{{- if .Values.domain.baseDomain }}
Atelier dashboard URL:
  https://{{ include "atelier.dashboardDomain" . }}
{{- else }}
Set `domain.baseDomain` in values and reinstall/upgrade to expose the dashboard.
{{- end }}

{{- if and .Values.cliproxy.enabled .Values.domain.baseDomain }}
CLIProxyAPI (AI model proxy):
  API endpoint:  https://{{ include "atelier.cliproxyDomain" . }}
  Management UI: https://{{ include "atelier.cliproxyDomain" . }}/management.html
  Internal URL:  http://{{ include "atelier.fullname" . }}-cliproxy.{{ .Release.Namespace }}.svc:{{ .Values.cliproxy.port }}

  Sandboxes can use CLIProxyAPI by setting:
    OPENAI_BASE_URL=http://{{ include "atelier.fullname" . }}-cliproxy.{{ .Release.Namespace }}.svc:{{ .Values.cliproxy.port }}/v1
{{- end }}

{{- if .Values.sshpiper.enabled }}
SSH access (sshpiper):
  Connect to any sandbox via SSH:
    ssh <sandbox-id>@{{ include "atelier.sshHostname" . }} -p {{ .Values.sshpiper.nodePort | default .Values.sshpiper.port }}

  Add to ~/.ssh/config:
    Host atelier
        HostName {{ include "atelier.sshHostname" . }}
        Port {{ .Values.sshpiper.nodePort | default .Values.sshpiper.port }}
        StrictHostKeyChecking no
        UserKnownHostsFile /dev/null

  Then: ssh <sandbox-id>@atelier

  Manage SSH keys in the dashboard Settings page.
{{- end }}

Manager health checks:
  kubectl -n {{ .Release.Namespace }} get pods -l app.kubernetes.io/component=manager
  kubectl -n {{ .Release.Namespace }} port-forward deploy/{{ include "atelier.fullname" . }}-manager {{ .Values.server.port }}:{{ .Values.server.port }}
  curl http://127.0.0.1:{{ .Values.server.port }}/health/ready

IMPORTANT — k3s registries configuration:
  The deploy script automatically configures /etc/rancher/k3s/registries.yaml
  for the Zot registry. If deploying manually, run:

    ZOT_IP=$(kubectl -n {{ .Release.Namespace }} get svc {{ include "atelier.fullname" . }}-zot -o jsonpath='{.spec.clusterIP}')
    cat > /etc/rancher/k3s/registries.yaml <<EOF
    mirrors:
      "{{ include "atelier.fullname" . }}-zot.{{ .Release.Namespace }}.svc:{{ .Values.zot.port }}":
        endpoint:
          - "http://${ZOT_IP}:{{ .Values.zot.port }}"
    EOF
    systemctl restart k3s

{{- if .Values.certManager.enabled }}
cert-manager:
  {{- if .Values.certManager.cloudflare.apiToken }}
  Cloudflare API token Secret created automatically from values.
  {{- else }}
  Ensure Secret {{ .Values.certManager.cloudflare.apiTokenSecretRef.name }} exists in namespace {{ .Values.certManager.namespace | default "cert-manager" }}.
  Key required: {{ .Values.certManager.cloudflare.apiTokenSecretRef.key }}
  {{- end }}
{{- end }}

Prebuilds (optional — requires CSI snapshot support):
  Prebuilds use VolumeSnapshots to clone workspace filesystems instantly.
  If snapshot.storage.k8s.io API is not detected, prebuilds are disabled.

  Recommended setup for bare-metal (TopoLVM):
    1. Install CSI snapshot controller CRDs + controller:
         kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/master/client/config/crd/snapshot.storage.k8s.io_volumesnapshotclasses.yaml
         kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/master/client/config/crd/snapshot.storage.k8s.io_volumesnapshots.yaml
         kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/master/client/config/crd/snapshot.storage.k8s.io_volumesnapshotcontents.yaml
         kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/master/deploy/kubernetes/snapshot-controller/rbac-snapshot-controller.yaml
         kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/master/deploy/kubernetes/snapshot-controller/setup-snapshot-controller.yaml

    2. Install TopoLVM (LVM thin provisioning + snapshots):
         helm repo add topolvm https://topolvm.github.io/topolvm
         helm install topolvm topolvm/topolvm \
           --namespace topolvm-system --create-namespace

    3. Enable snapshot class in this chart:
         --set snapshots.createSnapshotClass=true \
         --set snapshots.driver=topolvm.io

    4. Set storage classes:
         --set kubernetes.storageClass=topolvm-provisioner \
         --set kubernetes.volumeSnapshotClass={{ include "atelier.fullname" . }}-snapshots

  Verify: kubectl -n {{ include "atelier.sandboxNamespace" . }} get volumesnapshots
