemctl enable --now iscsid` before flipping enabled=true.
+#
+# When `longhorn.enabled=true`, the chart additionally renders:
+#   - StorageClass `longhorn-tenants` (replicaCount = .replicas)
+#   - VolumeSnapshotClass `longhorn-snapshot-class` for the future
+#     VolumeClone Refresh ↓ path
+# Existing instances on `local-path` are unaffected — Longhorn
+# co-exists, doesn't replace local-path.
+longhorn:
+  enabled: false
+  # Replicas per Longhorn volume. Standard tier (single server) =
+  # 1 — durability story is hourly S3 backup, not local replicas.
+  # HA-Active sets this to 2 across the cluster's worker nodes.
+  replicas: 1
+  # Default data path. k3s nodes get `/var/lib/longhorn` by default;
+  # production servers may want this on a separate disk for IOPS
+  # isolation from the OS root volume.
+  defaultDataPath: /var/lib/longhorn
+  # S3 backup target for Longhorn's own block-level backups (DR
+  # layer alongside Tower's application-level pg_dump path). When
+  # set, Longhorn writes block-incremental backups to this prefix
+  # daily. Empty = block-level backup disabled, application backup
+  # only.
+  backupTarget: ""
+  # Same S3 secret Tower's application backup already uses.
+  backupCredsSecret:
+    namespace: tenants
+    name: s3-backup-creds